diff options
author | Steve French <smfrench@austin.rr.com> | 2005-04-28 22:41:05 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@ppc970.osdl.org> | 2005-04-28 22:41:05 -0700 |
commit | ad009ac96509e005d9978d0ae9e9ec4d63ad2990 (patch) | |
tree | eb15ee8333fd7b5816f8fe3d02250ff99601eba0 /fs/cifs/transport.c | |
parent | c67593a03129967eae8939c4899767182eb6d6cd (diff) | |
download | talos-obmc-linux-ad009ac96509e005d9978d0ae9e9ec4d63ad2990.tar.gz talos-obmc-linux-ad009ac96509e005d9978d0ae9e9ec4d63ad2990.zip |
[PATCH] cifs: Fix multiuser packet signing to use the right sequence number and mac session key
Signed-off-by: Steve French (sfrench@us.ibm.com)
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'fs/cifs/transport.c')
-rw-r--r-- | fs/cifs/transport.c | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c index af13e526b150..a9e4f989b7f7 100644 --- a/fs/cifs/transport.c +++ b/fs/cifs/transport.c @@ -346,7 +346,7 @@ CIFSSendRcv(const unsigned int xid, struct cifsSesInfo *ses, } /* BB can we sign efficiently in this path? */ - rc = cifs_sign_smb(in_buf, ses, &midQ->sequence_number); + rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number); midQ->midState = MID_REQUEST_SUBMITTED; /* rc = smb_sendv(ses->server->ssocket, in_buf, in_buf->smb_buf_length, piovec, @@ -475,7 +475,7 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses, return -EIO; } - rc = cifs_sign_smb(in_buf, ses, &midQ->sequence_number); + rc = cifs_sign_smb(in_buf, ses->server, &midQ->sequence_number); midQ->midState = MID_REQUEST_SUBMITTED; rc = smb_send(ses->server->ssocket, in_buf, in_buf->smb_buf_length, @@ -559,8 +559,7 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses, } if (receive_len > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) { - cERROR(1, - ("Frame too large received. Length: %d Xid: %d", + cERROR(1, ("Frame too large received. Length: %d Xid: %d", receive_len, xid)); rc = -EIO; } else { /* rcvd frame is ok */ @@ -575,15 +574,20 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses, dump_smb(out_buf, 92); /* convert the length into a more usable form */ if((receive_len > 24) && - (ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))) { - rc = cifs_verify_signature(out_buf, ses->mac_signing_key,midQ->sequence_number); /* BB fix BB */ - if(rc) - cFYI(1,("Unexpected signature received from server")); + (ses->server->secMode & (SECMODE_SIGN_REQUIRED | + SECMODE_SIGN_ENABLED))) { + rc = cifs_verify_signature(out_buf, + ses->server->mac_signing_key, + midQ->sequence_number+1); + if(rc) { + cERROR(1,("Unexpected packet signature received from server")); + /* BB FIXME - add code to kill session here */ + } } *pbytes_returned = out_buf->smb_buf_length; - /* BB special case reconnect tid and reconnect uid here? */ + /* BB special case reconnect tid and uid here? */ rc = map_smb_to_linux_error(out_buf); /* convert ByteCount if necessary */ |