aboutsummaryrefslogtreecommitdiffstats
path: root/fs/cifs
diff options
context:
space:
mode:
Diffstat (limited to 'fs/cifs')
-rw-r--r--fs/cifs/asn1.c259
-rw-r--r--fs/cifs/cifsfs.h2
2 files changed, 125 insertions, 136 deletions
diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c
index 669d0640b6d6..5fabd2caf93c 100644
--- a/fs/cifs/asn1.c
+++ b/fs/cifs/asn1.c
@@ -483,6 +483,7 @@ decode_negTokenInit(unsigned char *security_blob, int length,
483 483
484 asn1_open(&ctx, security_blob, length); 484 asn1_open(&ctx, security_blob, length);
485 485
486 /* GSSAPI header */
486 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { 487 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
487 cFYI(1, ("Error decoding negTokenInit header")); 488 cFYI(1, ("Error decoding negTokenInit header"));
488 return 0; 489 return 0;
@@ -490,154 +491,142 @@ decode_negTokenInit(unsigned char *security_blob, int length,
490 || (tag != ASN1_EOC)) { 491 || (tag != ASN1_EOC)) {
491 cFYI(1, ("cls = %d con = %d tag = %d", cls, con, tag)); 492 cFYI(1, ("cls = %d con = %d tag = %d", cls, con, tag));
492 return 0; 493 return 0;
493 } else { 494 }
494 /* remember to free obj->oid */
495 rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
496 if (rc) {
497 if ((tag == ASN1_OJI) && (con == ASN1_PRI) &&
498 (cls == ASN1_UNI)) {
499 rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
500 if (rc) {
501 rc = compare_oid(oid, oidlen,
502 SPNEGO_OID,
503 SPNEGO_OID_LEN);
504 kfree(oid);
505 }
506 } else
507 rc = 0;
508 }
509 495
510 if (!rc) { 496 /* Check for SPNEGO OID -- remember to free obj->oid */
511 cFYI(1, ("Error decoding negTokenInit header")); 497 rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
512 return 0; 498 if (rc) {
513 } 499 if ((tag == ASN1_OJI) && (con == ASN1_PRI) &&
500 (cls == ASN1_UNI)) {
501 rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
502 if (rc) {
503 rc = compare_oid(oid, oidlen, SPNEGO_OID,
504 SPNEGO_OID_LEN);
505 kfree(oid);
506 }
507 } else
508 rc = 0;
509 }
514 510
515 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { 511 /* SPNEGO OID not present or garbled -- bail out */
516 cFYI(1, ("Error decoding negTokenInit")); 512 if (!rc) {
517 return 0; 513 cFYI(1, ("Error decoding negTokenInit header"));
518 } else if ((cls != ASN1_CTX) || (con != ASN1_CON) 514 return 0;
519 || (tag != ASN1_EOC)) { 515 }
520 cFYI(1,
521 ("cls = %d con = %d tag = %d end = %p (%d) exit 0",
522 cls, con, tag, end, *end));
523 return 0;
524 }
525 516
526 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { 517 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
527 cFYI(1, ("Error decoding negTokenInit")); 518 cFYI(1, ("Error decoding negTokenInit"));
528 return 0; 519 return 0;
529 } else if ((cls != ASN1_UNI) || (con != ASN1_CON) 520 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
530 || (tag != ASN1_SEQ)) { 521 || (tag != ASN1_EOC)) {
531 cFYI(1, 522 cFYI(1,
532 ("cls = %d con = %d tag = %d end = %p (%d) exit 1", 523 ("cls = %d con = %d tag = %d end = %p (%d) exit 0",
533 cls, con, tag, end, *end)); 524 cls, con, tag, end, *end));
534 return 0; 525 return 0;
535 } 526 }
536 527
537 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { 528 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
538 cFYI(1, ("Error decoding 2nd part of negTokenInit")); 529 cFYI(1, ("Error decoding negTokenInit"));
539 return 0; 530 return 0;
540 } else if ((cls != ASN1_CTX) || (con != ASN1_CON) 531 } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
541 || (tag != ASN1_EOC)) { 532 || (tag != ASN1_SEQ)) {
542 cFYI(1, 533 cFYI(1,
543 ("cls = %d con = %d tag = %d end = %p (%d) exit 0", 534 ("cls = %d con = %d tag = %d end = %p (%d) exit 1",
544 cls, con, tag, end, *end)); 535 cls, con, tag, end, *end));
545 return 0; 536 return 0;
546 } 537 }
547 538
548 if (asn1_header_decode 539 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
549 (&ctx, &sequence_end, &cls, &con, &tag) == 0) { 540 cFYI(1, ("Error decoding 2nd part of negTokenInit"));
550 cFYI(1, ("Error decoding 2nd part of negTokenInit")); 541 return 0;
551 return 0; 542 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
552 } else if ((cls != ASN1_UNI) || (con != ASN1_CON) 543 || (tag != ASN1_EOC)) {
553 || (tag != ASN1_SEQ)) { 544 cFYI(1,
554 cFYI(1, 545 ("cls = %d con = %d tag = %d end = %p (%d) exit 0",
555 ("cls = %d con = %d tag = %d end = %p (%d) exit 1", 546 cls, con, tag, end, *end));
556 cls, con, tag, end, *end)); 547 return 0;
557 return 0; 548 }
558 }
559 549
560 while (!asn1_eoc_decode(&ctx, sequence_end)) { 550 if (asn1_header_decode
561 rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag); 551 (&ctx, &sequence_end, &cls, &con, &tag) == 0) {
562 if (!rc) { 552 cFYI(1, ("Error decoding 2nd part of negTokenInit"));
563 cFYI(1, 553 return 0;
564 ("Error decoding negTokenInit hdr exit2")); 554 } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
565 return 0; 555 || (tag != ASN1_SEQ)) {
566 } 556 cFYI(1,
567 if ((tag == ASN1_OJI) && (con == ASN1_PRI)) { 557 ("cls = %d con = %d tag = %d end = %p (%d) exit 1",
568 if (asn1_oid_decode(&ctx, end, &oid, &oidlen)) { 558 cls, con, tag, end, *end));
569 559 return 0;
570 cFYI(1, 560 }
571 ("OID len = %d oid = 0x%lx 0x%lx "
572 "0x%lx 0x%lx",
573 oidlen, *oid, *(oid + 1),
574 *(oid + 2), *(oid + 3)));
575
576 if (compare_oid(oid, oidlen,
577 MSKRB5_OID,
578 MSKRB5_OID_LEN))
579 use_kerberos = true;
580 else if (compare_oid(oid, oidlen,
581 KRB5_OID,
582 KRB5_OID_LEN))
583 use_kerberos = true;
584 else if (compare_oid(oid, oidlen,
585 NTLMSSP_OID,
586 NTLMSSP_OID_LEN))
587 use_ntlmssp = true;
588
589 kfree(oid);
590 }
591 } else {
592 cFYI(1, ("Should be an oid what is going on?"));
593 }
594 }
595 561
596 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { 562 while (!asn1_eoc_decode(&ctx, sequence_end)) {
597 cFYI(1, 563 rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);
598 ("Error decoding last part negTokenInit exit3")); 564 if (!rc) {
599 return 0;
600 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {
601 /* tag = 3 indicating mechListMIC */
602 cFYI(1, 565 cFYI(1,
603 ("Exit 4 cls = %d con = %d tag = %d end = %p (%d)", 566 ("Error decoding negTokenInit hdr exit2"));
604 cls, con, tag, end, *end));
605 return 0; 567 return 0;
606 } 568 }
607 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { 569 if ((tag == ASN1_OJI) && (con == ASN1_PRI)) {
608 cFYI(1, 570 if (asn1_oid_decode(&ctx, end, &oid, &oidlen)) {
609 ("Error decoding last part negTokenInit exit5")); 571
610 return 0; 572 cFYI(1, ("OID len = %d oid = 0x%lx 0x%lx "
611 } else if ((cls != ASN1_UNI) || (con != ASN1_CON) 573 "0x%lx 0x%lx", oidlen, *oid,
612 || (tag != ASN1_SEQ)) { 574 *(oid + 1), *(oid + 2), *(oid + 3)));
613 cFYI(1, ("cls = %d con = %d tag = %d end = %p (%d)", 575
614 cls, con, tag, end, *end)); 576 if (compare_oid(oid, oidlen, MSKRB5_OID,
577 MSKRB5_OID_LEN))
578 use_kerberos = true;
579 else if (compare_oid(oid, oidlen, KRB5_OID,
580 KRB5_OID_LEN))
581 use_kerberos = true;
582 else if (compare_oid(oid, oidlen, NTLMSSP_OID,
583 NTLMSSP_OID_LEN))
584 use_ntlmssp = true;
585
586 kfree(oid);
587 }
588 } else {
589 cFYI(1, ("Should be an oid what is going on?"));
615 } 590 }
591 }
616 592
617 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { 593 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
618 cFYI(1, 594 cFYI(1, ("Error decoding last part negTokenInit exit3"));
619 ("Error decoding last part negTokenInit exit 7")); 595 return 0;
620 return 0; 596 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {
621 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) { 597 /* tag = 3 indicating mechListMIC */
622 cFYI(1, 598 cFYI(1, ("Exit 4 cls = %d con = %d tag = %d end = %p (%d)",
623 ("Exit 8 cls = %d con = %d tag = %d end = %p (%d)", 599 cls, con, tag, end, *end));
624 cls, con, tag, end, *end)); 600 return 0;
625 return 0; 601 }
626 } 602 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
627 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { 603 cFYI(1, ("Error decoding last part negTokenInit exit5"));
628 cFYI(1, 604 return 0;
629 ("Error decoding last part negTokenInit exit9")); 605 } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
630 return 0; 606 || (tag != ASN1_SEQ)) {
631 } else if ((cls != ASN1_UNI) || (con != ASN1_PRI) 607 cFYI(1, ("cls = %d con = %d tag = %d end = %p (%d)",
632 || (tag != ASN1_GENSTR)) { 608 cls, con, tag, end, *end));
633 cFYI(1, 609 }
634 ("Exit10 cls = %d con = %d tag = %d end = %p (%d)", 610
635 cls, con, tag, end, *end)); 611 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
636 return 0; 612 cFYI(1, ("Error decoding last part negTokenInit exit 7"));
637 } 613 return 0;
638 cFYI(1, ("Need to call asn1_octets_decode() function for %s", 614 } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {
639 ctx.pointer)); /* is this UTF-8 or ASCII? */ 615 cFYI(1, ("Exit 8 cls = %d con = %d tag = %d end = %p (%d)",
616 cls, con, tag, end, *end));
617 return 0;
618 }
619 if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
620 cFYI(1, ("Error decoding last part negTokenInit exit9"));
621 return 0;
622 } else if ((cls != ASN1_UNI) || (con != ASN1_PRI)
623 || (tag != ASN1_GENSTR)) {
624 cFYI(1, ("Exit10 cls = %d con = %d tag = %d end = %p (%d)",
625 cls, con, tag, end, *end));
626 return 0;
640 } 627 }
628 cFYI(1, ("Need to call asn1_octets_decode() function for %s",
629 ctx.pointer)); /* is this UTF-8 or ASCII? */
641 630
642 if (use_kerberos) 631 if (use_kerberos)
643 *secType = Kerberos; 632 *secType = Kerberos;
diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h
index 25a6cbd15529..135c965c4137 100644
--- a/fs/cifs/cifsfs.h
+++ b/fs/cifs/cifsfs.h
@@ -101,5 +101,5 @@ extern long cifs_ioctl(struct file *filep, unsigned int cmd, unsigned long arg);
101extern const struct export_operations cifs_export_ops; 101extern const struct export_operations cifs_export_ops;
102#endif /* EXPERIMENTAL */ 102#endif /* EXPERIMENTAL */
103 103
104#define CIFS_VERSION "1.53" 104#define CIFS_VERSION "1.54"
105#endif /* _CIFSFS_H */ 105#endif /* _CIFSFS_H */