Gitweb:     
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e545937a51fe0cc78cea55752764daabb81ec96d
Commit:     e545937a51fe0cc78cea55752764daabb81ec96d
Parent:     84a15b935481fa651cc6ec60aed015312b67adda
Author:     Jeff Layton <[EMAIL PROTECTED]>
AuthorDate: Sat Nov 3 05:11:06 2007 +0000
Committer:  Steve French <[EMAIL PROTECTED]>
CommitDate: Sat Nov 3 05:11:06 2007 +0000

    [CIFS] add OIDs for KRB5 and MSKRB5 to ASN1 parsing routines
    
    Also, fix the parser to recognize them and set the secType
    accordingly. Make CIFSSMBNegotiate not error out automatically
    after parsing the securityBlob.
    
    Also thanks to Q (Igor) and Simo for their help on this
    set of kerberos patches (and Dave Howells for help on the
    upcall).
    
    Signed-off-by: Jeff Layton <[EMAIL PROTECTED]>
    Signed-off-by: Steve French <[EMAIL PROTECTED]>
---
 fs/cifs/asn1.c    |   35 ++++++++++++++++++++++++-----------
 fs/cifs/cifsfs.c  |    1 +
 fs/cifs/cifssmb.c |    3 +--
 3 files changed, 26 insertions(+), 13 deletions(-)

diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c
index 2a01f3e..bcda2c6 100644
--- a/fs/cifs/asn1.c
+++ b/fs/cifs/asn1.c
@@ -77,8 +77,12 @@
 
 #define SPNEGO_OID_LEN 7
 #define NTLMSSP_OID_LEN  10
+#define KRB5_OID_LEN  7
+#define MSKRB5_OID_LEN  7
 static unsigned long SPNEGO_OID[7] = { 1, 3, 6, 1, 5, 5, 2 };
 static unsigned long NTLMSSP_OID[10] = { 1, 3, 6, 1, 4, 1, 311, 2, 2, 10 };
+static unsigned long KRB5_OID[7] = { 1, 2, 840, 113554, 1, 2, 2 };
+static unsigned long MSKRB5_OID[7] = { 1, 2, 840, 48018, 1, 2, 2 };
 
 /*
  * ASN.1 context.
@@ -457,6 +461,7 @@ decode_negTokenInit(unsigned char *security_blob, int 
length,
        unsigned long *oid = NULL;
        unsigned int cls, con, tag, oidlen, rc;
        int use_ntlmssp = FALSE;
+       int use_kerberos = FALSE;
 
        *secType = NTLM; /* BB eventually make Kerberos or NLTMSSP the default*/
 
@@ -545,18 +550,28 @@ decode_negTokenInit(unsigned char *security_blob, int 
length,
                                return 0;
                        }
                        if ((tag == ASN1_OJI) && (con == ASN1_PRI)) {
-                               rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);
-                               if (rc) {
+                               if (asn1_oid_decode(&ctx, end, &oid, &oidlen)) {
+
                                        cFYI(1,
                                          ("OID len = %d oid = 0x%lx 0x%lx "
                                           "0x%lx 0x%lx",
                                           oidlen, *oid, *(oid + 1),
                                           *(oid + 2), *(oid + 3)));
-                                       rc = compare_oid(oid, oidlen,
-                                                NTLMSSP_OID, NTLMSSP_OID_LEN);
-                                       kfree(oid);
-                                       if (rc)
+
+                                       if (compare_oid(oid, oidlen,
+                                                       MSKRB5_OID,
+                                                       MSKRB5_OID_LEN))
+                                               use_kerberos = TRUE;
+                                       else if (compare_oid(oid, oidlen,
+                                                            KRB5_OID,
+                                                            KRB5_OID_LEN))
+                                               use_kerberos = TRUE;
+                                       else if (compare_oid(oid, oidlen,
+                                                            NTLMSSP_OID,
+                                                            NTLMSSP_OID_LEN))
                                                use_ntlmssp = TRUE;
+
+                                       kfree(oid);
                                }
                        } else {
                                cFYI(1, ("Should be an oid what is going on?"));
@@ -609,12 +624,10 @@ decode_negTokenInit(unsigned char *security_blob, int 
length,
                         ctx.pointer)); /* is this UTF-8 or ASCII? */
        }
 
-       /* if (use_kerberos)
-          *secType = Kerberos
-          else */
-       if (use_ntlmssp) {
+       if (use_kerberos)
+               *secType = Kerberos;
+       else if (use_ntlmssp)
                *secType = NTLMSSP;
-       }
 
        return 1;
 }
diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c
index 94c0f55..416dc9f 100644
--- a/fs/cifs/cifsfs.c
+++ b/fs/cifs/cifsfs.c
@@ -44,6 +44,7 @@
 #include "cifs_fs_sb.h"
 #include <linux/mm.h>
 #include <linux/key-type.h>
+#include "cifs_spnego.h"
 #define CIFS_MAGIC_NUMBER 0xFF534D42   /* the first four bytes of SMB PDUs */
 
 #ifdef CONFIG_CIFS_QUOTA
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index 0bb3e43..59d7b7c 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -647,8 +647,7 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
                                                 count - 16,
                                                 &server->secType);
                        if (rc == 1) {
-                       /* BB Need to fill struct for sessetup here */
-                               rc = -EOPNOTSUPP;
+                               rc = 0;
                        } else {
                                rc = -EINVAL;
                        }
-
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to