cifs: Process post session setup code in respective dialect functions.
Move the post (successful) session setup code to respective dialect routines.
For smb1, session key is per smb connection.
For smb2/smb3, session key is per smb session.
If client and server do not require signing, free session key for smb1/2/3.
If client and server require signing
smb1 - Copy (kmemdup) session key for the first session to connection.
Free session key of that and subsequent sessions on this connection.
smb2 - For every session, keep the session key and free it when the
session is being shutdown.
smb3 - For every session, generate the smb3 signing key using the session key
and then free the session key.
There are two unrelated line formatting changes as well.
Reviewed-by: Jeff Layton <jlayton@samba.org>
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Steve French <smfrench@gmail.com>
This commit is contained in:
Shirish Pargaonkar
Steve French
parent
31f92e9a87
commit
d4e63bd6e4
|
|
@ -3828,33 +3828,8 @@ cifs_setup_session(const unsigned int xid, struct cifs_ses *ses,
|
|||
if (server->ops->sess_setup)
|
||||
rc = server->ops->sess_setup(xid, ses, nls_info);
|
||||
|
||||
if (rc) {
|
||||
if (rc)
|
||||
cifs_dbg(VFS, "Send error in SessSetup = %d\n", rc);
|
||||
} else {
|
||||
mutex_lock(&server->srv_mutex);
|
||||
if (!server->session_estab) {
|
||||
server->session_key.response = ses->auth_key.response;
|
||||
server->session_key.len = ses->auth_key.len;
|
||||
server->sequence_number = 0x2;
|
||||
server->session_estab = true;
|
||||
ses->auth_key.response = NULL;
|
||||
if (server->ops->generate_signingkey)
|
||||
server->ops->generate_signingkey(server);
|
||||
}
|
||||
mutex_unlock(&server->srv_mutex);
|
||||
|
||||
cifs_dbg(FYI, "CIFS Session Established successfully\n");
|
||||
spin_lock(&GlobalMid_Lock);
|
||||
ses->status = CifsGood;
|
||||
ses->need_reconnect = false;
|
||||
spin_unlock(&GlobalMid_Lock);
|
||||
}
|
||||
|
||||
kfree(ses->auth_key.response);
|
||||
ses->auth_key.response = NULL;
|
||||
ses->auth_key.len = 0;
|
||||
kfree(ses->ntlmssp);
|
||||
ses->ntlmssp = NULL;
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -105,6 +105,7 @@ sesInfoFree(struct cifs_ses *buf_to_free)
|
|||
}
|
||||
kfree(buf_to_free->user_name);
|
||||
kfree(buf_to_free->domainName);
|
||||
kfree(buf_to_free->auth_key.response);
|
||||
kfree(buf_to_free);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -629,7 +629,8 @@ CIFS_SessSetup(const unsigned int xid, struct cifs_ses *ses,
|
|||
type = select_sectype(ses->server, ses->sectype);
|
||||
cifs_dbg(FYI, "sess setup type %d\n", type);
|
||||
if (type == Unspecified) {
|
||||
cifs_dbg(VFS, "Unable to select appropriate authentication method!");
|
||||
cifs_dbg(VFS,
|
||||
"Unable to select appropriate authentication method!");
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
|
|
@ -815,8 +816,9 @@ ssetup_ntlmssp_authenticate:
|
|||
ses->auth_key.response = kmemdup(msg->data, msg->sesskey_len,
|
||||
GFP_KERNEL);
|
||||
if (!ses->auth_key.response) {
|
||||
cifs_dbg(VFS, "Kerberos can't allocate (%u bytes) memory",
|
||||
msg->sesskey_len);
|
||||
cifs_dbg(VFS,
|
||||
"Kerberos can't allocate (%u bytes) memory",
|
||||
msg->sesskey_len);
|
||||
rc = -ENOMEM;
|
||||
goto ssetup_exit;
|
||||
}
|
||||
|
|
@ -1005,5 +1007,37 @@ ssetup_exit:
|
|||
if ((phase == NtLmChallenge) && (rc == 0))
|
||||
goto ssetup_ntlmssp_authenticate;
|
||||
|
||||
if (!rc) {
|
||||
mutex_lock(&ses->server->srv_mutex);
|
||||
if (!ses->server->session_estab) {
|
||||
if (ses->server->sign) {
|
||||
ses->server->session_key.response =
|
||||
kmemdup(ses->auth_key.response,
|
||||
ses->auth_key.len, GFP_KERNEL);
|
||||
if (!ses->server->session_key.response) {
|
||||
rc = -ENOMEM;
|
||||
mutex_unlock(&ses->server->srv_mutex);
|
||||
goto keycp_exit;
|
||||
}
|
||||
ses->server->session_key.len =
|
||||
ses->auth_key.len;
|
||||
}
|
||||
ses->server->sequence_number = 0x2;
|
||||
ses->server->session_estab = true;
|
||||
}
|
||||
mutex_unlock(&ses->server->srv_mutex);
|
||||
|
||||
cifs_dbg(FYI, "CIFS session established successfully\n");
|
||||
spin_lock(&GlobalMid_Lock);
|
||||
ses->status = CifsGood;
|
||||
ses->need_reconnect = false;
|
||||
spin_unlock(&GlobalMid_Lock);
|
||||
}
|
||||
|
||||
keycp_exit:
|
||||
kfree(ses->auth_key.response);
|
||||
ses->auth_key.response = NULL;
|
||||
kfree(ses->ntlmssp);
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -477,6 +477,13 @@ SMB2_sess_setup(const unsigned int xid, struct cifs_ses *ses,
|
|||
return -EIO;
|
||||
}
|
||||
|
||||
/*
|
||||
* If we are here due to reconnect, free per-smb session key
|
||||
* in case signing was required.
|
||||
*/
|
||||
kfree(ses->auth_key.response);
|
||||
ses->auth_key.response = NULL;
|
||||
|
||||
/*
|
||||
* If memory allocation is successful, caller of this function
|
||||
* frees it.
|
||||
|
|
@ -628,6 +635,30 @@ ssetup_exit:
|
|||
/* if ntlmssp, and negotiate succeeded, proceed to authenticate phase */
|
||||
if ((phase == NtLmChallenge) && (rc == 0))
|
||||
goto ssetup_ntlmssp_authenticate;
|
||||
|
||||
if (!rc) {
|
||||
mutex_lock(&server->srv_mutex);
|
||||
if (!server->session_estab) {
|
||||
server->sequence_number = 0x2;
|
||||
server->session_estab = true;
|
||||
if (server->ops->generate_signingkey)
|
||||
server->ops->generate_signingkey(server);
|
||||
}
|
||||
mutex_unlock(&server->srv_mutex);
|
||||
|
||||
cifs_dbg(FYI, "SMB2/3 session established successfully\n");
|
||||
spin_lock(&GlobalMid_Lock);
|
||||
ses->status = CifsGood;
|
||||
ses->need_reconnect = false;
|
||||
spin_unlock(&GlobalMid_Lock);
|
||||
}
|
||||
|
||||
if (!server->sign) {
|
||||
kfree(ses->auth_key.response);
|
||||
ses->auth_key.response = NULL;
|
||||
}
|
||||
kfree(ses->ntlmssp);
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue