diff options
author | Steve French <sfrench@us.ibm.com> | 2008-08-27 23:30:22 +0200 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2008-08-27 23:30:22 +0200 |
commit | bcc55c6664a90146149ba0fd93052adc94287b9f (patch) | |
tree | 7b90cd9ea4bad5625b5912a8430038fac6b398f2 | |
parent | [CIFS] Add destroy routine for dns_resolver (diff) | |
download | linux-bcc55c6664a90146149ba0fd93052adc94287b9f.tar.xz linux-bcc55c6664a90146149ba0fd93052adc94287b9f.zip |
[CIFS] Fix plaintext authentication
The last eight bytes of the password field were not cleared when doing lanman plaintext password authentication. This patch fixes that.
I tested it with Samba by setting password
encryption to no in the server's smb.conf. Other servers also can be
configured to force plaintext authentication. Note that plaintexti
authentication requires setting /proc/fs/cifs/SecurityFlags to 0x30030
on the client (enabling both LANMAN and also plaintext password support).
Also note that LANMAN support (and thus plaintext password support) requires
CONFIG_CIFS_WEAK_PW_HASH to be enabled in menuconfig.
CC: Jeff Layton <jlayton@redhat.com>
CC: Stable Kernel <stable@vger.kernel.org>
Signed-off-by: Steve French <sfrench@us.ibm.com>
-rw-r--r-- | fs/cifs/cifsencrypt.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index 83fd40dc1ef0..bd5f13d38450 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -294,6 +294,7 @@ void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key) if ((ses->server->secMode & SECMODE_PW_ENCRYPT) == 0) if (extended_security & CIFSSEC_MAY_PLNTXT) { + memset(lnm_session_key, 0, CIFS_SESS_KEY_SIZE); memcpy(lnm_session_key, password_with_pad, CIFS_ENCPWD_SIZE); return; |