]>
Commit | Line | Data |
---|---|---|
1a59d1b8 | 1 | // SPDX-License-Identifier: GPL-2.0-or-later |
50c2f753 | 2 | /* |
1da177e4 LT |
3 | * The ASB.1/BER parsing code is derived from ip_nat_snmp_basic.c which was in |
4 | * turn derived from the gxsnmp package by Gregory McLean & Jochen Friedrich | |
50c2f753 | 5 | * |
1da177e4 | 6 | * Copyright (c) 2000 RP Internet (www.rpi.net.au). |
1da177e4 LT |
7 | */ |
8 | ||
1da177e4 LT |
9 | #include <linux/module.h> |
10 | #include <linux/types.h> | |
11 | #include <linux/kernel.h> | |
12 | #include <linux/mm.h> | |
13 | #include <linux/slab.h> | |
14 | #include "cifspdu.h" | |
15 | #include "cifsglob.h" | |
16 | #include "cifs_debug.h" | |
17 | #include "cifsproto.h" | |
18 | ||
19 | /***************************************************************************** | |
20 | * | |
21 | * Basic ASN.1 decoding routines (gxsnmp author Dirk Wisse) | |
22 | * | |
23 | *****************************************************************************/ | |
24 | ||
25 | /* Class */ | |
26 | #define ASN1_UNI 0 /* Universal */ | |
27 | #define ASN1_APL 1 /* Application */ | |
28 | #define ASN1_CTX 2 /* Context */ | |
29 | #define ASN1_PRV 3 /* Private */ | |
30 | ||
31 | /* Tag */ | |
32 | #define ASN1_EOC 0 /* End Of Contents or N/A */ | |
33 | #define ASN1_BOL 1 /* Boolean */ | |
34 | #define ASN1_INT 2 /* Integer */ | |
35 | #define ASN1_BTS 3 /* Bit String */ | |
36 | #define ASN1_OTS 4 /* Octet String */ | |
37 | #define ASN1_NUL 5 /* Null */ | |
38 | #define ASN1_OJI 6 /* Object Identifier */ | |
39 | #define ASN1_OJD 7 /* Object Description */ | |
40 | #define ASN1_EXT 8 /* External */ | |
f46c7234 | 41 | #define ASN1_ENUM 10 /* Enumerated */ |
1da177e4 LT |
42 | #define ASN1_SEQ 16 /* Sequence */ |
43 | #define ASN1_SET 17 /* Set */ | |
44 | #define ASN1_NUMSTR 18 /* Numerical String */ | |
45 | #define ASN1_PRNSTR 19 /* Printable String */ | |
46 | #define ASN1_TEXSTR 20 /* Teletext String */ | |
47 | #define ASN1_VIDSTR 21 /* Video String */ | |
48 | #define ASN1_IA5STR 22 /* IA5 String */ | |
49 | #define ASN1_UNITIM 23 /* Universal Time */ | |
50 | #define ASN1_GENTIM 24 /* General Time */ | |
51 | #define ASN1_GRASTR 25 /* Graphical String */ | |
52 | #define ASN1_VISSTR 26 /* Visible String */ | |
53 | #define ASN1_GENSTR 27 /* General String */ | |
54 | ||
55 | /* Primitive / Constructed methods*/ | |
56 | #define ASN1_PRI 0 /* Primitive */ | |
57 | #define ASN1_CON 1 /* Constructed */ | |
58 | ||
59 | /* | |
60 | * Error codes. | |
61 | */ | |
62 | #define ASN1_ERR_NOERROR 0 | |
63 | #define ASN1_ERR_DEC_EMPTY 2 | |
64 | #define ASN1_ERR_DEC_EOC_MISMATCH 3 | |
65 | #define ASN1_ERR_DEC_LENGTH_MISMATCH 4 | |
66 | #define ASN1_ERR_DEC_BADVALUE 5 | |
67 | ||
68 | #define SPNEGO_OID_LEN 7 | |
