summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--fs/cifs/asn1.c35
-rw-r--r--fs/cifs/cifsfs.c1
-rw-r--r--fs/cifs/cifssmb.c3
3 files changed, 26 insertions, 13 deletions
diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c
index 2a01f3ef96a..bcda2c6b6a0 100644
--- a/fs/cifs/asn1.c
+++ b/fs/cifs/asn1.c
@@ -77,8 +77,12 @@
#define SPNEGO_OID_LEN 7
#define NTLMSSP_OID_LEN 10
+#define KRB5_OID_LEN 7
+#define MSKRB5_OID_LEN 7
static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 };
static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 };
+static unsigned long KRB5_OID[7] = { 1, 2, 840, 113554, 1, 2, 2 };
+static unsigned long MSKRB5_OID[7] = { 1, 2, 840, 48018, 1, 2, 2 };
/*
* ASN.1 context.
@@ -457,6 +461,7 @@ decode_negTokenInit(unsigned char *security_blob, int length,
unsigned long *oid = NULL;
unsigned int cls, con, tag, oidlen, rc;
int use_ntlmssp = FALSE;
+ int use_kerberos = FALSE;
*secType = NTLM; /* BB eventually make Kerberos or NLTMSSP the default*/
@@ -545,18 +550,28 @@ decode_negTokenInit(unsigned char *security_blob, int length,
return 0;
}
if ((tag == ASN1_OJI) && (con == ASN1_PRI)) {
- rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
- if (rc) {
+ if (asn1_oid_decode(&ctx, end, &oid, &oidlen)) {
+
cFYI(1,
("OID len = %d oid = 0x%lx 0x%lx "
"0x%lx 0x%lx",
oidlen, *oid, *(oid + 1),
*(oid + 2), *(oid + 3)));
- rc = compare_oid(oid, oidlen,
- NTLMSSP_OID, NTLMSSP_OID_LEN);
- kfree(oid);
- if (rc)
+
+ if (compare_oid(oid, oidlen,
+ MSKRB5_OID,
+ MSKRB5_OID_LEN))
+ use_kerberos = TRUE;
+ else if (compare_oid(oid, oidlen,
+ KRB5_OID,
+ KRB5_OID_LEN))
+ use_kerberos = TRUE;
+ else if (compare_oid(oid, oidlen,
+ NTLMSSP_OID,
+ NTLMSSP_OID_LEN))
use_ntlmssp = TRUE;
+
+ kfree(oid);
}
} else {
cFYI(1, ("Should be an oid what is going on?"));
@@ -609,12 +624,10 @@ decode_negTokenInit(unsigned char *security_blob, int length,
ctx.pointer)); /* is this UTF-8 or ASCII? */
}
- /* if (use_kerberos)
- *secType = Kerberos
- else */
- if (use_ntlmssp) {
+ if (use_kerberos)
+ *secType = Kerberos;
+ else if (use_ntlmssp)
*secType = NTLMSSP;
- }
return 1;
}
diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c
index 94c0f55d766..416dc9fe896 100644
--- a/fs/cifs/cifsfs.c
+++ b/fs/cifs/cifsfs.c
@@ -44,6 +44,7 @@
#include "cifs_fs_sb.h"
#include <linux/mm.h>
#include <linux/key-type.h>
+#include "cifs_spnego.h"
#define CIFS_MAGIC_NUMBER 0xFF534D42 /* the first four bytes of SMB PDUs */
#ifdef CONFIG_CIFS_QUOTA
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index 0bb3e431ee0..59d7b7c037a 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -647,8 +647,7 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
count - 16,
&server->secType);
if (rc == 1) {
- /* BB Need to fill struct for sessetup here */
- rc = -EOPNOTSUPP;
+ rc = 0;
} else {
rc = -EINVAL;
}