Commit f17a2686 authored by Linus Torvalds's avatar Linus Torvalds

Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6

* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: (25 commits)
  [CIFS] Fix authentication choice so we do not force NTLMv2 unless the
  [CIFS] Fix alignment of unicode strings in previous patch
  [CIFS] Fix allocation of buffers for new session setup routine to allow
  [CIFS] Remove calls to to take f_owner.lock
  [CIFS] remove some redundant null pointer checks
  [CIFS] Fix compile warning when CONFIG_CIFS_EXPERIMENTAL is off
  [CIFS] Enable sec flags on mount for cifs (part one)
  [CIFS] Fix suspend/resume problem which causes EIO on subsequent access to
  [CIFS] fix minor compile warning when config_cifs_weak_security is off
  [CIFS] NTLMv2 support part 5
  [CIFS] Add support for readdir to legacy servers
  [CIFS] NTLMv2 support part 4
  [CIFS] NTLMv2 support part 3
  [CIFS] NTLMv2 support part 2
  [CIFS] Fix mask so can set new cifs security flags properly
  CIFS] Support for older servers which require plaintext passwords - part 2
  [CIFS] Support for older servers which require plaintext passwords
  [CIFS] Fix mapping of old SMB return code Invalid Net Name so it is
  [CIFS] Missing brace
  [CIFS] Do not overwrite aops
  ...
parents 01f7e673 f40c5628
...@@ -1722,7 +1722,7 @@ config CIFS_STATS ...@@ -1722,7 +1722,7 @@ config CIFS_STATS
mounted by the cifs client to be displayed in /proc/fs/cifs/Stats mounted by the cifs client to be displayed in /proc/fs/cifs/Stats
config CIFS_STATS2 config CIFS_STATS2
bool "CIFS extended statistics" bool "Extended statistics"
depends on CIFS_STATS depends on CIFS_STATS
help help
Enabling this option will allow more detailed statistics on SMB Enabling this option will allow more detailed statistics on SMB
...@@ -1735,6 +1735,32 @@ config CIFS_STATS2 ...@@ -1735,6 +1735,32 @@ config CIFS_STATS2
Unless you are a developer or are doing network performance analysis Unless you are a developer or are doing network performance analysis
or tuning, say N. or tuning, say N.
config CIFS_WEAK_PW_HASH
bool "Support legacy servers which use weaker LANMAN security"
depends on CIFS
help
Modern CIFS servers including Samba and most Windows versions
(since 1997) support stronger NTLM (and even NTLMv2 and Kerberos)
security mechanisms. These hash the password more securely
than the mechanisms used in the older LANMAN version of the
SMB protocol needed to establish sessions with old SMB servers.
Enabling this option allows the cifs module to mount to older
LANMAN based servers such as OS/2 and Windows 95, but such
mounts may be less secure than mounts using NTLM or more recent
security mechanisms if you are on a public network. Unless you
have a need to access old SMB servers (and are on a private
network) you probably want to say N. Even if this support
is enabled in the kernel build, they will not be used
automatically. At runtime LANMAN mounts are disabled but
can be set to required (or optional) either in
/proc/fs/cifs (see fs/cifs/README for more detail) or via an
option on the mount command. This support is disabled by
default in order to reduce the possibility of a downgrade
attack.
If unsure, say N.
config CIFS_XATTR config CIFS_XATTR
bool "CIFS extended attributes" bool "CIFS extended attributes"
depends on CIFS depends on CIFS
...@@ -1763,6 +1789,16 @@ config CIFS_POSIX ...@@ -1763,6 +1789,16 @@ config CIFS_POSIX
(such as Samba 3.10 and later) which can negotiate (such as Samba 3.10 and later) which can negotiate
CIFS POSIX ACL support. If unsure, say N. CIFS POSIX ACL support. If unsure, say N.
config CIFS_DEBUG2
bool "Enable additional CIFS debugging routines"
help
Enabling this option adds a few more debugging routines
to the cifs code which slightly increases the size of
the cifs module and can cause additional logging of debug
messages in some error paths, slowing performance. This
option can be turned off unless you are debugging
cifs problems. If unsure, say N.
config CIFS_EXPERIMENTAL config CIFS_EXPERIMENTAL
bool "CIFS Experimental Features (EXPERIMENTAL)" bool "CIFS Experimental Features (EXPERIMENTAL)"
depends on CIFS && EXPERIMENTAL depends on CIFS && EXPERIMENTAL
...@@ -1778,7 +1814,7 @@ config CIFS_EXPERIMENTAL ...@@ -1778,7 +1814,7 @@ config CIFS_EXPERIMENTAL
If unsure, say N. If unsure, say N.
config CIFS_UPCALL config CIFS_UPCALL
bool "CIFS Kerberos/SPNEGO advanced session setup (EXPERIMENTAL)" bool "Kerberos/SPNEGO advanced session setup (EXPERIMENTAL)"
depends on CIFS_EXPERIMENTAL depends on CIFS_EXPERIMENTAL
select CONNECTOR select CONNECTOR
help help
......
Version 1.44
------------
Rewritten sessionsetup support, including support for legacy SMB
session setup needed for OS/2 and older servers such as Windows 95 and 98.
Fix oops on ls to OS/2 servers. Add support for level 1 FindFirst
so we can do search (ls etc.) to OS/2. Do not send NTCreateX
or recent levels of FindFirst unless server says it supports NT SMBs
(instead use legacy equivalents from LANMAN dialect). Fix to allow
NTLMv2 authentication support (now can use stronger password hashing
on mount if corresponding /proc/fs/cifs/SecurityFlags is set (0x4004).
Allow override of global cifs security flags on mount via "sec=" option(s).
Version 1.43 Version 1.43
------------ ------------
POSIX locking to servers which support CIFS POSIX Extensions POSIX locking to servers which support CIFS POSIX Extensions
(disabled by default controlled by proc/fs/cifs/Experimental). (disabled by default controlled by proc/fs/cifs/Experimental).
Handle conversion of long share names (especially Asian languages) Handle conversion of long share names (especially Asian languages)
to Unicode during mount. to Unicode during mount. Fix memory leak in sess struct on reconnect.
Fix rare oops after acpi suspend. Fix O_TRUNC opens to overwrite on
cifs open which helps rare case when setpathinfo fails or server does
not support it.
Version 1.42 Version 1.42
------------ ------------
......
...@@ -3,4 +3,4 @@ ...@@ -3,4 +3,4 @@
# #
obj-$(CONFIG_CIFS) += cifs.o obj-$(CONFIG_CIFS) += cifs.o
cifs-objs := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o readdir.o ioctl.o ntlmssp.o cifs-objs := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o readdir.o ioctl.o sess.o
...@@ -443,7 +443,10 @@ A partial list of the supported mount options follows: ...@@ -443,7 +443,10 @@ A partial list of the supported mount options follows:
SFU does). In the future the bottom 9 bits of the mode SFU does). In the future the bottom 9 bits of the mode
mode also will be emulated using queries of the security mode also will be emulated using queries of the security
descriptor (ACL). descriptor (ACL).
sec Security mode. Allowed values are: sign Must use packet signing (helps avoid unwanted data modification
by intermediate systems in the route). Note that signing
does not work with lanman or plaintext authentication.
sec Security mode. Allowed values are:
none attempt to connection as a null user (no name) none attempt to connection as a null user (no name)
krb5 Use Kerberos version 5 authentication krb5 Use Kerberos version 5 authentication
krb5i Use Kerberos authentication and packet signing krb5i Use Kerberos authentication and packet signing
...@@ -453,6 +456,8 @@ sec Security mode. Allowed values are: ...@@ -453,6 +456,8 @@ sec Security mode. Allowed values are:
server requires signing also can be the default) server requires signing also can be the default)
ntlmv2 Use NTLMv2 password hashing ntlmv2 Use NTLMv2 password hashing
ntlmv2i Use NTLMv2 password hashing with packet signing ntlmv2i Use NTLMv2 password hashing with packet signing
lanman (if configured in kernel config) use older
lanman hash
The mount.cifs mount helper also accepts a few mount options before -o The mount.cifs mount helper also accepts a few mount options before -o
including: including:
...@@ -485,14 +490,34 @@ PacketSigningEnabled If set to one, cifs packet signing is enabled ...@@ -485,14 +490,34 @@ PacketSigningEnabled If set to one, cifs packet signing is enabled
it. If set to two, cifs packet signing is it. If set to two, cifs packet signing is
required even if the server considers packet required even if the server considers packet
signing optional. (default 1) signing optional. (default 1)
SecurityFlags Flags which control security negotiation and
also packet signing. Authentication (may/must)
flags (e.g. for NTLM and/or NTLMv2) may be combined with
the signing flags. Specifying two different password
hashing mechanisms (as "must use") on the other hand
does not make much sense. Default flags are
0x07007
(NTLM, NTLMv2 and packet signing allowed). Maximum
allowable flags if you want to allow mounts to servers
using weaker password hashes is 0x37037 (lanman,
plaintext, ntlm, ntlmv2, signing allowed):
may use packet signing 0x00001
must use packet signing 0x01001
may use NTLM (most common password hash) 0x00002
must use NTLM 0x02002
may use NTLMv2 0x00004
must use NTLMv2 0x04004
may use Kerberos security (not implemented yet) 0x00008
must use Kerberos (not implemented yet) 0x08008
may use lanman (weak) password hash 0x00010
must use lanman password hash 0x10010
may use plaintext passwords 0x00020
must use plaintext passwords 0x20020
(reserved for future packet encryption) 0x00040
cifsFYI If set to one, additional debug information is cifsFYI If set to one, additional debug information is
logged to the system error log. (default 0) logged to the system error log. (default 0)
ExtendedSecurity If set to one, SPNEGO session establishment
is allowed which enables more advanced
secure CIFS session establishment (default 0)
NTLMV2Enabled If set to one, more secure password hashes
are used when the server supports them and
when kerberos is not negotiated (default 0)
traceSMB If set to one, debug information is logged to the traceSMB If set to one, debug information is logged to the
system error log with the start of smb requests system error log with the start of smb requests
and responses (default 0) and responses (default 0)
......
...@@ -467,7 +467,7 @@ decode_negTokenInit(unsigned char *security_blob, int length, ...@@ -467,7 +467,7 @@ decode_negTokenInit(unsigned char *security_blob, int length,
asn1_open(&ctx, security_blob, length); asn1_open(&ctx, security_blob, length);
if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
cFYI(1, ("Error decoding negTokenInit header ")); cFYI(1, ("Error decoding negTokenInit header"));
return 0; return 0;
} else if ((cls != ASN1_APL) || (con != ASN1_CON) } else if ((cls != ASN1_APL) || (con != ASN1_CON)
|| (tag != ASN1_EOC)) { || (tag != ASN1_EOC)) {
...@@ -495,7 +495,7 @@ decode_negTokenInit(unsigned char *security_blob, int length, ...@@ -495,7 +495,7 @@ decode_negTokenInit(unsigned char *security_blob, int length,
} }
if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
cFYI(1, ("Error decoding negTokenInit ")); cFYI(1, ("Error decoding negTokenInit"));
return 0; return 0;
} else if ((cls != ASN1_CTX) || (con != ASN1_CON) } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
|| (tag != ASN1_EOC)) { || (tag != ASN1_EOC)) {
...@@ -505,7 +505,7 @@ decode_negTokenInit(unsigned char *security_blob, int length, ...@@ -505,7 +505,7 @@ decode_negTokenInit(unsigned char *security_blob, int length,
} }
if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
cFYI(1, ("Error decoding negTokenInit ")); cFYI(1, ("Error decoding negTokenInit"));
return 0; return 0;
} else if ((cls != ASN1_UNI) || (con != ASN1_CON) } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
|| (tag != ASN1_SEQ)) { || (tag != ASN1_SEQ)) {
...@@ -515,7 +515,7 @@ decode_negTokenInit(unsigned char *security_blob, int length, ...@@ -515,7 +515,7 @@ decode_negTokenInit(unsigned char *security_blob, int length,
} }
if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
cFYI(1, ("Error decoding 2nd part of negTokenInit ")); cFYI(1, ("Error decoding 2nd part of negTokenInit"));
return 0; return 0;
} else if ((cls != ASN1_CTX) || (con != ASN1_CON) } else if ((cls != ASN1_CTX) || (con != ASN1_CON)
|| (tag != ASN1_EOC)) { || (tag != ASN1_EOC)) {
...@@ -527,7 +527,7 @@ decode_negTokenInit(unsigned char *security_blob, int length, ...@@ -527,7 +527,7 @@ decode_negTokenInit(unsigned char *security_blob, int length,
if (asn1_header_decode if (asn1_header_decode
(&ctx, &sequence_end, &cls, &con, &tag) == 0) { (&ctx, &sequence_end, &cls, &con, &tag) == 0) {
cFYI(1, ("Error decoding 2nd part of negTokenInit ")); cFYI(1, ("Error decoding 2nd part of negTokenInit"));
return 0; return 0;
} else if ((cls != ASN1_UNI) || (con != ASN1_CON) } else if ((cls != ASN1_UNI) || (con != ASN1_CON)
|| (tag != ASN1_SEQ)) { || (tag != ASN1_SEQ)) {
......
