aboutsummaryrefslogtreecommitdiffstats
path: root/fs/cifs/connect.c
diff options
context:
space:
mode:
authorSteve French <sfrench@us.ibm.com>2006-01-14 00:34:58 -0500
committerSteve French <sfrench@us.ibm.com>2006-01-14 00:34:58 -0500
commiteeac8047fcf4c659eb15f2e27a0ef4aeba64157f (patch)
tree91b1e32bb9f2d6f9e9a122bd5e737df40701ab11 /fs/cifs/connect.c
parent84153973a29dfb3f3d9fe2fe75c2cd613a3cdf27 (diff)
[CIFS] Fix CIFS to recognize share mode security
Fix Samba bugzilla bug 3301 In share mode encrypted password must be sent on tree connection (in our case only the NTLM password is sent, not the older LANMAN one). Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/connect.c')
-rw-r--r--fs/cifs/connect.c27
1 files changed, 22 insertions, 5 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 1817d5313a8a..88f60aa52058 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -1795,7 +1795,8 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
1795 cifs_sb->mnt_gid = volume_info.linux_gid; 1795 cifs_sb->mnt_gid = volume_info.linux_gid;
1796 cifs_sb->mnt_file_mode = volume_info.file_mode; 1796 cifs_sb->mnt_file_mode = volume_info.file_mode;
1797 cifs_sb->mnt_dir_mode = volume_info.dir_mode; 1797 cifs_sb->mnt_dir_mode = volume_info.dir_mode;
1798 cFYI(1,("file mode: 0x%x dir mode: 0x%x",cifs_sb->mnt_file_mode,cifs_sb->mnt_dir_mode)); 1798 cFYI(1,("file mode: 0x%x dir mode: 0x%x",
1799 cifs_sb->mnt_file_mode,cifs_sb->mnt_dir_mode));
1799 1800
1800 if(volume_info.noperm) 1801 if(volume_info.noperm)
1801 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM; 1802 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
@@ -1972,7 +1973,7 @@ CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
1972 __u32 capabilities; 1973 __u32 capabilities;
1973 __u16 count; 1974 __u16 count;
1974 1975
1975 cFYI(1, ("In sesssetup ")); 1976 cFYI(1, ("In sesssetup"));
1976 if(ses == NULL) 1977 if(ses == NULL)
1977 return -EINVAL; 1978 return -EINVAL;
1978 user = ses->userName; 1979 user = ses->userName;
@@ -3248,9 +3249,26 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
3248 3249
3249 pSMB->AndXCommand = 0xFF; 3250 pSMB->AndXCommand = 0xFF;
3250 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO); 3251 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
3251 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
3252 bcc_ptr = &pSMB->Password[0]; 3252 bcc_ptr = &pSMB->Password[0];
3253 bcc_ptr++; /* skip password */ 3253 if((ses->server->secMode) & SECMODE_USER) {
3254 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
3255 bcc_ptr++; /* skip password */
3256 } else {
3257 pSMB->PasswordLength = cpu_to_le16(CIFS_SESSION_KEY_SIZE);
3258 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3259 specified as required (when that support is added to
3260 the vfs in the future) as only NTLM or the much
3261 weaker LANMAN (which we do not send) is accepted
3262 by Samba (not sure whether other servers allow
3263 NTLMv2 password here) */
3264 SMBNTencrypt(ses->password,
3265 ses->server->cryptKey,
3266 bcc_ptr);
3267
3268 bcc_ptr += CIFS_SESSION_KEY_SIZE;
3269 *bcc_ptr = 0;
3270 bcc_ptr++; /* align */
3271 }
3254 3272
3255 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) 3273 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
3256 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE; 3274 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
@@ -3268,7 +3286,6 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
3268 bcc_ptr += 2 * length; /* convert num of 16 bit words to bytes */ 3286 bcc_ptr += 2 * length; /* convert num of 16 bit words to bytes */
3269 bcc_ptr += 2; /* skip trailing null */ 3287 bcc_ptr += 2; /* skip trailing null */
3270 } else { /* ASCII */ 3288 } else { /* ASCII */
3271
3272 strcpy(bcc_ptr, tree); 3289 strcpy(bcc_ptr, tree);
3273 bcc_ptr += strlen(tree) + 1; 3290 bcc_ptr += strlen(tree) + 1;
3274 } 3291 }
generated by cgit v1.2.2 (git 2.25.0) at 2024-09-20 12:24:47 -0400