[PATCH 1/7 cifs] ntlm authentication and signing - Correct response length for ntlmv2 authentication without extended security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Shirish Pargaonkar <shirishpargaonkar@xxxxxxxxx>


Fix incorrect calculation of case sensitive response length in the
ntlmv2 (without extended security) response.


Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@xxxxxxxxx>
---
 fs/cifs/sess.c |    9 ++++++---
 1 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
index af18a50..c926e6c 100644
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@@ -739,9 +739,6 @@ ssetup_ntlmssp_authenticate:
 		pSMB->req_no_secext.CaseInsensitivePasswordLength = 0;
 		/*	cpu_to_le16(LM2_SESS_KEY_SIZE); */
 
-		pSMB->req_no_secext.CaseSensitivePasswordLength =
-			cpu_to_le16(sizeof(struct ntlmv2_resp));
-
 		/* calculate session key */
 		rc = setup_ntlmv2_rsp(ses, v2_sess_key, nls_cp);
 		if (rc) {
@@ -753,6 +750,11 @@ ssetup_ntlmssp_authenticate:
 				sizeof(struct ntlmv2_resp));
 		bcc_ptr += sizeof(struct ntlmv2_resp);
 		kfree(v2_sess_key);
+		/* set case sensitive password length after tilen may get
+		 * assigned, tilen is 0 otherwise.
+		 */
+		pSMB->req_no_secext.CaseSensitivePasswordLength =
+			cpu_to_le16(sizeof(struct ntlmv2_resp) + ses->tilen);
 		if (ses->tilen > 0) {
 			memcpy(bcc_ptr, ses->tiblob, ses->tilen);
 			bcc_ptr += ses->tilen;
@@ -761,6 +763,7 @@ ssetup_ntlmssp_authenticate:
 			ses->tiblob = NULL;
 			ses->tilen = 0;
 		}
+
 		if (ses->capabilities & CAP_UNICODE) {
 			if (iov[0].iov_len % 2) {
 				*bcc_ptr = 0;
-- 
1.6.0.2

--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux