summaryrefslogtreecommitdiff
path: root/fs/cifs/asn1.c
AgeCommit message (Collapse)Author
2010-09-08Revert "[CIFS] Fix ntlmv2 auth with ntlmssp"Steve French
This reverts commit 9fbc590860e75785bdaf8b83e48fabfe4d4f7d58. The change to kernel crypto and fixes to ntlvm2 and ntlmssp series, introduced a regression. Deferring this patch series to 2.6.37 after Shirish fixes it. Signed-off-by: Steve French <sfrench@us.ibm.com> Acked-by: Jeff Layton <jlayton@redhat.com> CC: Shirish Pargaonkar <shirishp@us.ibm.com>
2010-08-20[CIFS] Fix ntlmv2 auth with ntlmsspSteve French
Make ntlmv2 as an authentication mechanism within ntlmssp instead of ntlmv1. Parse type 2 response in ntlmssp negotiation to pluck AV pairs and use them to calculate ntlmv2 response token. Also, assign domain name from the sever response in type 2 packet of ntlmssp and use that (netbios) domain name in calculation of response. Enable cifs/smb signing using rc4 and md5. Changed name of the structure mac_key to session_key to reflect the type of key it holds. Use kernel crypto_shash_* APIs instead of the equivalent cifs functions. Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Steve French <sfrench@us.ibm.com>
2010-05-05cifs: have decode_negTokenInit set flags in server structJeff Layton
...rather than the secType. This allows us to get rid of the MSKerberos securityEnum. The client just makes a decision at upcall time. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2010-04-21[CIFS] Neaten cERROR and cFYI macros, reduce text spaceJoe Perches
Neaten cERROR and cFYI macros, reduce text space ~2.5K Convert '__FILE__ ": " fmt' to '"%s: " fmt', __FILE__' to save text space Surround macros with do {} while Add parentheses to macros Make statement expression macro from macro with assign Remove now unnecessary parentheses from cFYI and cERROR uses defconfig with CIFS support old $ size fs/cifs/built-in.o text data bss dec hex filename 156012 1760 148 157920 268e0 fs/cifs/built-in.o defconfig with CIFS support old $ size fs/cifs/built-in.o text data bss dec hex filename 153508 1760 148 155416 25f18 fs/cifs/built-in.o allyesconfig old: $ size fs/cifs/built-in.o text data bss dec hex filename 309138 3864 74824 387826 5eaf2 fs/cifs/built-in.o allyesconfig new $ size fs/cifs/built-in.o text data bss dec hex filename 305655 3864 74824 384343 5dd57 fs/cifs/built-in.o Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2010-02-05tree-wide: fix 'lenght' typo in comments and codeDaniel Mack
Some misspelled occurences of 'octet' and some comments were also fixed as I was on it. Signed-off-by: Daniel Mack <daniel@caiaq.de> Cc: Jiri Kosina <trivial@kernel.org> Cc: Joe Perches <joe@perches.com> Cc: Junio C Hamano <gitster@pobox.com> Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2009-06-25[CIFS] cleanup asn handling for ntlmsspSteve French
Also removes obsolete distinction between rawntlmssp and ntlmssp (in asn/SPNEGO) since as jra noted we can always send raw ntlmssp in session setup now. remove check for experimental runtime flag (/proc/fs/cifs/Experimental) in ntlmssp path. Reviewed-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-19[CIFS] distinguish between Kerberos and MSKerberos in upcallSteve French
Properly handle MSKRB5 by passing sec=mskrb5 to the upcall so that the spengo blob can be generated appropriately. Also, make decode_negTokenInit prefer whichever mechanism is first in the list. Needed for some NetApp servers, and possibly some older versions of Windows which treat the two KRB5 mechanisms differently. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-07-31[CIFS] remove level of indentation from decode_negTokenInitJeff Layton
Most of this function takes place inside of an unnecessary "else" clause. The other 2 cases both return 0, so we can remove some indentation here. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-07-29[CIFS] oid should also be checked against class in cifs asnSteve French
The oid coming back from asn1_header_decode is a primitive object so class should be checked to be universal. Acked-by: Love Hörnquist Åstrand <lha@kth.se> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-07-24When verifying the decoded header before decoding the object identifierChris Wright
(expecting a SPNEGO pseudo-mechanism oid), the test to verify it is a primitive encoding is compared against the asn1 class. Primitive is not a class. This brings check in line with similar check for krb/ntlmssp oid. Signed-off-by: Chris Wright <chrisw@sous-sol.org> Cc: Steven French <sfrench@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-07-22[CIFS] Fix compiler warning on 64-bitJan Beulich
Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-06-05asn1: additional sanity checking during BER decodingChris Wright
- Don't trust a length which is greater than the working buffer. An invalid length could cause overflow when calculating buffer size for decoding oid. - An oid length of zero is invalid and allows for an off-by-one error when decoding oid because the first subid actually encodes first 2 subids. - A primitive encoding may not have an indefinite length. Thanks to Wei Wang from McAfee for report. Cc: Steven French <sfrench@us.ibm.com> Cc: stable@kernel.org Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-04-29[CIFS] convert usage of implicit booleans to boolSteve French
Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-11-03[CIFS] add OIDs for KRB5 and MSKRB5 to ASN1 parsing routinesJeff Layton
Also, fix the parser to recognize them and set the secType accordingly. Make CIFSSMBNegotiate not error out automatically after parsing the securityBlob. Also thanks to Q (Igor) and Simo for their help on this set of kerberos patches (and Dave Howells for help on the upcall). Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-08-30[CIFS] formatting cleanup found by checkpatchSteve French
Signed-off-by: Steve French <sfrench@us.ibm.com>
2007-07-13[CIFS] whitespace/formatting fixesSteve French
This should be the last big batch of whitespace/formatting fixes. checkpatch warnings for the cifs directory are down about 90% and many of the remaining ones are harder to remove or make the code harder to read. Signed-off-by: Steve French <sfrench@us.ibm.com>
2006-06-30Remove obsolete #include <linux/config.h>Jörn Engel
Signed-off-by: Jörn Engel <joern@wohnheim.fh-wedel.de> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-05-31[CIFS] Cleanup extra whitespace in dmesg logging. Update cifs change logSteve French
2005-11-07[PATCH] kfree cleanup: fsJesper Juhl
This is the fs/ part of the big kfree cleanup patch. Remove pointless checks for NULL prior to calling kfree() in fs/. Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-15[CIFS] Fix compiler warningsSteve French
Fix some compiler warnings noticed on x64 by me and ppc64 by Shaggy Signed-off-by: Steve French (sfrench@us.ibm.com)
2005-04-16Linux-2.6.12-rc2Linus Torvalds
Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip!