summaryrefslogtreecommitdiff
path: root/fs/cifs
diff options
context:
space:
mode:
authorShirish Pargaonkar <shirishpargaonkar@gmail.com>2010-08-23 11:04:07 -0500
committerSteve French <sfrench@us.ibm.com>2010-08-23 17:38:24 +0000
commit3ec6bbcdb4e85403f2c5958876ca9492afdf4031 (patch)
tree6195d224dd698fced1164ec6b6bf6127b9285985 /fs/cifs
parent9fbc590860e75785bdaf8b83e48fabfe4d4f7d58 (diff)
missing changes during ntlmv2/ntlmssp auth and sign
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs')
-rw-r--r--fs/cifs/cifsencrypt.c2
-rw-r--r--fs/cifs/sess.c13
2 files changed, 10 insertions, 5 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index 051d00011ca3..eef78c24e0cc 100644
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -553,6 +553,8 @@ calc_seckey(struct TCP_Server_Info *server)
return 1;
}
+ desc.tfm = tfm_arc4;
+
crypto_blkcipher_setkey(tfm_arc4,
server->session_key.data.ntlmv2.key, CIFS_CPHTXT_SIZE);
sg_init_one(&sgin, sec_key, CIFS_CPHTXT_SIZE);
diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index 41fc5328120d..4788e16a02cc 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -408,6 +408,8 @@ static int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len,
/* BB spec says that if AvId field of MsvAvTimestamp is populated then
we must set the MIC field of the AUTHENTICATE_MESSAGE */
+ ses->server->ntlmssp.server_flags = le32_to_cpu(pblob->NegotiateFlags);
+
tioffset = cpu_to_le16(pblob->TargetInfoArray.BufferOffset);
tilen = cpu_to_le16(pblob->TargetInfoArray.Length);
ses->server->tilen = tilen;
@@ -440,12 +442,13 @@ static void build_ntlmssp_negotiate_blob(unsigned char *pbuffer,
/* BB is NTLMV2 session security format easier to use here? */
flags = NTLMSSP_NEGOTIATE_56 | NTLMSSP_REQUEST_TARGET |
NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE |
- NTLMSSP_NEGOTIATE_NT_ONLY | NTLMSSP_NEGOTIATE_NTLM;
+ NTLMSSP_NEGOTIATE_NTLM;
if (ses->server->secMode &
- (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
- flags |= NTLMSSP_NEGOTIATE_SIGN;
- if (ses->server->secMode & SECMODE_SIGN_REQUIRED)
- flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
+ (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) {
+ flags |= NTLMSSP_NEGOTIATE_SIGN |
+ NTLMSSP_NEGOTIATE_KEY_XCH |
+ NTLMSSP_NEGOTIATE_EXTENDED_SEC;
+ }
sec_blob->NegotiateFlags |= cpu_to_le32(flags);