From d3ba50b17aa7a391bb5b3dcd8d6ba7a02c4f031c Mon Sep 17 00:00:00 2001 From: Shirish Pargaonkar Date: Wed, 27 Oct 2010 15:20:36 -0500 Subject: NTLM auth and sign - Use appropriate server challenge Need to have cryptkey or server challenge in smb connection (struct TCP_Server_Info) for ntlm and ntlmv2 auth types for which cryptkey (Encryption Key) is supplied just once in Negotiate Protocol response during an smb connection setup for all the smb sessions over that smb connection. For ntlmssp, cryptkey or server challenge is provided for every smb session in type 2 packet of ntlmssp negotiation, the cryptkey provided during Negotiation Protocol response before smb connection does not count. Rename cryptKey to cryptkey and related changes. Signed-off-by: Shirish Pargaonkar Signed-off-by: Steve French --- fs/cifs/cifsencrypt.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'fs/cifs/cifsencrypt.c') diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index 17d603ad5e34..ef95a272f73d 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -249,7 +249,7 @@ int setup_ntlm_response(struct cifsSesInfo *ses) } ses->auth_key.len = temp_len; - SMBNTencrypt(ses->password, ses->cryptKey, + SMBNTencrypt(ses->password, ses->server->cryptkey, ses->auth_key.response + CIFS_SESS_KEY_SIZE); E_md4hash(ses->password, temp_key); @@ -537,8 +537,12 @@ CalcNTLMv2_response(const struct cifsSesInfo *ses) return rc; } - memcpy(ses->auth_key.response + offset, - ses->cryptKey, CIFS_SERVER_CHALLENGE_SIZE); + if (ses->server->secType == RawNTLMSSP) + memcpy(ses->auth_key.response + offset, + ses->cryptkey, CIFS_SERVER_CHALLENGE_SIZE); + else + memcpy(ses->auth_key.response + offset, + ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE); crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash, ses->auth_key.response + offset, ses->auth_key.len - offset); -- cgit v1.2.2