From patchwork Tue Oct 26 23:10:24 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Shirish Pargaonkar X-Patchwork-Id: 284282 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter1.kernel.org (8.14.4/8.14.3) with ESMTP id o9QNFcSX019909 for ; Tue, 26 Oct 2010 23:15:38 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756396Ab0JZXPi (ORCPT ); Tue, 26 Oct 2010 19:15:38 -0400 Received: from mail-qw0-f46.google.com ([209.85.216.46]:65484 "EHLO mail-qw0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755229Ab0JZXPh (ORCPT ); Tue, 26 Oct 2010 19:15:37 -0400 Received: by qwk3 with SMTP id 3so33024qwk.19 for ; Tue, 26 Oct 2010 16:15:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:cc:subject:date :message-id:x-mailer; bh=/pFgkZpmZ4xI80FIc/QUS6icGyNdUeMf9P53ov4xVzk=; b=VpXsUr8f4w32qf/MlQ+4Cfi7rn6/HGdKYRoj8nO3+jiyhhF+213EsEFv6WNOE0mXEI 70HT3ar+rP21J4mBN50vlT7r0omyZmTTRmjR6dKBIqSURniPN0YnrJCJRbGP9vn/Xb09 BOUlPglPXpaa0LqVZF7QaqKf873/44vIvN8vw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:cc:subject:date:message-id:x-mailer; b=uAq6Z1eby1IMieyylPUAhjslgqJszKkXRbDm3/qWbCv4QN5BRVbnwN7DM41CUlB0jc eJGShqPyqZzPsPYz51Bo3A8mrkhT6h6NxeZhuoUFpAsFskMFJJ3CA62swZ1Kzc6s4o1D NhlIBGJakAQYM9w5e7KQv+6jmxbT2e9RqQByc= Received: by 10.229.95.19 with SMTP id b19mr8383651qcn.64.1288134936569; Tue, 26 Oct 2010 16:15:36 -0700 (PDT) Received: from localhost ([32.97.110.58]) by mx.google.com with ESMTPS id nb14sm7891861qcb.24.2010.10.26.16.15.34 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 26 Oct 2010 16:15:35 -0700 (PDT) From: shirishpargaonkar@gmail.com To: smfrench@gmail.com Cc: linux-cifs@vger.kernel.org, Shirish Pargaonkar Subject: [PATCH] [CIFS] NTLM auth and sign - minor error corrections and cleanup Date: Tue, 26 Oct 2010 18:10:24 -0500 Message-Id: <1288134624-4390-1-git-send-email-shirishpargaonkar@gmail.com> X-Mailer: git-send-email 1.6.0.2 Sender: linux-cifs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.3 (demeter1.kernel.org [140.211.167.41]); Tue, 26 Oct 2010 23:15:38 +0000 (UTC) diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index 9690887..17d603a 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -391,7 +391,7 @@ build_avpair_blob(struct cifsSesInfo *ses, const struct nls_table *nls_cp) * about target string i.e. for some, just user name might suffice. */ static int -find_domain_name(struct cifsSesInfo *ses) +find_domain_name(struct cifsSesInfo *ses, const struct nls_table *nls_cp) { unsigned int attrsize; unsigned int type; @@ -420,16 +420,13 @@ find_domain_name(struct cifsSesInfo *ses) if (!attrsize) break; if (!ses->domainName) { - struct nls_table *default_nls; ses->domainName = kmalloc(attrsize + 1, GFP_KERNEL); if (!ses->domainName) return -ENOMEM; - default_nls = load_nls_default(); cifs_from_ucs2(ses->domainName, (__le16 *)blobptr, attrsize, attrsize, - default_nls, false); - unload_nls(default_nls); + nls_cp, false); break; } } @@ -561,7 +558,7 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp) if (ses->server->secType == RawNTLMSSP) { if (!ses->domainName) { - rc = find_domain_name(ses); + rc = find_domain_name(ses, nls_cp); if (rc) { cERROR(1, "error %d finding domain name", rc); goto setup_ntlmv2_rsp_ret; @@ -594,12 +591,14 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp) memcpy(ses->auth_key.response + baselen, ses->tiblob, ses->tilen); - /* calculate buf->ntlmv2_hash */ + /* calculate ntlmv2_hash */ rc = calc_ntlmv2_hash(ses, nls_cp); if (rc) { cERROR(1, "could not get v2 hash rc %d", rc); goto setup_ntlmv2_rsp_ret; } + + /* calculate first part of the client response (CR1) */ rc = CalcNTLMv2_response(ses); if (rc) { cERROR(1, "Could not calculate CR1 rc: %d", rc); @@ -623,8 +622,6 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp) rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash, ses->auth_key.response); - return 0; - setup_ntlmv2_rsp_ret: kfree(ses->tiblob); ses->tiblob = NULL; diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 7ca5f6d..67d6a22 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -111,7 +111,7 @@ struct sdesc { char ctx[]; }; -/* crypto hashing related structure/fields, not speicific to a sec mech */ +/* crypto hashing related structure/fields, not specific to a sec mech */ struct cifs_secmech { struct crypto_shash *hmacmd5; /* hmac-md5 hash function */ struct crypto_shash *md5; /* md5 hash function */ diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 04239a7..469c3dd 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -1631,7 +1631,7 @@ cifs_get_tcp_session(struct smb_vol *volume_info) tcp_ses->hostname = extract_hostname(volume_info->UNC); if (IS_ERR(tcp_ses->hostname)) { rc = PTR_ERR(tcp_ses->hostname); - goto out_err2; + goto out_err_crypto_release; } tcp_ses->noblocksnd = volume_info->noblocksnd; @@ -1675,7 +1675,7 @@ cifs_get_tcp_session(struct smb_vol *volume_info) } if (rc < 0) { cERROR(1, "Error connecting to socket. Aborting operation"); - goto out_err2; + goto out_err_crypto_release; } /* @@ -1689,7 +1689,7 @@ cifs_get_tcp_session(struct smb_vol *volume_info) rc = PTR_ERR(tcp_ses->tsk); cERROR(1, "error %d create cifsd thread", rc); module_put(THIS_MODULE); - goto out_err2; + goto out_err_crypto_release; } /* thread spawned, put it on the list */ @@ -1701,7 +1701,7 @@ cifs_get_tcp_session(struct smb_vol *volume_info) return tcp_ses; -out_err2: +out_err_crypto_release: cifs_crypto_shash_release(tcp_ses); out_err: diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index d998c4f..e0515a6 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -738,7 +738,7 @@ ssetup_ntlmssp_authenticate: * assigned, tilen is 0 otherwise. */ pSMB->req_no_secext.CaseSensitivePasswordLength = - cpu_to_le16(ses->auth_key.len); + cpu_to_le16(ses->auth_key.len - CIFS_SESS_KEY_SIZE); if (ses->capabilities & CAP_UNICODE) { if (iov[0].iov_len % 2) {