Yes, this patch fixed the problem in the current kernel we encountered when trying to mount a directory shared from a Windows 8 Pro system.
Yan Li On Mar 11, 2013, at 6:52 AM, Jeff Layton <[email protected]> wrote: > We've had several reports of people attempting to mount Windows 8 shares > and getting failures with a return code of -EINVAL. The default sec= > mode changed recently to sec=ntlmssp. With that, we expect and parse a > SPNEGO blob from the server in the NEGOTIATE reply. > > The current decode_negTokenInit function first parses all of the > mechTypes and then tries to parse the rest of the negTokenInit reply. > The parser however currently expects a mechListMIC or nothing to follow the > mechTypes, but Windows 8 puts a mechToken field there instead to carry > some info for the new NegoEx stuff. > > In practice, we don't do anything with the fields after the mechTypes > anyway so I don't see any real benefit in continuing to parse them. > This patch just has the kernel ignore the fields after the mechTypes. > We'll probably need to reinstate some of this if we ever want to support > NegoEx. > > Reported-by: Jason Burgess <[email protected]> > Reported-by: Yan Li <[email protected]> > Signed-off-by: Jeff Layton <[email protected]> > --- > fs/cifs/asn1.c | 53 +++++------------------------------------------------ > 1 file changed, 5 insertions(+), 48 deletions(-) > > diff --git a/fs/cifs/asn1.c b/fs/cifs/asn1.c > index cfd1ce3..1d36db1 100644 > --- a/fs/cifs/asn1.c > +++ b/fs/cifs/asn1.c > @@ -614,53 +614,10 @@ decode_negTokenInit(unsigned char *security_blob, int > length, > } > } > > - /* mechlistMIC */ > - if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { > - /* Check if we have reached the end of the blob, but with > - no mechListMic (e.g. NTLMSSP instead of KRB5) */ > - if (ctx.error == ASN1_ERR_DEC_EMPTY) > - goto decode_negtoken_exit; > - cFYI(1, "Error decoding last part negTokenInit exit3"); > - return 0; > - } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) { > - /* tag = 3 indicating mechListMIC */ > - cFYI(1, "Exit 4 cls = %d con = %d tag = %d end = %p (%d)", > - cls, con, tag, end, *end); > - return 0; > - } > - > - /* sequence */ > - if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { > - cFYI(1, "Error decoding last part negTokenInit exit5"); > - return 0; > - } else if ((cls != ASN1_UNI) || (con != ASN1_CON) > - || (tag != ASN1_SEQ)) { > - cFYI(1, "cls = %d con = %d tag = %d end = %p (%d)", > - cls, con, tag, end, *end); > - } > - > - /* sequence of */ > - if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { > - cFYI(1, "Error decoding last part negTokenInit exit 7"); > - return 0; > - } else if ((cls != ASN1_CTX) || (con != ASN1_CON)) { > - cFYI(1, "Exit 8 cls = %d con = %d tag = %d end = %p (%d)", > - cls, con, tag, end, *end); > - return 0; > - } > - > - /* general string */ > - if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) { > - cFYI(1, "Error decoding last part negTokenInit exit9"); > - return 0; > - } else if ((cls != ASN1_UNI) || (con != ASN1_PRI) > - || (tag != ASN1_GENSTR)) { > - cFYI(1, "Exit10 cls = %d con = %d tag = %d end = %p (%d)", > - cls, con, tag, end, *end); > - return 0; > - } > - cFYI(1, "Need to call asn1_octets_decode() function for %s", > - ctx.pointer); /* is this UTF-8 or ASCII? */ > -decode_negtoken_exit: > + /* > + * We currently ignore anything at the end of the SPNEGO blob after > + * the mechTypes have been parsed, since none of that info is > + * used at the moment. > + */ > return 1; > } > -- > 1.7.11.7 > -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
