diff options
Diffstat (limited to 'fs/cifs/cifsencrypt.c')
-rw-r--r-- | fs/cifs/cifsencrypt.c | 53 |
1 files changed, 29 insertions, 24 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index ef95a272f73d..f856732161ab 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c | |||
@@ -328,15 +328,15 @@ build_avpair_blob(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
328 | * two times the unicode length of a server name + | 328 | * two times the unicode length of a server name + |
329 | * size of a timestamp (which is 8 bytes). | 329 | * size of a timestamp (which is 8 bytes). |
330 | */ | 330 | */ |
331 | ses->tilen = size + 2 * (2 * dlen) + 2 * (2 * wlen) + 8; | 331 | ses->auth_key.len = size + 2 * (2 * dlen) + 2 * (2 * wlen) + 8; |
332 | ses->tiblob = kzalloc(ses->tilen, GFP_KERNEL); | 332 | ses->auth_key.response = kzalloc(ses->auth_key.len, GFP_KERNEL); |
333 | if (!ses->tiblob) { | 333 | if (!ses->auth_key.response) { |
334 | ses->tilen = 0; | 334 | ses->auth_key.len = 0; |
335 | cERROR(1, "Challenge target info allocation failure"); | 335 | cERROR(1, "Challenge target info allocation failure"); |
336 | return -ENOMEM; | 336 | return -ENOMEM; |
337 | } | 337 | } |
338 | 338 | ||
339 | blobptr = ses->tiblob; | 339 | blobptr = ses->auth_key.response; |
340 | attrptr = (struct ntlmssp2_name *) blobptr; | 340 | attrptr = (struct ntlmssp2_name *) blobptr; |
341 | 341 | ||
342 | attrptr->type = cpu_to_le16(NTLMSSP_AV_NB_DOMAIN_NAME); | 342 | attrptr->type = cpu_to_le16(NTLMSSP_AV_NB_DOMAIN_NAME); |
@@ -400,11 +400,11 @@ find_domain_name(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
400 | unsigned char *blobend; | 400 | unsigned char *blobend; |
401 | struct ntlmssp2_name *attrptr; | 401 | struct ntlmssp2_name *attrptr; |
402 | 402 | ||
403 | if (!ses->tilen || !ses->tiblob) | 403 | if (!ses->auth_key.len || !ses->auth_key.response) |
404 | return 0; | 404 | return 0; |
405 | 405 | ||
406 | blobptr = ses->tiblob; | 406 | blobptr = ses->auth_key.response; |
407 | blobend = ses->tiblob + ses->tilen; | 407 | blobend = blobptr + ses->auth_key.len; |
408 | 408 | ||
409 | while (blobptr + onesize < blobend) { | 409 | while (blobptr + onesize < blobend) { |
410 | attrptr = (struct ntlmssp2_name *) blobptr; | 410 | attrptr = (struct ntlmssp2_name *) blobptr; |
@@ -436,7 +436,7 @@ find_domain_name(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
436 | return 0; | 436 | return 0; |
437 | } | 437 | } |
438 | 438 | ||
439 | static int calc_ntlmv2_hash(struct cifsSesInfo *ses, | 439 | static int calc_ntlmv2_hash(struct cifsSesInfo *ses, char *ntlmv2_hash, |
440 | const struct nls_table *nls_cp) | 440 | const struct nls_table *nls_cp) |
441 | { | 441 | { |
442 | int rc = 0; | 442 | int rc = 0; |
@@ -509,7 +509,7 @@ static int calc_ntlmv2_hash(struct cifsSesInfo *ses, | |||
509 | } | 509 | } |
510 | 510 | ||
511 | rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash, | 511 | rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash, |
512 | ses->ntlmv2_hash); | 512 | ntlmv2_hash); |
513 | 513 | ||
514 | calc_exit_1: | 514 | calc_exit_1: |
515 | kfree(user); | 515 | kfree(user); |
@@ -518,7 +518,7 @@ calc_exit_2: | |||
518 | } | 518 | } |
519 | 519 | ||
520 | static int | 520 | static int |
521 | CalcNTLMv2_response(const struct cifsSesInfo *ses) | 521 | CalcNTLMv2_response(const struct cifsSesInfo *ses, char *ntlmv2_hash) |
522 | { | 522 | { |
523 | int rc; | 523 | int rc; |
524 | unsigned int offset = CIFS_SESS_KEY_SIZE + 8; | 524 | unsigned int offset = CIFS_SESS_KEY_SIZE + 8; |
@@ -529,7 +529,7 @@ CalcNTLMv2_response(const struct cifsSesInfo *ses) | |||
529 | } | 529 | } |
530 | 530 | ||
531 | crypto_shash_setkey(ses->server->secmech.hmacmd5, | 531 | crypto_shash_setkey(ses->server->secmech.hmacmd5, |
532 | ses->ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); | 532 | ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); |
533 | 533 | ||
534 | rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash); | 534 | rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash); |
535 | if (rc) { | 535 | if (rc) { |
@@ -539,7 +539,7 @@ CalcNTLMv2_response(const struct cifsSesInfo *ses) | |||
539 | 539 | ||
540 | if (ses->server->secType == RawNTLMSSP) | 540 | if (ses->server->secType == RawNTLMSSP) |
541 | memcpy(ses->auth_key.response + offset, | 541 | memcpy(ses->auth_key.response + offset, |
542 | ses->cryptkey, CIFS_SERVER_CHALLENGE_SIZE); | 542 | ses->ntlmssp->cryptkey, CIFS_SERVER_CHALLENGE_SIZE); |
543 | else | 543 | else |
544 | memcpy(ses->auth_key.response + offset, | 544 | memcpy(ses->auth_key.response + offset, |
545 | ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE); | 545 | ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE); |
@@ -558,7 +558,10 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
558 | { | 558 | { |
559 | int rc; | 559 | int rc; |
560 | int baselen; | 560 | int baselen; |
561 | unsigned int tilen; | ||
561 | struct ntlmv2_resp *buf; | 562 | struct ntlmv2_resp *buf; |
563 | char ntlmv2_hash[16]; | ||
564 | unsigned char *tiblob = NULL; /* target info blob */ | ||
562 | 565 | ||
563 | if (ses->server->secType == RawNTLMSSP) { | 566 | if (ses->server->secType == RawNTLMSSP) { |
564 | if (!ses->domainName) { | 567 | if (!ses->domainName) { |
@@ -572,18 +575,22 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
572 | rc = build_avpair_blob(ses, nls_cp); | 575 | rc = build_avpair_blob(ses, nls_cp); |
573 | if (rc) { | 576 | if (rc) { |
574 | cERROR(1, "error %d building av pair blob", rc); | 577 | cERROR(1, "error %d building av pair blob", rc); |
575 | return rc; | 578 | goto setup_ntlmv2_rsp_ret; |
576 | } | 579 | } |
577 | } | 580 | } |
578 | 581 | ||
579 | baselen = CIFS_SESS_KEY_SIZE + sizeof(struct ntlmv2_resp); | 582 | baselen = CIFS_SESS_KEY_SIZE + sizeof(struct ntlmv2_resp); |
580 | ses->auth_key.len = baselen + ses->tilen; | 583 | tilen = ses->auth_key.len; |
581 | ses->auth_key.response = kmalloc(ses->auth_key.len, GFP_KERNEL); | 584 | tiblob = ses->auth_key.response; |
585 | |||
586 | ses->auth_key.response = kmalloc(baselen + tilen, GFP_KERNEL); | ||
582 | if (!ses->auth_key.response) { | 587 | if (!ses->auth_key.response) { |
583 | rc = ENOMEM; | 588 | rc = ENOMEM; |
589 | ses->auth_key.len = 0; | ||
584 | cERROR(1, "%s: Can't allocate auth blob", __func__); | 590 | cERROR(1, "%s: Can't allocate auth blob", __func__); |
585 | goto setup_ntlmv2_rsp_ret; | 591 | goto setup_ntlmv2_rsp_ret; |
586 | } | 592 | } |
593 | ses->auth_key.len += baselen; | ||
587 | 594 | ||
588 | buf = (struct ntlmv2_resp *) | 595 | buf = (struct ntlmv2_resp *) |
589 | (ses->auth_key.response + CIFS_SESS_KEY_SIZE); | 596 | (ses->auth_key.response + CIFS_SESS_KEY_SIZE); |
@@ -593,17 +600,17 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
593 | get_random_bytes(&buf->client_chal, sizeof(buf->client_chal)); | 600 | get_random_bytes(&buf->client_chal, sizeof(buf->client_chal)); |
594 | buf->reserved2 = 0; | 601 | buf->reserved2 = 0; |
595 | 602 | ||
596 | memcpy(ses->auth_key.response + baselen, ses->tiblob, ses->tilen); | 603 | memcpy(ses->auth_key.response + baselen, tiblob, tilen); |
597 | 604 | ||
598 | /* calculate ntlmv2_hash */ | 605 | /* calculate ntlmv2_hash */ |
599 | rc = calc_ntlmv2_hash(ses, nls_cp); | 606 | rc = calc_ntlmv2_hash(ses, ntlmv2_hash, nls_cp); |
600 | if (rc) { | 607 | if (rc) { |
601 | cERROR(1, "could not get v2 hash rc %d", rc); | 608 | cERROR(1, "could not get v2 hash rc %d", rc); |
602 | goto setup_ntlmv2_rsp_ret; | 609 | goto setup_ntlmv2_rsp_ret; |
603 | } | 610 | } |
604 | 611 | ||
605 | /* calculate first part of the client response (CR1) */ | 612 | /* calculate first part of the client response (CR1) */ |
606 | rc = CalcNTLMv2_response(ses); | 613 | rc = CalcNTLMv2_response(ses, ntlmv2_hash); |
607 | if (rc) { | 614 | if (rc) { |
608 | cERROR(1, "Could not calculate CR1 rc: %d", rc); | 615 | cERROR(1, "Could not calculate CR1 rc: %d", rc); |
609 | goto setup_ntlmv2_rsp_ret; | 616 | goto setup_ntlmv2_rsp_ret; |
@@ -611,7 +618,7 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
611 | 618 | ||
612 | /* now calculate the session key for NTLMv2 */ | 619 | /* now calculate the session key for NTLMv2 */ |
613 | crypto_shash_setkey(ses->server->secmech.hmacmd5, | 620 | crypto_shash_setkey(ses->server->secmech.hmacmd5, |
614 | ses->ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); | 621 | ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); |
615 | 622 | ||
616 | rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash); | 623 | rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash); |
617 | if (rc) { | 624 | if (rc) { |
@@ -627,9 +634,7 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp) | |||
627 | ses->auth_key.response); | 634 | ses->auth_key.response); |
628 | 635 | ||
629 | setup_ntlmv2_rsp_ret: | 636 | setup_ntlmv2_rsp_ret: |
630 | kfree(ses->tiblob); | 637 | kfree(tiblob); |
631 | ses->tiblob = NULL; | ||
632 | ses->tilen = 0; | ||
633 | 638 | ||
634 | return rc; | 639 | return rc; |
635 | } | 640 | } |
@@ -657,7 +662,7 @@ calc_seckey(struct cifsSesInfo *ses) | |||
657 | CIFS_SESS_KEY_SIZE); | 662 | CIFS_SESS_KEY_SIZE); |
658 | 663 | ||
659 | sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE); | 664 | sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE); |
660 | sg_init_one(&sgout, ses->ntlmssp.ciphertext, CIFS_CPHTXT_SIZE); | 665 | sg_init_one(&sgout, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE); |
661 | 666 | ||
662 | rc = crypto_blkcipher_encrypt(&desc, &sgout, &sgin, CIFS_CPHTXT_SIZE); | 667 | rc = crypto_blkcipher_encrypt(&desc, &sgout, &sgin, CIFS_CPHTXT_SIZE); |
663 | if (rc) { | 668 | if (rc) { |