Commit 34f598ca authored by Steve French's avatar Steve French
parents dcd169b7 789b4588
...@@ -676,14 +676,23 @@ static ssize_t cifs_multiuser_mount_proc_write(struct file *file, ...@@ -676,14 +676,23 @@ static ssize_t cifs_multiuser_mount_proc_write(struct file *file,
{ {
char c; char c;
int rc; int rc;
static bool warned;
rc = get_user(c, buffer); rc = get_user(c, buffer);
if (rc) if (rc)
return rc; return rc;
if (c == '0' || c == 'n' || c == 'N') if (c == '0' || c == 'n' || c == 'N')
multiuser_mount = 0; multiuser_mount = 0;
else if (c == '1' || c == 'y' || c == 'Y') else if (c == '1' || c == 'y' || c == 'Y') {
multiuser_mount = 1; multiuser_mount = 1;
if (!warned) {
warned = true;
printk(KERN_WARNING "CIFS VFS: The legacy multiuser "
"mount code is scheduled to be deprecated in "
"3.5. Please switch to using the multiuser "
"mount option.");
}
}
return count; return count;
} }
......
...@@ -113,9 +113,11 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo) ...@@ -113,9 +113,11 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo)
MAX_MECH_STR_LEN + MAX_MECH_STR_LEN +
UID_KEY_LEN + (sizeof(uid_t) * 2) + UID_KEY_LEN + (sizeof(uid_t) * 2) +
CREDUID_KEY_LEN + (sizeof(uid_t) * 2) + CREDUID_KEY_LEN + (sizeof(uid_t) * 2) +
USER_KEY_LEN + strlen(sesInfo->user_name) +
PID_KEY_LEN + (sizeof(pid_t) * 2) + 1; PID_KEY_LEN + (sizeof(pid_t) * 2) + 1;
if (sesInfo->user_name)
desc_len += USER_KEY_LEN + strlen(sesInfo->user_name);
spnego_key = ERR_PTR(-ENOMEM); spnego_key = ERR_PTR(-ENOMEM);
description = kzalloc(desc_len, GFP_KERNEL); description = kzalloc(desc_len, GFP_KERNEL);
if (description == NULL) if (description == NULL)
...@@ -152,8 +154,10 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo) ...@@ -152,8 +154,10 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo)
dp = description + strlen(description); dp = description + strlen(description);
sprintf(dp, ";creduid=0x%x", sesInfo->cred_uid); sprintf(dp, ";creduid=0x%x", sesInfo->cred_uid);
dp = description + strlen(description); if (sesInfo->user_name) {
sprintf(dp, ";user=%s", sesInfo->user_name); dp = description + strlen(description);
sprintf(dp, ";user=%s", sesInfo->user_name);
}
dp = description + strlen(description); dp = description + strlen(description);
sprintf(dp, ";pid=0x%x", current->pid); sprintf(dp, ";pid=0x%x", current->pid);
......
...@@ -420,15 +420,20 @@ static int calc_ntlmv2_hash(struct cifs_ses *ses, char *ntlmv2_hash, ...@@ -420,15 +420,20 @@ static int calc_ntlmv2_hash(struct cifs_ses *ses, char *ntlmv2_hash,
} }
/* convert ses->user_name to unicode and uppercase */ /* convert ses->user_name to unicode and uppercase */
len = strlen(ses->user_name); len = ses->user_name ? strlen(ses->user_name) : 0;
user = kmalloc(2 + (len * 2), GFP_KERNEL); user = kmalloc(2 + (len * 2), GFP_KERNEL);
if (user == NULL) { if (user == NULL) {
cERROR(1, "calc_ntlmv2_hash: user mem alloc failure\n"); cERROR(1, "calc_ntlmv2_hash: user mem alloc failure\n");
rc = -ENOMEM; rc = -ENOMEM;
return rc; return rc;
} }
len = cifs_strtoUCS((__le16 *)user, ses->user_name, len, nls_cp);
UniStrupr(user); if (len) {
len = cifs_strtoUCS((__le16 *)user, ses->user_name, len, nls_cp);
UniStrupr(user);
} else {
memset(user, '\0', 2);
}
rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash, rc = crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
(char *)user, 2 * len); (char *)user, 2 * len);
......
This diff is collapsed.
...@@ -17,7 +17,7 @@ ...@@ -17,7 +17,7 @@
/*****************************************************************************/ /*****************************************************************************/
/* /*
* the payload for a key of type "user" * the payload for a key of type "user" or "logon"
* - once filled in and attached to a key: * - once filled in and attached to a key:
* - the payload struct is invariant may not be changed, only replaced * - the payload struct is invariant may not be changed, only replaced
* - the payload must be read with RCU procedures or with the key semaphore * - the payload must be read with RCU procedures or with the key semaphore
...@@ -33,6 +33,7 @@ struct user_key_payload { ...@@ -33,6 +33,7 @@ struct user_key_payload {
}; };
extern struct key_type key_type_user; extern struct key_type key_type_user;
extern struct key_type key_type_logon;
extern int user_instantiate(struct key *key, const void *data, size_t datalen); extern int user_instantiate(struct key *key, const void *data, size_t datalen);
extern int user_update(struct key *key, const void *data, size_t datalen); extern int user_update(struct key *key, const void *data, size_t datalen);
......
...@@ -33,6 +33,7 @@ ...@@ -33,6 +33,7 @@
extern struct key_type key_type_dead; extern struct key_type key_type_dead;
extern struct key_type key_type_user; extern struct key_type key_type_user;
extern struct key_type key_type_logon;
/*****************************************************************************/ /*****************************************************************************/
/* /*
......
...@@ -999,6 +999,7 @@ void __init key_init(void) ...@@ -999,6 +999,7 @@ void __init key_init(void)
list_add_tail(&key_type_keyring.link, &key_types_list); list_add_tail(&key_type_keyring.link, &key_types_list);
list_add_tail(&key_type_dead.link, &key_types_list); list_add_tail(&key_type_dead.link, &key_types_list);
list_add_tail(&key_type_user.link, &key_types_list); list_add_tail(&key_type_user.link, &key_types_list);
list_add_tail(&key_type_logon.link, &key_types_list);
/* record the root user tracking */ /* record the root user tracking */
rb_link_node(&root_key_user.node, rb_link_node(&root_key_user.node,
......
...@@ -18,6 +18,8 @@ ...@@ -18,6 +18,8 @@
#include <asm/uaccess.h> #include <asm/uaccess.h>
#include "internal.h" #include "internal.h"
static int logon_vet_description(const char *desc);
/* /*
* user defined keys take an arbitrary string as the description and an * user defined keys take an arbitrary string as the description and an
* arbitrary blob of data as the payload * arbitrary blob of data as the payload
...@@ -35,6 +37,24 @@ struct key_type key_type_user = { ...@@ -35,6 +37,24 @@ struct key_type key_type_user = {
EXPORT_SYMBOL_GPL(key_type_user); EXPORT_SYMBOL_GPL(key_type_user);
/*
* This key type is essentially the same as key_type_user, but it does
* not define a .read op. This is suitable for storing username and
* password pairs in the keyring that you do not want to be readable
* from userspace.
*/
struct key_type key_type_logon = {
.name = "logon",
.instantiate = user_instantiate,
.update = user_update,
.match = user_match,
.revoke = user_revoke,
.destroy = user_destroy,
.describe = user_describe,
.vet_description = logon_vet_description,
};
EXPORT_SYMBOL_GPL(key_type_logon);
/* /*
* instantiate a user defined key * instantiate a user defined key
*/ */
...@@ -189,3 +209,20 @@ long user_read(const struct key *key, char __user *buffer, size_t buflen) ...@@ -189,3 +209,20 @@ long user_read(const struct key *key, char __user *buffer, size_t buflen)
} }
EXPORT_SYMBOL_GPL(user_read); EXPORT_SYMBOL_GPL(user_read);
/* Vet the description for a "logon" key */
static int logon_vet_description(const char *desc)
{
char *p;
/* require a "qualified" description string */
p = strchr(desc, ':');
if (!p)
return -EINVAL;
/* also reject description with ':' as first char */
if (p == desc)
return -EINVAL;
return 0;
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment