diff options
author | Shirish Pargaonkar <shirishpargaonkar@gmail.com> | 2010-10-21 07:42:55 -0400 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2010-10-26 14:20:10 -0400 |
commit | 21e733930be6458e0c33482b6783e7c15ba984eb (patch) | |
tree | 1458ccf45529649267451a7e06fcd25d9c7ab0ac /fs/cifs/cifsproto.h | |
parent | 6573e9b73e19c0f6b9dfa2b399267ea0f42d6c6b (diff) |
NTLM auth and sign - Allocate session key/client response dynamically
Start calculating auth response within a session. Move/Add pertinet
data structures like session key, server challenge and ntlmv2_hash in
a session structure. We should do the calculations within a session
before copying session key and response over to server data
structures because a session setup can fail.
Only after a very first smb session succeeds, it copy/make its
session key, session key of smb connection. This key stays with
the smb connection throughout its life.
sequence_number within server is set to 0x2.
The authentication Message Authentication Key (mak) which consists
of session key followed by client response within structure session_key
is now dynamic. Every authentication type allocates the key + response
sized memory within its session structure and later either assigns or
frees it once the client response is sent and if session's session key
becomes connetion's session key.
ntlm/ntlmi authentication functions are rearranged. A function
named setup_ntlm_resp(), similar to setup_ntlmv2_resp(), replaces
function cifs_calculate_session_key().
size of CIFS_SESS_KEY_SIZE is changed to 16, to reflect the byte size
of the key it holds.
Reviewed-by: Jeff Layton <jlayton@samba.org>
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/cifsproto.h')
-rw-r--r-- | fs/cifs/cifsproto.h | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h index e593c40ba7ba..8c2d0cf1a62f 100644 --- a/fs/cifs/cifsproto.h +++ b/fs/cifs/cifsproto.h | |||
@@ -362,13 +362,12 @@ extern int cifs_sign_smb(struct smb_hdr *, struct TCP_Server_Info *, __u32 *); | |||
362 | extern int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *, | 362 | extern int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *, |
363 | __u32 *); | 363 | __u32 *); |
364 | extern int cifs_verify_signature(struct smb_hdr *, | 364 | extern int cifs_verify_signature(struct smb_hdr *, |
365 | const struct session_key *session_key, | 365 | struct TCP_Server_Info *server, |
366 | __u32 expected_sequence_number); | 366 | __u32 expected_sequence_number); |
367 | extern int cifs_calculate_session_key(struct session_key *key, const char *rn, | 367 | extern void SMBNTencrypt(unsigned char *, unsigned char *, unsigned char *); |
368 | const char *pass); | 368 | extern int setup_ntlm_response(struct cifsSesInfo *); |
369 | extern void CalcNTLMv2_response(const struct cifsSesInfo *, char *); | 369 | extern void CalcNTLMv2_response(const struct cifsSesInfo *); |
370 | extern int setup_ntlmv2_rsp(struct cifsSesInfo *, char *, | 370 | extern int setup_ntlmv2_rsp(struct cifsSesInfo *, const struct nls_table *); |
371 | const struct nls_table *); | ||
372 | #ifdef CONFIG_CIFS_WEAK_PW_HASH | 371 | #ifdef CONFIG_CIFS_WEAK_PW_HASH |
373 | extern void calc_lanman_hash(const char *password, const char *cryptkey, | 372 | extern void calc_lanman_hash(const char *password, const char *cryptkey, |
374 | bool encrypt, char *lnm_session_key); | 373 | bool encrypt, char *lnm_session_key); |