Re: [PATCH] cifs: ignore everything in SPNEGO blob after mechTypes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 12 Mar 2013 11:27:54 -0700
Yan Li <elliot.li.tech@xxxxxxxxx> wrote:

> Yes, this patch fixed the problem in the current kernel we encountered when trying to mount a directory shared from a Windows 8 Pro system.
> 
> Yan Li
> 
> On Mar 11, 2013, at 6:52 AM, Jeff Layton <jlayton@xxxxxxxxxx> wrote:
> 
> > We've had several reports of people attempting to mount Windows 8 shares
> > and getting failures with a return code of -EINVAL. The default sec=
> > mode changed recently to sec=ntlmssp. With that, we expect and parse a
> > SPNEGO blob from the server in the NEGOTIATE reply.
> > 
> > The current decode_negTokenInit function first parses all of the
> > mechTypes and then tries to parse the rest of the negTokenInit reply.
> > The parser however currently expects a mechListMIC or nothing to follow the
> > mechTypes, but Windows 8 puts a mechToken field there instead to carry
> > some info for the new NegoEx stuff.
> > 
> > In practice, we don't do anything with the fields after the mechTypes
> > anyway so I don't see any real benefit in continuing to parse them.
> > This patch just has the kernel ignore the fields after the mechTypes.
> > We'll probably need to reinstate some of this if we ever want to support
> > NegoEx.
> > 
> > Reported-by: Jason Burgess <jason@xxxxxxxxxxxxxxxxxxxx>
> > Reported-by: Yan Li <elliot.li.tech@xxxxxxxxx>
> > Signed-off-by: Jeff Layton <jlayton@xxxxxxxxxx>
> > ---
> > fs/cifs/asn1.c | 53 +++++------------------------------------------------
> > 1 file changed, 5 insertions(+), 48 deletions(-)
> > 
> > diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c
> > index cfd1ce3..1d36db1 100644
> > --- a/fs/cifs/asn1.c
> > +++ b/fs/cifs/asn1.c
> > @@ -614,53 +614,10 @@ decode_negTokenInit(unsigned char *security_blob, int length,
> > 		}
> > 	}
> > 
> > -	/* mechlistMIC */
> > -	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
> > -		/* Check if we have reached the end of the blob, but with
> > -		   no mechListMic (e.g. NTLMSSP instead of KRB5) */
> > -		if (ctx.error == ASN1_ERR_DEC_EMPTY)
> > -			goto decode_negtoken_exit;
> > -		cFYI(1, "Error decoding last part negTokenInit exit3");
> > -		return 0;
> > -	} else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {
> > -		/* tag = 3 indicating mechListMIC */
> > -		cFYI(1, "Exit 4 cls = %d con = %d tag = %d end = %p (%d)",
> > -			cls, con, tag, end, *end);
> > -		return 0;
> > -	}
> > -
> > -	/* sequence */
> > -	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
> > -		cFYI(1, "Error decoding last part negTokenInit exit5");
> > -		return 0;
> > -	} else if ((cls != ASN1_UNI) || (con != ASN1_CON)
> > -		   || (tag != ASN1_SEQ)) {
> > -		cFYI(1, "cls = %d con = %d tag = %d end = %p (%d)",
> > -			cls, con, tag, end, *end);
> > -	}
> > -
> > -	/* sequence of */
> > -	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
> > -		cFYI(1, "Error decoding last part negTokenInit exit 7");
> > -		return 0;
> > -	} else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {
> > -		cFYI(1, "Exit 8 cls = %d con = %d tag = %d end = %p (%d)",
> > -			cls, con, tag, end, *end);
> > -		return 0;
> > -	}
> > -
> > -	/* general string */
> > -	if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {
> > -		cFYI(1, "Error decoding last part negTokenInit exit9");
> > -		return 0;
> > -	} else if ((cls != ASN1_UNI) || (con != ASN1_PRI)
> > -		   || (tag != ASN1_GENSTR)) {
> > -		cFYI(1, "Exit10 cls = %d con = %d tag = %d end = %p (%d)",
> > -			cls, con, tag, end, *end);
> > -		return 0;
> > -	}
> > -	cFYI(1, "Need to call asn1_octets_decode() function for %s",
> > -		ctx.pointer);	/* is this UTF-8 or ASCII? */
> > -decode_negtoken_exit:
> > +	/*
> > +	 * We currently ignore anything at the end of the SPNEGO blob after
> > +	 * the mechTypes have been parsed, since none of that info is
> > +	 * used at the moment.
> > +	 */
> > 	return 1;
> > }
> > -- 
> > 1.7.11.7
> > 
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html


Thanks for testing it...

Steve, I think this should probably go to stable too since 3.8 moved to
sec=ntlmssp as the default.


-- 
Jeff Layton <jlayton@xxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux