Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
linux
Commits
e14b2fe1
Commit
e14b2fe1
authored
May 01, 2009
by
Steve French
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[CIFS] Add remaining ntlmssp flags and standardize field names
Signed-off-by:
Steve French
<
sfrench@us.ibm.com
>
parent
cf398e3a
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
57 additions
and
41 deletions
+57
-41
fs/cifs/connect.c
fs/cifs/connect.c
+15
-15
fs/cifs/ntlmssp.h
fs/cifs/ntlmssp.h
+42
-26
No files found.
fs/cifs/connect.c
View file @
e14b2fe1
...
@@ -2686,13 +2686,13 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
...
@@ -2686,13 +2686,13 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
/* setup pointers to domain name and workstation name */
/* setup pointers to domain name and workstation name */
bcc_ptr
+=
SecurityBlobLength
;
bcc_ptr
+=
SecurityBlobLength
;
SecurityBlob
->
WorkstationName
.
Buffer
=
0
;
SecurityBlob
->
WorkstationName
.
Buffer
Offset
=
0
;
SecurityBlob
->
WorkstationName
.
Length
=
0
;
SecurityBlob
->
WorkstationName
.
Length
=
0
;
SecurityBlob
->
WorkstationName
.
MaximumLength
=
0
;
SecurityBlob
->
WorkstationName
.
MaximumLength
=
0
;
/* Domain not sent on first Sesssetup in NTLMSSP, instead it is sent
/* Domain not sent on first Sesssetup in NTLMSSP, instead it is sent
along with username on auth request (ie the response to challenge) */
along with username on auth request (ie the response to challenge) */
SecurityBlob
->
DomainName
.
Buffer
=
0
;
SecurityBlob
->
DomainName
.
Buffer
Offset
=
0
;
SecurityBlob
->
DomainName
.
Length
=
0
;
SecurityBlob
->
DomainName
.
Length
=
0
;
SecurityBlob
->
DomainName
.
MaximumLength
=
0
;
SecurityBlob
->
DomainName
.
MaximumLength
=
0
;
if
(
ses
->
capabilities
&
CAP_UNICODE
)
{
if
(
ses
->
capabilities
&
CAP_UNICODE
)
{
...
@@ -3020,30 +3020,30 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
...
@@ -3020,30 +3020,30 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
/* setup pointers to domain name and workstation name */
/* setup pointers to domain name and workstation name */
SecurityBlob
->
WorkstationName
.
Buffer
=
0
;
SecurityBlob
->
WorkstationName
.
Buffer
Offset
=
0
;
SecurityBlob
->
WorkstationName
.
Length
=
0
;
SecurityBlob
->
WorkstationName
.
Length
=
0
;
SecurityBlob
->
WorkstationName
.
MaximumLength
=
0
;
SecurityBlob
->
WorkstationName
.
MaximumLength
=
0
;
SecurityBlob
->
SessionKey
.
Length
=
0
;
SecurityBlob
->
SessionKey
.
Length
=
0
;
SecurityBlob
->
SessionKey
.
MaximumLength
=
0
;
SecurityBlob
->
SessionKey
.
MaximumLength
=
0
;
SecurityBlob
->
SessionKey
.
Buffer
=
0
;
SecurityBlob
->
SessionKey
.
Buffer
Offset
=
0
;
SecurityBlob
->
LmChallengeResponse
.
Length
=
0
;
SecurityBlob
->
LmChallengeResponse
.
Length
=
0
;
SecurityBlob
->
LmChallengeResponse
.
MaximumLength
=
0
;
SecurityBlob
->
LmChallengeResponse
.
MaximumLength
=
0
;
SecurityBlob
->
LmChallengeResponse
.
Buffer
=
0
;
SecurityBlob
->
LmChallengeResponse
.
Buffer
Offset
=
0
;
SecurityBlob
->
NtChallengeResponse
.
Length
=
SecurityBlob
->
NtChallengeResponse
.
Length
=
cpu_to_le16
(
CIFS_SESS_KEY_SIZE
);
cpu_to_le16
(
CIFS_SESS_KEY_SIZE
);
SecurityBlob
->
NtChallengeResponse
.
MaximumLength
=
SecurityBlob
->
NtChallengeResponse
.
MaximumLength
=
cpu_to_le16
(
CIFS_SESS_KEY_SIZE
);
cpu_to_le16
(
CIFS_SESS_KEY_SIZE
);
memcpy
(
bcc_ptr
,
ntlm_session_key
,
CIFS_SESS_KEY_SIZE
);
memcpy
(
bcc_ptr
,
ntlm_session_key
,
CIFS_SESS_KEY_SIZE
);
SecurityBlob
->
NtChallengeResponse
.
Buffer
=
SecurityBlob
->
NtChallengeResponse
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
cpu_to_le32
(
SecurityBlobLength
);
SecurityBlobLength
+=
CIFS_SESS_KEY_SIZE
;
SecurityBlobLength
+=
CIFS_SESS_KEY_SIZE
;
bcc_ptr
+=
CIFS_SESS_KEY_SIZE
;
bcc_ptr
+=
CIFS_SESS_KEY_SIZE
;
if
(
ses
->
capabilities
&
CAP_UNICODE
)
{
if
(
ses
->
capabilities
&
CAP_UNICODE
)
{
if
(
domain
==
NULL
)
{
if
(
domain
==
NULL
)
{
SecurityBlob
->
DomainName
.
Buffer
=
0
;
SecurityBlob
->
DomainName
.
Buffer
Offset
=
0
;
SecurityBlob
->
DomainName
.
Length
=
0
;
SecurityBlob
->
DomainName
.
Length
=
0
;
SecurityBlob
->
DomainName
.
MaximumLength
=
0
;
SecurityBlob
->
DomainName
.
MaximumLength
=
0
;
}
else
{
}
else
{
...
@@ -3052,14 +3052,14 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
...
@@ -3052,14 +3052,14 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
ln
*=
2
;
ln
*=
2
;
SecurityBlob
->
DomainName
.
MaximumLength
=
SecurityBlob
->
DomainName
.
MaximumLength
=
cpu_to_le16
(
ln
);
cpu_to_le16
(
ln
);
SecurityBlob
->
DomainName
.
Buffer
=
SecurityBlob
->
DomainName
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
cpu_to_le32
(
SecurityBlobLength
);
bcc_ptr
+=
ln
;
bcc_ptr
+=
ln
;
SecurityBlobLength
+=
ln
;
SecurityBlobLength
+=
ln
;
SecurityBlob
->
DomainName
.
Length
=
cpu_to_le16
(
ln
);
SecurityBlob
->
DomainName
.
Length
=
cpu_to_le16
(
ln
);
}
}
if
(
user
==
NULL
)
{
if
(
user
==
NULL
)
{
SecurityBlob
->
UserName
.
Buffer
=
0
;
SecurityBlob
->
UserName
.
Buffer
Offset
=
0
;
SecurityBlob
->
UserName
.
Length
=
0
;
SecurityBlob
->
UserName
.
Length
=
0
;
SecurityBlob
->
UserName
.
MaximumLength
=
0
;
SecurityBlob
->
UserName
.
MaximumLength
=
0
;
}
else
{
}
else
{
...
@@ -3068,7 +3068,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
...
@@ -3068,7 +3068,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
ln
*=
2
;
ln
*=
2
;
SecurityBlob
->
UserName
.
MaximumLength
=
SecurityBlob
->
UserName
.
MaximumLength
=
cpu_to_le16
(
ln
);
cpu_to_le16
(
ln
);
SecurityBlob
->
UserName
.
Buffer
=
SecurityBlob
->
UserName
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
cpu_to_le32
(
SecurityBlobLength
);
bcc_ptr
+=
ln
;
bcc_ptr
+=
ln
;
SecurityBlobLength
+=
ln
;
SecurityBlobLength
+=
ln
;
...
@@ -3080,7 +3080,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
...
@@ -3080,7 +3080,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
SecurityBlob->WorkstationName.Length *= 2;
SecurityBlob->WorkstationName.Length *= 2;
SecurityBlob->WorkstationName.MaximumLength =
SecurityBlob->WorkstationName.MaximumLength =
cpu_to_le16(SecurityBlob->WorkstationName.Length);
cpu_to_le16(SecurityBlob->WorkstationName.Length);
SecurityBlob->WorkstationName.Buffer =
SecurityBlob->WorkstationName.Buffer
Offset
=
cpu_to_le32(SecurityBlobLength);
cpu_to_le32(SecurityBlobLength);
bcc_ptr += SecurityBlob->WorkstationName.Length;
bcc_ptr += SecurityBlob->WorkstationName.Length;
SecurityBlobLength += SecurityBlob->WorkstationName.Length;
SecurityBlobLength += SecurityBlob->WorkstationName.Length;
...
@@ -3112,7 +3112,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
...
@@ -3112,7 +3112,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
bcc_ptr
+=
2
;
/* null domain */
bcc_ptr
+=
2
;
/* null domain */
}
else
{
/* ASCII */
}
else
{
/* ASCII */
if
(
domain
==
NULL
)
{
if
(
domain
==
NULL
)
{
SecurityBlob
->
DomainName
.
Buffer
=
0
;
SecurityBlob
->
DomainName
.
Buffer
Offset
=
0
;
SecurityBlob
->
DomainName
.
Length
=
0
;
SecurityBlob
->
DomainName
.
Length
=
0
;
SecurityBlob
->
DomainName
.
MaximumLength
=
0
;
SecurityBlob
->
DomainName
.
MaximumLength
=
0
;
}
else
{
}
else
{
...
@@ -3122,14 +3122,14 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
...
@@ -3122,14 +3122,14 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
ln
=
strnlen
(
domain
,
64
);
ln
=
strnlen
(
domain
,
64
);
SecurityBlob
->
DomainName
.
MaximumLength
=
SecurityBlob
->
DomainName
.
MaximumLength
=
cpu_to_le16
(
ln
);
cpu_to_le16
(
ln
);
SecurityBlob
->
DomainName
.
Buffer
=
SecurityBlob
->
DomainName
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
cpu_to_le32
(
SecurityBlobLength
);
bcc_ptr
+=
ln
;
bcc_ptr
+=
ln
;
SecurityBlobLength
+=
ln
;
SecurityBlobLength
+=
ln
;
SecurityBlob
->
DomainName
.
Length
=
cpu_to_le16
(
ln
);
SecurityBlob
->
DomainName
.
Length
=
cpu_to_le16
(
ln
);
}
}
if
(
user
==
NULL
)
{
if
(
user
==
NULL
)
{
SecurityBlob
->
UserName
.
Buffer
=
0
;
SecurityBlob
->
UserName
.
Buffer
Offset
=
0
;
SecurityBlob
->
UserName
.
Length
=
0
;
SecurityBlob
->
UserName
.
Length
=
0
;
SecurityBlob
->
UserName
.
MaximumLength
=
0
;
SecurityBlob
->
UserName
.
MaximumLength
=
0
;
}
else
{
}
else
{
...
@@ -3137,7 +3137,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
...
@@ -3137,7 +3137,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
strncpy
(
bcc_ptr
,
user
,
63
);
strncpy
(
bcc_ptr
,
user
,
63
);
ln
=
strnlen
(
user
,
64
);
ln
=
strnlen
(
user
,
64
);
SecurityBlob
->
UserName
.
MaximumLength
=
cpu_to_le16
(
ln
);
SecurityBlob
->
UserName
.
MaximumLength
=
cpu_to_le16
(
ln
);
SecurityBlob
->
UserName
.
Buffer
=
SecurityBlob
->
UserName
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
cpu_to_le32
(
SecurityBlobLength
);
bcc_ptr
+=
ln
;
bcc_ptr
+=
ln
;
SecurityBlobLength
+=
ln
;
SecurityBlobLength
+=
ln
;
...
...
fs/cifs/ntlmssp.h
View file @
e14b2fe1
...
@@ -27,29 +27,39 @@
...
@@ -27,29 +27,39 @@
#define UnknownMessage cpu_to_le32(8)
#define UnknownMessage cpu_to_le32(8)
/* Negotiate Flags */
/* Negotiate Flags */
#define NTLMSSP_NEGOTIATE_UNICODE 0x01
/* Text strings are in unicode */
#define NTLMSSP_NEGOTIATE_UNICODE 0x01
/* Text strings are unicode */
#define NTLMSSP_NEGOTIATE_OEM 0x02
/* Text strings are in OEM */
#define NTLMSSP_NEGOTIATE_OEM 0x02
/* Text strings are in OEM */
#define NTLMSSP_REQUEST_TARGET 0x04
/* Server return its auth realm */
#define NTLMSSP_REQUEST_TARGET 0x04
/* Srv returns its auth realm */
#define NTLMSSP_NEGOTIATE_SIGN 0x0010
/* Request signature capability */
/* define reserved9 0x08 */
#define NTLMSSP_NEGOTIATE_SEAL 0x0020
/* Request confidentiality */
#define NTLMSSP_NEGOTIATE_SIGN 0x0010
/* Request signing capability */
#define NTLMSSP_NEGOTIATE_DGRAM 0x0040
#define NTLMSSP_NEGOTIATE_SEAL 0x0020
/* Request confidentiality */
#define NTLMSSP_NEGOTIATE_LM_KEY 0x0080
/* Sign/seal use LM session key */
#define NTLMSSP_NEGOTIATE_DGRAM 0x0040
#define NTLMSSP_NEGOTIATE_NTLM 0x0200
/* NTLM authentication */
#define NTLMSSP_NEGOTIATE_LM_KEY 0x0080
/* Use LM session key */
#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x1000
/* defined reserved 8 0x0100 */
#define NTLMSSP_NEGOTIATE_NTLM 0x0200
/* NTLM authentication */
#define NTLMSSP_NEGOTIATE_NT_ONLY 0x0400
/* Lanman not allowed */
#define NTLMSSP_ANONYMOUS 0x0800
#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x1000
/* reserved6 */
#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x2000
#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x2000
#define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x4000
/* client/server on same machine */
#define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x4000
/* client/server same machine */
#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x8000
/* Sign for all security levels */
#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x8000
/* Sign. All security levels */
#define NTLMSSP_TARGET_TYPE_DOMAIN 0x10000
#define NTLMSSP_TARGET_TYPE_DOMAIN 0x10000
#define NTLMSSP_TARGET_TYPE_SERVER 0x20000
#define NTLMSSP_TARGET_TYPE_SERVER 0x20000
#define NTLMSSP_TARGET_TYPE_SHARE 0x40000
#define NTLMSSP_TARGET_TYPE_SHARE 0x40000
#define NTLMSSP_NEGOTIATE_NTLMV2 0x80000
#define NTLMSSP_NEGOTIATE_EXTENDED_SEC 0x80000
/* NB:not related to NTLMv2 pwd*/
#define NTLMSSP_REQUEST_INIT_RESP 0x100000
/* #define NTLMSSP_REQUEST_INIT_RESP 0x100000 */
#define NTLMSSP_REQUEST_ACCEPT_RESP 0x200000
#define NTLMSSP_NEGOTIATE_IDENTIFY 0x100000
#define NTLMSSP_REQUEST_NOT_NT_KEY 0x400000
#define NTLMSSP_REQUEST_ACCEPT_RESP 0x200000
/* reserved5 */
#define NTLMSSP_REQUEST_NON_NT_KEY 0x400000
#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x800000
#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x800000
#define NTLMSSP_NEGOTIATE_128 0x20000000
/* #define reserved4 0x1000000 */
#define NTLMSSP_NEGOTIATE_KEY_XCH 0x40000000
#define NTLMSSP_NEGOTIATE_VERSION 0x2000000
/* we do not set */
#define NTLMSSP_NEGOTIATE_56 0x80000000
/* #define reserved3 0x4000000 */
/* #define reserved2 0x8000000 */
/* #define reserved1 0x10000000 */
#define NTLMSSP_NEGOTIATE_128 0x20000000
#define NTLMSSP_NEGOTIATE_KEY_XCH 0x40000000
#define NTLMSSP_NEGOTIATE_56 0x80000000
/* Although typedefs are not commonly used for structure definitions */
/* Although typedefs are not commonly used for structure definitions */
/* in the Linux kernel, in this particular case they are useful */
/* in the Linux kernel, in this particular case they are useful */
...
@@ -60,32 +70,36 @@
...
