Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
linux
Commits
e14b2fe1
Commit
e14b2fe1
authored
May 01, 2009
by
Steve French
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[CIFS] Add remaining ntlmssp flags and standardize field names
Signed-off-by:
Steve French
<
sfrench@us.ibm.com
>
parent
cf398e3a
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
57 additions
and
41 deletions
+57
-41
fs/cifs/connect.c
fs/cifs/connect.c
+15
-15
fs/cifs/ntlmssp.h
fs/cifs/ntlmssp.h
+42
-26
No files found.
fs/cifs/connect.c
View file @
e14b2fe1
...
...
@@ -2686,13 +2686,13 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
/* setup pointers to domain name and workstation name */
bcc_ptr
+=
SecurityBlobLength
;
SecurityBlob
->
WorkstationName
.
Buffer
=
0
;
SecurityBlob
->
WorkstationName
.
Buffer
Offset
=
0
;
SecurityBlob
->
WorkstationName
.
Length
=
0
;
SecurityBlob
->
WorkstationName
.
MaximumLength
=
0
;
/* Domain not sent on first Sesssetup in NTLMSSP, instead it is sent
along with username on auth request (ie the response to challenge) */
SecurityBlob
->
DomainName
.
Buffer
=
0
;
SecurityBlob
->
DomainName
.
Buffer
Offset
=
0
;
SecurityBlob
->
DomainName
.
Length
=
0
;
SecurityBlob
->
DomainName
.
MaximumLength
=
0
;
if
(
ses
->
capabilities
&
CAP_UNICODE
)
{
...
...
@@ -3020,30 +3020,30 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
/* setup pointers to domain name and workstation name */
SecurityBlob
->
WorkstationName
.
Buffer
=
0
;
SecurityBlob
->
WorkstationName
.
Buffer
Offset
=
0
;
SecurityBlob
->
WorkstationName
.
Length
=
0
;
SecurityBlob
->
WorkstationName
.
MaximumLength
=
0
;
SecurityBlob
->
SessionKey
.
Length
=
0
;
SecurityBlob
->
SessionKey
.
MaximumLength
=
0
;
SecurityBlob
->
SessionKey
.
Buffer
=
0
;
SecurityBlob
->
SessionKey
.
Buffer
Offset
=
0
;
SecurityBlob
->
LmChallengeResponse
.
Length
=
0
;
SecurityBlob
->
LmChallengeResponse
.
MaximumLength
=
0
;
SecurityBlob
->
LmChallengeResponse
.
Buffer
=
0
;
SecurityBlob
->
LmChallengeResponse
.
Buffer
Offset
=
0
;
SecurityBlob
->
NtChallengeResponse
.
Length
=
cpu_to_le16
(
CIFS_SESS_KEY_SIZE
);
SecurityBlob
->
NtChallengeResponse
.
MaximumLength
=
cpu_to_le16
(
CIFS_SESS_KEY_SIZE
);
memcpy
(
bcc_ptr
,
ntlm_session_key
,
CIFS_SESS_KEY_SIZE
);
SecurityBlob
->
NtChallengeResponse
.
Buffer
=
SecurityBlob
->
NtChallengeResponse
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
SecurityBlobLength
+=
CIFS_SESS_KEY_SIZE
;
bcc_ptr
+=
CIFS_SESS_KEY_SIZE
;
if
(
ses
->
capabilities
&
CAP_UNICODE
)
{
if
(
domain
==
NULL
)
{
SecurityBlob
->
DomainName
.
Buffer
=
0
;
SecurityBlob
->
DomainName
.
Buffer
Offset
=
0
;
SecurityBlob
->
DomainName
.
Length
=
0
;
SecurityBlob
->
DomainName
.
MaximumLength
=
0
;
}
else
{
...
...
@@ -3052,14 +3052,14 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
ln
*=
2
;
SecurityBlob
->
DomainName
.
MaximumLength
=
cpu_to_le16
(
ln
);
SecurityBlob
->
DomainName
.
Buffer
=
SecurityBlob
->
DomainName
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
bcc_ptr
+=
ln
;
SecurityBlobLength
+=
ln
;
SecurityBlob
->
DomainName
.
Length
=
cpu_to_le16
(
ln
);
}
if
(
user
==
NULL
)
{
SecurityBlob
->
UserName
.
Buffer
=
0
;
SecurityBlob
->
UserName
.
Buffer
Offset
=
0
;
SecurityBlob
->
UserName
.
Length
=
0
;
SecurityBlob
->
UserName
.
MaximumLength
=
0
;
}
else
{
...
...
@@ -3068,7 +3068,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
ln
*=
2
;
SecurityBlob
->
UserName
.
MaximumLength
=
cpu_to_le16
(
ln
);
SecurityBlob
->
UserName
.
Buffer
=
SecurityBlob
->
UserName
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
bcc_ptr
+=
ln
;
SecurityBlobLength
+=
ln
;
...
...
@@ -3080,7 +3080,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
SecurityBlob->WorkstationName.Length *= 2;
SecurityBlob->WorkstationName.MaximumLength =
cpu_to_le16(SecurityBlob->WorkstationName.Length);
SecurityBlob->WorkstationName.Buffer =
SecurityBlob->WorkstationName.Buffer
Offset
=
cpu_to_le32(SecurityBlobLength);
bcc_ptr += SecurityBlob->WorkstationName.Length;
SecurityBlobLength += SecurityBlob->WorkstationName.Length;
...
...
@@ -3112,7 +3112,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
bcc_ptr
+=
2
;
/* null domain */
}
else
{
/* ASCII */
if
(
domain
==
NULL
)
{
SecurityBlob
->
DomainName
.
Buffer
=
0
;
SecurityBlob
->
DomainName
.
Buffer
Offset
=
0
;
SecurityBlob
->
DomainName
.
Length
=
0
;
SecurityBlob
->
DomainName
.
MaximumLength
=
0
;
}
else
{
...
...
@@ -3122,14 +3122,14 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
ln
=
strnlen
(
domain
,
64
);
SecurityBlob
->
DomainName
.
MaximumLength
=
cpu_to_le16
(
ln
);
SecurityBlob
->
DomainName
.
Buffer
=
SecurityBlob
->
DomainName
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
bcc_ptr
+=
ln
;
SecurityBlobLength
+=
ln
;
SecurityBlob
->
DomainName
.
Length
=
cpu_to_le16
(
ln
);
}
if
(
user
==
NULL
)
{
SecurityBlob
->
UserName
.
Buffer
=
0
;
SecurityBlob
->
UserName
.
Buffer
Offset
=
0
;
SecurityBlob
->
UserName
.
Length
=
0
;
SecurityBlob
->
UserName
.
MaximumLength
=
0
;
}
else
{
...
...
@@ -3137,7 +3137,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
strncpy
(
bcc_ptr
,
user
,
63
);
ln
=
strnlen
(
user
,
64
);
SecurityBlob
->
UserName
.
MaximumLength
=
cpu_to_le16
(
ln
);
SecurityBlob
->
UserName
.
Buffer
=
SecurityBlob
->
UserName
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
bcc_ptr
+=
ln
;
SecurityBlobLength
+=
ln
;
...
...
fs/cifs/ntlmssp.h
View file @
e14b2fe1
...
...
@@ -27,29 +27,39 @@
#define UnknownMessage cpu_to_le32(8)
/* Negotiate Flags */
#define NTLMSSP_NEGOTIATE_UNICODE 0x01
/* Text strings are in unicode */
#define NTLMSSP_NEGOTIATE_OEM 0x02
/* Text strings are in OEM */
#define NTLMSSP_REQUEST_TARGET 0x04
/* Server return its auth realm */
#define NTLMSSP_NEGOTIATE_SIGN 0x0010
/* Request signature capability */
#define NTLMSSP_NEGOTIATE_SEAL 0x0020
/* Request confidentiality */
#define NTLMSSP_NEGOTIATE_DGRAM 0x0040
#define NTLMSSP_NEGOTIATE_LM_KEY 0x0080
/* Sign/seal use LM session key */
#define NTLMSSP_NEGOTIATE_NTLM 0x0200
/* NTLM authentication */
#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x1000
#define NTLMSSP_NEGOTIATE_UNICODE 0x01
/* Text strings are unicode */
#define NTLMSSP_NEGOTIATE_OEM 0x02
/* Text strings are in OEM */
#define NTLMSSP_REQUEST_TARGET 0x04
/* Srv returns its auth realm */
/* define reserved9 0x08 */
#define NTLMSSP_NEGOTIATE_SIGN 0x0010
/* Request signing capability */
#define NTLMSSP_NEGOTIATE_SEAL 0x0020
/* Request confidentiality */
#define NTLMSSP_NEGOTIATE_DGRAM 0x0040
#define NTLMSSP_NEGOTIATE_LM_KEY 0x0080
/* Use LM session key */
/* defined reserved 8 0x0100 */
#define NTLMSSP_NEGOTIATE_NTLM 0x0200
/* NTLM authentication */
#define NTLMSSP_NEGOTIATE_NT_ONLY 0x0400
/* Lanman not allowed */
#define NTLMSSP_ANONYMOUS 0x0800
#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x1000
/* reserved6 */
#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x2000
#define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x4000
/* client/server on same machine */
#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x8000
/* Sign for all security levels */
#define NTLMSSP_TARGET_TYPE_DOMAIN 0x10000
#define NTLMSSP_TARGET_TYPE_SERVER 0x20000
#define NTLMSSP_TARGET_TYPE_SHARE 0x40000
#define NTLMSSP_NEGOTIATE_NTLMV2 0x80000
#define NTLMSSP_REQUEST_INIT_RESP 0x100000
#define NTLMSSP_REQUEST_ACCEPT_RESP 0x200000
#define NTLMSSP_REQUEST_NOT_NT_KEY 0x400000
#define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x4000
/* client/server same machine */
#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x8000
/* Sign. All security levels */
#define NTLMSSP_TARGET_TYPE_DOMAIN 0x10000
#define NTLMSSP_TARGET_TYPE_SERVER 0x20000
#define NTLMSSP_TARGET_TYPE_SHARE 0x40000
#define NTLMSSP_NEGOTIATE_EXTENDED_SEC 0x80000
/* NB:not related to NTLMv2 pwd*/
/* #define NTLMSSP_REQUEST_INIT_RESP 0x100000 */
#define NTLMSSP_NEGOTIATE_IDENTIFY 0x100000
#define NTLMSSP_REQUEST_ACCEPT_RESP 0x200000
/* reserved5 */
#define NTLMSSP_REQUEST_NON_NT_KEY 0x400000
#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x800000
#define NTLMSSP_NEGOTIATE_128 0x20000000
#define NTLMSSP_NEGOTIATE_KEY_XCH 0x40000000
#define NTLMSSP_NEGOTIATE_56 0x80000000
/* #define reserved4 0x1000000 */
#define NTLMSSP_NEGOTIATE_VERSION 0x2000000
/* we do not set */
/* #define reserved3 0x4000000 */
/* #define reserved2 0x8000000 */
/* #define reserved1 0x10000000 */
#define NTLMSSP_NEGOTIATE_128 0x20000000
#define NTLMSSP_NEGOTIATE_KEY_XCH 0x40000000
#define NTLMSSP_NEGOTIATE_56 0x80000000
/* Although typedefs are not commonly used for structure definitions */
/* in the Linux kernel, in this particular case they are useful */
...
...
@@ -60,32 +70,36 @@
typedef
struct
_SECURITY_BUFFER
{
__le16
Length
;
__le16
MaximumLength
;
__le32
Buffer
;
/* offset to buffer */
__le32
Buffer
Offset
;
/* offset to buffer */
}
__attribute__
((
packed
))
SECURITY_BUFFER
;
typedef
struct
_NEGOTIATE_MESSAGE
{
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__le32
MessageType
;
/* 1 */
__le32
MessageType
;
/*
NtLmNegotiate =
1 */
__le32
NegotiateFlags
;
SECURITY_BUFFER
DomainName
;
/* RFC 1001 style and ASCII */
SECURITY_BUFFER
WorkstationName
;
/* RFC 1001 and ASCII */
/* SECURITY_BUFFER for version info not present since we
do not set the version is present flag */
char
DomainString
[
0
];
/* followed by WorkstationString */
}
__attribute__
((
packed
))
NEGOTIATE_MESSAGE
,
*
PNEGOTIATE_MESSAGE
;
typedef
struct
_CHALLENGE_MESSAGE
{
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__le32
MessageType
;
/* 2 */
__le32
MessageType
;
/*
NtLmChallenge =
2 */
SECURITY_BUFFER
TargetName
;
__le32
NegotiateFlags
;
__u8
Challenge
[
CIFS_CRYPTO_KEY_SIZE
];
__u8
Reserved
[
8
];
SECURITY_BUFFER
TargetInfoArray
;
/* SECURITY_BUFFER for version info not present since we
do not set the version is present flag */
}
__attribute__
((
packed
))
CHALLENGE_MESSAGE
,
*
PCHALLENGE_MESSAGE
;
typedef
struct
_AUTHENTICATE_MESSAGE
{
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__le32
MessageType
;
/* 3 */
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__le32
MessageType
;
/*
NtLmsAuthenticate =
3 */
SECURITY_BUFFER
LmChallengeResponse
;
SECURITY_BUFFER
NtChallengeResponse
;
SECURITY_BUFFER
DomainName
;
...
...
@@ -93,5 +107,7 @@ typedef struct _AUTHENTICATE_MESSAGE {
SECURITY_BUFFER
WorkstationName
;
SECURITY_BUFFER
SessionKey
;
__le32
NegotiateFlags
;
/* SECURITY_BUFFER for version info not present since we
do not set the version is present flag */
char
UserString
[
0
];
}
__attribute__
((
packed
))
AUTHENTICATE_MESSAGE
,
*
PAUTHENTICATE_MESSAGE
;
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment