diff options
| author | Jeff Layton <jlayton@redhat.com> | 2008-12-05 20:41:21 -0500 |
|---|---|---|
| committer | Steve French <sfrench@us.ibm.com> | 2008-12-25 21:29:11 -0500 |
| commit | 00e485b0198ea4f509341373f1d9adb0a5977a2f (patch) | |
| tree | 2f8a50be11f0551fe8ad2af33a00577621398027 /fs | |
| parent | 4e53a3fb98d3d5c2941d2e7199dab317a9d4ead3 (diff) | |
cifs: store password in tcon
cifs: store password in tcon
Each tcon has its own password for share-level security. Store it in
the tcon and wipe it clean and free it when freeing the tcon. When
doing the tree connect with share-level security, use the tcon password
instead of the session password.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/cifs/cifsglob.h | 1 | ||||
| -rw-r--r-- | fs/cifs/connect.c | 25 | ||||
| -rw-r--r-- | fs/cifs/misc.c | 4 |
3 files changed, 23 insertions, 7 deletions
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 0fb934d3623b..94c1ca0ec953 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h | |||
| @@ -242,6 +242,7 @@ struct cifsTconInfo { | |||
| 242 | struct cifsSesInfo *ses; /* pointer to session associated with */ | 242 | struct cifsSesInfo *ses; /* pointer to session associated with */ |
| 243 | char treeName[MAX_TREE_SIZE + 1]; /* UNC name of resource in ASCII */ | 243 | char treeName[MAX_TREE_SIZE + 1]; /* UNC name of resource in ASCII */ |
| 244 | char *nativeFileSystem; | 244 | char *nativeFileSystem; |
| 245 | char *password; /* for share-level security */ | ||
| 245 | __u16 tid; /* The 2 byte tree id */ | 246 | __u16 tid; /* The 2 byte tree id */ |
| 246 | __u16 Flags; /* optional support bits */ | 247 | __u16 Flags; /* optional support bits */ |
| 247 | enum statusEnum tidStatus; | 248 | enum statusEnum tidStatus; |
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 3a84a375cb6f..3caadf12d76d 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
| @@ -2282,9 +2282,12 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, | |||
| 2282 | 2282 | ||
| 2283 | /* volume_info->password freed at unmount */ | 2283 | /* volume_info->password freed at unmount */ |
| 2284 | if (volume_info->password) { | 2284 | if (volume_info->password) { |
| 2285 | pSesInfo->password = volume_info->password; | 2285 | pSesInfo->password = kstrdup(volume_info->password, |
| 2286 | /* set to NULL to prevent freeing on exit */ | 2286 | GFP_KERNEL); |
| 2287 | volume_info->password = NULL; | 2287 | if (!pSesInfo->password) { |
| 2288 | rc = -ENOMEM; | ||
| 2289 | goto mount_fail_check; | ||
| 2290 | } | ||
| 2288 | } | 2291 | } |
| 2289 | if (volume_info->username) | 2292 | if (volume_info->username) |
| 2290 | strncpy(pSesInfo->userName, volume_info->username, | 2293 | strncpy(pSesInfo->userName, volume_info->username, |
| @@ -2324,7 +2327,16 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, | |||
| 2324 | rc = -ENOMEM; | 2327 | rc = -ENOMEM; |
| 2325 | goto mount_fail_check; | 2328 | goto mount_fail_check; |
| 2326 | } | 2329 | } |
| 2330 | |||
| 2327 | tcon->ses = pSesInfo; | 2331 | tcon->ses = pSesInfo; |
| 2332 | if (volume_info->password) { | ||
| 2333 | tcon->password = kstrdup(volume_info->password, | ||
| 2334 | GFP_KERNEL); | ||
| 2335 | if (!tcon->password) { | ||
| 2336 | rc = -ENOMEM; | ||
| 2337 | goto mount_fail_check; | ||
| 2338 | } | ||
| 2339 | } | ||
| 2328 | 2340 | ||
| 2329 | /* check for null share name ie connect to dfs root */ | 2341 | /* check for null share name ie connect to dfs root */ |
| 2330 | if ((strchr(volume_info->UNC + 3, '\\') == NULL) | 2342 | if ((strchr(volume_info->UNC + 3, '\\') == NULL) |
| @@ -3532,15 +3544,14 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses, | |||
| 3532 | NTLMv2 password here) */ | 3544 | NTLMv2 password here) */ |
| 3533 | #ifdef CONFIG_CIFS_WEAK_PW_HASH | 3545 | #ifdef CONFIG_CIFS_WEAK_PW_HASH |
| 3534 | if ((extended_security & CIFSSEC_MAY_LANMAN) && | 3546 | if ((extended_security & CIFSSEC_MAY_LANMAN) && |
| 3535 | (ses->server->secType == LANMAN)) | 3547 | (ses->server->secType == LANMAN)) |
| 3536 | calc_lanman_hash(ses->password, ses->server->cryptKey, | 3548 | calc_lanman_hash(tcon->password, ses->server->cryptKey, |
| 3537 | ses->server->secMode & | 3549 | ses->server->secMode & |
| 3538 | SECMODE_PW_ENCRYPT ? true : false, | 3550 | SECMODE_PW_ENCRYPT ? true : false, |
| 3539 | bcc_ptr); | 3551 | bcc_ptr); |
| 3540 | else | 3552 | else |
| 3541 | #endif /* CIFS_WEAK_PW_HASH */ | 3553 | #endif /* CIFS_WEAK_PW_HASH */ |
| 3542 | SMBNTencrypt(ses->password, | 3554 | SMBNTencrypt(tcon->password, ses->server->cryptKey, |
| 3543 | ses->server->cryptKey, | ||
| 3544 | bcc_ptr); | 3555 | bcc_ptr); |
| 3545 | 3556 | ||
| 3546 | bcc_ptr += CIFS_SESS_KEY_SIZE; | 3557 | bcc_ptr += CIFS_SESS_KEY_SIZE; |
diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c index 7c3f4b9230d7..a0513605d7e3 100644 --- a/fs/cifs/misc.c +++ b/fs/cifs/misc.c | |||
| @@ -132,6 +132,10 @@ tconInfoFree(struct cifsTconInfo *buf_to_free) | |||
| 132 | } | 132 | } |
| 133 | atomic_dec(&tconInfoAllocCount); | 133 | atomic_dec(&tconInfoAllocCount); |
| 134 | kfree(buf_to_free->nativeFileSystem); | 134 | kfree(buf_to_free->nativeFileSystem); |
| 135 | if (buf_to_free->password) { | ||
| 136 | memset(buf_to_free->password, 0, strlen(buf_to_free->password)); | ||
| 137 | kfree(buf_to_free->password); | ||
| 138 | } | ||
| 135 | kfree(buf_to_free); | 139 | kfree(buf_to_free); |
| 136 | } | 140 | } |
| 137 | 141 | ||