@@ -391,7 +391,7 @@ build_avpair_blob(struct cifsSesInfo *ses, const struct nls_table *nls_cp)
* about target string i.e. for some, just user name might suffice.
*/
static int
-find_domain_name(struct cifsSesInfo *ses)
+find_domain_name(struct cifsSesInfo *ses, const struct nls_table *nls_cp)
{
unsigned int attrsize;
unsigned int type;
@@ -420,16 +420,13 @@ find_domain_name(struct cifsSesInfo *ses)
if (!attrsize)
break;
if (!ses->domainName) {
- struct nls_table *default_nls;
ses->domainName =
kmalloc(attrsize + 1, GFP_KERNEL);
if (!ses->domainName)
return -ENOMEM;
- default_nls = load_nls_default();
cifs_from_ucs2(ses->domainName,
(__le16 *)blobptr, attrsize, attrsize,
- default_nls, false);
- unload_nls(default_nls);
+ nls_cp, false);
break;
}
}
@@ -561,7 +558,7 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp)
if (ses->server->secType == RawNTLMSSP) {
if (!ses->domainName) {
- rc = find_domain_name(ses);
+ rc = find_domain_name(ses, nls_cp);
if (rc) {
cERROR(1, "error %d finding domain name", rc);
goto setup_ntlmv2_rsp_ret;
@@ -594,12 +591,14 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp)
memcpy(ses->auth_key.response + baselen, ses->tiblob, ses->tilen);
- /* calculate buf->ntlmv2_hash */
+ /* calculate ntlmv2_hash */
rc = calc_ntlmv2_hash(ses, nls_cp);
if (rc) {
cERROR(1, "could not get v2 hash rc %d", rc);
goto setup_ntlmv2_rsp_ret;
}
+
+ /* calculate first part of the client response (CR1) */
rc = CalcNTLMv2_response(ses);
if (rc) {
cERROR(1, "Could not calculate CR1 rc: %d", rc);
@@ -623,8 +622,6 @@ setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp)
rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
ses->auth_key.response);
- return 0;
-
setup_ntlmv2_rsp_ret:
kfree(ses->tiblob);
ses->tiblob = NULL;
@@ -111,7 +111,7 @@ struct sdesc {
char ctx[];
};
-/* crypto hashing related structure/fields, not speicific to a sec mech */
+/* crypto hashing related structure/fields, not specific to a sec mech */
struct cifs_secmech {
struct crypto_shash *hmacmd5; /* hmac-md5 hash function */
struct crypto_shash *md5; /* md5 hash function */
@@ -1631,7 +1631,7 @@ cifs_get_tcp_session(struct smb_vol *volume_info)
tcp_ses->hostname = extract_hostname(volume_info->UNC);
if (IS_ERR(tcp_ses->hostname)) {
rc = PTR_ERR(tcp_ses->hostname);
- goto out_err2;
+ goto out_err_crypto_release;
}
tcp_ses->noblocksnd = volume_info->noblocksnd;
@@ -1675,7 +1675,7 @@ cifs_get_tcp_session(struct smb_vol *volume_info)
}
if (rc < 0) {
cERROR(1, "Error connecting to socket. Aborting operation");
- goto out_err2;
+ goto out_err_crypto_release;
}
/*
@@ -1689,7 +1689,7 @@ cifs_get_tcp_session(struct smb_vol *volume_info)
rc = PTR_ERR(tcp_ses->tsk);
cERROR(1, "error %d create cifsd thread", rc);
module_put(THIS_MODULE);
- goto out_err2;
+ goto out_err_crypto_release;
}
/* thread spawned, put it on the list */
@@ -1701,7 +1701,7 @@ cifs_get_tcp_session(struct smb_vol *volume_info)
return tcp_ses;
-out_err2:
+out_err_crypto_release:
cifs_crypto_shash_release(tcp_ses);
out_err:
@@ -738,7 +738,7 @@ ssetup_ntlmssp_authenticate:
* assigned, tilen is 0 otherwise.
*/
pSMB->req_no_secext.CaseSensitivePasswordLength =
- cpu_to_le16(ses->auth_key.len);
+ cpu_to_le16(ses->auth_key.len - CIFS_SESS_KEY_SIZE);
if (ses->capabilities & CAP_UNICODE) {
if (iov[0].iov_len % 2) {