Re: [PATCH] cifs: Handle big endianness in NTLM (ntlmv2) authentication

Jeff Layton <jlayton@xxxxxxxxxx> · Tue, 25 Jun 2013 13:54:40 -0400

On Tue, 25 Jun 2013 13:49:29 -0400
Jeff Layton <jlayton@xxxxxxxxxx> wrote:

> On Tue, 25 Jun 2013 10:44:37 -0500
> shirishpargaonkar@xxxxxxxxx wrote:
> 
> > From: Shirish Pargaonkar <shirishpargaonkar@xxxxxxxxx>
> > 
> > 
> > This is RH bug 970891
> > Uppercasing of username during calculation of ntlmv2 hash fails
> > because UniStrupr function does not handle big endian wchars.
> > 
> > Also fix a comment in the same code to reflect its correct usage.
> > 
> > 
> > Reported-by: steve <sanpatr1@xxxxxxxxxx>
> > Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@xxxxxxxxx>
> > Cc: <stable@xxxxxxxxxx>
> > ---
> >  fs/cifs/cifs_unicode.h |    2 +-
> >  fs/cifs/cifsencrypt.c  |    2 +-
> >  2 files changed, 2 insertions(+), 2 deletions(-)
> > 
> > diff --git a/fs/cifs/cifs_unicode.h b/fs/cifs/cifs_unicode.h
> > index 4fb0974..bec1137 100644
> > --- a/fs/cifs/cifs_unicode.h
> > +++ b/fs/cifs/cifs_unicode.h
> > @@ -334,7 +334,7 @@ UniStrupr(register wchar_t *upin)
> >  
> >  	up = upin;
> >  	while (*up) {		/* For all characters */
> > -		*up = UniToupper(*up);
> > +		*up = cpu_to_le16(UniToupper(le16_to_cpu(*up)));
> >  		up++;
> >  	}
> >  	return upin;		/* Return input pointer */

Actually...there is one more change I'd suggest. With this, we now
expect an array of le16 values, and not an array of wchar_t's. The
arguments to this function and the "up" variable should probably be
changed accordingly.

Some comments clarifying that (maybe even a kerneldoc header?) might be
good too.

> > diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
> > index 71436d1..8b34a73 100644
> > --- a/fs/cifs/cifsencrypt.c
> > +++ b/fs/cifs/cifsencrypt.c
> > @@ -439,7 +439,7 @@ static int calc_ntlmv2_hash(struct cifs_ses *ses, char *ntlmv2_hash,
> >  		return rc;
> >  	}
> >  
> > -	/* convert ses->user_name to unicode and uppercase */
> > +	/* convert ses->user_name to unicode */
> >  	len = ses->user_name ? strlen(ses->user_name) : 0;
> >  	user = kmalloc(2 + (len * 2), GFP_KERNEL);
> >  	if (user == NULL) {
> 
> Looks correct. Nice work tracking that down!
> 

-- 
Jeff Layton <jlayton@xxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html