@@ -22,7 +22,9 @@
#include <linux/random.h>
#include <linux/highmem.h>
#include <linux/fips.h>
+#ifdef CRYPTO_ARC4
#include <crypto/arc4.h>
+#endif
#include <crypto/aead.h>
int __cifs_calc_signature(struct smb_rqst *rqst,
@@ -682,6 +684,13 @@ setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp)
return rc;
}
+#ifndef CRYPTO_ARC4
+int
+calc_seckey(struct cifs_ses *ses)
+{
+ return -ENODEV;
+}
+#else
int
calc_seckey(struct cifs_ses *ses)
{
@@ -712,6 +721,7 @@ calc_seckey(struct cifs_ses *ses)
kfree_sensitive(ctx_arc4);
return 0;
}
+#endif
void
cifs_crypto_secmech_release(struct TCP_Server_Info *server)
@@ -622,9 +622,10 @@ void build_ntlmssp_negotiate_blob(unsigned char *pbuffer,
NTLMSSP_NEGOTIATE_SEAL;
if (server->sign)
flags |= NTLMSSP_NEGOTIATE_SIGN;
+#ifdef CRYPTO_ARC4
if (!server->session_estab || ses->ntlmssp->sesskey_per_smbsess)
flags |= NTLMSSP_NEGOTIATE_KEY_XCH;
-
+#endif
sec_blob->NegotiateFlags = cpu_to_le32(flags);
sec_blob->WorkstationName.BufferOffset = 0;
@@ -690,9 +691,10 @@ int build_ntlmssp_auth_blob(unsigned char **pbuffer,
NTLMSSP_NEGOTIATE_SEAL;
if (ses->server->sign)
flags |= NTLMSSP_NEGOTIATE_SIGN;
+#ifdef CRYPTO_ARC4
if (!ses->server->session_estab || ses->ntlmssp->sesskey_per_smbsess)
flags |= NTLMSSP_NEGOTIATE_KEY_XCH;
-
+#endif
tmp = *pbuffer + sizeof(AUTHENTICATE_MESSAGE);
sec_blob->NegotiateFlags = cpu_to_le32(flags);
This allows to build cifs.ko when ARC4 is not available. It comes with the drawback that key-exchange is no longer negotiated. Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> --- fs/cifs/cifsencrypt.c | 10 ++++++++++ fs/cifs/sess.c | 6 ++++-- 2 files changed, 14 insertions(+), 2 deletions(-)