69 | #define NTLMSSP_OID_LEN 10 | |
e545937a | 70 | #define KRB5_OID_LEN 7 |
f46c7234 | 71 | #define KRB5U2U_OID_LEN 8 |
e545937a | 72 | #define MSKRB5_OID_LEN 7 |
1da177e4 LT |
73 | static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 }; |
74 | static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 }; | |
e545937a | 75 | static unsigned long KRB5_OID[7] = { 1, 2, 840, 113554, 1, 2, 2 }; |
f46c7234 | 76 | static unsigned long KRB5U2U_OID[8] = { 1, 2, 840, 113554, 1, 2, 2, 3 }; |
e545937a | 77 | static unsigned long MSKRB5_OID[7] = { 1, 2, 840, 48018, 1, 2, 2 }; |
1da177e4 | 78 | |
50c2f753 | 79 | /* |
1da177e4 LT |
80 | * ASN.1 context. |
81 | */ | |
82 | struct asn1_ctx { | |
83 | int error; /* Error condition */ | |
84 | unsigned char *pointer; /* Octet just to be decoded */ | |
85 | unsigned char *begin; /* First octet */ | |
86 | unsigned char *end; /* Octet after last octet */ | |
87 | }; | |
88 | ||
89 | /* | |
90 | * Octet string (not null terminated) | |
91 | */ | |
92 | struct asn1_octstr { | |
93 | unsigned char *data; | |
94 | unsigned int len; | |
95 | }; | |
96 | ||
97 | static void | |
98 | asn1_open(struct asn1_ctx *ctx, unsigned char *buf, unsigned int len) | |
99 | { | |
100 | ctx->begin = buf; | |
101 | ctx->end = buf + len; | |
102 | ctx->pointer = buf; | |
103 | ctx->error = ASN1_ERR_NOERROR; | |
104 | } | |
105 | ||
106 | static unsigned char | |
107 | asn1_octet_decode(struct asn1_ctx *ctx, unsigned char *ch) | |
108 | { | |
109 | if (ctx->pointer >= ctx->end) { | |
110 | ctx->error = ASN1_ERR_DEC_EMPTY; | |
111 | return 0; | |
112 | } | |
113 | *ch = *(ctx->pointer)++; | |
114 | return 1; | |
115 | } | |
116 | ||
f46c7234 SF |
117 | #if 0 /* will be needed later by spnego decoding/encoding of ntlmssp */ |
118 | static unsigned char | |
119 | asn1_enum_decode(struct asn1_ctx *ctx, __le32 *val) | |
120 | { | |
121 | unsigned char ch; | |
122 | ||
123 | if (ctx->pointer >= ctx->end) { | |
124 | ctx->error = ASN1_ERR_DEC_EMPTY; | |
125 | return 0; | |
126 | } | |
127 | ||
1537a363 | 128 | ch = *(ctx->pointer)++; /* ch has 0xa, ptr points to length octet */ |
f46c7234 SF |
129 | if ((ch) == ASN1_ENUM) /* if ch value is ENUM, 0xa */ |
130 | *val = *(++(ctx->pointer)); /* value has enum value */ | |
131 | else | |
132 | return 0; | |
133 | ||
134 | ctx->pointer++; | |
135 | return 1; | |
136 | } | |
137 | #endif | |
138 | ||
1da177e4 LT |
139 | static unsigned char |
140 | asn1_tag_decode(struct asn1_ctx *ctx, unsigned int *tag) | |
141 | { | |
142 | unsigned char ch; | |
143 | ||
144 | *tag = 0; | |
145 | ||
146 | do { | |
147 | if (!asn1_octet_decode(ctx, &ch)) | |
148 | return 0; | |
149 | *tag <<= 7; | |
150 | *tag |= ch & 0x7F; | |
151 | } while ((ch & 0x80) == 0x80); | |
152 | return 1; | |
153 | } | |
154 | ||
155 | static unsigned char | |
156 | asn1_id_decode(struct asn1_ctx *ctx, | |
157 | unsigned int *cls, unsigned int *con, unsigned int *tag) | |
158 | { | |
159 | unsigned char ch; | |
160 | ||
161 | if (!asn1_octet_decode(ctx, &ch)) | |
162 | return 0; | |
163 | ||
164 | *cls = (ch & 0xC0) >> 6; | |
165 | *con = (ch & 0x20) >> 5; | |
166 | *tag = (ch & 0x1F); | |
167 | ||
168 | if (*tag == 0x1F) { | |
169 | if (!asn1_tag_decode(ctx, tag)) | |
170 | return 0; | |
171 | } | |
172 | return 1; | |
173 | } | |
174 | ||
175 | static unsigned char | |
176 | asn1_length_decode(struct asn1_ctx *ctx, unsigned int *def, unsigned int *len) | |
177 | { | |
178 | unsigned char ch, cnt; | |
179 | ||
180 | if (!asn1_octet_decode(ctx, &ch)) | |
181 | return 0; | |
182 | ||
183 | if (ch == 0x80) | |
184 | *def = 0; | |
185 | else { | |
186 | *def = 1; | |
187 | ||
188 | if (ch < 0x80) | |
189 | *len = ch; | |
190 | else { | |
191 | cnt = (unsigned char) (ch & 0x7F); | |
192 | *len = 0; | |
193 | ||
194 | while (cnt > 0) { | |
195 | if (!asn1_octet_decode(ctx, &ch)) | |
196 | return 0; | |
197 | *len <<= 8; | |
198 | *len |= ch; | |
199 | cnt--; | |
200 | } | |
201 | } | |
202 | } | |
ddb2c435 CW |
203 | |
204 | /* don't trust len bigger than ctx buffer */ | |
205 | if (*len > ctx->end - ctx->pointer) | |
206 | return 0; | |
207 | ||
1da177e4 LT |
208 | return 1; |
209 | } | |
210 | ||
211 | static unsigned char | |
212 | asn1_header_decode(struct asn1_ctx *ctx, | |
213 | unsigned char **eoc, | |
214 | unsigned int *cls, unsigned int *con, unsigned int *tag) | |
215 | { | |
50c2f753 | 216 | unsigned int def = 0; |
ab2f218f | 217 | unsigned int len = 0; |
1da177e4 LT |
218 | |
219 | if (!asn1_id_decode(ctx, cls, con, tag)) | |
220 | return 0; | |
221 | ||
222 | if (!asn1_length_decode(ctx, &def, &len)) | |
223 | return 0; | |
224 | ||
ddb2c435 CW |
225 | /* primitive shall be definite, indefinite shall be constructed */ |
226 | if (*con == ASN1_PRI && !def) | |
227 | return 0; | |
228 | ||
1da177e4 LT |
229 | if (def) |
230 | *eoc = ctx->pointer + len; | |
231 | else | |
232 | *eoc = NULL; | |
233 | return 1; | |
234 | } | |
235 | ||
236 | static unsigned char | |
237 | asn1_eoc_decode(struct asn1_ctx *ctx, unsigned char *eoc) | |
238 | { | |
239 | unsigned char ch; | |
240 | ||
241 | if (eoc == NULL) { | |
242 | if (!asn1_octet_decode(ctx, &ch)) | |
243 | return 0; | |
244 | ||
245 | if (ch != 0x00) { | |
246 | ctx->error = ASN1_ERR_DEC_EOC_MISMATCH; | |
247 | return 0; | |
248 | } | |
249 | ||
250 | if (!asn1_octet_decode(ctx, &ch)) | |
251 | return 0; | |
252 | ||
253 | if (ch != 0x00) { | |
254 | ctx->error = ASN1_ERR_DEC_EOC_MISMATCH; | |
255 | return 0; | |
256 | } | |
257 | return 1; | |
258 | } else { | |
259 | if (ctx->pointer != eoc) { | |
260 | ctx->error = ASN1_ERR_DEC_LENGTH_MISMATCH; | |
261 | return 0; | |
262 | } | |
263 | return 1; | |
264 | } | |
265 | } | |
266 | ||
267 | /* static unsigned char asn1_null_decode(struct asn1_ctx *ctx, | |
268 | unsigned char *eoc) | |
269 | { | |
270 | ctx->pointer = eoc; | |
271 | return 1; | |
272 | } | |
273 | ||
274 | static unsigned char asn1_long_decode(struct asn1_ctx *ctx, | |
275 | unsigned char *eoc, long *integer) | |
276 | { | |
277 | unsigned char ch; | |
278 | unsigned int len; | |
279 | ||
280 | if (!asn1_octet_decode(ctx, &ch)) | |
281 | return 0; | |
282 | ||
283 | *integer = (signed char) ch; | |
284 | len = 1; | |
285 | ||
286 | while (ctx->pointer < eoc) { | |
287 | if (++len > sizeof(long)) { | |
288 | ctx->error = ASN1_ERR_DEC_BADVALUE; | |
289 | return 0; | |
290 | } | |
291 | ||
292 | if (!asn1_octet_decode(ctx, &ch)) | |
293 | return 0; | |
294 | ||
295 | *integer <<= 8; | |
296 | *integer |= ch; | |
297 | } | |
298 | return 1; | |
299 | } | |
300 | ||
301 | static unsigned char asn1_uint_decode(struct asn1_ctx *ctx, | |
302 | unsigned char *eoc, | |
303 | unsigned int *integer) | |
304 | { | |
305 | unsigned char ch; | |
306 | unsigned int len; | |
307 | ||
308 | if (!asn1_octet_decode(ctx, &ch)) | |
309 | return 0; | |
310 | ||
311 | *integer = ch; | |
312 | if (ch == 0) | |
313 | len = 0; | |
314 | else | |
315 | len = 1; | |
316 | ||
317 | while (ctx->pointer < eoc) { | |
318 | if (++len > sizeof(unsigned int)) { | |
319 | ctx->error = ASN1_ERR_DEC_BADVALUE; | |
320 | return 0; | |
321 | } | |
322 | ||
323 | if (!asn1_octet_decode(ctx, &ch)) | |
324 | return 0; | |
325 | ||
326 | *integer <<= 8; | |
327 | *integer |= ch; | |
328 | } | |
329 | return 1; | |
330 | } | |
331 | ||
332 | static unsigned char asn1_ulong_decode(struct asn1_ctx *ctx, | |
333 | unsigned char *eoc, | |
334 | unsigned long *integer) | |
335 | { | |
336 | unsigned char ch; | |
337 | unsigned int len; | |
338 | ||
339 | if (!asn1_octet_decode(ctx, &ch)) | |
340 | return 0; | |
341 | ||
342 | *integer = ch; | |
343 | if (ch == 0) | |
344 | len = 0; | |
345 | else | |
346 | len = 1; | |
347 | ||
348 | while (ctx->pointer < eoc) { | |
349 | if (++len > sizeof(unsigned long)) { | |
350 | ctx->error = ASN1_ERR_DEC_BADVALUE; | |
351 | return 0; | |
352 | } | |
353 | ||
354 | if (!asn1_octet_decode(ctx, &ch)) | |
355 | return 0; | |
356 | ||
357 | *integer <<= 8; | |
358 | *integer |= ch; | |
359 | } | |
360 | return 1; | |
50c2f753 | 361 | } |
1da177e4 LT |
362 | |
363 | static unsigned char | |
364 | asn1_octets_decode(struct asn1_ctx *ctx, | |
365 | unsigned char *eoc, | |
366 | unsigned char **octets, unsigned int *len) | |
367 | { | |
368 | unsigned char *ptr; | |