...@@ -39,7 +39,7 @@ cifs_dump_mem(char *label, void *data, int length) ...@@ -39,7 +39,7 @@ cifs_dump_mem(char *label, void *data, int length)
char *charptr = data; char *charptr = data;
char buf[10], line[80]; char buf[10], line[80];
printk(KERN_DEBUG "%s: dump of %d bytes of data at 0x%p\n\n", printk(KERN_DEBUG "%s: dump of %d bytes of data at 0x%p\n",
label, length, data); label, length, data);
for (i = 0; i < length; i += 16) { for (i = 0; i < length; i += 16) {
line[0] = 0; line[0] = 0;
...@@ -57,6 +57,57 @@ cifs_dump_mem(char *label, void *data, int length) ...@@ -57,6 +57,57 @@ cifs_dump_mem(char *label, void *data, int length)
} }
} }
#ifdef CONFIG_CIFS_DEBUG2
void cifs_dump_detail(struct smb_hdr * smb)
{
cERROR(1,("Cmd: %d Err: 0x%x Flags: 0x%x Flgs2: 0x%x Mid: %d Pid: %d",
smb->Command, smb->Status.CifsError,
smb->Flags, smb->Flags2, smb->Mid, smb->Pid));
cERROR(1,("smb buf %p len %d", smb, smbCalcSize_LE(smb)));
}
void cifs_dump_mids(struct TCP_Server_Info * server)
{
struct list_head *tmp;
struct mid_q_entry * mid_entry;
if(server == NULL)
return;
cERROR(1,("Dump pending requests:"));
spin_lock(&GlobalMid_Lock);
list_for_each(tmp, &server->pending_mid_q) {
mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
if(mid_entry) {
cERROR(1,("State: %d Cmd: %d Pid: %d Tsk: %p Mid %d",
mid_entry->midState,
(int)mid_entry->command,
mid_entry->pid,
mid_entry->tsk,
mid_entry->mid));
#ifdef CONFIG_CIFS_STATS2
cERROR(1,("IsLarge: %d buf: %p time rcv: %ld now: %ld",
mid_entry->largeBuf,
mid_entry->resp_buf,
mid_entry->when_received,
jiffies));
#endif /* STATS2 */
cERROR(1,("IsMult: %d IsEnd: %d", mid_entry->multiRsp,
mid_entry->multiEnd));
if(mid_entry->resp_buf) {
cifs_dump_detail(mid_entry->resp_buf);
cifs_dump_mem("existing buf: ",
mid_entry->resp_buf,
62 /* fixme */);
}
}
}
spin_unlock(&GlobalMid_Lock);
}
#endif /* CONFIG_CIFS_DEBUG2 */
#ifdef CONFIG_PROC_FS #ifdef CONFIG_PROC_FS
static int static int
cifs_debug_data_read(char *buf, char **beginBuffer, off_t offset, cifs_debug_data_read(char *buf, char **beginBuffer, off_t offset,
...@@ -73,7 +124,6 @@ cifs_debug_data_read(char *buf, char **beginBuffer, off_t offset, ...@@ -73,7 +124,6 @@ cifs_debug_data_read(char *buf, char **beginBuffer, off_t offset,
*beginBuffer = buf + offset; *beginBuffer = buf + offset;
length = length =
sprintf(buf, sprintf(buf,
"Display Internal CIFS Data Structures for Debugging\n" "Display Internal CIFS Data Structures for Debugging\n"
...@@ -395,12 +445,12 @@ static read_proc_t traceSMB_read; ...@@ -395,12 +445,12 @@ static read_proc_t traceSMB_read;
static write_proc_t traceSMB_write; static write_proc_t traceSMB_write;
static read_proc_t multiuser_mount_read; static read_proc_t multiuser_mount_read;
static write_proc_t multiuser_mount_write; static write_proc_t multiuser_mount_write;
static read_proc_t extended_security_read; static read_proc_t security_flags_read;
static write_proc_t extended_security_write; static write_proc_t security_flags_write;
static read_proc_t ntlmv2_enabled_read; /* static read_proc_t ntlmv2_enabled_read;
static write_proc_t ntlmv2_enabled_write; static write_proc_t ntlmv2_enabled_write;
static read_proc_t packet_signing_enabled_read; static read_proc_t packet_signing_enabled_read;
static write_proc_t packet_signing_enabled_write; static write_proc_t packet_signing_enabled_write;*/
static read_proc_t experimEnabled_read; static read_proc_t experimEnabled_read;
static write_proc_t experimEnabled_write; static write_proc_t experimEnabled_write;
static read_proc_t linuxExtensionsEnabled_read; static read_proc_t linuxExtensionsEnabled_read;
...@@ -458,10 +508,10 @@ cifs_proc_init(void) ...@@ -458,10 +508,10 @@ cifs_proc_init(void)
pde->write_proc = multiuser_mount_write; pde->write_proc = multiuser_mount_write;
pde = pde =
create_proc_read_entry("ExtendedSecurity", 0, proc_fs_cifs, create_proc_read_entry("SecurityFlags", 0, proc_fs_cifs,
extended_security_read, NULL); security_flags_read, NULL);
if (pde) if (pde)
pde->write_proc = extended_security_write; pde->write_proc = security_flags_write;
pde = pde =
create_proc_read_entry("LookupCacheEnabled", 0, proc_fs_cifs, create_proc_read_entry("LookupCacheEnabled", 0, proc_fs_cifs,
...@@ -469,7 +519,7 @@ cifs_proc_init(void) ...@@ -469,7 +519,7 @@ cifs_proc_init(void)
if (pde) if (pde)
pde->write_proc = lookupFlag_write; pde->write_proc = lookupFlag_write;
pde = /* pde =
create_proc_read_entry("NTLMV2Enabled", 0, proc_fs_cifs, create_proc_read_entry("NTLMV2Enabled", 0, proc_fs_cifs,
ntlmv2_enabled_read, NULL); ntlmv2_enabled_read, NULL);
if (pde) if (pde)
...@@ -479,7 +529,7 @@ cifs_proc_init(void) ...@@ -479,7 +529,7 @@ cifs_proc_init(void)
create_proc_read_entry("PacketSigningEnabled", 0, proc_fs_cifs, create_proc_read_entry("PacketSigningEnabled", 0, proc_fs_cifs,
packet_signing_enabled_read, NULL); packet_signing_enabled_read, NULL);
if (pde) if (pde)
pde->write_proc = packet_signing_enabled_write; pde->write_proc = packet_signing_enabled_write;*/
} }
void void
...@@ -496,9 +546,9 @@ cifs_proc_clean(void) ...@@ -496,9 +546,9 @@ cifs_proc_clean(void)
#endif #endif
remove_proc_entry("MultiuserMount", proc_fs_cifs); remove_proc_entry("MultiuserMount", proc_fs_cifs);
remove_proc_entry("OplockEnabled", proc_fs_cifs); remove_proc_entry("OplockEnabled", proc_fs_cifs);
remove_proc_entry("NTLMV2Enabled",proc_fs_cifs); /* remove_proc_entry("NTLMV2Enabled",proc_fs_cifs); */
remove_proc_entry("ExtendedSecurity",proc_fs_cifs); remove_proc_entry("SecurityFlags",proc_fs_cifs);
remove_proc_entry("PacketSigningEnabled",proc_fs_cifs); /* remove_proc_entry("PacketSigningEnabled",proc_fs_cifs); */
remove_proc_entry("LinuxExtensionsEnabled",proc_fs_cifs); remove_proc_entry("LinuxExtensionsEnabled",proc_fs_cifs);
remove_proc_entry("Experimental",proc_fs_cifs); remove_proc_entry("Experimental",proc_fs_cifs);
remove_proc_entry("LookupCacheEnabled",proc_fs_cifs); remove_proc_entry("LookupCacheEnabled",proc_fs_cifs);
...@@ -782,12 +832,12 @@ multiuser_mount_write(struct file *file, const char __user *buffer, ...@@ -782,12 +832,12 @@ multiuser_mount_write(struct file *file, const char __user *buffer,
} }
static int static int
extended_security_read(char *page, char **start, off_t off, security_flags_read(char *page, char **start, off_t off,
int count, int *eof, void *data) int count, int *eof, void *data)
{ {
int len; int len;
len = sprintf(page, "%d\n", extended_security); len = sprintf(page, "0x%x\n", extended_security);
len -= off; len -= off;
*start = page + off; *start = page + off;
...@@ -803,24 +853,52 @@ extended_security_read(char *page, char **start, off_t off, ...@@ -803,24 +853,52 @@ extended_security_read(char *page, char **start, off_t off,
return len; return len;
} }
static int static int
extended_security_write(struct file *file, const char __user *buffer, security_flags_write(struct file *file, const char __user *buffer,
unsigned long count, void *data) unsigned long count, void *data)
{ {
unsigned int flags;
char flags_string[12];
char c; char c;
int rc;
rc = get_user(c, buffer); if((count < 1) || (count > 11))
if (rc) return -EINVAL;
return rc;
memset(flags_string, 0, 12);
if(copy_from_user(flags_string, buffer, count))
return -EFAULT;
if(count < 3) {
/* single char or single char followed by null */
c = flags_string[0];
if (c == '0' || c == 'n' || c == 'N') if (c == '0' || c == 'n' || c == 'N')
extended_security = 0; extended_security = CIFSSEC_DEF; /* default */
else if (c == '1' || c == 'y' || c == 'Y') else if (c == '1' || c == 'y' || c == 'Y')
extended_security = 1; extended_security = CIFSSEC_MAX;
return count;
}
/* else we have a number */
flags = simple_strtoul(flags_string, NULL, 0);
cFYI(1,("sec flags 0x%x", flags));
if(flags <= 0) {
cERROR(1,("invalid security flags %s",flags_string));
return -EINVAL;
}
if(flags & ~CIFSSEC_MASK) {
cERROR(1,("attempt to set unsupported security flags 0x%x",
flags & ~CIFSSEC_MASK));
return -EINVAL;
}
/* flags look ok - update the global security flags for cifs module */
extended_security = flags;
return count; return count;
} }
static int /* static int
ntlmv2_enabled_read(char *page, char **start, off_t off, ntlmv2_enabled_read(char *page, char **start, off_t off,
int count, int *eof, void *data) int count, int *eof, void *data)
{ {
...@@ -855,6 +933,8 @@ ntlmv2_enabled_write(struct file *file, const char __user *buffer, ...@@ -855,6 +933,8 @@ ntlmv2_enabled_write(struct file *file, const char __user *buffer,
ntlmv2_support = 0; ntlmv2_support = 0;
else if (c == '1' || c == 'y' || c == 'Y') else if (c == '1' || c == 'y' || c == 'Y')
ntlmv2_support = 1; ntlmv2_support = 1;
else if (c == '2')
ntlmv2_support = 2;
return count; return count;
} }
...@@ -898,7 +978,7 @@ packet_signing_enabled_write(struct file *file, const char __user *buffer, ...@@ -898,7 +978,7 @@ packet_signing_enabled_write(struct file *file, const char __user *buffer,
sign_CIFS_PDUs = 2; sign_CIFS_PDUs = 2;
return count; return count;
} } */
#endif #endif
...@@ -24,6 +24,10 @@ ...@@ -24,6 +24,10 @@
#define _H_CIFS_DEBUG #define _H_CIFS_DEBUG
void cifs_dump_mem(char *label, void *data, int length); void cifs_dump_mem(char *label, void *data, int length);
#ifdef CONFIG_CIFS_DEBUG2
void cifs_dump_detail(struct smb_hdr *);
void cifs_dump_mids(struct TCP_Server_Info *);
#endif
extern int traceSMB; /* flag which enables the function below */ extern int traceSMB; /* flag which enables the function below */
void dump_smb(struct smb_hdr *, int); void dump_smb(struct smb_hdr *, int);
#define CIFS_INFO 0x01 #define CIFS_INFO 0x01
......
...@@ -22,6 +22,7 @@ ...@@ -22,6 +22,7 @@
#include "cifs_unicode.h" #include "cifs_unicode.h"
#include "cifs_uniupr.h" #include "cifs_uniupr.h"
#include "cifspdu.h" #include "cifspdu.h"
#include "cifsglob.h"
#include "cifs_debug.h" #include "cifs_debug.h"
/* /*
......
