diff options
Diffstat (limited to 'fs/cifs')
-rw-r--r-- | fs/cifs/asn1.c | 259 | ||||
-rw-r--r-- | fs/cifs/cifsfs.h | 2 |
2 files changed, 125 insertions, 136 deletions
diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c index 669d0640b6d6..5fabd2caf93c 100644 --- a/fs/cifs/asn1.c +++ b/fs/cifs/asn1.c | |||
@@ -483,6 +483,7 @@ decode_negTokenInit(unsigned char *security_blob, int length, | |||
483 | 483 | ||
484 | asn1_open(&ctx, security_blob, length); | 484 | asn1_open(&ctx, security_blob, length); |
485 | 485 | ||
486 | /* GSSAPI header */ | ||
486 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { | 487 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { |
487 | cFYI(1, ("Error decoding negTokenInit header")); | 488 | cFYI(1, ("Error decoding negTokenInit header")); |
488 | return 0; | 489 | return 0; |
@@ -490,154 +491,142 @@ decode_negTokenInit(unsigned char *security_blob, int length, | |||
490 | || (tag != ASN1_EOC)) { | 491 | || (tag != ASN1_EOC)) { |
491 | cFYI(1, ("cls = %d con = %d tag = %d", cls, con, tag)); | 492 | cFYI(1, ("cls = %d con = %d tag = %d", cls, con, tag)); |
492 | return 0; | 493 | return 0; |
493 | } else { | 494 | } |
494 | /* remember to free obj->oid */ | ||
495 | rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag); | ||
496 | if (rc) { | ||
497 | if ((tag == ASN1_OJI) && (con == ASN1_PRI) && | ||
498 | (cls == ASN1_UNI)) { | ||
499 | rc = asn1_oid_decode(&ctx, end, &oid, &oidlen); | ||
500 | if (rc) { | ||
501 | rc = compare_oid(oid, oidlen, | ||
502 | SPNEGO_OID, | ||
503 | SPNEGO_OID_LEN); | ||
504 | kfree(oid); | ||
505 | } | ||
506 | } else | ||
507 | rc = 0; | ||
508 | } | ||
509 | 495 | ||
510 | if (!rc) { | 496 | /* Check for SPNEGO OID -- remember to free obj->oid */ |
511 | cFYI(1, ("Error decoding negTokenInit header")); | 497 | rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag); |
512 | return 0; | 498 | if (rc) { |
513 | } | 499 | if ((tag == ASN1_OJI) && (con == ASN1_PRI) && |
500 | (cls == ASN1_UNI)) { | ||
501 | rc = asn1_oid_decode(&ctx, end, &oid, &oidlen); | ||
502 | if (rc) { | ||
503 | rc = compare_oid(oid, oidlen, SPNEGO_OID, | ||
504 | SPNEGO_OID_LEN); | ||
505 | kfree(oid); | ||
506 | } | ||
507 | } else | ||
508 | rc = 0; | ||
509 | } | ||
514 | 510 | ||
515 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { | 511 | /* SPNEGO OID not present or garbled -- bail out */ |
516 | cFYI(1, ("Error decoding negTokenInit")); | 512 | if (!rc) { |
517 | return 0; | 513 | cFYI(1, ("Error decoding negTokenInit header")); |
518 | } else if ((cls != ASN1_CTX) || (con != ASN1_CON) | 514 | return 0; |
519 | || (tag != ASN1_EOC)) { | 515 | } |
520 | cFYI(1, | ||
521 | ("cls = %d con = %d tag = %d end = %p (%d) exit 0", | ||
522 | cls, con, tag, end, *end)); | ||
523 | return 0; | ||
524 | } | ||
525 | 516 | ||
526 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { | 517 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { |
527 | cFYI(1, ("Error decoding negTokenInit")); | 518 | cFYI(1, ("Error decoding negTokenInit")); |
528 | return 0; | 519 | return 0; |
529 | } else if ((cls != ASN1_UNI) || (con != ASN1_CON) | 520 | } else if ((cls != ASN1_CTX) || (con != ASN1_CON) |
530 | || (tag != ASN1_SEQ)) { | 521 | || (tag != ASN1_EOC)) { |
531 | cFYI(1, | 522 | cFYI(1, |
532 | ("cls = %d con = %d tag = %d end = %p (%d) exit 1", | 523 | ("cls = %d con = %d tag = %d end = %p (%d) exit 0", |
533 | cls, con, tag, end, *end)); | 524 | cls, con, tag, end, *end)); |
534 | return 0; | 525 | return 0; |
535 | } | 526 | } |
536 | 527 | ||
537 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { | 528 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { |
538 | cFYI(1, ("Error decoding 2nd part of negTokenInit")); | 529 | cFYI(1, ("Error decoding negTokenInit")); |
539 | return 0; | 530 | return 0; |
540 | } else if ((cls != ASN1_CTX) || (con != ASN1_CON) | 531 | } else if ((cls != ASN1_UNI) || (con != ASN1_CON) |
541 | || (tag != ASN1_EOC)) { | 532 | || (tag != ASN1_SEQ)) { |
542 | cFYI(1, | 533 | cFYI(1, |
543 | ("cls = %d con = %d tag = %d end = %p (%d) exit 0", | 534 | ("cls = %d con = %d tag = %d end = %p (%d) exit 1", |
544 | cls, con, tag, end, *end)); | 535 | cls, con, tag, end, *end)); |
545 | return 0; | 536 | return 0; |
546 | } | 537 | } |
547 | 538 | ||
548 | if (asn1_header_decode | 539 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { |
549 | (&ctx, &sequence_end, &cls, &con, &tag) == 0) { | 540 | cFYI(1, ("Error decoding 2nd part of negTokenInit")); |
550 | cFYI(1, ("Error decoding 2nd part of negTokenInit")); | 541 | return 0; |
551 | return 0; | 542 | } else if ((cls != ASN1_CTX) || (con != ASN1_CON) |
552 | } else if ((cls != ASN1_UNI) || (con != ASN1_CON) | 543 | || (tag != ASN1_EOC)) { |
553 | || (tag != ASN1_SEQ)) { | 544 | cFYI(1, |
554 | cFYI(1, | 545 | ("cls = %d con = %d tag = %d end = %p (%d) exit 0", |
555 | ("cls = %d con = %d tag = %d end = %p (%d) exit 1", | 546 | cls, con, tag, end, *end)); |
556 | cls, con, tag, end, *end)); | 547 | return 0; |
557 | return 0; | 548 | } |
558 | } | ||
559 | 549 | ||
560 | while (!asn1_eoc_decode(&ctx, sequence_end)) { | 550 | if (asn1_header_decode |
561 | rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag); | 551 | (&ctx, &sequence_end, &cls, &con, &tag) == 0) { |
562 | if (!rc) { | 552 | cFYI(1, ("Error decoding 2nd part of negTokenInit")); |
563 | cFYI(1, | 553 | return 0; |
564 | ("Error decoding negTokenInit hdr exit2")); | 554 | } else if ((cls != ASN1_UNI) || (con != ASN1_CON) |
565 | return 0; | 555 | || (tag != ASN1_SEQ)) { |
566 | } | 556 | cFYI(1, |
567 | if ((tag == ASN1_OJI) && (con == ASN1_PRI)) { | 557 | ("cls = %d con = %d tag = %d end = %p (%d) exit 1", |
568 | if (asn1_oid_decode(&ctx, end, &oid, &oidlen)) { | 558 | cls, con, tag, end, *end)); |
569 | 559 | return 0; | |
570 | cFYI(1, | 560 | } |
571 | ("OID len = %d oid = 0x%lx 0x%lx " | ||
572 | "0x%lx 0x%lx", | ||
573 | oidlen, *oid, *(oid + 1), | ||
574 | *(oid + 2), *(oid + 3))); | ||
575 | |||
576 | if (compare_oid(oid, oidlen, | ||
577 | MSKRB5_OID, | ||
578 | MSKRB5_OID_LEN)) | ||
579 | use_kerberos = true; | ||
580 | else if (compare_oid(oid, oidlen, | ||
581 | KRB5_OID, | ||
582 | KRB5_OID_LEN)) | ||
583 | use_kerberos = true; | ||
584 | else if (compare_oid(oid, oidlen, | ||
585 | NTLMSSP_OID, | ||
586 | NTLMSSP_OID_LEN)) | ||
587 | use_ntlmssp = true; | ||
588 | |||
589 | kfree(oid); | ||
590 | } | ||
591 | } else { | ||
592 | cFYI(1, ("Should be an oid what is going on?")); | ||
593 | } | ||
594 | } | ||
595 | 561 | ||
596 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { | 562 | while (!asn1_eoc_decode(&ctx, sequence_end)) { |
597 | cFYI(1, | 563 | rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag); |
598 | ("Error decoding last part negTokenInit exit3")); | 564 | if (!rc) { |
599 | return 0; | ||
600 | } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) { | ||
601 | /* tag = 3 indicating mechListMIC */ | ||
602 | cFYI(1, | 565 | cFYI(1, |
603 | ("Exit 4 cls = %d con = %d tag = %d end = %p (%d)", | 566 | ("Error decoding negTokenInit hdr exit2")); |
604 | cls, con, tag, end, *end)); | ||
605 | return 0; | 567 | return 0; |
606 | } | 568 | } |
607 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { | 569 | if ((tag == ASN1_OJI) && (con == ASN1_PRI)) { |
608 | cFYI(1, | 570 | if (asn1_oid_decode(&ctx, end, &oid, &oidlen)) { |
609 | ("Error decoding last part negTokenInit exit5")); | 571 | |
610 | return 0; | 572 | cFYI(1, ("OID len = %d oid = 0x%lx 0x%lx " |
611 | } else if ((cls != ASN1_UNI) || (con != ASN1_CON) | 573 | "0x%lx 0x%lx", oidlen, *oid, |
612 | || (tag != ASN1_SEQ)) { | 574 | *(oid + 1), *(oid + 2), *(oid + 3))); |
613 | cFYI(1, ("cls = %d con = %d tag = %d end = %p (%d)", | 575 | |
614 | cls, con, tag, end, *end)); | 576 | if (compare_oid(oid, oidlen, MSKRB5_OID, |
577 | MSKRB5_OID_LEN)) | ||
578 | use_kerberos = true; | ||
579 | else if (compare_oid(oid, oidlen, KRB5_OID, | ||
580 | KRB5_OID_LEN)) | ||
581 | use_kerberos = true; | ||
582 | else if (compare_oid(oid, oidlen, NTLMSSP_OID, | ||
583 | NTLMSSP_OID_LEN)) | ||
584 | use_ntlmssp = true; | ||
585 | |||
586 | kfree(oid); | ||
587 | } | ||
588 | } else { | ||
589 | cFYI(1, ("Should be an oid what is going on?")); | ||
615 | } | 590 | } |
591 | } | ||
616 | 592 | ||
617 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { | 593 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { |
618 | cFYI(1, | 594 | cFYI(1, ("Error decoding last part negTokenInit exit3")); |
619 | ("Error decoding last part negTokenInit exit 7")); | 595 | return 0; |
620 | return 0; | 596 | } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) { |
621 | } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) { | 597 | /* tag = 3 indicating mechListMIC */ |
622 | cFYI(1, | 598 | cFYI(1, ("Exit 4 cls = %d con = %d tag = %d end = %p (%d)", |
623 | ("Exit 8 cls = %d con = %d tag = %d end = %p (%d)", | 599 | cls, con, tag, end, *end)); |
624 | cls, con, tag, end, *end)); | 600 | return 0; |
625 | return 0; | 601 | } |
626 | } | 602 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { |
627 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { | 603 | cFYI(1, ("Error decoding last part negTokenInit exit5")); |
628 | cFYI(1, | 604 | return 0; |
629 | ("Error decoding last part negTokenInit exit9")); | 605 | } else if ((cls != ASN1_UNI) || (con != ASN1_CON) |
630 | return 0; | 606 | || (tag != ASN1_SEQ)) { |
631 | } else if ((cls != ASN1_UNI) || (con != ASN1_PRI) | 607 | cFYI(1, ("cls = %d con = %d tag = %d end = %p (%d)", |
632 | || (tag != ASN1_GENSTR)) { | 608 | cls, con, tag, end, *end)); |
633 | cFYI(1, | 609 | } |
634 | ("Exit10 cls = %d con = %d tag = %d end = %p (%d)", | 610 | |
635 | cls, con, tag, end, *end)); | 611 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { |
636 | return 0; | 612 | cFYI(1, ("Error decoding last part negTokenInit exit 7")); |
637 | } | 613 | return 0; |
638 | cFYI(1, ("Need to call asn1_octets_decode() function for %s", | 614 | } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) { |
639 | ctx.pointer)); /* is this UTF-8 or ASCII? */ | 615 | cFYI(1, ("Exit 8 cls = %d con = %d tag = %d end = %p (%d)", |
616 | cls, con, tag, end, *end)); | ||
617 | return 0; | ||
618 | } | ||
619 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { | ||
620 | cFYI(1, ("Error decoding last part negTokenInit exit9")); | ||
621 | return 0; | ||
622 | } else if ((cls != ASN1_UNI) || (con != ASN1_PRI) | ||
623 | || (tag != ASN1_GENSTR)) { | ||
624 | cFYI(1, ("Exit10 cls = %d con = %d tag = %d end = %p (%d)", | ||
625 | cls, con, tag, end, *end)); | ||
626 | return 0; | ||
640 | } | 627 | } |
628 | cFYI(1, ("Need to call asn1_octets_decode() function for %s", | ||
629 | ctx.pointer)); /* is this UTF-8 or ASCII? */ | ||
641 | 630 | ||
642 | if (use_kerberos) | 631 | if (use_kerberos) |
643 | *secType = Kerberos; | 632 | *secType = Kerberos; |
diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h index 25a6cbd15529..135c965c4137 100644 --- a/fs/cifs/cifsfs.h +++ b/fs/cifs/cifsfs.h | |||
@@ -101,5 +101,5 @@ extern long cifs_ioctl(struct file *filep, unsigned int cmd, unsigned long arg); | |||
101 | extern const struct export_operations cifs_export_ops; | 101 | extern const struct export_operations cifs_export_ops; |
102 | #endif /* EXPERIMENTAL */ | 102 | #endif /* EXPERIMENTAL */ |
103 | 103 | ||
104 | #define CIFS_VERSION "1.53" | 104 | #define CIFS_VERSION "1.54" |
105 | #endif /* _CIFSFS_H */ | 105 | #endif /* _CIFSFS_H */ |