summaryrefslogtreecommitdiffstats
path: root/fs/cifs/sess.c
diff options
context:
space:
mode:
authorShirish Pargaonkar <shirishpargaonkar@gmail.com>2010-10-28 16:53:07 +0200
committerSteve French <sfrench@us.ibm.com>2010-10-29 03:47:33 +0200
commitd3686d54c7902a303bd65d751226aa1647319863 (patch)
treeb4acd7dfc6c5ec2f254608a2f0ef11ef274861b8 /fs/cifs/sess.c
parentNTLM auth and sign - Use appropriate server challenge (diff)
downloadlinux-d3686d54c7902a303bd65d751226aa1647319863.tar.xz
linux-d3686d54c7902a303bd65d751226aa1647319863.zip
cifs: Cleanup and thus reduce smb session structure and fields used during authentication
Removed following fields from smb session structure cryptkey, ntlmv2_hash, tilen, tiblob and ntlmssp_auth structure is allocated dynamically only if the auth mech in NTLMSSP. response field within a session_key structure is used to initially store the target info (either plucked from type 2 challenge packet in case of NTLMSSP or fabricated in case of NTLMv2 without extended security) and then to store Message Authentication Key (mak) (session key + client response). Server challenge or cryptkey needed during a NTLMSSP authentication is now part of ntlmssp_auth structure which gets allocated and freed once authenticaiton process is done. Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/sess.c')
-rw-r--r--fs/cifs/sess.c29
1 files changed, 18 insertions, 11 deletions
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index f74c5a88dd4c..7b01d3f6eed6 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -399,23 +399,22 @@ static int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len,
return -EINVAL;
}
- memcpy(ses->cryptkey, pblob->Challenge, CIFS_CRYPTO_KEY_SIZE);
+ memcpy(ses->ntlmssp->cryptkey, pblob->Challenge, CIFS_CRYPTO_KEY_SIZE);
/* BB we could decode pblob->NegotiateFlags; some may be useful */
/* In particular we can examine sign flags */
/* BB spec says that if AvId field of MsvAvTimestamp is populated then
we must set the MIC field of the AUTHENTICATE_MESSAGE */
- ses->ntlmssp.server_flags = le32_to_cpu(pblob->NegotiateFlags);
+ ses->ntlmssp->server_flags = le32_to_cpu(pblob->NegotiateFlags);
tioffset = cpu_to_le16(pblob->TargetInfoArray.BufferOffset);
tilen = cpu_to_le16(pblob->TargetInfoArray.Length);
- ses->tilen = tilen;
- if (ses->tilen) {
- ses->tiblob = kmalloc(tilen, GFP_KERNEL);
- if (!ses->tiblob) {
+ if (tilen) {
+ ses->auth_key.response = kmalloc(tilen, GFP_KERNEL);
+ if (!ses->auth_key.response) {
cERROR(1, "Challenge target info allocation failure");
- ses->tilen = 0;
return -ENOMEM;
}
- memcpy(ses->tiblob, bcc_ptr + tioffset, ses->tilen);
+ memcpy(ses->auth_key.response, bcc_ptr + tioffset, tilen);
+ ses->auth_key.len = tilen;
}
return 0;
@@ -545,9 +544,9 @@ static int build_ntlmssp_auth_blob(unsigned char *pbuffer,
sec_blob->WorkstationName.MaximumLength = 0;
tmp += 2;
- if ((ses->ntlmssp.server_flags & NTLMSSP_NEGOTIATE_KEY_XCH) &&
+ if ((ses->ntlmssp->server_flags & NTLMSSP_NEGOTIATE_KEY_XCH) &&
!calc_seckey(ses)) {
- memcpy(tmp, ses->ntlmssp.ciphertext, CIFS_CPHTXT_SIZE);
+ memcpy(tmp, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE);
sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - pbuffer);
sec_blob->SessionKey.Length = cpu_to_le16(CIFS_CPHTXT_SIZE);
sec_blob->SessionKey.MaximumLength =
@@ -601,8 +600,16 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses,
return -EINVAL;
type = ses->server->secType;
-
cFYI(1, "sess setup type %d", type);
+ if (type == RawNTLMSSP) {
+ /* if memory allocation is successful, caller of this function
+ * frees it.
+ */
+ ses->ntlmssp = kmalloc(sizeof(struct ntlmssp_auth), GFP_KERNEL);
+ if (!ses->ntlmssp)
+ return -ENOMEM;
+ }
+
ssetup_ntlmssp_authenticate:
if (phase == NtLmChallenge)
phase = NtLmAuthenticate; /* if ntlmssp, now final phase */