summaryrefslogtreecommitdiffstats
path: root/fs/cifs/cifsencrypt.c
AgeCommit message (Collapse)AuthorFilesLines
2008-12-26cifs: have calc_lanman_hash take more granular argsJeff Layton1-16/+14
cifs: have calc_lanman_hash take more granular args We need to use this routine to encrypt passwords associated with the tcon too. Don't assume that the password will be attached to the smb_session. Also, make some of the values in the lower encryption functions const since they aren't changed. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-27[CIFS] Fix plaintext authenticationSteve French1-0/+1
The last eight bytes of the password field were not cleared when doing lanman plaintext password authentication. This patch fixes that. I tested it with Samba by setting password encryption to no in the server's smb.conf. Other servers also can be configured to force plaintext authentication. Note that plaintexti authentication requires setting /proc/fs/cifs/SecurityFlags to 0x30030 on the client (enabling both LANMAN and also plaintext password support). Also note that LANMAN support (and thus plaintext password support) requires CONFIG_CIFS_WEAK_PW_HASH to be enabled in menuconfig. CC: Jeff Layton <jlayton@redhat.com> CC: Stable Kernel <stable@vger.kernel.org> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-07-24[CIFS] Fix warnings from checkpatchShirish Pargaonkar1-2/+1
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-11-05[CIFS] Fix walking out end of cifs daclSteve French1-2/+2
Acked-by: Shirish Pargaonkar <shirishp@us.ibm.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-11-03[CIFS] allow cifs_calc_signature2 to deal with a zero length iovecJeff Layton1-2/+3
Currently, cifs_calc_signature2 errors out if it gets a zero-length iovec. Fix it to silently continue in that case. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-10-14[CIFS] Fix endian conversion problem in posix mkdirCyril Gorcunov1-2/+3
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-07-17[CIFS] More whitespace/formatting fixes (noticed by checkpatch)Steve French1-1/+2
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-07-13[CIFS] whitespace/formatting fixesSteve French1-58/+64
This should be the last big batch of whitespace/formatting fixes. checkpatch warnings for the cifs directory are down about 90% and many of the remaining ones are harder to remove or make the code harder to read. Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-07-09[CIFS] Fix packet signatures for NTLMv2 caseSteve French1-23/+40
Signed-off-by: Yehuda Sadeh Weinraub <Yehuda.Sadeh@expand.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-06-24[CIFS] fix whitespaceSteve French1-51/+53
More whitespace problems found by checkpatch Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-12-08[CIFS] Fix NTLMv2 mounts to Windows serversSteve French1-1/+3
Windows servers are pickier about NTLMv2 than Samba. This enables more secure mounts to Windows (not just Samba) ie when "sec=ntlmv2" is specified on the mount. Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-08-11[CIFS] Fix oops when negotiating lanman and no password specifiedSteve French1-1/+2
Pointed out by Guenter Kukkukk Signed-of-by: Steve French <sfrench@us.ibm.com> (cherry picked from bbf33d512da608c7221fec42b56b9ef89c25a5ee commit)
2006-06-08[CIFS] NTLMv2 support part 5Steve French1-19/+41
NTLMv2 authentication (stronger authentication than default NTLM) which many servers support now works. There was a problem with the construction of the security blob in the older code. Currently requires /proc/fs/cifs/Experimental to be set to 2 and /proc/fs/cifs/SecurityFlags to be set to 0x4004 (to require using NTLMv2 instead of default of NTLM) Next we will check signing to make sure optional NTLMv2 packet signing also works. Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-06-05[CIFS] NTLMv2 support part 4Steve French1-0/+40
Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-06-05[CIFS] NTLMv2 support part 3Steve French1-2/+15
Response struct filled in exacty for 16 byte hash which we need to check more to make sure it works. Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-06-05[CIFS] NTLMv2 support part 2Steve French1-0/+2
Still need to fill in response structure and check that hash works Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-06-02[CIFS] Support for older servers which require plaintext passwordsSteve French1-0/+9
disabled by default, but can be enabled via proc for servers which require such support. Also includes support for setting security flags for cifs. See fs/cifs/README Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-06-01[CIFS] Support for setting up SMB sessions to legacy lanman servers part 2Steve French1-3/+37
2006-05-31[CIFS] Support for setting up SMB sessions to legacy lanman serversSteve French1-0/+2
2006-03-31[CIFS] Incorrect signature sent on SMB ReadSteve French1-13/+23
Fixes Samba bug 3621 and kernel.org bug 6147 For servers which require SMB/CIFS packet signing, we were sending the wrong signature (all zeros) on SMB Read request. The new cifs routine to do signatures across an iovec was not complete - and SMB Read, unlike the new SMBWrite2, did not fall back to the older routine (ie use SendReceive vs. the more efficient SendReceive2 ie used the older cifs_sign_smb vs. the disabled cifs_sign_smb2) for calculating signatures. This finishes up cifs_sign_smb2/cifs_calc_signature2 so that the callers of SendReceive2 can get SMB/CIFS packet signatures. Now that cifs_sign_smb2 is supported, we could start using it in the write path but this smaller fix does not include the change to use SMBWrite2 when signatures are required (which when enabled will make more Writes more efficient and alloc less memory). Currently Write2 is only used when signatures are not required at the moment but after more testing we will enable that as well). Thanks to James Slepicka and Sam Flory for initial investigation. Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-02-14[CIFS] SessionSetup cleanup part 2Steve French1-0/+1
The cifs session setup code has three cases, and a fourth for backlevel LANMAN2 style session setup needed to be added. This new session setup implmentation will eventually replace the other three and should be easier to read while fixing a few minor problems (not setting the LARGE READ/WRITEX flags when NTLMSSP was negotiated for example) and adding support for NTLMv2 (which will be added with the next patch. In the meantime, this code is marked in an CONFIG_CIFS_EXPERIMENTAL block and will not be turned on by default until it is tested against more server types. Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-02-09[CIFS] Cleanup NTLMSSP session setup handlingSteve French1-2/+3
Fix to hash NTLMv2 properly will follow. Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-12-02[CIFS] Readpages and readir performance improvements - eliminate extraSteve French1-1/+54
memcpy. Part 1 Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-11[CIFS] Cleanup sparse warnings for unicode little endian castsSteve French1-1/+1
Following Shaggy's suggestion, do a better job on the unicode string handling routines in cifs in specifying that the wchar_t are really little endian widechars (__le16). Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-04-28[PATCH] cifs: Fix multiuser packet signing to use the right sequence number ↵Steve French1-8/+8
and mac session key Signed-off-by: Steve French (sfrench@us.ibm.com) Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-04-16Linux-2.6.12-rc2v2.6.12-rc2Linus Torvalds1-0/+209
Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip!