Loading fs/cifs/cifs_debug.c +2 −2 Original line number Diff line number Diff line Loading @@ -508,7 +508,7 @@ cifs_proc_init(void) pde->write_proc = multiuser_mount_write; pde = create_proc_read_entry("ExtendedSecurity", 0, proc_fs_cifs, create_proc_read_entry("SecurityFlags", 0, proc_fs_cifs, extended_security_read, NULL); if (pde) pde->write_proc = extended_security_write; Loading Loading @@ -547,7 +547,7 @@ cifs_proc_clean(void) remove_proc_entry("MultiuserMount", proc_fs_cifs); remove_proc_entry("OplockEnabled", proc_fs_cifs); /* remove_proc_entry("NTLMV2Enabled",proc_fs_cifs); */ remove_proc_entry("ExtendedSecurity",proc_fs_cifs); remove_proc_entry("SecurityFlags",proc_fs_cifs); /* remove_proc_entry("PacketSigningEnabled",proc_fs_cifs); */ remove_proc_entry("LinuxExtensionsEnabled",proc_fs_cifs); remove_proc_entry("Experimental",proc_fs_cifs); Loading fs/cifs/cifsencrypt.c +37 −3 Original line number Diff line number Diff line Loading @@ -26,6 +26,7 @@ #include "md5.h" #include "cifs_unicode.h" #include "cifsproto.h" #include <linux/ctype.h> /* Calculate and return the CIFS signature based on the mac key and the smb pdu */ /* the 16 byte signature must be allocated by the caller */ Loading @@ -35,6 +36,8 @@ extern void mdfour(unsigned char *out, unsigned char *in, int n); extern void E_md4hash(const unsigned char *passwd, unsigned char *p16); extern void SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24); static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu, const char * key, char * signature) Loading @@ -45,7 +48,7 @@ static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu, return -EINVAL; MD5Init(&context); MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16); MD5Update(&context,key,CIFS_SESS_KEY_SIZE+16); MD5Update(&context,cifs_pdu->Protocol,cifs_pdu->smb_buf_length); MD5Final(signature,&context); return 0; Loading Loading @@ -90,7 +93,7 @@ static int cifs_calc_signature2(const struct kvec * iov, int n_vec, return -EINVAL; MD5Init(&context); MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16); MD5Update(&context,key,CIFS_SESS_KEY_SIZE+16); for(i=0;i<n_vec;i++) { if(iov[i].iov_base == NULL) { cERROR(1,("null iovec entry")); Loading Loading @@ -204,7 +207,7 @@ int cifs_calculate_mac_key(char * key, const char * rn, const char * password) E_md4hash(password, temp_key); mdfour(key,temp_key,16); memcpy(key+16,rn, CIFS_SESSION_KEY_SIZE); memcpy(key+16,rn, CIFS_SESS_KEY_SIZE); return 0; } Loading Loading @@ -261,6 +264,37 @@ int CalcNTLMv2_partial_mac_key(struct cifsSesInfo * ses, struct nls_table * nls_ kfree(unicode_buf); return 0; } #ifdef CONFIG_CIFS_WEAK_PW_HASH void calc_lanman_hash(struct cifsSesInfo * ses, char * lnm_session_key) { int i; char password_with_pad[CIFS_ENCPWD_SIZE]; memset(password_with_pad, 0, CIFS_ENCPWD_SIZE); strncpy(password_with_pad, ses->password, CIFS_ENCPWD_SIZE); /* calculate old style session key */ /* calling toupper is less broken than repeatedly calling nls_toupper would be since that will never work for UTF8, but neither handles multibyte code pages but the only alternative would be converting to UCS-16 (Unicode) (using a routine something like UniStrupr) then uppercasing and then converting back from Unicode - which would only worth doing it if we knew it were utf8. Basically utf8 and other multibyte codepages each need their own strupper function since a byte at a time will ont work. */ for(i = 0; i < CIFS_ENCPWD_SIZE; i++) { password_with_pad[i] = toupper(password_with_pad[i]); } SMBencrypt(password_with_pad, ses->server->cryptKey, lnm_session_key); /* clear password before we return/free memory */ memset(password_with_pad, 0, CIFS_ENCPWD_SIZE); } #endif /* CIFS_WEAK_PW_HASH */ void CalcNTLMv2_response(const struct cifsSesInfo * ses,char * v2_session_response) { struct HMACMD5Context context; Loading fs/cifs/cifsglob.h +1 −1 Original line number Diff line number Diff line Loading @@ -158,7 +158,7 @@ struct TCP_Server_Info { /* 16th byte of RFC1001 workstation name is always null */ char workstation_RFC1001_name[SERVER_NAME_LEN_WITH_NULL]; __u32 sequence_number; /* needed for CIFS PDU signature */ char mac_signing_key[CIFS_SESSION_KEY_SIZE + 16]; char mac_signing_key[CIFS_SESS_KEY_SIZE + 16]; }; /* Loading fs/cifs/cifspdu.h +2 −1 Original line number Diff line number Diff line Loading @@ -116,7 +116,8 @@ /* * Size of the session key (crypto key encrypted with the password */ #define CIFS_SESSION_KEY_SIZE (24) #define CIFS_SESS_KEY_SIZE (24) #define V2_SESS_KEY_SIZE (86) /* * Maximum user name length Loading fs/cifs/cifsproto.h +3 −0 Original line number Diff line number Diff line Loading @@ -287,6 +287,9 @@ extern int cifs_verify_signature(struct smb_hdr *, const char * mac_key, extern int cifs_calculate_mac_key(char * key,const char * rn,const char * pass); extern int CalcNTLMv2_partial_mac_key(struct cifsSesInfo *, struct nls_table *); extern void CalcNTLMv2_response(const struct cifsSesInfo *,char * ); #ifdef CONFIG_CIFS_WEAK_PW_HASH extern void calc_lanman_hash(struct cifsSesInfo * ses, char * lnm_session_key); #endif /* CIFS_WEAK_PW_HASH */ extern int CIFSSMBCopy(int xid, struct cifsTconInfo *source_tcon, const char *fromName, Loading Loading
fs/cifs/cifs_debug.c +2 −2 Original line number Diff line number Diff line Loading @@ -508,7 +508,7 @@ cifs_proc_init(void) pde->write_proc = multiuser_mount_write; pde = create_proc_read_entry("ExtendedSecurity", 0, proc_fs_cifs, create_proc_read_entry("SecurityFlags", 0, proc_fs_cifs, extended_security_read, NULL); if (pde) pde->write_proc = extended_security_write; Loading Loading @@ -547,7 +547,7 @@ cifs_proc_clean(void) remove_proc_entry("MultiuserMount", proc_fs_cifs); remove_proc_entry("OplockEnabled", proc_fs_cifs); /* remove_proc_entry("NTLMV2Enabled",proc_fs_cifs); */ remove_proc_entry("ExtendedSecurity",proc_fs_cifs); remove_proc_entry("SecurityFlags",proc_fs_cifs); /* remove_proc_entry("PacketSigningEnabled",proc_fs_cifs); */ remove_proc_entry("LinuxExtensionsEnabled",proc_fs_cifs); remove_proc_entry("Experimental",proc_fs_cifs); Loading
fs/cifs/cifsencrypt.c +37 −3 Original line number Diff line number Diff line Loading @@ -26,6 +26,7 @@ #include "md5.h" #include "cifs_unicode.h" #include "cifsproto.h" #include <linux/ctype.h> /* Calculate and return the CIFS signature based on the mac key and the smb pdu */ /* the 16 byte signature must be allocated by the caller */ Loading @@ -35,6 +36,8 @@ extern void mdfour(unsigned char *out, unsigned char *in, int n); extern void E_md4hash(const unsigned char *passwd, unsigned char *p16); extern void SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24); static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu, const char * key, char * signature) Loading @@ -45,7 +48,7 @@ static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu, return -EINVAL; MD5Init(&context); MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16); MD5Update(&context,key,CIFS_SESS_KEY_SIZE+16); MD5Update(&context,cifs_pdu->Protocol,cifs_pdu->smb_buf_length); MD5Final(signature,&context); return 0; Loading Loading @@ -90,7 +93,7 @@ static int cifs_calc_signature2(const struct kvec * iov, int n_vec, return -EINVAL; MD5Init(&context); MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16); MD5Update(&context,key,CIFS_SESS_KEY_SIZE+16); for(i=0;i<n_vec;i++) { if(iov[i].iov_base == NULL) { cERROR(1,("null iovec entry")); Loading Loading @@ -204,7 +207,7 @@ int cifs_calculate_mac_key(char * key, const char * rn, const char * password) E_md4hash(password, temp_key); mdfour(key,temp_key,16); memcpy(key+16,rn, CIFS_SESSION_KEY_SIZE); memcpy(key+16,rn, CIFS_SESS_KEY_SIZE); return 0; } Loading Loading @@ -261,6 +264,37 @@ int CalcNTLMv2_partial_mac_key(struct cifsSesInfo * ses, struct nls_table * nls_ kfree(unicode_buf); return 0; } #ifdef CONFIG_CIFS_WEAK_PW_HASH void calc_lanman_hash(struct cifsSesInfo * ses, char * lnm_session_key) { int i; char password_with_pad[CIFS_ENCPWD_SIZE]; memset(password_with_pad, 0, CIFS_ENCPWD_SIZE); strncpy(password_with_pad, ses->password, CIFS_ENCPWD_SIZE); /* calculate old style session key */ /* calling toupper is less broken than repeatedly calling nls_toupper would be since that will never work for UTF8, but neither handles multibyte code pages but the only alternative would be converting to UCS-16 (Unicode) (using a routine something like UniStrupr) then uppercasing and then converting back from Unicode - which would only worth doing it if we knew it were utf8. Basically utf8 and other multibyte codepages each need their own strupper function since a byte at a time will ont work. */ for(i = 0; i < CIFS_ENCPWD_SIZE; i++) { password_with_pad[i] = toupper(password_with_pad[i]); } SMBencrypt(password_with_pad, ses->server->cryptKey, lnm_session_key); /* clear password before we return/free memory */ memset(password_with_pad, 0, CIFS_ENCPWD_SIZE); } #endif /* CIFS_WEAK_PW_HASH */ void CalcNTLMv2_response(const struct cifsSesInfo * ses,char * v2_session_response) { struct HMACMD5Context context; Loading
fs/cifs/cifsglob.h +1 −1 Original line number Diff line number Diff line Loading @@ -158,7 +158,7 @@ struct TCP_Server_Info { /* 16th byte of RFC1001 workstation name is always null */ char workstation_RFC1001_name[SERVER_NAME_LEN_WITH_NULL]; __u32 sequence_number; /* needed for CIFS PDU signature */ char mac_signing_key[CIFS_SESSION_KEY_SIZE + 16]; char mac_signing_key[CIFS_SESS_KEY_SIZE + 16]; }; /* Loading
fs/cifs/cifspdu.h +2 −1 Original line number Diff line number Diff line Loading @@ -116,7 +116,8 @@ /* * Size of the session key (crypto key encrypted with the password */ #define CIFS_SESSION_KEY_SIZE (24) #define CIFS_SESS_KEY_SIZE (24) #define V2_SESS_KEY_SIZE (86) /* * Maximum user name length Loading
fs/cifs/cifsproto.h +3 −0 Original line number Diff line number Diff line Loading @@ -287,6 +287,9 @@ extern int cifs_verify_signature(struct smb_hdr *, const char * mac_key, extern int cifs_calculate_mac_key(char * key,const char * rn,const char * pass); extern int CalcNTLMv2_partial_mac_key(struct cifsSesInfo *, struct nls_table *); extern void CalcNTLMv2_response(const struct cifsSesInfo *,char * ); #ifdef CONFIG_CIFS_WEAK_PW_HASH extern void calc_lanman_hash(struct cifsSesInfo * ses, char * lnm_session_key); #endif /* CIFS_WEAK_PW_HASH */ extern int CIFSSMBCopy(int xid, struct cifsTconInfo *source_tcon, const char *fromName, Loading
