Commit 33ec32fa authored by Steve French's avatar Steve French

[CIFS] Fix NTLMv2 mounts to Windows servers

Windows servers are pickier about NTLMv2 than Samba.
This enables more secure mounts to Windows (not just Samba)
ie when "sec=ntlmv2" is specified on the mount.
Signed-off-by: default avatarSteve French <sfrench@us.ibm.com>
parent c9976797
...@@ -5,7 +5,8 @@ Allow null user to be specified on mount ("username="). Do not return ...@@ -5,7 +5,8 @@ Allow null user to be specified on mount ("username="). Do not return
EINVAL on readdir when filldir fails due to overwritten blocksize EINVAL on readdir when filldir fails due to overwritten blocksize
(fixes FC problem). Return error in rename 2nd attempt retry (ie report (fixes FC problem). Return error in rename 2nd attempt retry (ie report
if rename by handle also fails, after rename by path fails, we were if rename by handle also fails, after rename by path fails, we were
not reporting whether the retry worked or not). not reporting whether the retry worked or not). Fix NTLMv2 to
work to Windows servers (mount with option "sec=ntlmv2").
Version 1.45 Version 1.45
------------ ------------
......
...@@ -372,8 +372,10 @@ void setup_ntlmv2_rsp(struct cifsSesInfo * ses, char * resp_buf, ...@@ -372,8 +372,10 @@ void setup_ntlmv2_rsp(struct cifsSesInfo * ses, char * resp_buf,
buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME)); buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME));
get_random_bytes(&buf->client_chal, sizeof(buf->client_chal)); get_random_bytes(&buf->client_chal, sizeof(buf->client_chal));
buf->reserved2 = 0; buf->reserved2 = 0;
buf->names[0].type = 0; buf->names[0].type = cpu_to_le16(NTLMSSP_DOMAIN_TYPE);
buf->names[0].length = 0; buf->names[0].length = 0;
buf->names[1].type = 0;
buf->names[1].length = 0;
/* calculate buf->ntlmv2_hash */ /* calculate buf->ntlmv2_hash */
rc = calc_ntlmv2_hash(ses, nls_cp); rc = calc_ntlmv2_hash(ses, nls_cp);
......
...@@ -580,6 +580,12 @@ typedef union smb_com_session_setup_andx { ...@@ -580,6 +580,12 @@ typedef union smb_com_session_setup_andx {
/* format of NLTMv2 Response ie "case sensitive password" hash when NTLMv2 */ /* format of NLTMv2 Response ie "case sensitive password" hash when NTLMv2 */
#define NTLMSSP_SERVER_TYPE 1
#define NTLMSSP_DOMAIN_TYPE 2
#define NTLMSSP_FQ_DOMAIN_TYPE 3
#define NTLMSSP_DNS_DOMAIN_TYPE 4
#define NTLMSSP_DNS_PARENT_TYPE 5
struct ntlmssp2_name { struct ntlmssp2_name {
__le16 type; __le16 type;
__le16 length; __le16 length;
...@@ -593,7 +599,7 @@ struct ntlmv2_resp { ...@@ -593,7 +599,7 @@ struct ntlmv2_resp {
__le64 time; __le64 time;
__u64 client_chal; /* random */ __u64 client_chal; /* random */
__u32 reserved2; __u32 reserved2;
struct ntlmssp2_name names[1]; struct ntlmssp2_name names[2];
/* array of name entries could follow ending in minimum 4 byte struct */ /* array of name entries could follow ending in minimum 4 byte struct */
} __attribute__((packed)); } __attribute__((packed));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment