aboutsummaryrefslogtreecommitdiffstats
path: root/fs/cifs/connect.c
diff options
context:
space:
mode:
Diffstat (limited to 'fs/cifs/connect.c')
-rw-r--r--fs/cifs/connect.c150
1 files changed, 72 insertions, 78 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 34a1fc9dabf5..ff4345db7201 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -3620,97 +3620,91 @@ int cifs_setup_session(unsigned int xid, struct cifsSesInfo *pSesInfo,
3620 } 3620 }
3621 first_time = 1; 3621 first_time = 1;
3622 } 3622 }
3623 if (!rc) { 3623
3624 pSesInfo->flags = 0; 3624 if (rc)
3625 pSesInfo->capabilities = pSesInfo->server->capabilities; 3625 goto ss_err_exit;
3626 if (linuxExtEnabled == 0) 3626
3627 pSesInfo->capabilities &= (~CAP_UNIX); 3627 pSesInfo->flags = 0;
3628 pSesInfo->capabilities = pSesInfo->server->capabilities;
3629 if (linuxExtEnabled == 0)
3630 pSesInfo->capabilities &= (~CAP_UNIX);
3628 /* pSesInfo->sequence_number = 0;*/ 3631 /* pSesInfo->sequence_number = 0;*/
3629 cFYI(1, 3632 cFYI(1, ("Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
3630 ("Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d", 3633 pSesInfo->server->secMode,
3631 pSesInfo->server->secMode, 3634 pSesInfo->server->capabilities,
3632 pSesInfo->server->capabilities, 3635 pSesInfo->server->timeAdj));
3633 pSesInfo->server->timeAdj)); 3636 if (experimEnabled < 2)
3634 if (experimEnabled < 2) 3637 rc = CIFS_SessSetup(xid, pSesInfo, first_time, nls_info);
3635 rc = CIFS_SessSetup(xid, pSesInfo, 3638 else if (extended_security
3636 first_time, nls_info); 3639 && (pSesInfo->capabilities & CAP_EXTENDED_SECURITY)
3637 else if (extended_security 3640 && (pSesInfo->server->secType == NTLMSSP)) {
3638 && (pSesInfo->capabilities 3641 rc = -EOPNOTSUPP;
3639 & CAP_EXTENDED_SECURITY) 3642 } else if (extended_security
3640 && (pSesInfo->server->secType == NTLMSSP)) { 3643 && (pSesInfo->capabilities & CAP_EXTENDED_SECURITY)
3641 rc = -EOPNOTSUPP; 3644 && (pSesInfo->server->secType == RawNTLMSSP)) {
3642 } else if (extended_security 3645 cFYI(1, ("NTLMSSP sesssetup"));
3643 && (pSesInfo->capabilities & CAP_EXTENDED_SECURITY) 3646 rc = CIFSNTLMSSPNegotiateSessSetup(xid, pSesInfo, &ntlmv2_flag,
3644 && (pSesInfo->server->secType == RawNTLMSSP)) { 3647 nls_info);
3645 cFYI(1, ("NTLMSSP sesssetup")); 3648 if (!rc) {
3646 rc = CIFSNTLMSSPNegotiateSessSetup(xid, 3649 if (ntlmv2_flag) {
3647 pSesInfo, 3650 char *v2_response;
3648 &ntlmv2_flag, 3651 cFYI(1, ("more secure NTLM ver2 hash"));
3649 nls_info); 3652 if (CalcNTLMv2_partial_mac_key(pSesInfo,
3650 if (!rc) { 3653 nls_info)) {
3651 if (ntlmv2_flag) { 3654 rc = -ENOMEM;
3652 char *v2_response; 3655 goto ss_err_exit;
3653 cFYI(1, ("more secure NTLM ver2 hash")); 3656 } else
3654 if (CalcNTLMv2_partial_mac_key(pSesInfo, 3657 v2_response = kmalloc(16 + 64 /* blob*/,
3655 nls_info)) { 3658 GFP_KERNEL);
3656 rc = -ENOMEM; 3659 if (v2_response) {
3657 goto ss_err_exit; 3660 CalcNTLMv2_response(pSesInfo,
3658 } else 3661 v2_response);
3659 v2_response = kmalloc(16 + 64 /* blob */, GFP_KERNEL); 3662 /* if (first_time)
3660 if (v2_response) { 3663 cifs_calculate_ntlmv2_mac_key */
3661 CalcNTLMv2_response(pSesInfo, 3664 kfree(v2_response);
3662 v2_response);
3663 /* if (first_time)
3664 cifs_calculate_ntlmv2_mac_key(
3665 pSesInfo->server->mac_signing_key,
3666 response, ntlm_session_key,*/
3667 kfree(v2_response);
3668 /* BB Put dummy sig in SessSetup PDU? */ 3665 /* BB Put dummy sig in SessSetup PDU? */
3669 } else {
3670 rc = -ENOMEM;
3671 goto ss_err_exit;
3672 }
3673
3674 } else { 3666 } else {
3675 SMBNTencrypt(pSesInfo->password, 3667 rc = -ENOMEM;
3676 pSesInfo->server->cryptKey, 3668 goto ss_err_exit;
3677 ntlm_session_key);
3678
3679 if (first_time)
3680 cifs_calculate_mac_key(
3681 &pSesInfo->server->mac_signing_key,
3682 ntlm_session_key,
3683 pSesInfo->password);
3684 } 3669 }
3670
3671 } else {
3672 SMBNTencrypt(pSesInfo->password,
3673 pSesInfo->server->cryptKey,
3674 ntlm_session_key);
3675
3676 if (first_time)
3677 cifs_calculate_mac_key(
3678 &pSesInfo->server->mac_signing_key,
3679 ntlm_session_key,
3680 pSesInfo->password);
3681 }
3685 /* for better security the weaker lanman hash not sent 3682 /* for better security the weaker lanman hash not sent
3686 in AuthSessSetup so we no longer calculate it */ 3683 in AuthSessSetup so we no longer calculate it */
3687 3684
3688 rc = CIFSNTLMSSPAuthSessSetup(xid, 3685 rc = CIFSNTLMSSPAuthSessSetup(xid, pSesInfo,
3689 pSesInfo, 3686 ntlm_session_key,
3690 ntlm_session_key, 3687 ntlmv2_flag,
3691 ntlmv2_flag, 3688 nls_info);
3692 nls_info); 3689 }
3693 } 3690 } else { /* old style NTLM 0.12 session setup */
3694 } else { /* old style NTLM 0.12 session setup */ 3691 SMBNTencrypt(pSesInfo->password, pSesInfo->server->cryptKey,
3695 SMBNTencrypt(pSesInfo->password, 3692 ntlm_session_key);
3696 pSesInfo->server->cryptKey,
3697 ntlm_session_key);
3698 3693
3699 if (first_time) 3694 if (first_time)
3700 cifs_calculate_mac_key( 3695 cifs_calculate_mac_key(
3701 &pSesInfo->server->mac_signing_key, 3696 &pSesInfo->server->mac_signing_key,
3702 ntlm_session_key, pSesInfo->password); 3697 ntlm_session_key, pSesInfo->password);
3703 3698
3704 rc = CIFSSessSetup(xid, pSesInfo, 3699 rc = CIFSSessSetup(xid, pSesInfo, ntlm_session_key, nls_info);
3705 ntlm_session_key, nls_info); 3700 }
3706 } 3701 if (rc) {
3707 if (rc) { 3702 cERROR(1, ("Send error in SessSetup = %d", rc));
3708 cERROR(1, ("Send error in SessSetup = %d", rc)); 3703 } else {
3709 } else { 3704 cFYI(1, ("CIFS Session Established successfully"));
3710 cFYI(1, ("CIFS Session Established successfully"));
3711 pSesInfo->status = CifsGood; 3705 pSesInfo->status = CifsGood;
3712 }
3713 } 3706 }
3707
3714ss_err_exit: 3708ss_err_exit:
3715 return rc; 3709 return rc;
3716} 3710}