1 files changed, 23 insertions, 13 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index c2cbe0ed98b3..e7d63737e651 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -57,9 +57,6 @@ int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server,
        int rc = 0;
        char smb_signature[20];
-        /* BB remember to initialize sequence number elsewhere and initialize mac_signing key elsewhere BB */
-        /* BB remember to add code to save expected sequence number in midQ entry BB */
        if((cifs_pdu == NULL) || (server == NULL))
                return -EINVAL;
@@ -86,20 +83,33 @@ int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server,
 static int cifs_calc_signature2(const struct kvec * iov, int n_vec,
                                const char * key, char * signature)
 {
-        struct  MD5Context context;
+        struct  MD5Context context;
+        int i;
-        if((iov == NULL) || (signature == NULL))
-                return -EINVAL;
-        MD5Init(&context);
+        if((iov == NULL) || (signature == NULL))
-        MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16);
+                return -EINVAL;
-/*        MD5Update(&context,cifs_pdu->Protocol,cifs_pdu->smb_buf_length); */ /* BB FIXME BB */
+        MD5Init(&context);
+        MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16);
+        for(i=0;i<n_vec;i++) {
+                if(iov[i].iov_base == NULL) {
+                        cERROR(1,("null iovec entry"));
+                        return -EIO;
+                } else if(iov[i].iov_len == 0)
+                        break; /* bail out if we are sent nothing to sign */
+                /* The first entry includes a length field (which does not get 
+                   signed that occupies the first 4 bytes before the header */
+                if(i==0) {
+                        if (iov[0].iov_len <= 8 ) /* cmd field at offset 9 */
+                                break; /* nothing to sign or corrupt header */
+                        MD5Update(&context,iov[0].iov_base+4, iov[0].iov_len-4);
+                } else
+                        MD5Update(&context,iov[i].iov_base, iov[i].iov_len);
+        }
-        MD5Final(signature,&context);
+        MD5Final(signature,&context);
-        return -EOPNOTSUPP;
+        return 0;
-/*        return 0; */
 }

diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index c2cbe0ed98b3..e7d63737e651 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c
@@ -57,9 +57,6 @@ int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server,
57	int rc = 0;	57	int rc = 0;
58	char smb_signature[20];	58	char smb_signature[20];
59		59
60	/* BB remember to initialize sequence number elsewhere and initialize mac_signing key elsewhere BB */
61	/* BB remember to add code to save expected sequence number in midQ entry BB */
62
63	if((cifs_pdu == NULL) \|\| (server == NULL))	60	if((cifs_pdu == NULL) \|\| (server == NULL))
64	return -EINVAL;	61	return -EINVAL;
65		62
@@ -86,20 +83,33 @@ int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server,
86	static int cifs_calc_signature2(const struct kvec * iov, int n_vec,	83	static int cifs_calc_signature2(const struct kvec * iov, int n_vec,
87	const char * key, char * signature)	84	const char * key, char * signature)
88	{	85	{
89	struct MD5Context context;	86	struct MD5Context context;
90		87	int i;
91	if((iov == NULL) \|\| (signature == NULL))
92	return -EINVAL;
93		88
94	MD5Init(&context);	89	if((iov == NULL) \|\| (signature == NULL))
95	MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16);	90	return -EINVAL;
96		91
97	/* MD5Update(&context,cifs_pdu->Protocol,cifs_pdu->smb_buf_length); / / BB FIXME BB */	92	MD5Init(&context);
		93	MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16);
		94	for(i=0;i<n_vec;i++) {
		95	if(iov[i].iov_base == NULL) {
		96	cERROR(1,("null iovec entry"));
		97	return -EIO;
		98	} else if(iov[i].iov_len == 0)
		99	break; /* bail out if we are sent nothing to sign */
		100	/* The first entry includes a length field (which does not get
		101	signed that occupies the first 4 bytes before the header */
		102	if(i==0) {
		103	if (iov[0].iov_len <= 8 ) /* cmd field at offset 9 */
		104	break; /* nothing to sign or corrupt header */
		105	MD5Update(&context,iov[0].iov_base+4, iov[0].iov_len-4);
		106	} else
		107	MD5Update(&context,iov[i].iov_base, iov[i].iov_len);
		108	}
98		109
99	MD5Final(signature,&context);	110	MD5Final(signature,&context);
100		111
101	return -EOPNOTSUPP;	112	return 0;
102	/* return 0; */
103	}	113	}
104		114
105		115