369 | ||
370 | *len = 0; | |
371 | ||
372 | *octets = kmalloc(eoc - ctx->pointer, GFP_ATOMIC); | |
373 | if (*octets == NULL) { | |
374 | return 0; | |
375 | } | |
376 | ||
377 | ptr = *octets; | |
378 | while (ctx->pointer < eoc) { | |
379 | if (!asn1_octet_decode(ctx, (unsigned char *) ptr++)) { | |
380 | kfree(*octets); | |
381 | *octets = NULL; | |
382 | return 0; | |
383 | } | |
384 | (*len)++; | |
385 | } | |
386 | return 1; | |
387 | } */ | |
388 | ||
389 | static unsigned char | |
390 | asn1_subid_decode(struct asn1_ctx *ctx, unsigned long *subid) | |
391 | { | |
392 | unsigned char ch; | |
393 | ||
394 | *subid = 0; | |
395 | ||
396 | do { | |
397 | if (!asn1_octet_decode(ctx, &ch)) | |
398 | return 0; | |
399 | ||
400 | *subid <<= 7; | |
401 | *subid |= ch & 0x7F; | |
402 | } while ((ch & 0x80) == 0x80); | |
403 | return 1; | |
404 | } | |
405 | ||
50c2f753 | 406 | static int |
1da177e4 LT |
407 | asn1_oid_decode(struct asn1_ctx *ctx, |
408 | unsigned char *eoc, unsigned long **oid, unsigned int *len) | |
409 | { | |
410 | unsigned long subid; | |
411 | unsigned int size; | |
412 | unsigned long *optr; | |
413 | ||
414 | size = eoc - ctx->pointer + 1; | |
ddb2c435 CW |
415 | |
416 | /* first subid actually encodes first two subids */ | |
04e1e0cc | 417 | if (size < 2 || size > UINT_MAX/sizeof(unsigned long)) |
ddb2c435 CW |
418 | return 0; |
419 | ||
6da2ec56 | 420 | *oid = kmalloc_array(size, sizeof(unsigned long), GFP_ATOMIC); |
26f57364 | 421 | if (*oid == NULL) |
1da177e4 | 422 | return 0; |
1da177e4 LT |
423 | |
424 | optr = *oid; | |
425 | ||
426 | if (!asn1_subid_decode(ctx, &subid)) { | |
427 | kfree(*oid); | |
428 | *oid = NULL; | |
429 | return 0; | |
430 | } | |
431 | ||
432 | if (subid < 40) { | |
433 | optr[0] = 0; | |
434 | optr[1] = subid; | |
435 | } else if (subid < 80) { | |
436 | optr[0] = 1; | |
437 | optr[1] = subid - 40; | |
438 | } else { | |
439 | optr[0] = 2; | |
440 | optr[1] = subid - 80; | |
441 | } | |
442 | ||
443 | *len = 2; | |
444 | optr += 2; | |
445 | ||
446 | while (ctx->pointer < eoc) { | |
447 | if (++(*len) > size) { | |
448 | ctx->error = ASN1_ERR_DEC_BADVALUE; | |
449 | kfree(*oid); | |
450 | *oid = NULL; | |
451 | return 0; | |
452 | } | |
453 | ||
454 | if (!asn1_subid_decode(ctx, optr++)) { | |
455 | kfree(*oid); | |
456 | *oid = NULL; | |
457 | return 0; | |
458 | } | |
459 | } | |
460 | return 1; | |
461 | } | |
462 | ||
463 | static int | |
464 | compare_oid(unsigned long *oid1, unsigned int oid1len, | |
465 | unsigned long *oid2, unsigned int oid2len) | |
466 | { | |
467 | unsigned int i; | |
468 | ||
469 | if (oid1len != oid2len) | |
470 | return 0; | |
471 | else { | |
472 | for (i = 0; i < oid1len; i++) { | |
473 | if (oid1[i] != oid2[i]) | |
474 | return 0; | |
