summaryrefslogtreecommitdiff
path: root/fs/cifs/connect.c
diff options
context:
space:
mode:
authorShirish Pargaonkar <shirishpargaonkar@gmail.com>2010-10-21 06:42:55 -0500
committerSteve French <sfrench@us.ibm.com>2010-10-26 18:20:10 +0000
commit21e733930be6458e0c33482b6783e7c15ba984eb (patch)
tree1458ccf45529649267451a7e06fcd25d9c7ab0ac /fs/cifs/connect.c
parent6573e9b73e19c0f6b9dfa2b399267ea0f42d6c6b (diff)
downloadlwn-21e733930be6458e0c33482b6783e7c15ba984eb.tar.gz
lwn-21e733930be6458e0c33482b6783e7c15ba984eb.zip
NTLM auth and sign - Allocate session key/client response dynamically
Start calculating auth response within a session. Move/Add pertinet data structures like session key, server challenge and ntlmv2_hash in a session structure. We should do the calculations within a session before copying session key and response over to server data structures because a session setup can fail. Only after a very first smb session succeeds, it copy/make its session key, session key of smb connection. This key stays with the smb connection throughout its life. sequence_number within server is set to 0x2. The authentication Message Authentication Key (mak) which consists of session key followed by client response within structure session_key is now dynamic. Every authentication type allocates the key + response sized memory within its session structure and later either assigns or frees it once the client response is sent and if session's session key becomes connetion's session key. ntlm/ntlmi authentication functions are rearranged. A function named setup_ntlm_resp(), similar to setup_ntlmv2_resp(), replaces function cifs_calculate_session_key(). size of CIFS_SESS_KEY_SIZE is changed to 16, to reflect the byte size of the key it holds. Reviewed-by: Jeff Layton <jlayton@samba.org> Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/connect.c')
-rw-r--r--fs/cifs/connect.c18
1 files changed, 15 insertions, 3 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 7e73176acb58..c5807d39dced 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -175,6 +175,9 @@ cifs_reconnect(struct TCP_Server_Info *server)
}
server->sequence_number = 0;
server->session_estab = false;
+ kfree(server->session_key.response);
+ server->session_key.response = NULL;
+ server->session_key.len = 0;
spin_lock(&GlobalMid_Lock);
list_for_each(tmp, &server->pending_mid_q) {
@@ -1562,6 +1565,10 @@ cifs_put_tcp_session(struct TCP_Server_Info *server)
cifs_fscache_release_client_cookie(server);
+ kfree(server->session_key.response);
+ server->session_key.response = NULL;
+ server->session_key.len = 0;
+
task = xchg(&server->tsk, NULL);
if (task)
force_sig(SIGKILL, task);
@@ -3178,10 +3185,11 @@ int cifs_setup_session(unsigned int xid, struct cifsSesInfo *ses,
} else {
mutex_lock(&ses->server->srv_mutex);
if (!server->session_estab) {
- memcpy(&server->session_key.data,
- &ses->auth_key.data, ses->auth_key.len);
+ server->session_key.response = ses->auth_key.response;
server->session_key.len = ses->auth_key.len;
- ses->server->session_estab = true;
+ server->sequence_number = 0x2;
+ server->session_estab = true;
+ ses->auth_key.response = NULL;
}
mutex_unlock(&server->srv_mutex);
@@ -3192,6 +3200,10 @@ int cifs_setup_session(unsigned int xid, struct cifsSesInfo *ses,
spin_unlock(&GlobalMid_Lock);
}
+ kfree(ses->auth_key.response);
+ ses->auth_key.response = NULL;
+ ses->auth_key.len = 0;
+
return rc;
}