diff options
38 files changed, 3440 insertions, 3156 deletions
diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index a9b6bc5157b..6d84ca2beea 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES @@ -1,3 +1,10 @@ +Version 1.50 +------------ +Fix NTLMv2 signing. NFS server mounted over cifs works (if cifs mount is +done with "serverino" mount option). Add support for POSIX Unlink +(helps with certain sharing violation cases when server such as +Samba supports newer POSIX CIFS Protocol Extensions). + Version 1.49 ------------ IPv6 support. Enable ipv6 addresses to be passed on mount (put the ipv6 @@ -8,7 +15,11 @@ when Unix Extensions were ignored). This allows users to override the default uid and gid for files when they are certain that the uids or gids on the server do not match those of the client. Make "sec=none" mount override username (so that null user connection is attempted) -to match what documentation said. +to match what documentation said. Support for very large reads, over 127K, +available to some newer servers (such as Samba 3.0.26 and later but +note that it also requires setting CIFSMaxBufSize at module install +time to a larger value which may hurt performance in some cases). +Make sign option force signing (or fail if server does not support it). Version 1.48 ------------ diff --git a/fs/cifs/README b/fs/cifs/README index 4d01697722c..85f1eb14083 100644 --- a/fs/cifs/README +++ b/fs/cifs/README @@ -301,10 +301,21 @@ A partial list of the supported mount options follows: during the local client kernel build will be used. If server does not support Unicode, this parameter is unused. - rsize default read size (usually 16K) - wsize default write size (usually 16K, 32K is often better over GigE) - maximum wsize currently allowed by CIFS is 57344 (14 4096 byte - pages) + rsize default read size (usually 16K). The client currently + can not use rsize larger than CIFSMaxBufSize. CIFSMaxBufSize + defaults to 16K and may be changed (from 8K to the maximum + kmalloc size allowed by your kernel) at module install time + for cifs.ko. Setting CIFSMaxBufSize to a very large value + will cause cifs to use more memory and may reduce performance + in some cases. To use rsize greater than 127K (the original + cifs protocol maximum) also requires that the server support + a new Unix Capability flag (for very large read) which some + newer servers (e.g. Samba 3.0.26 or later) do. rsize can be + set from a minimum of 2048 to a maximum of 130048 (127K or + CIFSMaxBufSize, whichever is smaller) + wsize default write size (default 57344) + maximum wsize currently allowed by CIFS is 57344 (fourteen + 4096 byte pages) rw mount the network share read-write (note that the server may still consider the share read-only) ro mount network share read-only @@ -359,7 +370,7 @@ A partial list of the supported mount options follows: Note that this does not affect the normal ACL check on the target machine done by the server software (of the server ACL against the user name provided at mount time). - serverino Use servers inode numbers instead of generating automatically + serverino Use server's inode numbers instead of generating automatically incrementing inode numbers on the client. Although this will make it easier to spot hardlinked files (as they will have the same inode numbers) and inode numbers may be persistent, @@ -367,12 +378,11 @@ A partial list of the supported mount options follows: are unique if multiple server side mounts are exported under a single share (since inode numbers on the servers might not be unique if multiple filesystems are mounted under the same - shared higher level directory). Note that this requires that - the server support the CIFS Unix Extensions as other servers - do not return a unique IndexNumber on SMB FindFirst (most - servers return zero as the IndexNumber). Parameter has no - effect to Windows servers and others which do not support the - CIFS Unix Extensions. + shared higher level directory). Note that some older + (e.g. pre-Windows 2000) do not support returning UniqueIDs + or the CIFS Unix Extensions equivalent and for those + this mount option will have no effect. Exporting cifs mounts + under nfsd requires this mount option on the cifs mount. noserverino Client generates inode numbers (rather than using the actual one from the server) by default. setuids If the CIFS Unix extensions are negotiated with the server @@ -582,10 +592,10 @@ the start of smb requests and responses can be enabled via: echo 1 > /proc/fs/cifs/traceSMB -Two other experimental features are under development and to test -require enabling CONFIG_CIFS_EXPERIMENTAL +Two other experimental features are under development. To test these +requires enabling CONFIG_CIFS_EXPERIMENTAL - More efficient write operations + ipv6 enablement DNOTIFY fcntl: needed for support of directory change notification and perhaps later for file leases) diff --git a/fs/cifs/TODO b/fs/cifs/TODO index 78b620e332b..d7bd51575fd 100644 --- a/fs/cifs/TODO +++ b/fs/cifs/TODO @@ -18,9 +18,9 @@ better) d) Kerberos/SPNEGO session setup support - (started) -e) More testing of NTLMv2 authentication (mostly implemented - double check -that NTLMv2 signing works, also need to cleanup now unneeded SessSetup code in -fs/cifs/connect.c) +e) Cleanup now unneeded SessSetup code in +fs/cifs/connect.c and add back in NTLMSSP code if any servers +need it f) MD5-HMAC signing SMB PDUs when SPNEGO style SessionSetup used (Kerberos or NTLMSSP). Signing alreadyimplemented for NTLM @@ -106,6 +106,12 @@ but recognizes them succeed but still return access denied (appears to be Windows server not cifs client problem) and has not been reproduced recently. NTFS partitions do not have this problem. +4) Unix/POSIX capabilities are reset after reconnection, and affect +a few fields in the tree connection but we do do not know which +superblocks to apply these changes to. We should probably walk +the list of superblocks to set these. Also need to check the +flags on the second mount to the same share, and see if we +can do the same trick that NFS does to remount duplicate shares. Misc testing to do ================== diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c index 2e75883b7f5..f50a88d58f7 100644 --- a/fs/cifs/asn1.c +++ b/fs/cifs/asn1.c @@ -1,7 +1,7 @@ -/* +/* * The ASB.1/BER parsing code is derived from ip_nat_snmp_basic.c which was in * turn derived from the gxsnmp package by Gregory McLean & Jochen Friedrich - * + * * Copyright (c) 2000 RP Internet (www.rpi.net.au). * * This program is free software; you can redistribute it and/or modify @@ -80,7 +80,7 @@ static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 }; static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 }; -/* +/* * ASN.1 context. */ struct asn1_ctx { @@ -190,7 +190,7 @@ asn1_header_decode(struct asn1_ctx *ctx, unsigned char **eoc, unsigned int *cls, unsigned int *con, unsigned int *tag) { - unsigned int def = 0; + unsigned int def = 0; unsigned int len = 0; if (!asn1_id_decode(ctx, cls, con, tag)) @@ -331,7 +331,7 @@ static unsigned char asn1_ulong_decode(struct asn1_ctx *ctx, *integer |= ch; } return 1; -} +} static unsigned char asn1_octets_decode(struct asn1_ctx *ctx, @@ -376,7 +376,7 @@ asn1_subid_decode(struct asn1_ctx *ctx, unsigned long *subid) return 1; } -static int +static int asn1_oid_decode(struct asn1_ctx *ctx, unsigned char *eoc, unsigned long **oid, unsigned int *len) { @@ -459,7 +459,7 @@ decode_negTokenInit(unsigned char *security_blob, int length, unsigned int cls, con, tag, oidlen, rc; int use_ntlmssp = FALSE; - *secType = NTLM; /* BB eventually make Kerberos or NLTMSSP the default */ + *secType = NTLM; /* BB eventually make Kerberos or NLTMSSP the default*/ /* cifs_dump_mem(" Received SecBlob ", security_blob, length); */ @@ -498,7 +498,8 @@ decode_negTokenInit(unsigned char *security_blob, int length, return 0; } else if ((cls != ASN1_CTX) || (con != ASN1_CON) || (tag != ASN1_EOC)) { - cFYI(1,("cls = %d con = %d tag = %d end = %p (%d) exit 0", + cFYI(1, + ("cls = %d con = %d tag = %d end = %p (%d) exit 0", cls, con, tag, end, *end)); return 0; } @@ -508,7 +509,8 @@ decode_negTokenInit(unsigned char *security_blob, int length, return 0; } else if ((cls != ASN1_UNI) || (con != ASN1_CON) || (tag != ASN1_SEQ)) { - cFYI(1,("cls = %d con = %d tag = %d end = %p (%d) exit 1", + cFYI(1, + ("cls = %d con = %d tag = %d end = %p (%d) exit 1", cls, con, tag, end, *end)); return 0; } @@ -540,32 +542,34 @@ decode_negTokenInit(unsigned char *security_blob, int length, rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag); if (!rc) { cFYI(1, - ("Error 1 decoding negTokenInit header exit 2")); + ("Error decoding negTokenInit hdr exit2")); return 0; } if ((tag == ASN1_OJI) && (con == ASN1_PRI)) { rc = asn1_oid_decode(&ctx, end, &oid, &oidlen); - if(rc) { + if (rc) { cFYI(1, - ("OID len = %d oid = 0x%lx 0x%lx 0x%lx 0x%lx", - oidlen, *oid, *(oid + 1), *(oid + 2), - *(oid + 3))); - rc = compare_oid(oid, oidlen, NTLMSSP_OID, - NTLMSSP_OID_LEN); + ("OID len = %d oid = 0x%lx 0x%lx " + "0x%lx 0x%lx", + oidlen, *oid, *(oid + 1), + *(oid + 2), *(oid + 3))); + rc = compare_oid(oid, oidlen, + NTLMSSP_OID, NTLMSSP_OID_LEN); kfree(oid); if (rc) use_ntlmssp = TRUE; } } else { - cFYI(1,("This should be an oid what is going on? ")); + cFYI(1, ("Should be an oid what is going on?")); } } if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { cFYI(1, - ("Error decoding last part of negTokenInit exit 3")); + ("Error decoding last part negTokenInit exit3")); return 0; - } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) { /* tag = 3 indicating mechListMIC */ + } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) { + /* tag = 3 indicating mechListMIC */ cFYI(1, ("Exit 4 cls = %d con = %d tag = %d end = %p (%d)", cls, con, tag, end, *end)); @@ -573,7 +577,7 @@ decode_negTokenInit(unsigned char *security_blob, int length, } if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { cFYI(1, - ("Error decoding last part of negTokenInit exit 5")); + ("Error decoding last part negTokenInit exit5")); return 0; } else if ((cls != ASN1_UNI) || (con != ASN1_CON) || (tag != ASN1_SEQ)) { @@ -584,7 +588,7 @@ decode_negTokenInit(unsigned char *security_blob, int length, if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { cFYI(1, - ("Error decoding last part of negTokenInit exit 7")); + ("Error decoding last part negTokenInit exit 7")); return 0; } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) { cFYI(1, @@ -594,20 +598,21 @@ decode_negTokenInit(unsigned char *security_blob, int length, } if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { cFYI(1, - ("Error decoding last part of negTokenInit exit 9")); + ("Error decoding last part negTokenInit exit9")); return 0; } else if ((cls != ASN1_UNI) || (con != ASN1_PRI) || (tag != ASN1_GENSTR)) { cFYI(1, - ("Exit 10 cls = %d con = %d tag = %d end = %p (%d)", + ("Exit10 cls = %d con = %d tag = %d end = %p (%d)", cls, con, tag, end, *end)); return 0; } - cFYI(1, ("Need to call asn1_octets_decode() function for this %s", ctx.pointer)); /* is this UTF-8 or ASCII? */ + cFYI(1, ("Need to call asn1_octets_decode() function for %s", + ctx.pointer)); /* is this UTF-8 or ASCII? */ } - /* if (use_kerberos) - *secType = Kerberos + /* if (use_kerberos) + *secType = Kerberos else */ if (use_ntlmssp) { *secType = NTLMSSP; diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c index 07838b2ac1c..1bf8cf522ad 100644 --- a/fs/cifs/cifs_debug.c +++ b/fs/cifs/cifs_debug.c @@ -58,7 +58,7 @@ cifs_dump_mem(char *label, void *data, int length) } #ifdef CONFIG_CIFS_DEBUG2 -void cifs_dump_detail(struct smb_hdr * smb) +void cifs_dump_detail(struct smb_hdr *smb) { cERROR(1, ("Cmd: %d Err: 0x%x Flags: 0x%x Flgs2: 0x%x Mid: %d Pid: %d", smb->Command, smb->Status.CifsError, @@ -67,10 +67,10 @@ void cifs_dump_detail(struct smb_hdr * smb) } -void cifs_dump_mids(struct TCP_Server_Info * server) +void cifs_dump_mids(struct TCP_Server_Info *server) { struct list_head *tmp; - struct mid_q_entry * mid_entry; + struct mid_q_entry *mid_entry; if (server == NULL) return; @@ -114,12 +114,12 @@ cifs_debug_data_read(char *buf, char **beginBuffer, off_t offset, { struct list_head *tmp; struct list_head *tmp1; - struct mid_q_entry * mid_entry; + struct mid_q_entry *mid_entry; struct cifsSesInfo *ses; struct cifsTconInfo *tcon; int i; int length = 0; - char * original_buf = buf; + char *original_buf = buf; *beginBuffer = buf + offset; @@ -145,7 +145,6 @@ cifs_debug_data_read(char *buf, char **beginBuffer, off_t offset, (ses->serverNOS == NULL)) { buf += sprintf(buf, "\nentry for %s not fully " "displayed\n\t", ses->serverName); - } else { length = sprintf(buf, @@ -901,90 +900,14 @@ security_flags_write(struct file *file, const char __user *buffer, } /* flags look ok - update the global security flags for cifs module */ extended_security = flags; + if (extended_security & CIFSSEC_MUST_SIGN) { + /* requiring signing implies signing is allowed */ + extended_security |= CIFSSEC_MAY_SIGN; + cFYI(1, ("packet signing now required")); + } else if ((extended_security & CIFSSEC_MAY_SIGN) == 0) { + cFYI(1, ("packet signing disabled")); + } + /* BB should we turn on MAY flags for other MUST options? */ return count; } - -/* static int -ntlmv2_enabled_read(char *page, char **start, off_t off, - int count, int *eof, void *data) -{ - int len; - - len = sprintf(page, "%d\n", ntlmv2_support); - - len -= off; - *start = page + off; - - if (len > count) - len = count; - else - *eof = 1; - - if (len < 0) - len = 0; - - return len; -} -static int -ntlmv2_enabled_write(struct file *file, const char __user *buffer, - unsigned long count, void *data) -{ - char c; - int rc; - - rc = get_user(c, buffer); - if (rc) - return rc; - if (c == '0' || c == 'n' || c == 'N') - ntlmv2_support = 0; - else if (c == '1' || c == 'y' || c == 'Y') - ntlmv2_support = 1; - else if (c == '2') - ntlmv2_support = 2; - - return count; -} - -static int -packet_signing_enabled_read(char *page, char **start, off_t off, - int count, int *eof, void *data) -{ - int len; - - len = sprintf(page, "%d\n", sign_CIFS_PDUs); - - len -= off; - *start = page + off; - - if (len > count) - len = count; - else - *eof = 1; - - if (len < 0) - len = 0; - - return len; -} -static int -packet_signing_enabled_write(struct file *file, const char __user *buffer, - unsigned long count, void *data) -{ - char c; - int rc; - - rc = get_user(c, buffer); - if (rc) - return rc; - if (c == '0' || c == 'n' || c == 'N') - sign_CIFS_PDUs = 0; - else if (c == '1' || c == 'y' || c == 'Y') - sign_CIFS_PDUs = 1; - else if (c == '2') - sign_CIFS_PDUs = 2; - - return count; -} */ - - #endif diff --git a/fs/cifs/cifs_fs_sb.h b/fs/cifs/cifs_fs_sb.h index 4cc2012e932..34af556cdd8 100644 --- a/fs/cifs/cifs_fs_sb.h +++ b/fs/cifs/cifs_fs_sb.h @@ -43,6 +43,6 @@ struct cifs_sb_info { mode_t mnt_dir_mode; int mnt_cifs_flags; int prepathlen; - char * prepath; + char *prepath; }; #endif /* _CIFS_FS_SB_H */ diff --git a/fs/cifs/cifs_unicode.c b/fs/cifs/cifs_unicode.c index 701e9a9185f..b5903b89250 100644 --- a/fs/cifs/cifs_unicode.c +++ b/fs/cifs/cifs_unicode.c @@ -66,7 +66,7 @@ cifs_strtoUCS(__le16 * to, const char *from, int len, { int charlen; int i; - wchar_t * wchar_to = (wchar_t *)to; /* needed to quiet sparse */ + wchar_t *wchar_to = (wchar_t *)to; /* needed to quiet sparse */ for (i = 0; len && *from; i++, from += charlen, len -= charlen) { diff --git a/fs/cifs/cifs_unicode.h b/fs/cifs/cifs_unicode.h index 39e5b970325..614c11fcdcb 100644 --- a/fs/cifs/cifs_unicode.h +++ b/fs/cifs/cifs_unicode.h @@ -5,20 +5,20 @@ * Convert a unicode character to upper or lower case using * compressed tables. * - * Copyright (c) International Business Machines Corp., 2000,2005555555555555555555555555555555555555555555555555555555 + * Copyright (c) International Business Machines Corp., 2000,2007 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or + * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See * the GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software + * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * * @@ -70,7 +70,7 @@ int cifs_strtoUCS(__le16 *, const char *, int, const struct nls_table *); * Address of the first string */ static inline wchar_t * -UniStrcat(wchar_t * ucs1, const wchar_t * ucs2) +UniStrcat(wchar_t *ucs1, const wchar_t *ucs2) { wchar_t *anchor = ucs1; /* save a pointer to start of ucs1 */ @@ -88,7 +88,7 @@ UniStrcat(wchar_t * ucs1, const wchar_t * ucs2) * or NULL if the character is not in the string */ static inline wchar_t * -UniStrchr(const wchar_t * ucs, wchar_t uc) +UniStrchr(const wchar_t *ucs, wchar_t uc) { while ((*ucs != uc) && *ucs) ucs++; @@ -107,7 +107,7 @@ UniStrchr(const wchar_t * ucs, wchar_t uc) * > 0: First string is greater than second */ static inline int -UniStrcmp(const wchar_t * ucs1, const wchar_t * ucs2) +UniStrcmp(const wchar_t *ucs1, const wchar_t *ucs2) { while ((*ucs1 == *ucs2) && *ucs1) { ucs1++; @@ -120,7 +120,7 @@ UniStrcmp(const wchar_t * ucs1, const wchar_t * ucs2) * UniStrcpy: Copy a string */ static inline wchar_t * -UniStrcpy(wchar_t * ucs1, const wchar_t * ucs2) +UniStrcpy(wchar_t *ucs1, const wchar_t *ucs2) { wchar_t *anchor = ucs1; /* save the start of result string */ @@ -132,7 +132,7 @@ UniStrcpy(wchar_t * ucs1, const wchar_t * ucs2) * UniStrlen: Return the length of a string (in 16 bit Unicode chars not bytes) */ static inline size_t -UniStrlen(const wchar_t * ucs1) +UniStrlen(const wchar_t *ucs1) { int i = 0; @@ -142,10 +142,11 @@ UniStrlen(const wchar_t * ucs1) } /* - * UniStrnlen: Return the length (in 16 bit Unicode chars not bytes) of a string (length limited) + * UniStrnlen: Return the length (in 16 bit Unicode chars not bytes) of a + * string (length limited) */ static inline size_t -UniStrnlen(const wchar_t * ucs1, int maxlen) +UniStrnlen(const wchar_t *ucs1, int maxlen) { int i = 0; @@ -161,7 +162,7 @@ UniStrnlen(const wchar_t * ucs1, int maxlen) * UniStrncat: Concatenate length limited string */ static inline wchar_t * -UniStrncat(wchar_t * ucs1, const wchar_t * ucs2, size_t n) +UniStrncat(wchar_t *ucs1, const wchar_t *ucs2, size_t n) { wchar_t *anchor = ucs1; /* save pointer to string 1 */ @@ -179,7 +180,7 @@ UniStrncat(wchar_t * ucs1, const wchar_t * ucs2, size_t n) * UniStrncmp: Compare length limited string */ static inline int -UniStrncmp(const wchar_t * ucs1, const wchar_t * ucs2, size_t n) +UniStrncmp(const wchar_t *ucs1, const wchar_t *ucs2, size_t n) { if (!n) return 0; /* Null strings are equal */ @@ -194,7 +195,7 @@ UniStrncmp(const wchar_t * ucs1, const wchar_t * ucs2, size_t n) * UniStrncmp_le: Compare length limited string - native to little-endian */ static inline int -UniStrncmp_le(const wchar_t * ucs1, const wchar_t * ucs2, size_t n) +UniStrncmp_le(const wchar_t *ucs1, const wchar_t *ucs2, size_t n) { if (!n) return 0; /* Null strings are equal */ @@ -209,7 +210,7 @@ UniStrncmp_le(const wchar_t * ucs1, const wchar_t * ucs2, size_t n) * UniStrncpy: Copy length limited string with pad */ static inline wchar_t * -UniStrncpy(wchar_t * ucs1, const wchar_t * ucs2, size_t n) +UniStrncpy(wchar_t *ucs1, const wchar_t *ucs2, size_t n) { wchar_t *anchor = ucs1; @@ -226,7 +227,7 @@ UniStrncpy(wchar_t * ucs1, const wchar_t * ucs2, size_t n) * UniStrncpy_le: Copy length limited string with pad to little-endian */ static inline wchar_t * -UniStrncpy_le(wchar_t * ucs1, const wchar_t * ucs2, size_t n) +UniStrncpy_le(wchar_t *ucs1, const wchar_t *ucs2, size_t n) { wchar_t *anchor = ucs1; @@ -247,7 +248,7 @@ UniStrncpy_le(wchar_t * ucs1, const wchar_t * ucs2, size_t n) * NULL if no matching string is found */ static inline wchar_t * -UniStrstr(const wchar_t * ucs1, const wchar_t * ucs2) +UniStrstr(const wchar_t *ucs1, const wchar_t *ucs2) { const wchar_t *anchor1 = ucs1; const wchar_t *anchor2 = ucs2; @@ -297,7 +298,7 @@ UniToupper(register wchar_t uc) * UniStrupr: Upper case a unicode string */ static inline wchar_t * -UniStrupr(register wchar_t * upin) +UniStrupr(register wchar_t *upin) { register wchar_t *up; @@ -338,7 +339,7 @@ UniTolower(wchar_t uc) * UniStrlwr: Lower case a unicode string */ static inline wchar_t * -UniStrlwr(register wchar_t * upin) +UniStrlwr(register wchar_t *upin) { register wchar_t *up; diff --git a/fs/cifs/cifs_uniupr.h b/fs/cifs/cifs_uniupr.h index da2ad5b451a..18a9d978e51 100644 --- a/fs/cifs/cifs_uniupr.h +++ b/fs/cifs/cifs_uniupr.h @@ -3,16 +3,16 @@ * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or + * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See * the GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software + * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * * uniupr.h - Unicode compressed case ranges @@ -53,7 +53,7 @@ signed char CifsUniUpperTable[512] = { 0, -1, 0, -1, 0, -1, 0, 0, -1, 0, 0, 0, 0, -1, 0, 0, /* 1a0-1af */ -1, 0, 0, 0, -1, 0, -1, 0, 0, -1, 0, 0, 0, -1, 0, 0, /* 1b0-1bf */ 0, 0, 0, 0, 0, -1, -2, 0, -1, -2, 0, -1, -2, 0, -1, 0, /* 1c0-1cf */ - -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, -79, 0, -1, /* 1d0-1df */ + -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, -79, 0, -1, /* 1d0-1df */ 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, 0, -1, /* 1e0-1ef */ 0, 0, -1, -2, 0, -1, 0, 0, 0, -1, 0, -1, 0, -1, 0, -1, /* 1f0-1ff */ }; diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index fdeda519eac..36272293027 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -21,7 +21,7 @@ #include <linux/fs.h> #include "cifspdu.h" -#include "cifsglob.h" +#include "cifsglob.h" #include "cifs_debug.h" #include "md5.h" #include "cifs_unicode.h" @@ -29,54 +29,57 @@ #include <linux/ctype.h> #include <linux/random.h> -/* Calculate and return the CIFS signature based on the mac key and the smb pdu */ +/* Calculate and return the CIFS signature based on the mac key and SMB PDU */ /* the 16 byte signature must be allocated by the caller */ /* Note we only use the 1st eight bytes */ -/* Note that the smb header signature field on input contains the +/* Note that the smb header signature field on input contains the sequence number before this function is called */ extern void mdfour(unsigned char *out, unsigned char *in, int n); extern void E_md4hash(const unsigned char *passwd, unsigned char *p16); extern void SMBencrypt(unsigned char *passwd, unsigned char *c8, - unsigned char *p24); - -static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu, - const char * key, char * signature) + unsigned char *p24); + +static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu, + const struct mac_key *key, char *signature) { struct MD5Context context; - if((cifs_pdu == NULL) || (signature == NULL)) + if ((cifs_pdu == NULL) || (signature == NULL) || (key == NULL)) return -EINVAL; MD5Init(&context); - MD5Update(&context,key,CIFS_SESS_KEY_SIZE+16); - MD5Update(&context,cifs_pdu->Protocol,cifs_pdu->smb_buf_length); - MD5Final(signature,&context); + MD5Update(&context, (char *)&key->data, key->len); + MD5Update(&context, cifs_pdu->Protocol, cifs_pdu->smb_buf_length); + + MD5Final(signature, &context); return 0; } -int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server, - __u32 * pexpected_response_sequence_number) +int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server, + __u32 *pexpected_response_sequence_number) { int rc = 0; char smb_signature[20]; - if((cifs_pdu == NULL) || (server == NULL)) + if ((cifs_pdu == NULL) || (server == NULL)) return -EINVAL; - if((cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) == 0) + if ((cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) == 0) return rc; spin_lock(&GlobalMid_Lock); - cifs_pdu->Signature.Sequence.SequenceNumber = cpu_to_le32(server->sequence_number); + cifs_pdu->Signature.Sequence.SequenceNumber = + cpu_to_le32(server->sequence_number); cifs_pdu->Signature.Sequence.Reserved = 0; - + *pexpected_response_sequence_number = server->sequence_number++; server->sequence_number++; spin_unlock(&GlobalMid_Lock); - rc = cifs_calculate_signature(cifs_pdu, server->mac_signing_key,smb_signature); - if(rc) + rc = cifs_calculate_signature(cifs_pdu, &server->mac_signing_key, + smb_signature); + if (rc) memset(cifs_pdu->Signature.SecuritySignature, 0, 8); else memcpy(cifs_pdu->Signature.SecuritySignature, smb_signature, 8); @@ -84,115 +87,119 @@ int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server, return rc; } -static int cifs_calc_signature2(const struct kvec * iov, int n_vec, - const char * key, char * signature) +static int cifs_calc_signature2(const struct kvec *iov, int n_vec, + const struct mac_key *key, char *signature) { |