blob: b8f1baabd3438d3532604df8dde78a1c2413c242 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001/*
2 * fs/cifs/connect.c
3 *
Steve French5815449d2006-02-14 01:36:20 +00004 * Copyright (C) International Business Machines Corp., 2002,2006
Linus Torvalds1da177e2005-04-16 15:20:36 -07005 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21#include <linux/fs.h>
22#include <linux/net.h>
23#include <linux/string.h>
24#include <linux/list.h>
25#include <linux/wait.h>
26#include <linux/ipv6.h>
27#include <linux/pagemap.h>
28#include <linux/ctype.h>
29#include <linux/utsname.h>
30#include <linux/mempool.h>
Steve Frenchb8643e12005-04-28 22:41:07 -070031#include <linux/delay.h>
Steve Frenchf1914012005-08-18 09:37:34 -070032#include <linux/completion.h>
Steve French0ae0efa2005-10-10 10:57:19 -070033#include <linux/pagevec.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070034#include <asm/uaccess.h>
35#include <asm/processor.h>
36#include "cifspdu.h"
37#include "cifsglob.h"
38#include "cifsproto.h"
39#include "cifs_unicode.h"
40#include "cifs_debug.h"
41#include "cifs_fs_sb.h"
42#include "ntlmssp.h"
43#include "nterr.h"
44#include "rfc1002pdu.h"
Steve Frencha2653eb2005-11-10 15:33:38 -080045#include "cn_cifs.h"
Linus Torvalds1da177e2005-04-16 15:20:36 -070046
47#define CIFS_PORT 445
48#define RFC1001_PORT 139
49
Steve Frenchf1914012005-08-18 09:37:34 -070050static DECLARE_COMPLETION(cifsd_complete);
51
Linus Torvalds1da177e2005-04-16 15:20:36 -070052extern void SMBencrypt(unsigned char *passwd, unsigned char *c8,
53 unsigned char *p24);
54extern void SMBNTencrypt(unsigned char *passwd, unsigned char *c8,
55 unsigned char *p24);
56
57extern mempool_t *cifs_req_poolp;
58
59struct smb_vol {
60 char *username;
61 char *password;
62 char *domainname;
63 char *UNC;
64 char *UNCip;
65 char *in6_addr; /* ipv6 address as human readable form of in6_addr */
66 char *iocharset; /* local code page for mapping to and from Unicode */
67 char source_rfc1001_name[16]; /* netbios name of client */
Steve Frencha10faeb22005-08-22 21:38:31 -070068 char target_rfc1001_name[16]; /* netbios name of server for Win9x/ME */
Linus Torvalds1da177e2005-04-16 15:20:36 -070069 uid_t linux_uid;
70 gid_t linux_gid;
71 mode_t file_mode;
72 mode_t dir_mode;
73 unsigned rw:1;
74 unsigned retry:1;
75 unsigned intr:1;
76 unsigned setuids:1;
77 unsigned noperm:1;
78 unsigned no_psx_acl:1; /* set if posix acl support should be disabled */
Steve French0a4b92c2006-01-12 15:44:21 -080079 unsigned cifs_acl:1;
Linus Torvalds1da177e2005-04-16 15:20:36 -070080 unsigned no_xattr:1; /* set if xattr (EA) support should be disabled*/
81 unsigned server_ino:1; /* use inode numbers from server ie UniqueId */
82 unsigned direct_io:1;
Steve French6a0b4822005-04-28 22:41:05 -070083 unsigned remap:1; /* set to remap seven reserved chars in filenames */
Jeremy Allisonac670552005-06-22 17:26:35 -070084 unsigned posix_paths:1; /* unset to not ask for posix pathnames. */
Steve Frenchd7245c22005-07-14 18:25:12 -050085 unsigned sfu_emul:1;
Steve Frenchbf820672005-12-01 22:32:42 -080086 unsigned krb5:1;
87 unsigned ntlm:1;
88 unsigned ntlmv2:1;
89 unsigned nullauth:1; /* attempt to authenticate with null user */
90 unsigned sign:1;
91 unsigned seal:1; /* encrypt */
Steve Frenchc46fa8a2005-08-18 20:49:57 -070092 unsigned nocase; /* request case insensitive filenames */
93 unsigned nobrl; /* disable sending byte range locks to srv */
Linus Torvalds1da177e2005-04-16 15:20:36 -070094 unsigned int rsize;
95 unsigned int wsize;
96 unsigned int sockopt;
97 unsigned short int port;
98};
99
100static int ipv4_connect(struct sockaddr_in *psin_server,
101 struct socket **csocket,
Steve Frencha10faeb22005-08-22 21:38:31 -0700102 char * netb_name,
103 char * server_netb_name);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700104static int ipv6_connect(struct sockaddr_in6 *psin_server,
105 struct socket **csocket);
106
107
108 /*
109 * cifs tcp session reconnection
110 *
111 * mark tcp session as reconnecting so temporarily locked
112 * mark all smb sessions as reconnecting for tcp session
113 * reconnect tcp session
114 * wake up waiters on reconnection? - (not needed currently)
115 */
116
117int
118cifs_reconnect(struct TCP_Server_Info *server)
119{
120 int rc = 0;
121 struct list_head *tmp;
122 struct cifsSesInfo *ses;
123 struct cifsTconInfo *tcon;
124 struct mid_q_entry * mid_entry;
125
126 spin_lock(&GlobalMid_Lock);
127 if(server->tcpStatus == CifsExiting) {
128 /* the demux thread will exit normally
129 next time through the loop */
130 spin_unlock(&GlobalMid_Lock);
131 return rc;
132 } else
133 server->tcpStatus = CifsNeedReconnect;
134 spin_unlock(&GlobalMid_Lock);
135 server->maxBuf = 0;
136
Steve Frenche4eb2952005-04-28 22:41:09 -0700137 cFYI(1, ("Reconnecting tcp session"));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700138
139 /* before reconnecting the tcp session, mark the smb session (uid)
140 and the tid bad so they are not used until reconnected */
141 read_lock(&GlobalSMBSeslock);
142 list_for_each(tmp, &GlobalSMBSessionList) {
143 ses = list_entry(tmp, struct cifsSesInfo, cifsSessionList);
144 if (ses->server) {
145 if (ses->server == server) {
146 ses->status = CifsNeedReconnect;
147 ses->ipc_tid = 0;
148 }
149 }
150 /* else tcp and smb sessions need reconnection */
151 }
152 list_for_each(tmp, &GlobalTreeConnectionList) {
153 tcon = list_entry(tmp, struct cifsTconInfo, cifsConnectionList);
154 if((tcon) && (tcon->ses) && (tcon->ses->server == server)) {
155 tcon->tidStatus = CifsNeedReconnect;
156 }
157 }
158 read_unlock(&GlobalSMBSeslock);
159 /* do not want to be sending data on a socket we are freeing */
160 down(&server->tcpSem);
161 if(server->ssocket) {
162 cFYI(1,("State: 0x%x Flags: 0x%lx", server->ssocket->state,
163 server->ssocket->flags));
164 server->ssocket->ops->shutdown(server->ssocket,SEND_SHUTDOWN);
165 cFYI(1,("Post shutdown state: 0x%x Flags: 0x%lx", server->ssocket->state,
166 server->ssocket->flags));
167 sock_release(server->ssocket);
168 server->ssocket = NULL;
169 }
170
171 spin_lock(&GlobalMid_Lock);
172 list_for_each(tmp, &server->pending_mid_q) {
173 mid_entry = list_entry(tmp, struct
174 mid_q_entry,
175 qhead);
176 if(mid_entry) {
177 if(mid_entry->midState == MID_REQUEST_SUBMITTED) {
Steve French09d1db52005-04-28 22:41:08 -0700178 /* Mark other intransit requests as needing
179 retry so we do not immediately mark the
180 session bad again (ie after we reconnect
181 below) as they timeout too */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700182 mid_entry->midState = MID_RETRY_NEEDED;
183 }
184 }
185 }
186 spin_unlock(&GlobalMid_Lock);
187 up(&server->tcpSem);
188
189 while ((server->tcpStatus != CifsExiting) && (server->tcpStatus != CifsGood))
190 {
191 if(server->protocolType == IPV6) {
192 rc = ipv6_connect(&server->addr.sockAddr6,&server->ssocket);
193 } else {
194 rc = ipv4_connect(&server->addr.sockAddr,
195 &server->ssocket,
Steve Frencha10faeb22005-08-22 21:38:31 -0700196 server->workstation_RFC1001_name,
197 server->server_RFC1001_name);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700198 }
199 if(rc) {
Steve Frenchb387eae2005-10-10 14:21:15 -0700200 cFYI(1,("reconnect error %d",rc));
Steve French0cb766a2005-04-28 22:41:11 -0700201 msleep(3000);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700202 } else {
203 atomic_inc(&tcpSesReconnectCount);
204 spin_lock(&GlobalMid_Lock);
205 if(server->tcpStatus != CifsExiting)
206 server->tcpStatus = CifsGood;
Steve Frenchad009ac2005-04-28 22:41:05 -0700207 server->sequence_number = 0;
208 spin_unlock(&GlobalMid_Lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700209 /* atomic_set(&server->inFlight,0);*/
210 wake_up(&server->response_q);
211 }
212 }
213 return rc;
214}
215
Steve Frenche4eb2952005-04-28 22:41:09 -0700216/*
217 return codes:
218 0 not a transact2, or all data present
219 >0 transact2 with that much data missing
220 -EINVAL = invalid transact2
221
222 */
223static int check2ndT2(struct smb_hdr * pSMB, unsigned int maxBufSize)
224{
225 struct smb_t2_rsp * pSMBt;
226 int total_data_size;
227 int data_in_this_rsp;
228 int remaining;
229
230 if(pSMB->Command != SMB_COM_TRANSACTION2)
231 return 0;
232
233 /* check for plausible wct, bcc and t2 data and parm sizes */
234 /* check for parm and data offset going beyond end of smb */
235 if(pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
236 cFYI(1,("invalid transact2 word count"));
237 return -EINVAL;
238 }
239
240 pSMBt = (struct smb_t2_rsp *)pSMB;
241
242 total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount);
243 data_in_this_rsp = le16_to_cpu(pSMBt->t2_rsp.DataCount);
244
245 remaining = total_data_size - data_in_this_rsp;
246
247 if(remaining == 0)
248 return 0;
249 else if(remaining < 0) {
250 cFYI(1,("total data %d smaller than data in frame %d",
251 total_data_size, data_in_this_rsp));
252 return -EINVAL;
253 } else {
254 cFYI(1,("missing %d bytes from transact2, check next response",
255 remaining));
256 if(total_data_size > maxBufSize) {
257 cERROR(1,("TotalDataSize %d is over maximum buffer %d",
258 total_data_size,maxBufSize));
259 return -EINVAL;
260 }
261 return remaining;
262 }
263}
264
265static int coalesce_t2(struct smb_hdr * psecond, struct smb_hdr *pTargetSMB)
266{
267 struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond;
268 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
269 int total_data_size;
270 int total_in_buf;
271 int remaining;
272 int total_in_buf2;
273 char * data_area_of_target;
274 char * data_area_of_buf2;
275 __u16 byte_count;
276
277 total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount);
278
279 if(total_data_size != le16_to_cpu(pSMB2->t2_rsp.TotalDataCount)) {
280 cFYI(1,("total data sizes of primary and secondary t2 differ"));
281 }
282
283 total_in_buf = le16_to_cpu(pSMBt->t2_rsp.DataCount);
284
285 remaining = total_data_size - total_in_buf;
286
287 if(remaining < 0)
288 return -EINVAL;
289
290 if(remaining == 0) /* nothing to do, ignore */
291 return 0;
292
293 total_in_buf2 = le16_to_cpu(pSMB2->t2_rsp.DataCount);
294 if(remaining < total_in_buf2) {
295 cFYI(1,("transact2 2nd response contains too much data"));
296 }
297
298 /* find end of first SMB data area */
299 data_area_of_target = (char *)&pSMBt->hdr.Protocol +
300 le16_to_cpu(pSMBt->t2_rsp.DataOffset);
301 /* validate target area */
302
303 data_area_of_buf2 = (char *) &pSMB2->hdr.Protocol +
304 le16_to_cpu(pSMB2->t2_rsp.DataOffset);
305
306 data_area_of_target += total_in_buf;
307
308 /* copy second buffer into end of first buffer */
309 memcpy(data_area_of_target,data_area_of_buf2,total_in_buf2);
310 total_in_buf += total_in_buf2;
311 pSMBt->t2_rsp.DataCount = cpu_to_le16(total_in_buf);
312 byte_count = le16_to_cpu(BCC_LE(pTargetSMB));
313 byte_count += total_in_buf2;
314 BCC_LE(pTargetSMB) = cpu_to_le16(byte_count);
315
Steve French70ca7342005-09-22 16:32:06 -0700316 byte_count = pTargetSMB->smb_buf_length;
Steve Frenche4eb2952005-04-28 22:41:09 -0700317 byte_count += total_in_buf2;
318
319 /* BB also add check that we are not beyond maximum buffer size */
320
Steve French70ca7342005-09-22 16:32:06 -0700321 pTargetSMB->smb_buf_length = byte_count;
Steve Frenche4eb2952005-04-28 22:41:09 -0700322
323 if(remaining == total_in_buf2) {
324 cFYI(1,("found the last secondary response"));
325 return 0; /* we are done */
326 } else /* more responses to go */
327 return 1;
328
329}
330
Linus Torvalds1da177e2005-04-16 15:20:36 -0700331static int
332cifs_demultiplex_thread(struct TCP_Server_Info *server)
333{
334 int length;
335 unsigned int pdu_length, total_read;
336 struct smb_hdr *smb_buffer = NULL;
Steve Frenchb8643e12005-04-28 22:41:07 -0700337 struct smb_hdr *bigbuf = NULL;
338 struct smb_hdr *smallbuf = NULL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700339 struct msghdr smb_msg;
340 struct kvec iov;
341 struct socket *csocket = server->ssocket;
342 struct list_head *tmp;
343 struct cifsSesInfo *ses;
344 struct task_struct *task_to_wake = NULL;
345 struct mid_q_entry *mid_entry;
Steve French70ca7342005-09-22 16:32:06 -0700346 char temp;
Steve Frenchb8643e12005-04-28 22:41:07 -0700347 int isLargeBuf = FALSE;
Steve Frenche4eb2952005-04-28 22:41:09 -0700348 int isMultiRsp;
349 int reconnect;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700350
351 daemonize("cifsd");
352 allow_signal(SIGKILL);
353 current->flags |= PF_MEMALLOC;
354 server->tsk = current; /* save process info to wake at shutdown */
355 cFYI(1, ("Demultiplex PID: %d", current->pid));
356 write_lock(&GlobalSMBSeslock);
357 atomic_inc(&tcpSesAllocCount);
358 length = tcpSesAllocCount.counter;
359 write_unlock(&GlobalSMBSeslock);
Steve Frenchf1914012005-08-18 09:37:34 -0700360 complete(&cifsd_complete);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700361 if(length > 1) {
362 mempool_resize(cifs_req_poolp,
363 length + cifs_min_rcv,
364 GFP_KERNEL);
365 }
366
367 while (server->tcpStatus != CifsExiting) {
Steve Frenchede13272005-08-30 20:10:14 -0700368 if (try_to_freeze())
369 continue;
Steve Frenchb8643e12005-04-28 22:41:07 -0700370 if (bigbuf == NULL) {
371 bigbuf = cifs_buf_get();
372 if(bigbuf == NULL) {
373 cERROR(1,("No memory for large SMB response"));
374 msleep(3000);
375 /* retry will check if exiting */
376 continue;
377 }
378 } else if(isLargeBuf) {
379 /* we are reusing a dirtry large buf, clear its start */
380 memset(bigbuf, 0, sizeof (struct smb_hdr));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700381 }
Steve Frenchb8643e12005-04-28 22:41:07 -0700382
383 if (smallbuf == NULL) {
384 smallbuf = cifs_small_buf_get();
385 if(smallbuf == NULL) {
386 cERROR(1,("No memory for SMB response"));
387 msleep(1000);
388 /* retry will check if exiting */
389 continue;
390 }
391 /* beginning of smb buffer is cleared in our buf_get */
392 } else /* if existing small buf clear beginning */
393 memset(smallbuf, 0, sizeof (struct smb_hdr));
394
395 isLargeBuf = FALSE;
Steve Frenche4eb2952005-04-28 22:41:09 -0700396 isMultiRsp = FALSE;
Steve Frenchb8643e12005-04-28 22:41:07 -0700397 smb_buffer = smallbuf;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700398 iov.iov_base = smb_buffer;
399 iov.iov_len = 4;
400 smb_msg.msg_control = NULL;
401 smb_msg.msg_controllen = 0;
402 length =
403 kernel_recvmsg(csocket, &smb_msg,
404 &iov, 1, 4, 0 /* BB see socket.h flags */);
405
406 if(server->tcpStatus == CifsExiting) {
407 break;
408 } else if (server->tcpStatus == CifsNeedReconnect) {
Steve French57337e42005-04-28 22:41:10 -0700409 cFYI(1,("Reconnect after server stopped responding"));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700410 cifs_reconnect(server);
411 cFYI(1,("call to reconnect done"));
412 csocket = server->ssocket;
413 continue;
414 } else if ((length == -ERESTARTSYS) || (length == -EAGAIN)) {
Steve Frenchb8643e12005-04-28 22:41:07 -0700415 msleep(1); /* minimum sleep to prevent looping
Linus Torvalds1da177e2005-04-16 15:20:36 -0700416 allowing socket to clear and app threads to set
417 tcpStatus CifsNeedReconnect if server hung */
418 continue;
419 } else if (length <= 0) {
420 if(server->tcpStatus == CifsNew) {
Steve French57337e42005-04-28 22:41:10 -0700421 cFYI(1,("tcp session abend after SMBnegprot"));
Steve French09d1db52005-04-28 22:41:08 -0700422 /* some servers kill the TCP session rather than
423 returning an SMB negprot error, in which
424 case reconnecting here is not going to help,
425 and so simply return error to mount */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700426 break;
427 }
428 if(length == -EINTR) {
429 cFYI(1,("cifsd thread killed"));
430 break;
431 }
Steve French57337e42005-04-28 22:41:10 -0700432 cFYI(1,("Reconnect after unexpected peek error %d",
433 length));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700434 cifs_reconnect(server);
435 csocket = server->ssocket;
436 wake_up(&server->response_q);
437 continue;
Steve French46810cb2005-04-28 22:41:09 -0700438 } else if (length < 4) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700439 cFYI(1,
Steve French57337e42005-04-28 22:41:10 -0700440 ("Frame under four bytes received (%d bytes long)",
Linus Torvalds1da177e2005-04-16 15:20:36 -0700441 length));
442 cifs_reconnect(server);
443 csocket = server->ssocket;
444 wake_up(&server->response_q);
445 continue;
446 }
Steve French67010fb2005-04-28 22:41:09 -0700447
Steve French70ca7342005-09-22 16:32:06 -0700448 /* The right amount was read from socket - 4 bytes */
449 /* so we can now interpret the length field */
Steve French46810cb2005-04-28 22:41:09 -0700450
Steve French70ca7342005-09-22 16:32:06 -0700451 /* the first byte big endian of the length field,
452 is actually not part of the length but the type
453 with the most common, zero, as regular data */
454 temp = *((char *) smb_buffer);
455
456 /* Note that FC 1001 length is big endian on the wire,
457 but we convert it here so it is always manipulated
458 as host byte order */
Steve French46810cb2005-04-28 22:41:09 -0700459 pdu_length = ntohl(smb_buffer->smb_buf_length);
Steve French70ca7342005-09-22 16:32:06 -0700460 smb_buffer->smb_buf_length = pdu_length;
Steve French46810cb2005-04-28 22:41:09 -0700461
Steve French70ca7342005-09-22 16:32:06 -0700462 cFYI(1,("rfc1002 length 0x%x)", pdu_length+4));
463
464 if (temp == (char) RFC1002_SESSION_KEEP_ALIVE) {
Steve Frenche4eb2952005-04-28 22:41:09 -0700465 continue;
Steve French70ca7342005-09-22 16:32:06 -0700466 } else if (temp == (char)RFC1002_POSITIVE_SESSION_RESPONSE) {
Steve Frenche4eb2952005-04-28 22:41:09 -0700467 cFYI(1,("Good RFC 1002 session rsp"));
468 continue;
Steve French70ca7342005-09-22 16:32:06 -0700469 } else if (temp == (char)RFC1002_NEGATIVE_SESSION_RESPONSE) {
Steve French46810cb2005-04-28 22:41:09 -0700470 /* we get this from Windows 98 instead of
471 an error on SMB negprot response */
Steve Frenche4eb2952005-04-28 22:41:09 -0700472 cFYI(1,("Negative RFC1002 Session Response Error 0x%x)",
Steve French70ca7342005-09-22 16:32:06 -0700473 pdu_length));
Steve French46810cb2005-04-28 22:41:09 -0700474 if(server->tcpStatus == CifsNew) {
475 /* if nack on negprot (rather than
476 ret of smb negprot error) reconnecting
477 not going to help, ret error to mount */
478 break;
479 } else {
480 /* give server a second to
481 clean up before reconnect attempt */
482 msleep(1000);
483 /* always try 445 first on reconnect
484 since we get NACK on some if we ever
485 connected to port 139 (the NACK is
486 since we do not begin with RFC1001
487 session initialize frame) */
488 server->addr.sockAddr.sin_port =
489 htons(CIFS_PORT);
490 cifs_reconnect(server);
491 csocket = server->ssocket;
492 wake_up(&server->response_q);
493 continue;
494 }
Steve French70ca7342005-09-22 16:32:06 -0700495 } else if (temp != (char) 0) {
Steve French46810cb2005-04-28 22:41:09 -0700496 cERROR(1,("Unknown RFC 1002 frame"));
Steve French70ca7342005-09-22 16:32:06 -0700497 cifs_dump_mem(" Received Data: ", (char *)smb_buffer,
498 length);
Steve French46810cb2005-04-28 22:41:09 -0700499 cifs_reconnect(server);
500 csocket = server->ssocket;
501 continue;
Steve Frenche4eb2952005-04-28 22:41:09 -0700502 }
503
504 /* else we have an SMB response */
505 if((pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) ||
Steve French46810cb2005-04-28 22:41:09 -0700506 (pdu_length < sizeof (struct smb_hdr) - 1 - 4)) {
Steve Frenche4eb2952005-04-28 22:41:09 -0700507 cERROR(1, ("Invalid size SMB length %d pdu_length %d",
Steve French46810cb2005-04-28 22:41:09 -0700508 length, pdu_length+4));
Steve Frenche4eb2952005-04-28 22:41:09 -0700509 cifs_reconnect(server);
510 csocket = server->ssocket;
511 wake_up(&server->response_q);
512 continue;
513 }
514
515 /* else length ok */
516 reconnect = 0;
517
Steve Frenchec637e32005-12-12 20:53:18 -0800518 if(pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
Steve Frenche4eb2952005-04-28 22:41:09 -0700519 isLargeBuf = TRUE;
520 memcpy(bigbuf, smallbuf, 4);
521 smb_buffer = bigbuf;
522 }
523 length = 0;
524 iov.iov_base = 4 + (char *)smb_buffer;
525 iov.iov_len = pdu_length;
526 for (total_read = 0; total_read < pdu_length;
527 total_read += length) {
528 length = kernel_recvmsg(csocket, &smb_msg, &iov, 1,
529 pdu_length - total_read, 0);
530 if((server->tcpStatus == CifsExiting) ||
531 (length == -EINTR)) {
532 /* then will exit */
533 reconnect = 2;
534 break;
535 } else if (server->tcpStatus == CifsNeedReconnect) {
Steve French46810cb2005-04-28 22:41:09 -0700536 cifs_reconnect(server);
537 csocket = server->ssocket;
Steve Frenche4eb2952005-04-28 22:41:09 -0700538 /* Reconnect wakes up rspns q */
539 /* Now we will reread sock */
540 reconnect = 1;
541 break;
542 } else if ((length == -ERESTARTSYS) ||
543 (length == -EAGAIN)) {
544 msleep(1); /* minimum sleep to prevent looping,
545 allowing socket to clear and app
546 threads to set tcpStatus
547 CifsNeedReconnect if server hung*/
Steve French46810cb2005-04-28 22:41:09 -0700548 continue;
Steve Frenche4eb2952005-04-28 22:41:09 -0700549 } else if (length <= 0) {
550 cERROR(1,("Received no data, expecting %d",
551 pdu_length - total_read));
552 cifs_reconnect(server);
553 csocket = server->ssocket;
554 reconnect = 1;
555 break;
Steve French46810cb2005-04-28 22:41:09 -0700556 }
557 }
Steve Frenche4eb2952005-04-28 22:41:09 -0700558 if(reconnect == 2)
559 break;
560 else if(reconnect == 1)
561 continue;
562
563 length += 4; /* account for rfc1002 hdr */
564
565
566 dump_smb(smb_buffer, length);
Steve French184ed212006-02-24 06:15:11 +0000567 if (checkSMB(smb_buffer, smb_buffer->Mid, total_read+4)) {
Steve Frenchb387eae2005-10-10 14:21:15 -0700568 cifs_dump_mem("Bad SMB: ", smb_buffer, 48);
Steve Frenche4eb2952005-04-28 22:41:09 -0700569 continue;
570 }
571
572
573 task_to_wake = NULL;
574 spin_lock(&GlobalMid_Lock);
575 list_for_each(tmp, &server->pending_mid_q) {
576 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
577
578 if ((mid_entry->mid == smb_buffer->Mid) &&
579 (mid_entry->midState == MID_REQUEST_SUBMITTED) &&
580 (mid_entry->command == smb_buffer->Command)) {
Steve Frenche4eb2952005-04-28 22:41:09 -0700581 if(check2ndT2(smb_buffer,server->maxBuf) > 0) {
582 /* We have a multipart transact2 resp */
Steve Frenchcd634992005-04-28 22:41:10 -0700583 isMultiRsp = TRUE;
Steve Frenche4eb2952005-04-28 22:41:09 -0700584 if(mid_entry->resp_buf) {
585 /* merge response - fix up 1st*/
586 if(coalesce_t2(smb_buffer,
587 mid_entry->resp_buf)) {
Steve Frenche4eb2952005-04-28 22:41:09 -0700588 break;
589 } else {
590 /* all parts received */
591 goto multi_t2_fnd;
592 }
593 } else {
594 if(!isLargeBuf) {
595 cERROR(1,("1st trans2 resp needs bigbuf"));
596 /* BB maybe we can fix this up, switch
597 to already allocated large buffer? */
598 } else {
Steve Frenchcd634992005-04-28 22:41:10 -0700599 /* Have first buffer */
Steve Frenche4eb2952005-04-28 22:41:09 -0700600 mid_entry->resp_buf =
601 smb_buffer;
602 mid_entry->largeBuf = 1;
Steve Frenche4eb2952005-04-28 22:41:09 -0700603 bigbuf = NULL;
604 }
605 }
606 break;
607 }
608 mid_entry->resp_buf = smb_buffer;
609 if(isLargeBuf)
610 mid_entry->largeBuf = 1;
611 else
612 mid_entry->largeBuf = 0;
613multi_t2_fnd:
614 task_to_wake = mid_entry->tsk;
615 mid_entry->midState = MID_RESPONSE_RECEIVED;
Steve French1047abc2005-10-11 19:58:06 -0700616#ifdef CONFIG_CIFS_STATS2
617 mid_entry->when_received = jiffies;
618#endif
Steve Frenche4eb2952005-04-28 22:41:09 -0700619 break;
620 }
621 }
622 spin_unlock(&GlobalMid_Lock);
623 if (task_to_wake) {
Steve Frenchcd634992005-04-28 22:41:10 -0700624 /* Was previous buf put in mpx struct for multi-rsp? */
625 if(!isMultiRsp) {
626 /* smb buffer will be freed by user thread */
627 if(isLargeBuf) {
628 bigbuf = NULL;
629 } else
630 smallbuf = NULL;
631 }
Steve Frenche4eb2952005-04-28 22:41:09 -0700632 wake_up_process(task_to_wake);
Steve French57337e42005-04-28 22:41:10 -0700633 } else if ((is_valid_oplock_break(smb_buffer) == FALSE)
Steve Frenche4eb2952005-04-28 22:41:09 -0700634 && (isMultiRsp == FALSE)) {
635 cERROR(1, ("No task to wake, unknown frame rcvd!"));
Steve French70ca7342005-09-22 16:32:06 -0700636 cifs_dump_mem("Received Data is: ",(char *)smb_buffer,
637 sizeof(struct smb_hdr));
Steve Frenche4eb2952005-04-28 22:41:09 -0700638 }
639 } /* end while !EXITING */
640
Linus Torvalds1da177e2005-04-16 15:20:36 -0700641 spin_lock(&GlobalMid_Lock);
642 server->tcpStatus = CifsExiting;
643 server->tsk = NULL;
Steve French31ca3bc2005-04-28 22:41:11 -0700644 /* check if we have blocked requests that need to free */
645 /* Note that cifs_max_pending is normally 50, but
646 can be set at module install time to as little as two */
647 if(atomic_read(&server->inFlight) >= cifs_max_pending)
648 atomic_set(&server->inFlight, cifs_max_pending - 1);
649 /* We do not want to set the max_pending too low or we
650 could end up with the counter going negative */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700651 spin_unlock(&GlobalMid_Lock);
652 /* Although there should not be any requests blocked on
653 this queue it can not hurt to be paranoid and try to wake up requests
Steve French09d1db52005-04-28 22:41:08 -0700654 that may haven been blocked when more than 50 at time were on the wire
Linus Torvalds1da177e2005-04-16 15:20:36 -0700655 to the same server - they now will see the session is in exit state
656 and get out of SendReceive. */
657 wake_up_all(&server->request_q);
658 /* give those requests time to exit */
Steve Frenchb8643e12005-04-28 22:41:07 -0700659 msleep(125);
660
Linus Torvalds1da177e2005-04-16 15:20:36 -0700661 if(server->ssocket) {
662 sock_release(csocket);
663 server->ssocket = NULL;
664 }
Steve Frenchb8643e12005-04-28 22:41:07 -0700665 /* buffer usuallly freed in free_mid - need to free it here on exit */
666 if (bigbuf != NULL)
667 cifs_buf_release(bigbuf);
668 if (smallbuf != NULL)
669 cifs_small_buf_release(smallbuf);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700670
671 read_lock(&GlobalSMBSeslock);
672 if (list_empty(&server->pending_mid_q)) {
Steve French09d1db52005-04-28 22:41:08 -0700673 /* loop through server session structures attached to this and
674 mark them dead */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700675 list_for_each(tmp, &GlobalSMBSessionList) {
676 ses =
677 list_entry(tmp, struct cifsSesInfo,
678 cifsSessionList);
679 if (ses->server == server) {
680 ses->status = CifsExiting;
681 ses->server = NULL;
682 }
683 }
684 read_unlock(&GlobalSMBSeslock);
685 } else {
Steve French31ca3bc2005-04-28 22:41:11 -0700686 /* although we can not zero the server struct pointer yet,
687 since there are active requests which may depnd on them,
688 mark the corresponding SMB sessions as exiting too */
689 list_for_each(tmp, &GlobalSMBSessionList) {
690 ses = list_entry(tmp, struct cifsSesInfo,
691 cifsSessionList);
692 if (ses->server == server) {
693 ses->status = CifsExiting;
694 }
695 }
696
Linus Torvalds1da177e2005-04-16 15:20:36 -0700697 spin_lock(&GlobalMid_Lock);
698 list_for_each(tmp, &server->pending_mid_q) {
699 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
700 if (mid_entry->midState == MID_REQUEST_SUBMITTED) {
701 cFYI(1,
Steve French09d1db52005-04-28 22:41:08 -0700702 ("Clearing Mid 0x%x - waking up ",mid_entry->mid));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700703 task_to_wake = mid_entry->tsk;
704 if(task_to_wake) {
705 wake_up_process(task_to_wake);
706 }
707 }
708 }
709 spin_unlock(&GlobalMid_Lock);
710 read_unlock(&GlobalSMBSeslock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700711 /* 1/8th of sec is more than enough time for them to exit */
Steve Frenchb8643e12005-04-28 22:41:07 -0700712 msleep(125);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700713 }
714
Steve Frenchf1914012005-08-18 09:37:34 -0700715 if (!list_empty(&server->pending_mid_q)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700716 /* mpx threads have not exited yet give them
717 at least the smb send timeout time for long ops */
Steve French31ca3bc2005-04-28 22:41:11 -0700718 /* due to delays on oplock break requests, we need
719 to wait at least 45 seconds before giving up
720 on a request getting a response and going ahead
721 and killing cifsd */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700722 cFYI(1, ("Wait for exit from demultiplex thread"));
Steve French31ca3bc2005-04-28 22:41:11 -0700723 msleep(46000);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700724 /* if threads still have not exited they are probably never
725 coming home not much else we can do but free the memory */
726 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700727
728 write_lock(&GlobalSMBSeslock);
729 atomic_dec(&tcpSesAllocCount);
730 length = tcpSesAllocCount.counter;
Steve French31ca3bc2005-04-28 22:41:11 -0700731
732 /* last chance to mark ses pointers invalid
733 if there are any pointing to this (e.g
734 if a crazy root user tried to kill cifsd
735 kernel thread explicitly this might happen) */
736 list_for_each(tmp, &GlobalSMBSessionList) {
737 ses = list_entry(tmp, struct cifsSesInfo,
738 cifsSessionList);
739 if (ses->server == server) {
740 ses->server = NULL;
741 }
742 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700743 write_unlock(&GlobalSMBSeslock);
Steve French31ca3bc2005-04-28 22:41:11 -0700744
745 kfree(server);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700746 if(length > 0) {
747 mempool_resize(cifs_req_poolp,
748 length + cifs_min_rcv,
749 GFP_KERNEL);
750 }
Steve Frenchb8643e12005-04-28 22:41:07 -0700751
Steve Frenchf1914012005-08-18 09:37:34 -0700752 complete_and_exit(&cifsd_complete, 0);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700753 return 0;
754}
755
Linus Torvalds1da177e2005-04-16 15:20:36 -0700756static int
757cifs_parse_mount_options(char *options, const char *devname,struct smb_vol *vol)
758{
759 char *value;
760 char *data;
761 unsigned int temp_len, i, j;
762 char separator[2];
763
764 separator[0] = ',';
765 separator[1] = 0;
766
767 memset(vol->source_rfc1001_name,0x20,15);
768 for(i=0;i < strnlen(system_utsname.nodename,15);i++) {
769 /* does not have to be a perfect mapping since the field is
770 informational, only used for servers that do not support
771 port 445 and it can be overridden at mount time */
Steve French09d1db52005-04-28 22:41:08 -0700772 vol->source_rfc1001_name[i] =
773 toupper(system_utsname.nodename[i]);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700774 }
775 vol->source_rfc1001_name[15] = 0;
Steve Frencha10faeb22005-08-22 21:38:31 -0700776 /* null target name indicates to use *SMBSERVR default called name
777 if we end up sending RFC1001 session initialize */
778 vol->target_rfc1001_name[0] = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700779 vol->linux_uid = current->uid; /* current->euid instead? */
780 vol->linux_gid = current->gid;
781 vol->dir_mode = S_IRWXUGO;
782 /* 2767 perms indicate mandatory locking support */
783 vol->file_mode = S_IALLUGO & ~(S_ISUID | S_IXGRP);
784
785 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
786 vol->rw = TRUE;
Steve Frenchbf820672005-12-01 22:32:42 -0800787 vol->ntlm = TRUE;
Jeremy Allisonac670552005-06-22 17:26:35 -0700788 /* default is always to request posix paths. */
789 vol->posix_paths = 1;
790
Linus Torvalds1da177e2005-04-16 15:20:36 -0700791 if (!options)
792 return 1;
793
794 if(strncmp(options,"sep=",4) == 0) {
795 if(options[4] != 0) {
796 separator[0] = options[4];
797 options += 5;
798 } else {
799 cFYI(1,("Null separator not allowed"));
800 }
801 }
802
803 while ((data = strsep(&options, separator)) != NULL) {
804 if (!*data)
805 continue;
806 if ((value = strchr(data, '=')) != NULL)
807 *value++ = '\0';
808
809 if (strnicmp(data, "user_xattr",10) == 0) {/*parse before user*/
810 vol->no_xattr = 0;
811 } else if (strnicmp(data, "nouser_xattr",12) == 0) {
812 vol->no_xattr = 1;
813 } else if (strnicmp(data, "user", 4) == 0) {
814 if (!value || !*value) {
815 printk(KERN_WARNING
816 "CIFS: invalid or missing username\n");
817 return 1; /* needs_arg; */
818 }
819 if (strnlen(value, 200) < 200) {
820 vol->username = value;
821 } else {
822 printk(KERN_WARNING "CIFS: username too long\n");
823 return 1;
824 }
825 } else if (strnicmp(data, "pass", 4) == 0) {
826 if (!value) {
827 vol->password = NULL;
828 continue;
829 } else if(value[0] == 0) {
830 /* check if string begins with double comma
831 since that would mean the password really
832 does start with a comma, and would not
833 indicate an empty string */
834 if(value[1] != separator[0]) {
835 vol->password = NULL;
836 continue;
837 }
838 }
839 temp_len = strlen(value);
840 /* removed password length check, NTLM passwords
841 can be arbitrarily long */
842
843 /* if comma in password, the string will be
844 prematurely null terminated. Commas in password are
845 specified across the cifs mount interface by a double
846 comma ie ,, and a comma used as in other cases ie ','
847 as a parameter delimiter/separator is single and due
848 to the strsep above is temporarily zeroed. */
849
850 /* NB: password legally can have multiple commas and
851 the only illegal character in a password is null */
852
Steve French09d1db52005-04-28 22:41:08 -0700853 if ((value[temp_len] == 0) &&
854 (value[temp_len+1] == separator[0])) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700855 /* reinsert comma */
856 value[temp_len] = separator[0];
857 temp_len+=2; /* move after the second comma */
858 while(value[temp_len] != 0) {
859 if (value[temp_len] == separator[0]) {
Steve French09d1db52005-04-28 22:41:08 -0700860 if (value[temp_len+1] ==
861 separator[0]) {
862 /* skip second comma */
863 temp_len++;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700864 } else {
865 /* single comma indicating start
866 of next parm */
867 break;
868 }
869 }
870 temp_len++;
871 }
872 if(value[temp_len] == 0) {
873 options = NULL;
874 } else {
875 value[temp_len] = 0;
876 /* point option to start of next parm */
877 options = value + temp_len + 1;
878 }
879 /* go from value to value + temp_len condensing
880 double commas to singles. Note that this ends up
881 allocating a few bytes too many, which is ok */
Pekka Enberge915fc42005-09-06 15:18:35 -0700882 vol->password = kzalloc(temp_len, GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -0700883 if(vol->password == NULL) {
884 printk("CIFS: no memory for pass\n");
885 return 1;
886 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700887 for(i=0,j=0;i<temp_len;i++,j++) {
888 vol->password[j] = value[i];
Steve French09d1db52005-04-28 22:41:08 -0700889 if(value[i] == separator[0]
890 && value[i+1] == separator[0]) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700891 /* skip second comma */
892 i++;
893 }
894 }
895 vol->password[j] = 0;
896 } else {
Pekka Enberge915fc42005-09-06 15:18:35 -0700897 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -0700898 if(vol->password == NULL) {
899 printk("CIFS: no memory for pass\n");
900 return 1;
901 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700902 strcpy(vol->password, value);
903 }
904 } else if (strnicmp(data, "ip", 2) == 0) {
905 if (!value || !*value) {
906 vol->UNCip = NULL;
907 } else if (strnlen(value, 35) < 35) {
908 vol->UNCip = value;
909 } else {
910 printk(KERN_WARNING "CIFS: ip address too long\n");
911 return 1;
912 }
Steve Frenchbf820672005-12-01 22:32:42 -0800913 } else if (strnicmp(data, "sec", 3) == 0) {
914 if (!value || !*value) {
915 cERROR(1,("no security value specified"));
916 continue;
917 } else if (strnicmp(value, "krb5i", 5) == 0) {
918 vol->sign = 1;
919 vol->krb5 = 1;
920 } else if (strnicmp(value, "krb5p", 5) == 0) {
921 /* vol->seal = 1;
922 vol->krb5 = 1; */
923 cERROR(1,("Krb5 cifs privacy not supported"));
924 return 1;
925 } else if (strnicmp(value, "krb5", 4) == 0) {
926 vol->krb5 = 1;
927 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
928 vol->ntlmv2 = 1;
929 vol->sign = 1;
930 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
931 vol->ntlmv2 = 1;
932 } else if (strnicmp(value, "ntlmi", 5) == 0) {
933 vol->ntlm = 1;
934 vol->sign = 1;
935 } else if (strnicmp(value, "ntlm", 4) == 0) {
936 /* ntlm is default so can be turned off too */
937 vol->ntlm = 1;
938 } else if (strnicmp(value, "nontlm", 6) == 0) {
939 vol->ntlm = 0;
940 } else if (strnicmp(value, "none", 4) == 0) {
941 vol->nullauth = 1;
942 } else {
943 cERROR(1,("bad security option: %s", value));
944 return 1;
945 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700946 } else if ((strnicmp(data, "unc", 3) == 0)
947 || (strnicmp(data, "target", 6) == 0)
948 || (strnicmp(data, "path", 4) == 0)) {
949 if (!value || !*value) {
950 printk(KERN_WARNING
951 "CIFS: invalid path to network resource\n");
952 return 1; /* needs_arg; */
953 }
954 if ((temp_len = strnlen(value, 300)) < 300) {
955 vol->UNC = kmalloc(temp_len+1,GFP_KERNEL);
956 if(vol->UNC == NULL)
957 return 1;
958 strcpy(vol->UNC,value);
959 if (strncmp(vol->UNC, "//", 2) == 0) {
960 vol->UNC[0] = '\\';
961 vol->UNC[1] = '\\';
962 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
963 printk(KERN_WARNING
964 "CIFS: UNC Path does not begin with // or \\\\ \n");
965 return 1;
966 }
967 } else {
968 printk(KERN_WARNING "CIFS: UNC name too long\n");
969 return 1;
970 }
971 } else if ((strnicmp(data, "domain", 3) == 0)
972 || (strnicmp(data, "workgroup", 5) == 0)) {
973 if (!value || !*value) {
974 printk(KERN_WARNING "CIFS: invalid domain name\n");
975 return 1; /* needs_arg; */
976 }
977 /* BB are there cases in which a comma can be valid in
978 a domain name and need special handling? */
979 if (strnlen(value, 65) < 65) {
980 vol->domainname = value;
981 cFYI(1, ("Domain name set"));
982 } else {
983 printk(KERN_WARNING "CIFS: domain name too long\n");
984 return 1;
985 }
986 } else if (strnicmp(data, "iocharset", 9) == 0) {
987 if (!value || !*value) {
988 printk(KERN_WARNING "CIFS: invalid iocharset specified\n");
989 return 1; /* needs_arg; */
990 }
991 if (strnlen(value, 65) < 65) {
992 if(strnicmp(value,"default",7))
993 vol->iocharset = value;
994 /* if iocharset not set load_nls_default used by caller */
995 cFYI(1, ("iocharset set to %s",value));
996 } else {
997 printk(KERN_WARNING "CIFS: iocharset name too long.\n");
998 return 1;
999 }
1000 } else if (strnicmp(data, "uid", 3) == 0) {
1001 if (value && *value) {
1002 vol->linux_uid =
1003 simple_strtoul(value, &value, 0);
1004 }
1005 } else if (strnicmp(data, "gid", 3) == 0) {
1006 if (value && *value) {
1007 vol->linux_gid =
1008 simple_strtoul(value, &value, 0);
1009 }
1010 } else if (strnicmp(data, "file_mode", 4) == 0) {
1011 if (value && *value) {
1012 vol->file_mode =
1013 simple_strtoul(value, &value, 0);
1014 }
1015 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1016 if (value && *value) {
1017 vol->dir_mode =
1018 simple_strtoul(value, &value, 0);
1019 }
1020 } else if (strnicmp(data, "dirmode", 4) == 0) {
1021 if (value && *value) {
1022 vol->dir_mode =
1023 simple_strtoul(value, &value, 0);
1024 }
1025 } else if (strnicmp(data, "port", 4) == 0) {
1026 if (value && *value) {
1027 vol->port =
1028 simple_strtoul(value, &value, 0);
1029 }
1030 } else if (strnicmp(data, "rsize", 5) == 0) {
1031 if (value && *value) {
1032 vol->rsize =
1033 simple_strtoul(value, &value, 0);
1034 }
1035 } else if (strnicmp(data, "wsize", 5) == 0) {
1036 if (value && *value) {
1037 vol->wsize =
1038 simple_strtoul(value, &value, 0);
1039 }
1040 } else if (strnicmp(data, "sockopt", 5) == 0) {
1041 if (value && *value) {
1042 vol->sockopt =
1043 simple_strtoul(value, &value, 0);
1044 }
1045 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1046 if (!value || !*value || (*value == ' ')) {
1047 cFYI(1,("invalid (empty) netbiosname specified"));
1048 } else {
1049 memset(vol->source_rfc1001_name,0x20,15);
1050 for(i=0;i<15;i++) {
1051 /* BB are there cases in which a comma can be
1052 valid in this workstation netbios name (and need
1053 special handling)? */
1054
1055 /* We do not uppercase netbiosname for user */
1056 if (value[i]==0)
1057 break;
1058 else
1059 vol->source_rfc1001_name[i] = value[i];
1060 }
1061 /* The string has 16th byte zero still from
1062 set at top of the function */
1063 if((i==15) && (value[i] != 0))
Steve Frencha10faeb22005-08-22 21:38:31 -07001064 printk(KERN_WARNING "CIFS: netbiosname longer than 15 truncated.\n");
1065 }
1066 } else if (strnicmp(data, "servern", 7) == 0) {
1067 /* servernetbiosname specified override *SMBSERVER */
1068 if (!value || !*value || (*value == ' ')) {
1069 cFYI(1,("empty server netbiosname specified"));
1070 } else {
1071 /* last byte, type, is 0x20 for servr type */
1072 memset(vol->target_rfc1001_name,0x20,16);
1073
1074 for(i=0;i<15;i++) {
1075 /* BB are there cases in which a comma can be
1076 valid in this workstation netbios name (and need
1077 special handling)? */
1078
1079 /* user or mount helper must uppercase netbiosname */
1080 if (value[i]==0)
1081 break;
1082 else
1083 vol->target_rfc1001_name[i] = value[i];
1084 }
1085 /* The string has 16th byte zero still from
1086 set at top of the function */
1087 if((i==15) && (value[i] != 0))
1088 printk(KERN_WARNING "CIFS: server netbiosname longer than 15 truncated.\n");
Linus Torvalds1da177e2005-04-16 15:20:36 -07001089 }
1090 } else if (strnicmp(data, "credentials", 4) == 0) {
1091 /* ignore */
1092 } else if (strnicmp(data, "version", 3) == 0) {
1093 /* ignore */
1094 } else if (strnicmp(data, "guest",5) == 0) {
1095 /* ignore */
1096 } else if (strnicmp(data, "rw", 2) == 0) {
1097 vol->rw = TRUE;
1098 } else if ((strnicmp(data, "suid", 4) == 0) ||
1099 (strnicmp(data, "nosuid", 6) == 0) ||
1100 (strnicmp(data, "exec", 4) == 0) ||
1101 (strnicmp(data, "noexec", 6) == 0) ||
1102 (strnicmp(data, "nodev", 5) == 0) ||
1103 (strnicmp(data, "noauto", 6) == 0) ||
1104 (strnicmp(data, "dev", 3) == 0)) {
1105 /* The mount tool or mount.cifs helper (if present)
1106 uses these opts to set flags, and the flags are read
1107 by the kernel vfs layer before we get here (ie
1108 before read super) so there is no point trying to
1109 parse these options again and set anything and it
1110 is ok to just ignore them */
1111 continue;
1112 } else if (strnicmp(data, "ro", 2) == 0) {
1113 vol->rw = FALSE;
1114 } else if (strnicmp(data, "hard", 4) == 0) {
1115 vol->retry = 1;
1116 } else if (strnicmp(data, "soft", 4) == 0) {
1117 vol->retry = 0;
1118 } else if (strnicmp(data, "perm", 4) == 0) {
1119 vol->noperm = 0;
1120 } else if (strnicmp(data, "noperm", 6) == 0) {
1121 vol->noperm = 1;
Steve French6a0b4822005-04-28 22:41:05 -07001122 } else if (strnicmp(data, "mapchars", 8) == 0) {
1123 vol->remap = 1;
1124 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1125 vol->remap = 0;
Steve Frenchd7245c22005-07-14 18:25:12 -05001126 } else if (strnicmp(data, "sfu", 3) == 0) {
1127 vol->sfu_emul = 1;
1128 } else if (strnicmp(data, "nosfu", 5) == 0) {
1129 vol->sfu_emul = 0;
Jeremy Allisonac670552005-06-22 17:26:35 -07001130 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1131 vol->posix_paths = 1;
1132 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1133 vol->posix_paths = 0;
Steve Frencha10faeb22005-08-22 21:38:31 -07001134 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1135 (strnicmp(data, "ignorecase", 10) == 0)) {
Steve Frenchc46fa8a2005-08-18 20:49:57 -07001136 vol->nocase = 1;
1137 } else if (strnicmp(data, "brl", 3) == 0) {
1138 vol->nobrl = 0;
Steve Frenchcb8be642005-08-30 15:25:52 -07001139 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
Steve French1c955182005-08-30 20:58:07 -07001140 (strnicmp(data, "nolock", 6) == 0)) {
Steve Frenchc46fa8a2005-08-18 20:49:57 -07001141 vol->nobrl = 1;
Steve Frenchd3485d32005-08-19 11:04:29 -07001142 /* turn off mandatory locking in mode
1143 if remote locking is turned off since the
1144 local vfs will do advisory */
1145 if(vol->file_mode == (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1146 vol->file_mode = S_IALLUGO;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001147 } else if (strnicmp(data, "setuids", 7) == 0) {
1148 vol->setuids = 1;
1149 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1150 vol->setuids = 0;
1151 } else if (strnicmp(data, "nohard", 6) == 0) {
1152 vol->retry = 0;
1153 } else if (strnicmp(data, "nosoft", 6) == 0) {
1154 vol->retry = 1;
1155 } else if (strnicmp(data, "nointr", 6) == 0) {
1156 vol->intr = 0;
1157 } else if (strnicmp(data, "intr", 4) == 0) {
1158 vol->intr = 1;
1159 } else if (strnicmp(data, "serverino",7) == 0) {
1160 vol->server_ino = 1;
1161 } else if (strnicmp(data, "noserverino",9) == 0) {
1162 vol->server_ino = 0;
Steve French0a4b92c2006-01-12 15:44:21 -08001163 } else if (strnicmp(data, "cifsacl",7) == 0) {
1164 vol->cifs_acl = 1;
1165 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1166 vol->cifs_acl = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001167 } else if (strnicmp(data, "acl",3) == 0) {
1168 vol->no_psx_acl = 0;
1169 } else if (strnicmp(data, "noacl",5) == 0) {
1170 vol->no_psx_acl = 1;
1171 } else if (strnicmp(data, "direct",6) == 0) {
1172 vol->direct_io = 1;
1173 } else if (strnicmp(data, "forcedirectio",13) == 0) {
1174 vol->direct_io = 1;
1175 } else if (strnicmp(data, "in6_addr",8) == 0) {
1176 if (!value || !*value) {
1177 vol->in6_addr = NULL;
1178 } else if (strnlen(value, 49) == 48) {
1179 vol->in6_addr = value;
1180 } else {
1181 printk(KERN_WARNING "CIFS: ip v6 address not 48 characters long\n");
1182 return 1;
1183 }
1184 } else if (strnicmp(data, "noac", 4) == 0) {
1185 printk(KERN_WARNING "CIFS: Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1186 } else
1187 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",data);
1188 }
1189 if (vol->UNC == NULL) {
1190 if(devname == NULL) {
1191 printk(KERN_WARNING "CIFS: Missing UNC name for mount target\n");
1192 return 1;
1193 }
1194 if ((temp_len = strnlen(devname, 300)) < 300) {
1195 vol->UNC = kmalloc(temp_len+1,GFP_KERNEL);
1196 if(vol->UNC == NULL)
1197 return 1;
1198 strcpy(vol->UNC,devname);
1199 if (strncmp(vol->UNC, "//", 2) == 0) {
1200 vol->UNC[0] = '\\';
1201 vol->UNC[1] = '\\';
1202 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1203 printk(KERN_WARNING "CIFS: UNC Path does not begin with // or \\\\ \n");
1204 return 1;
1205 }
1206 } else {
1207 printk(KERN_WARNING "CIFS: UNC name too long\n");
1208 return 1;
1209 }
1210 }
1211 if(vol->UNCip == NULL)
1212 vol->UNCip = &vol->UNC[2];
1213
1214 return 0;
1215}
1216
1217static struct cifsSesInfo *
1218cifs_find_tcp_session(struct in_addr * target_ip_addr,
1219 struct in6_addr *target_ip6_addr,
1220 char *userName, struct TCP_Server_Info **psrvTcp)
1221{
1222 struct list_head *tmp;
1223 struct cifsSesInfo *ses;
1224 *psrvTcp = NULL;
1225 read_lock(&GlobalSMBSeslock);
1226
1227 list_for_each(tmp, &GlobalSMBSessionList) {
1228 ses = list_entry(tmp, struct cifsSesInfo, cifsSessionList);
1229 if (ses->server) {
1230 if((target_ip_addr &&
1231 (ses->server->addr.sockAddr.sin_addr.s_addr
1232 == target_ip_addr->s_addr)) || (target_ip6_addr
1233 && memcmp(&ses->server->addr.sockAddr6.sin6_addr,
1234 target_ip6_addr,sizeof(*target_ip6_addr)))){
1235 /* BB lock server and tcp session and increment use count here?? */
1236 *psrvTcp = ses->server; /* found a match on the TCP session */
1237 /* BB check if reconnection needed */
1238 if (strncmp
1239 (ses->userName, userName,
1240 MAX_USERNAME_SIZE) == 0){
1241 read_unlock(&GlobalSMBSeslock);
1242 return ses; /* found exact match on both tcp and SMB sessions */
1243 }
1244 }
1245 }
1246 /* else tcp and smb sessions need reconnection */
1247 }
1248 read_unlock(&GlobalSMBSeslock);
1249 return NULL;
1250}
1251
1252static struct cifsTconInfo *
1253find_unc(__be32 new_target_ip_addr, char *uncName, char *userName)
1254{
1255 struct list_head *tmp;
1256 struct cifsTconInfo *tcon;
1257
1258 read_lock(&GlobalSMBSeslock);
1259 list_for_each(tmp, &GlobalTreeConnectionList) {
1260 cFYI(1, ("Next tcon - "));
1261 tcon = list_entry(tmp, struct cifsTconInfo, cifsConnectionList);
1262 if (tcon->ses) {
1263 if (tcon->ses->server) {
1264 cFYI(1,
1265 (" old ip addr: %x == new ip %x ?",
1266 tcon->ses->server->addr.sockAddr.sin_addr.
1267 s_addr, new_target_ip_addr));
1268 if (tcon->ses->server->addr.sockAddr.sin_addr.
