]> git.proxmox.com Git - mirror_ubuntu-kernels.git/commitdiff
cifs: have calc_lanman_hash take more granular args
authorJeff Layton <jlayton@redhat.com>
Sat, 6 Dec 2008 01:41:21 +0000 (20:41 -0500)
committerSteve French <sfrench@us.ibm.com>
Fri, 26 Dec 2008 02:29:11 +0000 (02:29 +0000)
cifs: have calc_lanman_hash take more granular args

We need to use this routine to encrypt passwords associated with the
tcon too. Don't assume that the password will be attached to the
smb_session.

Also, make some of the values in the lower encryption functions
const since they aren't changed.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
fs/cifs/cifsencrypt.c
fs/cifs/cifsencrypt.h
fs/cifs/cifsproto.h
fs/cifs/connect.c
fs/cifs/sess.c
fs/cifs/smbdes.c
fs/cifs/smbencrypt.c

index bd5f13d38450ba5872658b2bee53a3ca017eb812..d4839cf0cb2c79fecf81b17efc95177bef59d4dc 100644 (file)
@@ -37,7 +37,7 @@
 
 extern void mdfour(unsigned char *out, unsigned char *in, int n);
 extern void E_md4hash(const unsigned char *passwd, unsigned char *p16);
-extern void SMBencrypt(unsigned char *passwd, unsigned char *c8,
+extern void SMBencrypt(unsigned char *passwd, const unsigned char *c8,
                       unsigned char *p24);
 
 static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu,
@@ -280,25 +280,22 @@ int CalcNTLMv2_partial_mac_key(struct cifsSesInfo *ses,
 }
 
 #ifdef CONFIG_CIFS_WEAK_PW_HASH
-void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key)
+void calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt,
+                       char *lnm_session_key)
 {
        int i;
        char password_with_pad[CIFS_ENCPWD_SIZE];
 
-       if (ses->server == NULL)
-               return;
-
        memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
-       if (ses->password)
-               strncpy(password_with_pad, ses->password, CIFS_ENCPWD_SIZE);
-
-       if ((ses->server->secMode & SECMODE_PW_ENCRYPT) == 0)
-               if (extended_security & CIFSSEC_MAY_PLNTXT) {
-                       memset(lnm_session_key, 0, CIFS_SESS_KEY_SIZE);
-                       memcpy(lnm_session_key, password_with_pad,
-                               CIFS_ENCPWD_SIZE);
-                       return;
-               }
+       if (password)
+               strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);
+
+       if (!encrypt && extended_security & CIFSSEC_MAY_PLNTXT) {
+               memset(lnm_session_key, 0, CIFS_SESS_KEY_SIZE);
+               memcpy(lnm_session_key, password_with_pad,
+                       CIFS_ENCPWD_SIZE);
+               return;
+       }
 
        /* calculate old style session key */
        /* calling toupper is less broken than repeatedly
@@ -314,7 +311,8 @@ void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key)
        for (i = 0; i < CIFS_ENCPWD_SIZE; i++)
                password_with_pad[i] = toupper(password_with_pad[i]);
 
-       SMBencrypt(password_with_pad, ses->server->cryptKey, lnm_session_key);
+       SMBencrypt(password_with_pad, cryptkey, lnm_session_key);
+
        /* clear password before we return/free memory */
        memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
 }
index 152fa2dcfc6c70e80741f92be2e56ab7e5799226..15d2ec0064747128ea7b455e94079b476e9ade27 100644 (file)
@@ -26,7 +26,8 @@
 extern void mdfour(unsigned char *out, unsigned char *in, int n);
 /* smbdes.c */
 extern void E_P16(unsigned char *p14, unsigned char *p16);
-extern void E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24);
+extern void E_P24(unsigned char *p21, const unsigned char *c8,
+                 unsigned char *p24);
 
 
 
index 6f21ecb85ce517b07d36d973cfb030d478e08ebf..f48616536078edb523d326ef61446953771e32d5 100644 (file)
@@ -330,7 +330,8 @@ extern void CalcNTLMv2_response(const struct cifsSesInfo *, char *);
 extern void setup_ntlmv2_rsp(struct cifsSesInfo *, char *,
                             const struct nls_table *);
 #ifdef CONFIG_CIFS_WEAK_PW_HASH
-extern void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key);
+extern void calc_lanman_hash(const char *password, const char *cryptkey,
+                               bool encrypt, char *lnm_session_key);
 #endif /* CIFS_WEAK_PW_HASH */
 extern int CIFSSMBCopy(int xid,
                        struct cifsTconInfo *source_tcon,
index 6107ee42b0930278f37f47b801ca6a8862327108..3a84a375cb6f4d535443232ed0ae408611a917d6 100644 (file)
@@ -3533,7 +3533,10 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
 #ifdef CONFIG_CIFS_WEAK_PW_HASH
                if ((extended_security & CIFSSEC_MAY_LANMAN) &&
                        (ses->server->secType == LANMAN))
-                       calc_lanman_hash(ses, bcc_ptr);
+                       calc_lanman_hash(ses->password, ses->server->cryptKey,
+                                        ses->server->secMode &
+                                           SECMODE_PW_ENCRYPT ? true : false,
+                                        bcc_ptr);
                else
 #endif /* CIFS_WEAK_PW_HASH */
                SMBNTencrypt(ses->password,
index 2851d5da0c8c03f34143fb7b24542d3da239a2f8..5f22de7b79a900fe9bbd79e68f9823da136d132e 100644 (file)
@@ -417,7 +417,10 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
                /* BB calculate hash with password */
                /* and copy into bcc */
 
-               calc_lanman_hash(ses, lnm_session_key);
+               calc_lanman_hash(ses->password, ses->server->cryptKey,
+                                ses->server->secMode & SECMODE_PW_ENCRYPT ?
+                                       true : false, lnm_session_key);
+
                ses->flags |= CIFS_SES_LANMAN;
                memcpy(bcc_ptr, (char *)lnm_session_key, CIFS_SESS_KEY_SIZE);
                bcc_ptr += CIFS_SESS_KEY_SIZE;
index 04943c976f98d1df3810d42d2a362cc940c27131..224a1f4789666fe0e7873fa456ecc3915bb36cbd 100644 (file)
@@ -318,7 +318,8 @@ str_to_key(unsigned char *str, unsigned char *key)
 }
 
 static void
-smbhash(unsigned char *out, unsigned char *in, unsigned char *key, int forw)
+smbhash(unsigned char *out, const unsigned char *in, unsigned char *key,
+       int forw)
 {
        int i;
        char *outb; /* outb[64] */
@@ -363,7 +364,7 @@ E_P16(unsigned char *p14, unsigned char *p16)
 }
 
 void
-E_P24(unsigned char *p21, unsigned char *c8, unsigned char *p24)
+E_P24(unsigned char *p21, const unsigned char *c8, unsigned char *p24)
 {
        smbhash(p24, c8, p21, 1);
        smbhash(p24 + 8, c8, p21 + 7, 1);
index ff3232fa1015b4bebdcfeaa5d49a4bc365b21276..93fb09a99c690285f466a1d1734b38dd4ef80f46 100644 (file)
 
 /*The following definitions come from  libsmb/smbencrypt.c  */
 
-void SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24);
+void SMBencrypt(unsigned char *passwd, const unsigned char *c8,
+               unsigned char *p24);
 void E_md4hash(const unsigned char *passwd, unsigned char *p16);
-static void SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8,
+static void SMBOWFencrypt(unsigned char passwd[16], const unsigned char *c8,
                   unsigned char p24[24]);
 void SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24);
 
@@ -61,7 +62,7 @@ void SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24);
    encrypted password into p24 */
 /* Note that password must be uppercased and null terminated */
 void
-SMBencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24)
+SMBencrypt(unsigned char *passwd, const unsigned char *c8, unsigned char *p24)
 {
        unsigned char p14[15], p21[21];
 
@@ -212,7 +213,7 @@ ntv2_owf_gen(const unsigned char owf[16], const char *user_n,
 
 /* Does the des encryption from the NT or LM MD4 hash. */
 static void
-SMBOWFencrypt(unsigned char passwd[16], unsigned char *c8,
+SMBOWFencrypt(unsigned char passwd[16], const unsigned char *c8,
              unsigned char p24[24])
 {
        unsigned char p21[21];