3 files changed, 56 insertions, 16 deletions
diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c
index 4e10e21c54fd..7c0015a96959 100644
--- a/fs/cifs/cifs_debug.c
+++ b/fs/cifs/cifs_debug.c
@@ -445,8 +445,8 @@ static read_proc_t traceSMB_read;
 static write_proc_t traceSMB_write;
 static read_proc_t multiuser_mount_read;
 static write_proc_t multiuser_mount_write;
-static read_proc_t extended_security_read;
+static read_proc_t security_flags_read;
-static write_proc_t extended_security_write;
+static write_proc_t security_flags_write;
 /* static read_proc_t ntlmv2_enabled_read;
 static write_proc_t ntlmv2_enabled_write;
 static read_proc_t packet_signing_enabled_read;
@@ -509,9 +509,9 @@ cifs_proc_init(void)
        pde =
            create_proc_read_entry("SecurityFlags", 0, proc_fs_cifs,
-                                extended_security_read, NULL);
+                                security_flags_read, NULL);
        if (pde)
-                pde->write_proc = extended_security_write;
+                pde->write_proc = security_flags_write;
        pde =
        create_proc_read_entry("LookupCacheEnabled", 0, proc_fs_cifs,
@@ -832,7 +832,7 @@ multiuser_mount_write(struct file *file, const char __user *buffer,
 }
 static int
-extended_security_read(char *page, char **start, off_t off,
+security_flags_read(char *page, char **start, off_t off,
                       int count, int *eof, void *data)
 {
        int len;
@@ -853,26 +853,50 @@ extended_security_read(char *page, char **start, off_t off,
        return len;
 }
 static int
-extended_security_write(struct file *file, const char __user *buffer,
+security_flags_write(struct file *file, const char __user *buffer,
                        unsigned long count, void *data)
 {
+        unsigned int flags;
+        char flags_string[12];
        char c;
-        int rc;
        cERROR(1,("size %ld",count)); /* BB removeme BB */
-        if((count < 2) || (count > 8))
+        if((count < 1) || (count > 11))
                return -EINVAL;
-        rc = get_user(c, buffer);
+        memset(flags_string, 0, 12);
-/* BB fixme need to parse more characters in order to handle CIFSSEC flags */ 
+        if(copy_from_user(flags_string, buffer, count))
+                return -EFAULT;
-        if (rc)
+        if(count < 3) {
-                return rc;
+                /* single char or single char followed by null */
-        if (c == '0' || c == 'n' || c == 'N')
+                c = flags_string[0];
-                extended_security = CIFSSEC_DEF; /* default */
+                if (c == '0' || c == 'n' || c == 'N')
-        else if (c == '1' || c == 'y' || c == 'Y')
+                        extended_security = CIFSSEC_DEF; /* default */
-                extended_security = CIFSSEC_MAX;
+                else if (c == '1' || c == 'y' || c == 'Y')
+                        extended_security = CIFSSEC_MAX;
+                return count;
+        }
+        /* else we have a number */
+        flags = simple_strtoul(flags_string, NULL, 0);
+        cERROR(1,("sec flags 0x%x", flags));  /* BB FIXME make cFYI */
+        if(flags <= 0)  {
+                cERROR(1,("invalid security flags %s",flags_string));
+                return -EINVAL;
+        }
+        if((flags & CIFSSEC_MASK) != CIFSSEC_MASK) {
+                cERROR(1,("attempt to set unsupported security flags 0x%d",
+                        flags & ~CIFSSEC_MASK));
+                return -EINVAL;
+        }
+        /* flags look ok - update the global security flags for cifs module */
+        extended_security = flags;
        return count;
 }
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index e11d8c6bb227..3ae964bbfdc3 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -271,9 +271,18 @@ void calc_lanman_hash(struct cifsSesInfo * ses, char * lnm_session_key)
        int i;
        char password_with_pad[CIFS_ENCPWD_SIZE];
+        if(ses->server == NULL)
+                return;
        memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
        strncpy(password_with_pad, ses->password, CIFS_ENCPWD_SIZE);
+        if((ses->server->secMode & SECMODE_PW_ENCRYPT) == 0)
+                if(extended_security & CIFSSEC_MAY_PLNTXT) {
+                        memcpy(lnm_session_key, password_with_pad, CIFS_ENCPWD_SIZE); 
+                        return;
+                }
        /* calculate old style session key */
        /* calling toupper is less broken than repeatedly
        calling nls_toupper would be since that will never
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index b8c236be4d85..77cca3809467 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -492,6 +492,13 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
                server->secMode = pSMBr->SecurityMode;
                if((server->secMode & SECMODE_USER) == 0)
                        cFYI(1,("share mode security"));
+                if((server->secMode & SECMODE_PW_ENCRYPT) == 0)
+#ifdef CONFIG_CIFS_WEAK_PW_HASH
+                        if ((extended_security & CIFSSEC_MAY_PLNTXT) == 0)
+#endif /* CIFS_WEAK_PW_HASH */
+                                cERROR(1,("Server requests plain text password"
+                                        " but client support disabled"));
                
                if(extended_security & CIFSSEC_MUST_NTLMV2)
                        server->secType = NTLMv2;

diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c index 4e10e21c54fd..7c0015a96959 100644 --- a/fs/cifs/cifs_debug.c +++ b/fs/cifs/cifs_debug.c
@@ -445,8 +445,8 @@ static read_proc_t traceSMB_read;
445	static write_proc_t traceSMB_write;	445	static write_proc_t traceSMB_write;
446	static read_proc_t multiuser_mount_read;	446	static read_proc_t multiuser_mount_read;
447	static write_proc_t multiuser_mount_write;	447	static write_proc_t multiuser_mount_write;
448	static read_proc_t extended_security_read;	448	static read_proc_t security_flags_read;
449	static write_proc_t extended_security_write;	449	static write_proc_t security_flags_write;
450	/* static read_proc_t ntlmv2_enabled_read;	450	/* static read_proc_t ntlmv2_enabled_read;
451	static write_proc_t ntlmv2_enabled_write;	451	static write_proc_t ntlmv2_enabled_write;
452	static read_proc_t packet_signing_enabled_read;	452	static read_proc_t packet_signing_enabled_read;
@@ -509,9 +509,9 @@ cifs_proc_init(void)
509		509
510	pde =	510	pde =
511	create_proc_read_entry("SecurityFlags", 0, proc_fs_cifs,	511	create_proc_read_entry("SecurityFlags", 0, proc_fs_cifs,
512	extended_security_read, NULL);	512	security_flags_read, NULL);
513	if (pde)	513	if (pde)
514	pde->write_proc = extended_security_write;	514	pde->write_proc = security_flags_write;
515		515
516	pde =	516	pde =
517	create_proc_read_entry("LookupCacheEnabled", 0, proc_fs_cifs,	517	create_proc_read_entry("LookupCacheEnabled", 0, proc_fs_cifs,
@@ -832,7 +832,7 @@ multiuser_mount_write(struct file file, const char __user buffer,
832	}	832	}
833		833
834	static int	834	static int
835	extended_security_read(char page, char *start, off_t off,	835	security_flags_read(char page, char *start, off_t off,
836	int count, int eof, void data)	836	int count, int eof, void data)
837	{	837	{
838	int len;	838	int len;
@@ -853,26 +853,50 @@ extended_security_read(char page, char *start, off_t off,
853	return len;	853	return len;
854	}	854	}
855	static int	855	static int
856	extended_security_write(struct file file, const char __user buffer,	856	security_flags_write(struct file file, const char __user buffer,
857	unsigned long count, void *data)	857	unsigned long count, void *data)
858	{	858	{
		859	unsigned int flags;
