diff options
| author | Shirish Pargaonkar <shirishpargaonkar@gmail.com> | 2010-10-13 19:15:00 -0400 |
|---|---|---|
| committer | Steve French <sfrench@us.ibm.com> | 2010-10-14 14:05:19 -0400 |
| commit | 5d0d28824c76409f0d1a645bf0ae81318c8ffa42 (patch) | |
| tree | 592838282fc891dc9a51424e0f57c0694ad31075 /fs/cifs/cifsencrypt.c | |
| parent | d7c86ff8cd00abc730fe5d031f43dc9138b6324e (diff) | |
NTLM authentication and signing - Calculate auth response per smb session
Start calculation auth response within a session. Move/Add pertinet
data structures like session key, server challenge and ntlmv2_hash in
a session structure. We should do the calculations within a session
before copying session key and response over to server data
structures because a session setup can fail.
Only after a very first smb session succeeds, it copies/makes its
session key, session key of smb connection. This key stays with
the smb connection throughout its life.
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/cifsencrypt.c')
| -rw-r--r-- | fs/cifs/cifsencrypt.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index e3edd8a6840b..7ac0056294cf 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c | |||
| @@ -458,7 +458,7 @@ calc_exit_1: | |||
| 458 | calc_exit_2: | 458 | calc_exit_2: |
| 459 | /* BB FIXME what about bytes 24 through 40 of the signing key? | 459 | /* BB FIXME what about bytes 24 through 40 of the signing key? |
| 460 | compare with the NTLM example */ | 460 | compare with the NTLM example */ |
| 461 | hmac_md5_final(ses->server->ntlmv2_hash, pctxt); | 461 | hmac_md5_final(ses->ntlmv2_hash, pctxt); |
| 462 | 462 | ||
| 463 | kfree(pctxt); | 463 | kfree(pctxt); |
| 464 | return rc; | 464 | return rc; |
| @@ -502,14 +502,14 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, char *resp_buf, | |||
| 502 | } | 502 | } |
| 503 | CalcNTLMv2_response(ses, resp_buf); | 503 | CalcNTLMv2_response(ses, resp_buf); |
| 504 | 504 | ||
| 505 | /* now calculate the MAC key for NTLMv2 */ | 505 | /* now calculate the session key for NTLMv2 */ |
| 506 | hmac_md5_init_limK_to_64(ses->server->ntlmv2_hash, 16, &context); | 506 | hmac_md5_init_limK_to_64(ses->ntlmv2_hash, 16, &context); |
| 507 | hmac_md5_update(resp_buf, 16, &context); | 507 | hmac_md5_update(resp_buf, 16, &context); |
| 508 | hmac_md5_final(ses->server->session_key.data.ntlmv2.key, &context); | 508 | hmac_md5_final(ses->auth_key.data.ntlmv2.key, &context); |
| 509 | 509 | ||
| 510 | memcpy(&ses->server->session_key.data.ntlmv2.resp, resp_buf, | 510 | memcpy(&ses->auth_key.data.ntlmv2.resp, resp_buf, |
| 511 | sizeof(struct ntlmv2_resp)); | 511 | sizeof(struct ntlmv2_resp)); |
| 512 | ses->server->session_key.len = 16 + sizeof(struct ntlmv2_resp); | 512 | ses->auth_key.len = 16 + sizeof(struct ntlmv2_resp); |
| 513 | 513 | ||
| 514 | return 0; | 514 | return 0; |
| 515 | 515 | ||
| @@ -526,8 +526,8 @@ void CalcNTLMv2_response(const struct cifsSesInfo *ses, | |||
| 526 | { | 526 | { |
| 527 | struct HMACMD5Context context; | 527 | struct HMACMD5Context context; |
| 528 | /* rest of v2 struct already generated */ | 528 | /* rest of v2 struct already generated */ |
| 529 | memcpy(v2_session_response + 8, ses->server->cryptKey, 8); | 529 | memcpy(v2_session_response + 8, ses->cryptKey, 8); |
| 530 | hmac_md5_init_limK_to_64(ses->server->ntlmv2_hash, 16, &context); | 530 | hmac_md5_init_limK_to_64(ses->ntlmv2_hash, 16, &context); |
| 531 | 531 | ||
| 532 | hmac_md5_update(v2_session_response+8, | 532 | hmac_md5_update(v2_session_response+8, |
| 533 | sizeof(struct ntlmv2_resp) - 8, &context); | 533 | sizeof(struct ntlmv2_resp) - 8, &context); |