aboutsummaryrefslogtreecommitdiffstats
path: root/fs/cifs/sess.c
diff options
context:
space:
mode:
Diffstat (limited to 'fs/cifs/sess.c')
-rw-r--r--fs/cifs/sess.c69
1 files changed, 37 insertions, 32 deletions
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index 6f83881ff30b..f230571a7ab3 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -283,11 +283,11 @@ decode_unicode_ssetup(char **pbcc_area, int bleft, struct cifs_ses *ses,
283 int len; 283 int len;
284 char *data = *pbcc_area; 284 char *data = *pbcc_area;
285 285
286 cFYI(1, "bleft %d", bleft); 286 cifs_dbg(FYI, "bleft %d\n", bleft);
287 287
288 kfree(ses->serverOS); 288 kfree(ses->serverOS);
289 ses->serverOS = cifs_strndup_from_utf16(data, bleft, true, nls_cp); 289 ses->serverOS = cifs_strndup_from_utf16(data, bleft, true, nls_cp);
290 cFYI(1, "serverOS=%s", ses->serverOS); 290 cifs_dbg(FYI, "serverOS=%s\n", ses->serverOS);
291 len = (UniStrnlen((wchar_t *) data, bleft / 2) * 2) + 2; 291 len = (UniStrnlen((wchar_t *) data, bleft / 2) * 2) + 2;
292 data += len; 292 data += len;
293 bleft -= len; 293 bleft -= len;
@@ -296,7 +296,7 @@ decode_unicode_ssetup(char **pbcc_area, int bleft, struct cifs_ses *ses,
296 296
297 kfree(ses->serverNOS); 297 kfree(ses->serverNOS);
298 ses->serverNOS = cifs_strndup_from_utf16(data, bleft, true, nls_cp); 298 ses->serverNOS = cifs_strndup_from_utf16(data, bleft, true, nls_cp);
299 cFYI(1, "serverNOS=%s", ses->serverNOS); 299 cifs_dbg(FYI, "serverNOS=%s\n", ses->serverNOS);
300 len = (UniStrnlen((wchar_t *) data, bleft / 2) * 2) + 2; 300 len = (UniStrnlen((wchar_t *) data, bleft / 2) * 2) + 2;
301 data += len; 301 data += len;
302 bleft -= len; 302 bleft -= len;
@@ -305,7 +305,7 @@ decode_unicode_ssetup(char **pbcc_area, int bleft, struct cifs_ses *ses,
305 305
306 kfree(ses->serverDomain); 306 kfree(ses->serverDomain);
307 ses->serverDomain = cifs_strndup_from_utf16(data, bleft, true, nls_cp); 307 ses->serverDomain = cifs_strndup_from_utf16(data, bleft, true, nls_cp);
308 cFYI(1, "serverDomain=%s", ses->serverDomain); 308 cifs_dbg(FYI, "serverDomain=%s\n", ses->serverDomain);
309 309
310 return; 310 return;
311} 311}
@@ -318,7 +318,7 @@ static int decode_ascii_ssetup(char **pbcc_area, __u16 bleft,
318 int len; 318 int len;
319 char *bcc_ptr = *pbcc_area; 319 char *bcc_ptr = *pbcc_area;
320 320
321 cFYI(1, "decode sessetup ascii. bleft %d", bleft); 321 cifs_dbg(FYI, "decode sessetup ascii. bleft %d\n", bleft);
322 322
323 len = strnlen(bcc_ptr, bleft); 323 len = strnlen(bcc_ptr, bleft);
324 if (len >= bleft) 324 if (len >= bleft)
@@ -330,7 +330,7 @@ static int decode_ascii_ssetup(char **pbcc_area, __u16 bleft,
330 if (ses->serverOS) 330 if (ses->serverOS)
331 strncpy(ses->serverOS, bcc_ptr, len); 331 strncpy(ses->serverOS, bcc_ptr, len);
332 if (strncmp(ses->serverOS, "OS/2", 4) == 0) { 332 if (strncmp(ses->serverOS, "OS/2", 4) == 0) {
333 cFYI(1, "OS/2 server"); 333 cifs_dbg(FYI, "OS/2 server\n");
334 ses->flags |= CIFS_SES_OS2; 334 ses->flags |= CIFS_SES_OS2;
335 } 335 }
336 336
@@ -359,7 +359,7 @@ static int decode_ascii_ssetup(char **pbcc_area, __u16 bleft,
359 /* BB For newer servers which do not support Unicode, 359 /* BB For newer servers which do not support Unicode,
360 but thus do return domain here we could add parsing 360 but thus do return domain here we could add parsing
361 for it later, but it is not very important */ 361 for it later, but it is not very important */
362 cFYI(1, "ascii: bytes left %d", bleft); 362 cifs_dbg(FYI, "ascii: bytes left %d\n", bleft);
363 363
364 return rc; 364 return rc;
365} 365}
@@ -373,16 +373,18 @@ int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len,
373 CHALLENGE_MESSAGE *pblob = (CHALLENGE_MESSAGE *)bcc_ptr; 373 CHALLENGE_MESSAGE *pblob = (CHALLENGE_MESSAGE *)bcc_ptr;
374 374
375 if (blob_len < sizeof(CHALLENGE_MESSAGE)) { 375 if (blob_len < sizeof(CHALLENGE_MESSAGE)) {
376 cERROR(1, "challenge blob len %d too small", blob_len); 376 cifs_dbg(VFS, "challenge blob len %d too small\n", blob_len);
377 return -EINVAL; 377 return -EINVAL;
378 } 378 }
379 379
380 if (memcmp(pblob->Signature, "NTLMSSP", 8)) { 380 if (memcmp(pblob->Signature, "NTLMSSP", 8)) {
381 cERROR(1, "blob signature incorrect %s", pblob->Signature); 381 cifs_dbg(VFS, "blob signature incorrect %s\n",
382 pblob->Signature);
382 return -EINVAL; 383 return -EINVAL;
383 } 384 }
384 if (pblob->MessageType != NtLmChallenge) { 385 if (pblob->MessageType != NtLmChallenge) {
385 cERROR(1, "Incorrect message type %d", pblob->MessageType); 386 cifs_dbg(VFS, "Incorrect message type %d\n",
387 pblob->MessageType);
386 return -EINVAL; 388 return -EINVAL;
387 } 389 }
388 390
@@ -395,14 +397,15 @@ int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len,
395 tioffset = le32_to_cpu(pblob->TargetInfoArray.BufferOffset); 397 tioffset = le32_to_cpu(pblob->TargetInfoArray.BufferOffset);
396 tilen = le16_to_cpu(pblob->TargetInfoArray.Length); 398 tilen = le16_to_cpu(pblob->TargetInfoArray.Length);
397 if (tioffset > blob_len || tioffset + tilen > blob_len) { 399 if (tioffset > blob_len || tioffset + tilen > blob_len) {
398 cERROR(1, "tioffset + tilen too high %u + %u", tioffset, tilen); 400 cifs_dbg(VFS, "tioffset + tilen too high %u + %u",
401 tioffset, tilen);
399 return -EINVAL; 402 return -EINVAL;
400 } 403 }
401 if (tilen) { 404 if (tilen) {
402 ses->auth_key.response = kmemdup(bcc_ptr + tioffset, tilen, 405 ses->auth_key.response = kmemdup(bcc_ptr + tioffset, tilen,
403 GFP_KERNEL); 406 GFP_KERNEL);
404 if (!ses->auth_key.response) { 407 if (!ses->auth_key.response) {
405 cERROR(1, "Challenge target info allocation failure"); 408 cifs_dbg(VFS, "Challenge target info alloc failure");
406 return -ENOMEM; 409 return -ENOMEM;
407 } 410 }
408 ses->auth_key.len = tilen; 411 ses->auth_key.len = tilen;
@@ -486,7 +489,7 @@ int build_ntlmssp_auth_blob(unsigned char *pbuffer,
486 sec_blob->NtChallengeResponse.BufferOffset = cpu_to_le32(tmp - pbuffer); 489 sec_blob->NtChallengeResponse.BufferOffset = cpu_to_le32(tmp - pbuffer);
487 rc = setup_ntlmv2_rsp(ses, nls_cp); 490 rc = setup_ntlmv2_rsp(ses, nls_cp);
488 if (rc) { 491 if (rc) {
489 cERROR(1, "Error %d during NTLMSSP authentication", rc); 492 cifs_dbg(VFS, "Error %d during NTLMSSP authentication\n", rc);
490 goto setup_ntlmv2_ret; 493 goto setup_ntlmv2_ret;
491 } 494 }
492 memcpy(tmp, ses->auth_key.response + CIFS_SESS_KEY_SIZE, 495 memcpy(tmp, ses->auth_key.response + CIFS_SESS_KEY_SIZE,
@@ -580,7 +583,7 @@ CIFS_SessSetup(const unsigned int xid, struct cifs_ses *ses,
580 return -EINVAL; 583 return -EINVAL;
581 584
582 type = ses->server->secType; 585 type = ses->server->secType;
583 cFYI(1, "sess setup type %d", type); 586 cifs_dbg(FYI, "sess setup type %d\n", type);
584 if (type == RawNTLMSSP) { 587 if (type == RawNTLMSSP) {
585 /* if memory allocation is successful, caller of this function 588 /* if memory allocation is successful, caller of this function
586 * frees it. 589 * frees it.
@@ -674,7 +677,7 @@ ssetup_ntlmssp_authenticate:
674 changed to do higher than lanman dialect and 677 changed to do higher than lanman dialect and
675 we reconnected would we ever calc signing_key? */ 678 we reconnected would we ever calc signing_key? */
676 679
677 cFYI(1, "Negotiating LANMAN setting up strings"); 680 cifs_dbg(FYI, "Negotiating LANMAN setting up strings\n");
678 /* Unicode not allowed for LANMAN dialects */ 681 /* Unicode not allowed for LANMAN dialects */
679 ascii_ssetup_strings(&bcc_ptr, ses, nls_cp); 682 ascii_ssetup_strings(&bcc_ptr, ses, nls_cp);
680#endif 683#endif
@@ -688,7 +691,8 @@ ssetup_ntlmssp_authenticate:
688 /* calculate ntlm response and session key */ 691 /* calculate ntlm response and session key */
689 rc = setup_ntlm_response(ses, nls_cp); 692 rc = setup_ntlm_response(ses, nls_cp);
690 if (rc) { 693 if (rc) {
691 cERROR(1, "Error %d during NTLM authentication", rc); 694 cifs_dbg(VFS, "Error %d during NTLM authentication\n",
695 rc);
692 goto ssetup_exit; 696 goto ssetup_exit;
693 } 697 }
694 698
@@ -718,7 +722,8 @@ ssetup_ntlmssp_authenticate:
718 /* calculate nlmv2 response and session key */ 722 /* calculate nlmv2 response and session key */
719 rc = setup_ntlmv2_rsp(ses, nls_cp); 723 rc = setup_ntlmv2_rsp(ses, nls_cp);
720 if (rc) { 724 if (rc) {
721 cERROR(1, "Error %d during NTLMv2 authentication", rc); 725 cifs_dbg(VFS, "Error %d during NTLMv2 authentication\n",
726 rc);
722 goto ssetup_exit; 727 goto ssetup_exit;
723 } 728 }
724 memcpy(bcc_ptr, ses->auth_key.response + CIFS_SESS_KEY_SIZE, 729 memcpy(bcc_ptr, ses->auth_key.response + CIFS_SESS_KEY_SIZE,
@@ -754,8 +759,8 @@ ssetup_ntlmssp_authenticate:
754 /* check version field to make sure that cifs.upcall is 759 /* check version field to make sure that cifs.upcall is
755 sending us a response in an expected form */ 760 sending us a response in an expected form */
756 if (msg->version != CIFS_SPNEGO_UPCALL_VERSION) { 761 if (msg->version != CIFS_SPNEGO_UPCALL_VERSION) {
757 cERROR(1, "incorrect version of cifs.upcall (expected" 762 cifs_dbg(VFS, "incorrect version of cifs.upcall "
758 " %d but got %d)", 763 "expected %d but got %d)",
759 CIFS_SPNEGO_UPCALL_VERSION, msg->version); 764 CIFS_SPNEGO_UPCALL_VERSION, msg->version);
760 rc = -EKEYREJECTED; 765 rc = -EKEYREJECTED;
761 goto ssetup_exit; 766 goto ssetup_exit;
@@ -764,7 +769,7 @@ ssetup_ntlmssp_authenticate:
764 ses->auth_key.response = kmemdup(msg->data, msg->sesskey_len, 769 ses->auth_key.response = kmemdup(msg->data, msg->sesskey_len,
765 GFP_KERNEL); 770 GFP_KERNEL);
766 if (!ses->auth_key.response) { 771 if (!ses->auth_key.response) {
767 cERROR(1, "Kerberos can't allocate (%u bytes) memory", 772 cifs_dbg(VFS, "Kerberos can't allocate (%u bytes) memory",
768 msg->sesskey_len); 773 msg->sesskey_len);
769 rc = -ENOMEM; 774 rc = -ENOMEM;
770 goto ssetup_exit; 775 goto ssetup_exit;
@@ -790,18 +795,18 @@ ssetup_ntlmssp_authenticate:
790 /* BB: is this right? */ 795 /* BB: is this right? */
791 ascii_ssetup_strings(&bcc_ptr, ses, nls_cp); 796 ascii_ssetup_strings(&bcc_ptr, ses, nls_cp);
792#else /* ! CONFIG_CIFS_UPCALL */ 797#else /* ! CONFIG_CIFS_UPCALL */
793 cERROR(1, "Kerberos negotiated but upcall support disabled!"); 798 cifs_dbg(VFS, "Kerberos negotiated but upcall support disabled!\n");
794 rc = -ENOSYS; 799 rc = -ENOSYS;
795 goto ssetup_exit; 800 goto ssetup_exit;
796#endif /* CONFIG_CIFS_UPCALL */ 801#endif /* CONFIG_CIFS_UPCALL */
797 } else if (type == RawNTLMSSP) { 802 } else if (type == RawNTLMSSP) {
798 if ((pSMB->req.hdr.Flags2 & SMBFLG2_UNICODE) == 0) { 803 if ((pSMB->req.hdr.Flags2 & SMBFLG2_UNICODE) == 0) {
799 cERROR(1, "NTLMSSP requires Unicode support"); 804 cifs_dbg(VFS, "NTLMSSP requires Unicode support\n");
800 rc = -ENOSYS; 805 rc = -ENOSYS;
801 goto ssetup_exit; 806 goto ssetup_exit;
802 } 807 }
803 808
804 cFYI(1, "ntlmssp session setup phase %d", phase); 809 cifs_dbg(FYI, "ntlmssp session setup phase %d\n", phase);
805 pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC; 810 pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
806 capabilities |= CAP_EXTENDED_SECURITY; 811 capabilities |= CAP_EXTENDED_SECURITY;
807 pSMB->req.Capabilities |= cpu_to_le32(capabilities); 812 pSMB->req.Capabilities |= cpu_to_le32(capabilities);
@@ -824,7 +829,6 @@ ssetup_ntlmssp_authenticate:
824 5*sizeof(struct _AUTHENTICATE_MESSAGE), 829 5*sizeof(struct _AUTHENTICATE_MESSAGE),
825 GFP_KERNEL); 830 GFP_KERNEL);
826 if (!ntlmsspblob) { 831 if (!ntlmsspblob) {
827 cERROR(1, "Can't allocate NTLMSSP blob");
828 rc = -ENOMEM; 832 rc = -ENOMEM;
829 goto ssetup_exit; 833 goto ssetup_exit;
830 } 834 }
@@ -844,7 +848,7 @@ ssetup_ntlmssp_authenticate:
844 smb_buf->Uid = ses->Suid; 848 smb_buf->Uid = ses->Suid;
845 break; 849 break;
846 default: 850 default:
847 cERROR(1, "invalid phase %d", phase); 851 cifs_dbg(VFS, "invalid phase %d\n", phase);
848 rc = -ENOSYS; 852 rc = -ENOSYS;
849 goto ssetup_exit; 853 goto ssetup_exit;
850 } 854 }
@@ -855,7 +859,7 @@ ssetup_ntlmssp_authenticate:
855 } 859 }
856 unicode_oslm_strings(&bcc_ptr, nls_cp); 860 unicode_oslm_strings(&bcc_ptr, nls_cp);
857 } else { 861 } else {
858 cERROR(1, "secType %d not supported!", type); 862 cifs_dbg(VFS, "secType %d not supported!\n", type);
859 rc = -ENOSYS; 863 rc = -ENOSYS;
860 goto ssetup_exit; 864 goto ssetup_exit;
861 } 865 }
@@ -880,7 +884,7 @@ ssetup_ntlmssp_authenticate:
880 (smb_buf->Status.CifsError == 884 (smb_buf->Status.CifsError ==
881 cpu_to_le32(NT_STATUS_MORE_PROCESSING_REQUIRED))) { 885 cpu_to_le32(NT_STATUS_MORE_PROCESSING_REQUIRED))) {
882 if (phase != NtLmNegotiate) { 886 if (phase != NtLmNegotiate) {
883 cERROR(1, "Unexpected more processing error"); 887 cifs_dbg(VFS, "Unexpected more processing error\n");
884 goto ssetup_exit; 888 goto ssetup_exit;
885 } 889 }
886 /* NTLMSSP Negotiate sent now processing challenge (response) */ 890 /* NTLMSSP Negotiate sent now processing challenge (response) */
@@ -892,14 +896,14 @@ ssetup_ntlmssp_authenticate:
892 896
893 if ((smb_buf->WordCount != 3) && (smb_buf->WordCount != 4)) { 897 if ((smb_buf->WordCount != 3) && (smb_buf->WordCount != 4)) {
894 rc = -EIO; 898 rc = -EIO;
895 cERROR(1, "bad word count %d", smb_buf->WordCount); 899 cifs_dbg(VFS, "bad word count %d\n", smb_buf->WordCount);
896 goto ssetup_exit; 900 goto ssetup_exit;
897 } 901 }
898 action = le16_to_cpu(pSMB->resp.Action); 902 action = le16_to_cpu(pSMB->resp.Action);
899 if (action & GUEST_LOGIN) 903 if (action & GUEST_LOGIN)
900 cFYI(1, "Guest login"); /* BB mark SesInfo struct? */ 904 cifs_dbg(FYI, "Guest login\n"); /* BB mark SesInfo struct? */
901 ses->Suid = smb_buf->Uid; /* UID left in wire format (le) */ 905 ses->Suid = smb_buf->Uid; /* UID left in wire format (le) */
902 cFYI(1, "UID = %llu ", ses->Suid); 906 cifs_dbg(FYI, "UID = %llu\n", ses->Suid);
903 /* response can have either 3 or 4 word count - Samba sends 3 */ 907 /* response can have either 3 or 4 word count - Samba sends 3 */
904 /* and lanman response is 3 */ 908 /* and lanman response is 3 */
905 bytes_remaining = get_bcc(smb_buf); 909 bytes_remaining = get_bcc(smb_buf);
@@ -908,7 +912,8 @@ ssetup_ntlmssp_authenticate:
908 if (smb_buf->WordCount == 4) { 912 if (smb_buf->WordCount == 4) {
909 blob_len = le16_to_cpu(pSMB->resp.SecurityBlobLength); 913 blob_len = le16_to_cpu(pSMB->resp.SecurityBlobLength);
910 if (blob_len > bytes_remaining) { 914 if (blob_len > bytes_remaining) {
911 cERROR(1, "bad security blob length %d", blob_len); 915 cifs_dbg(VFS, "bad security blob length %d\n",
916 blob_len);
912 rc = -EINVAL; 917 rc = -EINVAL;
913 goto ssetup_exit; 918 goto ssetup_exit;
914 } 919 }
@@ -946,7 +951,7 @@ ssetup_exit:
946 kfree(ntlmsspblob); 951 kfree(ntlmsspblob);
947 ntlmsspblob = NULL; 952 ntlmsspblob = NULL;
948 if (resp_buf_type == CIFS_SMALL_BUFFER) { 953 if (resp_buf_type == CIFS_SMALL_BUFFER) {
949 cFYI(1, "ssetup freeing small buf %p", iov[0].iov_base); 954 cifs_dbg(FYI, "ssetup freeing small buf %p\n", iov[0].iov_base);
950 cifs_small_buf_release(iov[0].iov_base); 955 cifs_small_buf_release(iov[0].iov_base);
951 } else if (resp_buf_type == CIFS_LARGE_BUFFER) 956 } else if (resp_buf_type == CIFS_LARGE_BUFFER)
952 cifs_buf_release(iov[0].iov_base); 957 cifs_buf_release(iov[0].iov_base);
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-22 14:55:50 -0500