		860	char flags_string[12];
859	char c;	861	char c;
860	int rc;	862
861	cERROR(1,("size %ld",count)); /* BB removeme BB */	863	cERROR(1,("size %ld",count)); /* BB removeme BB */
862	if((count < 2) \|\| (count > 8))	864
		865	if((count < 1) \|\| (count > 11))
863	return -EINVAL;	866	return -EINVAL;
864		867
865	rc = get_user(c, buffer);	868	memset(flags_string, 0, 12);
866		869
867	/* BB fixme need to parse more characters in order to handle CIFSSEC flags */	870	if(copy_from_user(flags_string, buffer, count))
		871	return -EFAULT;
868		872
869	if (rc)	873	if(count < 3) {
870	return rc;	874	/* single char or single char followed by null */
871	if (c == '0' \|\| c == 'n' \|\| c == 'N')	875	c = flags_string[0];
872	extended_security = CIFSSEC_DEF; /* default */	876	if (c == '0' \|\| c == 'n' \|\| c == 'N')
873	else if (c == '1' \|\| c == 'y' \|\| c == 'Y')	877	extended_security = CIFSSEC_DEF; /* default */
874	extended_security = CIFSSEC_MAX;	878	else if (c == '1' \|\| c == 'y' \|\| c == 'Y')
		879	extended_security = CIFSSEC_MAX;
		880	return count;
		881	}
		882	/* else we have a number */
		883
		884	flags = simple_strtoul(flags_string, NULL, 0);
		885
		886	cERROR(1,("sec flags 0x%x", flags)); /* BB FIXME make cFYI */
		887
		888	if(flags <= 0) {
		889	cERROR(1,("invalid security flags %s",flags_string));
		890	return -EINVAL;
		891	}
875		892
		893	if((flags & CIFSSEC_MASK) != CIFSSEC_MASK) {
		894	cERROR(1,("attempt to set unsupported security flags 0x%d",
		895	flags & ~CIFSSEC_MASK));
		896	return -EINVAL;
		897	}
		898	/* flags look ok - update the global security flags for cifs module */
		899	extended_security = flags;
876	return count;	900	return count;
877	}	901	}
878		902


diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index e11d8c6bb227..3ae964bbfdc3 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c
@@ -271,9 +271,18 @@ void calc_lanman_hash(struct cifsSesInfo * ses, char * lnm_session_key)
271	int i;	271	int i;
272	char password_with_pad[CIFS_ENCPWD_SIZE];	272	char password_with_pad[CIFS_ENCPWD_SIZE];
273		273
		274	if(ses->server == NULL)
		275	return;
		276
274	memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);	277	memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
275	strncpy(password_with_pad, ses->password, CIFS_ENCPWD_SIZE);	278	strncpy(password_with_pad, ses->password, CIFS_ENCPWD_SIZE);
276		279
		280	if((ses->server->secMode & SECMODE_PW_ENCRYPT) == 0)
		281	if(extended_security & CIFSSEC_MAY_PLNTXT) {
		282	memcpy(lnm_session_key, password_with_pad, CIFS_ENCPWD_SIZE);
		283	return;
		284	}
		285
277	/* calculate old style session key */	286	/* calculate old style session key */
278	/* calling toupper is less broken than repeatedly	287	/* calling toupper is less broken than repeatedly
279	calling nls_toupper would be since that will never	288	calling nls_toupper would be since that will never


diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index b8c236be4d85..77cca3809467 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c
@@ -492,6 +492,13 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
492	server->secMode = pSMBr->SecurityMode;	492	server->secMode = pSMBr->SecurityMode;
493	if((server->secMode & SECMODE_USER) == 0)	493	if((server->secMode & SECMODE_USER) == 0)
494	cFYI(1,("share mode security"));	494	cFYI(1,("share mode security"));
		495
		496	if((server->secMode & SECMODE_PW_ENCRYPT) == 0)
		497	#ifdef CONFIG_CIFS_WEAK_PW_HASH
		498	if ((extended_security & CIFSSEC_MAY_PLNTXT) == 0)
		499	#endif /* CIFS_WEAK_PW_HASH */
		500	cERROR(1,("Server requests plain text password"
		501	" but client support disabled"));
495		502
496	if(extended_security & CIFSSEC_MUST_NTLMV2)	503	if(extended_security & CIFSSEC_MUST_NTLMV2)
497	server->secType = NTLMv2;	504	server->secType = NTLMv2;