...@@ -26,6 +26,8 @@ ...@@ -26,6 +26,8 @@
#include "md5.h" #include "md5.h"
#include "cifs_unicode.h" #include "cifs_unicode.h"
#include "cifsproto.h" #include "cifsproto.h"
#include <linux/ctype.h>
#include <linux/random.h>
/* Calculate and return the CIFS signature based on the mac key and the smb pdu */ /* Calculate and return the CIFS signature based on the mac key and the smb pdu */
/* the 16 byte signature must be allocated by the caller */ /* the 16 byte signature must be allocated by the caller */
...@@ -35,6 +37,8 @@ ...@@ -35,6 +37,8 @@
extern void mdfour(unsigned char *out, unsigned char *in, int n); extern void mdfour(unsigned char *out, unsigned char *in, int n);
extern void E_md4hash(const unsigned char *passwd, unsigned char *p16); extern void E_md4hash(const unsigned char *passwd, unsigned char *p16);
extern void SMBencrypt(unsigned char *passwd, unsigned char *c8,
unsigned char *p24);
static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu, static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu,
const char * key, char * signature) const char * key, char * signature)
...@@ -45,7 +49,7 @@ static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu, ...@@ -45,7 +49,7 @@ static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu,
return -EINVAL; return -EINVAL;
MD5Init(&context); MD5Init(&context);
MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16); MD5Update(&context,key,CIFS_SESS_KEY_SIZE+16);
MD5Update(&context,cifs_pdu->Protocol,cifs_pdu->smb_buf_length); MD5Update(&context,cifs_pdu->Protocol,cifs_pdu->smb_buf_length);
MD5Final(signature,&context); MD5Final(signature,&context);
return 0; return 0;
...@@ -90,7 +94,7 @@ static int cifs_calc_signature2(const struct kvec * iov, int n_vec, ...@@ -90,7 +94,7 @@ static int cifs_calc_signature2(const struct kvec * iov, int n_vec,
return -EINVAL; return -EINVAL;
MD5Init(&context); MD5Init(&context);
MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16); MD5Update(&context,key,CIFS_SESS_KEY_SIZE+16);
for(i=0;i<n_vec;i++) { for(i=0;i<n_vec;i++) {
if(iov[i].iov_base == NULL) { if(iov[i].iov_base == NULL) {
cERROR(1,("null iovec entry")); cERROR(1,("null iovec entry"));
...@@ -204,11 +208,12 @@ int cifs_calculate_mac_key(char * key, const char * rn, const char * password) ...@@ -204,11 +208,12 @@ int cifs_calculate_mac_key(char * key, const char * rn, const char * password)
E_md4hash(password, temp_key); E_md4hash(password, temp_key);
mdfour(key,temp_key,16); mdfour(key,temp_key,16);
memcpy(key+16,rn, CIFS_SESSION_KEY_SIZE); memcpy(key+16,rn, CIFS_SESS_KEY_SIZE);
return 0; return 0;
} }
int CalcNTLMv2_partial_mac_key(struct cifsSesInfo * ses, struct nls_table * nls_info) int CalcNTLMv2_partial_mac_key(struct cifsSesInfo * ses,
const struct nls_table * nls_info)
{ {
char temp_hash[16]; char temp_hash[16];
struct HMACMD5Context ctx; struct HMACMD5Context ctx;
...@@ -225,6 +230,8 @@ int CalcNTLMv2_partial_mac_key(struct cifsSesInfo * ses, struct nls_table * nls_ ...@@ -225,6 +230,8 @@ int CalcNTLMv2_partial_mac_key(struct cifsSesInfo * ses, struct nls_table * nls_
user_name_len = strlen(ses->userName); user_name_len = strlen(ses->userName);
if(user_name_len > MAX_USERNAME_SIZE) if(user_name_len > MAX_USERNAME_SIZE)
return -EINVAL; return -EINVAL;
if(ses->domainName == NULL)
return -EINVAL; /* BB should we use CIFS_LINUX_DOM */
dom_name_len = strlen(ses->domainName); dom_name_len = strlen(ses->domainName);
if(dom_name_len > MAX_USERNAME_SIZE) if(dom_name_len > MAX_USERNAME_SIZE)
return -EINVAL; return -EINVAL;
...@@ -259,16 +266,131 @@ int CalcNTLMv2_partial_mac_key(struct cifsSesInfo * ses, struct nls_table * nls_ ...@@ -259,16 +266,131 @@ int CalcNTLMv2_partial_mac_key(struct cifsSesInfo * ses, struct nls_table * nls_
kfree(unicode_buf); kfree(unicode_buf);
return 0; return 0;
} }
void CalcNTLMv2_response(const struct cifsSesInfo * ses,char * v2_session_response)
#ifdef CONFIG_CIFS_WEAK_PW_HASH
void calc_lanman_hash(struct cifsSesInfo * ses, char * lnm_session_key)
{
int i;
char password_with_pad[CIFS_ENCPWD_SIZE];
if(ses->server == NULL)
return;
memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
strncpy(password_with_pad, ses->password, CIFS_ENCPWD_SIZE);
if((ses->server->secMode & SECMODE_PW_ENCRYPT) == 0)
if(extended_security & CIFSSEC_MAY_PLNTXT) {
memcpy(lnm_session_key, password_with_pad, CIFS_ENCPWD_SIZE);
return;
}
/* calculate old style session key */
/* calling toupper is less broken than repeatedly
calling nls_toupper would be since that will never
work for UTF8, but neither handles multibyte code pages
but the only alternative would be converting to UCS-16 (Unicode)
(using a routine something like UniStrupr) then
uppercasing and then converting back from Unicode - which
would only worth doing it if we knew it were utf8. Basically
utf8 and other multibyte codepages each need their own strupper
function since a byte at a time will ont work. */
for(i = 0; i < CIFS_ENCPWD_SIZE; i++) {
password_with_pad[i] = toupper(password_with_pad[i]);
}
SMBencrypt(password_with_pad, ses->server->cryptKey, lnm_session_key);
/* clear password before we return/free memory */
memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
}
#endif /* CIFS_WEAK_PW_HASH */
static int calc_ntlmv2_hash(struct cifsSesInfo *ses,
const struct nls_table * nls_cp)
{
int rc = 0;
int len;
char nt_hash[16];
struct HMACMD5Context * pctxt;
wchar_t * user;
wchar_t * domain;
pctxt = kmalloc(sizeof(struct HMACMD5Context), GFP_KERNEL);
if(pctxt == NULL)
return -ENOMEM;
/* calculate md4 hash of password */
E_md4hash(ses->password, nt_hash);
/* convert Domainname to unicode and uppercase */
hmac_md5_init_limK_to_64(nt_hash, 16, pctxt);
/* convert ses->userName to unicode and uppercase */
len = strlen(ses->userName);
user = kmalloc(2 + (len * 2), GFP_KERNEL);
if(user == NULL)
goto calc_exit_2;
len = cifs_strtoUCS(user, ses->userName, len, nls_cp);
UniStrupr(user);
hmac_md5_update((char *)user, 2*len, pctxt);
/* convert ses->domainName to unicode and uppercase */
if(ses->domainName) {
len = strlen(ses->domainName);
domain = kmalloc(2 + (len * 2), GFP_KERNEL);
if(domain == NULL)
goto calc_exit_1;
len = cifs_strtoUCS(domain, ses->domainName, len, nls_cp);
UniStrupr(domain);
hmac_md5_update((char *)domain, 2*len, pctxt);
kfree(domain);
}
calc_exit_1:
kfree(user);
calc_exit_2:
/* BB FIXME what about bytes 24 through 40 of the signing key?
compare with the NTLM example */
hmac_md5_final(ses->server->mac_signing_key, pctxt);
return rc;
}
void setup_ntlmv2_rsp(struct cifsSesInfo * ses, char * resp_buf,
const struct nls_table * nls_cp)
{
int rc;
struct ntlmv2_resp * buf = (struct ntlmv2_resp *)resp_buf;
buf->blob_signature = cpu_to_le32(0x00000101);
buf->reserved = 0;
buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME));
get_random_bytes(&buf->client_chal, sizeof(buf->client_chal));
buf->reserved2 = 0;
buf->names[0].type = 0;
buf->names[0].length = 0;
/* calculate buf->ntlmv2_hash */
rc = calc_ntlmv2_hash(ses, nls_cp);
if(rc)
cERROR(1,("could not get v2 hash rc %d",rc));
CalcNTLMv2_response(ses, resp_buf);
}
void CalcNTLMv2_response(const struct cifsSesInfo * ses, char * v2_session_response)
{ {
struct HMACMD5Context context; struct HMACMD5Context context;
/* rest of v2 struct already generated */
memcpy(v2_session_response + 8, ses->server->cryptKey,8); memcpy(v2_session_response + 8, ses->server->cryptKey,8);
/* gen_blob(v2_session_response + 16); */
hmac_md5_init_limK_to_64(ses->server->mac_signing_key, 16, &context); hmac_md5_init_limK_to_64(ses->server->mac_signing_key, 16, &context);
hmac_md5_update(ses->server->cryptKey,8,&context); hmac_md5_update(v2_session_response+8,
/* hmac_md5_update(v2_session_response+16)client thing,8,&context); */ /* BB fix */ sizeof(struct ntlmv2_resp) - 8, &context);
hmac_md5_final(v2_session_response,&context); hmac_md5_final(v2_session_response,&context);
cifs_dump_mem("v2_sess_rsp: ", v2_session_response, 32); /* BB removeme BB */ /* cifs_dump_mem("v2_sess_rsp: ", v2_session_response, 32); */
} }
...@@ -56,8 +56,8 @@ unsigned int experimEnabled = 0; ...@@ -56,8 +56,8 @@ unsigned int experimEnabled = 0;
unsigned int linuxExtEnabled = 1; unsigned int linuxExtEnabled = 1;
unsigned int lookupCacheEnabled = 1; unsigned int lookupCacheEnabled = 1;
unsigned int multiuser_mount = 0; unsigned int multiuser_mount = 0;
unsigned int extended_security = 0; unsigned int extended_security = CIFSSEC_DEF;
unsigned int ntlmv2_support = 0; /* unsigned int ntlmv2_support = 0; */
unsigned int sign_CIFS_PDUs = 1; unsigned int sign_CIFS_PDUs = 1;
extern struct task_struct * oplockThread; /* remove sparse warning */ extern struct task_struct * oplockThread; /* remove sparse warning */
struct task_struct * oplockThread = NULL; struct task_struct * oplockThread = NULL;
...@@ -908,7 +908,7 @@ static int cifs_dnotify_thread(void * dummyarg) ...@@ -908,7 +908,7 @@ static int cifs_dnotify_thread(void * dummyarg)
struct cifsSesInfo *ses; struct cifsSesInfo *ses;
do { do {
if(try_to_freeze()) if (try_to_freeze())
continue; continue;
set_current_state(TASK_INTERRUPTIBLE); set_current_state(TASK_INTERRUPTIBLE);
schedule_timeout(15*HZ); schedule_timeout(15*HZ);
......
