aboutsummaryrefslogtreecommitdiffstats
path: root/fs/cifs/cifsencrypt.c
diff options
context:
space:
mode:
authorShirish Pargaonkar <shirishpargaonkar@gmail.com>2011-06-20 17:14:03 -0400
committerSteve French <sfrench@us.ibm.com>2011-07-25 18:12:10 -0400
commit14cae3243b555afda69a57778069ddca65532c06 (patch)
tree7aad42f8f9812c9fcbfb2b81709152431eddc6b4 /fs/cifs/cifsencrypt.c
parentf5bc1e755d23d022bf948904386337fc3e5e29a8 (diff)
cifs: Cleanup: check return codes of crypto api calls
Check return codes of crypto api calls and either log an error or log an error and return from the calling function with error. Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/cifsencrypt.c')
-rw-r--r--fs/cifs/cifsencrypt.c110
1 files changed, 89 insertions, 21 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index 5a0ee7f2af06..259991bd2112 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -52,19 +52,29 @@ static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu,
52 52
53 rc = crypto_shash_init(&server->secmech.sdescmd5->shash); 53 rc = crypto_shash_init(&server->secmech.sdescmd5->shash);
54 if (rc) { 54 if (rc) {
55 cERROR(1, "%s: Oould not init md5\n", __func__); 55 cERROR(1, "%s: Could not init md5\n", __func__);
56 return rc; 56 return rc;
57 } 57 }
58 58
59 crypto_shash_update(&server->secmech.sdescmd5->shash, 59 rc = crypto_shash_update(&server->secmech.sdescmd5->shash,
60 server->session_key.response, server->session_key.len); 60 server->session_key.response, server->session_key.len);
61 if (rc) {
62 cERROR(1, "%s: Could not update with response\n", __func__);
63 return rc;
64 }
61 65
62 crypto_shash_update(&server->secmech.sdescmd5->shash, 66 rc = crypto_shash_update(&server->secmech.sdescmd5->shash,
63 cifs_pdu->Protocol, be32_to_cpu(cifs_pdu->smb_buf_length)); 67 cifs_pdu->Protocol, be32_to_cpu(cifs_pdu->smb_buf_length));
68 if (rc) {
69 cERROR(1, "%s: Could not update with payload\n", __func__);
70 return rc;
71 }
64 72
65 rc = crypto_shash_final(&server->secmech.sdescmd5->shash, signature); 73 rc = crypto_shash_final(&server->secmech.sdescmd5->shash, signature);
74 if (rc)
75 cERROR(1, "%s: Could not generate md5 hash\n", __func__);
66 76
67 return 0; 77 return rc;
68} 78}
69 79
70/* must be called with server->srv_mutex held */ 80/* must be called with server->srv_mutex held */
@@ -112,12 +122,16 @@ static int cifs_calc_signature2(const struct kvec *iov, int n_vec,
112 122
113 rc = crypto_shash_init(&server->secmech.sdescmd5->shash); 123 rc = crypto_shash_init(&server->secmech.sdescmd5->shash);
114 if (rc) { 124 if (rc) {
115 cERROR(1, "%s: Oould not init md5\n", __func__); 125 cERROR(1, "%s: Could not init md5\n", __func__);
116 return rc; 126 return rc;
117 } 127 }
118 128
119 crypto_shash_update(&server->secmech.sdescmd5->shash, 129 rc = crypto_shash_update(&server->secmech.sdescmd5->shash,
120 server->session_key.response, server->session_key.len); 130 server->session_key.response, server->session_key.len);
131 if (rc) {
132 cERROR(1, "%s: Could not update with response\n", __func__);
133 return rc;
134 }
121 135
122 for (i = 0; i < n_vec; i++) { 136 for (i = 0; i < n_vec; i++) {
123 if (iov[i].iov_len == 0) 137 if (iov[i].iov_len == 0)
@@ -131,14 +145,24 @@ static int cifs_calc_signature2(const struct kvec *iov, int n_vec,
131 if (i == 0) { 145 if (i == 0) {
132 if (iov[0].iov_len <= 8) /* cmd field at offset 9 */ 146 if (iov[0].iov_len <= 8) /* cmd field at offset 9 */
133 break; /* nothing to sign or corrupt header */ 147 break; /* nothing to sign or corrupt header */
148 rc =
134 crypto_shash_update(&server->secmech.sdescmd5->shash, 149 crypto_shash_update(&server->secmech.sdescmd5->shash,
135 iov[i].iov_base + 4, iov[i].iov_len - 4); 150 iov[i].iov_base + 4, iov[i].iov_len - 4);
136 } else 151 } else {
152 rc =
137 crypto_shash_update(&server->secmech.sdescmd5->shash, 153 crypto_shash_update(&server->secmech.sdescmd5->shash,
138 iov[i].iov_base, iov[i].iov_len); 154 iov[i].iov_base, iov[i].iov_len);
155 }
156 if (rc) {
157 cERROR(1, "%s: Could not update with payload\n",
158 __func__);
159 return rc;
160 }
139 } 161 }
140 162
141 rc = crypto_shash_final(&server->secmech.sdescmd5->shash, signature); 163 rc = crypto_shash_final(&server->secmech.sdescmd5->shash, signature);
164 if (rc)
165 cERROR(1, "%s: Could not generate md5 hash\n", __func__);
142 166
143 return rc; 167 return rc;
144} 168}
@@ -463,8 +487,12 @@ static int calc_ntlmv2_hash(struct cifs_ses *ses, char *ntlmv2_hash,
463 /* calculate md4 hash of password */ 487 /* calculate md4 hash of password */
464 E_md4hash(ses->password, nt_hash); 488 E_md4hash(ses->password, nt_hash);
465 489
466 crypto_shash_setkey(ses->server->secmech.hmacmd5, nt_hash, 490 rc = crypto_shash_setkey(ses->server->secmech.hmacmd5, nt_hash,
467 CIFS_NTHASH_SIZE); 491 CIFS_NTHASH_SIZE);
492 if (rc) {
493 cERROR(1, "%s: Could not set NT Hash as a key", __func__);
494 return rc;
495 }
468 496
469 rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash); 497 rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
470 if (rc) { 498 if (rc) {
@@ -478,13 +506,18 @@ static int calc_ntlmv2_hash(struct cifs_ses *ses, char *ntlmv2_hash,
478 if (user == NULL) { 506 if (user == NULL) {
479 cERROR(1, "calc_ntlmv2_hash: user mem alloc failure\n"); 507 cERROR(1, "calc_ntlmv2_hash: user mem alloc failure\n");
480 rc = -ENOMEM; 508 rc = -ENOMEM;
481 goto calc_exit_2; 509 return rc;
482 } 510 }
483 len = cifs_strtoUCS((__le16 *)user, ses->user_name, len, nls_cp); 511 len = cifs_strtoUCS((__le16 *)user, ses->user_name, len, nls_cp);
484 UniStrupr(user); 512 UniStrupr(user);
485 513
486 crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash, 514 rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
487 (char *)user, 2 * len); 515 (char *)user, 2 * len);
516 kfree(user);
517 if (rc) {
518 cERROR(1, "%s: Could not update with user\n", __func__);
519 return rc;
520 }
488 521
489 /* convert ses->domainName to unicode and uppercase */ 522 /* convert ses->domainName to unicode and uppercase */
490 if (ses->domainName) { 523 if (ses->domainName) {
@@ -494,13 +527,19 @@ static int calc_ntlmv2_hash(struct cifs_ses *ses, char *ntlmv2_hash,
494 if (domain == NULL) { 527 if (domain == NULL) {
495 cERROR(1, "calc_ntlmv2_hash: domain mem alloc failure"); 528 cERROR(1, "calc_ntlmv2_hash: domain mem alloc failure");
496 rc = -ENOMEM; 529 rc = -ENOMEM;
497 goto calc_exit_1; 530 return rc;
498 } 531 }
499 len = cifs_strtoUCS((__le16 *)domain, ses->domainName, len, 532 len = cifs_strtoUCS((__le16 *)domain, ses->domainName, len,
500 nls_cp); 533 nls_cp);
534 rc =
501 crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash, 535 crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
502 (char *)domain, 2 * len); 536 (char *)domain, 2 * len);
503 kfree(domain); 537 kfree(domain);
538 if (rc) {
539 cERROR(1, "%s: Could not update with domain\n",
540 __func__);
541 return rc;
542 }
504 } else if (ses->serverName) { 543 } else if (ses->serverName) {
505 len = strlen(ses->serverName); 544 len = strlen(ses->serverName);
506 545
@@ -508,21 +547,26 @@ static int calc_ntlmv2_hash(struct cifs_ses *ses, char *ntlmv2_hash,
508 if (server == NULL) { 547 if (server == NULL) {
509 cERROR(1, "calc_ntlmv2_hash: server mem alloc failure"); 548 cERROR(1, "calc_ntlmv2_hash: server mem alloc failure");
510 rc = -ENOMEM; 549 rc = -ENOMEM;
511 goto calc_exit_1; 550 return rc;
512 } 551 }
513 len = cifs_strtoUCS((__le16 *)server, ses->serverName, len, 552 len = cifs_strtoUCS((__le16 *)server, ses->serverName, len,
514 nls_cp); 553 nls_cp);
554 rc =
515 crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash, 555 crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
516 (char *)server, 2 * len); 556 (char *)server, 2 * len);
517 kfree(server); 557 kfree(server);
558 if (rc) {
559 cERROR(1, "%s: Could not update with server\n",
560 __func__);
561 return rc;
562 }
518 } 563 }
519 564
520 rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash, 565 rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
521 ntlmv2_hash); 566 ntlmv2_hash);
567 if (rc)
568 cERROR(1, "%s: Could not generate md5 hash\n", __func__);
522 569
523calc_exit_1:
524 kfree(user);
525calc_exit_2:
526 return rc; 570 return rc;
527} 571}
528 572
@@ -537,8 +581,12 @@ CalcNTLMv2_response(const struct cifs_ses *ses, char *ntlmv2_hash)
537 return -1; 581 return -1;
538 } 582 }
539 583
540 crypto_shash_setkey(ses->server->secmech.hmacmd5, 584 rc = crypto_shash_setkey(ses->server->secmech.hmacmd5,
541 ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); 585 ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE);
586 if (rc) {
587 cERROR(1, "%s: Could not set NTLMV2 Hash as a key", __func__);
588 return rc;
589 }
542 590
543 rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash); 591 rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
544 if (rc) { 592 if (rc) {
@@ -552,11 +600,17 @@ CalcNTLMv2_response(const struct cifs_ses *ses, char *ntlmv2_hash)
552 else 600 else
553 memcpy(ses->auth_key.response + offset, 601 memcpy(ses->auth_key.response + offset,
554 ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE); 602 ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);
555 crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash, 603 rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
556 ses->auth_key.response + offset, ses->auth_key.len - offset); 604 ses->auth_key.response + offset, ses->auth_key.len - offset);
605 if (rc) {
606 cERROR(1, "%s: Could not update with response\n", __func__);
607 return rc;
608 }
557 609
558 rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash, 610 rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
559 ses->auth_key.response + CIFS_SESS_KEY_SIZE); 611 ses->auth_key.response + CIFS_SESS_KEY_SIZE);
612 if (rc)
613 cERROR(1, "%s: Could not generate md5 hash\n", __func__);
560 614
561 return rc; 615 return rc;
562} 616}
@@ -626,8 +680,12 @@ setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp)
626 } 680 }
627 681
628 /* now calculate the session key for NTLMv2 */ 682 /* now calculate the session key for NTLMv2 */
629 crypto_shash_setkey(ses->server->secmech.hmacmd5, 683 rc = crypto_shash_setkey(ses->server->secmech.hmacmd5,
630 ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); 684 ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE);
685 if (rc) {
686 cERROR(1, "%s: Could not set NTLMV2 Hash as a key", __func__);
687 goto setup_ntlmv2_rsp_ret;
688 }
631 689
632 rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash); 690 rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
633 if (rc) { 691 if (rc) {
@@ -635,12 +693,18 @@ setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp)
635 goto setup_ntlmv2_rsp_ret; 693 goto setup_ntlmv2_rsp_ret;
636 } 694 }
637 695
638 crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash, 696 rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
639 ses->auth_key.response + CIFS_SESS_KEY_SIZE, 697 ses->auth_key.response + CIFS_SESS_KEY_SIZE,
640 CIFS_HMAC_MD5_HASH_SIZE); 698 CIFS_HMAC_MD5_HASH_SIZE);
699 if (rc) {
700 cERROR(1, "%s: Could not update with response\n", __func__);
701 goto setup_ntlmv2_rsp_ret;
702 }
641 703
642 rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash, 704 rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
643 ses->auth_key.response); 705 ses->auth_key.response);
706 if (rc)
707 cERROR(1, "%s: Could not generate md5 hash\n", __func__);
644 708
645setup_ntlmv2_rsp_ret: 709setup_ntlmv2_rsp_ret:
646 kfree(tiblob); 710 kfree(tiblob);
@@ -668,8 +732,12 @@ calc_seckey(struct cifs_ses *ses)
668 732
669 desc.tfm = tfm_arc4; 733 desc.tfm = tfm_arc4;
670 734
671 crypto_blkcipher_setkey(tfm_arc4, ses->auth_key.response, 735 rc = crypto_blkcipher_setkey(tfm_arc4, ses->auth_key.response,
672 CIFS_SESS_KEY_SIZE); 736 CIFS_SESS_KEY_SIZE);
737 if (rc) {
738 cERROR(1, "%s: Could not set response as a key", __func__);
739 return rc;
740 }
673 741
674 sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE); 742 sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE);
675 sg_init_one(&sgout, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE); 743 sg_init_one(&sgout, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE);
@@ -688,7 +756,7 @@ calc_seckey(struct cifs_ses *ses)
688 756
689 crypto_free_blkcipher(tfm_arc4); 757 crypto_free_blkcipher(tfm_arc4);
690 758
691 return 0; 759 return rc;
692} 760}
693 761
694void 762void