[CIFS] Fix NTLMv2 mounts to Windows servers
Windows servers are pickier about NTLMv2 than Samba. This enables more secure mounts to Windows (not just Samba) ie when "sec=ntlmv2" is specified on the mount. Signed-off-by: Steve French <sfrench@us.ibm.com>
This commit is contained in:
parent
c99767974e
commit
33ec32fae0
3 changed files with 12 additions and 3 deletions
|
@ -5,7 +5,8 @@ Allow null user to be specified on mount ("username="). Do not return
|
||||||
EINVAL on readdir when filldir fails due to overwritten blocksize
|
EINVAL on readdir when filldir fails due to overwritten blocksize
|
||||||
(fixes FC problem). Return error in rename 2nd attempt retry (ie report
|
(fixes FC problem). Return error in rename 2nd attempt retry (ie report
|
||||||
if rename by handle also fails, after rename by path fails, we were
|
if rename by handle also fails, after rename by path fails, we were
|
||||||
not reporting whether the retry worked or not).
|
not reporting whether the retry worked or not). Fix NTLMv2 to
|
||||||
|
work to Windows servers (mount with option "sec=ntlmv2").
|
||||||
|
|
||||||
Version 1.45
|
Version 1.45
|
||||||
------------
|
------------
|
||||||
|
|
|
@ -372,8 +372,10 @@ void setup_ntlmv2_rsp(struct cifsSesInfo * ses, char * resp_buf,
|
||||||
buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME));
|
buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME));
|
||||||
get_random_bytes(&buf->client_chal, sizeof(buf->client_chal));
|
get_random_bytes(&buf->client_chal, sizeof(buf->client_chal));
|
||||||
buf->reserved2 = 0;
|
buf->reserved2 = 0;
|
||||||
buf->names[0].type = 0;
|
buf->names[0].type = cpu_to_le16(NTLMSSP_DOMAIN_TYPE);
|
||||||
buf->names[0].length = 0;
|
buf->names[0].length = 0;
|
||||||
|
buf->names[1].type = 0;
|
||||||
|
buf->names[1].length = 0;
|
||||||
|
|
||||||
/* calculate buf->ntlmv2_hash */
|
/* calculate buf->ntlmv2_hash */
|
||||||
rc = calc_ntlmv2_hash(ses, nls_cp);
|
rc = calc_ntlmv2_hash(ses, nls_cp);
|
||||||
|
|
|
@ -580,6 +580,12 @@ typedef union smb_com_session_setup_andx {
|
||||||
|
|
||||||
/* format of NLTMv2 Response ie "case sensitive password" hash when NTLMv2 */
|
/* format of NLTMv2 Response ie "case sensitive password" hash when NTLMv2 */
|
||||||
|
|
||||||
|
#define NTLMSSP_SERVER_TYPE 1
|
||||||
|
#define NTLMSSP_DOMAIN_TYPE 2
|
||||||
|
#define NTLMSSP_FQ_DOMAIN_TYPE 3
|
||||||
|
#define NTLMSSP_DNS_DOMAIN_TYPE 4
|
||||||
|
#define NTLMSSP_DNS_PARENT_TYPE 5
|
||||||
|
|
||||||
struct ntlmssp2_name {
|
struct ntlmssp2_name {
|
||||||
__le16 type;
|
__le16 type;
|
||||||
__le16 length;
|
__le16 length;
|
||||||
|
@ -593,7 +599,7 @@ struct ntlmv2_resp {
|
||||||
__le64 time;
|
__le64 time;
|
||||||
__u64 client_chal; /* random */
|
__u64 client_chal; /* random */
|
||||||
__u32 reserved2;
|
__u32 reserved2;
|
||||||
struct ntlmssp2_name names[1];
|
struct ntlmssp2_name names[2];
|
||||||
/* array of name entries could follow ending in minimum 4 byte struct */
|
/* array of name entries could follow ending in minimum 4 byte struct */
|
||||||
} __attribute__((packed));
|
} __attribute__((packed));
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue