Commit 12b3b8ff authored by Steve French's avatar Steve French

[CIFS] Cleanup NTLMSSP session setup handling

Fix to hash NTLMv2 properly will follow.
Signed-off-by: default avatarSteve French <sfrench@us.ibm.com>
parent e3f749c4
Version 1.41
------------
Fix NTLMv2 security (can be enabled in /proc/fs/cifs) so customers can
configure stronger authentication. Fix sfu symlinks so they can
be followed (not just recognized).
Version 1.40 Version 1.40
------------ ------------
Use fsuid (fsgid) more consistently instead of uid (gid). Improve performance Use fsuid (fsgid) more consistently instead of uid (gid). Improve performance
......
/* /*
* fs/cifs/cifsencrypt.c * fs/cifs/cifsencrypt.c
* *
* Copyright (C) International Business Machines Corp., 2005 * Copyright (C) International Business Machines Corp., 2005,2006
* Author(s): Steve French (sfrench@us.ibm.com) * Author(s): Steve French (sfrench@us.ibm.com)
* *
* This library is free software; you can redistribute it and/or modify * This library is free software; you can redistribute it and/or modify
...@@ -36,7 +36,8 @@ ...@@ -36,7 +36,8 @@
extern void mdfour(unsigned char *out, unsigned char *in, int n); extern void mdfour(unsigned char *out, unsigned char *in, int n);
extern void E_md4hash(const unsigned char *passwd, unsigned char *p16); extern void E_md4hash(const unsigned char *passwd, unsigned char *p16);
static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu, const char * key, char * signature) static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu,
const char * key, char * signature)
{ {
struct MD5Context context; struct MD5Context context;
......
...@@ -99,5 +99,5 @@ extern ssize_t cifs_getxattr(struct dentry *, const char *, void *, size_t); ...@@ -99,5 +99,5 @@ extern ssize_t cifs_getxattr(struct dentry *, const char *, void *, size_t);
extern ssize_t cifs_listxattr(struct dentry *, char *, size_t); extern ssize_t cifs_listxattr(struct dentry *, char *, size_t);
extern int cifs_ioctl (struct inode * inode, struct file * filep, extern int cifs_ioctl (struct inode * inode, struct file * filep,
unsigned int command, unsigned long arg); unsigned int command, unsigned long arg);
#define CIFS_VERSION "1.40" #define CIFS_VERSION "1.41"
#endif /* _CIFSFS_H */ #endif /* _CIFSFS_H */
...@@ -64,6 +64,8 @@ extern int map_smb_to_linux_error(struct smb_hdr *smb); ...@@ -64,6 +64,8 @@ extern int map_smb_to_linux_error(struct smb_hdr *smb);
extern void header_assemble(struct smb_hdr *, char /* command */ , extern void header_assemble(struct smb_hdr *, char /* command */ ,
const struct cifsTconInfo *, int /* length of const struct cifsTconInfo *, int /* length of
fixed section (word count) in two byte units */); fixed section (word count) in two byte units */);
extern int small_smb_init_no_tc(int smb_cmd, int wct, struct cifsSesInfo *ses,
void ** request_buf);
extern __u16 GetNextMid(struct TCP_Server_Info *server); extern __u16 GetNextMid(struct TCP_Server_Info *server);
extern struct oplock_q_entry * AllocOplockQEntry(struct inode *, u16, extern struct oplock_q_entry * AllocOplockQEntry(struct inode *, u16,
struct cifsTconInfo *); struct cifsTconInfo *);
......
/* /*
* fs/cifs/cifssmb.c * fs/cifs/cifssmb.c
* *
* Copyright (C) International Business Machines Corp., 2002,2005 * Copyright (C) International Business Machines Corp., 2002,2006
* Author(s): Steve French (sfrench@us.ibm.com) * Author(s): Steve French (sfrench@us.ibm.com)
* *
* Contains the routines for constructing the SMB PDUs themselves * Contains the routines for constructing the SMB PDUs themselves
...@@ -187,6 +187,31 @@ small_smb_init(int smb_command, int wct, struct cifsTconInfo *tcon, ...@@ -187,6 +187,31 @@ small_smb_init(int smb_command, int wct, struct cifsTconInfo *tcon,
return rc; return rc;
} }
int
small_smb_init_no_tcon(int smb_command, int wct, struct cifsSesInfo *ses,
void **request_buf)
{
int rc;
struct smb_hdr * buffer;
rc = small_smb_init(smb_command, wct, 0, request_buf);
if(rc)
return rc;
buffer->Mid = GetNextMid(ses->server);
if (ses->capabilities & CAP_UNICODE)
buffer->Flags2 |= SMBFLG2_UNICODE;
if (ses->capabilities & CAP_STATUS32) {
buffer->Flags2 |= SMBFLG2_ERR_STATUS;
/* uid, tid can stay at zero as set in header assemble */
/* BB add support for turning on the signing when
this function is used after 1st of session setup requests */
return rc;
}
/* If the return code is zero, this function must fill in request_buf pointer */ /* If the return code is zero, this function must fill in request_buf pointer */
static int static int
......
...@@ -2525,7 +2525,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, ...@@ -2525,7 +2525,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
__u32 negotiate_flags, capabilities; __u32 negotiate_flags, capabilities;
__u16 count; __u16 count;
cFYI(1, ("In NTLMSSP sesssetup (negotiate) ")); cFYI(1, ("In NTLMSSP sesssetup (negotiate)"));
if(ses == NULL) if(ses == NULL)
return -EINVAL; return -EINVAL;
domain = ses->domainName; domain = ses->domainName;
...@@ -2575,7 +2575,8 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, ...@@ -2575,7 +2575,8 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
SecurityBlob->MessageType = NtLmNegotiate; SecurityBlob->MessageType = NtLmNegotiate;
negotiate_flags = negotiate_flags =
NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_OEM | NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_OEM |
NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_NTLM | 0x80000000 | NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_NTLM |
NTLMSSP_NEGOTIATE_56 |
/* NTLMSSP_NEGOTIATE_ALWAYS_SIGN | */ NTLMSSP_NEGOTIATE_128; /* NTLMSSP_NEGOTIATE_ALWAYS_SIGN | */ NTLMSSP_NEGOTIATE_128;
if(sign_CIFS_PDUs) if(sign_CIFS_PDUs)
negotiate_flags |= NTLMSSP_NEGOTIATE_SIGN; negotiate_flags |= NTLMSSP_NEGOTIATE_SIGN;
...@@ -2588,26 +2589,11 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, ...@@ -2588,26 +2589,11 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
SecurityBlob->WorkstationName.Length = 0; SecurityBlob->WorkstationName.Length = 0;
SecurityBlob->WorkstationName.MaximumLength = 0; SecurityBlob->WorkstationName.MaximumLength = 0;
if (domain == NULL) { /* Domain not sent on first Sesssetup in NTLMSSP, instead it is sent
along with username on auth request (ie the response to challenge) */
SecurityBlob->DomainName.Buffer = 0; SecurityBlob->DomainName.Buffer = 0;
SecurityBlob->DomainName.Length = 0; SecurityBlob->DomainName.Length = 0;
SecurityBlob->DomainName.MaximumLength = 0; SecurityBlob->DomainName.MaximumLength = 0;
} else {
__u16 len;
negotiate_flags |= NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED;
strncpy(bcc_ptr, domain, 63);
len = strnlen(domain, 64);
SecurityBlob->DomainName.MaximumLength =
cpu_to_le16(len);
SecurityBlob->DomainName.Buffer =
cpu_to_le32((long) &SecurityBlob->
DomainString -
(long) &SecurityBlob->Signature);
bcc_ptr += len;
SecurityBlobLength += len;
SecurityBlob->DomainName.Length =
cpu_to_le16(len);
}
if (ses->capabilities & CAP_UNICODE) { if (ses->capabilities & CAP_UNICODE) {
if ((long) bcc_ptr % 2) { if ((long) bcc_ptr % 2) {
*bcc_ptr = 0; *bcc_ptr = 0;
...@@ -2677,7 +2663,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, ...@@ -2677,7 +2663,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
SecurityBlob2->MessageType)); SecurityBlob2->MessageType));
} else if (ses) { } else if (ses) {
ses->Suid = smb_buffer_response->Uid; /* UID left in le format */ ses->Suid = smb_buffer_response->Uid; /* UID left in le format */
cFYI(1, ("UID = %d ", ses->Suid)); cFYI(1, ("UID = %d", ses->Suid));
if ((pSMBr->resp.hdr.WordCount == 3) if ((pSMBr->resp.hdr.WordCount == 3)
|| ((pSMBr->resp.hdr.WordCount == 4) || ((pSMBr->resp.hdr.WordCount == 4)
&& (blob_len < && (blob_len <
...@@ -2685,17 +2671,17 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, ...@@ -2685,17 +2671,17 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
if (pSMBr->resp.hdr.WordCount == 4) { if (pSMBr->resp.hdr.WordCount == 4) {
bcc_ptr += blob_len; bcc_ptr += blob_len;
cFYI(1, cFYI(1, ("Security Blob Length %d",
("Security Blob Length %d ",
blob_len)); blob_len));
} }
cFYI(1, ("NTLMSSP Challenge rcvd ")); cFYI(1, ("NTLMSSP Challenge rcvd"));
memcpy(ses->server->cryptKey, memcpy(ses->server->cryptKey,
SecurityBlob2->Challenge, SecurityBlob2->Challenge,
CIFS_CRYPTO_KEY_SIZE); CIFS_CRYPTO_KEY_SIZE);
if(SecurityBlob2->NegotiateFlags & cpu_to_le32(NTLMSSP_NEGOTIATE_NTLMV2)) if(SecurityBlob2->NegotiateFlags &
cpu_to_le32(NTLMSSP_NEGOTIATE_NTLMV2))
*pNTLMv2_flag = TRUE; *pNTLMv2_flag = TRUE;
if((SecurityBlob2->NegotiateFlags & if((SecurityBlob2->NegotiateFlags &
...@@ -2818,7 +2804,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid, ...@@ -2818,7 +2804,7 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
bcc_ptr++; bcc_ptr++;
} else } else
cFYI(1, cFYI(1,
("Variable field of length %d extends beyond end of smb ", ("Variable field of length %d extends beyond end of smb",
len)); len));
} }
} else { } else {
......
/* /*
* fs/cifs/ntlmssp.h * fs/cifs/ntlmssp.h
* *
* Copyright (c) International Business Machines Corp., 2002 * Copyright (c) International Business Machines Corp., 2002,2006
* Author(s): Steve French (sfrench@us.ibm.com) * Author(s): Steve French (sfrench@us.ibm.com)
* *
* This library is free software; you can redistribute it and/or modify * This library is free software; you can redistribute it and/or modify
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment