Commit 745e507a authored by Steve French's avatar Steve French

Revert "missing changes during ntlmv2/ntlmssp auth and sign"

This reverts commit 3ec6bbcd.

    The change to kernel crypto and fixes to ntlvm2 and ntlmssp
    series, introduced a regression.  Deferring this patch series
    to 2.6.37 after Shirish fixes it.
Signed-off-by: default avatarSteve French <sfrench@us.ibm.com>
Acked-by: default avatarJeff Layton <jlayton@redhat.com>
CC: Shirish Pargaonkar <shirishp@us.ibm.com>
parent 56234e27
...@@ -553,8 +553,6 @@ calc_seckey(struct TCP_Server_Info *server) ...@@ -553,8 +553,6 @@ calc_seckey(struct TCP_Server_Info *server)
return 1; return 1;
} }
desc.tfm = tfm_arc4;
crypto_blkcipher_setkey(tfm_arc4, crypto_blkcipher_setkey(tfm_arc4,
server->session_key.data.ntlmv2.key, CIFS_CPHTXT_SIZE); server->session_key.data.ntlmv2.key, CIFS_CPHTXT_SIZE);
sg_init_one(&sgin, sec_key, CIFS_CPHTXT_SIZE); sg_init_one(&sgin, sec_key, CIFS_CPHTXT_SIZE);
......
...@@ -408,8 +408,6 @@ static int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len, ...@@ -408,8 +408,6 @@ static int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len,
/* BB spec says that if AvId field of MsvAvTimestamp is populated then /* BB spec says that if AvId field of MsvAvTimestamp is populated then
we must set the MIC field of the AUTHENTICATE_MESSAGE */ we must set the MIC field of the AUTHENTICATE_MESSAGE */
ses->server->ntlmssp.server_flags = le32_to_cpu(pblob->NegotiateFlags);
tioffset = cpu_to_le16(pblob->TargetInfoArray.BufferOffset); tioffset = cpu_to_le16(pblob->TargetInfoArray.BufferOffset);
tilen = cpu_to_le16(pblob->TargetInfoArray.Length); tilen = cpu_to_le16(pblob->TargetInfoArray.Length);
ses->server->tilen = tilen; ses->server->tilen = tilen;
...@@ -442,13 +440,12 @@ static void build_ntlmssp_negotiate_blob(unsigned char *pbuffer, ...@@ -442,13 +440,12 @@ static void build_ntlmssp_negotiate_blob(unsigned char *pbuffer,
/* BB is NTLMV2 session security format easier to use here? */ /* BB is NTLMV2 session security format easier to use here? */
flags = NTLMSSP_NEGOTIATE_56 | NTLMSSP_REQUEST_TARGET | flags = NTLMSSP_NEGOTIATE_56 | NTLMSSP_REQUEST_TARGET |
NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE |
NTLMSSP_NEGOTIATE_NTLM; NTLMSSP_NEGOTIATE_NT_ONLY | NTLMSSP_NEGOTIATE_NTLM;
if (ses->server->secMode & if (ses->server->secMode &
(SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) { (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
flags |= NTLMSSP_NEGOTIATE_SIGN | flags |= NTLMSSP_NEGOTIATE_SIGN;
NTLMSSP_NEGOTIATE_KEY_XCH | if (ses->server->secMode & SECMODE_SIGN_REQUIRED)
NTLMSSP_NEGOTIATE_EXTENDED_SEC; flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
}
sec_blob->NegotiateFlags |= cpu_to_le32(flags); sec_blob->NegotiateFlags |= cpu_to_le32(flags);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment