cifs NTLMv2/NTLMSSP Change variable name mac_key to session key to reflect the key...
authorShirish Pargaonkar <shirishpargaonkar@gmail.com>
Sun, 19 Sep 2010 03:01:58 +0000 (22:01 -0500)
committerSteve French <sfrench@us.ibm.com>
Wed, 29 Sep 2010 19:04:29 +0000 (19:04 +0000)
Change name of variable mac_key to session key.
The reason mac_key was changed to session key is, this structure does not
hold message authentication code, it holds the session key (for ntlmv2,
ntlmv1 etc.).  mac is generated as a signature in cifs_calc* functions.

Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
fs/cifs/cifsencrypt.c
fs/cifs/cifsglob.h
fs/cifs/cifsproto.h
fs/cifs/sess.c
fs/cifs/transport.c

index 35042d8f733865c77b31ee8d10dd097d4f0a16d8..eed70cae12759aa46b8503f85a77444dc3a8930a 100644 (file)
@@ -42,7 +42,7 @@ extern void SMBencrypt(unsigned char *passwd, const unsigned char *c8,
                       unsigned char *p24);
 
 static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu,
-                                   const struct mac_key *key, char *signature)
+                               const struct session_key *key, char *signature)
 {
        struct  MD5Context context;
 
@@ -78,7 +78,7 @@ int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server,
        server->sequence_number++;
        spin_unlock(&GlobalMid_Lock);
 
-       rc = cifs_calculate_signature(cifs_pdu, &server->mac_signing_key,
+       rc = cifs_calculate_signature(cifs_pdu, &server->session_key,
                                      smb_signature);
        if (rc)
                memset(cifs_pdu->Signature.SecuritySignature, 0, 8);
@@ -89,7 +89,7 @@ int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server,
 }
 
 static int cifs_calc_signature2(const struct kvec *iov, int n_vec,
-                               const struct mac_key *key, char *signature)
+                               const struct session_key *key, char *signature)
 {
        struct  MD5Context context;
        int i;
@@ -145,7 +145,7 @@ int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server,
        server->sequence_number++;
        spin_unlock(&GlobalMid_Lock);
 
-       rc = cifs_calc_signature2(iov, n_vec, &server->mac_signing_key,
+       rc = cifs_calc_signature2(iov, n_vec, &server->session_key,
                                      smb_signature);
        if (rc)
                memset(cifs_pdu->Signature.SecuritySignature, 0, 8);
@@ -156,14 +156,14 @@ int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server,
 }
 
 int cifs_verify_signature(struct smb_hdr *cifs_pdu,
-                         const struct mac_key *mac_key,
+                         const struct session_key *session_key,
                          __u32 expected_sequence_number)
 {
        unsigned int rc;
        char server_response_sig[8];
        char what_we_think_sig_should_be[20];
 
-       if ((cifs_pdu == NULL) || (mac_key == NULL))
+       if (cifs_pdu == NULL || session_key == NULL)
                return -EINVAL;
 
        if (cifs_pdu->Command == SMB_COM_NEGOTIATE)
@@ -192,7 +192,7 @@ int cifs_verify_signature(struct smb_hdr *cifs_pdu,
                                        cpu_to_le32(expected_sequence_number);
        cifs_pdu->Signature.Sequence.Reserved = 0;
 
-       rc = cifs_calculate_signature(cifs_pdu, mac_key,
+       rc = cifs_calculate_signature(cifs_pdu, session_key,
                what_we_think_sig_should_be);
 
        if (rc)
@@ -209,7 +209,7 @@ int cifs_verify_signature(struct smb_hdr *cifs_pdu,
 }
 
 /* We fill in key by putting in 40 byte array which was allocated by caller */
-int cifs_calculate_mac_key(struct mac_key *key, const char *rn,
+int cifs_calculate_session_key(struct session_key *key, const char *rn,
                           const char *password)
 {
        char temp_key[16];
@@ -347,11 +347,11 @@ void setup_ntlmv2_rsp(struct cifsSesInfo *ses, char *resp_buf,
        /* now calculate the MAC key for NTLMv2 */
        hmac_md5_init_limK_to_64(ses->server->ntlmv2_hash, 16, &context);
        hmac_md5_update(resp_buf, 16, &context);
-       hmac_md5_final(ses->server->mac_signing_key.data.ntlmv2.key, &context);
+       hmac_md5_final(ses->server->session_key.data.ntlmv2.key, &context);
 
-       memcpy(&ses->server->mac_signing_key.data.ntlmv2.resp, resp_buf,
+       memcpy(&ses->server->session_key.data.ntlmv2.resp, resp_buf,
               sizeof(struct ntlmv2_resp));
-       ses->server->mac_signing_key.len = 16 + sizeof(struct ntlmv2_resp);
+       ses->server->session_key.len = 16 + sizeof(struct ntlmv2_resp);
 }
 
 void CalcNTLMv2_response(const struct cifsSesInfo *ses,
index 0cdfb8c32ac68c34a98f5cdf412250c0eacdec2b..14dfa9a067e5de3d911542ae8a08e007fbb1c7b4 100644 (file)
@@ -97,7 +97,7 @@ enum protocolEnum {
        /* Netbios frames protocol not supported at this time */
 };
 
-struct mac_key {
+struct session_key {
        unsigned int len;
        union {
                char ntlm[CIFS_SESS_KEY_SIZE + 16];
@@ -182,7 +182,7 @@ struct TCP_Server_Info {
        /* 16th byte of RFC1001 workstation name is always null */
        char workstation_RFC1001_name[RFC1001_NAME_LEN_WITH_NULL];
        __u32 sequence_number; /* needed for CIFS PDU signature */
-       struct mac_key mac_signing_key;
+       struct session_key session_key;
        char ntlmv2_hash[16];
        unsigned long lstrp; /* when we got last response from this server */
        u16 dialect; /* dialect index that server chose */
index f110e0e7e947dbf061786a2ba0fcd7934c7653b5..099fd6173e013f0892cae61ea2f6f502e6af9681 100644 (file)
@@ -363,9 +363,9 @@ extern int cifs_sign_smb(struct smb_hdr *, struct TCP_Server_Info *, __u32 *);
 extern int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *,
                          __u32 *);
 extern int cifs_verify_signature(struct smb_hdr *,
-                                const struct mac_key *mac_key,
+                                const struct session_key *session_key,
                                __u32 expected_sequence_number);
-extern int cifs_calculate_mac_key(struct mac_key *key, const char *rn,
+extern int cifs_calculate_session_key(struct session_key *key, const char *rn,
                                 const char *pass);
 extern void CalcNTLMv2_response(const struct cifsSesInfo *, char *);
 extern void setup_ntlmv2_rsp(struct cifsSesInfo *, char *,
index 0a57cb7db5dd7554030e599cd111379e343083df..88820127650ee979c0ebc718ea4ba0b47d11c8b1 100644 (file)
@@ -480,7 +480,7 @@ static int build_ntlmssp_auth_blob(unsigned char *pbuffer,
        /* calculate session key,  BB what about adding similar ntlmv2 path? */
        SMBNTencrypt(ses->password, ses->server->cryptKey, ntlm_session_key);
        if (first)
-               cifs_calculate_mac_key(&ses->server->mac_signing_key,
+               cifs_calculate_session_key(&ses->server->session_key,
                                       ntlm_session_key, ses->password);
 
        memcpy(tmp, ntlm_session_key, CIFS_SESS_KEY_SIZE);
@@ -690,7 +690,7 @@ ssetup_ntlmssp_authenticate:
 
                if (first_time) /* should this be moved into common code
                                  with similar ntlmv2 path? */
-                       cifs_calculate_mac_key(&ses->server->mac_signing_key,
+                       cifs_calculate_session_key(&ses->server->session_key,
                                ntlm_session_key, ses->password);
                /* copy session key */
 
@@ -765,15 +765,15 @@ ssetup_ntlmssp_authenticate:
                }
                /* bail out if key is too long */
                if (msg->sesskey_len >
-                   sizeof(ses->server->mac_signing_key.data.krb5)) {
+                   sizeof(ses->server->session_key.data.krb5)) {
                        cERROR(1, "Kerberos signing key too long (%u bytes)",
                                msg->sesskey_len);
                        rc = -EOVERFLOW;
                        goto ssetup_exit;
                }
                if (first_time) {
-                       ses->server->mac_signing_key.len = msg->sesskey_len;
-                       memcpy(ses->server->mac_signing_key.data.krb5,
+                       ses->server->session_key.len = msg->sesskey_len;
+                       memcpy(ses->server->session_key.data.krb5,
                                msg->data, msg->sesskey_len);
                }
                pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
index 82f78c4d6978ceafdab5789182193b899a435202..a66c91eb6eb4e13cdc611786ad44dae2172ede1a 100644 (file)
@@ -543,7 +543,7 @@ SendReceive2(const unsigned int xid, struct cifsSesInfo *ses,
                    (ses->server->secMode & (SECMODE_SIGN_REQUIRED |
                                             SECMODE_SIGN_ENABLED))) {
                        rc = cifs_verify_signature(midQ->resp_buf,
-                                               &ses->server->mac_signing_key,
+                                               &ses->server->session_key,
                                                midQ->sequence_number+1);
                        if (rc) {
                                cERROR(1, "Unexpected SMB signature");
@@ -731,7 +731,7 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses,
                    (ses->server->secMode & (SECMODE_SIGN_REQUIRED |
                                             SECMODE_SIGN_ENABLED))) {
                        rc = cifs_verify_signature(out_buf,
-                                               &ses->server->mac_signing_key,
+                                               &ses->server->session_key,
                                                midQ->sequence_number+1);
                        if (rc) {
                                cERROR(1, "Unexpected SMB signature");
@@ -981,7 +981,7 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
            (ses->server->secMode & (SECMODE_SIGN_REQUIRED |
                                     SECMODE_SIGN_ENABLED))) {
                rc = cifs_verify_signature(out_buf,
-                                          &ses->server->mac_signing_key,
+                                          &ses->server->session_key,
                                           midQ->sequence_number+1);
                if (rc) {
                        cERROR(1, "Unexpected SMB signature");