[CIFS] NTLMv2 support part 2
Still need to fill in response structure and check that hash works Signed-off-by: Steve French <sfrench@us.ibm.com>
This commit is contained in:
parent
9312f6754d
commit
f64b23ae4a
3 changed files with 35 additions and 7 deletions
|
@ -306,6 +306,8 @@ void calc_lanman_hash(struct cifsSesInfo * ses, char * lnm_session_key)
|
||||||
|
|
||||||
void CalcNTLMv2_response(const struct cifsSesInfo * ses,char * v2_session_response)
|
void CalcNTLMv2_response(const struct cifsSesInfo * ses,char * v2_session_response)
|
||||||
{
|
{
|
||||||
|
/* BB FIXME - update struct ntlmv2_response and change calling convention
|
||||||
|
of this function */
|
||||||
struct HMACMD5Context context;
|
struct HMACMD5Context context;
|
||||||
memcpy(v2_session_response + 8, ses->server->cryptKey,8);
|
memcpy(v2_session_response + 8, ses->server->cryptKey,8);
|
||||||
/* gen_blob(v2_session_response + 16); */
|
/* gen_blob(v2_session_response + 16); */
|
||||||
|
|
|
@ -117,7 +117,6 @@
|
||||||
* Size of the session key (crypto key encrypted with the password
|
* Size of the session key (crypto key encrypted with the password
|
||||||
*/
|
*/
|
||||||
#define CIFS_SESS_KEY_SIZE (24)
|
#define CIFS_SESS_KEY_SIZE (24)
|
||||||
#define V2_SESS_KEY_SIZE (86)
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Maximum user name length
|
* Maximum user name length
|
||||||
|
@ -539,7 +538,7 @@ typedef union smb_com_session_setup_andx {
|
||||||
/* unsigned char * NativeOS; */
|
/* unsigned char * NativeOS; */
|
||||||
/* unsigned char * NativeLanMan; */
|
/* unsigned char * NativeLanMan; */
|
||||||
/* unsigned char * PrimaryDomain; */
|
/* unsigned char * PrimaryDomain; */
|
||||||
} __attribute__((packed)) resp; /* NTLM response format (with or without extended security */
|
} __attribute__((packed)) resp; /* NTLM response with or without extended sec*/
|
||||||
|
|
||||||
struct { /* request format */
|
struct { /* request format */
|
||||||
struct smb_hdr hdr; /* wct = 10 */
|
struct smb_hdr hdr; /* wct = 10 */
|
||||||
|
@ -573,6 +572,26 @@ typedef union smb_com_session_setup_andx {
|
||||||
} __attribute__((packed)) old_resp; /* pre-NTLM (LANMAN2.1) response */
|
} __attribute__((packed)) old_resp; /* pre-NTLM (LANMAN2.1) response */
|
||||||
} __attribute__((packed)) SESSION_SETUP_ANDX;
|
} __attribute__((packed)) SESSION_SETUP_ANDX;
|
||||||
|
|
||||||
|
/* format of NLTMv2 Response ie "case sensitive password" hash when NTLMv2 */
|
||||||
|
|
||||||
|
struct ntlmssp2_name {
|
||||||
|
__le16 type;
|
||||||
|
__le16 length;
|
||||||
|
/* char name[length]; */
|
||||||
|
} __attribute__((packed));
|
||||||
|
|
||||||
|
struct ntlmv2_resp {
|
||||||
|
char ntlmv2_hash[CIFS_ENCPWD_SIZE];
|
||||||
|
__le32 blob_sign;
|
||||||
|
__u32 reserved;
|
||||||
|
__le64 time;
|
||||||
|
__u64 client_chal; /* random */
|
||||||
|
__u32 reserved2;
|
||||||
|
struct ntlmssp2_name names[1];
|
||||||
|
/* array of name entries could follow ending in minimum 4 byte struct */
|
||||||
|
} __attribute__((packed));
|
||||||
|
|
||||||
|
|
||||||
#define CIFS_NETWORK_OPSYS "CIFS VFS Client for Linux"
|
#define CIFS_NETWORK_OPSYS "CIFS VFS Client for Linux"
|
||||||
|
|
||||||
/* Capabilities bits (for NTLM SessSetup request) */
|
/* Capabilities bits (for NTLM SessSetup request) */
|
||||||
|
@ -603,7 +622,9 @@ typedef struct smb_com_tconx_req {
|
||||||
} __attribute__((packed)) TCONX_REQ;
|
} __attribute__((packed)) TCONX_REQ;
|
||||||
|
|
||||||
typedef struct smb_com_tconx_rsp {
|
typedef struct smb_com_tconx_rsp {
|
||||||
struct smb_hdr hdr; /* wct = 3 *//* note that Win2000 has sent wct=7 in some cases on responses. Four unspecified words followed OptionalSupport */
|
struct smb_hdr hdr; /* wct = 3 note that Win2000 has sent wct = 7
|
||||||
|
in some cases on responses. Four unspecified
|
||||||
|
words followed OptionalSupport */
|
||||||
__u8 AndXCommand;
|
__u8 AndXCommand;
|
||||||
__u8 AndXReserved;
|
__u8 AndXReserved;
|
||||||
__le16 AndXOffset;
|
__le16 AndXOffset;
|
||||||
|
|
|
@ -411,7 +411,11 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
|
||||||
else
|
else
|
||||||
ascii_ssetup_strings(&bcc_ptr, ses, nls_cp);
|
ascii_ssetup_strings(&bcc_ptr, ses, nls_cp);
|
||||||
} else if (type == NTLMv2) {
|
} else if (type == NTLMv2) {
|
||||||
char * v2_sess_key = kmalloc(V2_SESS_KEY_SIZE, GFP_KERNEL);
|
char * v2_sess_key = kmalloc(sizeof(struct ntlmv2_resp),
|
||||||
|
GFP_KERNEL);
|
||||||
|
|
||||||
|
/* BB FIXME change all users of v2_sess_key to
|
||||||
|
struct ntlmv2_resp */
|
||||||
|
|
||||||
if(v2_sess_key == NULL) {
|
if(v2_sess_key == NULL) {
|
||||||
cifs_small_buf_release(smb_buf);
|
cifs_small_buf_release(smb_buf);
|
||||||
|
@ -425,7 +429,7 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
|
||||||
/* cpu_to_le16(LM2_SESS_KEY_SIZE); */
|
/* cpu_to_le16(LM2_SESS_KEY_SIZE); */
|
||||||
|
|
||||||
pSMB->req_no_secext.CaseSensitivePasswordLength =
|
pSMB->req_no_secext.CaseSensitivePasswordLength =
|
||||||
cpu_to_le16(V2_SESS_KEY_SIZE);
|
cpu_to_le16(sizeof(struct ntlmv2_resp));
|
||||||
|
|
||||||
/* calculate session key */
|
/* calculate session key */
|
||||||
CalcNTLMv2_response(ses, v2_sess_key);
|
CalcNTLMv2_response(ses, v2_sess_key);
|
||||||
|
@ -438,8 +442,9 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
|
||||||
|
|
||||||
/* memcpy(bcc_ptr, (char *)ntlm_session_key,LM2_SESS_KEY_SIZE);
|
/* memcpy(bcc_ptr, (char *)ntlm_session_key,LM2_SESS_KEY_SIZE);
|
||||||
bcc_ptr += LM2_SESS_KEY_SIZE; */
|
bcc_ptr += LM2_SESS_KEY_SIZE; */
|
||||||
memcpy(bcc_ptr, (char *)v2_sess_key, V2_SESS_KEY_SIZE);
|
memcpy(bcc_ptr, (char *)v2_sess_key, sizeof(struct ntlmv2_resp));
|
||||||
bcc_ptr += V2_SESS_KEY_SIZE;
|
bcc_ptr += sizeof(struct ntlmv2_resp);
|
||||||
|
kfree(v2_sess_key);
|
||||||
if(ses->capabilities & CAP_UNICODE)
|
if(ses->capabilities & CAP_UNICODE)
|
||||||
unicode_ssetup_strings(&bcc_ptr, ses, nls_cp);
|
unicode_ssetup_strings(&bcc_ptr, ses, nls_cp);
|
||||||
else
|
else
|
||||||
|
|
Loading…
Reference in a new issue