mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-12-16 07:24:39 +08:00
fs/cifs: correctly to anonymous authentication for the NTLM(v1) authentication
Only server which map unknown users to guest will allow access using a non-null NTChallengeResponse. For Samba it's the "map to guest = bad user" option. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11913 Signed-off-by: Stefan Metzmacher <metze@samba.org> CC: Stable <stable@vger.kernel.org> Signed-off-by: Steve French <smfrench@gmail.com>
This commit is contained in:
parent
fa8f3a354b
commit
777f69b8d2
@ -781,27 +781,32 @@ sess_auth_ntlm(struct sess_data *sess_data)
|
||||
capabilities = cifs_ssetup_hdr(ses, pSMB);
|
||||
|
||||
pSMB->req_no_secext.Capabilities = cpu_to_le32(capabilities);
|
||||
pSMB->req_no_secext.CaseInsensitivePasswordLength =
|
||||
cpu_to_le16(CIFS_AUTH_RESP_SIZE);
|
||||
pSMB->req_no_secext.CaseSensitivePasswordLength =
|
||||
cpu_to_le16(CIFS_AUTH_RESP_SIZE);
|
||||
if (ses->user_name != NULL) {
|
||||
pSMB->req_no_secext.CaseInsensitivePasswordLength =
|
||||
cpu_to_le16(CIFS_AUTH_RESP_SIZE);
|
||||
pSMB->req_no_secext.CaseSensitivePasswordLength =
|
||||
cpu_to_le16(CIFS_AUTH_RESP_SIZE);
|
||||
|
||||
/* calculate ntlm response and session key */
|
||||
rc = setup_ntlm_response(ses, sess_data->nls_cp);
|
||||
if (rc) {
|
||||
cifs_dbg(VFS, "Error %d during NTLM authentication\n",
|
||||
rc);
|
||||
goto out;
|
||||
/* calculate ntlm response and session key */
|
||||
rc = setup_ntlm_response(ses, sess_data->nls_cp);
|
||||
if (rc) {
|
||||
cifs_dbg(VFS, "Error %d during NTLM authentication\n",
|
||||
rc);
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* copy ntlm response */
|
||||
memcpy(bcc_ptr, ses->auth_key.response + CIFS_SESS_KEY_SIZE,
|
||||
CIFS_AUTH_RESP_SIZE);
|
||||
bcc_ptr += CIFS_AUTH_RESP_SIZE;
|
||||
memcpy(bcc_ptr, ses->auth_key.response + CIFS_SESS_KEY_SIZE,
|
||||
CIFS_AUTH_RESP_SIZE);
|
||||
bcc_ptr += CIFS_AUTH_RESP_SIZE;
|
||||
} else {
|
||||
pSMB->req_no_secext.CaseInsensitivePasswordLength = 0;
|
||||
pSMB->req_no_secext.CaseSensitivePasswordLength = 0;
|
||||
}
|
||||
|
||||
/* copy ntlm response */
|
||||
memcpy(bcc_ptr, ses->auth_key.response + CIFS_SESS_KEY_SIZE,
|
||||
CIFS_AUTH_RESP_SIZE);
|
||||
bcc_ptr += CIFS_AUTH_RESP_SIZE;
|
||||
memcpy(bcc_ptr, ses->auth_key.response + CIFS_SESS_KEY_SIZE,
|
||||
CIFS_AUTH_RESP_SIZE);
|
||||
bcc_ptr += CIFS_AUTH_RESP_SIZE;
|
||||
|
||||
if (ses->capabilities & CAP_UNICODE) {
|
||||
/* unicode strings must be word aligned */
|
||||
if (sess_data->iov[0].iov_len % 2) {
|
||||
|
Loading…
Reference in New Issue
Block a user