summaryrefslogtreecommitdiffstats
path: root/fs/cifs/smb2pdu.c
diff options
context:
space:
mode:
authorShirish Pargaonkar <shirishpargaonkar@gmail.com>2013-08-29 15:35:11 +0200
committerSteve French <smfrench@gmail.com>2013-09-08 21:47:50 +0200
commit32811d242ff6f28da2ab18c90a15e32fd958e774 (patch)
treef267608208809072de59ac7d1bb073fc03d1d26f /fs/cifs/smb2pdu.c
parentcifs: Add a variable specific to NTLMSSP for key exchange. (diff)
downloadlinux-32811d242ff6f28da2ab18c90a15e32fd958e774.tar.xz
linux-32811d242ff6f28da2ab18c90a15e32fd958e774.zip
cifs: Start using per session key for smb2/3 for signature generation
Switch smb2 code to use per session session key and smb3 code to use per session signing key instead of per connection key to generate signatures. For that, we need to find a session to fetch the session key to generate signature to match for every request and response packet. We also forgo checking signature for a session setup response from the server. Acked-by: Jeff Layton <jlayton@samba.org> Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: Steve French <smfrench@gmail.com>
Diffstat (limited to 'fs/cifs/smb2pdu.c')
-rw-r--r--fs/cifs/smb2pdu.c14
1 files changed, 12 insertions, 2 deletions
diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index 3d010766f267..0a9458282717 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -639,11 +639,20 @@ ssetup_exit:
if (!rc) {
mutex_lock(&server->srv_mutex);
+ if (server->sign && server->ops->generate_signingkey) {
+ rc = server->ops->generate_signingkey(ses);
+ kfree(ses->auth_key.response);
+ ses->auth_key.response = NULL;
+ if (rc) {
+ cifs_dbg(FYI,
+ "SMB3 session key generation failed\n");
+ mutex_unlock(&server->srv_mutex);
+ goto keygen_exit;
+ }
+ }
if (!server->session_estab) {
server->sequence_number = 0x2;
server->session_estab = true;
- if (server->ops->generate_signingkey)
- server->ops->generate_signingkey(server);
}
mutex_unlock(&server->srv_mutex);
@@ -654,6 +663,7 @@ ssetup_exit:
spin_unlock(&GlobalMid_Lock);
}
+keygen_exit:
if (!server->sign) {
kfree(ses->auth_key.response);
ses->auth_key.response = NULL;