diff options
| author | Steve French <smfrench@austin.rr.com> | 2005-04-29 01:41:05 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@ppc970.osdl.org> | 2005-04-29 01:41:05 -0400 |
| commit | ad009ac96509e005d9978d0ae9e9ec4d63ad2990 (patch) | |
| tree | eb15ee8333fd7b5816f8fe3d02250ff99601eba0 /fs/cifs/connect.c | |
| parent | c67593a03129967eae8939c4899767182eb6d6cd (diff) | |
[PATCH] cifs: Fix multiuser packet signing to use the right sequence number and mac session key
Signed-off-by: Steve French (sfrench@us.ibm.com)
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'fs/cifs/connect.c')
| -rw-r--r-- | fs/cifs/connect.c | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 40470b9d5477..814e709ca0ca 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
| @@ -182,7 +182,8 @@ cifs_reconnect(struct TCP_Server_Info *server) | |||
| 182 | spin_lock(&GlobalMid_Lock); | 182 | spin_lock(&GlobalMid_Lock); |
| 183 | if(server->tcpStatus != CifsExiting) | 183 | if(server->tcpStatus != CifsExiting) |
| 184 | server->tcpStatus = CifsGood; | 184 | server->tcpStatus = CifsGood; |
| 185 | spin_unlock(&GlobalMid_Lock); | 185 | server->sequence_number = 0; |
| 186 | spin_unlock(&GlobalMid_Lock); | ||
| 186 | /* atomic_set(&server->inFlight,0);*/ | 187 | /* atomic_set(&server->inFlight,0);*/ |
| 187 | wake_up(&server->response_q); | 188 | wake_up(&server->response_q); |
| 188 | } | 189 | } |
| @@ -1352,6 +1353,7 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, | |||
| 1352 | } else | 1353 | } else |
| 1353 | rc = 0; | 1354 | rc = 0; |
| 1354 | memcpy(srvTcp->workstation_RFC1001_name, volume_info.source_rfc1001_name,16); | 1355 | memcpy(srvTcp->workstation_RFC1001_name, volume_info.source_rfc1001_name,16); |
| 1356 | srvTcp->sequence_number = 0; | ||
| 1355 | } | 1357 | } |
| 1356 | } | 1358 | } |
| 1357 | 1359 | ||
| @@ -2959,6 +2961,7 @@ int cifs_setup_session(unsigned int xid, struct cifsSesInfo *pSesInfo, | |||
| 2959 | int rc = 0; | 2961 | int rc = 0; |
| 2960 | char ntlm_session_key[CIFS_SESSION_KEY_SIZE]; | 2962 | char ntlm_session_key[CIFS_SESSION_KEY_SIZE]; |
| 2961 | int ntlmv2_flag = FALSE; | 2963 | int ntlmv2_flag = FALSE; |
| 2964 | int first_time = 0; | ||
| 2962 | 2965 | ||
| 2963 | /* what if server changes its buffer size after dropping the session? */ | 2966 | /* what if server changes its buffer size after dropping the session? */ |
| 2964 | if(pSesInfo->server->maxBuf == 0) /* no need to send on reconnect */ { | 2967 | if(pSesInfo->server->maxBuf == 0) /* no need to send on reconnect */ { |
| @@ -2977,12 +2980,13 @@ int cifs_setup_session(unsigned int xid, struct cifsSesInfo *pSesInfo, | |||
| 2977 | spin_unlock(&GlobalMid_Lock); | 2980 | spin_unlock(&GlobalMid_Lock); |
| 2978 | 2981 | ||
| 2979 | } | 2982 | } |
| 2983 | first_time = 1; | ||
| 2980 | } | 2984 | } |
| 2981 | if (!rc) { | 2985 | if (!rc) { |
| 2982 | pSesInfo->capabilities = pSesInfo->server->capabilities; | 2986 | pSesInfo->capabilities = pSesInfo->server->capabilities; |
| 2983 | if(linuxExtEnabled == 0) | 2987 | if(linuxExtEnabled == 0) |
| 2984 | pSesInfo->capabilities &= (~CAP_UNIX); | 2988 | pSesInfo->capabilities &= (~CAP_UNIX); |
| 2985 | pSesInfo->sequence_number = 0; | 2989 | /* pSesInfo->sequence_number = 0;*/ |
| 2986 | cFYI(1,("Security Mode: 0x%x Capabilities: 0x%x Time Zone: %d", | 2990 | cFYI(1,("Security Mode: 0x%x Capabilities: 0x%x Time Zone: %d", |
| 2987 | pSesInfo->server->secMode, | 2991 | pSesInfo->server->secMode, |
| 2988 | pSesInfo->server->capabilities, | 2992 | pSesInfo->server->capabilities, |
| @@ -3015,7 +3019,10 @@ int cifs_setup_session(unsigned int xid, struct cifsSesInfo *pSesInfo, | |||
| 3015 | v2_response = kmalloc(16 + 64 /* blob */, GFP_KERNEL); | 3019 | v2_response = kmalloc(16 + 64 /* blob */, GFP_KERNEL); |
| 3016 | if(v2_response) { | 3020 | if(v2_response) { |
| 3017 | CalcNTLMv2_response(pSesInfo,v2_response); | 3021 | CalcNTLMv2_response(pSesInfo,v2_response); |
| 3018 | /* cifs_calculate_ntlmv2_mac_key(pSesInfo->mac_signing_key, response, ntlm_session_key, */ | 3022 | /* if(first_time) |
| 3023 | cifs_calculate_ntlmv2_mac_key( | ||
| 3024 | pSesInfo->server->mac_signing_key, | ||
| 3025 | response, ntlm_session_key, */ | ||
| 3019 | kfree(v2_response); | 3026 | kfree(v2_response); |
| 3020 | /* BB Put dummy sig in SessSetup PDU? */ | 3027 | /* BB Put dummy sig in SessSetup PDU? */ |
| 3021 | } else { | 3028 | } else { |
| @@ -3028,9 +3035,11 @@ int cifs_setup_session(unsigned int xid, struct cifsSesInfo *pSesInfo, | |||
| 3028 | pSesInfo->server->cryptKey, | 3035 | pSesInfo->server->cryptKey, |
| 3029 | ntlm_session_key); | 3036 | ntlm_session_key); |
| 3030 | 3037 | ||
| 3031 | cifs_calculate_mac_key(pSesInfo->mac_signing_key, | 3038 | if(first_time) |
| 3032 | ntlm_session_key, | 3039 | cifs_calculate_mac_key( |
| 3033 | pSesInfo->password); | 3040 | pSesInfo->server->mac_signing_key, |
| 3041 | ntlm_session_key, | ||
| 3042 | pSesInfo->password); | ||
| 3034 | } | 3043 | } |
| 3035 | /* for better security the weaker lanman hash not sent | 3044 | /* for better security the weaker lanman hash not sent |
| 3036 | in AuthSessSetup so we no longer calculate it */ | 3045 | in AuthSessSetup so we no longer calculate it */ |
| @@ -3046,8 +3055,11 @@ int cifs_setup_session(unsigned int xid, struct cifsSesInfo *pSesInfo, | |||
| 3046 | pSesInfo->server->cryptKey, | 3055 | pSesInfo->server->cryptKey, |
| 3047 | ntlm_session_key); | 3056 | ntlm_session_key); |
| 3048 | 3057 | ||
| 3049 | cifs_calculate_mac_key(pSesInfo->mac_signing_key, | 3058 | if(first_time) |
| 3050 | ntlm_session_key, pSesInfo->password); | 3059 | cifs_calculate_mac_key( |
| 3060 | pSesInfo->server->mac_signing_key, | ||
| 3061 | ntlm_session_key, pSesInfo->password); | ||
| 3062 | |||
| 3051 | rc = CIFSSessSetup(xid, pSesInfo, | 3063 | rc = CIFSSessSetup(xid, pSesInfo, |
| 3052 | ntlm_session_key, nls_info); | 3064 | ntlm_session_key, nls_info); |
| 3053 | } | 3065 | } |