diff options
author | Shirish Pargaonkar <shirishpargaonkar@gmail.com> | 2010-10-21 07:42:55 -0400 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2010-10-26 14:20:10 -0400 |
commit | 21e733930be6458e0c33482b6783e7c15ba984eb (patch) | |
tree | 1458ccf45529649267451a7e06fcd25d9c7ab0ac /fs/cifs/connect.c | |
parent | 6573e9b73e19c0f6b9dfa2b399267ea0f42d6c6b (diff) |
NTLM auth and sign - Allocate session key/client response dynamically
Start calculating auth response within a session. Move/Add pertinet
data structures like session key, server challenge and ntlmv2_hash in
a session structure. We should do the calculations within a session
before copying session key and response over to server data
structures because a session setup can fail.
Only after a very first smb session succeeds, it copy/make its
session key, session key of smb connection. This key stays with
the smb connection throughout its life.
sequence_number within server is set to 0x2.
The authentication Message Authentication Key (mak) which consists
of session key followed by client response within structure session_key
is now dynamic. Every authentication type allocates the key + response
sized memory within its session structure and later either assigns or
frees it once the client response is sent and if session's session key
becomes connetion's session key.
ntlm/ntlmi authentication functions are rearranged. A function
named setup_ntlm_resp(), similar to setup_ntlmv2_resp(), replaces
function cifs_calculate_session_key().
size of CIFS_SESS_KEY_SIZE is changed to 16, to reflect the byte size
of the key it holds.
Reviewed-by: Jeff Layton <jlayton@samba.org>
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/connect.c')
-rw-r--r-- | fs/cifs/connect.c | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 7e73176acb58..c5807d39dced 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
@@ -175,6 +175,9 @@ cifs_reconnect(struct TCP_Server_Info *server) | |||
175 | } | 175 | } |
176 | server->sequence_number = 0; | 176 | server->sequence_number = 0; |
177 | server->session_estab = false; | 177 | server->session_estab = false; |
178 | kfree(server->session_key.response); | ||
179 | server->session_key.response = NULL; | ||
180 | server->session_key.len = 0; | ||
178 | 181 | ||
179 | spin_lock(&GlobalMid_Lock); | 182 | spin_lock(&GlobalMid_Lock); |
180 | list_for_each(tmp, &server->pending_mid_q) { | 183 | list_for_each(tmp, &server->pending_mid_q) { |
@@ -1562,6 +1565,10 @@ cifs_put_tcp_session(struct TCP_Server_Info *server) | |||
1562 | 1565 | ||
1563 | cifs_fscache_release_client_cookie(server); | 1566 | cifs_fscache_release_client_cookie(server); |
1564 | 1567 | ||
1568 | kfree(server->session_key.response); | ||
1569 | server->session_key.response = NULL; | ||
1570 | server->session_key.len = 0; | ||
1571 | |||
1565 | task = xchg(&server->tsk, NULL); | 1572 | task = xchg(&server->tsk, NULL); |
1566 | if (task) | 1573 | if (task) |
1567 | force_sig(SIGKILL, task); | 1574 | force_sig(SIGKILL, task); |
@@ -3178,10 +3185,11 @@ int cifs_setup_session(unsigned int xid, struct cifsSesInfo *ses, | |||
3178 | } else { | 3185 | } else { |
3179 | mutex_lock(&ses->server->srv_mutex); | 3186 | mutex_lock(&ses->server->srv_mutex); |
3180 | if (!server->session_estab) { | 3187 | if (!server->session_estab) { |
3181 | memcpy(&server->session_key.data, | 3188 | server->session_key.response = ses->auth_key.response; |
3182 | &ses->auth_key.data, ses->auth_key.len); | ||
3183 | server->session_key.len = ses->auth_key.len; | 3189 | server->session_key.len = ses->auth_key.len; |
3184 | ses->server->session_estab = true; | 3190 | server->sequence_number = 0x2; |
3191 | server->session_estab = true; | ||
3192 | ses->auth_key.response = NULL; | ||
3185 | } | 3193 | } |
3186 | mutex_unlock(&server->srv_mutex); | 3194 | mutex_unlock(&server->srv_mutex); |
3187 | 3195 | ||
@@ -3192,6 +3200,10 @@ int cifs_setup_session(unsigned int xid, struct cifsSesInfo *ses, | |||
3192 | spin_unlock(&GlobalMid_Lock); | 3200 | spin_unlock(&GlobalMid_Lock); |
3193 | } | 3201 | } |
3194 | 3202 | ||
3203 | kfree(ses->auth_key.response); | ||
3204 | ses->auth_key.response = NULL; | ||
3205 | ses->auth_key.len = 0; | ||
3206 | |||
3195 | return rc; | 3207 | return rc; |
3196 | } | 3208 | } |
3197 | 3209 | ||