[CIFS] Fix NTLMv2 mounts to Windows servers
Windows servers are pickier about NTLMv2 than Samba. This enables more secure mounts to Windows (not just Samba) ie when "sec=ntlmv2" is specified on the mount. Signed-off-by: Steve French <sfrench@us.ibm.com>
This commit is contained in:
parent
c99767974e
commit
33ec32fae0
|
@ -5,7 +5,8 @@ Allow null user to be specified on mount ("username="). Do not return
|
|||
EINVAL on readdir when filldir fails due to overwritten blocksize
|
||||
(fixes FC problem). Return error in rename 2nd attempt retry (ie report
|
||||
if rename by handle also fails, after rename by path fails, we were
|
||||
not reporting whether the retry worked or not).
|
||||
not reporting whether the retry worked or not). Fix NTLMv2 to
|
||||
work to Windows servers (mount with option "sec=ntlmv2").
|
||||
|
||||
Version 1.45
|
||||
------------
|
||||
|
|
|
@ -372,8 +372,10 @@ void setup_ntlmv2_rsp(struct cifsSesInfo * ses, char * resp_buf,
|
|||
buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME));
|
||||
get_random_bytes(&buf->client_chal, sizeof(buf->client_chal));
|
||||
buf->reserved2 = 0;
|
||||
buf->names[0].type = 0;
|
||||
buf->names[0].type = cpu_to_le16(NTLMSSP_DOMAIN_TYPE);
|
||||
buf->names[0].length = 0;
|
||||
buf->names[1].type = 0;
|
||||
buf->names[1].length = 0;
|
||||
|
||||
/* calculate buf->ntlmv2_hash */
|
||||
rc = calc_ntlmv2_hash(ses, nls_cp);
|
||||
|
|
|
@ -580,6 +580,12 @@ typedef union smb_com_session_setup_andx {
|
|||
|
||||
/* format of NLTMv2 Response ie "case sensitive password" hash when NTLMv2 */
|
||||
|
||||
#define NTLMSSP_SERVER_TYPE 1
|
||||
#define NTLMSSP_DOMAIN_TYPE 2
|
||||
#define NTLMSSP_FQ_DOMAIN_TYPE 3
|
||||
#define NTLMSSP_DNS_DOMAIN_TYPE 4
|
||||
#define NTLMSSP_DNS_PARENT_TYPE 5
|
||||
|
||||
struct ntlmssp2_name {
|
||||
__le16 type;
|
||||
__le16 length;
|
||||
|
@ -593,7 +599,7 @@ struct ntlmv2_resp {
|
|||
__le64 time;
|
||||
__u64 client_chal; /* random */
|
||||
__u32 reserved2;
|
||||
struct ntlmssp2_name names[1];
|
||||
struct ntlmssp2_name names[2];
|
||||
/* array of name entries could follow ending in minimum 4 byte struct */
|
||||
} __attribute__((packed));
|
||||
|
||||
|
|
Loading…
Reference in New Issue