From patchwork Wed Oct 27 16:38:38 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Shirish Pargaonkar X-Patchwork-Id: 286262 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter1.kernel.org (8.14.4/8.14.3) with ESMTP id o9RGhwGv015825 for ; Wed, 27 Oct 2010 16:43:59 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751403Ab0J0Qn5 (ORCPT ); Wed, 27 Oct 2010 12:43:57 -0400 Received: from mail-qw0-f46.google.com ([209.85.216.46]:65290 "EHLO mail-qw0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751213Ab0J0Qn5 (ORCPT ); Wed, 27 Oct 2010 12:43:57 -0400 Received: by qwf7 with SMTP id 7so161492qwf.19 for ; Wed, 27 Oct 2010 09:43:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:cc:subject:date :message-id:x-mailer; bh=jIgdCZ3gNmCP7OmAcFP2kYWegnMuXRlNCNPUfbj2qRQ=; b=nUvWWEOZt1673S7fjqUOlMbjYdqbTled7oA+WOQpb6fwsnPVXGrZFmk6uXyJWHeA2L 1TcYEjBy63kjZWsCxyZb7nnTjKwh8VezKrpoBtCPMIvUrg0M0V50XXmiInroEQ5rAJCQ DADdmDSHqW0AYg1QOwqAD3axW+JZCExzx7WdY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:cc:subject:date:message-id:x-mailer; b=YQW8cYFn0mHIkNyYRduDmmo8CC9Wi9/rBXd8bJOmPRp85C56CPH/2cKM0d5ev6i6Pn LsMsJn/lwVTfPyAHEghsvvi4s9nZ7ddRV47YQGHx08KD6LnhY2Hl2rfeFLTcQFq/1mr9 lp7SWx5g82vlWbzhmJLboO4Va9o2ndQPUnbJw= Received: by 10.229.191.130 with SMTP id dm2mr902635qcb.256.1288197836447; Wed, 27 Oct 2010 09:43:56 -0700 (PDT) Received: from localhost ([32.97.110.58]) by mx.google.com with ESMTPS id mz11sm8793777qcb.15.2010.10.27.09.43.47 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 27 Oct 2010 09:43:48 -0700 (PDT) From: shirishpargaonkar@gmail.com To: smfrench@gmail.com Cc: linux-cifs@vger.kernel.org, Shirish Pargaonkar Subject: [PATCH] [CIFS] NTLM auth and sign - Use appropriate server challenge Date: Wed, 27 Oct 2010 11:38:38 -0500 Message-Id: <1288197518-9117-1-git-send-email-shirishpargaonkar@gmail.com> X-Mailer: git-send-email 1.6.0.2 Sender: linux-cifs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.3 (demeter1.kernel.org [140.211.167.41]); Wed, 27 Oct 2010 16:43:59 +0000 (UTC) diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index 17d603a..10d3d0f 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -249,7 +249,7 @@ int setup_ntlm_response(struct cifsSesInfo *ses) } ses->auth_key.len = temp_len; - SMBNTencrypt(ses->password, ses->cryptKey, + SMBNTencrypt(ses->password, ses->server->cryptKey, ses->auth_key.response + CIFS_SESS_KEY_SIZE); E_md4hash(ses->password, temp_key); @@ -537,8 +537,12 @@ CalcNTLMv2_response(const struct cifsSesInfo *ses) return rc; } - memcpy(ses->auth_key.response + offset, - ses->cryptKey, CIFS_SERVER_CHALLENGE_SIZE); + if (ses->server->secType == RawNTLMSSP) + memcpy(ses->auth_key.response + offset, + ses->cryptKey, CIFS_SERVER_CHALLENGE_SIZE); + else + memcpy(ses->auth_key.response + offset, + ses->server->cryptKey, CIFS_SERVER_CHALLENGE_SIZE); crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash, ses->auth_key.response + offset, ses->auth_key.len - offset); diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 67d6a22..7255657 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -196,6 +196,7 @@ struct TCP_Server_Info { int capabilities; /* allow selective disabling of caps by smb sess */ int timeAdj; /* Adjust for difference in server time zone in sec */ __u16 CurrentMid; /* multiplex id - rotating counter */ + char cryptKey[CIFS_CRYPTO_KEY_SIZE]; /* used by ntlm, ntlmv2 etc */ /* 16th byte of RFC1001 workstation name is always null */ char workstation_RFC1001_name[RFC1001_NAME_LEN_WITH_NULL]; __u32 sequence_number; /* needed for CIFS PDU signature */ @@ -240,7 +241,7 @@ struct cifsSesInfo { char userName[MAX_USERNAME_SIZE + 1]; char *domainName; char *password; - char cryptKey[CIFS_CRYPTO_KEY_SIZE]; + char cryptKey[CIFS_CRYPTO_KEY_SIZE]; /* used by ntlmssp */ struct session_key auth_key; char ntlmv2_hash[16]; unsigned int tilen; /* length of the target info blob */ diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index e98f1f3..a32a42e 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -503,7 +503,7 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) if (rsp->EncryptionKeyLength == cpu_to_le16(CIFS_CRYPTO_KEY_SIZE)) { - memcpy(ses->cryptKey, rsp->EncryptionKey, + memcpy(ses->server->cryptKey, rsp->EncryptionKey, CIFS_CRYPTO_KEY_SIZE); } else if (server->secMode & SECMODE_PW_ENCRYPT) { rc = -EIO; /* need cryptkey unless plain text */ @@ -574,7 +574,7 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) server->timeAdj = (int)(__s16)le16_to_cpu(pSMBr->ServerTimeZone); server->timeAdj *= 60; if (pSMBr->EncryptionKeyLength == CIFS_CRYPTO_KEY_SIZE) { - memcpy(ses->cryptKey, pSMBr->u.EncryptionKey, + memcpy(ses->server->cryptKey, pSMBr->u.EncryptionKey, CIFS_CRYPTO_KEY_SIZE); } else if ((pSMBr->hdr.Flags2 & SMBFLG2_EXT_SEC) && (pSMBr->EncryptionKeyLength == 0)) { diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 469c3dd..f8f1ec6 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -3002,13 +3002,13 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses, #ifdef CONFIG_CIFS_WEAK_PW_HASH if ((global_secflags & CIFSSEC_MAY_LANMAN) && (ses->server->secType == LANMAN)) - calc_lanman_hash(tcon->password, ses->cryptKey, + calc_lanman_hash(tcon->password, ses->server->cryptKey, ses->server->secMode & SECMODE_PW_ENCRYPT ? true : false, bcc_ptr); else #endif /* CIFS_WEAK_PW_HASH */ - SMBNTencrypt(tcon->password, ses->cryptKey, bcc_ptr); + SMBNTencrypt(tcon->password, ses->server->cryptKey, bcc_ptr); bcc_ptr += CIFS_SESS_KEY_SIZE; if (ses->capabilities & CAP_UNICODE) { diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index e0515a6..cbd3bf7 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -667,10 +667,14 @@ ssetup_ntlmssp_authenticate: /* no capabilities flags in old lanman negotiation */ pSMB->old_req.PasswordLength = cpu_to_le16(CIFS_SESS_KEY_SIZE); - /* BB calculate hash with password */ - /* and copy into bcc */ - calc_lanman_hash(ses->password, ses->cryptKey, + /* Calculate hash with password and copy into bcc_ptr. + * Encryption Key (stored as in cryptKey) gets used if the + * security mode bit in Negottiate Protocol response states + * to use challenge/response method (i.e. Password bit is 1). + */ + + calc_lanman_hash(ses->password, ses->server->cryptKey, ses->server->secMode & SECMODE_PW_ENCRYPT ? true : false, lnm_session_key);