...@@ -33,6 +33,7 @@ ...@@ -33,6 +33,7 @@
#endif #endif
extern struct address_space_operations cifs_addr_ops; extern struct address_space_operations cifs_addr_ops;
extern struct address_space_operations cifs_addr_ops_smallbuf;
/* Functions related to super block operations */ /* Functions related to super block operations */
extern struct super_operations cifs_super_ops; extern struct super_operations cifs_super_ops;
...@@ -99,5 +100,5 @@ extern ssize_t cifs_getxattr(struct dentry *, const char *, void *, size_t); ...@@ -99,5 +100,5 @@ extern ssize_t cifs_getxattr(struct dentry *, const char *, void *, size_t);
extern ssize_t cifs_listxattr(struct dentry *, char *, size_t); extern ssize_t cifs_listxattr(struct dentry *, char *, size_t);
extern int cifs_ioctl (struct inode * inode, struct file * filep, extern int cifs_ioctl (struct inode * inode, struct file * filep,
unsigned int command, unsigned long arg); unsigned int command, unsigned long arg);
#define CIFS_VERSION "1.43" #define CIFS_VERSION "1.44"
#endif /* _CIFSFS_H */ #endif /* _CIFSFS_H */
...@@ -88,7 +88,8 @@ enum statusEnum { ...@@ -88,7 +88,8 @@ enum statusEnum {
}; };
enum securityEnum { enum securityEnum {
NTLM = 0, /* Legacy NTLM012 auth with NTLM hash */ LANMAN = 0, /* Legacy LANMAN auth */
NTLM, /* Legacy NTLM012 auth with NTLM hash */
NTLMv2, /* Legacy NTLM auth with NTLMv2 hash */ NTLMv2, /* Legacy NTLM auth with NTLMv2 hash */
RawNTLMSSP, /* NTLMSSP without SPNEGO */ RawNTLMSSP, /* NTLMSSP without SPNEGO */
NTLMSSP, /* NTLMSSP via SPNEGO */ NTLMSSP, /* NTLMSSP via SPNEGO */
...@@ -157,7 +158,7 @@ struct TCP_Server_Info { ...@@ -157,7 +158,7 @@ struct TCP_Server_Info {
/* 16th byte of RFC1001 workstation name is always null */ /* 16th byte of RFC1001 workstation name is always null */
char workstation_RFC1001_name[SERVER_NAME_LEN_WITH_NULL]; char workstation_RFC1001_name[SERVER_NAME_LEN_WITH_NULL];
__u32 sequence_number; /* needed for CIFS PDU signature */ __u32 sequence_number; /* needed for CIFS PDU signature */
char mac_signing_key[CIFS_SESSION_KEY_SIZE + 16]; char mac_signing_key[CIFS_SESS_KEY_SIZE + 16];
}; };
/* /*
...@@ -179,10 +180,13 @@ struct cifsUidInfo { ...@@ -179,10 +180,13 @@ struct cifsUidInfo {
struct cifsSesInfo { struct cifsSesInfo {
struct list_head cifsSessionList; struct list_head cifsSessionList;
struct semaphore sesSem; struct semaphore sesSem;
#if 0
struct cifsUidInfo *uidInfo; /* pointer to user info */ struct cifsUidInfo *uidInfo; /* pointer to user info */
#endif
struct TCP_Server_Info *server; /* pointer to server info */ struct TCP_Server_Info *server; /* pointer to server info */
atomic_t inUse; /* # of mounts (tree connections) on this ses */ atomic_t inUse; /* # of mounts (tree connections) on this ses */
enum statusEnum status; enum statusEnum status;
unsigned overrideSecFlg; /* if non-zero override global sec flags */
__u16 ipc_tid; /* special tid for connection to IPC share */ __u16 ipc_tid; /* special tid for connection to IPC share */
__u16 flags; __u16 flags;
char *serverOS; /* name of operating system underlying server */ char *serverOS; /* name of operating system underlying server */
...@@ -194,7 +198,7 @@ struct cifsSesInfo { ...@@ -194,7 +198,7 @@ struct cifsSesInfo {
char serverName[SERVER_NAME_LEN_WITH_NULL * 2]; /* BB make bigger for char serverName[SERVER_NAME_LEN_WITH_NULL * 2]; /* BB make bigger for
TCP names - will ipv6 and sctp addresses fit? */ TCP names - will ipv6 and sctp addresses fit? */
char userName[MAX_USERNAME_SIZE + 1]; char userName[MAX_USERNAME_SIZE + 1];
char domainName[MAX_USERNAME_SIZE + 1]; char * domainName;
char * password; char * password;
}; };
/* session flags */ /* session flags */
...@@ -209,12 +213,12 @@ struct cifsTconInfo { ...@@ -209,12 +213,12 @@ struct cifsTconInfo {
struct list_head openFileList; struct list_head openFileList;
struct semaphore tconSem; struct semaphore tconSem;
struct cifsSesInfo *ses; /* pointer to session associated with */ struct cifsSesInfo *ses; /* pointer to session associated with */
char treeName[MAX_TREE_SIZE + 1]; /* UNC name of resource (in ASCII not UTF) */ char treeName[MAX_TREE_SIZE + 1]; /* UNC name of resource in ASCII */
char *nativeFileSystem; char *nativeFileSystem;
__u16 tid; /* The 2 byte tree id */ __u16 tid; /* The 2 byte tree id */
__u16 Flags; /* optional support bits */ __u16 Flags; /* optional support bits */
enum statusEnum tidStatus; enum statusEnum tidStatus;
atomic_t useCount; /* how many mounts (explicit or implicit) to this share */ atomic_t useCount; /* how many explicit/implicit mounts to share */
#ifdef CONFIG_CIFS_STATS #ifdef CONFIG_CIFS_STATS
atomic_t num_smbs_sent; atomic_t num_smbs_sent;
atomic_t num_writes; atomic_t num_writes;
...@@ -254,7 +258,7 @@ struct cifsTconInfo { ...@@ -254,7 +258,7 @@ struct cifsTconInfo {
spinlock_t stat_lock; spinlock_t stat_lock;
#endif /* CONFIG_CIFS_STATS */ #endif /* CONFIG_CIFS_STATS */
FILE_SYSTEM_DEVICE_INFO fsDevInfo; FILE_SYSTEM_DEVICE_INFO fsDevInfo;
FILE_SYSTEM_ATTRIBUTE_INFO fsAttrInfo; /* ok if file system name truncated */ FILE_SYSTEM_ATTRIBUTE_INFO fsAttrInfo; /* ok if fs name truncated */
FILE_SYSTEM_UNIX_INFO fsUnixInfo; FILE_SYSTEM_UNIX_INFO fsUnixInfo;
unsigned retry:1; unsigned retry:1;
unsigned nocase:1; unsigned nocase:1;
...@@ -305,7 +309,6 @@ struct cifsFileInfo { ...@@ -305,7 +309,6 @@ struct cifsFileInfo {
atomic_t wrtPending; /* handle in use - defer close */ atomic_t wrtPending; /* handle in use - defer close */
struct semaphore fh_sem; /* prevents reopen race after dead ses*/ struct semaphore fh_sem; /* prevents reopen race after dead ses*/
char * search_resume_name; /* BB removeme BB */ char * search_resume_name; /* BB removeme BB */
unsigned int resume_name_length; /* BB removeme - field renamed and moved BB */
struct cifs_search_info srch_inf; struct cifs_search_info srch_inf;
}; };
...@@ -391,9 +394,9 @@ struct mid_q_entry { ...@@ -391,9 +394,9 @@ struct mid_q_entry {
struct smb_hdr *resp_buf; /* response buffer */ struct smb_hdr *resp_buf; /* response buffer */
int midState; /* wish this were enum but can not pass to wait_event */ int midState; /* wish this were enum but can not pass to wait_event */
__u8 command; /* smb command code */ __u8 command; /* smb command code */
unsigned multiPart:1; /* multiple responses to one SMB request */
unsigned largeBuf:1; /* if valid response, is pointer to large buf */ unsigned largeBuf:1; /* if valid response, is pointer to large buf */
unsigned multiResp:1; /* multiple trans2 responses for one request */ unsigned multiRsp:1; /* multiple trans2 responses for one request */
unsigned multiEnd:1; /* both received */
}; };
struct oplock_q_entry { struct oplock_q_entry {
...@@ -430,15 +433,35 @@ struct dir_notify_req { ...@@ -430,15 +433,35 @@ struct dir_notify_req {
#define CIFS_LARGE_BUFFER 2 #define CIFS_LARGE_BUFFER 2
#define CIFS_IOVEC 4 /* array of response buffers */ #define CIFS_IOVEC 4 /* array of response buffers */
/* Type of session setup needed */ /* Security Flags: indicate type of session setup needed */
#define CIFS_PLAINTEXT 0 #define CIFSSEC_MAY_SIGN 0x00001
#define CIFS_LANMAN 1 #define CIFSSEC_MAY_NTLM 0x00002
#define CIFS_NTLM 2 #define CIFSSEC_MAY_NTLMV2 0x00004
#define CIFS_NTLMSSP_NEG 3 #define CIFSSEC_MAY_KRB5 0x00008
#define CIFS_NTLMSSP_AUTH 4 #ifdef CONFIG_CIFS_WEAK_PW_HASH
#define CIFS_SPNEGO_INIT 5 #define CIFSSEC_MAY_LANMAN 0x00010
#define CIFS_SPNEGO_TARG 6 #define CIFSSEC_MAY_PLNTXT 0x00020
#endif /* weak passwords */
#define CIFSSEC_MAY_SEAL 0x00040 /* not supported yet */
#define CIFSSEC_MUST_SIGN 0x01001
/* note that only one of the following can be set so the
result of setting MUST flags more than once will be to
require use of the stronger protocol */
#define CIFSSEC_MUST_NTLM 0x02002
#define CIFSSEC_MUST_NTLMV2 0x04004
#define CIFSSEC_MUST_KRB5 0x08008
#ifdef CONFIG_CIFS_WEAK_PW_HASH
#define CIFSSEC_MUST_LANMAN 0x10010
#define CIFSSEC_MUST_PLNTXT 0x20020
#define CIFSSEC_MASK 0x37037 /* current flags supported if weak */
#else
#define CIFSSEC_MASK 0x07007 /* flags supported if no weak config */
#endif /* WEAK_PW_HASH */
#define CIFSSEC_MUST_SEAL 0x40040 /* not supported yet */
#define CIFSSEC_DEF CIFSSEC_MAY_SIGN | CIFSSEC_MAY_NTLM | CIFSSEC_MAY_NTLMV2
#define CIFSSEC_MAX CIFSSEC_MUST_SIGN | CIFSSEC_MUST_NTLMV2
/* /*
***************************************************************** *****************************************************************
* All constants go here * All constants go here
...@@ -500,7 +523,7 @@ GLOBAL_EXTERN rwlock_t GlobalSMBSeslock; /* protects list inserts on 3 above */ ...@@ -500,7 +523,7 @@ GLOBAL_EXTERN rwlock_t GlobalSMBSeslock; /* protects list inserts on 3 above */
GLOBAL_EXTERN struct list_head GlobalOplock_Q; GLOBAL_EXTERN struct list_head GlobalOplock_Q;
GLOBAL_EXTERN struct list_head GlobalDnotifyReqList; /* Outstanding dir notify requests */ GLOBAL_EXTERN struct list_head GlobalDnotifyReqList; /* Outstanding dir notify requests */
GLOBAL_EXTERN struct list_head GlobalDnotifyRsp_Q; /* Dir notify response queue */ GLOBAL_EXTERN struct list_head GlobalDnotifyRsp_Q;/* DirNotify response queue */
/* /*
* Global transaction id (XID) information * Global transaction id (XID) information
...@@ -508,7 +531,7 @@ GLOBAL_EXTERN struct list_head GlobalDnotifyRsp_Q; /* Dir notify response queue ...@@ -508,7 +531,7 @@ GLOBAL_EXTERN struct list_head GlobalDnotifyRsp_Q; /* Dir notify response queue
GLOBAL_EXTERN unsigned int GlobalCurrentXid; /* protected by GlobalMid_Sem */ GLOBAL_EXTERN unsigned int GlobalCurrentXid; /* protected by GlobalMid_Sem */
GLOBAL_EXTERN unsigned int GlobalTotalActiveXid; /* prot by GlobalMid_Sem */ GLOBAL_EXTERN unsigned int GlobalTotalActiveXid; /* prot by GlobalMid_Sem */
GLOBAL_EXTERN unsigned int GlobalMaxActiveXid; /* prot by GlobalMid_Sem */ GLOBAL_EXTERN unsigned int GlobalMaxActiveXid; /* prot by GlobalMid_Sem */
GLOBAL_EXTERN spinlock_t GlobalMid_Lock; /* protects above and list operations */ GLOBAL_EXTERN spinlock_t GlobalMid_Lock; /* protects above & list operations */
/* on midQ entries */ /* on midQ entries */
GLOBAL_EXTERN char Local_System_Name[15]; GLOBAL_EXTERN char Local_System_Name[15];
...@@ -540,8 +563,8 @@ GLOBAL_EXTERN unsigned int experimEnabled; ...@@ -540,8 +563,8 @@ GLOBAL_EXTERN unsigned int experimEnabled;
GLOBAL_EXTERN unsigned int lookupCacheEnabled; GLOBAL_EXTERN unsigned int lookupCacheEnabled;
GLOBAL_EXTERN unsigned int extended_security; /* if on, session setup sent GLOBAL_EXTERN unsigned int extended_security; /* if on, session setup sent
with more secure ntlmssp2 challenge/resp */ with more secure ntlmssp2 challenge/resp */
GLOBAL_EXTERN unsigned int ntlmv2_support; /* better optional password hash */
GLOBAL_EXTERN unsigned int sign_CIFS_PDUs; /* enable smb packet signing */ GLOBAL_EXTERN unsigned int sign_CIFS_PDUs; /* enable smb packet signing */
GLOBAL_EXTERN unsigned int secFlags;
GLOBAL_EXTERN unsigned int linuxExtEnabled;/*enable Linux/Unix CIFS extensions*/ GLOBAL_EXTERN unsigned int linuxExtEnabled;/*enable Linux/Unix CIFS extensions*/
GLOBAL_EXTERN unsigned int CIFSMaxBufSize; /* max size not including hdr */ GLOBAL_EXTERN unsigned int CIFSMaxBufSize; /* max size not including hdr */
GLOBAL_EXTERN unsigned int cifs_min_rcv; /* min size of big ntwrk buf pool */ GLOBAL_EXTERN unsigned int cifs_min_rcv; /* min size of big ntwrk buf pool */
......
...@@ -24,8 +24,14 @@ ...@@ -24,8 +24,14 @@
#include <net/sock.h> #include <net/sock.h>
#ifdef CONFIG_CIFS_WEAK_PW_HASH
#define LANMAN_PROT 0
#define CIFS_PROT 1
#else
#define CIFS_PROT 0 #define CIFS_PROT 0
#define BAD_PROT CIFS_PROT+1 #endif
#define POSIX_PROT CIFS_PROT+1
#define BAD_PROT 0xFFFF
/* SMB command codes */ /* SMB command codes */
/* Some commands have minimal (wct=0,bcc=0), or uninteresting, responses /* Some commands have minimal (wct=0,bcc=0), or uninteresting, responses
...@@ -110,7 +116,7 @@ ...@@ -110,7 +116,7 @@
/* /*
* Size of the session key (crypto key encrypted with the password * Size of the session key (crypto key encrypted with the password
*/ */
#define CIFS_SESSION_KEY_SIZE (24) #define CIFS_SESS_KEY_SIZE (24)
/* /*
* Maximum user name length * Maximum user name length
...@@ -400,6 +406,29 @@ typedef struct negotiate_req { ...@@ -400,6 +406,29 @@ typedef struct negotiate_req {
unsigned char DialectsArray[1]; unsigned char DialectsArray[1];
} __attribute__((packed)) NEGOTIATE_REQ; } __attribute__((packed)) NEGOTIATE_REQ;
/* Dialect index is 13 for LANMAN */
typedef struct lanman_neg_rsp {
struct smb_hdr hdr; /* wct = 13 */
__le16 DialectIndex;
__le16 SecurityMode;
__le16 MaxBufSize;
__le16 MaxMpxCount;
__le16 MaxNumberVcs;
__le16 RawMode;
__le32 SessionKey;
__le32 ServerTime;
__le16 ServerTimeZone;
__le16 EncryptionKeyLength;
__le16 Reserved;
__u16 ByteCount;
unsigned char EncryptionKey[1];
} __attribute__((packed)) LANMAN_NEG_RSP;
#define READ_RAW_ENABLE 1
#define WRITE_RAW_ENABLE 2
#define RAW_ENABLE (READ_RAW_ENABLE | WRITE_RAW_ENABLE)
typedef struct negotiate_rsp { typedef struct negotiate_rsp {
struct smb_hdr hdr; /* wct = 17 */ struct smb_hdr hdr; /* wct = 17 */
__le16 DialectIndex; __le16 DialectIndex;
...@@ -509,7 +538,7 @@ typedef union smb_com_session_setup_andx { ...@@ -509,7 +538,7 @@ typedef union smb_com_session_setup_andx {
/* unsigned char * NativeOS; */ /* unsigned char * NativeOS; */
/* unsigned char * NativeLanMan; */ /* unsigned char * NativeLanMan; */
/* unsigned char * PrimaryDomain; */ /* unsigned char * PrimaryDomain; */
} __attribute__((packed)) resp; /* NTLM response format (with or without extended security */ } __attribute__((packed)) resp; /* NTLM response with or without extended sec*/
struct { /* request format */ struct { /* request format */
struct smb_hdr hdr; /* wct = 10 */ struct smb_hdr hdr; /* wct = 10 */
...@@ -520,8 +549,8 @@ typedef union smb_com_session_setup_andx { ...@@ -520,8 +549,8 @@ typedef union smb_com_session_setup_andx {
__le16 MaxMpxCount; __le16 MaxMpxCount;
__le16 VcNumber; __le16 VcNumber;
__u32 SessionKey; __u32 SessionKey;
__le16 PassswordLength; __le16 PasswordLength;
__u32 Reserved; __u32 Reserved; /* encrypt key len and offset */
__le16 ByteCount; __le16 ByteCount;
unsigned char AccountPassword[1]; /* followed by */ unsigned char AccountPassword[1]; /* followed by */
/* STRING AccountName */ /* STRING AccountName */
...@@ -543,6 +572,26 @@ typedef union smb_com_session_setup_andx { ...@@ -543,6 +572,26 @@ typedef union smb_com_session_setup_andx {
} __attribute__((packed)) old_resp; /* pre-NTLM (LANMAN2.1) response */ } __attribute__((packed)) old_resp; /* pre-NTLM (LANMAN2.1) response */
} __attribute__((packed)) SESSION_SETUP_ANDX; } __attribute__((packed)) SESSION_SETUP_ANDX;
/* format of NLTMv2 Response ie "case sensitive password" hash when NTLMv2 */
struct ntlmssp2_name {
__le16 type;
__le16 length;
/* char name[length]; */
} __attribute__((packed));
struct ntlmv2_resp {
char ntlmv2_hash[CIFS_ENCPWD_SIZE];
__le32 blob_signature;
__u32 reserved;
__le64 time;
__u64 client_chal; /* random */
__u32 reserved2;
struct ntlmssp2_name names[1];
/* array of name entries could follow ending in minimum 4 byte struct */
} __attribute__((packed));
#define CIFS_NETWORK_OPSYS "CIFS VFS Client for Linux" #define CIFS_NETWORK_OPSYS "CIFS VFS Client for Linux"
/* Capabilities bits (for NTLM SessSetup request) */ /* Capabilities bits (for NTLM SessSetup request) */
...@@ -573,7 +622,9 @@ typedef struct smb_com_tconx_req { ...@@ -573,7 +622,9 @@ typedef struct smb_com_tconx_req {
} __attribute__((packed)) TCONX_REQ; } __attribute__((packed)) TCONX_REQ;
typedef struct smb_com_tconx_rsp { typedef struct smb_com_tconx_rsp {
struct smb_hdr hdr; /* wct = 3 *//* note that Win2000 has sent wct=7 in some cases on responses. Four unspecified words followed OptionalSupport */ struct smb_hdr hdr; /* wct = 3 note that Win2000 has sent wct = 7
in some cases on responses. Four unspecified
words followed OptionalSupport */
__u8 AndXCommand; __u8 AndXCommand;
__u8 AndXReserved; __u8 AndXReserved;
__le16 AndXOffset; __le16 AndXOffset;
...@@ -1323,6 +1374,9 @@ struct smb_t2_rsp { ...@@ -1323,6 +1374,9 @@ struct smb_t2_rsp {
#define SMB_FILE_MAXIMUM_INFO 0x40d #define SMB_FILE_MAXIMUM_INFO 0x40d
/* Find File infolevels */ /* Find File infolevels */
#define SMB_FIND_FILE_INFO_STANDARD 0x001
#define SMB_FIND_FILE_QUERY_EA_SIZE 0x002
#define SMB_FIND_FILE_QUERY_EAS_FROM_LIST 0x003
#define SMB_FIND_FILE_DIRECTORY_INFO 0x101 #define SMB_FIND_FILE_DIRECTORY_INFO 0x101
#define SMB_FIND_FILE_FULL_DIRECTORY_INFO 0x102 #define SMB_FIND_FILE_FULL_DIRECTORY_INFO 0x102
#define SMB_FIND_FILE_NAMES_INFO 0x103 #define SMB_FIND_FILE_NAMES_INFO 0x103
...@@ -1844,13 +1898,13 @@ typedef struct { ...@@ -1844,13 +1898,13 @@ typedef struct {
typedef struct { typedef struct {
__le32 DeviceType; __le32 DeviceType;
__le32 DeviceCharacteristics; __le32 DeviceCharacteristics;
} __attribute__((packed)) FILE_SYSTEM_DEVICE_INFO; /* device info, level 0x104 */ } __attribute__((packed)) FILE_SYSTEM_DEVICE_INFO; /* device info level 0x104 */
typedef struct { typedef struct {
__le32 Attributes; __le32 Attributes;
__le32 MaxPathNameComponentLength; __le32 MaxPathNameComponentLength;
__le32 FileSystemNameLen; __le32 FileSystemNameLen;
char FileSystemName[52]; /* do not really need to save this - so potentially get only subset of name */ char FileSystemName[52]; /* do not have to save this - get subset? */
} __attribute__((packed)) FILE_SYSTEM_ATTRIBUTE_INFO; } __attribute__((packed)) FILE_SYSTEM_ATTRIBUTE_INFO;
/******************************************************************************/ /******************************************************************************/
...@@ -1947,7 +2001,8 @@ typedef struct { ...@@ -1947,7 +2001,8 @@ typedef struct {
struct file_allocation_info { struct file_allocation_info {
__le64 AllocationSize; /* Note old Samba srvr rounds this up too much */ __le64 AllocationSize; /* Note old Samba srvr rounds this up too much */
} __attribute__((packed)); /* size used on disk, level 0x103 for set, 0x105 for query */ } __attribute__((packed)); /* size used on disk, for level 0x103 for set,
0x105 for query */
struct file_end_of_file_info { struct file_end_of_file_info {
__le64 FileSize; /* offset to end of file */ __le64 FileSize; /* offset to end of file */
...@@ -2054,7 +2109,7 @@ typedef struct { ...@@ -2054,7 +2109,7 @@ typedef struct {
__le32 ExtFileAttributes; __le32 ExtFileAttributes;
__le32 FileNameLength; __le32 FileNameLength;
char FileName[1]; char FileName[1];
} __attribute__((packed)) FILE_DIRECTORY_INFO; /* level 0x101 FF response data area */ } __attribute__((packed)) FILE_DIRECTORY_INFO; /* level 0x101 FF resp data */
typedef struct { typedef struct {
__le32 NextEntryOffset; __le32 NextEntryOffset;
...@@ -2069,7 +2124,7 @@ typedef struct { ...@@ -2069,7 +2124,7 @@ typedef struct {
__le32 FileNameLength; __le32 FileNameLength;
__le32 EaSize; /* length of the xattrs */ __le32 EaSize; /* length of the xattrs */
char FileName[1]; char FileName[1];
} __attribute__((packed)) FILE_FULL_DIRECTORY_INFO; /* level 0x102 FF response data area */ } __attribute__((packed)) FILE_FULL_DIRECTORY_INFO; /* level 0x102 rsp data */
typedef struct { typedef struct {
__le32 NextEntryOffset; __le32 NextEntryOffset;
...@@ -2086,7 +2141,7 @@ typedef struct { ...@@ -2086,7 +2141,7 @@ typedef struct {
__le32 Reserved; __le32 Reserved;
__u64 UniqueId; /* inode num - le since Samba puts ino in low 32 bit*/ __u64 UniqueId; /* inode num - le since Samba puts ino in low 32 bit*/
char FileName[1]; char FileName[1];
} __attribute__((packed)) SEARCH_ID_FULL_DIR_INFO; /* level 0x105 FF response data area */ } __attribute__((packed)) SEARCH_ID_FULL_DIR_INFO; /* level 0x105 FF rsp data */
typedef struct { typedef struct {
__le32 NextEntryOffset; __le32 NextEntryOffset;
...@@ -2104,7 +2159,22 @@ typedef struct { ...@@ -2104,7 +2159,22 @@ typedef struct {
__u8 Reserved; __u8 Reserved;
__u8 ShortName[12]; __u8 ShortName[12];
char FileName[1]; char FileName[1];
} __attribute__((packed)) FILE_BOTH_DIRECTORY_INFO; /* level 0x104 FF response data area */ } __attribute__((packed)) FILE_BOTH_DIRECTORY_INFO; /* level 0x104 FFrsp data */
typedef struct {
__u32 ResumeKey;
__le16 CreationDate; /* SMB Date */
__le16 CreationTime; /* SMB Time */
__le16 LastAccessDate;
__le16 LastAccessTime;
__le16 LastWriteDate;
__le16 LastWriteTime;
__le32 DataSize; /* File Size (EOF) */
__le32 AllocationSize;
__le16 Attributes; /* verify not u32 */
__u8 FileNameLength;
char FileName[1];
} __attribute__((packed)) FIND_FILE_STANDARD_INFO; /* level 0x1 FF resp data */
struct win_dev { struct win_dev {
......
