diff options
Diffstat (limited to 'fs/cifs/asn1.c')
-rw-r--r-- | fs/cifs/asn1.c | 35 |
1 files changed, 24 insertions, 11 deletions
diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c index 2a01f3ef96a0..bcda2c6b6a04 100644 --- a/fs/cifs/asn1.c +++ b/fs/cifs/asn1.c | |||
@@ -77,8 +77,12 @@ | |||
77 | 77 | ||
78 | #define SPNEGO_OID_LEN 7 | 78 | #define SPNEGO_OID_LEN 7 |
79 | #define NTLMSSP_OID_LEN 10 | 79 | #define NTLMSSP_OID_LEN 10 |
80 | #define KRB5_OID_LEN 7 | ||
81 | #define MSKRB5_OID_LEN 7 | ||
80 | static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 }; | 82 | static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 }; |
81 | static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 }; | 83 | static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 }; |
84 | static unsigned long KRB5_OID[7] = { 1, 2, 840, 113554, 1, 2, 2 }; | ||
85 | static unsigned long MSKRB5_OID[7] = { 1, 2, 840, 48018, 1, 2, 2 }; | ||
82 | 86 | ||
83 | /* | 87 | /* |
84 | * ASN.1 context. | 88 | * ASN.1 context. |
@@ -457,6 +461,7 @@ decode_negTokenInit(unsigned char *security_blob, int length, | |||
457 | unsigned long *oid = NULL; | 461 | unsigned long *oid = NULL; |
458 | unsigned int cls, con, tag, oidlen, rc; | 462 | unsigned int cls, con, tag, oidlen, rc; |
459 | int use_ntlmssp = FALSE; | 463 | int use_ntlmssp = FALSE; |
464 | int use_kerberos = FALSE; | ||
460 | 465 | ||
461 | *secType = NTLM; /* BB eventually make Kerberos or NLTMSSP the default*/ | 466 | *secType = NTLM; /* BB eventually make Kerberos or NLTMSSP the default*/ |
462 | 467 | ||
@@ -545,18 +550,28 @@ decode_negTokenInit(unsigned char *security_blob, int length, | |||
545 | return 0; | 550 | return 0; |
546 | } | 551 | } |
547 | if ((tag == ASN1_OJI) && (con == ASN1_PRI)) { | 552 | if ((tag == ASN1_OJI) && (con == ASN1_PRI)) { |
548 | rc = asn1_oid_decode(&ctx, end, &oid, &oidlen); | 553 | if (asn1_oid_decode(&ctx, end, &oid, &oidlen)) { |
549 | if (rc) { | 554 | |
550 | cFYI(1, | 555 | cFYI(1, |
551 | ("OID len = %d oid = 0x%lx 0x%lx " | 556 | ("OID len = %d oid = 0x%lx 0x%lx " |
552 | "0x%lx 0x%lx", | 557 | "0x%lx 0x%lx", |
553 | oidlen, *oid, *(oid + 1), | 558 | oidlen, *oid, *(oid + 1), |
554 | *(oid + 2), *(oid + 3))); | 559 | *(oid + 2), *(oid + 3))); |
555 | rc = compare_oid(oid, oidlen, | 560 | |
556 | NTLMSSP_OID, NTLMSSP_OID_LEN); | 561 | if (compare_oid(oid, oidlen, |
557 | kfree(oid); | 562 | MSKRB5_OID, |
558 | if (rc) | 563 | MSKRB5_OID_LEN)) |
564 | use_kerberos = TRUE; | ||
565 | else if (compare_oid(oid, oidlen, | ||
566 | KRB5_OID, | ||
567 | KRB5_OID_LEN)) | ||
568 | use_kerberos = TRUE; | ||
569 | else if (compare_oid(oid, oidlen, | ||
570 | NTLMSSP_OID, | ||
571 | NTLMSSP_OID_LEN)) | ||
559 | use_ntlmssp = TRUE; | 572 | use_ntlmssp = TRUE; |
573 | |||
574 | kfree(oid); | ||
560 | } | 575 | } |
561 | } else { | 576 | } else { |
562 | cFYI(1, ("Should be an oid what is going on?")); | 577 | cFYI(1, ("Should be an oid what is going on?")); |
@@ -609,12 +624,10 @@ decode_negTokenInit(unsigned char *security_blob, int length, | |||
609 | ctx.pointer)); /* is this UTF-8 or ASCII? */ | 624 | ctx.pointer)); /* is this UTF-8 or ASCII? */ |
610 | } | 625 | } |
611 | 626 | ||
612 | /* if (use_kerberos) | 627 | if (use_kerberos) |
613 | *secType = Kerberos | 628 | *secType = Kerberos; |
614 | else */ | 629 | else if (use_ntlmssp) |
615 | if (use_ntlmssp) { | ||
616 | *secType = NTLMSSP; | 630 | *secType = NTLMSSP; |
617 | } | ||
618 | 631 | ||
619 | return 1; | 632 | return 1; |
620 | } | 633 | } |