@@ -60,32 +70,36 @@
typedef
struct
_SECURITY_BUFFER
{
typedef
struct
_SECURITY_BUFFER
{
__le16
Length
;
__le16
Length
;
__le16
MaximumLength
;
__le16
MaximumLength
;
__le32
Buffer
;
/* offset to buffer */
__le32
Buffer
Offset
;
/* offset to buffer */
}
__attribute__
((
packed
))
SECURITY_BUFFER
;
}
__attribute__
((
packed
))
SECURITY_BUFFER
;
typedef
struct
_NEGOTIATE_MESSAGE
{
typedef
struct
_NEGOTIATE_MESSAGE
{
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__le32
MessageType
;
/* 1 */
__le32
MessageType
;
/*
NtLmNegotiate =
1 */
__le32
NegotiateFlags
;
__le32
NegotiateFlags
;
SECURITY_BUFFER
DomainName
;
/* RFC 1001 style and ASCII */
SECURITY_BUFFER
DomainName
;
/* RFC 1001 style and ASCII */
SECURITY_BUFFER
WorkstationName
;
/* RFC 1001 and ASCII */
SECURITY_BUFFER
WorkstationName
;
/* RFC 1001 and ASCII */
/* SECURITY_BUFFER for version info not present since we
do not set the version is present flag */
char
DomainString
[
0
];
char
DomainString
[
0
];
/* followed by WorkstationString */
/* followed by WorkstationString */
}
__attribute__
((
packed
))
NEGOTIATE_MESSAGE
,
*
PNEGOTIATE_MESSAGE
;
}
__attribute__
((
packed
))
NEGOTIATE_MESSAGE
,
*
PNEGOTIATE_MESSAGE
;
typedef
struct
_CHALLENGE_MESSAGE
{
typedef
struct
_CHALLENGE_MESSAGE
{
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__le32
MessageType
;
/* 2 */
__le32
MessageType
;
/*
NtLmChallenge =
2 */
SECURITY_BUFFER
TargetName
;
SECURITY_BUFFER
TargetName
;
__le32
NegotiateFlags
;
__le32
NegotiateFlags
;
__u8
Challenge
[
CIFS_CRYPTO_KEY_SIZE
];
__u8
Challenge
[
CIFS_CRYPTO_KEY_SIZE
];
__u8
Reserved
[
8
];
__u8
Reserved
[
8
];
SECURITY_BUFFER
TargetInfoArray
;
SECURITY_BUFFER
TargetInfoArray
;
/* SECURITY_BUFFER for version info not present since we
do not set the version is present flag */
}
__attribute__
((
packed
))
CHALLENGE_MESSAGE
,
*
PCHALLENGE_MESSAGE
;
}
__attribute__
((
packed
))
CHALLENGE_MESSAGE
,
*
PCHALLENGE_MESSAGE
;
typedef
struct
_AUTHENTICATE_MESSAGE
{
typedef
struct
_AUTHENTICATE_MESSAGE
{
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__le32
MessageType
;
/* 3 */
__le32
MessageType
;
/*
NtLmsAuthenticate =
3 */
SECURITY_BUFFER
LmChallengeResponse
;
SECURITY_BUFFER
LmChallengeResponse
;
SECURITY_BUFFER
NtChallengeResponse
;
SECURITY_BUFFER
NtChallengeResponse
;
SECURITY_BUFFER
DomainName
;
SECURITY_BUFFER
DomainName
;
...
@@ -93,5 +107,7 @@ typedef struct _AUTHENTICATE_MESSAGE {
...
@@ -93,5 +107,7 @@ typedef struct _AUTHENTICATE_MESSAGE {
SECURITY_BUFFER
WorkstationName
;
SECURITY_BUFFER
WorkstationName
;
SECURITY_BUFFER
SessionKey
;
SECURITY_BUFFER
SessionKey
;
__le32
NegotiateFlags
;
__le32
NegotiateFlags
;
/* SECURITY_BUFFER for version info not present since we
do not set the version is present flag */
char
UserString
[
0
];
char
UserString
[
0
];
}
__attribute__
((
packed
))
AUTHENTICATE_MESSAGE
,
*
PAUTHENTICATE_MESSAGE
;
}
__attribute__
((
packed
))
AUTHENTICATE_MESSAGE
,
*
PAUTHENTICATE_MESSAGE
;
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment