Commit Graph

26 Commits

Author SHA1 Message Date
Jeff Layton 4e53a3fb98 cifs: have calc_lanman_hash take more granular args
cifs: have calc_lanman_hash take more granular args

We need to use this routine to encrypt passwords associated with the
tcon too. Don't assume that the password will be attached to the
smb_session.

Also, make some of the values in the lower encryption functions
const since they aren't changed.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-12-26 02:29:11 +00:00
Steve French bcc55c6664 [CIFS] Fix plaintext authentication
The last eight bytes of the password field were not cleared when doing lanman plaintext password authentication. This patch fixes that.

I tested it with Samba by setting password
encryption to no in the server's smb.conf.  Other servers also can be
configured to force plaintext authentication.    Note that plaintexti
authentication requires setting /proc/fs/cifs/SecurityFlags to 0x30030
on the client (enabling both LANMAN and also plaintext password support).
Also note that LANMAN support (and thus plaintext password support) requires
CONFIG_CIFS_WEAK_PW_HASH to be enabled in menuconfig.

CC: Jeff Layton <jlayton@redhat.com>
CC: Stable Kernel <stable@vger.kernel.org>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-27 21:30:22 +00:00
Shirish Pargaonkar ef571cadd5 [CIFS] Fix warnings from checkpatch
Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-07-24 15:56:05 +00:00
Steve French 63d2583f5a [CIFS] Fix walking out end of cifs dacl
Acked-by: Shirish Pargaonkar <shirishp@us.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-11-05 21:46:10 +00:00
Jeff Layton 745542e210 [CIFS] allow cifs_calc_signature2 to deal with a zero length iovec
Currently, cifs_calc_signature2 errors out if it gets a zero-length
iovec. Fix it to silently continue in that case.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-11-03 04:34:04 +00:00
Cyril Gorcunov 8f2376adfb [CIFS] Fix endian conversion problem in posix mkdir
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-14 17:58:43 +00:00
Steve French 63135e088a [CIFS] More whitespace/formatting fixes (noticed by checkpatch)
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-07-17 17:34:02 +00:00
Steve French 50c2f75388 [CIFS] whitespace/formatting fixes
This should be the last big batch of whitespace/formatting fixes.
checkpatch warnings for the cifs directory are down about 90% and
many of the remaining ones are harder to remove or make the code
harder to read.

Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-07-13 00:33:32 +00:00
Steve French b609f06ac4 [CIFS] Fix packet signatures for NTLMv2 case
Signed-off-by: Yehuda Sadeh Weinraub <Yehuda.Sadeh@expand.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-07-09 07:55:14 +00:00
Steve French ffdd6e4d16 [CIFS] fix whitespace
More whitespace problems found by checkpatch

Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-06-24 21:15:44 +00:00
Steve French 33ec32fae0 [CIFS] Fix NTLMv2 mounts to Windows servers
Windows servers are pickier about NTLMv2 than Samba.
This enables more secure mounts to Windows (not just Samba)
ie when "sec=ntlmv2" is specified on the mount.

Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-12-08 04:14:28 +00:00
Steve French 66abda5e1f [CIFS] Fix oops when negotiating lanman and no password specified
Pointed out by Guenter Kukkukk

Signed-of-by: Steve French <sfrench@us.ibm.com>
(cherry picked from bbf33d512da608c7221fec42b56b9ef89c25a5ee commit)
2006-08-11 21:29:13 +00:00
Steve French 1717ffc588 [CIFS] NTLMv2 support part 5
NTLMv2 authentication (stronger authentication than default NTLM) which
many servers support now works.  There was a problem with the construction
of the security blob in the older code.  Currently requires
	/proc/fs/cifs/Experimental to be set to 2
and
	/proc/fs/cifs/SecurityFlags to be set to 0x4004 (to require using
	NTLMv2 instead of default of NTLM)

Next we will check signing to make sure optional NTLMv2 packet signing also
works.

Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-06-08 05:41:32 +00:00
Steve French a8ee03441f [CIFS] NTLMv2 support part 4
Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-06-05 23:34:19 +00:00
Steve French 6d027cfdb1 [CIFS] NTLMv2 support part 3
Response struct filled in exacty for 16 byte hash which we need to check
more to make sure it works.

Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-06-05 16:26:05 +00:00
Steve French f64b23ae4a [CIFS] NTLMv2 support part 2
Still need to fill in response structure and check that hash works

Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-06-05 05:27:37 +00:00
Steve French bdc4bf6e8a [CIFS] Support for older servers which require plaintext passwords
disabled by default, but can be enabled via proc for servers which
require such support.  Also includes support for setting security
flags for cifs.  See fs/cifs/README

Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-06-02 22:57:13 +00:00
Steve French 7c7b25bc8e [CIFS] Support for setting up SMB sessions to legacy lanman servers part 2 2006-06-01 19:20:10 +00:00
Steve French 3979877e56 [CIFS] Support for setting up SMB sessions to legacy lanman servers 2006-05-31 22:40:51 +00:00
Steve French e9917a000f [CIFS] Incorrect signature sent on SMB Read
Fixes Samba bug 3621 and kernel.org bug 6147

For servers which require SMB/CIFS packet signing, we were sending the
wrong signature (all zeros) on SMB Read request.  The new cifs routine
to do signatures across an iovec was not complete - and SMB Read, unlike
the new SMBWrite2, did not fall back to the older routine (ie use
SendReceive vs. the more efficient SendReceive2 ie used the older
cifs_sign_smb vs. the disabled  cifs_sign_smb2) for calculating signatures.

This finishes up cifs_sign_smb2/cifs_calc_signature2 so that the callers
of SendReceive2 can get SMB/CIFS packet signatures.

Now that cifs_sign_smb2 is supported, we could start using it in
the write path but this smaller fix does not include the change
to use SMBWrite2 when signatures are required (which when enabled
will make more Writes more efficient and alloc less memory).
Currently Write2 is only used when signatures are not
required at the moment but after more testing we will enable
that as well).

Thanks to James Slepicka and Sam Flory for initial investigation.

Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-03-31 21:22:00 +00:00
Steve French 5815449d1b [CIFS] SessionSetup cleanup part 2
The cifs session setup code has three cases, and a fourth for backlevel
LANMAN2 style session setup needed to be added.  This new session setup
implmentation will eventually replace the other three and should be
easier to read while fixing a few minor problems (not setting
the LARGE READ/WRITEX flags when NTLMSSP was negotiated for example) and
adding support for NTLMv2 (which will be added with the next patch. In the
meantime, this code is marked in an CONFIG_CIFS_EXPERIMENTAL block and will
not be turned on by default until it is tested against more server types.

Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-02-14 01:36:20 +00:00
Steve French 12b3b8ffb5 [CIFS] Cleanup NTLMSSP session setup handling
Fix to hash NTLMv2 properly will follow.

Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-02-09 21:12:47 +00:00
Steve French 84afc29b18 [CIFS] Readpages and readir performance improvements - eliminate extra
memcpy.  Part 1

Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-12-02 13:32:45 -08:00
Steve French e89dc92096 [CIFS] Cleanup sparse warnings for unicode little endian casts
Following Shaggy's suggestion, do a better job on the unicode string
handling routines in cifs in specifying that the wchar_t are really
little endian widechars (__le16).

Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-11 15:18:19 -08:00
Steve French ad009ac965 [PATCH] cifs: Fix multiuser packet signing to use the right sequence number and mac session key
Signed-off-by: Steve French (sfrench@us.ibm.com)
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-04-28 22:41:05 -07:00
Linus Torvalds 1da177e4c3 Linux-2.6.12-rc2
Initial git repository build. I'm not bothering with the full history,
even though we have it. We can create a separate "historical" git
archive of that later if we want to, and in the meantime it's about
3.2GB when imported into git - space that would just make the early
git days unnecessarily complicated, when we don't have a lot of good
infrastructure for it.

Let it rip!
2005-04-16 15:20:36 -07:00