1269 s_addr == new_target_ip_addr) {
1270 /* BB lock tcon and server and tcp session and increment use count here? */
1271 /* found a match on the TCP session */
1272 /* BB check if reconnection needed */
1273 cFYI(1,("Matched ip, old UNC: %s == new: %s ?",
1274 tcon->treeName, uncName));
1275 if (strncmp
1276 (tcon->treeName, uncName,
1277 MAX_TREE_SIZE) == 0) {
1278 cFYI(1,
1279 ("Matched UNC, old user: %s == new: %s ?",
1280 tcon->treeName, uncName));
1281 if (strncmp
1282 (tcon->ses->userName,
1283 userName,
1284 MAX_USERNAME_SIZE) == 0) {
1285 read_unlock(&GlobalSMBSeslock);
1286 return tcon;/* also matched user (smb session)*/
1287 }
1288 }
1289 }
1290 }
1291 }
1292 }
1293 read_unlock(&GlobalSMBSeslock);
1294 return NULL;
1295}
1296
1297int
1298connect_to_dfs_path(int xid, struct cifsSesInfo *pSesInfo,
Steve French737b7582005-04-28 22:41:06 -07001299 const char *old_path, const struct nls_table *nls_codepage,
1300 int remap)
Linus Torvalds1da177e2005-04-16 15:20:36 -07001301{
1302 unsigned char *referrals = NULL;
1303 unsigned int num_referrals;
1304 int rc = 0;
1305
1306 rc = get_dfs_path(xid, pSesInfo,old_path, nls_codepage,
Steve French737b7582005-04-28 22:41:06 -07001307 &num_referrals, &referrals, remap);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001308
1309 /* BB Add in code to: if valid refrl, if not ip address contact
1310 the helper that resolves tcp names, mount to it, try to
1311 tcon to it unmount it if fail */
1312
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001313 kfree(referrals);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001314
1315 return rc;
1316}
1317
1318int
1319get_dfs_path(int xid, struct cifsSesInfo *pSesInfo,
1320 const char *old_path, const struct nls_table *nls_codepage,
Steve French737b7582005-04-28 22:41:06 -07001321 unsigned int *pnum_referrals,
1322 unsigned char ** preferrals, int remap)
Linus Torvalds1da177e2005-04-16 15:20:36 -07001323{
1324 char *temp_unc;
1325 int rc = 0;
1326
1327 *pnum_referrals = 0;
1328
1329 if (pSesInfo->ipc_tid == 0) {
1330 temp_unc = kmalloc(2 /* for slashes */ +
1331 strnlen(pSesInfo->serverName,SERVER_NAME_LEN_WITH_NULL * 2)
1332 + 1 + 4 /* slash IPC$ */ + 2,
1333 GFP_KERNEL);
1334 if (temp_unc == NULL)
1335 return -ENOMEM;
1336 temp_unc[0] = '\\';
1337 temp_unc[1] = '\\';
1338 strcpy(temp_unc + 2, pSesInfo->serverName);
1339 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
1340 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
1341 cFYI(1,
1342 ("CIFS Tcon rc = %d ipc_tid = %d", rc,pSesInfo->ipc_tid));
1343 kfree(temp_unc);
1344 }
1345 if (rc == 0)
1346 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
Steve French737b7582005-04-28 22:41:06 -07001347 pnum_referrals, nls_codepage, remap);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001348
1349 return rc;
1350}
1351
1352/* See RFC1001 section 14 on representation of Netbios names */
1353static void rfc1002mangle(char * target,char * source, unsigned int length)
1354{
1355 unsigned int i,j;
1356
1357 for(i=0,j=0;i<(length);i++) {
1358 /* mask a nibble at a time and encode */
1359 target[j] = 'A' + (0x0F & (source[i] >> 4));
1360 target[j+1] = 'A' + (0x0F & source[i]);
1361 j+=2;
1362 }
1363
1364}
1365
1366
1367static int
1368ipv4_connect(struct sockaddr_in *psin_server, struct socket **csocket,
Steve Frencha10faeb22005-08-22 21:38:31 -07001369 char * netbios_name, char * target_name)
Linus Torvalds1da177e2005-04-16 15:20:36 -07001370{
1371 int rc = 0;
1372 int connected = 0;
1373 __be16 orig_port = 0;
1374
1375 if(*csocket == NULL) {
1376 rc = sock_create_kern(PF_INET, SOCK_STREAM, IPPROTO_TCP, csocket);
1377 if (rc < 0) {
1378 cERROR(1, ("Error %d creating socket",rc));
1379 *csocket = NULL;
1380 return rc;
1381 } else {
1382 /* BB other socket options to set KEEPALIVE, NODELAY? */
1383 cFYI(1,("Socket created"));
1384 (*csocket)->sk->sk_allocation = GFP_NOFS;
1385 }
1386 }
1387
1388 psin_server->sin_family = AF_INET;
1389 if(psin_server->sin_port) { /* user overrode default port */
1390 rc = (*csocket)->ops->connect(*csocket,
1391 (struct sockaddr *) psin_server,
1392 sizeof (struct sockaddr_in),0);
1393 if (rc >= 0)
1394 connected = 1;
1395 }
1396
1397 if(!connected) {
1398 /* save original port so we can retry user specified port
1399 later if fall back ports fail this time */
1400 orig_port = psin_server->sin_port;
1401
1402 /* do not retry on the same port we just failed on */
1403 if(psin_server->sin_port != htons(CIFS_PORT)) {
1404 psin_server->sin_port = htons(CIFS_PORT);
1405
1406 rc = (*csocket)->ops->connect(*csocket,
1407 (struct sockaddr *) psin_server,
1408 sizeof (struct sockaddr_in),0);
1409 if (rc >= 0)
1410 connected = 1;
1411 }
1412 }
1413 if (!connected) {
1414 psin_server->sin_port = htons(RFC1001_PORT);
1415 rc = (*csocket)->ops->connect(*csocket, (struct sockaddr *)
1416 psin_server, sizeof (struct sockaddr_in),0);
1417 if (rc >= 0)
1418 connected = 1;
1419 }
1420
1421 /* give up here - unless we want to retry on different
1422 protocol families some day */
1423 if (!connected) {
1424 if(orig_port)
1425 psin_server->sin_port = orig_port;
1426 cFYI(1,("Error %d connecting to server via ipv4",rc));
1427 sock_release(*csocket);
1428 *csocket = NULL;
1429 return rc;
1430 }
1431 /* Eventually check for other socket options to change from
1432 the default. sock_setsockopt not used because it expects
1433 user space buffer */
Steve Frenchb387eae2005-10-10 14:21:15 -07001434 cFYI(1,("sndbuf %d rcvbuf %d rcvtimeo 0x%lx",(*csocket)->sk->sk_sndbuf,
1435 (*csocket)->sk->sk_rcvbuf, (*csocket)->sk->sk_rcvtimeo));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001436 (*csocket)->sk->sk_rcvtimeo = 7 * HZ;
Steve Frenchb387eae2005-10-10 14:21:15 -07001437 /* make the bufsizes depend on wsize/rsize and max requests */
1438 if((*csocket)->sk->sk_sndbuf < (200 * 1024))
1439 (*csocket)->sk->sk_sndbuf = 200 * 1024;
1440 if((*csocket)->sk->sk_rcvbuf < (140 * 1024))
1441 (*csocket)->sk->sk_rcvbuf = 140 * 1024;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001442
1443 /* send RFC1001 sessinit */
Linus Torvalds1da177e2005-04-16 15:20:36 -07001444 if(psin_server->sin_port == htons(RFC1001_PORT)) {
1445 /* some servers require RFC1001 sessinit before sending
1446 negprot - BB check reconnection in case where second
1447 sessinit is sent but no second negprot */
1448 struct rfc1002_session_packet * ses_init_buf;
1449 struct smb_hdr * smb_buf;
Pekka Enberge915fc42005-09-06 15:18:35 -07001450 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet), GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001451 if(ses_init_buf) {
1452 ses_init_buf->trailer.session_req.called_len = 32;
Steve Frencha10faeb22005-08-22 21:38:31 -07001453 if(target_name && (target_name[0] != 0)) {
1454 rfc1002mangle(ses_init_buf->trailer.session_req.called_name,
1455 target_name, 16);
1456 } else {
1457 rfc1002mangle(ses_init_buf->trailer.session_req.called_name,
1458 DEFAULT_CIFS_CALLED_NAME,16);
1459 }
1460
Linus Torvalds1da177e2005-04-16 15:20:36 -07001461 ses_init_buf->trailer.session_req.calling_len = 32;
1462 /* calling name ends in null (byte 16) from old smb
1463 convention. */
1464 if(netbios_name && (netbios_name[0] !=0)) {
1465 rfc1002mangle(ses_init_buf->trailer.session_req.calling_name,
1466 netbios_name,16);
1467 } else {
1468 rfc1002mangle(ses_init_buf->trailer.session_req.calling_name,
1469 "LINUX_CIFS_CLNT",16);
1470 }
1471 ses_init_buf->trailer.session_req.scope1 = 0;
1472 ses_init_buf->trailer.session_req.scope2 = 0;
1473 smb_buf = (struct smb_hdr *)ses_init_buf;
1474 /* sizeof RFC1002_SESSION_REQUEST with no scope */
1475 smb_buf->smb_buf_length = 0x81000044;
1476 rc = smb_send(*csocket, smb_buf, 0x44,
1477 (struct sockaddr *)psin_server);
1478 kfree(ses_init_buf);
1479 }
1480 /* else the negprot may still work without this
1481 even though malloc failed */
1482
1483 }
1484
1485 return rc;
1486}
1487
1488static int
1489ipv6_connect(struct sockaddr_in6 *psin_server, struct socket **csocket)
1490{
1491 int rc = 0;
1492 int connected = 0;
1493 __be16 orig_port = 0;
1494
1495 if(*csocket == NULL) {
1496 rc = sock_create_kern(PF_INET6, SOCK_STREAM, IPPROTO_TCP, csocket);
1497 if (rc < 0) {
1498 cERROR(1, ("Error %d creating ipv6 socket",rc));
1499 *csocket = NULL;
1500 return rc;
1501 } else {
1502 /* BB other socket options to set KEEPALIVE, NODELAY? */
1503 cFYI(1,("ipv6 Socket created"));
1504 (*csocket)->sk->sk_allocation = GFP_NOFS;
1505 }
1506 }
1507
1508 psin_server->sin6_family = AF_INET6;
1509
1510 if(psin_server->sin6_port) { /* user overrode default port */
1511 rc = (*csocket)->ops->connect(*csocket,
1512 (struct sockaddr *) psin_server,
1513 sizeof (struct sockaddr_in6),0);
1514 if (rc >= 0)
1515 connected = 1;
1516 }
1517
1518 if(!connected) {
1519 /* save original port so we can retry user specified port
1520 later if fall back ports fail this time */
1521
1522 orig_port = psin_server->sin6_port;
1523 /* do not retry on the same port we just failed on */
1524 if(psin_server->sin6_port != htons(CIFS_PORT)) {
1525 psin_server->sin6_port = htons(CIFS_PORT);
1526
1527 rc = (*csocket)->ops->connect(*csocket,
1528 (struct sockaddr *) psin_server,
1529 sizeof (struct sockaddr_in6),0);
1530 if (rc >= 0)
1531 connected = 1;
1532 }
1533 }
1534 if (!connected) {
1535 psin_server->sin6_port = htons(RFC1001_PORT);
1536 rc = (*csocket)->ops->connect(*csocket, (struct sockaddr *)
1537 psin_server, sizeof (struct sockaddr_in6),0);
1538 if (rc >= 0)
1539 connected = 1;
1540 }
1541
1542 /* give up here - unless we want to retry on different
1543 protocol families some day */
1544 if (!connected) {
1545 if(orig_port)
1546 psin_server->sin6_port = orig_port;
1547 cFYI(1,("Error %d connecting to server via ipv6",rc));
1548 sock_release(*csocket);
1549 *csocket = NULL;
1550 return rc;
1551 }
1552 /* Eventually check for other socket options to change from
1553 the default. sock_setsockopt not used because it expects
1554 user space buffer */
1555 (*csocket)->sk->sk_rcvtimeo = 7 * HZ;
1556
1557 return rc;
1558}
1559
1560int
1561cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
1562 char *mount_data, const char *devname)
1563{
1564 int rc = 0;
1565 int xid;
1566 int address_type = AF_INET;
1567 struct socket *csocket = NULL;
1568 struct sockaddr_in sin_server;
1569 struct sockaddr_in6 sin_server6;
1570 struct smb_vol volume_info;
1571 struct cifsSesInfo *pSesInfo = NULL;
1572 struct cifsSesInfo *existingCifsSes = NULL;
1573 struct cifsTconInfo *tcon = NULL;
1574 struct TCP_Server_Info *srvTcp = NULL;
1575
1576 xid = GetXid();
1577
1578/* cFYI(1, ("Entering cifs_mount. Xid: %d with: %s", xid, mount_data)); */
1579
1580 memset(&volume_info,0,sizeof(struct smb_vol));
1581 if (cifs_parse_mount_options(mount_data, devname, &volume_info)) {
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001582 kfree(volume_info.UNC);
1583 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001584 FreeXid(xid);
1585 return -EINVAL;
1586 }
1587
1588 if (volume_info.username) {
1589 /* BB fixme parse for domain name here */
1590 cFYI(1, ("Username: %s ", volume_info.username));
1591
1592 } else {
Steve Frenchbf820672005-12-01 22:32:42 -08001593 cifserror("No username specified");
Linus Torvalds1da177e2005-04-16 15:20:36 -07001594 /* In userspace mount helper we can get user name from alternate
1595 locations such as env variables and files on disk */
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001596 kfree(volume_info.UNC);
1597 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001598 FreeXid(xid);
1599 return -EINVAL;
1600 }
1601
1602 if (volume_info.UNCip && volume_info.UNC) {
1603 rc = cifs_inet_pton(AF_INET, volume_info.UNCip,&sin_server.sin_addr.s_addr);
1604
1605 if(rc <= 0) {
1606 /* not ipv4 address, try ipv6 */
1607 rc = cifs_inet_pton(AF_INET6,volume_info.UNCip,&sin_server6.sin6_addr.in6_u);
1608 if(rc > 0)
1609 address_type = AF_INET6;
1610 } else {
1611 address_type = AF_INET;
1612 }
1613
1614 if(rc <= 0) {
1615 /* we failed translating address */
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001616 kfree(volume_info.UNC);
1617 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001618 FreeXid(xid);
1619 return -EINVAL;
1620 }
1621
1622 cFYI(1, ("UNC: %s ip: %s", volume_info.UNC, volume_info.UNCip));
1623 /* success */
1624 rc = 0;
1625 } else if (volume_info.UNCip){
1626 /* BB using ip addr as server name connect to the DFS root below */
1627 cERROR(1,("Connecting to DFS root not implemented yet"));
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001628 kfree(volume_info.UNC);
1629 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001630 FreeXid(xid);
1631 return -EINVAL;
1632 } else /* which servers DFS root would we conect to */ {
1633 cERROR(1,
Steve Frenchbf820672005-12-01 22:32:42 -08001634 ("CIFS mount error: No UNC path (e.g. -o unc=//192.168.1.100/public) specified"));
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001635 kfree(volume_info.UNC);
1636 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001637 FreeXid(xid);
1638 return -EINVAL;
1639 }
1640
1641 /* this is needed for ASCII cp to Unicode converts */
1642 if(volume_info.iocharset == NULL) {
1643 cifs_sb->local_nls = load_nls_default();
1644 /* load_nls_default can not return null */
1645 } else {
1646 cifs_sb->local_nls = load_nls(volume_info.iocharset);
1647 if(cifs_sb->local_nls == NULL) {
1648 cERROR(1,("CIFS mount error: iocharset %s not found",volume_info.iocharset));
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001649 kfree(volume_info.UNC);
1650 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001651 FreeXid(xid);
1652 return -ELIBACC;
1653 }
1654 }
1655
1656 if(address_type == AF_INET)
1657 existingCifsSes = cifs_find_tcp_session(&sin_server.sin_addr,
1658 NULL /* no ipv6 addr */,
1659 volume_info.username, &srvTcp);
1660 else if(address_type == AF_INET6)
1661 existingCifsSes = cifs_find_tcp_session(NULL /* no ipv4 addr */,
1662 &sin_server6.sin6_addr,
1663 volume_info.username, &srvTcp);
1664 else {
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001665 kfree(volume_info.UNC);
1666 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001667 FreeXid(xid);
1668 return -EINVAL;
1669 }
1670
1671
1672 if (srvTcp) {
Steve Frenchbf820672005-12-01 22:32:42 -08001673 cFYI(1, ("Existing tcp session with server found"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001674 } else { /* create socket */
1675 if(volume_info.port)
1676 sin_server.sin_port = htons(volume_info.port);
1677 else
1678 sin_server.sin_port = 0;
Steve Frencha10faeb22005-08-22 21:38:31 -07001679 rc = ipv4_connect(&sin_server,&csocket,
1680 volume_info.source_rfc1001_name,
1681 volume_info.target_rfc1001_name);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001682 if (rc < 0) {
1683 cERROR(1,
1684 ("Error connecting to IPv4 socket. Aborting operation"));
1685 if(csocket != NULL)
1686 sock_release(csocket);
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001687 kfree(volume_info.UNC);
1688 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001689 FreeXid(xid);
1690 return rc;
1691 }
1692
1693 srvTcp = kmalloc(sizeof (struct TCP_Server_Info), GFP_KERNEL);
1694 if (srvTcp == NULL) {
1695 rc = -ENOMEM;
1696 sock_release(csocket);
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001697 kfree(volume_info.UNC);
1698 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001699 FreeXid(xid);
1700 return rc;
1701 } else {
1702 memset(srvTcp, 0, sizeof (struct TCP_Server_Info));
1703 memcpy(&srvTcp->addr.sockAddr, &sin_server, sizeof (struct sockaddr_in));
1704 atomic_set(&srvTcp->inFlight,0);
1705 /* BB Add code for ipv6 case too */
1706 srvTcp->ssocket = csocket;
1707 srvTcp->protocolType = IPV4;
1708 init_waitqueue_head(&srvTcp->response_q);
1709 init_waitqueue_head(&srvTcp->request_q);
1710 INIT_LIST_HEAD(&srvTcp->pending_mid_q);
1711 /* at this point we are the only ones with the pointer
1712 to the struct since the kernel thread not created yet
1713 so no need to spinlock this init of tcpStatus */
1714 srvTcp->tcpStatus = CifsNew;
1715 init_MUTEX(&srvTcp->tcpSem);
1716 rc = (int)kernel_thread((void *)(void *)cifs_demultiplex_thread, srvTcp,
1717 CLONE_FS | CLONE_FILES | CLONE_VM);
1718 if(rc < 0) {
1719 rc = -ENOMEM;
1720 sock_release(csocket);
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001721 kfree(volume_info.UNC);
1722 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001723 FreeXid(xid);
1724 return rc;
Steve Frenchf1914012005-08-18 09:37:34 -07001725 }
1726 wait_for_completion(&cifsd_complete);
1727 rc = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001728 memcpy(srvTcp->workstation_RFC1001_name, volume_info.source_rfc1001_name,16);
Steve Frencha10faeb22005-08-22 21:38:31 -07001729 memcpy(srvTcp->server_RFC1001_name, volume_info.target_rfc1001_name,16);
Steve Frenchad009ac2005-04-28 22:41:05 -07001730 srvTcp->sequence_number = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001731 }
1732 }
1733
1734 if (existingCifsSes) {
1735 pSesInfo = existingCifsSes;
Steve Frenchbf820672005-12-01 22:32:42 -08001736 cFYI(1, ("Existing smb sess found"));
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001737 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001738 /* volume_info.UNC freed at end of function */
1739 } else if (!rc) {
Steve Frenchbf820672005-12-01 22:32:42 -08001740 cFYI(1, ("Existing smb sess not found"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001741 pSesInfo = sesInfoAlloc();
1742 if (pSesInfo == NULL)
1743 rc = -ENOMEM;
1744 else {
1745 pSesInfo->server = srvTcp;
1746 sprintf(pSesInfo->serverName, "%u.%u.%u.%u",
1747 NIPQUAD(sin_server.sin_addr.s_addr));
1748 }
1749
1750 if (!rc){
1751 /* volume_info.password freed at unmount */
1752 if (volume_info.password)
1753 pSesInfo->password = volume_info.password;
1754 if (volume_info.username)
1755 strncpy(pSesInfo->userName,
1756 volume_info.username,MAX_USERNAME_SIZE);
1757 if (volume_info.domainname)
1758 strncpy(pSesInfo->domainName,
1759 volume_info.domainname,MAX_USERNAME_SIZE);
1760 pSesInfo->linux_uid = volume_info.linux_uid;
1761 down(&pSesInfo->sesSem);
1762 rc = cifs_setup_session(xid,pSesInfo, cifs_sb->local_nls);
1763 up(&pSesInfo->sesSem);
1764 if(!rc)
1765 atomic_inc(&srvTcp->socketUseCount);
1766 } else
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001767 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001768 }
1769
1770 /* search for existing tcon to this server share */
1771 if (!rc) {
Steve French0ae0efa2005-10-10 10:57:19 -07001772 if(volume_info.rsize > CIFSMaxBufSize) {
1773 cERROR(1,("rsize %d too large, using MaxBufSize",
1774 volume_info.rsize));
1775 cifs_sb->rsize = CIFSMaxBufSize;
1776 } else if((volume_info.rsize) && (volume_info.rsize <= CIFSMaxBufSize))
Linus Torvalds1da177e2005-04-16 15:20:36 -07001777 cifs_sb->rsize = volume_info.rsize;
Steve French0ae0efa2005-10-10 10:57:19 -07001778 else /* default */
1779 cifs_sb->rsize = CIFSMaxBufSize;
1780
1781 if(volume_info.wsize > PAGEVEC_SIZE * PAGE_CACHE_SIZE) {
1782 cERROR(1,("wsize %d too large using 4096 instead",
1783 volume_info.wsize));
1784 cifs_sb->wsize = 4096;
1785 } else if(volume_info.wsize)
Linus Torvalds1da177e2005-04-16 15:20:36 -07001786 cifs_sb->wsize = volume_info.wsize;
1787 else
Steve French17cbbaf2006-01-24 20:26:48 -08001788 cifs_sb->wsize =
Steve French1877c9e2006-01-27 18:36:11 -08001789 min_t(const int, PAGEVEC_SIZE * PAGE_CACHE_SIZE,
1790 127*1024);
Steve French17cbbaf2006-01-24 20:26:48 -08001791 /* old default of CIFSMaxBufSize was too small now
1792 that SMB Write2 can send multiple pages in kvec.
1793 RFC1001 does not describe what happens when frame
1794 bigger than 128K is sent so use that as max in
1795 conjunction with 52K kvec constraint on arch with 4K
1796 page size */
1797
Steve French6cec2ae2006-02-22 17:31:52 -06001798 if(cifs_sb->rsize < 2048) {
1799 cifs_sb->rsize = 2048;
1800 /* Windows ME may prefer this */
1801 cFYI(1,("readsize set to minimum 2048"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001802 }
1803 cifs_sb->mnt_uid = volume_info.linux_uid;
1804 cifs_sb->mnt_gid = volume_info.linux_gid;
1805 cifs_sb->mnt_file_mode = volume_info.file_mode;
1806 cifs_sb->mnt_dir_mode = volume_info.dir_mode;
Steve Frencheeac8042006-01-13 21:34:58 -08001807 cFYI(1,("file mode: 0x%x dir mode: 0x%x",
1808 cifs_sb->mnt_file_mode,cifs_sb->mnt_dir_mode));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001809
1810 if(volume_info.noperm)
1811 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
1812 if(volume_info.setuids)
1813 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
1814 if(volume_info.server_ino)
1815 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
Steve French6a0b4822005-04-28 22:41:05 -07001816 if(volume_info.remap)
1817 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001818 if(volume_info.no_xattr)
1819 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
Steve Frenchd7245c22005-07-14 18:25:12 -05001820 if(volume_info.sfu_emul)
1821 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
Steve Frenchc46fa8a2005-08-18 20:49:57 -07001822 if(volume_info.nobrl)
1823 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
Steve French0a4b92c2006-01-12 15:44:21 -08001824 if(volume_info.cifs_acl)
1825 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
Jeremy Allisonac670552005-06-22 17:26:35 -07001826
Linus Torvalds1da177e2005-04-16 15:20:36 -07001827 if(volume_info.direct_io) {
Steve Frenchc46fa8a2005-08-18 20:49:57 -07001828 cFYI(1,("mounting share using direct i/o"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001829 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
1830 }
1831
1832 tcon =
1833 find_unc(sin_server.sin_addr.s_addr, volume_info.UNC,
1834 volume_info.username);
1835 if (tcon) {
Steve Frenchbf820672005-12-01 22:32:42 -08001836 cFYI(1, ("Found match on UNC path"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001837 /* we can have only one retry value for a connection
1838 to a share so for resources mounted more than once
1839 to the same server share the last value passed in
1840 for the retry flag is used */
1841 tcon->retry = volume_info.retry;
Steve Frenchd3485d32005-08-19 11:04:29 -07001842 tcon->nocase = volume_info.nocase;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001843 } else {
1844 tcon = tconInfoAlloc();
1845 if (tcon == NULL)
1846 rc = -ENOMEM;
1847 else {
1848 /* check for null share name ie connect to dfs root */
1849
1850 /* BB check if this works for exactly length three strings */
1851 if ((strchr(volume_info.UNC + 3, '\\') == NULL)
1852 && (strchr(volume_info.UNC + 3, '/') ==
1853 NULL)) {
Steve French737b7582005-04-28 22:41:06 -07001854 rc = connect_to_dfs_path(xid, pSesInfo,
1855 "", cifs_sb->local_nls,
1856 cifs_sb->mnt_cifs_flags &
1857 CIFS_MOUNT_MAP_SPECIAL_CHR);
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001858 kfree(volume_info.UNC);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001859 FreeXid(xid);
1860 return -ENODEV;
1861 } else {
1862 rc = CIFSTCon(xid, pSesInfo,
1863 volume_info.UNC,
1864 tcon, cifs_sb->local_nls);
1865 cFYI(1, ("CIFS Tcon rc = %d", rc));
1866 }
1867 if (!rc) {
1868 atomic_inc(&pSesInfo->inUse);
1869 tcon->retry = volume_info.retry;
Steve Frenchd3485d32005-08-19 11:04:29 -07001870 tcon->nocase = volume_info.nocase;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001871 }
1872 }
1873 }
1874 }
1875 if(pSesInfo) {
1876 if (pSesInfo->capabilities & CAP_LARGE_FILES) {
1877 sb->s_maxbytes = (u64) 1 << 63;
1878 } else
1879 sb->s_maxbytes = (u64) 1 << 31; /* 2 GB */
1880 }
1881
1882 sb->s_time_gran = 100;
1883
1884/* on error free sesinfo and tcon struct if needed */
1885 if (rc) {
1886 /* if session setup failed, use count is zero but
1887 we still need to free cifsd thread */
1888 if(atomic_read(&srvTcp->socketUseCount) == 0) {
1889 spin_lock(&GlobalMid_Lock);
1890 srvTcp->tcpStatus = CifsExiting;
1891 spin_unlock(&GlobalMid_Lock);
Steve Frenchf1914012005-08-18 09:37:34 -07001892 if(srvTcp->tsk) {
Linus Torvalds1da177e2005-04-16 15:20:36 -07001893 send_sig(SIGKILL,srvTcp->tsk,1);
Steve Frenchf1914012005-08-18 09:37:34 -07001894 wait_for_completion(&cifsd_complete);
1895 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07001896 }
1897 /* If find_unc succeeded then rc == 0 so we can not end */
1898 if (tcon) /* up accidently freeing someone elses tcon struct */
1899 tconInfoFree(tcon);
1900 if (existingCifsSes == NULL) {
1901 if (pSesInfo) {
1902 if ((pSesInfo->server) &&
1903 (pSesInfo->status == CifsGood)) {
1904 int temp_rc;
1905 temp_rc = CIFSSMBLogoff(xid, pSesInfo);
1906 /* if the socketUseCount is now zero */
1907 if((temp_rc == -ESHUTDOWN) &&
Steve Frenchf1914012005-08-18 09:37:34 -07001908 (pSesInfo->server->tsk)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -07001909 send_sig(SIGKILL,pSesInfo->server->tsk,1);
Steve Frenchf1914012005-08-18 09:37:34 -07001910 wait_for_completion(&cifsd_complete);
1911 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07001912 } else
1913 cFYI(1, ("No session or bad tcon"));
1914 sesInfoFree(pSesInfo);
1915 /* pSesInfo = NULL; */
1916 }
1917 }
1918 } else {
1919 atomic_inc(&tcon->useCount);
1920 cifs_sb->tcon = tcon;
1921 tcon->ses = pSesInfo;
1922
Steve French82940a42006-03-02 03:24:57 +00001923 /* do not care if following two calls succeed - informational */
Steve French737b7582005-04-28 22:41:06 -07001924 CIFSSMBQFSDeviceInfo(xid, tcon);
1925 CIFSSMBQFSAttributeInfo(xid, tcon);
Steve French82940a42006-03-02 03:24:57 +00001926
Linus Torvalds1da177e2005-04-16 15:20:36 -07001927 if (tcon->ses->capabilities & CAP_UNIX) {
Steve French737b7582005-04-28 22:41:06 -07001928 if(!CIFSSMBQFSUnixInfo(xid, tcon)) {
Steve French82940a42006-03-02 03:24:57 +00001929 __u64 cap =
1930 le64_to_cpu(tcon->fsUnixInfo.Capability);
1931 cap &= CIFS_UNIX_CAP_MASK;
1932 if(volume_info.no_psx_acl)
1933 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
1934 else if(CIFS_UNIX_POSIX_ACL_CAP & cap) {
1935 cFYI(1,("negotiated posix acl support"));
1936 sb->s_flags |= MS_POSIXACL;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001937 }
Jeremy Allisonac670552005-06-22 17:26:35 -07001938
Steve French82940a42006-03-02 03:24:57 +00001939 if(volume_info.posix_paths == 0)
1940 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
1941 else if(cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
1942 cFYI(1,("negotiate posix pathnames"));
1943 cifs_sb->mnt_cifs_flags |=
1944 CIFS_MOUNT_POSIX_PATHS;
1945 }
1946
1947 cFYI(1,("Negotiate caps 0x%x",(int)cap));
1948
1949 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
1950 cFYI(1,("setting capabilities failed"));
Jeremy Allisonac670552005-06-22 17:26:35 -07001951 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07001952 }
1953 }
Steve French3e844692005-10-03 13:37:24 -07001954 if (!(tcon->ses->capabilities & CAP_LARGE_WRITE_X))
1955 cifs_sb->wsize = min(cifs_sb->wsize,
1956 (tcon->ses->server->maxBuf -
1957 MAX_CIFS_HDR_SIZE));
Steve French0ae0efa2005-10-10 10:57:19 -07001958 if (!(tcon->ses->capabilities & CAP_LARGE_READ_X))
1959 cifs_sb->rsize = min(cifs_sb->rsize,
1960 (tcon->ses->server->maxBuf -
1961 MAX_CIFS_HDR_SIZE));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001962 }
1963
1964 /* volume_info.password is freed above when existing session found
1965 (in which case it is not needed anymore) but when new sesion is created
1966 the password ptr is put in the new session structure (in which case the
1967 password will be freed at unmount time) */
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001968 kfree(volume_info.UNC);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001969 FreeXid(xid);
1970 return rc;
1971}
1972
1973static int
1974CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
1975 char session_key[CIFS_SESSION_KEY_SIZE],
1976 const struct nls_table *nls_codepage)
1977{
1978 struct smb_hdr *smb_buffer;
1979 struct smb_hdr *smb_buffer_response;
1980 SESSION_SETUP_ANDX *pSMB;
1981 SESSION_SETUP_ANDX *pSMBr;
1982 char *bcc_ptr;
1983 char *user;
1984 char *domain;
1985 int rc = 0;
1986 int remaining_words = 0;
1987 int bytes_returned = 0;
1988 int len;
1989 __u32 capabilities;
1990 __u16 count;
1991
Steve Frencheeac8042006-01-13 21:34:58 -08001992 cFYI(1, ("In sesssetup"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001993 if(ses == NULL)
1994 return -EINVAL;
1995 user = ses->userName;
1996 domain = ses->domainName;
1997 smb_buffer = cifs_buf_get();
1998 if (smb_buffer == NULL) {
1999 return -ENOMEM;
2000 }
2001 smb_buffer_response = smb_buffer;
2002 pSMBr = pSMB = (SESSION_SETUP_ANDX *) smb_buffer;
2003
2004 /* send SMBsessionSetup here */
2005 header_assemble(smb_buffer, SMB_COM_SESSION_SETUP_ANDX,
2006 NULL /* no tCon exists yet */ , 13 /* wct */ );
2007
Steve French1982c342005-08-17 12:38:22 -07002008 smb_buffer->Mid = GetNextMid(ses->server);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002009 pSMB->req_no_secext.AndXCommand = 0xFF;
2010 pSMB->req_no_secext.MaxBufferSize = cpu_to_le16(ses->server->maxBuf);
2011 pSMB->req_no_secext.MaxMpxCount = cpu_to_le16(ses->server->maxReq);
2012
2013 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
2014 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
2015
2016 capabilities = CAP_LARGE_FILES | CAP_NT_SMBS | CAP_LEVEL_II_OPLOCKS |
2017 CAP_LARGE_WRITE_X | CAP_LARGE_READ_X;
2018 if (ses->capabilities & CAP_UNICODE) {
2019 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
2020 capabilities |= CAP_UNICODE;
2021 }
2022 if (ses->capabilities & CAP_STATUS32) {
2023 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
2024 capabilities |= CAP_STATUS32;
2025 }
2026 if (ses->capabilities & CAP_DFS) {
2027 smb_buffer->Flags2 |= SMBFLG2_DFS;
2028 capabilities |= CAP_DFS;
2029 }
2030 pSMB->req_no_secext.Capabilities = cpu_to_le32(capabilities);
2031
2032 pSMB->req_no_secext.CaseInsensitivePasswordLength =
2033 cpu_to_le16(CIFS_SESSION_KEY_SIZE);
2034
2035 pSMB->req_no_secext.CaseSensitivePasswordLength =
2036 cpu_to_le16(CIFS_SESSION_KEY_SIZE);
2037 bcc_ptr = pByteArea(smb_buffer);
2038 memcpy(bcc_ptr, (char *) session_key, CIFS_SESSION_KEY_SIZE);
2039 bcc_ptr += CIFS_SESSION_KEY_SIZE;
2040 memcpy(bcc_ptr, (char *) session_key, CIFS_SESSION_KEY_SIZE);
2041 bcc_ptr += CIFS_SESSION_KEY_SIZE;
2042
2043 if (ses->capabilities & CAP_UNICODE) {
2044 if ((long) bcc_ptr % 2) { /* must be word aligned for Unicode */
2045 *bcc_ptr = 0;
2046 bcc_ptr++;
2047 }
2048 if(user == NULL)
2049 bytes_returned = 0; /* skill null user */
2050 else
2051 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002052 cifs_strtoUCS((__le16 *) bcc_ptr, user, 100,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002053 nls_codepage);
2054 /* convert number of 16 bit words to bytes */
2055 bcc_ptr += 2 * bytes_returned;
2056 bcc_ptr += 2; /* trailing null */
2057 if (domain == NULL)
2058 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002059 cifs_strtoUCS((__le16 *) bcc_ptr,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002060 "CIFS_LINUX_DOM", 32, nls_codepage);
2061 else
2062 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002063 cifs_strtoUCS((__le16 *) bcc_ptr, domain, 64,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002064 nls_codepage);
2065 bcc_ptr += 2 * bytes_returned;
2066 bcc_ptr += 2;
2067 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002068 cifs_strtoUCS((__le16 *) bcc_ptr, "Linux version ",
Linus Torvalds1da177e2005-04-16 15:20:36 -07002069 32, nls_codepage);
2070 bcc_ptr += 2 * bytes_returned;
2071 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002072 cifs_strtoUCS((__le16 *) bcc_ptr, system_utsname.release,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002073 32, nls_codepage);
2074 bcc_ptr += 2 * bytes_returned;
2075 bcc_ptr += 2;
2076 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002077 cifs_strtoUCS((__le16 *) bcc_ptr, CIFS_NETWORK_OPSYS,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002078 64, nls_codepage);
2079 bcc_ptr += 2 * bytes_returned;
2080 bcc_ptr += 2;
2081 } else {
2082 if(user != NULL) {
2083 strncpy(bcc_ptr, user, 200);
2084 bcc_ptr += strnlen(user, 200);
2085 }
2086 *bcc_ptr = 0;
2087 bcc_ptr++;
2088 if (domain == NULL) {
2089 strcpy(bcc_ptr, "CIFS_LINUX_DOM");
2090 bcc_ptr += strlen("CIFS_LINUX_DOM") + 1;
2091 } else {
2092 strncpy(bcc_ptr, domain, 64);
2093 bcc_ptr += strnlen(domain, 64);
2094 *bcc_ptr = 0;
2095 bcc_ptr++;
2096 }
2097 strcpy(bcc_ptr, "Linux version ");
2098 bcc_ptr += strlen("Linux version ");
2099 strcpy(bcc_ptr, system_utsname.release);
2100 bcc_ptr += strlen(system_utsname.release) + 1;
2101 strcpy(bcc_ptr, CIFS_NETWORK_OPSYS);
2102 bcc_ptr += strlen(CIFS_NETWORK_OPSYS) + 1;
2103 }
2104 count = (long) bcc_ptr - (long) pByteArea(smb_buffer);
2105 smb_buffer->smb_buf_length += count;
2106 pSMB->req_no_secext.ByteCount = cpu_to_le16(count);
2107
2108 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response,
2109 &bytes_returned, 1);
2110 if (rc) {
2111/* rc = map_smb_to_linux_error(smb_buffer_response); now done in SendReceive */
2112 } else if ((smb_buffer_response->WordCount == 3)
2113 || (smb_buffer_response->WordCount == 4)) {
2114 __u16 action = le16_to_cpu(pSMBr->resp.Action);
2115 __u16 blob_len = le16_to_cpu(pSMBr->resp.SecurityBlobLength);
2116 if (action & GUEST_LOGIN)
2117 cFYI(1, (" Guest login")); /* do we want to mark SesInfo struct ? */
2118 ses->Suid = smb_buffer_response->Uid; /* UID left in wire format (le) */
2119 cFYI(1, ("UID = %d ", ses->Suid));
2120 /* response can have either 3 or 4 word count - Samba sends 3 */
2121 bcc_ptr = pByteArea(smb_buffer_response);
2122 if ((pSMBr->resp.hdr.WordCount == 3)
2123 || ((pSMBr->resp.hdr.WordCount == 4)
2124 && (blob_len < pSMBr->resp.ByteCount))) {
2125 if (pSMBr->resp.hdr.WordCount == 4)
2126 bcc_ptr += blob_len;
2127
2128 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
2129 if ((long) (bcc_ptr) % 2) {
2130 remaining_words =
2131 (BCC(smb_buffer_response) - 1) /2;
2132 bcc_ptr++; /* Unicode strings must be word aligned */
2133 } else {
2134 remaining_words =
2135 BCC(smb_buffer_response) / 2;
2136 }
2137 len =
2138 UniStrnlen((wchar_t *) bcc_ptr,
2139 remaining_words - 1);
2140/* We look for obvious messed up bcc or strings in response so we do not go off
2141 the end since (at least) WIN2K and Windows XP have a major bug in not null
2142 terminating last Unicode string in response */
Pekka Enberge915fc42005-09-06 15:18:35 -07002143 ses->serverOS = kzalloc(2 * (len + 1), GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -07002144 if(ses->serverOS == NULL)
2145 goto sesssetup_nomem;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002146 cifs_strfromUCS_le(ses->serverOS,
Steve Frenche89dc922005-11-11 15:18:19 -08002147 (__le16 *)bcc_ptr, len,nls_codepage);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002148 bcc_ptr += 2 * (len + 1);
2149 remaining_words -= len + 1;
2150 ses->serverOS[2 * len] = 0;
2151 ses->serverOS[1 + (2 * len)] = 0;
2152 if (remaining_words > 0) {
2153 len = UniStrnlen((wchar_t *)bcc_ptr,
2154 remaining_words-1);
Pekka Enberge915fc42005-09-06 15:18:35 -07002155 ses->serverNOS = kzalloc(2 * (len + 1),GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -07002156 if(ses->serverNOS == NULL)
2157 goto sesssetup_nomem;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002158 cifs_strfromUCS_le(ses->serverNOS,
Steve Frenche89dc922005-11-11 15:18:19 -08002159 (__le16 *)bcc_ptr,len,nls_codepage);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002160 bcc_ptr += 2 * (len + 1);
2161 ses->serverNOS[2 * len] = 0;
2162 ses->serverNOS[1 + (2 * len)] = 0;
2163 if(strncmp(ses->serverNOS,
2164 "NT LAN Manager 4",16) == 0) {
2165 cFYI(1,("NT4 server"));
2166 ses->flags |= CIFS_SES_NT4;
2167 }
2168 remaining_words -= len + 1;
2169 if (remaining_words > 0) {
Steve French433dc242005-04-28 22:41:08 -07002170 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002171 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */
2172 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002173 kzalloc(2*(len+1),GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -07002174 if(ses->serverDomain == NULL)
2175 goto sesssetup_nomem;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002176 cifs_strfromUCS_le(ses->serverDomain,
Steve Frenche89dc922005-11-11 15:18:19 -08002177 (__le16 *)bcc_ptr,len,nls_codepage);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002178 bcc_ptr += 2 * (len + 1);
2179 ses->serverDomain[2*len] = 0;
2180 ses->serverDomain[1+(2*len)] = 0;
2181 } /* else no more room so create dummy domain string */
2182 else
Steve French433dc242005-04-28 22:41:08 -07002183 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002184 kzalloc(2, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002185 } else { /* no room so create dummy domain and NOS string */
Steve French433dc242005-04-28 22:41:08 -07002186 /* if these kcallocs fail not much we
2187 can do, but better to not fail the
2188 sesssetup itself */
Linus Torvalds1da177e2005-04-16 15:20:36 -07002189 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002190 kzalloc(2, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002191 ses->serverNOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002192 kzalloc(2, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002193 }
2194 } else { /* ASCII */
2195 len = strnlen(bcc_ptr, 1024);
2196 if (((long) bcc_ptr + len) - (long)
2197 pByteArea(smb_buffer_response)
2198 <= BCC(smb_buffer_response)) {
Pekka Enberge915fc42005-09-06 15:18:35 -07002199 ses->serverOS = kzalloc(len + 1,GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -07002200 if(ses->serverOS == NULL)
2201 goto sesssetup_nomem;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002202 strncpy(ses->serverOS,bcc_ptr, len);
2203
2204 bcc_ptr += len;
2205 bcc_ptr[0] = 0; /* null terminate the string */
2206 bcc_ptr++;
2207
2208 len = strnlen(bcc_ptr, 1024);
Pekka Enberge915fc42005-09-06 15:18:35 -07002209 ses->serverNOS = kzalloc(len + 1,GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -07002210 if(ses->serverNOS == NULL)
2211 goto sesssetup_nomem;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002212 strncpy(ses->serverNOS, bcc_ptr, len);
2213 bcc_ptr += len;
2214 bcc_ptr[0] = 0;
2215 bcc_ptr++;
2216
2217 len = strnlen(bcc_ptr, 1024);
Pekka Enberge915fc42005-09-06 15:18:35 -07002218 ses->serverDomain = kzalloc(len + 1,GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -07002219 if(ses->serverDomain == NULL)
2220 goto sesssetup_nomem;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002221 strncpy(ses->serverDomain, bcc_ptr, len);
2222 bcc_ptr += len;
2223 bcc_ptr[0] = 0;
2224 bcc_ptr++;
2225 } else
2226 cFYI(1,
2227 ("Variable field of length %d extends beyond end of smb ",
2228 len));
2229 }
2230 } else {
2231 cERROR(1,
2232 (" Security Blob Length extends beyond end of SMB"));
2233 }
2234 } else {
2235 cERROR(1,
2236 (" Invalid Word count %d: ",
2237 smb_buffer_response->WordCount));
2238 rc = -EIO;
2239 }
Steve French433dc242005-04-28 22:41:08 -07002240sesssetup_nomem: /* do not return an error on nomem for the info strings,
2241 since that could make reconnection harder, and
2242 reconnection might be needed to free memory */
Linus Torvalds1da177e2005-04-16 15:20:36 -07002243 if (smb_buffer)
2244 cifs_buf_release(smb_buffer);
2245
2246 return rc;
2247}
2248
2249static int
2250CIFSSpnegoSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2251 char *SecurityBlob,int SecurityBlobLength,
2252 const struct nls_table *nls_codepage)
2253{
2254 struct smb_hdr *smb_buffer;
2255 struct smb_hdr *smb_buffer_response;
2256 SESSION_SETUP_ANDX *pSMB;
2257 SESSION_SETUP_ANDX *pSMBr;
2258 char *bcc_ptr;
2259 char *user;
2260 char *domain;
2261 int rc = 0;
2262 int remaining_words = 0;
2263 int bytes_returned = 0;
2264 int len;
2265 __u32 capabilities;
2266 __u16 count;
2267
2268 cFYI(1, ("In spnego sesssetup "));
2269 if(ses == NULL)
2270 return -EINVAL;
2271 user = ses->userName;
2272 domain = ses->domainName;
2273
2274 smb_buffer = cifs_buf_get();
2275 if (smb_buffer == NULL) {
2276 return -ENOMEM;
2277 }
2278 smb_buffer_response = smb_buffer;
2279 pSMBr = pSMB = (SESSION_SETUP_ANDX *) smb_buffer;
2280
2281 /* send SMBsessionSetup here */
2282 header_assemble(smb_buffer, SMB_COM_SESSION_SETUP_ANDX,
2283 NULL /* no tCon exists yet */ , 12 /* wct */ );
Steve French1982c342005-08-17 12:38:22 -07002284
2285 smb_buffer->Mid = GetNextMid(ses->server);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002286 pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
2287 pSMB->req.AndXCommand = 0xFF;
Steve French184ed212006-02-24 06:15:11 +00002288 if(ses->server->maxBuf > 64*1024)
2289 ses->server->maxBuf = (64*1023);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002290 pSMB->req.MaxBufferSize = cpu_to_le16(ses->server->maxBuf);
2291 pSMB->req.MaxMpxCount = cpu_to_le16(ses->server->maxReq);
2292
2293 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
2294 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
2295
2296 capabilities = CAP_LARGE_FILES | CAP_NT_SMBS | CAP_LEVEL_II_OPLOCKS |
2297 CAP_EXTENDED_SECURITY;
2298 if (ses->capabilities & CAP_UNICODE) {
2299 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
2300 capabilities |= CAP_UNICODE;
2301 }
2302 if (ses->capabilities & CAP_STATUS32) {
2303 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
2304 capabilities |= CAP_STATUS32;
2305 }
2306 if (ses->capabilities & CAP_DFS) {
2307 smb_buffer->Flags2 |= SMBFLG2_DFS;
2308 capabilities |= CAP_DFS;
2309 }
2310 pSMB->req.Capabilities = cpu_to_le32(capabilities);
2311
2312 pSMB->req.SecurityBlobLength = cpu_to_le16(SecurityBlobLength);
2313 bcc_ptr = pByteArea(smb_buffer);
2314 memcpy(bcc_ptr, SecurityBlob, SecurityBlobLength);
2315 bcc_ptr += SecurityBlobLength;
2316
2317 if (ses->capabilities & CAP_UNICODE) {
2318 if ((long) bcc_ptr % 2) { /* must be word aligned for Unicode strings */
2319 *bcc_ptr = 0;
2320 bcc_ptr++;
2321 }
2322 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002323 cifs_strtoUCS((__le16 *) bcc_ptr, user, 100, nls_codepage);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002324 bcc_ptr += 2 * bytes_returned; /* convert num of 16 bit words to bytes */
2325 bcc_ptr += 2; /* trailing null */
2326 if (domain == NULL)
2327 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002328 cifs_strtoUCS((__le16 *) bcc_ptr,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002329 "CIFS_LINUX_DOM", 32, nls_codepage);
2330 else
2331 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002332 cifs_strtoUCS((__le16 *) bcc_ptr, domain, 64,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002333 nls_codepage);
2334 bcc_ptr += 2 * bytes_returned;
2335 bcc_ptr += 2;
2336 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002337 cifs_strtoUCS((__le16 *) bcc_ptr, "Linux version ",
Linus Torvalds1da177e2005-04-16 15:20:36 -07002338 32, nls_codepage);
2339 bcc_ptr += 2 * bytes_returned;
2340 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002341 cifs_strtoUCS((__le16 *) bcc_ptr, system_utsname.release, 32,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002342 nls_codepage);
2343 bcc_ptr += 2 * bytes_returned;
2344 bcc_ptr += 2;
2345 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002346 cifs_strtoUCS((__le16 *) bcc_ptr, CIFS_NETWORK_OPSYS,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002347 64, nls_codepage);
2348 bcc_ptr += 2 * bytes_returned;
2349 bcc_ptr += 2;
2350 } else {
2351 strncpy(bcc_ptr, user, 200);
2352 bcc_ptr += strnlen(user, 200);
2353 *bcc_ptr = 0;
2354 bcc_ptr++;
2355 if (domain == NULL) {
2356 strcpy(bcc_ptr, "CIFS_LINUX_DOM");
2357 bcc_ptr += strlen("CIFS_LINUX_DOM") + 1;
2358 } else {
2359 strncpy(bcc_ptr, domain, 64);
2360 bcc_ptr += strnlen(domain, 64);
2361 *bcc_ptr = 0;
2362 bcc_ptr++;
2363 }
2364 strcpy(bcc_ptr, "Linux version ");
2365 bcc_ptr += strlen("Linux version ");
2366 strcpy(bcc_ptr, system_utsname.release);
2367 bcc_ptr += strlen(system_utsname.release) + 1;
2368 strcpy(bcc_ptr, CIFS_NETWORK_OPSYS);
2369 bcc_ptr += strlen(CIFS_NETWORK_OPSYS) + 1;
2370 }
2371 count = (long) bcc_ptr - (long) pByteArea(smb_buffer);
2372 smb_buffer->smb_buf_length += count;
2373 pSMB->req.ByteCount = cpu_to_le16(count);
2374
2375 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response,
2376 &bytes_returned, 1);
2377 if (rc) {
2378/* rc = map_smb_to_linux_error(smb_buffer_response); *//* done in SendReceive now */
2379 } else if ((smb_buffer_response->WordCount == 3)
2380 || (smb_buffer_response->WordCount == 4)) {
2381 __u16 action = le16_to_cpu(pSMBr->resp.Action);
2382 __u16 blob_len =
2383 le16_to_cpu(pSMBr->resp.SecurityBlobLength);
2384 if (action & GUEST_LOGIN)
2385 cFYI(1, (" Guest login")); /* BB do we want to set anything in SesInfo struct ? */
2386 if (ses) {
2387 ses->Suid = smb_buffer_response->Uid; /* UID left in wire format (le) */
2388 cFYI(1, ("UID = %d ", ses->Suid));
2389 bcc_ptr = pByteArea(smb_buffer_response); /* response can have either 3 or 4 word count - Samba sends 3 */
2390
2391 /* BB Fix below to make endian neutral !! */
2392
2393 if ((pSMBr->resp.hdr.WordCount == 3)
2394 || ((pSMBr->resp.hdr.WordCount == 4)
2395 && (blob_len <
2396 pSMBr->resp.ByteCount))) {
2397 if (pSMBr->resp.hdr.WordCount == 4) {
2398 bcc_ptr +=
2399 blob_len;
2400 cFYI(1,
2401 ("Security Blob Length %d ",
2402 blob_len));
2403 }
2404
2405 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
2406 if ((long) (bcc_ptr) % 2) {
2407 remaining_words =
2408 (BCC(smb_buffer_response)
2409 - 1) / 2;
2410 bcc_ptr++; /* Unicode strings must be word aligned */
2411 } else {
2412 remaining_words =
2413 BCC
2414 (smb_buffer_response) / 2;
2415 }
2416 len =
2417 UniStrnlen((wchar_t *) bcc_ptr,
2418 remaining_words - 1);
2419/* We look for obvious messed up bcc or strings in response so we do not go off
2420 the end since (at least) WIN2K and Windows XP have a major bug in not null
2421 terminating last Unicode string in response */
2422 ses->serverOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002423 kzalloc(2 * (len + 1), GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002424 cifs_strfromUCS_le(ses->serverOS,
Steve Frenche89dc922005-11-11 15:18:19 -08002425 (__le16 *)
Linus Torvalds1da177e2005-04-16 15:20:36 -07002426 bcc_ptr, len,
2427 nls_codepage);
2428 bcc_ptr += 2 * (len + 1);
2429 remaining_words -= len + 1;
2430 ses->serverOS[2 * len] = 0;
2431 ses->serverOS[1 + (2 * len)] = 0;
2432 if (remaining_words > 0) {
2433 len = UniStrnlen((wchar_t *)bcc_ptr,
2434 remaining_words
2435 - 1);
2436 ses->serverNOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002437 kzalloc(2 * (len + 1),
Linus Torvalds1da177e2005-04-16 15:20:36 -07002438 GFP_KERNEL);
2439 cifs_strfromUCS_le(ses->serverNOS,
Steve Frenche89dc922005-11-11 15:18:19 -08002440 (__le16 *)bcc_ptr,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002441 len,
2442 nls_codepage);
2443 bcc_ptr += 2 * (len + 1);
2444 ses->serverNOS[2 * len] = 0;
2445 ses->serverNOS[1 + (2 * len)] = 0;
2446 remaining_words -= len + 1;
2447 if (remaining_words > 0) {
2448 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
2449 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */
Pekka Enberge915fc42005-09-06 15:18:35 -07002450 ses->serverDomain = kzalloc(2*(len+1),GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002451 cifs_strfromUCS_le(ses->serverDomain,
Steve Frenche89dc922005-11-11 15:18:19 -08002452 (__le16 *)bcc_ptr,
2453 len, nls_codepage);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002454 bcc_ptr += 2*(len+1);
2455 ses->serverDomain[2*len] = 0;
2456 ses->serverDomain[1+(2*len)] = 0;
2457 } /* else no more room so create dummy domain string */
2458 else
2459 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002460 kzalloc(2,GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002461 } else { /* no room so create dummy domain and NOS string */
Pekka Enberge915fc42005-09-06 15:18:35 -07002462 ses->serverDomain = kzalloc(2, GFP_KERNEL);
2463 ses->serverNOS = kzalloc(2, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002464 }
2465 } else { /* ASCII */
2466
2467 len = strnlen(bcc_ptr, 1024);
2468 if (((long) bcc_ptr + len) - (long)
2469 pByteArea(smb_buffer_response)
2470 <= BCC(smb_buffer_response)) {
Pekka Enberge915fc42005-09-06 15:18:35 -07002471 ses->serverOS = kzalloc(len + 1, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002472 strncpy(ses->serverOS, bcc_ptr, len);
2473
2474 bcc_ptr += len;
2475 bcc_ptr[0] = 0; /* null terminate the string */
2476 bcc_ptr++;
2477
2478 len = strnlen(bcc_ptr, 1024);
Pekka Enberge915fc42005-09-06 15:18:35 -07002479 ses->serverNOS = kzalloc(len + 1,GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002480 strncpy(ses->serverNOS, bcc_ptr, len);
2481 bcc_ptr += len;
2482 bcc_ptr[0] = 0;
2483 bcc_ptr++;
2484
2485 len = strnlen(bcc_ptr, 1024);
Pekka Enberge915fc42005-09-06 15:18:35 -07002486 ses->serverDomain = kzalloc(len + 1, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002487 strncpy(ses->serverDomain, bcc_ptr, len);
2488 bcc_ptr += len;
2489 bcc_ptr[0] = 0;
2490 bcc_ptr++;
2491 } else
2492 cFYI(1,
2493 ("Variable field of length %d extends beyond end of smb ",
2494 len));
2495 }
2496 } else {
2497 cERROR(1,
2498 (" Security Blob Length extends beyond end of SMB"));
2499 }
2500 } else {
2501 cERROR(1, ("No session structure passed in."));
2502 }
2503 } else {
2504 cERROR(1,
2505 (" Invalid Word count %d: ",
2506 smb_buffer_response->WordCount));
2507 rc = -EIO;
2508 }
2509
2510 if (smb_buffer)
2511 cifs_buf_release(smb_buffer);
2512
2513 return rc;
2514}
2515
2516static int
2517CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
2518 struct cifsSesInfo *ses, int * pNTLMv2_flag,
2519 const struct nls_table *nls_codepage)
2520{
2521 struct smb_hdr *smb_buffer;
2522 struct smb_hdr *smb_buffer_response;
2523 SESSION_SETUP_ANDX *pSMB;
2524 SESSION_SETUP_ANDX *pSMBr;
2525 char *bcc_ptr;
2526 char *domain;
2527 int rc = 0;
2528 int remaining_words = 0;
2529 int bytes_returned = 0;
2530 int len;
2531 int SecurityBlobLength = sizeof (NEGOTIATE_MESSAGE);
2532 PNEGOTIATE_MESSAGE SecurityBlob;
2533 PCHALLENGE_MESSAGE SecurityBlob2;
2534 __u32 negotiate_flags, capabilities;
2535 __u16 count;
2536
Steve French12b3b8f2006-02-09 21:12:47 +00002537 cFYI(1, ("In NTLMSSP sesssetup (negotiate)"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07002538 if(ses == NULL)
2539 return -EINVAL;
2540 domain = ses->domainName;
2541 *pNTLMv2_flag = FALSE;
2542 smb_buffer = cifs_buf_get();
2543 if (smb_buffer == NULL) {
2544 return -ENOMEM;
2545 }
2546 smb_buffer_response = smb_buffer;
2547 pSMB = (SESSION_SETUP_ANDX *) smb_buffer;
2548 pSMBr = (SESSION_SETUP_ANDX *) smb_buffer_response;
2549
2550 /* send SMBsessionSetup here */
2551 header_assemble(smb_buffer, SMB_COM_SESSION_SETUP_ANDX,
2552 NULL /* no tCon exists yet */ , 12 /* wct */ );
Steve French1982c342005-08-17 12:38:22 -07002553
2554 smb_buffer->Mid = GetNextMid(ses->server);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002555 pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
2556 pSMB->req.hdr.Flags |= (SMBFLG_CASELESS | SMBFLG_CANONICAL_PATH_FORMAT);
2557
2558 pSMB->req.AndXCommand = 0xFF;
2559 pSMB->req.MaxBufferSize = cpu_to_le16(ses->server->maxBuf);
2560 pSMB->req.MaxMpxCount = cpu_to_le16(ses->server->maxReq);
2561
2562 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
2563 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
2564
2565 capabilities = CAP_LARGE_FILES | CAP_NT_SMBS | CAP_LEVEL_II_OPLOCKS |
2566 CAP_EXTENDED_SECURITY;
2567 if (ses->capabilities & CAP_UNICODE) {
2568 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
2569 capabilities |= CAP_UNICODE;
2570 }
2571 if (ses->capabilities & CAP_STATUS32) {
2572 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
2573 capabilities |= CAP_STATUS32;
2574 }
2575 if (ses->capabilities & CAP_DFS) {
2576 smb_buffer->Flags2 |= SMBFLG2_DFS;
2577 capabilities |= CAP_DFS;
2578 }
2579 pSMB->req.Capabilities = cpu_to_le32(capabilities);
2580
2581 bcc_ptr = (char *) &pSMB->req.SecurityBlob;
2582 SecurityBlob = (PNEGOTIATE_MESSAGE) bcc_ptr;
2583 strncpy(SecurityBlob->Signature, NTLMSSP_SIGNATURE, 8);
2584 SecurityBlob->MessageType = NtLmNegotiate;
2585 negotiate_flags =
2586 NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_OEM |
Steve French12b3b8f2006-02-09 21:12:47 +00002587 NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_NTLM |
2588 NTLMSSP_NEGOTIATE_56 |
Linus Torvalds1da177e2005-04-16 15:20:36 -07002589 /* NTLMSSP_NEGOTIATE_ALWAYS_SIGN | */ NTLMSSP_NEGOTIATE_128;
2590 if(sign_CIFS_PDUs)
2591 negotiate_flags |= NTLMSSP_NEGOTIATE_SIGN;
2592 if(ntlmv2_support)
2593 negotiate_flags |= NTLMSSP_NEGOTIATE_NTLMV2;
2594 /* setup pointers to domain name and workstation name */
2595 bcc_ptr += SecurityBlobLength;
2596
2597 SecurityBlob->WorkstationName.Buffer = 0;
2598 SecurityBlob->WorkstationName.Length = 0;
2599 SecurityBlob->WorkstationName.MaximumLength = 0;
2600
Steve French12b3b8f2006-02-09 21:12:47 +00002601 /* Domain not sent on first Sesssetup in NTLMSSP, instead it is sent
2602 along with username on auth request (ie the response to challenge) */
2603 SecurityBlob->DomainName.Buffer = 0;
2604 SecurityBlob->DomainName.Length = 0;
2605 SecurityBlob->DomainName.MaximumLength = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002606 if (ses->capabilities & CAP_UNICODE) {
2607 if ((long) bcc_ptr % 2) {
2608 *bcc_ptr = 0;
2609 bcc_ptr++;
2610 }
2611
2612 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002613 cifs_strtoUCS((__le16 *) bcc_ptr, "Linux version ",
Linus Torvalds1da177e2005-04-16 15:20:36 -07002614 32, nls_codepage);
2615 bcc_ptr += 2 * bytes_returned;
2616 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002617 cifs_strtoUCS((__le16 *) bcc_ptr, system_utsname.release, 32,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002618 nls_codepage);
2619 bcc_ptr += 2 * bytes_returned;
2620 bcc_ptr += 2; /* null terminate Linux version */
2621 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002622 cifs_strtoUCS((__le16 *) bcc_ptr, CIFS_NETWORK_OPSYS,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002623 64, nls_codepage);
2624 bcc_ptr += 2 * bytes_returned;
2625 *(bcc_ptr + 1) = 0;
2626 *(bcc_ptr + 2) = 0;
2627 bcc_ptr += 2; /* null terminate network opsys string */
2628 *(bcc_ptr + 1) = 0;
2629 *(bcc_ptr + 2) = 0;
2630 bcc_ptr += 2; /* null domain */
2631 } else { /* ASCII */
2632 strcpy(bcc_ptr, "Linux version ");
2633 bcc_ptr += strlen("Linux version ");
2634 strcpy(bcc_ptr, system_utsname.release);
2635 bcc_ptr += strlen(system_utsname.release) + 1;
2636 strcpy(bcc_ptr, CIFS_NETWORK_OPSYS);
2637 bcc_ptr += strlen(CIFS_NETWORK_OPSYS) + 1;
2638 bcc_ptr++; /* empty domain field */
2639 *bcc_ptr = 0;
2640 }
2641 SecurityBlob->NegotiateFlags = cpu_to_le32(negotiate_flags);
2642 pSMB->req.SecurityBlobLength = cpu_to_le16(SecurityBlobLength);
2643 count = (long) bcc_ptr - (long) pByteArea(smb_buffer);
2644 smb_buffer->smb_buf_length += count;
2645 pSMB->req.ByteCount = cpu_to_le16(count);
2646
2647 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response,
2648 &bytes_returned, 1);
2649
2650 if (smb_buffer_response->Status.CifsError ==
2651 cpu_to_le32(NT_STATUS_MORE_PROCESSING_REQUIRED))
2652 rc = 0;
2653
2654 if (rc) {
2655/* rc = map_smb_to_linux_error(smb_buffer_response); *//* done in SendReceive now */
2656 } else if ((smb_buffer_response->WordCount == 3)
2657 || (smb_buffer_response->WordCount == 4)) {
2658 __u16 action = le16_to_cpu(pSMBr->resp.Action);
2659 __u16 blob_len = le16_to_cpu(pSMBr->resp.SecurityBlobLength);
2660
2661 if (action & GUEST_LOGIN)
2662 cFYI(1, (" Guest login"));
2663 /* Do we want to set anything in SesInfo struct when guest login? */
2664
2665 bcc_ptr = pByteArea(smb_buffer_response);
2666 /* response can have either 3 or 4 word count - Samba sends 3 */
2667
2668 SecurityBlob2 = (PCHALLENGE_MESSAGE) bcc_ptr;
2669 if (SecurityBlob2->MessageType != NtLmChallenge) {
2670 cFYI(1,
2671 ("Unexpected NTLMSSP message type received %d",
2672 SecurityBlob2->MessageType));
2673 } else if (ses) {
2674 ses->Suid = smb_buffer_response->Uid; /* UID left in le format */
Steve French12b3b8f2006-02-09 21:12:47 +00002675 cFYI(1, ("UID = %d", ses->Suid));
Linus Torvalds1da177e2005-04-16 15:20:36 -07002676 if ((pSMBr->resp.hdr.WordCount == 3)
2677 || ((pSMBr->resp.hdr.WordCount == 4)
2678 && (blob_len <
2679 pSMBr->resp.ByteCount))) {
2680
2681 if (pSMBr->resp.hdr.WordCount == 4) {
2682 bcc_ptr += blob_len;
Steve French12b3b8f2006-02-09 21:12:47 +00002683 cFYI(1, ("Security Blob Length %d",
Linus Torvalds1da177e2005-04-16 15:20:36 -07002684 blob_len));
2685 }
2686
Steve French12b3b8f2006-02-09 21:12:47 +00002687 cFYI(1, ("NTLMSSP Challenge rcvd"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07002688
2689 memcpy(ses->server->cryptKey,
2690 SecurityBlob2->Challenge,
2691 CIFS_CRYPTO_KEY_SIZE);
Steve French12b3b8f2006-02-09 21:12:47 +00002692 if(SecurityBlob2->NegotiateFlags &
2693 cpu_to_le32(NTLMSSP_NEGOTIATE_NTLMV2))
Linus Torvalds1da177e2005-04-16 15:20:36 -07002694 *pNTLMv2_flag = TRUE;
2695
2696 if((SecurityBlob2->NegotiateFlags &
2697 cpu_to_le32(NTLMSSP_NEGOTIATE_ALWAYS_SIGN))
2698 || (sign_CIFS_PDUs > 1))
2699 ses->server->secMode |=
2700 SECMODE_SIGN_REQUIRED;
2701 if ((SecurityBlob2->NegotiateFlags &
2702 cpu_to_le32(NTLMSSP_NEGOTIATE_SIGN)) && (sign_CIFS_PDUs))
2703 ses->server->secMode |=
2704 SECMODE_SIGN_ENABLED;
2705
2706 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
2707 if ((long) (bcc_ptr) % 2) {
2708 remaining_words =
2709 (BCC(smb_buffer_response)
2710 - 1) / 2;
2711 bcc_ptr++; /* Unicode strings must be word aligned */
2712 } else {
2713 remaining_words =
2714 BCC
2715 (smb_buffer_response) / 2;
2716 }
2717 len =
2718 UniStrnlen((wchar_t *) bcc_ptr,
2719 remaining_words - 1);
2720/* We look for obvious messed up bcc or strings in response so we do not go off
2721 the end since (at least) WIN2K and Windows XP have a major bug in not null
2722 terminating last Unicode string in response */
2723 ses->serverOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002724 kzalloc(2 * (len + 1), GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002725 cifs_strfromUCS_le(ses->serverOS,
Steve Frenche89dc922005-11-11 15:18:19 -08002726 (__le16 *)
Linus Torvalds1da177e2005-04-16 15:20:36 -07002727 bcc_ptr, len,
2728 nls_codepage);
2729 bcc_ptr += 2 * (len + 1);
2730 remaining_words -= len + 1;
2731 ses->serverOS[2 * len] = 0;
2732 ses->serverOS[1 + (2 * len)] = 0;
2733 if (remaining_words > 0) {
2734 len = UniStrnlen((wchar_t *)
2735 bcc_ptr,
2736 remaining_words
2737 - 1);
2738 ses->serverNOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002739 kzalloc(2 * (len + 1),
Linus Torvalds1da177e2005-04-16 15:20:36 -07002740 GFP_KERNEL);
2741 cifs_strfromUCS_le(ses->
2742 serverNOS,
Steve Frenche89dc922005-11-11 15:18:19 -08002743 (__le16 *)
Linus Torvalds1da177e2005-04-16 15:20:36 -07002744 bcc_ptr,
2745 len,
2746 nls_codepage);
2747 bcc_ptr += 2 * (len + 1);
2748 ses->serverNOS[2 * len] = 0;
2749 ses->serverNOS[1 +
2750 (2 * len)] = 0;
2751 remaining_words -= len + 1;
2752 if (remaining_words > 0) {
2753 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
2754 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */
2755 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002756 kzalloc(2 *
Linus Torvalds1da177e2005-04-16 15:20:36 -07002757 (len +
2758 1),
2759 GFP_KERNEL);
2760 cifs_strfromUCS_le
Steve Frenche89dc922005-11-11 15:18:19 -08002761 (ses->serverDomain,
2762 (__le16 *)bcc_ptr,
2763 len, nls_codepage);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002764 bcc_ptr +=
2765 2 * (len + 1);
Steve Frenche89dc922005-11-11 15:18:19 -08002766 ses->serverDomain[2*len]
Linus Torvalds1da177e2005-04-16 15:20:36 -07002767 = 0;
Steve Frenche89dc922005-11-11 15:18:19 -08002768 ses->serverDomain
2769 [1 + (2 * len)]
Linus Torvalds1da177e2005-04-16 15:20:36 -07002770 = 0;
2771 } /* else no more room so create dummy domain string */
2772 else
2773 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002774 kzalloc(2,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002775 GFP_KERNEL);
2776 } else { /* no room so create dummy domain and NOS string */
2777 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002778 kzalloc(2, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002779 ses->serverNOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002780 kzalloc(2, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002781 }
2782 } else { /* ASCII */
2783 len = strnlen(bcc_ptr, 1024);
2784 if (((long) bcc_ptr + len) - (long)
2785 pByteArea(smb_buffer_response)
2786 <= BCC(smb_buffer_response)) {
2787 ses->serverOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002788 kzalloc(len + 1,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002789 GFP_KERNEL);
2790 strncpy(ses->serverOS,
2791 bcc_ptr, len);
2792
2793 bcc_ptr += len;
2794 bcc_ptr[0] = 0; /* null terminate string */
2795 bcc_ptr++;
2796
2797 len = strnlen(bcc_ptr, 1024);
2798 ses->serverNOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002799 kzalloc(len + 1,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002800 GFP_KERNEL);
2801 strncpy(ses->serverNOS, bcc_ptr, len);
2802 bcc_ptr += len;
2803 bcc_ptr[0] = 0;
2804 bcc_ptr++;
2805
2806 len = strnlen(bcc_ptr, 1024);
2807 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002808 kzalloc(len + 1,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002809 GFP_KERNEL);
2810 strncpy(ses->serverDomain, bcc_ptr, len);
2811 bcc_ptr += len;
2812 bcc_ptr[0] = 0;
2813 bcc_ptr++;
2814 } else
2815 cFYI(1,
Steve French12b3b8f2006-02-09 21:12:47 +00002816 ("Variable field of length %d extends beyond end of smb",
Linus Torvalds1da177e2005-04-16 15:20:36 -07002817 len));
2818 }
2819 } else {
2820 cERROR(1,
2821 (" Security Blob Length extends beyond end of SMB"));
2822 }
2823 } else {
2824 cERROR(1, ("No session structure passed in."));
2825 }
2826 } else {
2827 cERROR(1,
Steve French5815449d2006-02-14 01:36:20 +00002828 (" Invalid Word count %d:",
Linus Torvalds1da177e2005-04-16 15:20:36 -07002829 smb_buffer_response->WordCount));
2830 rc = -EIO;
2831 }
2832
2833 if (smb_buffer)
2834 cifs_buf_release(smb_buffer);
2835
2836 return rc;
2837}
2838static int
2839CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2840 char *ntlm_session_key, int ntlmv2_flag,
2841 const struct nls_table *nls_codepage)
2842{
2843 struct smb_hdr *smb_buffer;
2844 struct smb_hdr *smb_buffer_response;
2845 SESSION_SETUP_ANDX *pSMB;
2846 SESSION_SETUP_ANDX *pSMBr;
2847 char *bcc_ptr;
2848 char *user;
2849 char *domain;
2850 int rc = 0;
2851 int remaining_words = 0;
2852 int bytes_returned = 0;
2853 int len;
2854 int SecurityBlobLength = sizeof (AUTHENTICATE_MESSAGE);
2855 PAUTHENTICATE_MESSAGE SecurityBlob;
2856 __u32 negotiate_flags, capabilities;
2857 __u16 count;
2858
2859 cFYI(1, ("In NTLMSSPSessSetup (Authenticate)"));
2860 if(ses == NULL)
2861 return -EINVAL;
2862 user = ses->userName;
2863 domain = ses->domainName;
2864 smb_buffer = cifs_buf_get();
2865 if (smb_buffer == NULL) {
2866 return -ENOMEM;
2867 }
2868 smb_buffer_response = smb_buffer;
2869 pSMB = (SESSION_SETUP_ANDX *) smb_buffer;
2870 pSMBr = (SESSION_SETUP_ANDX *) smb_buffer_response;
2871
2872 /* send SMBsessionSetup here */
2873 header_assemble(smb_buffer, SMB_COM_SESSION_SETUP_ANDX,
2874 NULL /* no tCon exists yet */ , 12 /* wct */ );
Steve French1982c342005-08-17 12:38:22 -07002875
2876 smb_buffer->Mid = GetNextMid(ses->server);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002877 pSMB->req.hdr.Flags |= (SMBFLG_CASELESS | SMBFLG_CANONICAL_PATH_FORMAT);
2878 pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
2879 pSMB->req.AndXCommand = 0xFF;
2880 pSMB->req.MaxBufferSize = cpu_to_le16(ses->server->maxBuf);
2881 pSMB->req.MaxMpxCount = cpu_to_le16(ses->server->maxReq);
2882
2883 pSMB->req.hdr.Uid = ses->Suid;
2884
2885 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
2886 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
2887
2888 capabilities = CAP_LARGE_FILES | CAP_NT_SMBS | CAP_LEVEL_II_OPLOCKS |
2889 CAP_EXTENDED_SECURITY;
2890 if (ses->capabilities & CAP_UNICODE) {
2891 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
2892 capabilities |= CAP_UNICODE;
2893 }
2894 if (ses->capabilities & CAP_STATUS32) {
2895 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
2896 capabilities |= CAP_STATUS32;
2897 }
2898 if (ses->capabilities & CAP_DFS) {
2899 smb_buffer->Flags2 |= SMBFLG2_DFS;
2900 capabilities |= CAP_DFS;
2901 }
2902 pSMB->req.Capabilities = cpu_to_le32(capabilities);
2903
2904 bcc_ptr = (char *) &pSMB->req.SecurityBlob;
2905 SecurityBlob = (PAUTHENTICATE_MESSAGE) bcc_ptr;
2906 strncpy(SecurityBlob->Signature, NTLMSSP_SIGNATURE, 8);
2907 SecurityBlob->MessageType = NtLmAuthenticate;
2908 bcc_ptr += SecurityBlobLength;
2909 negotiate_flags =
2910 NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_REQUEST_TARGET |
2911 NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_TARGET_INFO |
2912 0x80000000 | NTLMSSP_NEGOTIATE_128;
2913 if(sign_CIFS_PDUs)
2914 negotiate_flags |= /* NTLMSSP_NEGOTIATE_ALWAYS_SIGN |*/ NTLMSSP_NEGOTIATE_SIGN;
2915 if(ntlmv2_flag)
2916 negotiate_flags |= NTLMSSP_NEGOTIATE_NTLMV2;
2917
2918/* setup pointers to domain name and workstation name */
2919
2920 SecurityBlob->WorkstationName.Buffer = 0;
2921 SecurityBlob->WorkstationName.Length = 0;
2922 SecurityBlob->WorkstationName.MaximumLength = 0;
2923 SecurityBlob->SessionKey.Length = 0;
2924 SecurityBlob->SessionKey.MaximumLength = 0;
2925 SecurityBlob->SessionKey.Buffer = 0;
2926
2927 SecurityBlob->LmChallengeResponse.Length = 0;
2928 SecurityBlob->LmChallengeResponse.MaximumLength = 0;
2929 SecurityBlob->LmChallengeResponse.Buffer = 0;
2930
2931 SecurityBlob->NtChallengeResponse.Length =
2932 cpu_to_le16(CIFS_SESSION_KEY_SIZE);
2933 SecurityBlob->NtChallengeResponse.MaximumLength =
2934 cpu_to_le16(CIFS_SESSION_KEY_SIZE);
2935 memcpy(bcc_ptr, ntlm_session_key, CIFS_SESSION_KEY_SIZE);
2936 SecurityBlob->NtChallengeResponse.Buffer =
2937 cpu_to_le32(SecurityBlobLength);
2938 SecurityBlobLength += CIFS_SESSION_KEY_SIZE;
2939 bcc_ptr += CIFS_SESSION_KEY_SIZE;
2940
2941 if (ses->capabilities & CAP_UNICODE) {
2942 if (domain == NULL) {
2943 SecurityBlob->DomainName.Buffer = 0;
2944 SecurityBlob->DomainName.Length = 0;
2945 SecurityBlob->DomainName.MaximumLength = 0;
2946 } else {
2947 __u16 len =
Steve Frenche89dc922005-11-11 15:18:19 -08002948 cifs_strtoUCS((__le16 *) bcc_ptr, domain, 64,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002949 nls_codepage);
2950 len *= 2;
2951 SecurityBlob->DomainName.MaximumLength =
2952 cpu_to_le16(len);
2953 SecurityBlob->DomainName.Buffer =
2954 cpu_to_le32(SecurityBlobLength);
2955 bcc_ptr += len;
2956 SecurityBlobLength += len;
2957 SecurityBlob->DomainName.Length =
2958 cpu_to_le16(len);
2959 }
2960 if (user == NULL) {
2961 SecurityBlob->UserName.Buffer = 0;
2962 SecurityBlob->UserName.Length = 0;
2963 SecurityBlob->UserName.MaximumLength = 0;
2964 } else {
2965 __u16 len =
Steve Frenche89dc922005-11-11 15:18:19 -08002966 cifs_strtoUCS((__le16 *) bcc_ptr, user, 64,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002967 nls_codepage);
2968 len *= 2;
2969 SecurityBlob->UserName.MaximumLength =
2970 cpu_to_le16(len);
2971 SecurityBlob->UserName.Buffer =
2972 cpu_to_le32(SecurityBlobLength);
2973 bcc_ptr += len;
2974 SecurityBlobLength += len;
2975 SecurityBlob->UserName.Length =
2976 cpu_to_le16(len);
2977 }
2978
Steve Frenche89dc922005-11-11 15:18:19 -08002979 /* SecurityBlob->WorkstationName.Length = cifs_strtoUCS((__le16 *) bcc_ptr, "AMACHINE",64, nls_codepage);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002980 SecurityBlob->WorkstationName.Length *= 2;
2981 SecurityBlob->WorkstationName.MaximumLength = cpu_to_le16(SecurityBlob->WorkstationName.Length);
2982 SecurityBlob->WorkstationName.Buffer = cpu_to_le32(SecurityBlobLength);
2983 bcc_ptr += SecurityBlob->WorkstationName.Length;
2984 SecurityBlobLength += SecurityBlob->WorkstationName.Length;
2985 SecurityBlob->WorkstationName.Length = cpu_to_le16(SecurityBlob->WorkstationName.Length); */
2986
2987 if ((long) bcc_ptr % 2) {
2988 *bcc_ptr = 0;
2989 bcc_ptr++;
2990 }
2991 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002992 cifs_strtoUCS((__le16 *) bcc_ptr, "Linux version ",
Linus Torvalds1da177e2005-04-16 15:20:36 -07002993 32, nls_codepage);
2994 bcc_ptr += 2 * bytes_returned;
2995 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002996 cifs_strtoUCS((__le16 *) bcc_ptr, system_utsname.release, 32,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002997 nls_codepage);
2998 bcc_ptr += 2 * bytes_returned;
2999 bcc_ptr += 2; /* null term version string */
3000 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08003001 cifs_strtoUCS((__le16 *) bcc_ptr, CIFS_NETWORK_OPSYS,
Linus Torvalds1da177e2005-04-16 15:20:36 -07003002 64, nls_codepage);
3003 bcc_ptr += 2 * bytes_returned;
3004 *(bcc_ptr + 1) = 0;
3005 *(bcc_ptr + 2) = 0;
3006 bcc_ptr += 2; /* null terminate network opsys string */
3007 *(bcc_ptr + 1) = 0;
3008 *(bcc_ptr + 2) = 0;
3009 bcc_ptr += 2; /* null domain */
3010 } else { /* ASCII */
3011 if (domain == NULL) {
3012 SecurityBlob->DomainName.Buffer = 0;
3013 SecurityBlob->DomainName.Length = 0;
3014 SecurityBlob->DomainName.MaximumLength = 0;
3015 } else {
3016 __u16 len;
3017 negotiate_flags |= NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED;
3018 strncpy(bcc_ptr, domain, 63);
3019 len = strnlen(domain, 64);
3020 SecurityBlob->DomainName.MaximumLength =
3021 cpu_to_le16(len);
3022 SecurityBlob->DomainName.Buffer =
3023 cpu_to_le32(SecurityBlobLength);
3024 bcc_ptr += len;
3025 SecurityBlobLength += len;
3026 SecurityBlob->DomainName.Length = cpu_to_le16(len);
3027 }
3028 if (user == NULL) {
3029 SecurityBlob->UserName.Buffer = 0;
3030 SecurityBlob->UserName.Length = 0;
3031 SecurityBlob->UserName.MaximumLength = 0;
3032 } else {
3033 __u16 len;
3034 strncpy(bcc_ptr, user, 63);
3035 len = strnlen(user, 64);
3036 SecurityBlob->UserName.MaximumLength =
3037 cpu_to_le16(len);
3038 SecurityBlob->UserName.Buffer =
3039 cpu_to_le32(SecurityBlobLength);
3040 bcc_ptr += len;
3041 SecurityBlobLength += len;
3042 SecurityBlob->UserName.Length = cpu_to_le16(len);
3043 }
3044 /* BB fill in our workstation name if known BB */
3045
3046 strcpy(bcc_ptr, "Linux version ");
3047 bcc_ptr += strlen("Linux version ");
3048 strcpy(bcc_ptr, system_utsname.release);
3049 bcc_ptr += strlen(system_utsname.release) + 1;
3050 strcpy(bcc_ptr, CIFS_NETWORK_OPSYS);
3051 bcc_ptr += strlen(CIFS_NETWORK_OPSYS) + 1;
3052 bcc_ptr++; /* null domain */
3053 *bcc_ptr = 0;
3054 }
3055 SecurityBlob->NegotiateFlags = cpu_to_le32(negotiate_flags);
3056 pSMB->req.SecurityBlobLength = cpu_to_le16(SecurityBlobLength);
3057 count = (long) bcc_ptr - (long) pByteArea(smb_buffer);
3058 smb_buffer->smb_buf_length += count;
3059 pSMB->req.ByteCount = cpu_to_le16(count);
3060
3061 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response,
3062 &bytes_returned, 1);
3063 if (rc) {
3064/* rc = map_smb_to_linux_error(smb_buffer_response); *//* done in SendReceive now */
3065 } else if ((smb_buffer_response->WordCount == 3)
3066 || (smb_buffer_response->WordCount == 4)) {
3067 __u16 action = le16_to_cpu(pSMBr->resp.Action);
3068 __u16 blob_len =
3069 le16_to_cpu(pSMBr->resp.SecurityBlobLength);
3070 if (action & GUEST_LOGIN)
3071 cFYI(1, (" Guest login")); /* BB do we want to set anything in SesInfo struct ? */
3072/* if(SecurityBlob2->MessageType != NtLm??){
3073 cFYI("Unexpected message type on auth response is %d "));
3074 } */
3075 if (ses) {
3076 cFYI(1,
3077 ("Does UID on challenge %d match auth response UID %d ",
3078 ses->Suid, smb_buffer_response->Uid));
3079 ses->Suid = smb_buffer_response->Uid; /* UID left in wire format */
3080 bcc_ptr = pByteArea(smb_buffer_response);
3081 /* response can have either 3 or 4 word count - Samba sends 3 */
3082 if ((pSMBr->resp.hdr.WordCount == 3)
3083 || ((pSMBr->resp.hdr.WordCount == 4)
3084 && (blob_len <
3085 pSMBr->resp.ByteCount))) {
3086 if (pSMBr->resp.hdr.WordCount == 4) {
3087 bcc_ptr +=
3088 blob_len;
3089 cFYI(1,
3090 ("Security Blob Length %d ",
3091 blob_len));
3092 }
3093
3094 cFYI(1,
3095 ("NTLMSSP response to Authenticate "));
3096
3097 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
3098 if ((long) (bcc_ptr) % 2) {
3099 remaining_words =
3100 (BCC(smb_buffer_response)
3101 - 1) / 2;
3102 bcc_ptr++; /* Unicode strings must be word aligned */
3103 } else {
3104 remaining_words = BCC(smb_buffer_response) / 2;
3105 }
3106 len =
3107 UniStrnlen((wchar_t *) bcc_ptr,remaining_words - 1);
3108/* We look for obvious messed up bcc or strings in response so we do not go off
3109 the end since (at least) WIN2K and Windows XP have a major bug in not null
3110 terminating last Unicode string in response */
3111 ses->serverOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07003112 kzalloc(2 * (len + 1), GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003113 cifs_strfromUCS_le(ses->serverOS,
Steve Frenche89dc922005-11-11 15:18:19 -08003114 (__le16 *)
Linus Torvalds1da177e2005-04-16 15:20:36 -07003115 bcc_ptr, len,
3116 nls_codepage);
3117 bcc_ptr += 2 * (len + 1);
3118 remaining_words -= len + 1;
3119 ses->serverOS[2 * len] = 0;
3120 ses->serverOS[1 + (2 * len)] = 0;
3121 if (remaining_words > 0) {
3122 len = UniStrnlen((wchar_t *)
3123 bcc_ptr,
3124 remaining_words
3125 - 1);
3126 ses->serverNOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07003127 kzalloc(2 * (len + 1),
Linus Torvalds1da177e2005-04-16 15:20:36 -07003128 GFP_KERNEL);
3129 cifs_strfromUCS_le(ses->
3130 serverNOS,
Steve Frenche89dc922005-11-11 15:18:19 -08003131 (__le16 *)
Linus Torvalds1da177e2005-04-16 15:20:36 -07003132 bcc_ptr,
3133 len,
3134 nls_codepage);
3135 bcc_ptr += 2 * (len + 1);
3136 ses->serverNOS[2 * len] = 0;
3137 ses->serverNOS[1+(2*len)] = 0;
3138 remaining_words -= len + 1;
3139 if (remaining_words > 0) {
3140 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
3141 /* last string not always null terminated (e.g. for Windows XP & 2000) */
3142 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07003143 kzalloc(2 *
Linus Torvalds1da177e2005-04-16 15:20:36 -07003144 (len +
3145 1),
3146 GFP_KERNEL);
3147 cifs_strfromUCS_le
3148 (ses->
3149 serverDomain,
Steve Frenche89dc922005-11-11 15:18:19 -08003150 (__le16 *)
Linus Torvalds1da177e2005-04-16 15:20:36 -07003151 bcc_ptr, len,
3152 nls_codepage);
3153 bcc_ptr +=
3154 2 * (len + 1);
3155 ses->
3156 serverDomain[2
3157 * len]
3158 = 0;
3159 ses->
3160 serverDomain[1
3161 +
3162 (2
3163 *
3164 len)]
3165 = 0;
3166 } /* else no more room so create dummy domain string */
3167 else
Pekka Enberge915fc42005-09-06 15:18:35 -07003168 ses->serverDomain = kzalloc(2,GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003169 } else { /* no room so create dummy domain and NOS string */
Pekka Enberge915fc42005-09-06 15:18:35 -07003170 ses->serverDomain = kzalloc(2, GFP_KERNEL);
3171 ses->serverNOS = kzalloc(2, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003172 }
3173 } else { /* ASCII */
3174 len = strnlen(bcc_ptr, 1024);
3175 if (((long) bcc_ptr + len) -
3176 (long) pByteArea(smb_buffer_response)
3177 <= BCC(smb_buffer_response)) {
Pekka Enberge915fc42005-09-06 15:18:35 -07003178 ses->serverOS = kzalloc(len + 1,GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003179 strncpy(ses->serverOS,bcc_ptr, len);
3180
3181 bcc_ptr += len;
3182 bcc_ptr[0] = 0; /* null terminate the string */
3183 bcc_ptr++;
3184
3185 len = strnlen(bcc_ptr, 1024);
Pekka Enberge915fc42005-09-06 15:18:35 -07003186 ses->serverNOS = kzalloc(len+1,GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003187 strncpy(ses->serverNOS, bcc_ptr, len);
3188 bcc_ptr += len;
3189 bcc_ptr[0] = 0;
3190 bcc_ptr++;
3191
3192 len = strnlen(bcc_ptr, 1024);
Pekka Enberge915fc42005-09-06 15:18:35 -07003193 ses->serverDomain = kzalloc(len+1,GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003194 strncpy(ses->serverDomain, bcc_ptr, len);
3195 bcc_ptr += len;
3196 bcc_ptr[0] = 0;
3197 bcc_ptr++;
3198 } else
3199 cFYI(1,
3200 ("Variable field of length %d extends beyond end of smb ",
3201 len));
3202 }
3203 } else {
3204 cERROR(1,
3205 (" Security Blob Length extends beyond end of SMB"));
3206 }
3207 } else {
3208 cERROR(1, ("No session structure passed in."));
3209 }
3210 } else {
3211 cERROR(1,
3212 (" Invalid Word count %d: ",
3213 smb_buffer_response->WordCount));
3214 rc = -EIO;
3215 }
3216
3217 if (smb_buffer)
3218 cifs_buf_release(smb_buffer);
3219
3220 return rc;
3221}
3222
3223int
3224CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
3225 const char *tree, struct cifsTconInfo *tcon,
3226 const struct nls_table *nls_codepage)
3227{
3228 struct smb_hdr *smb_buffer;
3229 struct smb_hdr *smb_buffer_response;
3230 TCONX_REQ *pSMB;
3231 TCONX_RSP *pSMBr;
3232 unsigned char *bcc_ptr;
3233 int rc = 0;
3234 int length;
3235 __u16 count;
3236
3237 if (ses == NULL)
3238 return -EIO;
3239
3240 smb_buffer = cifs_buf_get();
3241 if (smb_buffer == NULL) {
3242 return -ENOMEM;
3243 }
3244 smb_buffer_response = smb_buffer;
3245
3246 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3247 NULL /*no tid */ , 4 /*wct */ );
Steve French1982c342005-08-17 12:38:22 -07003248
3249 smb_buffer->Mid = GetNextMid(ses->server);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003250 smb_buffer->Uid = ses->Suid;
3251 pSMB = (TCONX_REQ *) smb_buffer;
3252 pSMBr = (TCONX_RSP *) smb_buffer_response;
3253
3254 pSMB->AndXCommand = 0xFF;
3255 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003256 bcc_ptr = &pSMB->Password[0];
Steve Frencheeac8042006-01-13 21:34:58 -08003257 if((ses->server->secMode) & SECMODE_USER) {
3258 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
3259 bcc_ptr++; /* skip password */
3260 } else {
3261 pSMB->PasswordLength = cpu_to_le16(CIFS_SESSION_KEY_SIZE);
3262 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3263 specified as required (when that support is added to
3264 the vfs in the future) as only NTLM or the much
3265 weaker LANMAN (which we do not send) is accepted
3266 by Samba (not sure whether other servers allow
3267 NTLMv2 password here) */
3268 SMBNTencrypt(ses->password,
3269 ses->server->cryptKey,
3270 bcc_ptr);
3271
3272 bcc_ptr += CIFS_SESSION_KEY_SIZE;
3273 *bcc_ptr = 0;
3274 bcc_ptr++; /* align */
3275 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07003276
3277 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
3278 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3279
3280 if (ses->capabilities & CAP_STATUS32) {
3281 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3282 }
3283 if (ses->capabilities & CAP_DFS) {
3284 smb_buffer->Flags2 |= SMBFLG2_DFS;
3285 }
3286 if (ses->capabilities & CAP_UNICODE) {
3287 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3288 length =
Steve Frenche89dc922005-11-11 15:18:19 -08003289 cifs_strtoUCS((__le16 *) bcc_ptr, tree, 100, nls_codepage);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003290 bcc_ptr += 2 * length; /* convert num of 16 bit words to bytes */
3291 bcc_ptr += 2; /* skip trailing null */
3292 } else { /* ASCII */
Linus Torvalds1da177e2005-04-16 15:20:36 -07003293 strcpy(bcc_ptr, tree);
3294 bcc_ptr += strlen(tree) + 1;
3295 }
3296 strcpy(bcc_ptr, "?????");
3297 bcc_ptr += strlen("?????");
3298 bcc_ptr += 1;
3299 count = bcc_ptr - &pSMB->Password[0];
3300 pSMB->hdr.smb_buf_length += count;
3301 pSMB->ByteCount = cpu_to_le16(count);
3302
3303 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length, 0);
3304
3305 /* if (rc) rc = map_smb_to_linux_error(smb_buffer_response); */
3306 /* above now done in SendReceive */
3307 if ((rc == 0) && (tcon != NULL)) {
3308 tcon->tidStatus = CifsGood;
3309 tcon->tid = smb_buffer_response->Tid;
3310 bcc_ptr = pByteArea(smb_buffer_response);
3311 length = strnlen(bcc_ptr, BCC(smb_buffer_response) - 2);
3312 /* skip service field (NB: this field is always ASCII) */
3313 bcc_ptr += length + 1;
3314 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
3315 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
3316 length = UniStrnlen((wchar_t *) bcc_ptr, 512);
3317 if ((bcc_ptr + (2 * length)) -
3318 pByteArea(smb_buffer_response) <=
3319 BCC(smb_buffer_response)) {
Jesper Juhlf99d49a2005-11-07 01:01:34 -08003320 kfree(tcon->nativeFileSystem);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003321 tcon->nativeFileSystem =
Pekka Enberge915fc42005-09-06 15:18:35 -07003322 kzalloc(length + 2, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003323 cifs_strfromUCS_le(tcon->nativeFileSystem,
Steve Frenche89dc922005-11-11 15:18:19 -08003324 (__le16 *) bcc_ptr,
Linus Torvalds1da177e2005-04-16 15:20:36 -07003325 length, nls_codepage);
3326 bcc_ptr += 2 * length;
3327 bcc_ptr[0] = 0; /* null terminate the string */
3328 bcc_ptr[1] = 0;
3329 bcc_ptr += 2;
3330 }
3331 /* else do not bother copying these informational fields */
3332 } else {
3333 length = strnlen(bcc_ptr, 1024);
3334 if ((bcc_ptr + length) -
3335 pByteArea(smb_buffer_response) <=
3336 BCC(smb_buffer_response)) {
Jesper Juhlf99d49a2005-11-07 01:01:34 -08003337 kfree(tcon->nativeFileSystem);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003338 tcon->nativeFileSystem =
Pekka Enberge915fc42005-09-06 15:18:35 -07003339 kzalloc(length + 1, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003340 strncpy(tcon->nativeFileSystem, bcc_ptr,
3341 length);
3342 }
3343 /* else do not bother copying these informational fields */
3344 }
3345 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3346 cFYI(1, ("Tcon flags: 0x%x ", tcon->Flags));
3347 } else if ((rc == 0) && tcon == NULL) {
3348 /* all we need to save for IPC$ connection */
3349 ses->ipc_tid = smb_buffer_response->Tid;
3350 }
3351
3352 if (smb_buffer)
3353 cifs_buf_release(smb_buffer);
3354 return rc;
3355}
3356
3357int
3358cifs_umount(struct super_block *sb, struct cifs_sb_info *cifs_sb)
3359{
3360 int rc = 0;
3361 int xid;
3362 struct cifsSesInfo *ses = NULL;
3363 struct task_struct *cifsd_task;
3364
3365 xid = GetXid();
3366
3367 if (cifs_sb->tcon) {
3368 ses = cifs_sb->tcon->ses; /* save ptr to ses before delete tcon!*/
3369 rc = CIFSSMBTDis(xid, cifs_sb->tcon);
3370 if (rc == -EBUSY) {
3371 FreeXid(xid);
3372 return 0;
3373 }
3374 tconInfoFree(cifs_sb->tcon);
3375 if ((ses) && (ses->server)) {
3376 /* save off task so we do not refer to ses later */
3377 cifsd_task = ses->server->tsk;
3378 cFYI(1, ("About to do SMBLogoff "));
3379 rc = CIFSSMBLogoff(xid, ses);
3380 if (rc == -EBUSY) {
3381 FreeXid(xid);
3382 return 0;
3383 } else if (rc == -ESHUTDOWN) {
3384 cFYI(1,("Waking up socket by sending it signal"));
Steve Frenchf1914012005-08-18 09:37:34 -07003385 if(cifsd_task) {
Linus Torvalds1da177e2005-04-16 15:20:36 -07003386 send_sig(SIGKILL,cifsd_task,1);
Steve Frenchf1914012005-08-18 09:37:34 -07003387 wait_for_completion(&cifsd_complete);
3388 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07003389 rc = 0;
3390 } /* else - we have an smb session
3391 left on this socket do not kill cifsd */
3392 } else
3393 cFYI(1, ("No session or bad tcon"));
3394 }
3395
3396 cifs_sb->tcon = NULL;
Nishanth Aravamudan041e0e32005-09-10 00:27:23 -07003397 if (ses)
3398 schedule_timeout_interruptible(msecs_to_jiffies(500));
Linus Torvalds1da177e2005-04-16 15:20:36 -07003399 if (ses)
3400 sesInfoFree(ses);
3401
3402 FreeXid(xid);
3403 return rc; /* BB check if we should always return zero here */
3404}
3405
3406int cifs_setup_session(unsigned int xid, struct cifsSesInfo *pSesInfo,
3407 struct nls_table * nls_info)
3408{
3409 int rc = 0;
3410 char ntlm_session_key[CIFS_SESSION_KEY_SIZE];
3411 int ntlmv2_flag = FALSE;
Steve Frenchad009ac2005-04-28 22:41:05 -07003412 int first_time = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07003413
3414 /* what if server changes its buffer size after dropping the session? */
3415 if(pSesInfo->server->maxBuf == 0) /* no need to send on reconnect */ {
3416 rc = CIFSSMBNegotiate(xid, pSesInfo);
3417 if(rc == -EAGAIN) /* retry only once on 1st time connection */ {
3418 rc = CIFSSMBNegotiate(xid, pSesInfo);
3419 if(rc == -EAGAIN)
3420 rc = -EHOSTDOWN;
3421 }
3422 if(rc == 0) {
3423 spin_lock(&GlobalMid_Lock);
3424 if(pSesInfo->server->tcpStatus != CifsExiting)
3425 pSesInfo->server->tcpStatus = CifsGood;
3426 else
3427 rc = -EHOSTDOWN;
3428 spin_unlock(&GlobalMid_Lock);
3429
3430 }
Steve Frenchad009ac2005-04-28 22:41:05 -07003431 first_time = 1;
Linus Torvalds1da177e2005-04-16 15:20:36 -07003432 }
3433 if (!rc) {
3434 pSesInfo->capabilities = pSesInfo->server->capabilities;
3435 if(linuxExtEnabled == 0)
3436 pSesInfo->capabilities &= (~CAP_UNIX);
Steve Frenchad009ac2005-04-28 22:41:05 -07003437 /* pSesInfo->sequence_number = 0;*/
Linus Torvalds1da177e2005-04-16 15:20:36 -07003438 cFYI(1,("Security Mode: 0x%x Capabilities: 0x%x Time Zone: %d",
3439 pSesInfo->server->secMode,
3440 pSesInfo->server->capabilities,
3441 pSesInfo->server->timeZone));
3442 if (extended_security
3443 && (pSesInfo->capabilities & CAP_EXTENDED_SECURITY)
3444 && (pSesInfo->server->secType == NTLMSSP)) {
Steve French5815449d2006-02-14 01:36:20 +00003445 cFYI(1, ("New style sesssetup"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07003446 rc = CIFSSpnegoSessSetup(xid, pSesInfo,
3447 NULL /* security blob */,
3448 0 /* blob length */,
3449 nls_info);
3450 } else if (extended_security
3451 && (pSesInfo->capabilities & CAP_EXTENDED_SECURITY)
3452 && (pSesInfo->server->secType == RawNTLMSSP)) {
Steve French5815449d2006-02-14 01:36:20 +00003453 cFYI(1, ("NTLMSSP sesssetup"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07003454 rc = CIFSNTLMSSPNegotiateSessSetup(xid,
3455 pSesInfo,
3456 &ntlmv2_flag,
3457 nls_info);
3458 if (!rc) {
3459 if(ntlmv2_flag) {
3460 char * v2_response;
3461 cFYI(1,("Can use more secure NTLM version 2 password hash"));
3462 if(CalcNTLMv2_partial_mac_key(pSesInfo,
3463 nls_info)) {
3464 rc = -ENOMEM;
3465 goto ss_err_exit;
3466 } else
3467 v2_response = kmalloc(16 + 64 /* blob */, GFP_KERNEL);
3468 if(v2_response) {
3469 CalcNTLMv2_response(pSesInfo,v2_response);
Steve Frenchad009ac2005-04-28 22:41:05 -07003470 /* if(first_time)
3471 cifs_calculate_ntlmv2_mac_key(
3472 pSesInfo->server->mac_signing_key,
3473 response, ntlm_session_key, */
Linus Torvalds1da177e2005-04-16 15:20:36 -07003474 kfree(v2_response);
3475 /* BB Put dummy sig in SessSetup PDU? */
3476 } else {
3477 rc = -ENOMEM;
3478 goto ss_err_exit;
3479 }
3480
3481 } else {
3482 SMBNTencrypt(pSesInfo->password,
3483 pSesInfo->server->cryptKey,
3484 ntlm_session_key);
3485
Steve Frenchad009ac2005-04-28 22:41:05 -07003486 if(first_time)
3487 cifs_calculate_mac_key(
3488 pSesInfo->server->mac_signing_key,
3489 ntlm_session_key,
3490 pSesInfo->password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003491 }
3492 /* for better security the weaker lanman hash not sent
3493 in AuthSessSetup so we no longer calculate it */
3494
3495 rc = CIFSNTLMSSPAuthSessSetup(xid,
3496 pSesInfo,
3497 ntlm_session_key,
3498 ntlmv2_flag,
3499 nls_info);
3500 }
3501 } else { /* old style NTLM 0.12 session setup */
3502 SMBNTencrypt(pSesInfo->password,
3503 pSesInfo->server->cryptKey,
3504 ntlm_session_key);
3505
Steve Frenchad009ac2005-04-28 22:41:05 -07003506 if(first_time)
3507 cifs_calculate_mac_key(
3508 pSesInfo->server->mac_signing_key,
3509 ntlm_session_key, pSesInfo->password);
3510
Linus Torvalds1da177e2005-04-16 15:20:36 -07003511 rc = CIFSSessSetup(xid, pSesInfo,
3512 ntlm_session_key, nls_info);
3513 }
3514 if (rc) {
3515 cERROR(1,("Send error in SessSetup = %d",rc));
3516 } else {
3517 cFYI(1,("CIFS Session Established successfully"));
3518 pSesInfo->status = CifsGood;
3519 }
3520 }
3521ss_err_exit:
3522 return rc;
3523}
3524