diff options
| author | Miquel Raynal <miquel.raynal@bootlin.com> | 2022-03-18 22:14:12 +0300 |
|---|---|---|
| committer | Miquel Raynal <miquel.raynal@bootlin.com> | 2022-03-18 22:14:42 +0300 |
| commit | 4e371d996590f3a7e82a086d499c912c1930e968 (patch) | |
| tree | 0c7b300670901f498238b32e59c307eddf338489 /fs/ksmbd/auth.c | |
| parent | 8f877b7eab9d60a9deef6beae95656b77d55ab75 (diff) | |
| parent | 151c6b49d679872d6fc0b50e0ad96303091694a2 (diff) | |
| download | linux-4e371d996590f3a7e82a086d499c912c1930e968.tar.xz | |
Merge tag 'spi-nor/for-5.18' into mtd/next
SPI NOR core changes:
- move vendor specific code out of the core into vendor drivers.
- unify all function and object names in the vendor modules.
- make setup() callback optional to improve readability.
- skip erase logic when the SPI_NOR_NO_ERASE flag is set at flash
declaration.
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Diffstat (limited to 'fs/ksmbd/auth.c')
| -rw-r--r-- | fs/ksmbd/auth.c | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/fs/ksmbd/auth.c b/fs/ksmbd/auth.c index dc3d061edda9..911444d21267 100644 --- a/fs/ksmbd/auth.c +++ b/fs/ksmbd/auth.c @@ -29,6 +29,7 @@ #include "mgmt/user_config.h" #include "crypto_ctx.h" #include "transport_ipc.h" +#include "../smbfs_common/arc4.h" /* * Fixed format data defining GSS header and fixed string @@ -336,6 +337,29 @@ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob, nt_len - CIFS_ENCPWD_SIZE, domain_name, conn->ntlmssp.cryptkey); kfree(domain_name); + + /* The recovered secondary session key */ + if (conn->ntlmssp.client_flags & NTLMSSP_NEGOTIATE_KEY_XCH) { + struct arc4_ctx *ctx_arc4; + unsigned int sess_key_off, sess_key_len; + + sess_key_off = le32_to_cpu(authblob->SessionKey.BufferOffset); + sess_key_len = le16_to_cpu(authblob->SessionKey.Length); + + if (blob_len < (u64)sess_key_off + sess_key_len) + return -EINVAL; + + ctx_arc4 = kmalloc(sizeof(*ctx_arc4), GFP_KERNEL); + if (!ctx_arc4) + return -ENOMEM; + + cifs_arc4_setkey(ctx_arc4, sess->sess_key, + SMB2_NTLMV2_SESSKEY_SIZE); + cifs_arc4_crypt(ctx_arc4, sess->sess_key, + (char *)authblob + sess_key_off, sess_key_len); + kfree_sensitive(ctx_arc4); + } + return ret; } @@ -408,6 +432,9 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob, (cflags & NTLMSSP_NEGOTIATE_EXTENDED_SEC)) flags |= NTLMSSP_NEGOTIATE_EXTENDED_SEC; + if (cflags & NTLMSSP_NEGOTIATE_KEY_XCH) + flags |= NTLMSSP_NEGOTIATE_KEY_XCH; + chgblob->NegotiateFlags = cpu_to_le32(flags); len = strlen(ksmbd_netbios_name()); name = kmalloc(2 + UNICODE_LEN(len), GFP_KERNEL); |