[CIFS] Fix ntlmv2 auth with ntlmssp

Make ntlmv2 as an authentication mechanism within ntlmssp instead of ntlmv1. Parse type 2 response in ntlmssp negotiation to pluck AV pairs and use them to calculate ntlmv2 response token. Also, assign domain name from the sever response in type 2 packet of ntlmssp and use that (netbios) domain name in calculation of response. Enable cifs/smb signing using rc4 and md5. Changed name of the structure mac_key to session_key to reflect the type of key it holds. Use kernel crypto_shash_* APIs instead of the equivalent cifs functions. Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Steve French <sfrench@us.ibm.com>
author: Steve French <sfrench@us.ibm.com> 2010-08-20 16:42:26 -0400
committer: Steve French <sfrench@us.ibm.com> 2010-08-20 16:42:26 -0400
commit: 9fbc590860e75785bdaf8b83e48fabfe4d4f7d58 (patch)
tree: dccc154927cf1e12c702537b5bc028158b938e21 /fs/cifs/transport.c
parent: bf4f12113812ac5be76c5590c6f50c8346f784a4 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c
index 82f78c4d6978..e0588cdf4cc5 100644
--- a/fs/cifs/transport.c
+++ b/fs/cifs/transport.c
@@ -543,7 +543,7 @@ SendReceive2(const unsigned int xid, struct cifsSesInfo *ses,
                    (ses->server->secMode & (SECMODE_SIGN_REQUIRED |
                                             SECMODE_SIGN_ENABLED))) {
                        rc = cifs_verify_signature(midQ->resp_buf,
-                                                &ses->server->mac_signing_key,
+                                                ses->server,
                                                midQ->sequence_number+1);
                        if (rc) {
                                cERROR(1, "Unexpected SMB signature");
@@ -731,7 +731,7 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses,
                    (ses->server->secMode & (SECMODE_SIGN_REQUIRED |
                                             SECMODE_SIGN_ENABLED))) {
                        rc = cifs_verify_signature(out_buf,
-                                                &ses->server->mac_signing_key,
+                                                ses->server,
                                                midQ->sequence_number+1);
                        if (rc) {
                                cERROR(1, "Unexpected SMB signature");
@@ -981,7 +981,7 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
            (ses->server->secMode & (SECMODE_SIGN_REQUIRED |
                                     SECMODE_SIGN_ENABLED))) {
                rc = cifs_verify_signature(out_buf,
-                                           &ses->server->mac_signing_key,
+                                           ses->server,
                                           midQ->sequence_number+1);
                if (rc) {
                        cERROR(1, "Unexpected SMB signature");
author	Steve French <sfrench@us.ibm.com>	2010-08-20 16:42:26 -0400
committer	Steve French <sfrench@us.ibm.com>	2010-08-20 16:42:26 -0400
commit	9fbc590860e75785bdaf8b83e48fabfe4d4f7d58 (patch)
tree	dccc154927cf1e12c702537b5bc028158b938e21 /fs/cifs/transport.c
parent	bf4f12113812ac5be76c5590c6f50c8346f784a4 (diff)

diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c index 82f78c4d6978..e0588cdf4cc5 100644 --- a/fs/cifs/transport.c +++ b/fs/cifs/transport.c
@@ -543,7 +543,7 @@ SendReceive2(const unsigned int xid, struct cifsSesInfo *ses,
543	(ses->server->secMode & (SECMODE_SIGN_REQUIRED \|	543	(ses->server->secMode & (SECMODE_SIGN_REQUIRED \|
544	SECMODE_SIGN_ENABLED))) {	544	SECMODE_SIGN_ENABLED))) {
545	rc = cifs_verify_signature(midQ->resp_buf,	545	rc = cifs_verify_signature(midQ->resp_buf,
546	&ses->server->mac_signing_key,	546	ses->server,
547	midQ->sequence_number+1);	547	midQ->sequence_number+1);
548	if (rc) {	548	if (rc) {
549	cERROR(1, "Unexpected SMB signature");	549	cERROR(1, "Unexpected SMB signature");
@@ -731,7 +731,7 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses,
731	(ses->server->secMode & (SECMODE_SIGN_REQUIRED \|	731	(ses->server->secMode & (SECMODE_SIGN_REQUIRED \|
732	SECMODE_SIGN_ENABLED))) {	732	SECMODE_SIGN_ENABLED))) {
733	rc = cifs_verify_signature(out_buf,	733	rc = cifs_verify_signature(out_buf,
734	&ses->server->mac_signing_key,	734	ses->server,
735	midQ->sequence_number+1);	735	midQ->sequence_number+1);
736	if (rc) {	736	if (rc) {
737	cERROR(1, "Unexpected SMB signature");	737	cERROR(1, "Unexpected SMB signature");
@@ -981,7 +981,7 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
981	(ses->server->secMode & (SECMODE_SIGN_REQUIRED \|	981	(ses->server->secMode & (SECMODE_SIGN_REQUIRED \|
982	SECMODE_SIGN_ENABLED))) {	982	SECMODE_SIGN_ENABLED))) {
983	rc = cifs_verify_signature(out_buf,	983	rc = cifs_verify_signature(out_buf,
984	&ses->server->mac_signing_key,	984	ses->server,
985	midQ->sequence_number+1);	985	midQ->sequence_number+1);
986	if (rc) {	986	if (rc) {
987	cERROR(1, "Unexpected SMB signature");	987	cERROR(1, "Unexpected SMB signature");