diff options
| author | Shirish Pargaonkar <shirishpargaonkar@gmail.com> | 2010-10-13 18:15:00 -0500 |
|---|---|---|
| committer | Steve French <sfrench@us.ibm.com> | 2010-10-14 18:05:19 +0000 |
| commit | 5d0d28824c76409f0d1a645bf0ae81318c8ffa42 (patch) | |
| tree | 592838282fc891dc9a51424e0f57c0694ad31075 /fs/cifs/connect.c | |
| parent | d7c86ff8cd00abc730fe5d031f43dc9138b6324e (diff) | |
| download | talos-obmc-linux-5d0d28824c76409f0d1a645bf0ae81318c8ffa42.tar.gz talos-obmc-linux-5d0d28824c76409f0d1a645bf0ae81318c8ffa42.zip | |
NTLM authentication and signing - Calculate auth response per smb session
Start calculation auth response within a session. Move/Add pertinet
data structures like session key, server challenge and ntlmv2_hash in
a session structure. We should do the calculations within a session
before copying session key and response over to server data
structures because a session setup can fail.
Only after a very first smb session succeeds, it copies/makes its
session key, session key of smb connection. This key stays with
the smb connection throughout its life.
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/connect.c')
| -rw-r--r-- | fs/cifs/connect.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 4944fc84d5ef..019f00380d12 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -173,6 +173,8 @@ cifs_reconnect(struct TCP_Server_Info *server) sock_release(server->ssocket); server->ssocket = NULL; } + server->sequence_number = 0; + server->session_estab = false; spin_lock(&GlobalMid_Lock); list_for_each(tmp, &server->pending_mid_q) { @@ -205,7 +207,6 @@ cifs_reconnect(struct TCP_Server_Info *server) spin_lock(&GlobalMid_Lock); if (server->tcpStatus != CifsExiting) server->tcpStatus = CifsGood; - server->sequence_number = 0; spin_unlock(&GlobalMid_Lock); /* atomic_set(&server->inFlight,0);*/ wake_up(&server->response_q); @@ -1631,6 +1632,7 @@ cifs_get_tcp_session(struct smb_vol *volume_info) volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL); memcpy(tcp_ses->server_RFC1001_name, volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL); + tcp_ses->session_estab = false; tcp_ses->sequence_number = 0; INIT_LIST_HEAD(&tcp_ses->tcp_ses_list); INIT_LIST_HEAD(&tcp_ses->smb_ses_list); @@ -2983,14 +2985,13 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses, #ifdef CONFIG_CIFS_WEAK_PW_HASH if ((global_secflags & CIFSSEC_MAY_LANMAN) && (ses->server->secType == LANMAN)) - calc_lanman_hash(tcon->password, ses->server->cryptKey, + calc_lanman_hash(tcon->password, ses->cryptKey, ses->server->secMode & SECMODE_PW_ENCRYPT ? true : false, bcc_ptr); else #endif /* CIFS_WEAK_PW_HASH */ - SMBNTencrypt(tcon->password, ses->server->cryptKey, - bcc_ptr); + SMBNTencrypt(tcon->password, ses->cryptKey, bcc_ptr); bcc_ptr += CIFS_SESS_KEY_SIZE; if (ses->capabilities & CAP_UNICODE) { @@ -3175,6 +3176,15 @@ int cifs_setup_session(unsigned int xid, struct cifsSesInfo *ses, if (rc) { cERROR(1, "Send error in SessSetup = %d", rc); } else { + mutex_lock(&ses->server->srv_mutex); + if (!server->session_estab) { + memcpy(&server->session_key.data, + &ses->auth_key.data, ses->auth_key.len); + server->session_key.len = ses->auth_key.len; + ses->server->session_estab = true; + } + mutex_unlock(&server->srv_mutex); + cFYI(1, "CIFS Session Established successfully"); spin_lock(&GlobalMid_Lock); ses->status = CifsGood; |
