diff options
| author | Steve French <sfrench@us.ibm.com> | 2010-08-20 16:42:26 -0400 |
|---|---|---|
| committer | Steve French <sfrench@us.ibm.com> | 2010-08-20 16:42:26 -0400 |
| commit | 9fbc590860e75785bdaf8b83e48fabfe4d4f7d58 (patch) | |
| tree | dccc154927cf1e12c702537b5bc028158b938e21 /fs/cifs/connect.c | |
| parent | bf4f12113812ac5be76c5590c6f50c8346f784a4 (diff) | |
[CIFS] Fix ntlmv2 auth with ntlmssp
Make ntlmv2 as an authentication mechanism within ntlmssp
instead of ntlmv1.
Parse type 2 response in ntlmssp negotiation to pluck
AV pairs and use them to calculate ntlmv2 response token.
Also, assign domain name from the sever response in type 2
packet of ntlmssp and use that (netbios) domain name in
calculation of response.
Enable cifs/smb signing using rc4 and md5.
Changed name of the structure mac_key to session_key to reflect
the type of key it holds.
Use kernel crypto_shash_* APIs instead of the equivalent cifs functions.
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/connect.c')
| -rw-r--r-- | fs/cifs/connect.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 446e2486d5f0..18af707f00f1 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
| @@ -1707,6 +1707,7 @@ cifs_put_smb_ses(struct cifsSesInfo *ses) | |||
| 1707 | CIFSSMBLogoff(xid, ses); | 1707 | CIFSSMBLogoff(xid, ses); |
| 1708 | _FreeXid(xid); | 1708 | _FreeXid(xid); |
| 1709 | } | 1709 | } |
| 1710 | cifs_crypto_shash_release(server); | ||
| 1710 | sesInfoFree(ses); | 1711 | sesInfoFree(ses); |
| 1711 | cifs_put_tcp_session(server); | 1712 | cifs_put_tcp_session(server); |
| 1712 | } | 1713 | } |
| @@ -1786,13 +1787,23 @@ cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info) | |||
| 1786 | ses->linux_uid = volume_info->linux_uid; | 1787 | ses->linux_uid = volume_info->linux_uid; |
| 1787 | ses->overrideSecFlg = volume_info->secFlg; | 1788 | ses->overrideSecFlg = volume_info->secFlg; |
| 1788 | 1789 | ||
| 1790 | rc = cifs_crypto_shash_allocate(server); | ||
| 1791 | if (rc) { | ||
| 1792 | cERROR(1, "could not setup hash structures rc %d", rc); | ||
| 1793 | goto get_ses_fail; | ||
| 1794 | } | ||
| 1795 | server->tilen = 0; | ||
| 1796 | server->tiblob = NULL; | ||
| 1797 | |||
| 1789 | mutex_lock(&ses->session_mutex); | 1798 | mutex_lock(&ses->session_mutex); |
| 1790 | rc = cifs_negotiate_protocol(xid, ses); | 1799 | rc = cifs_negotiate_protocol(xid, ses); |
| 1791 | if (!rc) | 1800 | if (!rc) |
| 1792 | rc = cifs_setup_session(xid, ses, volume_info->local_nls); | 1801 | rc = cifs_setup_session(xid, ses, volume_info->local_nls); |
| 1793 | mutex_unlock(&ses->session_mutex); | 1802 | mutex_unlock(&ses->session_mutex); |
| 1794 | if (rc) | 1803 | if (rc) { |
| 1804 | cifs_crypto_shash_release(ses->server); | ||
| 1795 | goto get_ses_fail; | 1805 | goto get_ses_fail; |
| 1806 | } | ||
| 1796 | 1807 | ||
| 1797 | /* success, put it on the list */ | 1808 | /* success, put it on the list */ |
| 1798 | write_lock(&cifs_tcp_ses_lock); | 1809 | write_lock(&cifs_tcp_ses_lock); |