...@@ -64,14 +64,12 @@ extern int map_smb_to_linux_error(struct smb_hdr *smb); ...@@ -64,14 +64,12 @@ extern int map_smb_to_linux_error(struct smb_hdr *smb);
extern void header_assemble(struct smb_hdr *, char /* command */ , extern void header_assemble(struct smb_hdr *, char /* command */ ,
const struct cifsTconInfo *, int /* length of const struct cifsTconInfo *, int /* length of
fixed section (word count) in two byte units */); fixed section (word count) in two byte units */);
#ifdef CONFIG_CIFS_EXPERIMENTAL
extern int small_smb_init_no_tc(const int smb_cmd, const int wct, extern int small_smb_init_no_tc(const int smb_cmd, const int wct,
struct cifsSesInfo *ses, struct cifsSesInfo *ses,
void ** request_buf); void ** request_buf);
extern int CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, extern int CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses,
const int stage, int * pNTLMv2_flg, const int stage,
const struct nls_table *nls_cp); const struct nls_table *nls_cp);
#endif
extern __u16 GetNextMid(struct TCP_Server_Info *server); extern __u16 GetNextMid(struct TCP_Server_Info *server);
extern struct oplock_q_entry * AllocOplockQEntry(struct inode *, u16, extern struct oplock_q_entry * AllocOplockQEntry(struct inode *, u16,
struct cifsTconInfo *); struct cifsTconInfo *);
...@@ -285,8 +283,14 @@ extern int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *, ...@@ -285,8 +283,14 @@ extern int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *,
extern int cifs_verify_signature(struct smb_hdr *, const char * mac_key, extern int cifs_verify_signature(struct smb_hdr *, const char * mac_key,
__u32 expected_sequence_number); __u32 expected_sequence_number);
extern int cifs_calculate_mac_key(char * key,const char * rn,const char * pass); extern int cifs_calculate_mac_key(char * key,const char * rn,const char * pass);
extern int CalcNTLMv2_partial_mac_key(struct cifsSesInfo *, struct nls_table *); extern int CalcNTLMv2_partial_mac_key(struct cifsSesInfo *,
extern void CalcNTLMv2_response(const struct cifsSesInfo *,char * ); const struct nls_table *);
extern void CalcNTLMv2_response(const struct cifsSesInfo *, char * );
extern void setup_ntlmv2_rsp(struct cifsSesInfo *, char *,
const struct nls_table *);
#ifdef CONFIG_CIFS_WEAK_PW_HASH
extern void calc_lanman_hash(struct cifsSesInfo * ses, char * lnm_session_key);
#endif /* CIFS_WEAK_PW_HASH */
extern int CIFSSMBCopy(int xid, extern int CIFSSMBCopy(int xid,
struct cifsTconInfo *source_tcon, struct cifsTconInfo *source_tcon,
const char *fromName, const char *fromName,
......
This diff is collapsed.
This diff is collapsed.
...@@ -113,7 +113,7 @@ build_path_from_dentry(struct dentry *direntry) ...@@ -113,7 +113,7 @@ build_path_from_dentry(struct dentry *direntry)
full_path[namelen+2] = 0; full_path[namelen+2] = 0;
BB remove above eight lines BB */ BB remove above eight lines BB */
/* Inode operations in similar order to how they appear in the Linux file fs.h */ /* Inode operations in similar order to how they appear in Linux file fs.h */
int int
cifs_create(struct inode *inode, struct dentry *direntry, int mode, cifs_create(struct inode *inode, struct dentry *direntry, int mode,
...@@ -178,11 +178,14 @@ cifs_create(struct inode *inode, struct dentry *direntry, int mode, ...@@ -178,11 +178,14 @@ cifs_create(struct inode *inode, struct dentry *direntry, int mode,
FreeXid(xid); FreeXid(xid);
return -ENOMEM; return -ENOMEM;
} }
if (cifs_sb->tcon->ses->capabilities & CAP_NT_SMBS)
rc = CIFSSMBOpen(xid, pTcon, full_path, disposition, rc = CIFSSMBOpen(xid, pTcon, full_path, disposition,
desiredAccess, CREATE_NOT_DIR, desiredAccess, CREATE_NOT_DIR,
&fileHandle, &oplock, buf, cifs_sb->local_nls, &fileHandle, &oplock, buf, cifs_sb->local_nls,
cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR); cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
else
rc = -EIO; /* no NT SMB support fall into legacy open below */
if(rc == -EIO) { if(rc == -EIO) {
/* old server, retry the open legacy style */ /* old server, retry the open legacy style */
rc = SMBLegacyOpen(xid, pTcon, full_path, disposition, rc = SMBLegacyOpen(xid, pTcon, full_path, disposition,
...@@ -191,7 +194,7 @@ cifs_create(struct inode *inode, struct dentry *direntry, int mode, ...@@ -191,7 +194,7 @@ cifs_create(struct inode *inode, struct dentry *direntry, int mode,
cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR); cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
} }
if (rc) { if (rc) {
cFYI(1, ("cifs_create returned 0x%x ", rc)); cFYI(1, ("cifs_create returned 0x%x", rc));
} else { } else {
/* If Open reported that we actually created a file /* If Open reported that we actually created a file
then we now have to set the mode if possible */ then we now have to set the mode if possible */
...@@ -369,6 +372,10 @@ int cifs_mknod(struct inode *inode, struct dentry *direntry, int mode, ...@@ -369,6 +372,10 @@ int cifs_mknod(struct inode *inode, struct dentry *direntry, int mode,
cifs_sb->mnt_cifs_flags & cifs_sb->mnt_cifs_flags &
CIFS_MOUNT_MAP_SPECIAL_CHR); CIFS_MOUNT_MAP_SPECIAL_CHR);
/* BB FIXME - add handling for backlevel servers
which need legacy open and check for all
calls to SMBOpen for fallback to
SMBLeagcyOpen */
if(!rc) { if(!rc) {
/* BB Do not bother to decode buf since no /* BB Do not bother to decode buf since no
local inode yet to put timestamps in, local inode yet to put timestamps in,
......
...@@ -91,14 +91,14 @@ int cifs_dir_notify(struct file * file, unsigned long arg) ...@@ -91,14 +91,14 @@ int cifs_dir_notify(struct file * file, unsigned long arg)
if(full_path == NULL) { if(full_path == NULL) {
rc = -ENOMEM; rc = -ENOMEM;
} else { } else {
cERROR(1,("cifs dir notify on file %s with arg 0x%lx",full_path,arg)); /* BB removeme BB */ cFYI(1,("dir notify on file %s Arg 0x%lx",full_path,arg));
rc = CIFSSMBOpen(xid, pTcon, full_path, FILE_OPEN, rc = CIFSSMBOpen(xid, pTcon, full_path, FILE_OPEN,
GENERIC_READ | SYNCHRONIZE, 0 /* create options */, GENERIC_READ | SYNCHRONIZE, 0 /* create options */,
&netfid, &oplock,NULL, cifs_sb->local_nls, &netfid, &oplock,NULL, cifs_sb->local_nls,
cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR); cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
/* BB fixme - add this handle to a notify handle list */ /* BB fixme - add this handle to a notify handle list */
if(rc) { if(rc) {
cERROR(1,("Could not open directory for notify")); /* BB remove BB */ cFYI(1,("Could not open directory for notify"));
} else { } else {
filter = convert_to_cifs_notify_flags(arg); filter = convert_to_cifs_notify_flags(arg);
if(filter != 0) { if(filter != 0) {
......
...@@ -110,7 +110,6 @@ static inline int cifs_open_inode_helper(struct inode *inode, struct file *file, ...@@ -110,7 +110,6 @@ static inline int cifs_open_inode_helper(struct inode *inode, struct file *file,
&pCifsInode->openFileList); &pCifsInode->openFileList);
} }
write_unlock(&GlobalSMBSeslock); write_unlock(&GlobalSMBSeslock);
write_unlock(&file->f_owner.lock);
if (pCifsInode->clientCanCacheRead) { if (pCifsInode->clientCanCacheRead) {
/* we have the inode open somewhere else /* we have the inode open somewhere else
no need to discard cache data */ no need to discard cache data */
...@@ -201,7 +200,7 @@ int cifs_open(struct inode *inode, struct file *file) ...@@ -201,7 +200,7 @@ int cifs_open(struct inode *inode, struct file *file)
} else { } else {
if (file->f_flags & O_EXCL) if (file->f_flags & O_EXCL)
cERROR(1, ("could not find file instance for " cERROR(1, ("could not find file instance for "
"new file %p ", file)); "new file %p", file));
} }
} }
...@@ -260,10 +259,15 @@ int cifs_open(struct inode *inode, struct file *file) ...@@ -260,10 +259,15 @@ int cifs_open(struct inode *inode, struct file *file)
rc = -ENOMEM; rc = -ENOMEM;
goto out; goto out;
} }
rc = CIFSSMBOpen(xid, pTcon, full_path, disposition, desiredAccess,
CREATE_NOT_DIR, &netfid, &oplock, buf, if (cifs_sb->tcon->ses->capabilities & CAP_NT_SMBS)
rc = CIFSSMBOpen(xid, pTcon, full_path, disposition,
desiredAccess, CREATE_NOT_DIR, &netfid, &oplock, buf,
cifs_sb->local_nls, cifs_sb->mnt_cifs_flags cifs_sb->local_nls, cifs_sb->mnt_cifs_flags
& CIFS_MOUNT_MAP_SPECIAL_CHR); & CIFS_MOUNT_MAP_SPECIAL_CHR);
else
rc = -EIO; /* no NT SMB support fall into legacy open below */
if (rc == -EIO) { if (rc == -EIO) {
/* Old server, try legacy style OpenX */ /* Old server, try legacy style OpenX */
rc = SMBLegacyOpen(xid, pTcon, full_path, disposition, rc = SMBLegacyOpen(xid, pTcon, full_path, disposition,
...@@ -272,7 +276,7 @@ int cifs_open(struct inode *inode, struct file *file) ...@@ -272,7 +276,7 @@ int cifs_open(struct inode *inode, struct file *file)
& CIFS_MOUNT_MAP_SPECIAL_CHR); & CIFS_MOUNT_MAP_SPECIAL_CHR);
} }
if (rc) { if (rc) {
cFYI(1, ("cifs_open returned 0x%x ", rc)); cFYI(1, ("cifs_open returned 0x%x", rc));
goto out; goto out;
} }
file->private_data = file->private_data =
...@@ -282,7 +286,6 @@ int cifs_open(struct inode *inode, struct file *file) ...@@ -282,7 +286,6 @@ int cifs_open(struct inode *inode, struct file *file)
goto out; goto out;
} }
pCifsFile = cifs_init_private(file->private_data, inode, file, netfid); pCifsFile = cifs_init_private(file->private_data, inode, file, netfid);
write_lock(&file->f_owner.lock);
write_lock(&GlobalSMBSeslock); write_lock(&GlobalSMBSeslock);
list_add(&pCifsFile->tlist, &pTcon->openFileList); list_add(&pCifsFile->tlist, &pTcon->openFileList);
...@@ -293,7 +296,6 @@ int cifs_open(struct inode *inode, struct file *file) ...@@ -293,7 +296,6 @@ int cifs_open(struct inode *inode, struct file *file)
&oplock, buf, full_path, xid); &oplock, buf, full_path, xid);
} else { } else {
write_unlock(&GlobalSMBSeslock); write_unlock(&GlobalSMBSeslock);
write_unlock(&file->f_owner.lock);
} }
if (oplock & CIFS_CREATE_ACTION) { if (oplock & CIFS_CREATE_ACTION) {
...@@ -409,8 +411,8 @@ static int cifs_reopen_file(struct inode *inode, struct file *file, ...@@ -409,8 +411,8 @@ static int cifs_reopen_file(struct inode *inode, struct file *file,
CIFS_MOUNT_MAP_SPECIAL_CHR); CIFS_MOUNT_MAP_SPECIAL_CHR);
if (rc) { if (rc) {
up(&pCifsFile->fh_sem); up(&pCifsFile->fh_sem);
cFYI(1, ("cifs_open returned 0x%x ", rc)); cFYI(1, ("cifs_open returned 0x%x", rc));
cFYI(1, ("oplock: %d ", oplock)); cFYI(1, ("oplock: %d", oplock));
} else { } else {
pCifsFile->netfid = netfid; pCifsFile->netfid = netfid;
pCifsFile->invalidHandle = FALSE; pCifsFile->invalidHandle = FALSE;
...@@ -472,7 +474,6 @@ int cifs_close(struct inode *inode, struct file *file) ...@@ -472,7 +474,6 @@ int cifs_close(struct inode *inode, struct file *file)
pTcon = cifs_sb->tcon; pTcon = cifs_sb->tcon;
if (pSMBFile) { if (pSMBFile) {
pSMBFile->closePend = TRUE; pSMBFile->closePend = TRUE;
write_lock(&file->f_owner.lock);
if (pTcon) { if (pTcon) {
/* no sense reconnecting to close a file that is /* no sense reconnecting to close a file that is
already closed */ already closed */
...@@ -487,23 +488,18 @@ int cifs_close(struct inode *inode, struct file *file) ...@@ -487,23 +488,18 @@ int cifs_close(struct inode *inode, struct file *file)
the struct would be in each open file, the struct would be in each open file,
but this should give enough time to but this should give enough time to
clear the socket */ clear the socket */
write_unlock(&file->f_owner.lock);
cERROR(1,("close with pending writes")); cERROR(1,("close with pending writes"));
msleep(timeout); msleep(timeout);
write_lock(&file->f_owner.lock);
timeout *= 4; timeout *= 4;
} }
write_unlock(&file->f_owner.lock);
rc = CIFSSMBClose(xid, pTcon, rc = CIFSSMBClose(xid, pTcon,
pSMBFile->netfid); pSMBFile->netfid);
write_lock(&file->f_owner.lock);
} }
} }
write_lock(&GlobalSMBSeslock); write_lock(&GlobalSMBSeslock);
list_del(&pSMBFile->flist); list_del(&pSMBFile->flist);
list_del(&pSMBFile->tlist); list_del(&pSMBFile->tlist);
write_unlock(&GlobalSMBSeslock); write_unlock(&GlobalSMBSeslock);
write_unlock(&file->f_owner.lock);
kfree(pSMBFile->search_resume_name); kfree(pSMBFile->search_resume_name);
kfree(file->private_data); kfree(file->private_data);
file->private_data = NULL; file->private_data = NULL;
...@@ -531,7 +527,7 @@ int cifs_closedir(struct inode *inode, struct file *file) ...@@ -531,7 +527,7 @@ int cifs_closedir(struct inode *inode, struct file *file)
(struct cifsFileInfo *)file->private_data; (struct cifsFileInfo *)file->private_data;
char *ptmp; char *ptmp;
cFYI(1, ("Closedir inode = 0x%p with ", inode)); cFYI(1, ("Closedir inode = 0x%p", inode));
xid = GetXid(); xid = GetXid();
...@@ -605,7 +601,7 @@ int cifs_lock(struct file *file, int cmd, struct file_lock *pfLock) ...@@ -605,7 +601,7 @@ int cifs_lock(struct file *file, int cmd, struct file_lock *pfLock)
} }
if (pfLock->fl_flags & FL_ACCESS) if (pfLock->fl_flags & FL_ACCESS)
cFYI(1, ("Process suspended by mandatory locking - " cFYI(1, ("Process suspended by mandatory locking - "
"not implemented yet ")); "not implemented yet"));
if (pfLock->fl_flags & FL_LEASE) if (pfLock->fl_flags & FL_LEASE)
cFYI(1, ("Lease on file - not implemented yet")); cFYI(1, ("Lease on file - not implemented yet"));
if (pfLock->fl_flags & if (pfLock->fl_flags &
...@@ -1375,7 +1371,7 @@ int cifs_fsync(struct file *file, struct dentry *dentry, int datasync) ...@@ -1375,7 +1371,7 @@ int cifs_fsync(struct file *file, struct dentry *dentry, int datasync)
xid = GetXid(); xid = GetXid();
cFYI(1, ("Sync file - name: %s datasync: 0x%x ", cFYI(1, ("Sync file - name: %s datasync: 0x%x",
dentry->d_name.name, datasync)); dentry->d_name.name, datasync));
rc = filemap_fdatawrite(inode->i_mapping); rc = filemap_fdatawrite(inode->i_mapping);
...@@ -1404,7 +1400,7 @@ int cifs_fsync(struct file *file, struct dentry *dentry, int datasync) ...@@ -1404,7 +1400,7 @@ int cifs_fsync(struct file *file, struct dentry *dentry, int datasync)
/* fill in rpages then /* fill in rpages then
result = cifs_pagein_inode(inode, index, rpages); */ /* BB finish */ result = cifs_pagein_inode(inode, index, rpages); */ /* BB finish */
/* cFYI(1, ("rpages is %d for sync page of Index %ld ", rpages, index)); /* cFYI(1, ("rpages is %d for sync page of Index %ld", rpages, index));
#if 0 #if 0
if (rc < 0) if (rc < 0)
...@@ -1836,7 +1832,7 @@ static int cifs_readpage_worker(struct file *file, struct page *page, ...@@ -1836,7 +1832,7 @@ static int cifs_readpage_worker(struct file *file, struct page *page,
if (rc < 0) if (rc < 0)
goto io_error; goto io_error;
else else
cFYI(1, ("Bytes read %d ",rc)); cFYI(1, ("Bytes read %d",rc));
file->f_dentry->d_inode->i_atime = file->f_dentry->d_inode->i_atime =
current_fs_time(file->f_dentry->d_inode->i_sb); current_fs_time(file->f_dentry->d_inode->i_sb);
...@@ -1957,3 +1953,19 @@ struct address_space_operations cifs_addr_ops = { ...@@ -1957,3 +1953,19 @@ struct address_space_operations cifs_addr_ops = {
/* .sync_page = cifs_sync_page, */ /* .sync_page = cifs_sync_page, */
/* .direct_IO = */ /* .direct_IO = */
}; };
/*
* cifs_readpages requires the server to support a buffer large enough to
* contain the header plus one complete page of data. Otherwise, we need
* to leave cifs_readpages out of the address space operations.
*/
struct address_space_operations cifs_addr_ops_smallbuf = {
.readpage = cifs_readpage,
.writepage = cifs_writepage,
.writepages = cifs_writepages,
.prepare_write = cifs_prepare_write,
.commit_write = cifs_commit_write,
.set_page_dirty = __set_page_dirty_nobuffers,
/* .sync_page = cifs_sync_page, */
/* .direct_IO = */
};
...@@ -41,7 +41,7 @@ int cifs_get_inode_info_unix(struct inode **pinode, ...@@ -41,7 +41,7 @@ int cifs_get_inode_info_unix(struct inode **pinode,
char *tmp_path; char *tmp_path;
pTcon = cifs_sb->tcon; pTcon = cifs_sb->tcon;
cFYI(1, ("Getting info on %s ", search_path)); cFYI(1, ("Getting info on %s", search_path));
/* could have done a find first instead but this returns more info */ /* could have done a find first instead but this returns more info */
rc = CIFSSMBUnixQPathInfo(xid, pTcon, search_path, &findData, rc = CIFSSMBUnixQPathInfo(xid, pTcon, search_path, &findData,
cifs_sb->local_nls, cifs_sb->mnt_cifs_flags & cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
...@@ -97,9 +97,9 @@ int cifs_get_inode_info_unix(struct inode **pinode, ...@@ -97,9 +97,9 @@ int cifs_get_inode_info_unix(struct inode **pinode,
inode = *pinode; inode = *pinode;
cifsInfo = CIFS_I(inode); cifsInfo = CIFS_I(inode);
cFYI(1, ("Old time %ld ", cifsInfo->time)); cFYI(1, ("Old time %ld", cifsInfo->time));
cifsInfo->time = jiffies; cifsInfo->time = jiffies;
cFYI(1, ("New time %ld ", cifsInfo->time)); cFYI(1, ("New time %ld", cifsInfo->time));
/* this is ok to set on every inode revalidate */ /* this is ok to set on every inode revalidate */
atomic_set(&cifsInfo->inUse,1); atomic_set(&cifsInfo->inUse,1);
...@@ -180,11 +180,12 @@ int cifs_get_inode_info_unix(struct inode **pinode, ...@@ -180,11 +180,12 @@ int cifs_get_inode_info_unix(struct inode **pinode,
else /* not direct, send byte range locks */ else /* not direct, send byte range locks */
inode->i_fop = &cifs_file_ops; inode->i_fop = &cifs_file_ops;
inode->i_data.a_ops = &cifs_addr_ops;
/* check if server can support readpages */ /* check if server can support readpages */
if(pTcon->ses->server->maxBuf < if(pTcon->ses->server->maxBuf <
4096 + MAX_CIFS_HDR_SIZE) PAGE_CACHE_SIZE + MAX_CIFS_HDR_SIZE)
inode->i_data.a_ops->readpages = NULL; inode->i_data.a_ops = &cifs_addr_ops_smallbuf;
else
inode->i_data.a_ops = &cifs_addr_ops;
} else if (S_ISDIR(inode->i_mode)) { } else if (S_ISDIR(inode->i_mode)) {
cFYI(1, ("Directory inode")); cFYI(1, ("Directory inode"));
inode->i_op = &cifs_dir_inode_ops; inode->i_op = &cifs_dir_inode_ops;
...@@ -421,23 +422,23 @@ int cifs_get_inode_info(struct inode **pinode, ...@@ -421,23 +422,23 @@ int cifs_get_inode_info(struct inode **pinode,
inode = *pinode; inode = *pinode;
cifsInfo = CIFS_I(inode); cifsInfo = CIFS_I(inode);
cifsInfo->cifsAttrs = attr; cifsInfo->cifsAttrs = attr;
cFYI(1, ("Old time %ld ", cifsInfo->time)); cFYI(1, ("Old time %ld", cifsInfo->time));
cifsInfo->time = jiffies; cifsInfo->time = jiffies;
cFYI(1, ("New time %ld ", cifsInfo->time)); cFYI(1, ("New time %ld", cifsInfo->time));
/* blksize needs to be multiple of two. So safer to default to /* blksize needs to be multiple of two. So safer to default to
blksize and blkbits set in superblock so 2**blkbits and blksize blksize and blkbits set in superblock so 2**blkbits and blksize
will match rather than setting to: will match rather than setting to:
(pTcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE) & 0xFFFFFE00;*/ (pTcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE) & 0xFFFFFE00;*/
/* Linux can not store file creation time unfortunately so we ignore it */ /* Linux can not store file creation time so ignore it */
inode->i_atime = inode->i_atime =
cifs_NTtimeToUnix(le64_to_cpu(pfindData->LastAccessTime)); cifs_NTtimeToUnix(le64_to_cpu(pfindData->LastAccessTime));
inode->i_mtime = inode->i_mtime =
cifs_NTtimeToUnix(le64_to_cpu(pfindData->LastWriteTime)); cifs_NTtimeToUnix(le64_to_cpu(pfindData->LastWriteTime));
inode->i_ctime = inode->i_ctime =
cifs_NTtimeToUnix(le64_to_cpu(pfindData->ChangeTime)); cifs_NTtimeToUnix(le64_to_cpu(pfindData->ChangeTime));
cFYI(0, ("Attributes came in as 0x%x ", attr)); cFYI(0, ("Attributes came in as 0x%x", attr));
/* set default mode. will override for dirs below */ /* set default mode. will override for dirs below */
if (atomic_read(&cifsInfo->inUse) == 0) if (atomic_read(&cifsInfo->inUse) == 0)
...@@ -519,10 +520,11 @@ int cifs_get_inode_info(struct inode **pinode, ...@@ -519,10 +520,11 @@ int cifs_get_inode_info(struct inode **pinode,
else /* not direct, send byte range locks */ else /* not direct, send byte range locks */
inode->i_fop = &cifs_file_ops; inode->i_fop = &cifs_file_ops;
inode->i_data.a_ops = &cifs_addr_ops;
if(pTcon->ses->server->maxBuf < if(pTcon->ses->server->maxBuf <
4096 + MAX_CIFS_HDR_SIZE) PAGE_CACHE_SIZE + MAX_CIFS_HDR_SIZE)
inode->i_data.a_ops->readpages = NULL; inode->i_data.a_ops = &cifs_addr_ops_smallbuf;
else
inode->i_data.a_ops = &cifs_addr_ops;
} else if (S_ISDIR(inode->i_mode)) { } else if (S_ISDIR(inode->i_mode)) {
cFYI(1, ("Directory inode")); cFYI(1, ("Directory inode"));
inode->i_op = &cifs_dir_inode_ops; inode->i_op = &cifs_dir_inode_ops;
...@@ -731,7 +733,7 @@ int cifs_mkdir(struct inode *inode, struct dentry *direntry, int mode) ...@@ -731,7 +733,7 @@ int cifs_mkdir(struct inode *inode, struct dentry *direntry, int mode)
rc = CIFSSMBMkDir(xid, pTcon, full_path, cifs_sb->local_nls, rc = CIFSSMBMkDir(xid, pTcon, full_path, cifs_sb->local_nls,
cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR); cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
if (rc) { if (rc) {
cFYI(1, ("cifs_mkdir returned 0x%x ", rc)); cFYI(1, ("cifs_mkdir returned 0x%x", rc));
d_drop(direntry); d_drop(direntry);
} else { } else {
inode->i_nlink++; inode->i_nlink++;
...@@ -798,7 +800,7 @@ int cifs_rmdir(struct inode *inode, struct dentry *direntry) ...@@ -798,7 +800,7 @@ int cifs_rmdir(struct inode *inode, struct dentry *direntry)
char *full_path = NULL; char *full_path = NULL;
struct cifsInodeInfo *cifsInode; struct cifsInodeInfo *cifsInode;
cFYI(1, ("cifs_rmdir, inode = 0x%p with ", inode)); cFYI(1, ("cifs_rmdir, inode = 0x%p", inode));
xid = GetXid(); xid = GetXid();
...@@ -1121,7 +1123,7 @@ int cifs_setattr(struct dentry *direntry, struct iattr *attrs) ...@@ -1121,7 +1123,7 @@ int cifs_setattr(struct dentry *direntry, struct iattr *attrs)
xid = GetXid(); xid = GetXid();
cFYI(1, ("In cifs_setattr, name = %s attrs->iavalid 0x%x ", cFYI(1, ("setattr on file %s attrs->iavalid 0x%x",
direntry->d_name.name, attrs->ia_valid)); direntry->d_name.name, attrs->ia_valid));
cifs_sb = CIFS_SB(direntry->d_inode->i_sb); cifs_sb = CIFS_SB(direntry->d_inode->i_sb);
...@@ -1157,6 +1159,7 @@ int cifs_setattr(struct dentry *direntry, struct iattr *attrs) ...@@ -1157,6 +1159,7 @@ int cifs_setattr(struct dentry *direntry, struct iattr *attrs)
when the local oplock break takes longer to flush when the local oplock break takes longer to flush
writebehind data than the SMB timeout for the SetPathInfo writebehind data than the SMB timeout for the SetPathInfo
request would allow */ request would allow */
open_file = find_writable_file(cifsInode); open_file = find_writable_file(cifsInode);
if (open_file) { if (open_file) {
__u16 nfid = open_file->netfid; __u16 nfid = open_file->netfid;
...@@ -1289,7 +1292,7 @@ int cifs_setattr(struct dentry *direntry, struct iattr *attrs) ...@@ -1289,7 +1292,7 @@ int cifs_setattr(struct dentry *direntry, struct iattr *attrs)
it may be useful to Windows - but we do it may be useful to Windows - but we do
not want to set ctime unless some other not want to set ctime unless some other
timestamp is changing */ timestamp is changing */
cFYI(1, ("CIFS - CTIME changed ")); cFYI(1, ("CIFS - CTIME changed"));
time_buf.ChangeTime = time_buf.ChangeTime =
cpu_to_le64(cifs_UnixTimeToNT(attrs->ia_ctime)); cpu_to_le64(cifs_UnixTimeToNT(attrs->ia_ctime));
} else } else
...@@ -1356,7 +1359,7 @@ int cifs_setattr(struct dentry *direntry, struct iattr *attrs) ...@@ -1356,7 +1359,7 @@ int cifs_setattr(struct dentry *direntry, struct iattr *attrs)
void cifs_delete_inode(struct inode *inode) void cifs_delete_inode(struct inode *inode)
{ {
cFYI(1, ("In cifs_delete_inode, inode = 0x%p ", inode)); cFYI(1, ("In cifs_delete_inode, inode = 0x%p", inode));
/* may have to add back in if and when safe distributed caching of /* may have to add back in if and when safe distributed caching of
directories added e.g. via FindNotify */ directories added e.g. via FindNotify */
} }
...@@ -167,7 +167,7 @@ cifs_symlink(struct inode *inode, struct dentry *direntry, const char *symname) ...@@ -167,7 +167,7 @@ cifs_symlink(struct inode *inode, struct dentry *direntry, const char *symname)
return -ENOMEM; return -ENOMEM;
} }
cFYI(1, ("Full path: %s ", full_path)); cFYI(1, ("Full path: %s", full_path));
cFYI(1, ("symname is %s", symname)); cFYI(1, ("symname is %s", symname));
/* BB what if DFS and this volume is on different share? BB */ /* BB what if DFS and this volume is on different share? BB */
...@@ -186,8 +186,7 @@ cifs_symlink(struct inode *inode, struct dentry *direntry, const char *symname) ...@@ -186,8 +186,7 @@ cifs_symlink(struct inode *inode, struct dentry *direntry, const char *symname)
inode->i_sb,xid); inode->i_sb,xid);
if (rc != 0) { if (rc != 0) {
cFYI(1, cFYI(1, ("Create symlink ok, getinodeinfo fail rc = %d",
("Create symlink worked but get_inode_info failed with rc = %d ",
rc)); rc));
} else { } else {
if (pTcon->nocase) if (pTcon->nocase)
...@@ -289,7 +288,7 @@ cifs_readlink(struct dentry *direntry, char __user *pBuffer, int buflen) ...@@ -289,7 +288,7 @@ cifs_readlink(struct dentry *direntry, char __user *pBuffer, int buflen)
else { else {
cFYI(1,("num referral: %d",num_referrals)); cFYI(1,("num referral: %d",num_referrals));
if(referrals) { if(referrals) {
cFYI(1,("referral string: %s ",referrals)); cFYI(1,("referral string: %s",referrals));
strncpy(tmpbuffer, referrals, len-1); strncpy(tmpbuffer, referrals, len-1);
} }
} }
......
...@@ -101,6 +101,7 @@ sesInfoFree(struct cifsSesInfo *buf_to_free) ...@@ -101,6 +101,7 @@ sesInfoFree(struct cifsSesInfo *buf_to_free)
kfree(buf_to_free->serverDomain); kfree(buf_to_free->serverDomain);
kfree(buf_to_free->serverNOS); kfree(buf_to_free->serverNOS);
kfree(buf_to_free->password); kfree(buf_to_free->password);
kfree(buf_to_free->domainName);
kfree(buf_to_free); kfree(buf_to_free);
} }
...@@ -499,11 +500,12 @@ is_valid_oplock_break(struct smb_hdr *buf, struct TCP_Server_Info *srv) ...@@ -499,11 +500,12 @@ is_valid_oplock_break(struct smb_hdr *buf, struct TCP_Server_Info *srv)
if(pSMBr->ByteCount > sizeof(struct file_notify_information)) { if(pSMBr->ByteCount > sizeof(struct file_notify_information)) {
data_offset = le32_to_cpu(pSMBr->DataOffset); data_offset = le32_to_cpu(pSMBr->DataOffset);
pnotify = (struct file_notify_information *)((char *)&pSMBr->hdr.Protocol pnotify = (struct file_notify_information *)
+ data_offset); ((char *)&pSMBr->hdr.Protocol + data_offset);
cFYI(1,("dnotify on %s with action: 0x%x",pnotify->FileName, cFYI(1,("dnotify on %s Action: 0x%x",pnotify->FileName,
pnotify->Action)); /* BB removeme BB */ pnotify->Action)); /* BB removeme BB */
/* cifs_dump_mem("Received notify Data is: ",buf,sizeof(struct smb_hdr)+60); */ /* cifs_dump_mem("Rcvd notify Data: ",buf,
sizeof(struct smb_hdr)+60); */
return TRUE; return TRUE;
} }
if(pSMBr->hdr.Status.CifsError) { if(pSMBr->hdr.Status.CifsError) {
......
...@@ -84,11 +84,11 @@ static const struct smb_to_posix_error mapping_table_ERRDOS[] = { ...@@ -84,11 +84,11 @@ static const struct smb_to_posix_error mapping_table_ERRDOS[] = {
static const struct smb_to_posix_error mapping_table_ERRSRV[] = { static const struct smb_to_posix_error mapping_table_ERRSRV[] = {
{ERRerror, -EIO}, {ERRerror, -EIO},
{ERRbadpw, -EPERM}, {ERRbadpw, -EACCES}, /* was EPERM */
{ERRbadtype, -EREMOTE}, {ERRbadtype, -EREMOTE},
{ERRaccess, -EACCES}, {ERRaccess, -EACCES},
{ERRinvtid, -ENXIO}, {ERRinvtid, -ENXIO},
{ERRinvnetname, -ENODEV}, {ERRinvnetname, -ENXIO},
{ERRinvdevice, -ENXIO}, {ERRinvdevice, -ENXIO},
{ERRqfull, -ENOSPC}, {ERRqfull, -ENOSPC},
{ERRqtoobig, -ENOSPC}, {ERRqtoobig, -ENOSPC},
......
/*
* fs/cifs/ntlmssp.h
*
* Copyright (c) International Business Machines Corp., 2006
* Author(s): Steve French (sfrench@us.ibm.com)
*
* This library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published
* by the Free Software Foundation; either version 2.1 of the License, or
* (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
* the GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "cifspdu.h"
#include "cifsglob.h"
#include "cifsproto.h"
#include "cifs_unicode.h"
#include "cifs_debug.h"
#include "ntlmssp.h"
#include "nterr.h"
#ifdef CONFIG_CIFS_EXPERIMENTAL
static __u32 cifs_ssetup_hdr(struct cifsSesInfo *ses, SESSION_SETUP_ANDX *pSMB)
{
__u32 capabilities = 0;
/* init fields common to all four types of SessSetup */
/* note that header is initialized to zero in header_assemble */
pSMB->req.AndXCommand = 0xFF;
pSMB->req.MaxBufferSize = cpu_to_le16(ses->server->maxBuf);
pSMB->req.MaxMpxCount = cpu_to_le16(ses->server->maxReq);
/* Now no need to set SMBFLG_CASELESS or obsolete CANONICAL PATH */
/* BB verify whether signing required on neg or just on auth frame
(and NTLM case) */
capabilities = CAP_LARGE_FILES | CAP_NT_SMBS | CAP_LEVEL_II_OPLOCKS |
CAP_LARGE_WRITE_X | CAP_LARGE_READ_X;
if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
pSMB->req.hdr.Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
if (ses->capabilities & CAP_UNICODE) {
pSMB->req.hdr.Flags2 |= SMBFLG2_UNICODE;
capabilities |= CAP_UNICODE;
}
if (ses->capabilities & CAP_STATUS32) {
pSMB->req.hdr.Flags2 |= SMBFLG2_ERR_STATUS;
capabilities |= CAP_STATUS32;
}
if (ses->capabilities & CAP_DFS) {
pSMB->req.hdr.Flags2 |= SMBFLG2_DFS;
capabilities |= CAP_DFS;
}
/* BB check whether to init vcnum BB */
return capabilities;
}
int
CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, const int type,
int * pNTLMv2_flg, const struct nls_table *nls_cp)
{
int rc = 0;
int wct;
struct smb_hdr *smb_buffer;
char *bcc_ptr;
SESSION_SETUP_ANDX *pSMB;
__u32 capabilities;
if(ses == NULL)
return -EINVAL;
cFYI(1,("SStp type: %d",type));
if(type < CIFS_NTLM) {
#ifndef CONFIG_CIFS_WEAK_PW_HASH
/* LANMAN and plaintext are less secure and off by default.
So we make this explicitly be turned on in kconfig (in the
build) and turned on at runtime (changed from the default)
in proc/fs/cifs or via mount parm. Unfortunately this is
needed for old Win (e.g. Win95), some obscure NAS and OS/2 */
return -EOPNOTSUPP;
#endif
wct = 10; /* lanman 2 style sessionsetup */
} else if(type < CIFS_NTLMSSP_NEG)
wct = 13; /* old style NTLM sessionsetup */
else /* same size for negotiate or auth, NTLMSSP or extended security */
wct = 12;
rc = small_smb_init_no_tc(SMB_COM_SESSION_SETUP_ANDX, wct, ses,
(void **)&smb_buffer);
if(rc)
return rc;
pSMB = (SESSION_SETUP_ANDX *)smb_buffer;
capabilities = cifs_ssetup_hdr(ses, pSMB);
bcc_ptr = pByteArea(smb_buffer);
if(type > CIFS_NTLM) {
pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
capabilities |= CAP_EXTENDED_SECURITY;
pSMB->req.Capabilities = cpu_to_le32(capabilities);
/* BB set password lengths */
} else if(type < CIFS_NTLM) /* lanman */ {
/* no capabilities flags in old lanman negotiation */
/* pSMB->old_req.PasswordLength = */ /* BB fixme BB */
} else /* type CIFS_NTLM */ {
pSMB->req_no_secext.Capabilities = cpu_to_le32(capabilities);
pSMB->req_no_secext.CaseInsensitivePasswordLength =
cpu_to_le16(CIFS_SESSION_KEY_SIZE);
pSMB->req_no_secext.CaseSensitivePasswordLength =
cpu_to_le16(CIFS_SESSION_KEY_SIZE);
}
/* copy session key */
/* if Unicode, align strings to two byte boundary */
/* copy user name */ /* BB Do we need to special case null user name? */
/* copy domain name */
/* copy Linux version */
/* copy network operating system name */
/* update bcc and smb buffer length */
/* rc = SendReceive2(xid, ses, iov, num_iovecs, &resp_buf_type, 0); */
/* SMB request buf freed in SendReceive2 */
return rc;
}
#endif /* CONFIG_CIFS_EXPERIMENTAL */
This diff is collapsed.
This diff is collapsed.
...@@ -30,6 +30,7 @@ ...@@ -30,6 +30,7 @@
#include <linux/random.h> #include <linux/random.h>
#include "cifs_unicode.h" #include "cifs_unicode.h"
#include "cifspdu.h" #include "cifspdu.h"
#include "cifsglob.h"
#include "md5.h" #include "md5.h"
#include "cifs_debug.h" #include "cifs_debug.h"
#include "cifsencrypt.h" #include "cifsencrypt.h"
......
...@@ -654,8 +654,7 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses, ...@@ -654,8 +654,7 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses,
if (in_buf->smb_buf_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) { if (in_buf->smb_buf_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
up(&ses->server->tcpSem); up(&ses->server->tcpSem);
cERROR(1, cERROR(1, ("Illegal length, greater than maximum frame, %d",
("Illegal length, greater than maximum frame, %d ",
in_buf->smb_buf_length)); in_buf->smb_buf_length));
DeleteMidQEntry(midQ); DeleteMidQEntry(midQ);
/* If not lock req, update # of requests on wire to server */ /* If not lock req, update # of requests on wire to server */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment