From e9917a000fcc370408c8b7b83f2e85dba5fffbd4 Mon Sep 17 00:00:00 2001 From: Steve French Date: Fri, 31 Mar 2006 21:22:00 +0000 Subject: [PATCH] [CIFS] Incorrect signature sent on SMB Read Fixes Samba bug 3621 and kernel.org bug 6147 For servers which require SMB/CIFS packet signing, we were sending the wrong signature (all zeros) on SMB Read request. The new cifs routine to do signatures across an iovec was not complete - and SMB Read, unlike the new SMBWrite2, did not fall back to the older routine (ie use SendReceive vs. the more efficient SendReceive2 ie used the older cifs_sign_smb vs. the disabled cifs_sign_smb2) for calculating signatures. This finishes up cifs_sign_smb2/cifs_calc_signature2 so that the callers of SendReceive2 can get SMB/CIFS packet signatures. Now that cifs_sign_smb2 is supported, we could start using it in the write path but this smaller fix does not include the change to use SMBWrite2 when signatures are required (which when enabled will make more Writes more efficient and alloc less memory). Currently Write2 is only used when signatures are not required at the moment but after more testing we will enable that as well). Thanks to James Slepicka and Sam Flory for initial investigation. Signed-off-by: Steve French --- fs/cifs/cifsencrypt.c | 36 +++++++++++++++++++++++------------- 1 file changed, 23 insertions(+), 13 deletions(-) diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index c2cbe0ed98..e7d63737e6 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -57,9 +57,6 @@ int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server, int rc = 0; char smb_signature[20]; - /* BB remember to initialize sequence number elsewhere and initialize mac_signing key elsewhere BB */ - /* BB remember to add code to save expected sequence number in midQ entry BB */ - if((cifs_pdu == NULL) || (server == NULL)) return -EINVAL; @@ -86,20 +83,33 @@ int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server, static int cifs_calc_signature2(const struct kvec * iov, int n_vec, const char * key, char * signature) { - struct MD5Context context; - - if((iov == NULL) || (signature == NULL)) - return -EINVAL; + struct MD5Context context; + int i; - MD5Init(&context); - MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16); + if((iov == NULL) || (signature == NULL)) + return -EINVAL; -/* MD5Update(&context,cifs_pdu->Protocol,cifs_pdu->smb_buf_length); */ /* BB FIXME BB */ + MD5Init(&context); + MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16); + for(i=0;i