Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openeuler
Kernel
提交
e14b2fe1
K
Kernel
项目概览
openeuler
/
Kernel
1 年多 前同步成功
通知
8
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
K
Kernel
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
提交
e14b2fe1
编写于
5月 01, 2009
作者:
S
Steve French
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
[CIFS] Add remaining ntlmssp flags and standardize field names
Signed-off-by:
N
Steve French
<
sfrench@us.ibm.com
>
上级
cf398e3a
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
57 addition
and
41 deletion
+57
-41
fs/cifs/connect.c
fs/cifs/connect.c
+15
-15
fs/cifs/ntlmssp.h
fs/cifs/ntlmssp.h
+42
-26
未找到文件。
fs/cifs/connect.c
浏览文件 @
e14b2fe1
...
...
@@ -2686,13 +2686,13 @@ CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
/* setup pointers to domain name and workstation name */
bcc_ptr
+=
SecurityBlobLength
;
SecurityBlob
->
WorkstationName
.
Buffer
=
0
;
SecurityBlob
->
WorkstationName
.
Buffer
Offset
=
0
;
SecurityBlob
->
WorkstationName
.
Length
=
0
;
SecurityBlob
->
WorkstationName
.
MaximumLength
=
0
;
/* Domain not sent on first Sesssetup in NTLMSSP, instead it is sent
along with username on auth request (ie the response to challenge) */
SecurityBlob
->
DomainName
.
Buffer
=
0
;
SecurityBlob
->
DomainName
.
Buffer
Offset
=
0
;
SecurityBlob
->
DomainName
.
Length
=
0
;
SecurityBlob
->
DomainName
.
MaximumLength
=
0
;
if
(
ses
->
capabilities
&
CAP_UNICODE
)
{
...
...
@@ -3020,30 +3020,30 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
/* setup pointers to domain name and workstation name */
SecurityBlob
->
WorkstationName
.
Buffer
=
0
;
SecurityBlob
->
WorkstationName
.
Buffer
Offset
=
0
;
SecurityBlob
->
WorkstationName
.
Length
=
0
;
SecurityBlob
->
WorkstationName
.
MaximumLength
=
0
;
SecurityBlob
->
SessionKey
.
Length
=
0
;
SecurityBlob
->
SessionKey
.
MaximumLength
=
0
;
SecurityBlob
->
SessionKey
.
Buffer
=
0
;
SecurityBlob
->
SessionKey
.
Buffer
Offset
=
0
;
SecurityBlob
->
LmChallengeResponse
.
Length
=
0
;
SecurityBlob
->
LmChallengeResponse
.
MaximumLength
=
0
;
SecurityBlob
->
LmChallengeResponse
.
Buffer
=
0
;
SecurityBlob
->
LmChallengeResponse
.
Buffer
Offset
=
0
;
SecurityBlob
->
NtChallengeResponse
.
Length
=
cpu_to_le16
(
CIFS_SESS_KEY_SIZE
);
SecurityBlob
->
NtChallengeResponse
.
MaximumLength
=
cpu_to_le16
(
CIFS_SESS_KEY_SIZE
);
memcpy
(
bcc_ptr
,
ntlm_session_key
,
CIFS_SESS_KEY_SIZE
);
SecurityBlob
->
NtChallengeResponse
.
Buffer
=
SecurityBlob
->
NtChallengeResponse
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
SecurityBlobLength
+=
CIFS_SESS_KEY_SIZE
;
bcc_ptr
+=
CIFS_SESS_KEY_SIZE
;
if
(
ses
->
capabilities
&
CAP_UNICODE
)
{
if
(
domain
==
NULL
)
{
SecurityBlob
->
DomainName
.
Buffer
=
0
;
SecurityBlob
->
DomainName
.
Buffer
Offset
=
0
;
SecurityBlob
->
DomainName
.
Length
=
0
;
SecurityBlob
->
DomainName
.
MaximumLength
=
0
;
}
else
{
...
...
@@ -3052,14 +3052,14 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
ln
*=
2
;
SecurityBlob
->
DomainName
.
MaximumLength
=
cpu_to_le16
(
ln
);
SecurityBlob
->
DomainName
.
Buffer
=
SecurityBlob
->
DomainName
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
bcc_ptr
+=
ln
;
SecurityBlobLength
+=
ln
;
SecurityBlob
->
DomainName
.
Length
=
cpu_to_le16
(
ln
);
}
if
(
user
==
NULL
)
{
SecurityBlob
->
UserName
.
Buffer
=
0
;
SecurityBlob
->
UserName
.
Buffer
Offset
=
0
;
SecurityBlob
->
UserName
.
Length
=
0
;
SecurityBlob
->
UserName
.
MaximumLength
=
0
;
}
else
{
...
...
@@ -3068,7 +3068,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
ln
*=
2
;
SecurityBlob
->
UserName
.
MaximumLength
=
cpu_to_le16
(
ln
);
SecurityBlob
->
UserName
.
Buffer
=
SecurityBlob
->
UserName
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
bcc_ptr
+=
ln
;
SecurityBlobLength
+=
ln
;
...
...
@@ -3080,7 +3080,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
SecurityBlob->WorkstationName.Length *= 2;
SecurityBlob->WorkstationName.MaximumLength =
cpu_to_le16(SecurityBlob->WorkstationName.Length);
SecurityBlob->WorkstationName.Buffer =
SecurityBlob->WorkstationName.Buffer
Offset
=
cpu_to_le32(SecurityBlobLength);
bcc_ptr += SecurityBlob->WorkstationName.Length;
SecurityBlobLength += SecurityBlob->WorkstationName.Length;
...
...
@@ -3112,7 +3112,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
bcc_ptr
+=
2
;
/* null domain */
}
else
{
/* ASCII */
if
(
domain
==
NULL
)
{
SecurityBlob
->
DomainName
.
Buffer
=
0
;
SecurityBlob
->
DomainName
.
Buffer
Offset
=
0
;
SecurityBlob
->
DomainName
.
Length
=
0
;
SecurityBlob
->
DomainName
.
MaximumLength
=
0
;
}
else
{
...
...
@@ -3122,14 +3122,14 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
ln
=
strnlen
(
domain
,
64
);
SecurityBlob
->
DomainName
.
MaximumLength
=
cpu_to_le16
(
ln
);
SecurityBlob
->
DomainName
.
Buffer
=
SecurityBlob
->
DomainName
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
bcc_ptr
+=
ln
;
SecurityBlobLength
+=
ln
;
SecurityBlob
->
DomainName
.
Length
=
cpu_to_le16
(
ln
);
}
if
(
user
==
NULL
)
{
SecurityBlob
->
UserName
.
Buffer
=
0
;
SecurityBlob
->
UserName
.
Buffer
Offset
=
0
;
SecurityBlob
->
UserName
.
Length
=
0
;
SecurityBlob
->
UserName
.
MaximumLength
=
0
;
}
else
{
...
...
@@ -3137,7 +3137,7 @@ CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
strncpy
(
bcc_ptr
,
user
,
63
);
ln
=
strnlen
(
user
,
64
);
SecurityBlob
->
UserName
.
MaximumLength
=
cpu_to_le16
(
ln
);
SecurityBlob
->
UserName
.
Buffer
=
SecurityBlob
->
UserName
.
Buffer
Offset
=
cpu_to_le32
(
SecurityBlobLength
);
bcc_ptr
+=
ln
;
SecurityBlobLength
+=
ln
;
...
...
fs/cifs/ntlmssp.h
浏览文件 @
e14b2fe1
...
...
@@ -27,29 +27,39 @@
#define UnknownMessage cpu_to_le32(8)
/* Negotiate Flags */
#define NTLMSSP_NEGOTIATE_UNICODE 0x01
/* Text strings are in unicode */
#define NTLMSSP_NEGOTIATE_OEM 0x02
/* Text strings are in OEM */
#define NTLMSSP_REQUEST_TARGET 0x04
/* Server return its auth realm */
#define NTLMSSP_NEGOTIATE_SIGN 0x0010
/* Request signature capability */
#define NTLMSSP_NEGOTIATE_SEAL 0x0020
/* Request confidentiality */
#define NTLMSSP_NEGOTIATE_DGRAM 0x0040
#define NTLMSSP_NEGOTIATE_LM_KEY 0x0080
/* Sign/seal use LM session key */
#define NTLMSSP_NEGOTIATE_NTLM 0x0200
/* NTLM authentication */
#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x1000
#define NTLMSSP_NEGOTIATE_UNICODE 0x01
/* Text strings are unicode */
#define NTLMSSP_NEGOTIATE_OEM 0x02
/* Text strings are in OEM */
#define NTLMSSP_REQUEST_TARGET 0x04
/* Srv returns its auth realm */
/* define reserved9 0x08 */
#define NTLMSSP_NEGOTIATE_SIGN 0x0010
/* Request signing capability */
#define NTLMSSP_NEGOTIATE_SEAL 0x0020
/* Request confidentiality */
#define NTLMSSP_NEGOTIATE_DGRAM 0x0040
#define NTLMSSP_NEGOTIATE_LM_KEY 0x0080
/* Use LM session key */
/* defined reserved 8 0x0100 */
#define NTLMSSP_NEGOTIATE_NTLM 0x0200
/* NTLM authentication */
#define NTLMSSP_NEGOTIATE_NT_ONLY 0x0400
/* Lanman not allowed */
#define NTLMSSP_ANONYMOUS 0x0800
#define NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED 0x1000
/* reserved6 */
#define NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED 0x2000
#define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x4000
/* client/server on same machine */
#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x8000
/* Sign for all security levels */
#define NTLMSSP_TARGET_TYPE_DOMAIN 0x10000
#define NTLMSSP_TARGET_TYPE_SERVER 0x20000
#define NTLMSSP_TARGET_TYPE_SHARE 0x40000
#define NTLMSSP_NEGOTIATE_NTLMV2 0x80000
#define NTLMSSP_REQUEST_INIT_RESP 0x100000
#define NTLMSSP_REQUEST_ACCEPT_RESP 0x200000
#define NTLMSSP_REQUEST_NOT_NT_KEY 0x400000
#define NTLMSSP_NEGOTIATE_LOCAL_CALL 0x4000
/* client/server same machine */
#define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x8000
/* Sign. All security levels */
#define NTLMSSP_TARGET_TYPE_DOMAIN 0x10000
#define NTLMSSP_TARGET_TYPE_SERVER 0x20000
#define NTLMSSP_TARGET_TYPE_SHARE 0x40000
#define NTLMSSP_NEGOTIATE_EXTENDED_SEC 0x80000
/* NB:not related to NTLMv2 pwd*/
/* #define NTLMSSP_REQUEST_INIT_RESP 0x100000 */
#define NTLMSSP_NEGOTIATE_IDENTIFY 0x100000
#define NTLMSSP_REQUEST_ACCEPT_RESP 0x200000
/* reserved5 */
#define NTLMSSP_REQUEST_NON_NT_KEY 0x400000
#define NTLMSSP_NEGOTIATE_TARGET_INFO 0x800000
#define NTLMSSP_NEGOTIATE_128 0x20000000
#define NTLMSSP_NEGOTIATE_KEY_XCH 0x40000000
#define NTLMSSP_NEGOTIATE_56 0x80000000
/* #define reserved4 0x1000000 */
#define NTLMSSP_NEGOTIATE_VERSION 0x2000000
/* we do not set */
/* #define reserved3 0x4000000 */
/* #define reserved2 0x8000000 */
/* #define reserved1 0x10000000 */
#define NTLMSSP_NEGOTIATE_128 0x20000000
#define NTLMSSP_NEGOTIATE_KEY_XCH 0x40000000
#define NTLMSSP_NEGOTIATE_56 0x80000000
/* Although typedefs are not commonly used for structure definitions */
/* in the Linux kernel, in this particular case they are useful */
...
...
@@ -60,32 +70,36 @@
typedef
struct
_SECURITY_BUFFER
{
__le16
Length
;
__le16
MaximumLength
;
__le32
Buffer
;
/* offset to buffer */
__le32
Buffer
Offset
;
/* offset to buffer */
}
__attribute__
((
packed
))
SECURITY_BUFFER
;
typedef
struct
_NEGOTIATE_MESSAGE
{
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__le32
MessageType
;
/* 1 */
__le32
MessageType
;
/*
NtLmNegotiate =
1 */
__le32
NegotiateFlags
;
SECURITY_BUFFER
DomainName
;
/* RFC 1001 style and ASCII */
SECURITY_BUFFER
WorkstationName
;
/* RFC 1001 and ASCII */
/* SECURITY_BUFFER for version info not present since we
do not set the version is present flag */
char
DomainString
[
0
];
/* followed by WorkstationString */
}
__attribute__
((
packed
))
NEGOTIATE_MESSAGE
,
*
PNEGOTIATE_MESSAGE
;
typedef
struct
_CHALLENGE_MESSAGE
{
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__le32
MessageType
;
/* 2 */
__le32
MessageType
;
/*
NtLmChallenge =
2 */
SECURITY_BUFFER
TargetName
;
__le32
NegotiateFlags
;
__u8
Challenge
[
CIFS_CRYPTO_KEY_SIZE
];
__u8
Reserved
[
8
];
SECURITY_BUFFER
TargetInfoArray
;
/* SECURITY_BUFFER for version info not present since we
do not set the version is present flag */
}
__attribute__
((
packed
))
CHALLENGE_MESSAGE
,
*
PCHALLENGE_MESSAGE
;
typedef
struct
_AUTHENTICATE_MESSAGE
{
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__le32
MessageType
;
/* 3 */
__u8
Signature
[
sizeof
(
NTLMSSP_SIGNATURE
)];
__le32
MessageType
;
/*
NtLmsAuthenticate =
3 */
SECURITY_BUFFER
LmChallengeResponse
;
SECURITY_BUFFER
NtChallengeResponse
;
SECURITY_BUFFER
DomainName
;
...
...
@@ -93,5 +107,7 @@ typedef struct _AUTHENTICATE_MESSAGE {
SECURITY_BUFFER
WorkstationName
;
SECURITY_BUFFER
SessionKey
;
__le32
NegotiateFlags
;
/* SECURITY_BUFFER for version info not present since we
do not set the version is present flag */
char
UserString
[
0
];
}
__attribute__
((
packed
))
AUTHENTICATE_MESSAGE
,
*
PAUTHENTICATE_MESSAGE
;
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录