diff options
Diffstat (limited to 'fs/cifs/connect.c')
-rw-r--r-- | fs/cifs/connect.c | 150 |
1 files changed, 72 insertions, 78 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 34a1fc9dabf5..ff4345db7201 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
@@ -3620,97 +3620,91 @@ int cifs_setup_session(unsigned int xid, struct cifsSesInfo *pSesInfo, | |||
3620 | } | 3620 | } |
3621 | first_time = 1; | 3621 | first_time = 1; |
3622 | } | 3622 | } |
3623 | if (!rc) { | 3623 | |
3624 | pSesInfo->flags = 0; | 3624 | if (rc) |
3625 | pSesInfo->capabilities = pSesInfo->server->capabilities; | 3625 | goto ss_err_exit; |
3626 | if (linuxExtEnabled == 0) | 3626 | |
3627 | pSesInfo->capabilities &= (~CAP_UNIX); | 3627 | pSesInfo->flags = 0; |
3628 | pSesInfo->capabilities = pSesInfo->server->capabilities; | ||
3629 | if (linuxExtEnabled == 0) | ||
3630 | pSesInfo->capabilities &= (~CAP_UNIX); | ||
3628 | /* pSesInfo->sequence_number = 0;*/ | 3631 | /* pSesInfo->sequence_number = 0;*/ |
3629 | cFYI(1, | 3632 | cFYI(1, ("Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d", |
3630 | ("Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d", | 3633 | pSesInfo->server->secMode, |
3631 | pSesInfo->server->secMode, | 3634 | pSesInfo->server->capabilities, |
3632 | pSesInfo->server->capabilities, | 3635 | pSesInfo->server->timeAdj)); |
3633 | pSesInfo->server->timeAdj)); | 3636 | if (experimEnabled < 2) |
3634 | if (experimEnabled < 2) | 3637 | rc = CIFS_SessSetup(xid, pSesInfo, first_time, nls_info); |
3635 | rc = CIFS_SessSetup(xid, pSesInfo, | 3638 | else if (extended_security |
3636 | first_time, nls_info); | 3639 | && (pSesInfo->capabilities & CAP_EXTENDED_SECURITY) |
3637 | else if (extended_security | 3640 | && (pSesInfo->server->secType == NTLMSSP)) { |
3638 | && (pSesInfo->capabilities | 3641 | rc = -EOPNOTSUPP; |
3639 | & CAP_EXTENDED_SECURITY) | 3642 | } else if (extended_security |
3640 | && (pSesInfo->server->secType == NTLMSSP)) { | 3643 | && (pSesInfo->capabilities & CAP_EXTENDED_SECURITY) |
3641 | rc = -EOPNOTSUPP; | 3644 | && (pSesInfo->server->secType == RawNTLMSSP)) { |
3642 | } else if (extended_security | 3645 | cFYI(1, ("NTLMSSP sesssetup")); |
3643 | && (pSesInfo->capabilities & CAP_EXTENDED_SECURITY) | 3646 | rc = CIFSNTLMSSPNegotiateSessSetup(xid, pSesInfo, &ntlmv2_flag, |
3644 | && (pSesInfo->server->secType == RawNTLMSSP)) { | 3647 | nls_info); |
3645 | cFYI(1, ("NTLMSSP sesssetup")); | 3648 | if (!rc) { |
3646 | rc = CIFSNTLMSSPNegotiateSessSetup(xid, | 3649 | if (ntlmv2_flag) { |
3647 | pSesInfo, | 3650 | char *v2_response; |
3648 | &ntlmv2_flag, | 3651 | cFYI(1, ("more secure NTLM ver2 hash")); |
3649 | nls_info); | 3652 | if (CalcNTLMv2_partial_mac_key(pSesInfo, |
3650 | if (!rc) { | 3653 | nls_info)) { |
3651 | if (ntlmv2_flag) { | 3654 | rc = -ENOMEM; |
3652 | char *v2_response; | 3655 | goto ss_err_exit; |
3653 | cFYI(1, ("more secure NTLM ver2 hash")); | 3656 | } else |
3654 | if (CalcNTLMv2_partial_mac_key(pSesInfo, | 3657 | v2_response = kmalloc(16 + 64 /* blob*/, |
3655 | nls_info)) { | 3658 | GFP_KERNEL); |
3656 | rc = -ENOMEM; | 3659 | if (v2_response) { |
3657 | goto ss_err_exit; | 3660 | CalcNTLMv2_response(pSesInfo, |
3658 | } else | 3661 | v2_response); |
3659 | v2_response = kmalloc(16 + 64 /* blob */, GFP_KERNEL); | 3662 | /* if (first_time) |
3660 | if (v2_response) { | 3663 | cifs_calculate_ntlmv2_mac_key */ |
3661 | CalcNTLMv2_response(pSesInfo, | 3664 | kfree(v2_response); |
3662 | v2_response); | ||
3663 | /* if (first_time) | ||
3664 | cifs_calculate_ntlmv2_mac_key( | ||
3665 | pSesInfo->server->mac_signing_key, | ||
3666 | response, ntlm_session_key,*/ | ||
3667 | kfree(v2_response); | ||
3668 | /* BB Put dummy sig in SessSetup PDU? */ | 3665 | /* BB Put dummy sig in SessSetup PDU? */ |
3669 | } else { | ||
3670 | rc = -ENOMEM; | ||
3671 | goto ss_err_exit; | ||
3672 | } | ||
3673 | |||
3674 | } else { | 3666 | } else { |
3675 | SMBNTencrypt(pSesInfo->password, | 3667 | rc = -ENOMEM; |
3676 | pSesInfo->server->cryptKey, | 3668 | goto ss_err_exit; |
3677 | ntlm_session_key); | ||
3678 | |||
3679 | if (first_time) | ||
3680 | cifs_calculate_mac_key( | ||
3681 | &pSesInfo->server->mac_signing_key, | ||
3682 | ntlm_session_key, | ||
3683 | pSesInfo->password); | ||
3684 | } | 3669 | } |
3670 | |||
3671 | } else { | ||
3672 | SMBNTencrypt(pSesInfo->password, | ||
3673 | pSesInfo->server->cryptKey, | ||
3674 | ntlm_session_key); | ||
3675 | |||
3676 | if (first_time) | ||
3677 | cifs_calculate_mac_key( | ||
3678 | &pSesInfo->server->mac_signing_key, | ||
3679 | ntlm_session_key, | ||
3680 | pSesInfo->password); | ||
3681 | } | ||
3685 | /* for better security the weaker lanman hash not sent | 3682 | /* for better security the weaker lanman hash not sent |
3686 | in AuthSessSetup so we no longer calculate it */ | 3683 | in AuthSessSetup so we no longer calculate it */ |
3687 | 3684 | ||
3688 | rc = CIFSNTLMSSPAuthSessSetup(xid, | 3685 | rc = CIFSNTLMSSPAuthSessSetup(xid, pSesInfo, |
3689 | pSesInfo, | 3686 | ntlm_session_key, |
3690 | ntlm_session_key, | 3687 | ntlmv2_flag, |
3691 | ntlmv2_flag, | 3688 | nls_info); |
3692 | nls_info); | 3689 | } |
3693 | } | 3690 | } else { /* old style NTLM 0.12 session setup */ |
3694 | } else { /* old style NTLM 0.12 session setup */ | 3691 | SMBNTencrypt(pSesInfo->password, pSesInfo->server->cryptKey, |
3695 | SMBNTencrypt(pSesInfo->password, | 3692 | ntlm_session_key); |
3696 | pSesInfo->server->cryptKey, | ||
3697 | ntlm_session_key); | ||
3698 | 3693 | ||
3699 | if (first_time) | 3694 | if (first_time) |
3700 | cifs_calculate_mac_key( | 3695 | cifs_calculate_mac_key( |
3701 | &pSesInfo->server->mac_signing_key, | 3696 | &pSesInfo->server->mac_signing_key, |
3702 | ntlm_session_key, pSesInfo->password); | 3697 | ntlm_session_key, pSesInfo->password); |
3703 | 3698 | ||
3704 | rc = CIFSSessSetup(xid, pSesInfo, | 3699 | rc = CIFSSessSetup(xid, pSesInfo, ntlm_session_key, nls_info); |
3705 | ntlm_session_key, nls_info); | 3700 | } |
3706 | } | 3701 | if (rc) { |
3707 | if (rc) { | 3702 | cERROR(1, ("Send error in SessSetup = %d", rc)); |
3708 | cERROR(1, ("Send error in SessSetup = %d", rc)); | 3703 | } else { |
3709 | } else { | 3704 | cFYI(1, ("CIFS Session Established successfully")); |
3710 | cFYI(1, ("CIFS Session Established successfully")); | ||
3711 | pSesInfo->status = CifsGood; | 3705 | pSesInfo->status = CifsGood; |
3712 | } | ||
3713 | } | 3706 | } |
3707 | |||
3714 | ss_err_exit: | 3708 | ss_err_exit: |
3715 | return rc; | 3709 | return rc; |
3716 | } | 3710 | } |