summaryrefslogtreecommitdiffstats
path: root/fs/cifs
diff options
context:
space:
mode:
authorSteve French <sfrench@us.ibm.com>2006-03-31 21:22:00 +0000
committerSteve French <sfrench@us.ibm.com>2006-03-31 21:22:00 +0000
commite9917a000fcc370408c8b7b83f2e85dba5fffbd4 (patch)
tree481bf9190677ed2b55e73625e535b86047fc5800 /fs/cifs
parentf1682e94a38b66ee2551f3a5e4b36259a561c411 (diff)
downloadlinux-e9917a000fcc370408c8b7b83f2e85dba5fffbd4.tar.bz2
[CIFS] Incorrect signature sent on SMB Read
Fixes Samba bug 3621 and kernel.org bug 6147 For servers which require SMB/CIFS packet signing, we were sending the wrong signature (all zeros) on SMB Read request. The new cifs routine to do signatures across an iovec was not complete - and SMB Read, unlike the new SMBWrite2, did not fall back to the older routine (ie use SendReceive vs. the more efficient SendReceive2 ie used the older cifs_sign_smb vs. the disabled cifs_sign_smb2) for calculating signatures. This finishes up cifs_sign_smb2/cifs_calc_signature2 so that the callers of SendReceive2 can get SMB/CIFS packet signatures. Now that cifs_sign_smb2 is supported, we could start using it in the write path but this smaller fix does not include the change to use SMBWrite2 when signatures are required (which when enabled will make more Writes more efficient and alloc less memory). Currently Write2 is only used when signatures are not required at the moment but after more testing we will enable that as well). Thanks to James Slepicka and Sam Flory for initial investigation. Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs')
-rw-r--r--fs/cifs/cifsencrypt.c36
1 files changed, 23 insertions, 13 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index c2cbe0ed98b3..e7d63737e651 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -57,9 +57,6 @@ int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server,
int rc = 0;
char smb_signature[20];
- /* BB remember to initialize sequence number elsewhere and initialize mac_signing key elsewhere BB */
- /* BB remember to add code to save expected sequence number in midQ entry BB */
-
if((cifs_pdu == NULL) || (server == NULL))
return -EINVAL;
@@ -86,20 +83,33 @@ int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server,
static int cifs_calc_signature2(const struct kvec * iov, int n_vec,
const char * key, char * signature)
{
- struct MD5Context context;
-
- if((iov == NULL) || (signature == NULL))
- return -EINVAL;
+ struct MD5Context context;
+ int i;
- MD5Init(&context);
- MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16);
+ if((iov == NULL) || (signature == NULL))
+ return -EINVAL;
-/* MD5Update(&context,cifs_pdu->Protocol,cifs_pdu->smb_buf_length); */ /* BB FIXME BB */
+ MD5Init(&context);
+ MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16);
+ for(i=0;i<n_vec;i++) {
+ if(iov[i].iov_base == NULL) {
+ cERROR(1,("null iovec entry"));
+ return -EIO;
+ } else if(iov[i].iov_len == 0)
+ break; /* bail out if we are sent nothing to sign */
+ /* The first entry includes a length field (which does not get
+ signed that occupies the first 4 bytes before the header */
+ if(i==0) {
+ if (iov[0].iov_len <= 8 ) /* cmd field at offset 9 */
+ break; /* nothing to sign or corrupt header */
+ MD5Update(&context,iov[0].iov_base+4, iov[0].iov_len-4);
+ } else
+ MD5Update(&context,iov[i].iov_base, iov[i].iov_len);
+ }
- MD5Final(signature,&context);
+ MD5Final(signature,&context);
- return -EOPNOTSUPP;
-/* return 0; */
+ return 0;
}