475 | } | |
476 | return 1; | |
477 | } | |
478 | } | |
479 | ||
480 | /* BB check for endian conversion issues here */ | |
481 | ||
482 | int | |
483 | decode_negTokenInit(unsigned char *security_blob, int length, | |
26efa0ba | 484 | struct TCP_Server_Info *server) |
1da177e4 LT |
485 | { |
486 | struct asn1_ctx ctx; | |
487 | unsigned char *end; | |
488 | unsigned char *sequence_end; | |
489 | unsigned long *oid = NULL; | |
490 | unsigned int cls, con, tag, oidlen, rc; | |
1da177e4 | 491 | |
1da177e4 LT |
492 | /* cifs_dump_mem(" Received SecBlob ", security_blob, length); */ |
493 | ||
494 | asn1_open(&ctx, security_blob, length); | |
495 | ||
2f0e58ac | 496 | /* GSSAPI header */ |
1da177e4 | 497 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { |
f96637be | 498 | cifs_dbg(FYI, "Error decoding negTokenInit header\n"); |
1da177e4 LT |
499 | return 0; |
500 | } else if ((cls != ASN1_APL) || (con != ASN1_CON) | |
501 | || (tag != ASN1_EOC)) { | |
f96637be | 502 | cifs_dbg(FYI, "cls = %d con = %d tag = %d\n", cls, con, tag); |
1da177e4 | 503 | return 0; |
2f0e58ac | 504 | } |
1da177e4 | 505 | |
2f0e58ac JL |
506 | /* Check for SPNEGO OID -- remember to free obj->oid */ |
507 | rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag); | |
508 | if (rc) { | |
509 | if ((tag == ASN1_OJI) && (con == ASN1_PRI) && | |
510 | (cls == ASN1_UNI)) { | |
511 | rc = asn1_oid_decode(&ctx, end, &oid, &oidlen); | |
512 | if (rc) { | |
513 | rc = compare_oid(oid, oidlen, SPNEGO_OID, | |
514 | SPNEGO_OID_LEN); | |
515 | kfree(oid); | |
516 | } | |
517 | } else | |
518 | rc = 0; | |
519 | } | |
1da177e4 | 520 | |
2f0e58ac JL |
521 | /* SPNEGO OID not present or garbled -- bail out */ |
522 | if (!rc) { | |
f96637be | 523 | cifs_dbg(FYI, "Error decoding negTokenInit header\n"); |
2f0e58ac JL |
524 | return 0; |
525 | } | |
1da177e4 | 526 | |
f46c7234 | 527 | /* SPNEGO */ |
2f0e58ac | 528 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { |
f96637be | 529 | cifs_dbg(FYI, "Error decoding negTokenInit\n"); |
2f0e58ac JL |
530 | return 0; |
531 | } else if ((cls != ASN1_CTX) || (con != ASN1_CON) | |
532 | || (tag != ASN1_EOC)) { | |
d367cb96 DC |
533 | cifs_dbg(FYI, "cls = %d con = %d tag = %d end = %p exit 0\n", |
534 | cls, con, tag, end); | |
2f0e58ac JL |
535 | return 0; |
536 | } | |
1da177e4 | 537 | |
f46c7234 | 538 | /* negTokenInit */ |
2f0e58ac | 539 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { |
f96637be | 540 | cifs_dbg(FYI, "Error decoding negTokenInit\n"); |
2f0e58ac JL |
541 | return 0; |
542 | } else if ((cls != ASN1_UNI) || (con != ASN1_CON) | |
543 | || (tag != ASN1_SEQ)) { | |
d367cb96 DC |
544 | cifs_dbg(FYI, "cls = %d con = %d tag = %d end = %p exit 1\n", |
545 | cls, con, tag, end); | |
2f0e58ac JL |
546 | return 0; |
547 | } | |
1da177e4 | 548 | |
f46c7234 | 549 | /* sequence */ |
2f0e58ac | 550 | if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { |
f96637be | 551 | cifs_dbg(FYI, "Error decoding 2nd part of negTokenInit\n"); |
2f0e58ac JL |
552 | return 0; |
553 | } else if ((cls != ASN1_CTX) || (con != ASN1_CON) | |
554 | || (tag != ASN1_EOC)) { | |
d367cb96 DC |
555 | cifs_dbg(FYI, "cls = %d con = %d tag = %d end = %p exit 0\n", |
556 | cls, con, tag, end); | |
2f0e58ac JL |
557 | return 0; |
558 | } | |
1da177e4 | 559 | |
f46c7234 | 560 | /* sequence of */ |
2f0e58ac JL |
561 | if (asn1_header_decode |
562 | (&ctx, &sequence_end, &cls, &con, &tag) == 0) { | |
f96637be | 563 | cifs_dbg(FYI, "Error decoding 2nd part of negTokenInit\n"); |
2f0e58ac JL |
564 | return 0; |
565 | } else if ((cls != ASN1_UNI) || (con != ASN1_CON) | |
566 | || (tag != ASN1_SEQ)) { | |
d367cb96 DC |
567 | cifs_dbg(FYI, "cls = %d con = %d tag = %d sequence_end = %p exit 1\n", |
568 | cls, con, tag, sequence_end); | |
2f0e58ac JL |
569 | return 0; |
570 | } | |
1da177e4 | 571 | |
f46c7234 | 572 | /* list of security mechanisms */ |
2f0e58ac JL |
573 | while (!asn1_eoc_decode(&ctx, sequence_end)) { |
574 | rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag); | |
575 | if (!rc) { | |
f96637be | 576 | cifs_dbg(FYI, "Error decoding negTokenInit hdr exit2\n"); |
1da177e4 LT |
577 | return 0; |
578 | } | |
2f0e58ac JL |
579 | if ((tag == ASN1_OJI) && (con == ASN1_PRI)) { |
580 | if (asn1_oid_decode(&ctx, end, &oid, &oidlen)) { | |
581 | ||
f96637be JP |
582 | cifs_dbg(FYI, "OID len = %d oid = 0x%lx 0x%lx 0x%lx 0x%lx\n", |
583 | oidlen, *oid, *(oid + 1), *(oid + 2), | |
584 | *(oid + 3)); | |
2f0e58ac JL |
585 | |
586 | if (compare_oid(oid, oidlen, MSKRB5_OID, | |
26efa0ba JL |
587 | MSKRB5_OID_LEN)) |
588 | server->sec_mskerberos = true; | |
c8e56f1f | 589 | else if (compare_oid(oid, oidlen, KRB5U2U_OID, |
26efa0ba JL |
590 | KRB5U2U_OID_LEN)) |
591 | server->sec_kerberosu2u = true; | |
c8e56f1f | 592 | else if (compare_oid(oid, oidlen, KRB5_OID, |
26efa0ba JL |
593 | KRB5_OID_LEN)) |
594 | server->sec_kerberos = true; | |
c8e56f1f | 595 | else if (compare_oid(oid, oidlen, NTLMSSP_OID, |
2f0e58ac | 596 | NTLMSSP_OID_LEN)) |
26efa0ba | 597 | server->sec_ntlmssp = true; |
2f0e58ac JL |
598 | |
599 | kfree(oid); | |
600 | } | |
601 | } else { | |
f96637be | 602 | cifs_dbg(FYI, "Should be an oid what is going on?\n"); |
1da177e4 | 603 | } |
2f0e58ac | 604 | } |
1da177e4 | 605 | |
f853c616 JL |
606 | /* |
607 | * We currently ignore anything at the end of the SPNEGO blob after | |
608 | * the mechTypes have been parsed, since none of that info is | |
609 | * used at the moment. | |
610 | */ | |
1da177e4 LT |
611 | return 1; |
612 | } |