blob: c96f3edf1b9c0e62012544ce1d3fc74871050478 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001/*
2 * fs/cifs/connect.c
3 *
Steve French5815449d2006-02-14 01:36:20 +00004 * Copyright (C) International Business Machines Corp., 2002,2006
Linus Torvalds1da177e2005-04-16 15:20:36 -07005 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21#include <linux/fs.h>
22#include <linux/net.h>
23#include <linux/string.h>
24#include <linux/list.h>
25#include <linux/wait.h>
26#include <linux/ipv6.h>
27#include <linux/pagemap.h>
28#include <linux/ctype.h>
29#include <linux/utsname.h>
30#include <linux/mempool.h>
Steve Frenchb8643e12005-04-28 22:41:07 -070031#include <linux/delay.h>
Steve Frenchf1914012005-08-18 09:37:34 -070032#include <linux/completion.h>
Steve French0ae0efa2005-10-10 10:57:19 -070033#include <linux/pagevec.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070034#include <asm/uaccess.h>
35#include <asm/processor.h>
36#include "cifspdu.h"
37#include "cifsglob.h"
38#include "cifsproto.h"
39#include "cifs_unicode.h"
40#include "cifs_debug.h"
41#include "cifs_fs_sb.h"
42#include "ntlmssp.h"
43#include "nterr.h"
44#include "rfc1002pdu.h"
Steve Frencha2653eb2005-11-10 15:33:38 -080045#include "cn_cifs.h"
Linus Torvalds1da177e2005-04-16 15:20:36 -070046
47#define CIFS_PORT 445
48#define RFC1001_PORT 139
49
Steve Frenchf1914012005-08-18 09:37:34 -070050static DECLARE_COMPLETION(cifsd_complete);
51
Linus Torvalds1da177e2005-04-16 15:20:36 -070052extern void SMBNTencrypt(unsigned char *passwd, unsigned char *c8,
53 unsigned char *p24);
54
55extern mempool_t *cifs_req_poolp;
56
57struct smb_vol {
58 char *username;
59 char *password;
60 char *domainname;
61 char *UNC;
62 char *UNCip;
63 char *in6_addr; /* ipv6 address as human readable form of in6_addr */
64 char *iocharset; /* local code page for mapping to and from Unicode */
65 char source_rfc1001_name[16]; /* netbios name of client */
Steve Frencha10faeb22005-08-22 21:38:31 -070066 char target_rfc1001_name[16]; /* netbios name of server for Win9x/ME */
Linus Torvalds1da177e2005-04-16 15:20:36 -070067 uid_t linux_uid;
68 gid_t linux_gid;
69 mode_t file_mode;
70 mode_t dir_mode;
Steve French189acaa2006-06-23 02:33:48 +000071 unsigned secFlg;
Linus Torvalds1da177e2005-04-16 15:20:36 -070072 unsigned rw:1;
73 unsigned retry:1;
74 unsigned intr:1;
75 unsigned setuids:1;
76 unsigned noperm:1;
77 unsigned no_psx_acl:1; /* set if posix acl support should be disabled */
Steve French0a4b92c2006-01-12 15:44:21 -080078 unsigned cifs_acl:1;
Linus Torvalds1da177e2005-04-16 15:20:36 -070079 unsigned no_xattr:1; /* set if xattr (EA) support should be disabled*/
80 unsigned server_ino:1; /* use inode numbers from server ie UniqueId */
81 unsigned direct_io:1;
Steve French6a0b4822005-04-28 22:41:05 -070082 unsigned remap:1; /* set to remap seven reserved chars in filenames */
Jeremy Allisonac670552005-06-22 17:26:35 -070083 unsigned posix_paths:1; /* unset to not ask for posix pathnames. */
Steve Frenchd7245c22005-07-14 18:25:12 -050084 unsigned sfu_emul:1;
Steve Frenchbf820672005-12-01 22:32:42 -080085 unsigned nullauth:1; /* attempt to authenticate with null user */
Steve Frenchc46fa8a2005-08-18 20:49:57 -070086 unsigned nocase; /* request case insensitive filenames */
87 unsigned nobrl; /* disable sending byte range locks to srv */
Linus Torvalds1da177e2005-04-16 15:20:36 -070088 unsigned int rsize;
89 unsigned int wsize;
90 unsigned int sockopt;
91 unsigned short int port;
Steve French2fe87f02006-09-21 07:02:52 +000092 char * prepath;
Linus Torvalds1da177e2005-04-16 15:20:36 -070093};
94
95static int ipv4_connect(struct sockaddr_in *psin_server,
96 struct socket **csocket,
Steve Frencha10faeb22005-08-22 21:38:31 -070097 char * netb_name,
98 char * server_netb_name);
Linus Torvalds1da177e2005-04-16 15:20:36 -070099static int ipv6_connect(struct sockaddr_in6 *psin_server,
100 struct socket **csocket);
101
102
103 /*
104 * cifs tcp session reconnection
105 *
106 * mark tcp session as reconnecting so temporarily locked
107 * mark all smb sessions as reconnecting for tcp session
108 * reconnect tcp session
109 * wake up waiters on reconnection? - (not needed currently)
110 */
111
Steve French2cd646a2006-09-28 19:43:08 +0000112static int
Linus Torvalds1da177e2005-04-16 15:20:36 -0700113cifs_reconnect(struct TCP_Server_Info *server)
114{
115 int rc = 0;
116 struct list_head *tmp;
117 struct cifsSesInfo *ses;
118 struct cifsTconInfo *tcon;
119 struct mid_q_entry * mid_entry;
120
121 spin_lock(&GlobalMid_Lock);
122 if(server->tcpStatus == CifsExiting) {
123 /* the demux thread will exit normally
124 next time through the loop */
125 spin_unlock(&GlobalMid_Lock);
126 return rc;
127 } else
128 server->tcpStatus = CifsNeedReconnect;
129 spin_unlock(&GlobalMid_Lock);
130 server->maxBuf = 0;
131
Steve Frenche4eb2952005-04-28 22:41:09 -0700132 cFYI(1, ("Reconnecting tcp session"));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700133
134 /* before reconnecting the tcp session, mark the smb session (uid)
135 and the tid bad so they are not used until reconnected */
136 read_lock(&GlobalSMBSeslock);
137 list_for_each(tmp, &GlobalSMBSessionList) {
138 ses = list_entry(tmp, struct cifsSesInfo, cifsSessionList);
139 if (ses->server) {
140 if (ses->server == server) {
141 ses->status = CifsNeedReconnect;
142 ses->ipc_tid = 0;
143 }
144 }
145 /* else tcp and smb sessions need reconnection */
146 }
147 list_for_each(tmp, &GlobalTreeConnectionList) {
148 tcon = list_entry(tmp, struct cifsTconInfo, cifsConnectionList);
149 if((tcon) && (tcon->ses) && (tcon->ses->server == server)) {
150 tcon->tidStatus = CifsNeedReconnect;
151 }
152 }
153 read_unlock(&GlobalSMBSeslock);
154 /* do not want to be sending data on a socket we are freeing */
155 down(&server->tcpSem);
156 if(server->ssocket) {
157 cFYI(1,("State: 0x%x Flags: 0x%lx", server->ssocket->state,
158 server->ssocket->flags));
159 server->ssocket->ops->shutdown(server->ssocket,SEND_SHUTDOWN);
160 cFYI(1,("Post shutdown state: 0x%x Flags: 0x%lx", server->ssocket->state,
161 server->ssocket->flags));
162 sock_release(server->ssocket);
163 server->ssocket = NULL;
164 }
165
166 spin_lock(&GlobalMid_Lock);
167 list_for_each(tmp, &server->pending_mid_q) {
168 mid_entry = list_entry(tmp, struct
169 mid_q_entry,
170 qhead);
171 if(mid_entry) {
172 if(mid_entry->midState == MID_REQUEST_SUBMITTED) {
Steve French09d1db52005-04-28 22:41:08 -0700173 /* Mark other intransit requests as needing
174 retry so we do not immediately mark the
175 session bad again (ie after we reconnect
176 below) as they timeout too */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700177 mid_entry->midState = MID_RETRY_NEEDED;
178 }
179 }
180 }
181 spin_unlock(&GlobalMid_Lock);
182 up(&server->tcpSem);
183
184 while ((server->tcpStatus != CifsExiting) && (server->tcpStatus != CifsGood))
185 {
Steve French6c3d8902006-07-31 22:46:20 +0000186 try_to_freeze();
Linus Torvalds1da177e2005-04-16 15:20:36 -0700187 if(server->protocolType == IPV6) {
188 rc = ipv6_connect(&server->addr.sockAddr6,&server->ssocket);
189 } else {
190 rc = ipv4_connect(&server->addr.sockAddr,
191 &server->ssocket,
Steve Frencha10faeb22005-08-22 21:38:31 -0700192 server->workstation_RFC1001_name,
193 server->server_RFC1001_name);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700194 }
195 if(rc) {
Steve Frenchb387eae2005-10-10 14:21:15 -0700196 cFYI(1,("reconnect error %d",rc));
Steve French0cb766a2005-04-28 22:41:11 -0700197 msleep(3000);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700198 } else {
199 atomic_inc(&tcpSesReconnectCount);
200 spin_lock(&GlobalMid_Lock);
201 if(server->tcpStatus != CifsExiting)
202 server->tcpStatus = CifsGood;
Steve Frenchad009ac2005-04-28 22:41:05 -0700203 server->sequence_number = 0;
204 spin_unlock(&GlobalMid_Lock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700205 /* atomic_set(&server->inFlight,0);*/
206 wake_up(&server->response_q);
207 }
208 }
209 return rc;
210}
211
Steve Frenche4eb2952005-04-28 22:41:09 -0700212/*
213 return codes:
214 0 not a transact2, or all data present
215 >0 transact2 with that much data missing
216 -EINVAL = invalid transact2
217
218 */
219static int check2ndT2(struct smb_hdr * pSMB, unsigned int maxBufSize)
220{
221 struct smb_t2_rsp * pSMBt;
222 int total_data_size;
223 int data_in_this_rsp;
224 int remaining;
225
226 if(pSMB->Command != SMB_COM_TRANSACTION2)
227 return 0;
228
229 /* check for plausible wct, bcc and t2 data and parm sizes */
230 /* check for parm and data offset going beyond end of smb */
231 if(pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
232 cFYI(1,("invalid transact2 word count"));
233 return -EINVAL;
234 }
235
236 pSMBt = (struct smb_t2_rsp *)pSMB;
237
238 total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount);
239 data_in_this_rsp = le16_to_cpu(pSMBt->t2_rsp.DataCount);
240
241 remaining = total_data_size - data_in_this_rsp;
242
243 if(remaining == 0)
244 return 0;
245 else if(remaining < 0) {
246 cFYI(1,("total data %d smaller than data in frame %d",
247 total_data_size, data_in_this_rsp));
248 return -EINVAL;
249 } else {
250 cFYI(1,("missing %d bytes from transact2, check next response",
251 remaining));
252 if(total_data_size > maxBufSize) {
253 cERROR(1,("TotalDataSize %d is over maximum buffer %d",
254 total_data_size,maxBufSize));
255 return -EINVAL;
256 }
257 return remaining;
258 }
259}
260
261static int coalesce_t2(struct smb_hdr * psecond, struct smb_hdr *pTargetSMB)
262{
263 struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond;
264 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
265 int total_data_size;
266 int total_in_buf;
267 int remaining;
268 int total_in_buf2;
269 char * data_area_of_target;
270 char * data_area_of_buf2;
271 __u16 byte_count;
272
273 total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount);
274
275 if(total_data_size != le16_to_cpu(pSMB2->t2_rsp.TotalDataCount)) {
276 cFYI(1,("total data sizes of primary and secondary t2 differ"));
277 }
278
279 total_in_buf = le16_to_cpu(pSMBt->t2_rsp.DataCount);
280
281 remaining = total_data_size - total_in_buf;
282
283 if(remaining < 0)
284 return -EINVAL;
285
286 if(remaining == 0) /* nothing to do, ignore */
287 return 0;
288
289 total_in_buf2 = le16_to_cpu(pSMB2->t2_rsp.DataCount);
290 if(remaining < total_in_buf2) {
291 cFYI(1,("transact2 2nd response contains too much data"));
292 }
293
294 /* find end of first SMB data area */
295 data_area_of_target = (char *)&pSMBt->hdr.Protocol +
296 le16_to_cpu(pSMBt->t2_rsp.DataOffset);
297 /* validate target area */
298
299 data_area_of_buf2 = (char *) &pSMB2->hdr.Protocol +
300 le16_to_cpu(pSMB2->t2_rsp.DataOffset);
301
302 data_area_of_target += total_in_buf;
303
304 /* copy second buffer into end of first buffer */
305 memcpy(data_area_of_target,data_area_of_buf2,total_in_buf2);
306 total_in_buf += total_in_buf2;
307 pSMBt->t2_rsp.DataCount = cpu_to_le16(total_in_buf);
308 byte_count = le16_to_cpu(BCC_LE(pTargetSMB));
309 byte_count += total_in_buf2;
310 BCC_LE(pTargetSMB) = cpu_to_le16(byte_count);
311
Steve French70ca7342005-09-22 16:32:06 -0700312 byte_count = pTargetSMB->smb_buf_length;
Steve Frenche4eb2952005-04-28 22:41:09 -0700313 byte_count += total_in_buf2;
314
315 /* BB also add check that we are not beyond maximum buffer size */
316
Steve French70ca7342005-09-22 16:32:06 -0700317 pTargetSMB->smb_buf_length = byte_count;
Steve Frenche4eb2952005-04-28 22:41:09 -0700318
319 if(remaining == total_in_buf2) {
320 cFYI(1,("found the last secondary response"));
321 return 0; /* we are done */
322 } else /* more responses to go */
323 return 1;
324
325}
326
Linus Torvalds1da177e2005-04-16 15:20:36 -0700327static int
328cifs_demultiplex_thread(struct TCP_Server_Info *server)
329{
330 int length;
331 unsigned int pdu_length, total_read;
332 struct smb_hdr *smb_buffer = NULL;
Steve Frenchb8643e12005-04-28 22:41:07 -0700333 struct smb_hdr *bigbuf = NULL;
334 struct smb_hdr *smallbuf = NULL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700335 struct msghdr smb_msg;
336 struct kvec iov;
337 struct socket *csocket = server->ssocket;
338 struct list_head *tmp;
339 struct cifsSesInfo *ses;
340 struct task_struct *task_to_wake = NULL;
341 struct mid_q_entry *mid_entry;
Steve French70ca7342005-09-22 16:32:06 -0700342 char temp;
Steve Frenchb8643e12005-04-28 22:41:07 -0700343 int isLargeBuf = FALSE;
Steve Frenche4eb2952005-04-28 22:41:09 -0700344 int isMultiRsp;
345 int reconnect;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700346
347 daemonize("cifsd");
348 allow_signal(SIGKILL);
349 current->flags |= PF_MEMALLOC;
350 server->tsk = current; /* save process info to wake at shutdown */
351 cFYI(1, ("Demultiplex PID: %d", current->pid));
352 write_lock(&GlobalSMBSeslock);
353 atomic_inc(&tcpSesAllocCount);
354 length = tcpSesAllocCount.counter;
355 write_unlock(&GlobalSMBSeslock);
Steve Frenchf1914012005-08-18 09:37:34 -0700356 complete(&cifsd_complete);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700357 if(length > 1) {
358 mempool_resize(cifs_req_poolp,
359 length + cifs_min_rcv,
360 GFP_KERNEL);
361 }
362
363 while (server->tcpStatus != CifsExiting) {
Steve Frenchede13272005-08-30 20:10:14 -0700364 if (try_to_freeze())
365 continue;
Steve Frenchb8643e12005-04-28 22:41:07 -0700366 if (bigbuf == NULL) {
367 bigbuf = cifs_buf_get();
Pavel Machek0fd1ffe2006-06-13 21:31:39 +0000368 if (!bigbuf) {
369 cERROR(1, ("No memory for large SMB response"));
Steve Frenchb8643e12005-04-28 22:41:07 -0700370 msleep(3000);
371 /* retry will check if exiting */
372 continue;
373 }
Pavel Machek0fd1ffe2006-06-13 21:31:39 +0000374 } else if (isLargeBuf) {
375 /* we are reusing a dirty large buf, clear its start */
Steve Frenchb8643e12005-04-28 22:41:07 -0700376 memset(bigbuf, 0, sizeof (struct smb_hdr));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700377 }
Steve Frenchb8643e12005-04-28 22:41:07 -0700378
379 if (smallbuf == NULL) {
380 smallbuf = cifs_small_buf_get();
Pavel Machek0fd1ffe2006-06-13 21:31:39 +0000381 if (!smallbuf) {
382 cERROR(1, ("No memory for SMB response"));
Steve Frenchb8643e12005-04-28 22:41:07 -0700383 msleep(1000);
384 /* retry will check if exiting */
385 continue;
386 }
387 /* beginning of smb buffer is cleared in our buf_get */
388 } else /* if existing small buf clear beginning */
389 memset(smallbuf, 0, sizeof (struct smb_hdr));
390
391 isLargeBuf = FALSE;
Steve Frenche4eb2952005-04-28 22:41:09 -0700392 isMultiRsp = FALSE;
Steve Frenchb8643e12005-04-28 22:41:07 -0700393 smb_buffer = smallbuf;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700394 iov.iov_base = smb_buffer;
395 iov.iov_len = 4;
396 smb_msg.msg_control = NULL;
397 smb_msg.msg_controllen = 0;
398 length =
399 kernel_recvmsg(csocket, &smb_msg,
400 &iov, 1, 4, 0 /* BB see socket.h flags */);
401
Pavel Machek0fd1ffe2006-06-13 21:31:39 +0000402 if (server->tcpStatus == CifsExiting) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700403 break;
404 } else if (server->tcpStatus == CifsNeedReconnect) {
Pavel Machek0fd1ffe2006-06-13 21:31:39 +0000405 cFYI(1, ("Reconnect after server stopped responding"));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700406 cifs_reconnect(server);
Pavel Machek0fd1ffe2006-06-13 21:31:39 +0000407 cFYI(1, ("call to reconnect done"));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700408 csocket = server->ssocket;
409 continue;
410 } else if ((length == -ERESTARTSYS) || (length == -EAGAIN)) {
Steve Frenchb8643e12005-04-28 22:41:07 -0700411 msleep(1); /* minimum sleep to prevent looping
Linus Torvalds1da177e2005-04-16 15:20:36 -0700412 allowing socket to clear and app threads to set
413 tcpStatus CifsNeedReconnect if server hung */
414 continue;
415 } else if (length <= 0) {
Pavel Machek0fd1ffe2006-06-13 21:31:39 +0000416 if (server->tcpStatus == CifsNew) {
417 cFYI(1, ("tcp session abend after SMBnegprot"));
Steve French09d1db52005-04-28 22:41:08 -0700418 /* some servers kill the TCP session rather than
419 returning an SMB negprot error, in which
420 case reconnecting here is not going to help,
421 and so simply return error to mount */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700422 break;
423 }
Pavel Machek0fd1ffe2006-06-13 21:31:39 +0000424 if (!try_to_freeze() && (length == -EINTR)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700425 cFYI(1,("cifsd thread killed"));
426 break;
427 }
Steve French57337e42005-04-28 22:41:10 -0700428 cFYI(1,("Reconnect after unexpected peek error %d",
429 length));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700430 cifs_reconnect(server);
431 csocket = server->ssocket;
432 wake_up(&server->response_q);
433 continue;
Steve French46810cb2005-04-28 22:41:09 -0700434 } else if (length < 4) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700435 cFYI(1,
Steve French57337e42005-04-28 22:41:10 -0700436 ("Frame under four bytes received (%d bytes long)",
Linus Torvalds1da177e2005-04-16 15:20:36 -0700437 length));
438 cifs_reconnect(server);
439 csocket = server->ssocket;
440 wake_up(&server->response_q);
441 continue;
442 }
Steve French67010fb2005-04-28 22:41:09 -0700443
Steve French70ca7342005-09-22 16:32:06 -0700444 /* The right amount was read from socket - 4 bytes */
445 /* so we can now interpret the length field */
Steve French46810cb2005-04-28 22:41:09 -0700446
Steve French70ca7342005-09-22 16:32:06 -0700447 /* the first byte big endian of the length field,
448 is actually not part of the length but the type
449 with the most common, zero, as regular data */
450 temp = *((char *) smb_buffer);
451
452 /* Note that FC 1001 length is big endian on the wire,
453 but we convert it here so it is always manipulated
454 as host byte order */
Steve French46810cb2005-04-28 22:41:09 -0700455 pdu_length = ntohl(smb_buffer->smb_buf_length);
Steve French70ca7342005-09-22 16:32:06 -0700456 smb_buffer->smb_buf_length = pdu_length;
Steve French46810cb2005-04-28 22:41:09 -0700457
Steve French70ca7342005-09-22 16:32:06 -0700458 cFYI(1,("rfc1002 length 0x%x)", pdu_length+4));
459
460 if (temp == (char) RFC1002_SESSION_KEEP_ALIVE) {
Steve Frenche4eb2952005-04-28 22:41:09 -0700461 continue;
Steve French70ca7342005-09-22 16:32:06 -0700462 } else if (temp == (char)RFC1002_POSITIVE_SESSION_RESPONSE) {
Steve Frenche4eb2952005-04-28 22:41:09 -0700463 cFYI(1,("Good RFC 1002 session rsp"));
464 continue;
Steve French70ca7342005-09-22 16:32:06 -0700465 } else if (temp == (char)RFC1002_NEGATIVE_SESSION_RESPONSE) {
Steve French46810cb2005-04-28 22:41:09 -0700466 /* we get this from Windows 98 instead of
467 an error on SMB negprot response */
Steve Frenche4eb2952005-04-28 22:41:09 -0700468 cFYI(1,("Negative RFC1002 Session Response Error 0x%x)",
Steve French70ca7342005-09-22 16:32:06 -0700469 pdu_length));
Steve French46810cb2005-04-28 22:41:09 -0700470 if(server->tcpStatus == CifsNew) {
471 /* if nack on negprot (rather than
472 ret of smb negprot error) reconnecting
473 not going to help, ret error to mount */
474 break;
475 } else {
476 /* give server a second to
477 clean up before reconnect attempt */
478 msleep(1000);
479 /* always try 445 first on reconnect
480 since we get NACK on some if we ever
481 connected to port 139 (the NACK is
482 since we do not begin with RFC1001
483 session initialize frame) */
484 server->addr.sockAddr.sin_port =
485 htons(CIFS_PORT);
486 cifs_reconnect(server);
487 csocket = server->ssocket;
488 wake_up(&server->response_q);
489 continue;
490 }
Steve French70ca7342005-09-22 16:32:06 -0700491 } else if (temp != (char) 0) {
Steve French46810cb2005-04-28 22:41:09 -0700492 cERROR(1,("Unknown RFC 1002 frame"));
Steve French70ca7342005-09-22 16:32:06 -0700493 cifs_dump_mem(" Received Data: ", (char *)smb_buffer,
494 length);
Steve French46810cb2005-04-28 22:41:09 -0700495 cifs_reconnect(server);
496 csocket = server->ssocket;
497 continue;
Steve Frenche4eb2952005-04-28 22:41:09 -0700498 }
499
500 /* else we have an SMB response */
501 if((pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) ||
Steve French46810cb2005-04-28 22:41:09 -0700502 (pdu_length < sizeof (struct smb_hdr) - 1 - 4)) {
Steve Frenche4eb2952005-04-28 22:41:09 -0700503 cERROR(1, ("Invalid size SMB length %d pdu_length %d",
Steve French46810cb2005-04-28 22:41:09 -0700504 length, pdu_length+4));
Steve Frenche4eb2952005-04-28 22:41:09 -0700505 cifs_reconnect(server);
506 csocket = server->ssocket;
507 wake_up(&server->response_q);
508 continue;
509 }
510
511 /* else length ok */
512 reconnect = 0;
513
Steve Frenchec637e32005-12-12 20:53:18 -0800514 if(pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
Steve Frenche4eb2952005-04-28 22:41:09 -0700515 isLargeBuf = TRUE;
516 memcpy(bigbuf, smallbuf, 4);
517 smb_buffer = bigbuf;
518 }
519 length = 0;
520 iov.iov_base = 4 + (char *)smb_buffer;
521 iov.iov_len = pdu_length;
522 for (total_read = 0; total_read < pdu_length;
523 total_read += length) {
524 length = kernel_recvmsg(csocket, &smb_msg, &iov, 1,
525 pdu_length - total_read, 0);
526 if((server->tcpStatus == CifsExiting) ||
527 (length == -EINTR)) {
528 /* then will exit */
529 reconnect = 2;
530 break;
531 } else if (server->tcpStatus == CifsNeedReconnect) {
Steve French46810cb2005-04-28 22:41:09 -0700532 cifs_reconnect(server);
533 csocket = server->ssocket;
Steve Frenche4eb2952005-04-28 22:41:09 -0700534 /* Reconnect wakes up rspns q */
535 /* Now we will reread sock */
536 reconnect = 1;
537 break;
538 } else if ((length == -ERESTARTSYS) ||
539 (length == -EAGAIN)) {
540 msleep(1); /* minimum sleep to prevent looping,
541 allowing socket to clear and app
542 threads to set tcpStatus
543 CifsNeedReconnect if server hung*/
Steve French46810cb2005-04-28 22:41:09 -0700544 continue;
Steve Frenche4eb2952005-04-28 22:41:09 -0700545 } else if (length <= 0) {
546 cERROR(1,("Received no data, expecting %d",
547 pdu_length - total_read));
548 cifs_reconnect(server);
549 csocket = server->ssocket;
550 reconnect = 1;
551 break;
Steve French46810cb2005-04-28 22:41:09 -0700552 }
553 }
Steve Frenche4eb2952005-04-28 22:41:09 -0700554 if(reconnect == 2)
555 break;
556 else if(reconnect == 1)
557 continue;
558
559 length += 4; /* account for rfc1002 hdr */
560
561
562 dump_smb(smb_buffer, length);
Steve French184ed212006-02-24 06:15:11 +0000563 if (checkSMB(smb_buffer, smb_buffer->Mid, total_read+4)) {
Steve Frenchb387eae2005-10-10 14:21:15 -0700564 cifs_dump_mem("Bad SMB: ", smb_buffer, 48);
Steve Frenche4eb2952005-04-28 22:41:09 -0700565 continue;
566 }
567
568
569 task_to_wake = NULL;
570 spin_lock(&GlobalMid_Lock);
571 list_for_each(tmp, &server->pending_mid_q) {
572 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
573
574 if ((mid_entry->mid == smb_buffer->Mid) &&
575 (mid_entry->midState == MID_REQUEST_SUBMITTED) &&
576 (mid_entry->command == smb_buffer->Command)) {
Steve Frenche4eb2952005-04-28 22:41:09 -0700577 if(check2ndT2(smb_buffer,server->maxBuf) > 0) {
578 /* We have a multipart transact2 resp */
Steve Frenchcd634992005-04-28 22:41:10 -0700579 isMultiRsp = TRUE;
Steve Frenche4eb2952005-04-28 22:41:09 -0700580 if(mid_entry->resp_buf) {
581 /* merge response - fix up 1st*/
582 if(coalesce_t2(smb_buffer,
583 mid_entry->resp_buf)) {
Steve French39798772006-05-31 22:40:51 +0000584 mid_entry->multiRsp = 1;
Steve Frenche4eb2952005-04-28 22:41:09 -0700585 break;
586 } else {
587 /* all parts received */
Steve French39798772006-05-31 22:40:51 +0000588 mid_entry->multiEnd = 1;
Steve Frenche4eb2952005-04-28 22:41:09 -0700589 goto multi_t2_fnd;
590 }
591 } else {
592 if(!isLargeBuf) {
593 cERROR(1,("1st trans2 resp needs bigbuf"));
594 /* BB maybe we can fix this up, switch
595 to already allocated large buffer? */
596 } else {
Steve Frenchcd634992005-04-28 22:41:10 -0700597 /* Have first buffer */
Steve Frenche4eb2952005-04-28 22:41:09 -0700598 mid_entry->resp_buf =
599 smb_buffer;
600 mid_entry->largeBuf = 1;
Steve Frenche4eb2952005-04-28 22:41:09 -0700601 bigbuf = NULL;
602 }
603 }
604 break;
605 }
606 mid_entry->resp_buf = smb_buffer;
607 if(isLargeBuf)
608 mid_entry->largeBuf = 1;
609 else
610 mid_entry->largeBuf = 0;
611multi_t2_fnd:
612 task_to_wake = mid_entry->tsk;
613 mid_entry->midState = MID_RESPONSE_RECEIVED;
Steve French1047abc2005-10-11 19:58:06 -0700614#ifdef CONFIG_CIFS_STATS2
615 mid_entry->when_received = jiffies;
616#endif
Steve French3a5ff612006-07-14 22:37:11 +0000617 /* so we do not time out requests to server
618 which is still responding (since server could
619 be busy but not dead) */
620 server->lstrp = jiffies;
Steve Frenche4eb2952005-04-28 22:41:09 -0700621 break;
622 }
623 }
624 spin_unlock(&GlobalMid_Lock);
625 if (task_to_wake) {
Steve Frenchcd634992005-04-28 22:41:10 -0700626 /* Was previous buf put in mpx struct for multi-rsp? */
627 if(!isMultiRsp) {
628 /* smb buffer will be freed by user thread */
629 if(isLargeBuf) {
630 bigbuf = NULL;
631 } else
632 smallbuf = NULL;
633 }
Steve Frenche4eb2952005-04-28 22:41:09 -0700634 wake_up_process(task_to_wake);
Steve Frenchd7c8c942006-03-03 10:43:49 +0000635 } else if ((is_valid_oplock_break(smb_buffer, server) == FALSE)
Steve Frenche4eb2952005-04-28 22:41:09 -0700636 && (isMultiRsp == FALSE)) {
Steve French39798772006-05-31 22:40:51 +0000637 cERROR(1, ("No task to wake, unknown frame rcvd! NumMids %d", midCount.counter));
Steve French70ca7342005-09-22 16:32:06 -0700638 cifs_dump_mem("Received Data is: ",(char *)smb_buffer,
639 sizeof(struct smb_hdr));
Steve French39798772006-05-31 22:40:51 +0000640#ifdef CONFIG_CIFS_DEBUG2
641 cifs_dump_detail(smb_buffer);
642 cifs_dump_mids(server);
643#endif /* CIFS_DEBUG2 */
644
Steve Frenche4eb2952005-04-28 22:41:09 -0700645 }
646 } /* end while !EXITING */
647
Linus Torvalds1da177e2005-04-16 15:20:36 -0700648 spin_lock(&GlobalMid_Lock);
649 server->tcpStatus = CifsExiting;
650 server->tsk = NULL;
Steve French31ca3bc2005-04-28 22:41:11 -0700651 /* check if we have blocked requests that need to free */
652 /* Note that cifs_max_pending is normally 50, but
653 can be set at module install time to as little as two */
654 if(atomic_read(&server->inFlight) >= cifs_max_pending)
655 atomic_set(&server->inFlight, cifs_max_pending - 1);
656 /* We do not want to set the max_pending too low or we
657 could end up with the counter going negative */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700658 spin_unlock(&GlobalMid_Lock);
659 /* Although there should not be any requests blocked on
660 this queue it can not hurt to be paranoid and try to wake up requests
Steve French09d1db52005-04-28 22:41:08 -0700661 that may haven been blocked when more than 50 at time were on the wire
Linus Torvalds1da177e2005-04-16 15:20:36 -0700662 to the same server - they now will see the session is in exit state
663 and get out of SendReceive. */
664 wake_up_all(&server->request_q);
665 /* give those requests time to exit */
Steve Frenchb8643e12005-04-28 22:41:07 -0700666 msleep(125);
667
Linus Torvalds1da177e2005-04-16 15:20:36 -0700668 if(server->ssocket) {
669 sock_release(csocket);
670 server->ssocket = NULL;
671 }
Steve Frenchb8643e12005-04-28 22:41:07 -0700672 /* buffer usuallly freed in free_mid - need to free it here on exit */
673 if (bigbuf != NULL)
674 cifs_buf_release(bigbuf);
675 if (smallbuf != NULL)
676 cifs_small_buf_release(smallbuf);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700677
678 read_lock(&GlobalSMBSeslock);
679 if (list_empty(&server->pending_mid_q)) {
Steve French09d1db52005-04-28 22:41:08 -0700680 /* loop through server session structures attached to this and
681 mark them dead */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700682 list_for_each(tmp, &GlobalSMBSessionList) {
683 ses =
684 list_entry(tmp, struct cifsSesInfo,
685 cifsSessionList);
686 if (ses->server == server) {
687 ses->status = CifsExiting;
688 ses->server = NULL;
689 }
690 }
691 read_unlock(&GlobalSMBSeslock);
692 } else {
Steve French31ca3bc2005-04-28 22:41:11 -0700693 /* although we can not zero the server struct pointer yet,
694 since there are active requests which may depnd on them,
695 mark the corresponding SMB sessions as exiting too */
696 list_for_each(tmp, &GlobalSMBSessionList) {
697 ses = list_entry(tmp, struct cifsSesInfo,
698 cifsSessionList);
699 if (ses->server == server) {
700 ses->status = CifsExiting;
701 }
702 }
703
Linus Torvalds1da177e2005-04-16 15:20:36 -0700704 spin_lock(&GlobalMid_Lock);
705 list_for_each(tmp, &server->pending_mid_q) {
706 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
707 if (mid_entry->midState == MID_REQUEST_SUBMITTED) {
708 cFYI(1,
Steve French09d1db52005-04-28 22:41:08 -0700709 ("Clearing Mid 0x%x - waking up ",mid_entry->mid));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700710 task_to_wake = mid_entry->tsk;
711 if(task_to_wake) {
712 wake_up_process(task_to_wake);
713 }
714 }
715 }
716 spin_unlock(&GlobalMid_Lock);
717 read_unlock(&GlobalSMBSeslock);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700718 /* 1/8th of sec is more than enough time for them to exit */
Steve Frenchb8643e12005-04-28 22:41:07 -0700719 msleep(125);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700720 }
721
Steve Frenchf1914012005-08-18 09:37:34 -0700722 if (!list_empty(&server->pending_mid_q)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700723 /* mpx threads have not exited yet give them
724 at least the smb send timeout time for long ops */
Steve French31ca3bc2005-04-28 22:41:11 -0700725 /* due to delays on oplock break requests, we need
726 to wait at least 45 seconds before giving up
727 on a request getting a response and going ahead
728 and killing cifsd */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700729 cFYI(1, ("Wait for exit from demultiplex thread"));
Steve French31ca3bc2005-04-28 22:41:11 -0700730 msleep(46000);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700731 /* if threads still have not exited they are probably never
732 coming home not much else we can do but free the memory */
733 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700734
735 write_lock(&GlobalSMBSeslock);
736 atomic_dec(&tcpSesAllocCount);
737 length = tcpSesAllocCount.counter;
Steve French31ca3bc2005-04-28 22:41:11 -0700738
739 /* last chance to mark ses pointers invalid
740 if there are any pointing to this (e.g
741 if a crazy root user tried to kill cifsd
742 kernel thread explicitly this might happen) */
743 list_for_each(tmp, &GlobalSMBSessionList) {
744 ses = list_entry(tmp, struct cifsSesInfo,
745 cifsSessionList);
746 if (ses->server == server) {
747 ses->server = NULL;
748 }
749 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700750 write_unlock(&GlobalSMBSeslock);
Steve French31ca3bc2005-04-28 22:41:11 -0700751
752 kfree(server);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700753 if(length > 0) {
754 mempool_resize(cifs_req_poolp,
755 length + cifs_min_rcv,
756 GFP_KERNEL);
757 }
Steve Frenchb8643e12005-04-28 22:41:07 -0700758
Steve Frenchf1914012005-08-18 09:37:34 -0700759 complete_and_exit(&cifsd_complete, 0);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700760 return 0;
761}
762
Linus Torvalds1da177e2005-04-16 15:20:36 -0700763static int
764cifs_parse_mount_options(char *options, const char *devname,struct smb_vol *vol)
765{
766 char *value;
767 char *data;
768 unsigned int temp_len, i, j;
769 char separator[2];
770
771 separator[0] = ',';
772 separator[1] = 0;
773
Steve French2cd646a2006-09-28 19:43:08 +0000774 if(Local_System_Name[0] != 0)
775 memcpy(vol->source_rfc1001_name, Local_System_Name,15);
776 else {
777 memset(vol->source_rfc1001_name,0x20,15);
778 for(i=0;i < strnlen(system_utsname.nodename,15);i++) {
779 /* does not have to be perfect mapping since field is
780 informational, only used for servers that do not support
781 port 445 and it can be overridden at mount time */
782 vol->source_rfc1001_name[i] =
783 toupper(system_utsname.nodename[i]);
784 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700785 }
786 vol->source_rfc1001_name[15] = 0;
Steve Frencha10faeb22005-08-22 21:38:31 -0700787 /* null target name indicates to use *SMBSERVR default called name
788 if we end up sending RFC1001 session initialize */
789 vol->target_rfc1001_name[0] = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700790 vol->linux_uid = current->uid; /* current->euid instead? */
791 vol->linux_gid = current->gid;
792 vol->dir_mode = S_IRWXUGO;
793 /* 2767 perms indicate mandatory locking support */
794 vol->file_mode = S_IALLUGO & ~(S_ISUID | S_IXGRP);
795
796 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
797 vol->rw = TRUE;
Jeremy Allisonac670552005-06-22 17:26:35 -0700798 /* default is always to request posix paths. */
799 vol->posix_paths = 1;
800
Linus Torvalds1da177e2005-04-16 15:20:36 -0700801 if (!options)
802 return 1;
803
804 if(strncmp(options,"sep=",4) == 0) {
805 if(options[4] != 0) {
806 separator[0] = options[4];
807 options += 5;
808 } else {
809 cFYI(1,("Null separator not allowed"));
810 }
811 }
812
813 while ((data = strsep(&options, separator)) != NULL) {
814 if (!*data)
815 continue;
816 if ((value = strchr(data, '=')) != NULL)
817 *value++ = '\0';
818
819 if (strnicmp(data, "user_xattr",10) == 0) {/*parse before user*/
820 vol->no_xattr = 0;
821 } else if (strnicmp(data, "nouser_xattr",12) == 0) {
822 vol->no_xattr = 1;
823 } else if (strnicmp(data, "user", 4) == 0) {
824 if (!value || !*value) {
825 printk(KERN_WARNING
826 "CIFS: invalid or missing username\n");
827 return 1; /* needs_arg; */
828 }
829 if (strnlen(value, 200) < 200) {
830 vol->username = value;
831 } else {
832 printk(KERN_WARNING "CIFS: username too long\n");
833 return 1;
834 }
835 } else if (strnicmp(data, "pass", 4) == 0) {
836 if (!value) {
837 vol->password = NULL;
838 continue;
839 } else if(value[0] == 0) {
840 /* check if string begins with double comma
841 since that would mean the password really
842 does start with a comma, and would not
843 indicate an empty string */
844 if(value[1] != separator[0]) {
845 vol->password = NULL;
846 continue;
847 }
848 }
849 temp_len = strlen(value);
850 /* removed password length check, NTLM passwords
851 can be arbitrarily long */
852
853 /* if comma in password, the string will be
854 prematurely null terminated. Commas in password are
855 specified across the cifs mount interface by a double
856 comma ie ,, and a comma used as in other cases ie ','
857 as a parameter delimiter/separator is single and due
858 to the strsep above is temporarily zeroed. */
859
860 /* NB: password legally can have multiple commas and
861 the only illegal character in a password is null */
862
Steve French09d1db52005-04-28 22:41:08 -0700863 if ((value[temp_len] == 0) &&
864 (value[temp_len+1] == separator[0])) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700865 /* reinsert comma */
866 value[temp_len] = separator[0];
867 temp_len+=2; /* move after the second comma */
868 while(value[temp_len] != 0) {
869 if (value[temp_len] == separator[0]) {
Steve French09d1db52005-04-28 22:41:08 -0700870 if (value[temp_len+1] ==
871 separator[0]) {
872 /* skip second comma */
873 temp_len++;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700874 } else {
875 /* single comma indicating start
876 of next parm */
877 break;
878 }
879 }
880 temp_len++;
881 }
882 if(value[temp_len] == 0) {
883 options = NULL;
884 } else {
885 value[temp_len] = 0;
886 /* point option to start of next parm */
887 options = value + temp_len + 1;
888 }
889 /* go from value to value + temp_len condensing
890 double commas to singles. Note that this ends up
891 allocating a few bytes too many, which is ok */
Pekka Enberge915fc42005-09-06 15:18:35 -0700892 vol->password = kzalloc(temp_len, GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -0700893 if(vol->password == NULL) {
894 printk("CIFS: no memory for pass\n");
895 return 1;
896 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700897 for(i=0,j=0;i<temp_len;i++,j++) {
898 vol->password[j] = value[i];
Steve French09d1db52005-04-28 22:41:08 -0700899 if(value[i] == separator[0]
900 && value[i+1] == separator[0]) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700901 /* skip second comma */
902 i++;
903 }
904 }
905 vol->password[j] = 0;
906 } else {
Pekka Enberge915fc42005-09-06 15:18:35 -0700907 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -0700908 if(vol->password == NULL) {
909 printk("CIFS: no memory for pass\n");
910 return 1;
911 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700912 strcpy(vol->password, value);
913 }
914 } else if (strnicmp(data, "ip", 2) == 0) {
915 if (!value || !*value) {
916 vol->UNCip = NULL;
917 } else if (strnlen(value, 35) < 35) {
918 vol->UNCip = value;
919 } else {
920 printk(KERN_WARNING "CIFS: ip address too long\n");
921 return 1;
922 }
Steve Frenchbf820672005-12-01 22:32:42 -0800923 } else if (strnicmp(data, "sec", 3) == 0) {
924 if (!value || !*value) {
925 cERROR(1,("no security value specified"));
926 continue;
927 } else if (strnicmp(value, "krb5i", 5) == 0) {
Steve French750d1152006-06-27 06:28:30 +0000928 vol->secFlg |= CIFSSEC_MAY_KRB5 |
Steve French189acaa2006-06-23 02:33:48 +0000929 CIFSSEC_MUST_SIGN;
Steve Frenchbf820672005-12-01 22:32:42 -0800930 } else if (strnicmp(value, "krb5p", 5) == 0) {
Steve French750d1152006-06-27 06:28:30 +0000931 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
Steve French189acaa2006-06-23 02:33:48 +0000932 CIFSSEC_MAY_KRB5; */
Steve Frenchbf820672005-12-01 22:32:42 -0800933 cERROR(1,("Krb5 cifs privacy not supported"));
934 return 1;
935 } else if (strnicmp(value, "krb5", 4) == 0) {
Steve French750d1152006-06-27 06:28:30 +0000936 vol->secFlg |= CIFSSEC_MAY_KRB5;
Steve Frenchbf820672005-12-01 22:32:42 -0800937 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
Steve French750d1152006-06-27 06:28:30 +0000938 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
Steve French189acaa2006-06-23 02:33:48 +0000939 CIFSSEC_MUST_SIGN;
Steve Frenchbf820672005-12-01 22:32:42 -0800940 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
Steve French750d1152006-06-27 06:28:30 +0000941 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
Steve Frenchbf820672005-12-01 22:32:42 -0800942 } else if (strnicmp(value, "ntlmi", 5) == 0) {
Steve French750d1152006-06-27 06:28:30 +0000943 vol->secFlg |= CIFSSEC_MAY_NTLM |
Steve French189acaa2006-06-23 02:33:48 +0000944 CIFSSEC_MUST_SIGN;
Steve Frenchbf820672005-12-01 22:32:42 -0800945 } else if (strnicmp(value, "ntlm", 4) == 0) {
946 /* ntlm is default so can be turned off too */
Steve French750d1152006-06-27 06:28:30 +0000947 vol->secFlg |= CIFSSEC_MAY_NTLM;
Steve Frenchbf820672005-12-01 22:32:42 -0800948 } else if (strnicmp(value, "nontlm", 6) == 0) {
Steve French189acaa2006-06-23 02:33:48 +0000949 /* BB is there a better way to do this? */
Steve French750d1152006-06-27 06:28:30 +0000950 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
Steve French189acaa2006-06-23 02:33:48 +0000951#ifdef CONFIG_CIFS_WEAK_PW_HASH
952 } else if (strnicmp(value, "lanman", 6) == 0) {
Steve French750d1152006-06-27 06:28:30 +0000953 vol->secFlg |= CIFSSEC_MAY_LANMAN;
Steve French189acaa2006-06-23 02:33:48 +0000954#endif
Steve Frenchbf820672005-12-01 22:32:42 -0800955 } else if (strnicmp(value, "none", 4) == 0) {
Steve French189acaa2006-06-23 02:33:48 +0000956 vol->nullauth = 1;
Steve Frenchbf820672005-12-01 22:32:42 -0800957 } else {
958 cERROR(1,("bad security option: %s", value));
959 return 1;
960 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700961 } else if ((strnicmp(data, "unc", 3) == 0)
962 || (strnicmp(data, "target", 6) == 0)
963 || (strnicmp(data, "path", 4) == 0)) {
964 if (!value || !*value) {
965 printk(KERN_WARNING
966 "CIFS: invalid path to network resource\n");
967 return 1; /* needs_arg; */
968 }
969 if ((temp_len = strnlen(value, 300)) < 300) {
970 vol->UNC = kmalloc(temp_len+1,GFP_KERNEL);
971 if(vol->UNC == NULL)
972 return 1;
973 strcpy(vol->UNC,value);
974 if (strncmp(vol->UNC, "//", 2) == 0) {
975 vol->UNC[0] = '\\';
976 vol->UNC[1] = '\\';
977 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
978 printk(KERN_WARNING
979 "CIFS: UNC Path does not begin with // or \\\\ \n");
980 return 1;
981 }
982 } else {
983 printk(KERN_WARNING "CIFS: UNC name too long\n");
984 return 1;
985 }
986 } else if ((strnicmp(data, "domain", 3) == 0)
987 || (strnicmp(data, "workgroup", 5) == 0)) {
988 if (!value || !*value) {
989 printk(KERN_WARNING "CIFS: invalid domain name\n");
990 return 1; /* needs_arg; */
991 }
992 /* BB are there cases in which a comma can be valid in
993 a domain name and need special handling? */
Steve French39798772006-05-31 22:40:51 +0000994 if (strnlen(value, 256) < 256) {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700995 vol->domainname = value;
996 cFYI(1, ("Domain name set"));
997 } else {
998 printk(KERN_WARNING "CIFS: domain name too long\n");
999 return 1;
1000 }
Steve French2fe87f02006-09-21 07:02:52 +00001001 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1002 if (!value || !*value) {
1003 printk(KERN_WARNING
1004 "CIFS: invalid path prefix\n");
1005 return 1; /* needs_arg; */
1006 }
1007 if ((temp_len = strnlen(value, 1024)) < 1024) {
1008 if(value[0] != '/')
1009 temp_len++; /* missing leading slash */
1010 vol->prepath = kmalloc(temp_len+1,GFP_KERNEL);
1011 if(vol->prepath == NULL)
1012 return 1;
1013 if(value[0] != '/') {
1014 vol->prepath[0] = '/';
1015 strcpy(vol->prepath+1,value);
1016 } else
1017 strcpy(vol->prepath,value);
1018 cFYI(1,("prefix path %s",vol->prepath));
1019 } else {
1020 printk(KERN_WARNING "CIFS: prefix too long\n");
1021 return 1;
1022 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07001023 } else if (strnicmp(data, "iocharset", 9) == 0) {
1024 if (!value || !*value) {
1025 printk(KERN_WARNING "CIFS: invalid iocharset specified\n");
1026 return 1; /* needs_arg; */
1027 }
1028 if (strnlen(value, 65) < 65) {
1029 if(strnicmp(value,"default",7))
1030 vol->iocharset = value;
1031 /* if iocharset not set load_nls_default used by caller */
1032 cFYI(1, ("iocharset set to %s",value));
1033 } else {
1034 printk(KERN_WARNING "CIFS: iocharset name too long.\n");
1035 return 1;
1036 }
1037 } else if (strnicmp(data, "uid", 3) == 0) {
1038 if (value && *value) {
1039 vol->linux_uid =
1040 simple_strtoul(value, &value, 0);
1041 }
1042 } else if (strnicmp(data, "gid", 3) == 0) {
1043 if (value && *value) {
1044 vol->linux_gid =
1045 simple_strtoul(value, &value, 0);
1046 }
1047 } else if (strnicmp(data, "file_mode", 4) == 0) {
1048 if (value && *value) {
1049 vol->file_mode =
1050 simple_strtoul(value, &value, 0);
1051 }
1052 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1053 if (value && *value) {
1054 vol->dir_mode =
1055 simple_strtoul(value, &value, 0);
1056 }
1057 } else if (strnicmp(data, "dirmode", 4) == 0) {
1058 if (value && *value) {
1059 vol->dir_mode =
1060 simple_strtoul(value, &value, 0);
1061 }
1062 } else if (strnicmp(data, "port", 4) == 0) {
1063 if (value && *value) {
1064 vol->port =
1065 simple_strtoul(value, &value, 0);
1066 }
1067 } else if (strnicmp(data, "rsize", 5) == 0) {
1068 if (value && *value) {
1069 vol->rsize =
1070 simple_strtoul(value, &value, 0);
1071 }
1072 } else if (strnicmp(data, "wsize", 5) == 0) {
1073 if (value && *value) {
1074 vol->wsize =
1075 simple_strtoul(value, &value, 0);
1076 }
1077 } else if (strnicmp(data, "sockopt", 5) == 0) {
1078 if (value && *value) {
1079 vol->sockopt =
1080 simple_strtoul(value, &value, 0);
1081 }
1082 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1083 if (!value || !*value || (*value == ' ')) {
1084 cFYI(1,("invalid (empty) netbiosname specified"));
1085 } else {
1086 memset(vol->source_rfc1001_name,0x20,15);
1087 for(i=0;i<15;i++) {
1088 /* BB are there cases in which a comma can be
1089 valid in this workstation netbios name (and need
1090 special handling)? */
1091
1092 /* We do not uppercase netbiosname for user */
1093 if (value[i]==0)
1094 break;
1095 else
1096 vol->source_rfc1001_name[i] = value[i];
1097 }
1098 /* The string has 16th byte zero still from
1099 set at top of the function */
1100 if((i==15) && (value[i] != 0))
Steve Frencha10faeb22005-08-22 21:38:31 -07001101 printk(KERN_WARNING "CIFS: netbiosname longer than 15 truncated.\n");
1102 }
1103 } else if (strnicmp(data, "servern", 7) == 0) {
1104 /* servernetbiosname specified override *SMBSERVER */
1105 if (!value || !*value || (*value == ' ')) {
1106 cFYI(1,("empty server netbiosname specified"));
1107 } else {
1108 /* last byte, type, is 0x20 for servr type */
1109 memset(vol->target_rfc1001_name,0x20,16);
1110
1111 for(i=0;i<15;i++) {
1112 /* BB are there cases in which a comma can be
1113 valid in this workstation netbios name (and need
1114 special handling)? */
1115
1116 /* user or mount helper must uppercase netbiosname */
1117 if (value[i]==0)
1118 break;
1119 else
1120 vol->target_rfc1001_name[i] = value[i];
1121 }
1122 /* The string has 16th byte zero still from
1123 set at top of the function */
1124 if((i==15) && (value[i] != 0))
1125 printk(KERN_WARNING "CIFS: server netbiosname longer than 15 truncated.\n");
Linus Torvalds1da177e2005-04-16 15:20:36 -07001126 }
1127 } else if (strnicmp(data, "credentials", 4) == 0) {
1128 /* ignore */
1129 } else if (strnicmp(data, "version", 3) == 0) {
1130 /* ignore */
1131 } else if (strnicmp(data, "guest",5) == 0) {
1132 /* ignore */
1133 } else if (strnicmp(data, "rw", 2) == 0) {
1134 vol->rw = TRUE;
1135 } else if ((strnicmp(data, "suid", 4) == 0) ||
1136 (strnicmp(data, "nosuid", 6) == 0) ||
1137 (strnicmp(data, "exec", 4) == 0) ||
1138 (strnicmp(data, "noexec", 6) == 0) ||
1139 (strnicmp(data, "nodev", 5) == 0) ||
1140 (strnicmp(data, "noauto", 6) == 0) ||
1141 (strnicmp(data, "dev", 3) == 0)) {
1142 /* The mount tool or mount.cifs helper (if present)
1143 uses these opts to set flags, and the flags are read
1144 by the kernel vfs layer before we get here (ie
1145 before read super) so there is no point trying to
1146 parse these options again and set anything and it
1147 is ok to just ignore them */
1148 continue;
1149 } else if (strnicmp(data, "ro", 2) == 0) {
1150 vol->rw = FALSE;
1151 } else if (strnicmp(data, "hard", 4) == 0) {
1152 vol->retry = 1;
1153 } else if (strnicmp(data, "soft", 4) == 0) {
1154 vol->retry = 0;
1155 } else if (strnicmp(data, "perm", 4) == 0) {
1156 vol->noperm = 0;
1157 } else if (strnicmp(data, "noperm", 6) == 0) {
1158 vol->noperm = 1;
Steve French6a0b4822005-04-28 22:41:05 -07001159 } else if (strnicmp(data, "mapchars", 8) == 0) {
1160 vol->remap = 1;
1161 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1162 vol->remap = 0;
Steve Frenchd7245c22005-07-14 18:25:12 -05001163 } else if (strnicmp(data, "sfu", 3) == 0) {
1164 vol->sfu_emul = 1;
1165 } else if (strnicmp(data, "nosfu", 5) == 0) {
1166 vol->sfu_emul = 0;
Jeremy Allisonac670552005-06-22 17:26:35 -07001167 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1168 vol->posix_paths = 1;
1169 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1170 vol->posix_paths = 0;
Steve Frencha10faeb22005-08-22 21:38:31 -07001171 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1172 (strnicmp(data, "ignorecase", 10) == 0)) {
Steve Frenchc46fa8a2005-08-18 20:49:57 -07001173 vol->nocase = 1;
1174 } else if (strnicmp(data, "brl", 3) == 0) {
1175 vol->nobrl = 0;
Steve Frenchcb8be642005-08-30 15:25:52 -07001176 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
Steve French1c955182005-08-30 20:58:07 -07001177 (strnicmp(data, "nolock", 6) == 0)) {
Steve Frenchc46fa8a2005-08-18 20:49:57 -07001178 vol->nobrl = 1;
Steve Frenchd3485d32005-08-19 11:04:29 -07001179 /* turn off mandatory locking in mode
1180 if remote locking is turned off since the
1181 local vfs will do advisory */
1182 if(vol->file_mode == (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1183 vol->file_mode = S_IALLUGO;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001184 } else if (strnicmp(data, "setuids", 7) == 0) {
1185 vol->setuids = 1;
1186 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1187 vol->setuids = 0;
1188 } else if (strnicmp(data, "nohard", 6) == 0) {
1189 vol->retry = 0;
1190 } else if (strnicmp(data, "nosoft", 6) == 0) {
1191 vol->retry = 1;
1192 } else if (strnicmp(data, "nointr", 6) == 0) {
1193 vol->intr = 0;
1194 } else if (strnicmp(data, "intr", 4) == 0) {
1195 vol->intr = 1;
1196 } else if (strnicmp(data, "serverino",7) == 0) {
1197 vol->server_ino = 1;
1198 } else if (strnicmp(data, "noserverino",9) == 0) {
1199 vol->server_ino = 0;
Steve French0a4b92c2006-01-12 15:44:21 -08001200 } else if (strnicmp(data, "cifsacl",7) == 0) {
1201 vol->cifs_acl = 1;
1202 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1203 vol->cifs_acl = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001204 } else if (strnicmp(data, "acl",3) == 0) {
1205 vol->no_psx_acl = 0;
1206 } else if (strnicmp(data, "noacl",5) == 0) {
1207 vol->no_psx_acl = 1;
Steve French750d1152006-06-27 06:28:30 +00001208 } else if (strnicmp(data, "sign",4) == 0) {
1209 vol->secFlg |= CIFSSEC_MUST_SIGN;
1210/* } else if (strnicmp(data, "seal",4) == 0) {
1211 vol->secFlg |= CIFSSEC_MUST_SEAL; */
Linus Torvalds1da177e2005-04-16 15:20:36 -07001212 } else if (strnicmp(data, "direct",6) == 0) {
1213 vol->direct_io = 1;
1214 } else if (strnicmp(data, "forcedirectio",13) == 0) {
1215 vol->direct_io = 1;
1216 } else if (strnicmp(data, "in6_addr",8) == 0) {
1217 if (!value || !*value) {
1218 vol->in6_addr = NULL;
1219 } else if (strnlen(value, 49) == 48) {
1220 vol->in6_addr = value;
1221 } else {
1222 printk(KERN_WARNING "CIFS: ip v6 address not 48 characters long\n");
1223 return 1;
1224 }
1225 } else if (strnicmp(data, "noac", 4) == 0) {
1226 printk(KERN_WARNING "CIFS: Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1227 } else
1228 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",data);
1229 }
1230 if (vol->UNC == NULL) {
1231 if(devname == NULL) {
1232 printk(KERN_WARNING "CIFS: Missing UNC name for mount target\n");
1233 return 1;
1234 }
1235 if ((temp_len = strnlen(devname, 300)) < 300) {
1236 vol->UNC = kmalloc(temp_len+1,GFP_KERNEL);
1237 if(vol->UNC == NULL)
1238 return 1;
1239 strcpy(vol->UNC,devname);
1240 if (strncmp(vol->UNC, "//", 2) == 0) {
1241 vol->UNC[0] = '\\';
1242 vol->UNC[1] = '\\';
1243 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1244 printk(KERN_WARNING "CIFS: UNC Path does not begin with // or \\\\ \n");
1245 return 1;
1246 }
1247 } else {
1248 printk(KERN_WARNING "CIFS: UNC name too long\n");
1249 return 1;
1250 }
1251 }
1252 if(vol->UNCip == NULL)
1253 vol->UNCip = &vol->UNC[2];
1254
1255 return 0;
1256}
1257
1258static struct cifsSesInfo *
1259cifs_find_tcp_session(struct in_addr * target_ip_addr,
1260 struct in6_addr *target_ip6_addr,
1261 char *userName, struct TCP_Server_Info **psrvTcp)
1262{
1263 struct list_head *tmp;
1264 struct cifsSesInfo *ses;
1265 *psrvTcp = NULL;
1266 read_lock(&GlobalSMBSeslock);
1267
1268 list_for_each(tmp, &GlobalSMBSessionList) {
1269 ses = list_entry(tmp, struct cifsSesInfo, cifsSessionList);
1270 if (ses->server) {
1271 if((target_ip_addr &&
1272 (ses->server->addr.sockAddr.sin_addr.s_addr
1273 == target_ip_addr->s_addr)) || (target_ip6_addr
1274 && memcmp(&ses->server->addr.sockAddr6.sin6_addr,
1275 target_ip6_addr,sizeof(*target_ip6_addr)))){
1276 /* BB lock server and tcp session and increment use count here?? */
1277 *psrvTcp = ses->server; /* found a match on the TCP session */
1278 /* BB check if reconnection needed */
1279 if (strncmp
1280 (ses->userName, userName,
1281 MAX_USERNAME_SIZE) == 0){
1282 read_unlock(&GlobalSMBSeslock);
1283 return ses; /* found exact match on both tcp and SMB sessions */
1284 }
1285 }
1286 }
1287 /* else tcp and smb sessions need reconnection */
1288 }
1289 read_unlock(&GlobalSMBSeslock);
1290 return NULL;
1291}
1292
1293static struct cifsTconInfo *
1294find_unc(__be32 new_target_ip_addr, char *uncName, char *userName)
1295{
1296 struct list_head *tmp;
1297 struct cifsTconInfo *tcon;
1298
1299 read_lock(&GlobalSMBSeslock);
1300 list_for_each(tmp, &GlobalTreeConnectionList) {
Steve Frenche466e482006-08-15 13:07:18 +00001301 cFYI(1, ("Next tcon"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001302 tcon = list_entry(tmp, struct cifsTconInfo, cifsConnectionList);
1303 if (tcon->ses) {
1304 if (tcon->ses->server) {
1305 cFYI(1,
Steve Frenche466e482006-08-15 13:07:18 +00001306 ("old ip addr: %x == new ip %x ?",
Linus Torvalds1da177e2005-04-16 15:20:36 -07001307 tcon->ses->server->addr.sockAddr.sin_addr.
1308 s_addr, new_target_ip_addr));
1309 if (tcon->ses->server->addr.sockAddr.sin_addr.
1310 s_addr == new_target_ip_addr) {
Steve Frenche466e482006-08-15 13:07:18 +00001311 /* BB lock tcon, server and tcp session and increment use count here? */
Linus Torvalds1da177e2005-04-16 15:20:36 -07001312 /* found a match on the TCP session */
1313 /* BB check if reconnection needed */
Steve Frenche466e482006-08-15 13:07:18 +00001314 cFYI(1,("IP match, old UNC: %s new: %s",
Linus Torvalds1da177e2005-04-16 15:20:36 -07001315 tcon->treeName, uncName));
1316 if (strncmp
1317 (tcon->treeName, uncName,
1318 MAX_TREE_SIZE) == 0) {
1319 cFYI(1,
Steve Frenche466e482006-08-15 13:07:18 +00001320 ("and old usr: %s new: %s",
Linus Torvalds1da177e2005-04-16 15:20:36 -07001321 tcon->treeName, uncName));
1322 if (strncmp
1323 (tcon->ses->userName,
1324 userName,
1325 MAX_USERNAME_SIZE) == 0) {
1326 read_unlock(&GlobalSMBSeslock);
Steve Frenche466e482006-08-15 13:07:18 +00001327 /* matched smb session
1328 (user name */
1329 return tcon;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001330 }
1331 }
1332 }
1333 }
1334 }
1335 }
1336 read_unlock(&GlobalSMBSeslock);
1337 return NULL;
1338}
1339
1340int
1341connect_to_dfs_path(int xid, struct cifsSesInfo *pSesInfo,
Steve French737b7582005-04-28 22:41:06 -07001342 const char *old_path, const struct nls_table *nls_codepage,
1343 int remap)
Linus Torvalds1da177e2005-04-16 15:20:36 -07001344{
1345 unsigned char *referrals = NULL;
1346 unsigned int num_referrals;
1347 int rc = 0;
1348
1349 rc = get_dfs_path(xid, pSesInfo,old_path, nls_codepage,
Steve French737b7582005-04-28 22:41:06 -07001350 &num_referrals, &referrals, remap);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001351
1352 /* BB Add in code to: if valid refrl, if not ip address contact
1353 the helper that resolves tcp names, mount to it, try to
1354 tcon to it unmount it if fail */
1355
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001356 kfree(referrals);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001357
1358 return rc;
1359}
1360
1361int
1362get_dfs_path(int xid, struct cifsSesInfo *pSesInfo,
1363 const char *old_path, const struct nls_table *nls_codepage,
Steve French737b7582005-04-28 22:41:06 -07001364 unsigned int *pnum_referrals,
1365 unsigned char ** preferrals, int remap)
Linus Torvalds1da177e2005-04-16 15:20:36 -07001366{
1367 char *temp_unc;
1368 int rc = 0;
1369
1370 *pnum_referrals = 0;
1371
1372 if (pSesInfo->ipc_tid == 0) {
1373 temp_unc = kmalloc(2 /* for slashes */ +
1374 strnlen(pSesInfo->serverName,SERVER_NAME_LEN_WITH_NULL * 2)
1375 + 1 + 4 /* slash IPC$ */ + 2,
1376 GFP_KERNEL);
1377 if (temp_unc == NULL)
1378 return -ENOMEM;
1379 temp_unc[0] = '\\';
1380 temp_unc[1] = '\\';
1381 strcpy(temp_unc + 2, pSesInfo->serverName);
1382 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
1383 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
1384 cFYI(1,
1385 ("CIFS Tcon rc = %d ipc_tid = %d", rc,pSesInfo->ipc_tid));
1386 kfree(temp_unc);
1387 }
1388 if (rc == 0)
1389 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
Steve French737b7582005-04-28 22:41:06 -07001390 pnum_referrals, nls_codepage, remap);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001391
1392 return rc;
1393}
1394
1395/* See RFC1001 section 14 on representation of Netbios names */
1396static void rfc1002mangle(char * target,char * source, unsigned int length)
1397{
1398 unsigned int i,j;
1399
1400 for(i=0,j=0;i<(length);i++) {
1401 /* mask a nibble at a time and encode */
1402 target[j] = 'A' + (0x0F & (source[i] >> 4));
1403 target[j+1] = 'A' + (0x0F & source[i]);
1404 j+=2;
1405 }
1406
1407}
1408
1409
1410static int
1411ipv4_connect(struct sockaddr_in *psin_server, struct socket **csocket,
Steve Frencha10faeb22005-08-22 21:38:31 -07001412 char * netbios_name, char * target_name)
Linus Torvalds1da177e2005-04-16 15:20:36 -07001413{
1414 int rc = 0;
1415 int connected = 0;
1416 __be16 orig_port = 0;
1417
1418 if(*csocket == NULL) {
1419 rc = sock_create_kern(PF_INET, SOCK_STREAM, IPPROTO_TCP, csocket);
1420 if (rc < 0) {
1421 cERROR(1, ("Error %d creating socket",rc));
1422 *csocket = NULL;
1423 return rc;
1424 } else {
1425 /* BB other socket options to set KEEPALIVE, NODELAY? */
1426 cFYI(1,("Socket created"));
1427 (*csocket)->sk->sk_allocation = GFP_NOFS;
1428 }
1429 }
1430
1431 psin_server->sin_family = AF_INET;
1432 if(psin_server->sin_port) { /* user overrode default port */
1433 rc = (*csocket)->ops->connect(*csocket,
1434 (struct sockaddr *) psin_server,
1435 sizeof (struct sockaddr_in),0);
1436 if (rc >= 0)
1437 connected = 1;
1438 }
1439
1440 if(!connected) {
1441 /* save original port so we can retry user specified port
1442 later if fall back ports fail this time */
1443 orig_port = psin_server->sin_port;
1444
1445 /* do not retry on the same port we just failed on */
1446 if(psin_server->sin_port != htons(CIFS_PORT)) {
1447 psin_server->sin_port = htons(CIFS_PORT);
1448
1449 rc = (*csocket)->ops->connect(*csocket,
1450 (struct sockaddr *) psin_server,
1451 sizeof (struct sockaddr_in),0);
1452 if (rc >= 0)
1453 connected = 1;
1454 }
1455 }
1456 if (!connected) {
1457 psin_server->sin_port = htons(RFC1001_PORT);
1458 rc = (*csocket)->ops->connect(*csocket, (struct sockaddr *)
1459 psin_server, sizeof (struct sockaddr_in),0);
1460 if (rc >= 0)
1461 connected = 1;
1462 }
1463
1464 /* give up here - unless we want to retry on different
1465 protocol families some day */
1466 if (!connected) {
1467 if(orig_port)
1468 psin_server->sin_port = orig_port;
1469 cFYI(1,("Error %d connecting to server via ipv4",rc));
1470 sock_release(*csocket);
1471 *csocket = NULL;
1472 return rc;
1473 }
1474 /* Eventually check for other socket options to change from
1475 the default. sock_setsockopt not used because it expects
1476 user space buffer */
Steve Frenchb387eae2005-10-10 14:21:15 -07001477 cFYI(1,("sndbuf %d rcvbuf %d rcvtimeo 0x%lx",(*csocket)->sk->sk_sndbuf,
1478 (*csocket)->sk->sk_rcvbuf, (*csocket)->sk->sk_rcvtimeo));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001479 (*csocket)->sk->sk_rcvtimeo = 7 * HZ;
Steve Frenchb387eae2005-10-10 14:21:15 -07001480 /* make the bufsizes depend on wsize/rsize and max requests */
1481 if((*csocket)->sk->sk_sndbuf < (200 * 1024))
1482 (*csocket)->sk->sk_sndbuf = 200 * 1024;
1483 if((*csocket)->sk->sk_rcvbuf < (140 * 1024))
1484 (*csocket)->sk->sk_rcvbuf = 140 * 1024;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001485
1486 /* send RFC1001 sessinit */
Linus Torvalds1da177e2005-04-16 15:20:36 -07001487 if(psin_server->sin_port == htons(RFC1001_PORT)) {
1488 /* some servers require RFC1001 sessinit before sending
1489 negprot - BB check reconnection in case where second
1490 sessinit is sent but no second negprot */
1491 struct rfc1002_session_packet * ses_init_buf;
1492 struct smb_hdr * smb_buf;
Pekka Enberge915fc42005-09-06 15:18:35 -07001493 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet), GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001494 if(ses_init_buf) {
1495 ses_init_buf->trailer.session_req.called_len = 32;
Steve Frencha10faeb22005-08-22 21:38:31 -07001496 if(target_name && (target_name[0] != 0)) {
1497 rfc1002mangle(ses_init_buf->trailer.session_req.called_name,
1498 target_name, 16);
1499 } else {
1500 rfc1002mangle(ses_init_buf->trailer.session_req.called_name,
1501 DEFAULT_CIFS_CALLED_NAME,16);
1502 }
1503
Linus Torvalds1da177e2005-04-16 15:20:36 -07001504 ses_init_buf->trailer.session_req.calling_len = 32;
1505 /* calling name ends in null (byte 16) from old smb
1506 convention. */
1507 if(netbios_name && (netbios_name[0] !=0)) {
1508 rfc1002mangle(ses_init_buf->trailer.session_req.calling_name,
1509 netbios_name,16);
1510 } else {
1511 rfc1002mangle(ses_init_buf->trailer.session_req.calling_name,
1512 "LINUX_CIFS_CLNT",16);
1513 }
1514 ses_init_buf->trailer.session_req.scope1 = 0;
1515 ses_init_buf->trailer.session_req.scope2 = 0;
1516 smb_buf = (struct smb_hdr *)ses_init_buf;
1517 /* sizeof RFC1002_SESSION_REQUEST with no scope */
1518 smb_buf->smb_buf_length = 0x81000044;
1519 rc = smb_send(*csocket, smb_buf, 0x44,
1520 (struct sockaddr *)psin_server);
1521 kfree(ses_init_buf);
Steve French083d3a22006-03-03 09:53:36 +00001522 msleep(1); /* RFC1001 layer in at least one server
1523 requires very short break before negprot
1524 presumably because not expecting negprot
1525 to follow so fast. This is a simple
1526 solution that works without
1527 complicating the code and causes no
1528 significant slowing down on mount
1529 for everyone else */
Linus Torvalds1da177e2005-04-16 15:20:36 -07001530 }
1531 /* else the negprot may still work without this
1532 even though malloc failed */
1533
1534 }
1535
1536 return rc;
1537}
1538
1539static int
1540ipv6_connect(struct sockaddr_in6 *psin_server, struct socket **csocket)
1541{
1542 int rc = 0;
1543 int connected = 0;
1544 __be16 orig_port = 0;
1545
1546 if(*csocket == NULL) {
1547 rc = sock_create_kern(PF_INET6, SOCK_STREAM, IPPROTO_TCP, csocket);
1548 if (rc < 0) {
1549 cERROR(1, ("Error %d creating ipv6 socket",rc));
1550 *csocket = NULL;
1551 return rc;
1552 } else {
1553 /* BB other socket options to set KEEPALIVE, NODELAY? */
1554 cFYI(1,("ipv6 Socket created"));
1555 (*csocket)->sk->sk_allocation = GFP_NOFS;
1556 }
1557 }
1558
1559 psin_server->sin6_family = AF_INET6;
1560
1561 if(psin_server->sin6_port) { /* user overrode default port */
1562 rc = (*csocket)->ops->connect(*csocket,
1563 (struct sockaddr *) psin_server,
1564 sizeof (struct sockaddr_in6),0);
1565 if (rc >= 0)
1566 connected = 1;
1567 }
1568
1569 if(!connected) {
1570 /* save original port so we can retry user specified port
1571 later if fall back ports fail this time */
1572
1573 orig_port = psin_server->sin6_port;
1574 /* do not retry on the same port we just failed on */
1575 if(psin_server->sin6_port != htons(CIFS_PORT)) {
1576 psin_server->sin6_port = htons(CIFS_PORT);
1577
1578 rc = (*csocket)->ops->connect(*csocket,
1579 (struct sockaddr *) psin_server,
1580 sizeof (struct sockaddr_in6),0);
1581 if (rc >= 0)
1582 connected = 1;
1583 }
1584 }
1585 if (!connected) {
1586 psin_server->sin6_port = htons(RFC1001_PORT);
1587 rc = (*csocket)->ops->connect(*csocket, (struct sockaddr *)
1588 psin_server, sizeof (struct sockaddr_in6),0);
1589 if (rc >= 0)
1590 connected = 1;
1591 }
1592
1593 /* give up here - unless we want to retry on different
1594 protocol families some day */
1595 if (!connected) {
1596 if(orig_port)
1597 psin_server->sin6_port = orig_port;
1598 cFYI(1,("Error %d connecting to server via ipv6",rc));
1599 sock_release(*csocket);
1600 *csocket = NULL;
1601 return rc;
1602 }
1603 /* Eventually check for other socket options to change from
1604 the default. sock_setsockopt not used because it expects
1605 user space buffer */
1606 (*csocket)->sk->sk_rcvtimeo = 7 * HZ;
1607
1608 return rc;
1609}
1610
1611int
1612cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
1613 char *mount_data, const char *devname)
1614{
1615 int rc = 0;
1616 int xid;
1617 int address_type = AF_INET;
1618 struct socket *csocket = NULL;
1619 struct sockaddr_in sin_server;
1620 struct sockaddr_in6 sin_server6;
1621 struct smb_vol volume_info;
1622 struct cifsSesInfo *pSesInfo = NULL;
1623 struct cifsSesInfo *existingCifsSes = NULL;
1624 struct cifsTconInfo *tcon = NULL;
1625 struct TCP_Server_Info *srvTcp = NULL;
1626
1627 xid = GetXid();
1628
1629/* cFYI(1, ("Entering cifs_mount. Xid: %d with: %s", xid, mount_data)); */
1630
1631 memset(&volume_info,0,sizeof(struct smb_vol));
1632 if (cifs_parse_mount_options(mount_data, devname, &volume_info)) {
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001633 kfree(volume_info.UNC);
1634 kfree(volume_info.password);
Steve French2fe87f02006-09-21 07:02:52 +00001635 kfree(volume_info.prepath);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001636 FreeXid(xid);
1637 return -EINVAL;
1638 }
1639
1640 if (volume_info.username) {
1641 /* BB fixme parse for domain name here */
1642 cFYI(1, ("Username: %s ", volume_info.username));
1643
1644 } else {
Steve Frenchbf820672005-12-01 22:32:42 -08001645 cifserror("No username specified");
Linus Torvalds1da177e2005-04-16 15:20:36 -07001646 /* In userspace mount helper we can get user name from alternate
1647 locations such as env variables and files on disk */
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001648 kfree(volume_info.UNC);
1649 kfree(volume_info.password);
Steve French2fe87f02006-09-21 07:02:52 +00001650 kfree(volume_info.prepath);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001651 FreeXid(xid);
1652 return -EINVAL;
1653 }
1654
1655 if (volume_info.UNCip && volume_info.UNC) {
1656 rc = cifs_inet_pton(AF_INET, volume_info.UNCip,&sin_server.sin_addr.s_addr);
1657
1658 if(rc <= 0) {
1659 /* not ipv4 address, try ipv6 */
1660 rc = cifs_inet_pton(AF_INET6,volume_info.UNCip,&sin_server6.sin6_addr.in6_u);
1661 if(rc > 0)
1662 address_type = AF_INET6;
1663 } else {
1664 address_type = AF_INET;
1665 }
1666
1667 if(rc <= 0) {
1668 /* we failed translating address */
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001669 kfree(volume_info.UNC);
1670 kfree(volume_info.password);
Steve French2fe87f02006-09-21 07:02:52 +00001671 kfree(volume_info.prepath);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001672 FreeXid(xid);
1673 return -EINVAL;
1674 }
1675
1676 cFYI(1, ("UNC: %s ip: %s", volume_info.UNC, volume_info.UNCip));
1677 /* success */
1678 rc = 0;
1679 } else if (volume_info.UNCip){
1680 /* BB using ip addr as server name connect to the DFS root below */
1681 cERROR(1,("Connecting to DFS root not implemented yet"));
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001682 kfree(volume_info.UNC);
1683 kfree(volume_info.password);
Steve French2fe87f02006-09-21 07:02:52 +00001684 kfree(volume_info.prepath);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001685 FreeXid(xid);
1686 return -EINVAL;
1687 } else /* which servers DFS root would we conect to */ {
1688 cERROR(1,
Steve Frenchbf820672005-12-01 22:32:42 -08001689 ("CIFS mount error: No UNC path (e.g. -o unc=//192.168.1.100/public) specified"));
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001690 kfree(volume_info.UNC);
1691 kfree(volume_info.password);
Steve French2fe87f02006-09-21 07:02:52 +00001692 kfree(volume_info.prepath);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001693 FreeXid(xid);
1694 return -EINVAL;
1695 }
1696
1697 /* this is needed for ASCII cp to Unicode converts */
1698 if(volume_info.iocharset == NULL) {
1699 cifs_sb->local_nls = load_nls_default();
1700 /* load_nls_default can not return null */
1701 } else {
1702 cifs_sb->local_nls = load_nls(volume_info.iocharset);
1703 if(cifs_sb->local_nls == NULL) {
1704 cERROR(1,("CIFS mount error: iocharset %s not found",volume_info.iocharset));
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001705 kfree(volume_info.UNC);
1706 kfree(volume_info.password);
Steve French2fe87f02006-09-21 07:02:52 +00001707 kfree(volume_info.prepath);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001708 FreeXid(xid);
1709 return -ELIBACC;
1710 }
1711 }
1712
1713 if(address_type == AF_INET)
1714 existingCifsSes = cifs_find_tcp_session(&sin_server.sin_addr,
1715 NULL /* no ipv6 addr */,
1716 volume_info.username, &srvTcp);
1717 else if(address_type == AF_INET6)
1718 existingCifsSes = cifs_find_tcp_session(NULL /* no ipv4 addr */,
1719 &sin_server6.sin6_addr,
1720 volume_info.username, &srvTcp);
1721 else {
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001722 kfree(volume_info.UNC);
1723 kfree(volume_info.password);
Steve French2fe87f02006-09-21 07:02:52 +00001724 kfree(volume_info.prepath);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001725 FreeXid(xid);
1726 return -EINVAL;
1727 }
1728
1729
1730 if (srvTcp) {
Steve Frenchbf820672005-12-01 22:32:42 -08001731 cFYI(1, ("Existing tcp session with server found"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001732 } else { /* create socket */
1733 if(volume_info.port)
1734 sin_server.sin_port = htons(volume_info.port);
1735 else
1736 sin_server.sin_port = 0;
Steve Frencha10faeb22005-08-22 21:38:31 -07001737 rc = ipv4_connect(&sin_server,&csocket,
1738 volume_info.source_rfc1001_name,
1739 volume_info.target_rfc1001_name);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001740 if (rc < 0) {
1741 cERROR(1,
1742 ("Error connecting to IPv4 socket. Aborting operation"));
1743 if(csocket != NULL)
1744 sock_release(csocket);
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001745 kfree(volume_info.UNC);
1746 kfree(volume_info.password);
Steve French2fe87f02006-09-21 07:02:52 +00001747 kfree(volume_info.prepath);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001748 FreeXid(xid);
1749 return rc;
1750 }
1751
1752 srvTcp = kmalloc(sizeof (struct TCP_Server_Info), GFP_KERNEL);
1753 if (srvTcp == NULL) {
1754 rc = -ENOMEM;
1755 sock_release(csocket);
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001756 kfree(volume_info.UNC);
1757 kfree(volume_info.password);
Steve French2fe87f02006-09-21 07:02:52 +00001758 kfree(volume_info.prepath);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001759 FreeXid(xid);
1760 return rc;
1761 } else {
1762 memset(srvTcp, 0, sizeof (struct TCP_Server_Info));
1763 memcpy(&srvTcp->addr.sockAddr, &sin_server, sizeof (struct sockaddr_in));
1764 atomic_set(&srvTcp->inFlight,0);
1765 /* BB Add code for ipv6 case too */
1766 srvTcp->ssocket = csocket;
1767 srvTcp->protocolType = IPV4;
1768 init_waitqueue_head(&srvTcp->response_q);
1769 init_waitqueue_head(&srvTcp->request_q);
1770 INIT_LIST_HEAD(&srvTcp->pending_mid_q);
1771 /* at this point we are the only ones with the pointer
1772 to the struct since the kernel thread not created yet
1773 so no need to spinlock this init of tcpStatus */
1774 srvTcp->tcpStatus = CifsNew;
1775 init_MUTEX(&srvTcp->tcpSem);
1776 rc = (int)kernel_thread((void *)(void *)cifs_demultiplex_thread, srvTcp,
1777 CLONE_FS | CLONE_FILES | CLONE_VM);
1778 if(rc < 0) {
1779 rc = -ENOMEM;
1780 sock_release(csocket);
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001781 kfree(volume_info.UNC);
1782 kfree(volume_info.password);
Steve French2fe87f02006-09-21 07:02:52 +00001783 kfree(volume_info.prepath);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001784 FreeXid(xid);
1785 return rc;
Steve Frenchf1914012005-08-18 09:37:34 -07001786 }
1787 wait_for_completion(&cifsd_complete);
1788 rc = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001789 memcpy(srvTcp->workstation_RFC1001_name, volume_info.source_rfc1001_name,16);
Steve Frencha10faeb22005-08-22 21:38:31 -07001790 memcpy(srvTcp->server_RFC1001_name, volume_info.target_rfc1001_name,16);
Steve Frenchad009ac2005-04-28 22:41:05 -07001791 srvTcp->sequence_number = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001792 }
1793 }
1794
1795 if (existingCifsSes) {
1796 pSesInfo = existingCifsSes;
Steve Frenchbf820672005-12-01 22:32:42 -08001797 cFYI(1, ("Existing smb sess found"));
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001798 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001799 /* volume_info.UNC freed at end of function */
1800 } else if (!rc) {
Steve Frenchbf820672005-12-01 22:32:42 -08001801 cFYI(1, ("Existing smb sess not found"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001802 pSesInfo = sesInfoAlloc();
1803 if (pSesInfo == NULL)
1804 rc = -ENOMEM;
1805 else {
1806 pSesInfo->server = srvTcp;
1807 sprintf(pSesInfo->serverName, "%u.%u.%u.%u",
1808 NIPQUAD(sin_server.sin_addr.s_addr));
1809 }
1810
1811 if (!rc){
1812 /* volume_info.password freed at unmount */
1813 if (volume_info.password)
1814 pSesInfo->password = volume_info.password;
1815 if (volume_info.username)
1816 strncpy(pSesInfo->userName,
1817 volume_info.username,MAX_USERNAME_SIZE);
Steve French39798772006-05-31 22:40:51 +00001818 if (volume_info.domainname) {
1819 int len = strlen(volume_info.domainname);
1820 pSesInfo->domainName =
1821 kmalloc(len + 1, GFP_KERNEL);
1822 if(pSesInfo->domainName)
1823 strcpy(pSesInfo->domainName,
1824 volume_info.domainname);
1825 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07001826 pSesInfo->linux_uid = volume_info.linux_uid;
Steve French750d1152006-06-27 06:28:30 +00001827 pSesInfo->overrideSecFlg = volume_info.secFlg;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001828 down(&pSesInfo->sesSem);
Steve French189acaa2006-06-23 02:33:48 +00001829 /* BB FIXME need to pass vol->secFlgs BB */
Linus Torvalds1da177e2005-04-16 15:20:36 -07001830 rc = cifs_setup_session(xid,pSesInfo, cifs_sb->local_nls);
1831 up(&pSesInfo->sesSem);
1832 if(!rc)
1833 atomic_inc(&srvTcp->socketUseCount);
1834 } else
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001835 kfree(volume_info.password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001836 }
1837
1838 /* search for existing tcon to this server share */
1839 if (!rc) {
Steve French0ae0efa2005-10-10 10:57:19 -07001840 if(volume_info.rsize > CIFSMaxBufSize) {
1841 cERROR(1,("rsize %d too large, using MaxBufSize",
1842 volume_info.rsize));
1843 cifs_sb->rsize = CIFSMaxBufSize;
1844 } else if((volume_info.rsize) && (volume_info.rsize <= CIFSMaxBufSize))
Linus Torvalds1da177e2005-04-16 15:20:36 -07001845 cifs_sb->rsize = volume_info.rsize;
Steve French0ae0efa2005-10-10 10:57:19 -07001846 else /* default */
1847 cifs_sb->rsize = CIFSMaxBufSize;
1848
1849 if(volume_info.wsize > PAGEVEC_SIZE * PAGE_CACHE_SIZE) {
1850 cERROR(1,("wsize %d too large using 4096 instead",
1851 volume_info.wsize));
1852 cifs_sb->wsize = 4096;
1853 } else if(volume_info.wsize)
Linus Torvalds1da177e2005-04-16 15:20:36 -07001854 cifs_sb->wsize = volume_info.wsize;
1855 else
Steve French17cbbaf2006-01-24 20:26:48 -08001856 cifs_sb->wsize =
Steve French1877c9e2006-01-27 18:36:11 -08001857 min_t(const int, PAGEVEC_SIZE * PAGE_CACHE_SIZE,
1858 127*1024);
Steve French17cbbaf2006-01-24 20:26:48 -08001859 /* old default of CIFSMaxBufSize was too small now
1860 that SMB Write2 can send multiple pages in kvec.
1861 RFC1001 does not describe what happens when frame
1862 bigger than 128K is sent so use that as max in
1863 conjunction with 52K kvec constraint on arch with 4K
1864 page size */
1865
Steve French6cec2ae2006-02-22 17:31:52 -06001866 if(cifs_sb->rsize < 2048) {
1867 cifs_sb->rsize = 2048;
1868 /* Windows ME may prefer this */
1869 cFYI(1,("readsize set to minimum 2048"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001870 }
Steve French2fe87f02006-09-21 07:02:52 +00001871 /* calculate prepath */
1872 cifs_sb->prepath = volume_info.prepath;
1873 if(cifs_sb->prepath) {
1874 cifs_sb->prepathlen = strlen(cifs_sb->prepath);
1875 cifs_sb->prepath[0] = CIFS_DIR_SEP(cifs_sb);
1876 volume_info.prepath = NULL;
1877 } else
1878 cifs_sb->prepathlen = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001879 cifs_sb->mnt_uid = volume_info.linux_uid;
1880 cifs_sb->mnt_gid = volume_info.linux_gid;
1881 cifs_sb->mnt_file_mode = volume_info.file_mode;
1882 cifs_sb->mnt_dir_mode = volume_info.dir_mode;
Steve Frencheeac8042006-01-13 21:34:58 -08001883 cFYI(1,("file mode: 0x%x dir mode: 0x%x",
1884 cifs_sb->mnt_file_mode,cifs_sb->mnt_dir_mode));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001885
1886 if(volume_info.noperm)
1887 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
1888 if(volume_info.setuids)
1889 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
1890 if(volume_info.server_ino)
1891 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
Steve French6a0b4822005-04-28 22:41:05 -07001892 if(volume_info.remap)
1893 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001894 if(volume_info.no_xattr)
1895 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
Steve Frenchd7245c22005-07-14 18:25:12 -05001896 if(volume_info.sfu_emul)
1897 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
Steve Frenchc46fa8a2005-08-18 20:49:57 -07001898 if(volume_info.nobrl)
1899 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
Steve French0a4b92c2006-01-12 15:44:21 -08001900 if(volume_info.cifs_acl)
1901 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
Jeremy Allisonac670552005-06-22 17:26:35 -07001902
Linus Torvalds1da177e2005-04-16 15:20:36 -07001903 if(volume_info.direct_io) {
Steve Frenchc46fa8a2005-08-18 20:49:57 -07001904 cFYI(1,("mounting share using direct i/o"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001905 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
1906 }
1907
1908 tcon =
1909 find_unc(sin_server.sin_addr.s_addr, volume_info.UNC,
1910 volume_info.username);
1911 if (tcon) {
Steve Frenchbf820672005-12-01 22:32:42 -08001912 cFYI(1, ("Found match on UNC path"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07001913 /* we can have only one retry value for a connection
1914 to a share so for resources mounted more than once
1915 to the same server share the last value passed in
1916 for the retry flag is used */
1917 tcon->retry = volume_info.retry;
Steve Frenchd3485d32005-08-19 11:04:29 -07001918 tcon->nocase = volume_info.nocase;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001919 } else {
1920 tcon = tconInfoAlloc();
1921 if (tcon == NULL)
1922 rc = -ENOMEM;
1923 else {
1924 /* check for null share name ie connect to dfs root */
1925
1926 /* BB check if this works for exactly length three strings */
1927 if ((strchr(volume_info.UNC + 3, '\\') == NULL)
1928 && (strchr(volume_info.UNC + 3, '/') ==
1929 NULL)) {
Steve French737b7582005-04-28 22:41:06 -07001930 rc = connect_to_dfs_path(xid, pSesInfo,
1931 "", cifs_sb->local_nls,
1932 cifs_sb->mnt_cifs_flags &
1933 CIFS_MOUNT_MAP_SPECIAL_CHR);
Jesper Juhlf99d49a2005-11-07 01:01:34 -08001934 kfree(volume_info.UNC);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001935 FreeXid(xid);
1936 return -ENODEV;
1937 } else {
1938 rc = CIFSTCon(xid, pSesInfo,
1939 volume_info.UNC,
1940 tcon, cifs_sb->local_nls);
1941 cFYI(1, ("CIFS Tcon rc = %d", rc));
1942 }
1943 if (!rc) {
1944 atomic_inc(&pSesInfo->inUse);
1945 tcon->retry = volume_info.retry;
Steve Frenchd3485d32005-08-19 11:04:29 -07001946 tcon->nocase = volume_info.nocase;
Linus Torvalds1da177e2005-04-16 15:20:36 -07001947 }
1948 }
1949 }
1950 }
1951 if(pSesInfo) {
1952 if (pSesInfo->capabilities & CAP_LARGE_FILES) {
1953 sb->s_maxbytes = (u64) 1 << 63;
1954 } else
1955 sb->s_maxbytes = (u64) 1 << 31; /* 2 GB */
1956 }
1957
1958 sb->s_time_gran = 100;
1959
1960/* on error free sesinfo and tcon struct if needed */
1961 if (rc) {
1962 /* if session setup failed, use count is zero but
1963 we still need to free cifsd thread */
1964 if(atomic_read(&srvTcp->socketUseCount) == 0) {
1965 spin_lock(&GlobalMid_Lock);
1966 srvTcp->tcpStatus = CifsExiting;
1967 spin_unlock(&GlobalMid_Lock);
Steve Frenchf1914012005-08-18 09:37:34 -07001968 if(srvTcp->tsk) {
Linus Torvalds1da177e2005-04-16 15:20:36 -07001969 send_sig(SIGKILL,srvTcp->tsk,1);
Steve Frenchf1914012005-08-18 09:37:34 -07001970 wait_for_completion(&cifsd_complete);
1971 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07001972 }
1973 /* If find_unc succeeded then rc == 0 so we can not end */
1974 if (tcon) /* up accidently freeing someone elses tcon struct */
1975 tconInfoFree(tcon);
1976 if (existingCifsSes == NULL) {
1977 if (pSesInfo) {
1978 if ((pSesInfo->server) &&
1979 (pSesInfo->status == CifsGood)) {
1980 int temp_rc;
1981 temp_rc = CIFSSMBLogoff(xid, pSesInfo);
1982 /* if the socketUseCount is now zero */
1983 if((temp_rc == -ESHUTDOWN) &&
Steve Frenchf1914012005-08-18 09:37:34 -07001984 (pSesInfo->server->tsk)) {
Linus Torvalds1da177e2005-04-16 15:20:36 -07001985 send_sig(SIGKILL,pSesInfo->server->tsk,1);
Steve Frenchf1914012005-08-18 09:37:34 -07001986 wait_for_completion(&cifsd_complete);
1987 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07001988 } else
1989 cFYI(1, ("No session or bad tcon"));
1990 sesInfoFree(pSesInfo);
1991 /* pSesInfo = NULL; */
1992 }
1993 }
1994 } else {
1995 atomic_inc(&tcon->useCount);
1996 cifs_sb->tcon = tcon;
1997 tcon->ses = pSesInfo;
1998
Steve French82940a42006-03-02 03:24:57 +00001999 /* do not care if following two calls succeed - informational */
Steve French737b7582005-04-28 22:41:06 -07002000 CIFSSMBQFSDeviceInfo(xid, tcon);
2001 CIFSSMBQFSAttributeInfo(xid, tcon);
Steve French82940a42006-03-02 03:24:57 +00002002
Linus Torvalds1da177e2005-04-16 15:20:36 -07002003 if (tcon->ses->capabilities & CAP_UNIX) {
Steve French737b7582005-04-28 22:41:06 -07002004 if(!CIFSSMBQFSUnixInfo(xid, tcon)) {
Steve French82940a42006-03-02 03:24:57 +00002005 __u64 cap =
2006 le64_to_cpu(tcon->fsUnixInfo.Capability);
2007 cap &= CIFS_UNIX_CAP_MASK;
2008 if(volume_info.no_psx_acl)
2009 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2010 else if(CIFS_UNIX_POSIX_ACL_CAP & cap) {
2011 cFYI(1,("negotiated posix acl support"));
2012 sb->s_flags |= MS_POSIXACL;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002013 }
Jeremy Allisonac670552005-06-22 17:26:35 -07002014
Steve French82940a42006-03-02 03:24:57 +00002015 if(volume_info.posix_paths == 0)
2016 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2017 else if(cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
2018 cFYI(1,("negotiate posix pathnames"));
2019 cifs_sb->mnt_cifs_flags |=
2020 CIFS_MOUNT_POSIX_PATHS;
2021 }
2022
2023 cFYI(1,("Negotiate caps 0x%x",(int)cap));
Steve French3a5ff612006-07-14 22:37:11 +00002024#ifdef CONFIG_CIFS_DEBUG2
2025 if(cap & CIFS_UNIX_FCNTL_CAP)
2026 cFYI(1,("FCNTL cap"));
2027 if(cap & CIFS_UNIX_EXTATTR_CAP)
2028 cFYI(1,("EXTATTR cap"));
2029 if(cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2030 cFYI(1,("POSIX path cap"));
2031 if(cap & CIFS_UNIX_XATTR_CAP)
2032 cFYI(1,("XATTR cap"));
2033 if(cap & CIFS_UNIX_POSIX_ACL_CAP)
2034 cFYI(1,("POSIX ACL cap"));
2035#endif /* CIFS_DEBUG2 */
Steve French82940a42006-03-02 03:24:57 +00002036 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
2037 cFYI(1,("setting capabilities failed"));
Jeremy Allisonac670552005-06-22 17:26:35 -07002038 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07002039 }
2040 }
Steve French3e844692005-10-03 13:37:24 -07002041 if (!(tcon->ses->capabilities & CAP_LARGE_WRITE_X))
2042 cifs_sb->wsize = min(cifs_sb->wsize,
2043 (tcon->ses->server->maxBuf -
2044 MAX_CIFS_HDR_SIZE));
Steve French0ae0efa2005-10-10 10:57:19 -07002045 if (!(tcon->ses->capabilities & CAP_LARGE_READ_X))
2046 cifs_sb->rsize = min(cifs_sb->rsize,
2047 (tcon->ses->server->maxBuf -
2048 MAX_CIFS_HDR_SIZE));
Linus Torvalds1da177e2005-04-16 15:20:36 -07002049 }
2050
2051 /* volume_info.password is freed above when existing session found
2052 (in which case it is not needed anymore) but when new sesion is created
2053 the password ptr is put in the new session structure (in which case the
2054 password will be freed at unmount time) */
Jesper Juhlf99d49a2005-11-07 01:01:34 -08002055 kfree(volume_info.UNC);
Steve French2fe87f02006-09-21 07:02:52 +00002056 kfree(volume_info.prepath);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002057 FreeXid(xid);
2058 return rc;
2059}
2060
2061static int
2062CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
Steve French7c7b25b2006-06-01 19:20:10 +00002063 char session_key[CIFS_SESS_KEY_SIZE],
Linus Torvalds1da177e2005-04-16 15:20:36 -07002064 const struct nls_table *nls_codepage)
2065{
2066 struct smb_hdr *smb_buffer;
2067 struct smb_hdr *smb_buffer_response;
2068 SESSION_SETUP_ANDX *pSMB;
2069 SESSION_SETUP_ANDX *pSMBr;
2070 char *bcc_ptr;
2071 char *user;
2072 char *domain;
2073 int rc = 0;
2074 int remaining_words = 0;
2075 int bytes_returned = 0;
2076 int len;
2077 __u32 capabilities;
2078 __u16 count;
2079
Steve Frencheeac8042006-01-13 21:34:58 -08002080 cFYI(1, ("In sesssetup"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07002081 if(ses == NULL)
2082 return -EINVAL;
2083 user = ses->userName;
2084 domain = ses->domainName;
2085 smb_buffer = cifs_buf_get();
2086 if (smb_buffer == NULL) {
2087 return -ENOMEM;
2088 }
2089 smb_buffer_response = smb_buffer;
2090 pSMBr = pSMB = (SESSION_SETUP_ANDX *) smb_buffer;
2091
2092 /* send SMBsessionSetup here */
2093 header_assemble(smb_buffer, SMB_COM_SESSION_SETUP_ANDX,
2094 NULL /* no tCon exists yet */ , 13 /* wct */ );
2095
Steve French1982c342005-08-17 12:38:22 -07002096 smb_buffer->Mid = GetNextMid(ses->server);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002097 pSMB->req_no_secext.AndXCommand = 0xFF;
2098 pSMB->req_no_secext.MaxBufferSize = cpu_to_le16(ses->server->maxBuf);
2099 pSMB->req_no_secext.MaxMpxCount = cpu_to_le16(ses->server->maxReq);
2100
2101 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
2102 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
2103
2104 capabilities = CAP_LARGE_FILES | CAP_NT_SMBS | CAP_LEVEL_II_OPLOCKS |
2105 CAP_LARGE_WRITE_X | CAP_LARGE_READ_X;
2106 if (ses->capabilities & CAP_UNICODE) {
2107 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
2108 capabilities |= CAP_UNICODE;
2109 }
2110 if (ses->capabilities & CAP_STATUS32) {
2111 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
2112 capabilities |= CAP_STATUS32;
2113 }
2114 if (ses->capabilities & CAP_DFS) {
2115 smb_buffer->Flags2 |= SMBFLG2_DFS;
2116 capabilities |= CAP_DFS;
2117 }
2118 pSMB->req_no_secext.Capabilities = cpu_to_le32(capabilities);
2119
2120 pSMB->req_no_secext.CaseInsensitivePasswordLength =
Steve French7c7b25b2006-06-01 19:20:10 +00002121 cpu_to_le16(CIFS_SESS_KEY_SIZE);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002122
2123 pSMB->req_no_secext.CaseSensitivePasswordLength =
Steve French7c7b25b2006-06-01 19:20:10 +00002124 cpu_to_le16(CIFS_SESS_KEY_SIZE);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002125 bcc_ptr = pByteArea(smb_buffer);
Steve French7c7b25b2006-06-01 19:20:10 +00002126 memcpy(bcc_ptr, (char *) session_key, CIFS_SESS_KEY_SIZE);
2127 bcc_ptr += CIFS_SESS_KEY_SIZE;
2128 memcpy(bcc_ptr, (char *) session_key, CIFS_SESS_KEY_SIZE);
2129 bcc_ptr += CIFS_SESS_KEY_SIZE;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002130
2131 if (ses->capabilities & CAP_UNICODE) {
2132 if ((long) bcc_ptr % 2) { /* must be word aligned for Unicode */
2133 *bcc_ptr = 0;
2134 bcc_ptr++;
2135 }
2136 if(user == NULL)
Steve French39798772006-05-31 22:40:51 +00002137 bytes_returned = 0; /* skip null user */
Linus Torvalds1da177e2005-04-16 15:20:36 -07002138 else
2139 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002140 cifs_strtoUCS((__le16 *) bcc_ptr, user, 100,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002141 nls_codepage);
2142 /* convert number of 16 bit words to bytes */
2143 bcc_ptr += 2 * bytes_returned;
2144 bcc_ptr += 2; /* trailing null */
2145 if (domain == NULL)
2146 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002147 cifs_strtoUCS((__le16 *) bcc_ptr,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002148 "CIFS_LINUX_DOM", 32, nls_codepage);
2149 else
2150 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002151 cifs_strtoUCS((__le16 *) bcc_ptr, domain, 64,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002152 nls_codepage);
2153 bcc_ptr += 2 * bytes_returned;
2154 bcc_ptr += 2;
2155 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002156 cifs_strtoUCS((__le16 *) bcc_ptr, "Linux version ",
Linus Torvalds1da177e2005-04-16 15:20:36 -07002157 32, nls_codepage);
2158 bcc_ptr += 2 * bytes_returned;
2159 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002160 cifs_strtoUCS((__le16 *) bcc_ptr, system_utsname.release,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002161 32, nls_codepage);
2162 bcc_ptr += 2 * bytes_returned;
2163 bcc_ptr += 2;
2164 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002165 cifs_strtoUCS((__le16 *) bcc_ptr, CIFS_NETWORK_OPSYS,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002166 64, nls_codepage);
2167 bcc_ptr += 2 * bytes_returned;
2168 bcc_ptr += 2;
2169 } else {
2170 if(user != NULL) {
2171 strncpy(bcc_ptr, user, 200);
2172 bcc_ptr += strnlen(user, 200);
2173 }
2174 *bcc_ptr = 0;
2175 bcc_ptr++;
2176 if (domain == NULL) {
2177 strcpy(bcc_ptr, "CIFS_LINUX_DOM");
2178 bcc_ptr += strlen("CIFS_LINUX_DOM") + 1;
2179 } else {
2180 strncpy(bcc_ptr, domain, 64);
2181 bcc_ptr += strnlen(domain, 64);
2182 *bcc_ptr = 0;
2183 bcc_ptr++;
2184 }
2185 strcpy(bcc_ptr, "Linux version ");
2186 bcc_ptr += strlen("Linux version ");
2187 strcpy(bcc_ptr, system_utsname.release);
2188 bcc_ptr += strlen(system_utsname.release) + 1;
2189 strcpy(bcc_ptr, CIFS_NETWORK_OPSYS);
2190 bcc_ptr += strlen(CIFS_NETWORK_OPSYS) + 1;
2191 }
2192 count = (long) bcc_ptr - (long) pByteArea(smb_buffer);
2193 smb_buffer->smb_buf_length += count;
2194 pSMB->req_no_secext.ByteCount = cpu_to_le16(count);
2195
2196 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response,
2197 &bytes_returned, 1);
2198 if (rc) {
2199/* rc = map_smb_to_linux_error(smb_buffer_response); now done in SendReceive */
2200 } else if ((smb_buffer_response->WordCount == 3)
2201 || (smb_buffer_response->WordCount == 4)) {
2202 __u16 action = le16_to_cpu(pSMBr->resp.Action);
2203 __u16 blob_len = le16_to_cpu(pSMBr->resp.SecurityBlobLength);
2204 if (action & GUEST_LOGIN)
2205 cFYI(1, (" Guest login")); /* do we want to mark SesInfo struct ? */
2206 ses->Suid = smb_buffer_response->Uid; /* UID left in wire format (le) */
2207 cFYI(1, ("UID = %d ", ses->Suid));
2208 /* response can have either 3 or 4 word count - Samba sends 3 */
2209 bcc_ptr = pByteArea(smb_buffer_response);
2210 if ((pSMBr->resp.hdr.WordCount == 3)
2211 || ((pSMBr->resp.hdr.WordCount == 4)
2212 && (blob_len < pSMBr->resp.ByteCount))) {
2213 if (pSMBr->resp.hdr.WordCount == 4)
2214 bcc_ptr += blob_len;
2215
2216 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
2217 if ((long) (bcc_ptr) % 2) {
2218 remaining_words =
2219 (BCC(smb_buffer_response) - 1) /2;
2220 bcc_ptr++; /* Unicode strings must be word aligned */
2221 } else {
2222 remaining_words =
2223 BCC(smb_buffer_response) / 2;
2224 }
2225 len =
2226 UniStrnlen((wchar_t *) bcc_ptr,
2227 remaining_words - 1);
2228/* We look for obvious messed up bcc or strings in response so we do not go off
2229 the end since (at least) WIN2K and Windows XP have a major bug in not null
2230 terminating last Unicode string in response */
Steve Frencha424f8b2006-05-30 18:06:04 +00002231 if(ses->serverOS)
2232 kfree(ses->serverOS);
Pekka Enberge915fc42005-09-06 15:18:35 -07002233 ses->serverOS = kzalloc(2 * (len + 1), GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -07002234 if(ses->serverOS == NULL)
2235 goto sesssetup_nomem;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002236 cifs_strfromUCS_le(ses->serverOS,
Steve Frenche89dc922005-11-11 15:18:19 -08002237 (__le16 *)bcc_ptr, len,nls_codepage);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002238 bcc_ptr += 2 * (len + 1);
2239 remaining_words -= len + 1;
2240 ses->serverOS[2 * len] = 0;
2241 ses->serverOS[1 + (2 * len)] = 0;
2242 if (remaining_words > 0) {
2243 len = UniStrnlen((wchar_t *)bcc_ptr,
2244 remaining_words-1);
Steve Frenchcd49b492006-06-26 04:22:36 +00002245 kfree(ses->serverNOS);
Pekka Enberge915fc42005-09-06 15:18:35 -07002246 ses->serverNOS = kzalloc(2 * (len + 1),GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -07002247 if(ses->serverNOS == NULL)
2248 goto sesssetup_nomem;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002249 cifs_strfromUCS_le(ses->serverNOS,
Steve Frenche89dc922005-11-11 15:18:19 -08002250 (__le16 *)bcc_ptr,len,nls_codepage);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002251 bcc_ptr += 2 * (len + 1);
2252 ses->serverNOS[2 * len] = 0;
2253 ses->serverNOS[1 + (2 * len)] = 0;
2254 if(strncmp(ses->serverNOS,
2255 "NT LAN Manager 4",16) == 0) {
2256 cFYI(1,("NT4 server"));
2257 ses->flags |= CIFS_SES_NT4;
2258 }
2259 remaining_words -= len + 1;
2260 if (remaining_words > 0) {
Steve French433dc242005-04-28 22:41:08 -07002261 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002262 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */
Steve Frencha424f8b2006-05-30 18:06:04 +00002263 if(ses->serverDomain)
2264 kfree(ses->serverDomain);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002265 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002266 kzalloc(2*(len+1),GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -07002267 if(ses->serverDomain == NULL)
2268 goto sesssetup_nomem;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002269 cifs_strfromUCS_le(ses->serverDomain,
Steve Frenche89dc922005-11-11 15:18:19 -08002270 (__le16 *)bcc_ptr,len,nls_codepage);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002271 bcc_ptr += 2 * (len + 1);
2272 ses->serverDomain[2*len] = 0;
2273 ses->serverDomain[1+(2*len)] = 0;
2274 } /* else no more room so create dummy domain string */
Steve Frencha424f8b2006-05-30 18:06:04 +00002275 else {
2276 if(ses->serverDomain)
2277 kfree(ses->serverDomain);
Steve French433dc242005-04-28 22:41:08 -07002278 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002279 kzalloc(2, GFP_KERNEL);
Steve Frencha424f8b2006-05-30 18:06:04 +00002280 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07002281 } else { /* no room so create dummy domain and NOS string */
Steve French433dc242005-04-28 22:41:08 -07002282 /* if these kcallocs fail not much we
2283 can do, but better to not fail the
2284 sesssetup itself */
Steve Frenchcd49b492006-06-26 04:22:36 +00002285 kfree(ses->serverDomain);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002286 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002287 kzalloc(2, GFP_KERNEL);
Steve Frenchcd49b492006-06-26 04:22:36 +00002288 kfree(ses->serverNOS);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002289 ses->serverNOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002290 kzalloc(2, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002291 }
2292 } else { /* ASCII */
2293 len = strnlen(bcc_ptr, 1024);
2294 if (((long) bcc_ptr + len) - (long)
2295 pByteArea(smb_buffer_response)
2296 <= BCC(smb_buffer_response)) {
Steve Frenchcd49b492006-06-26 04:22:36 +00002297 kfree(ses->serverOS);
Pekka Enberge915fc42005-09-06 15:18:35 -07002298 ses->serverOS = kzalloc(len + 1,GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -07002299 if(ses->serverOS == NULL)
2300 goto sesssetup_nomem;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002301 strncpy(ses->serverOS,bcc_ptr, len);
2302
2303 bcc_ptr += len;
2304 bcc_ptr[0] = 0; /* null terminate the string */
2305 bcc_ptr++;
2306
2307 len = strnlen(bcc_ptr, 1024);
Steve Frenchcd49b492006-06-26 04:22:36 +00002308 kfree(ses->serverNOS);
Pekka Enberge915fc42005-09-06 15:18:35 -07002309 ses->serverNOS = kzalloc(len + 1,GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -07002310 if(ses->serverNOS == NULL)
2311 goto sesssetup_nomem;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002312 strncpy(ses->serverNOS, bcc_ptr, len);
2313 bcc_ptr += len;
2314 bcc_ptr[0] = 0;
2315 bcc_ptr++;
2316
2317 len = strnlen(bcc_ptr, 1024);
Steve Frencha424f8b2006-05-30 18:06:04 +00002318 if(ses->serverDomain)
2319 kfree(ses->serverDomain);
Pekka Enberge915fc42005-09-06 15:18:35 -07002320 ses->serverDomain = kzalloc(len + 1,GFP_KERNEL);
Steve French433dc242005-04-28 22:41:08 -07002321 if(ses->serverDomain == NULL)
2322 goto sesssetup_nomem;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002323 strncpy(ses->serverDomain, bcc_ptr, len);
2324 bcc_ptr += len;
2325 bcc_ptr[0] = 0;
2326 bcc_ptr++;
2327 } else
2328 cFYI(1,
2329 ("Variable field of length %d extends beyond end of smb ",
2330 len));
2331 }
2332 } else {
2333 cERROR(1,
2334 (" Security Blob Length extends beyond end of SMB"));
2335 }
2336 } else {
2337 cERROR(1,
2338 (" Invalid Word count %d: ",
2339 smb_buffer_response->WordCount));
2340 rc = -EIO;
2341 }
Steve French433dc242005-04-28 22:41:08 -07002342sesssetup_nomem: /* do not return an error on nomem for the info strings,
2343 since that could make reconnection harder, and
2344 reconnection might be needed to free memory */
Linus Torvalds1da177e2005-04-16 15:20:36 -07002345 if (smb_buffer)
2346 cifs_buf_release(smb_buffer);
2347
2348 return rc;
2349}
2350
2351static int
Linus Torvalds1da177e2005-04-16 15:20:36 -07002352CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
2353 struct cifsSesInfo *ses, int * pNTLMv2_flag,
2354 const struct nls_table *nls_codepage)
2355{
2356 struct smb_hdr *smb_buffer;
2357 struct smb_hdr *smb_buffer_response;
2358 SESSION_SETUP_ANDX *pSMB;
2359 SESSION_SETUP_ANDX *pSMBr;
2360 char *bcc_ptr;
2361 char *domain;
2362 int rc = 0;
2363 int remaining_words = 0;
2364 int bytes_returned = 0;
2365 int len;
2366 int SecurityBlobLength = sizeof (NEGOTIATE_MESSAGE);
2367 PNEGOTIATE_MESSAGE SecurityBlob;
2368 PCHALLENGE_MESSAGE SecurityBlob2;
2369 __u32 negotiate_flags, capabilities;
2370 __u16 count;
2371
Steve French12b3b8f2006-02-09 21:12:47 +00002372 cFYI(1, ("In NTLMSSP sesssetup (negotiate)"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07002373 if(ses == NULL)
2374 return -EINVAL;
2375 domain = ses->domainName;
2376 *pNTLMv2_flag = FALSE;
2377 smb_buffer = cifs_buf_get();
2378 if (smb_buffer == NULL) {
2379 return -ENOMEM;
2380 }
2381 smb_buffer_response = smb_buffer;
2382 pSMB = (SESSION_SETUP_ANDX *) smb_buffer;
2383 pSMBr = (SESSION_SETUP_ANDX *) smb_buffer_response;
2384
2385 /* send SMBsessionSetup here */
2386 header_assemble(smb_buffer, SMB_COM_SESSION_SETUP_ANDX,
2387 NULL /* no tCon exists yet */ , 12 /* wct */ );
Steve French1982c342005-08-17 12:38:22 -07002388
2389 smb_buffer->Mid = GetNextMid(ses->server);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002390 pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
2391 pSMB->req.hdr.Flags |= (SMBFLG_CASELESS | SMBFLG_CANONICAL_PATH_FORMAT);
2392
2393 pSMB->req.AndXCommand = 0xFF;
2394 pSMB->req.MaxBufferSize = cpu_to_le16(ses->server->maxBuf);
2395 pSMB->req.MaxMpxCount = cpu_to_le16(ses->server->maxReq);
2396
2397 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
2398 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
2399
2400 capabilities = CAP_LARGE_FILES | CAP_NT_SMBS | CAP_LEVEL_II_OPLOCKS |
2401 CAP_EXTENDED_SECURITY;
2402 if (ses->capabilities & CAP_UNICODE) {
2403 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
2404 capabilities |= CAP_UNICODE;
2405 }
2406 if (ses->capabilities & CAP_STATUS32) {
2407 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
2408 capabilities |= CAP_STATUS32;
2409 }
2410 if (ses->capabilities & CAP_DFS) {
2411 smb_buffer->Flags2 |= SMBFLG2_DFS;
2412 capabilities |= CAP_DFS;
2413 }
2414 pSMB->req.Capabilities = cpu_to_le32(capabilities);
2415
2416 bcc_ptr = (char *) &pSMB->req.SecurityBlob;
2417 SecurityBlob = (PNEGOTIATE_MESSAGE) bcc_ptr;
2418 strncpy(SecurityBlob->Signature, NTLMSSP_SIGNATURE, 8);
2419 SecurityBlob->MessageType = NtLmNegotiate;
2420 negotiate_flags =
2421 NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_OEM |
Steve French12b3b8f2006-02-09 21:12:47 +00002422 NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_NTLM |
2423 NTLMSSP_NEGOTIATE_56 |
Linus Torvalds1da177e2005-04-16 15:20:36 -07002424 /* NTLMSSP_NEGOTIATE_ALWAYS_SIGN | */ NTLMSSP_NEGOTIATE_128;
2425 if(sign_CIFS_PDUs)
2426 negotiate_flags |= NTLMSSP_NEGOTIATE_SIGN;
Steve French39798772006-05-31 22:40:51 +00002427/* if(ntlmv2_support)
2428 negotiate_flags |= NTLMSSP_NEGOTIATE_NTLMV2;*/
Linus Torvalds1da177e2005-04-16 15:20:36 -07002429 /* setup pointers to domain name and workstation name */
2430 bcc_ptr += SecurityBlobLength;
2431
2432 SecurityBlob->WorkstationName.Buffer = 0;
2433 SecurityBlob->WorkstationName.Length = 0;
2434 SecurityBlob->WorkstationName.MaximumLength = 0;
2435
Steve French12b3b8f2006-02-09 21:12:47 +00002436 /* Domain not sent on first Sesssetup in NTLMSSP, instead it is sent
2437 along with username on auth request (ie the response to challenge) */
2438 SecurityBlob->DomainName.Buffer = 0;
2439 SecurityBlob->DomainName.Length = 0;
2440 SecurityBlob->DomainName.MaximumLength = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002441 if (ses->capabilities & CAP_UNICODE) {
2442 if ((long) bcc_ptr % 2) {
2443 *bcc_ptr = 0;
2444 bcc_ptr++;
2445 }
2446
2447 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002448 cifs_strtoUCS((__le16 *) bcc_ptr, "Linux version ",
Linus Torvalds1da177e2005-04-16 15:20:36 -07002449 32, nls_codepage);
2450 bcc_ptr += 2 * bytes_returned;
2451 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002452 cifs_strtoUCS((__le16 *) bcc_ptr, system_utsname.release, 32,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002453 nls_codepage);
2454 bcc_ptr += 2 * bytes_returned;
2455 bcc_ptr += 2; /* null terminate Linux version */
2456 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002457 cifs_strtoUCS((__le16 *) bcc_ptr, CIFS_NETWORK_OPSYS,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002458 64, nls_codepage);
2459 bcc_ptr += 2 * bytes_returned;
2460 *(bcc_ptr + 1) = 0;
2461 *(bcc_ptr + 2) = 0;
2462 bcc_ptr += 2; /* null terminate network opsys string */
2463 *(bcc_ptr + 1) = 0;
2464 *(bcc_ptr + 2) = 0;
2465 bcc_ptr += 2; /* null domain */
2466 } else { /* ASCII */
2467 strcpy(bcc_ptr, "Linux version ");
2468 bcc_ptr += strlen("Linux version ");
2469 strcpy(bcc_ptr, system_utsname.release);
2470 bcc_ptr += strlen(system_utsname.release) + 1;
2471 strcpy(bcc_ptr, CIFS_NETWORK_OPSYS);
2472 bcc_ptr += strlen(CIFS_NETWORK_OPSYS) + 1;
2473 bcc_ptr++; /* empty domain field */
2474 *bcc_ptr = 0;
2475 }
2476 SecurityBlob->NegotiateFlags = cpu_to_le32(negotiate_flags);
2477 pSMB->req.SecurityBlobLength = cpu_to_le16(SecurityBlobLength);
2478 count = (long) bcc_ptr - (long) pByteArea(smb_buffer);
2479 smb_buffer->smb_buf_length += count;
2480 pSMB->req.ByteCount = cpu_to_le16(count);
2481
2482 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response,
2483 &bytes_returned, 1);
2484
2485 if (smb_buffer_response->Status.CifsError ==
2486 cpu_to_le32(NT_STATUS_MORE_PROCESSING_REQUIRED))
2487 rc = 0;
2488
2489 if (rc) {
2490/* rc = map_smb_to_linux_error(smb_buffer_response); *//* done in SendReceive now */
2491 } else if ((smb_buffer_response->WordCount == 3)
2492 || (smb_buffer_response->WordCount == 4)) {
2493 __u16 action = le16_to_cpu(pSMBr->resp.Action);
2494 __u16 blob_len = le16_to_cpu(pSMBr->resp.SecurityBlobLength);
2495
2496 if (action & GUEST_LOGIN)
2497 cFYI(1, (" Guest login"));
2498 /* Do we want to set anything in SesInfo struct when guest login? */
2499
2500 bcc_ptr = pByteArea(smb_buffer_response);
2501 /* response can have either 3 or 4 word count - Samba sends 3 */
2502
2503 SecurityBlob2 = (PCHALLENGE_MESSAGE) bcc_ptr;
2504 if (SecurityBlob2->MessageType != NtLmChallenge) {
2505 cFYI(1,
2506 ("Unexpected NTLMSSP message type received %d",
2507 SecurityBlob2->MessageType));
2508 } else if (ses) {
2509 ses->Suid = smb_buffer_response->Uid; /* UID left in le format */
Steve French12b3b8f2006-02-09 21:12:47 +00002510 cFYI(1, ("UID = %d", ses->Suid));
Linus Torvalds1da177e2005-04-16 15:20:36 -07002511 if ((pSMBr->resp.hdr.WordCount == 3)
2512 || ((pSMBr->resp.hdr.WordCount == 4)
2513 && (blob_len <
2514 pSMBr->resp.ByteCount))) {
2515
2516 if (pSMBr->resp.hdr.WordCount == 4) {
2517 bcc_ptr += blob_len;
Steve French12b3b8f2006-02-09 21:12:47 +00002518 cFYI(1, ("Security Blob Length %d",
Linus Torvalds1da177e2005-04-16 15:20:36 -07002519 blob_len));
2520 }
2521
Steve French12b3b8f2006-02-09 21:12:47 +00002522 cFYI(1, ("NTLMSSP Challenge rcvd"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07002523
2524 memcpy(ses->server->cryptKey,
2525 SecurityBlob2->Challenge,
2526 CIFS_CRYPTO_KEY_SIZE);
Steve French12b3b8f2006-02-09 21:12:47 +00002527 if(SecurityBlob2->NegotiateFlags &
2528 cpu_to_le32(NTLMSSP_NEGOTIATE_NTLMV2))
Linus Torvalds1da177e2005-04-16 15:20:36 -07002529 *pNTLMv2_flag = TRUE;
2530
2531 if((SecurityBlob2->NegotiateFlags &
2532 cpu_to_le32(NTLMSSP_NEGOTIATE_ALWAYS_SIGN))
2533 || (sign_CIFS_PDUs > 1))
2534 ses->server->secMode |=
2535 SECMODE_SIGN_REQUIRED;
2536 if ((SecurityBlob2->NegotiateFlags &
2537 cpu_to_le32(NTLMSSP_NEGOTIATE_SIGN)) && (sign_CIFS_PDUs))
2538 ses->server->secMode |=
2539 SECMODE_SIGN_ENABLED;
2540
2541 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
2542 if ((long) (bcc_ptr) % 2) {
2543 remaining_words =
2544 (BCC(smb_buffer_response)
2545 - 1) / 2;
2546 bcc_ptr++; /* Unicode strings must be word aligned */
2547 } else {
2548 remaining_words =
2549 BCC
2550 (smb_buffer_response) / 2;
2551 }
2552 len =
2553 UniStrnlen((wchar_t *) bcc_ptr,
2554 remaining_words - 1);
2555/* We look for obvious messed up bcc or strings in response so we do not go off
2556 the end since (at least) WIN2K and Windows XP have a major bug in not null
2557 terminating last Unicode string in response */
Steve Frencha424f8b2006-05-30 18:06:04 +00002558 if(ses->serverOS)
2559 kfree(ses->serverOS);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002560 ses->serverOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002561 kzalloc(2 * (len + 1), GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002562 cifs_strfromUCS_le(ses->serverOS,
Steve Frenche89dc922005-11-11 15:18:19 -08002563 (__le16 *)
Linus Torvalds1da177e2005-04-16 15:20:36 -07002564 bcc_ptr, len,
2565 nls_codepage);
2566 bcc_ptr += 2 * (len + 1);
2567 remaining_words -= len + 1;
2568 ses->serverOS[2 * len] = 0;
2569 ses->serverOS[1 + (2 * len)] = 0;
2570 if (remaining_words > 0) {
2571 len = UniStrnlen((wchar_t *)
2572 bcc_ptr,
2573 remaining_words
2574 - 1);
Steve Frenchcd49b492006-06-26 04:22:36 +00002575 kfree(ses->serverNOS);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002576 ses->serverNOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002577 kzalloc(2 * (len + 1),
Linus Torvalds1da177e2005-04-16 15:20:36 -07002578 GFP_KERNEL);
2579 cifs_strfromUCS_le(ses->
2580 serverNOS,
Steve Frenche89dc922005-11-11 15:18:19 -08002581 (__le16 *)
Linus Torvalds1da177e2005-04-16 15:20:36 -07002582 bcc_ptr,
2583 len,
2584 nls_codepage);
2585 bcc_ptr += 2 * (len + 1);
2586 ses->serverNOS[2 * len] = 0;
2587 ses->serverNOS[1 +
2588 (2 * len)] = 0;
2589 remaining_words -= len + 1;
2590 if (remaining_words > 0) {
2591 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
2592 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */
Steve Frenchcd49b492006-06-26 04:22:36 +00002593 kfree(ses->serverDomain);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002594 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002595 kzalloc(2 *
Linus Torvalds1da177e2005-04-16 15:20:36 -07002596 (len +
2597 1),
2598 GFP_KERNEL);
2599 cifs_strfromUCS_le
Steve Frenche89dc922005-11-11 15:18:19 -08002600 (ses->serverDomain,
2601 (__le16 *)bcc_ptr,
2602 len, nls_codepage);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002603 bcc_ptr +=
2604 2 * (len + 1);
Steve Frenche89dc922005-11-11 15:18:19 -08002605 ses->serverDomain[2*len]
Linus Torvalds1da177e2005-04-16 15:20:36 -07002606 = 0;
Steve Frenche89dc922005-11-11 15:18:19 -08002607 ses->serverDomain
2608 [1 + (2 * len)]
Linus Torvalds1da177e2005-04-16 15:20:36 -07002609 = 0;
2610 } /* else no more room so create dummy domain string */
Steve Frencha424f8b2006-05-30 18:06:04 +00002611 else {
Steve Frenchcd49b492006-06-26 04:22:36 +00002612 kfree(ses->serverDomain);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002613 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002614 kzalloc(2,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002615 GFP_KERNEL);
Steve Frencha424f8b2006-05-30 18:06:04 +00002616 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07002617 } else { /* no room so create dummy domain and NOS string */
Steve Frenchcd49b492006-06-26 04:22:36 +00002618 kfree(ses->serverDomain);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002619 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002620 kzalloc(2, GFP_KERNEL);
Steve Frenchcd49b492006-06-26 04:22:36 +00002621 kfree(ses->serverNOS);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002622 ses->serverNOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002623 kzalloc(2, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002624 }
2625 } else { /* ASCII */
2626 len = strnlen(bcc_ptr, 1024);
2627 if (((long) bcc_ptr + len) - (long)
2628 pByteArea(smb_buffer_response)
2629 <= BCC(smb_buffer_response)) {
Steve Frencha424f8b2006-05-30 18:06:04 +00002630 if(ses->serverOS)
2631 kfree(ses->serverOS);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002632 ses->serverOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002633 kzalloc(len + 1,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002634 GFP_KERNEL);
2635 strncpy(ses->serverOS,
2636 bcc_ptr, len);
2637
2638 bcc_ptr += len;
2639 bcc_ptr[0] = 0; /* null terminate string */
2640 bcc_ptr++;
2641
2642 len = strnlen(bcc_ptr, 1024);
Steve Frenchcd49b492006-06-26 04:22:36 +00002643 kfree(ses->serverNOS);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002644 ses->serverNOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002645 kzalloc(len + 1,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002646 GFP_KERNEL);
2647 strncpy(ses->serverNOS, bcc_ptr, len);
2648 bcc_ptr += len;
2649 bcc_ptr[0] = 0;
2650 bcc_ptr++;
2651
2652 len = strnlen(bcc_ptr, 1024);
Steve Frenchcd49b492006-06-26 04:22:36 +00002653 kfree(ses->serverDomain);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002654 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002655 kzalloc(len + 1,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002656 GFP_KERNEL);
2657 strncpy(ses->serverDomain, bcc_ptr, len);
2658 bcc_ptr += len;
2659 bcc_ptr[0] = 0;
2660 bcc_ptr++;
2661 } else
2662 cFYI(1,
Steve French12b3b8f2006-02-09 21:12:47 +00002663 ("Variable field of length %d extends beyond end of smb",
Linus Torvalds1da177e2005-04-16 15:20:36 -07002664 len));
2665 }
2666 } else {
2667 cERROR(1,
2668 (" Security Blob Length extends beyond end of SMB"));
2669 }
2670 } else {
2671 cERROR(1, ("No session structure passed in."));
2672 }
2673 } else {
2674 cERROR(1,
Steve French5815449d2006-02-14 01:36:20 +00002675 (" Invalid Word count %d:",
Linus Torvalds1da177e2005-04-16 15:20:36 -07002676 smb_buffer_response->WordCount));
2677 rc = -EIO;
2678 }
2679
2680 if (smb_buffer)
2681 cifs_buf_release(smb_buffer);
2682
2683 return rc;
2684}
2685static int
2686CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2687 char *ntlm_session_key, int ntlmv2_flag,
2688 const struct nls_table *nls_codepage)
2689{
2690 struct smb_hdr *smb_buffer;
2691 struct smb_hdr *smb_buffer_response;
2692 SESSION_SETUP_ANDX *pSMB;
2693 SESSION_SETUP_ANDX *pSMBr;
2694 char *bcc_ptr;
2695 char *user;
2696 char *domain;
2697 int rc = 0;
2698 int remaining_words = 0;
2699 int bytes_returned = 0;
2700 int len;
2701 int SecurityBlobLength = sizeof (AUTHENTICATE_MESSAGE);
2702 PAUTHENTICATE_MESSAGE SecurityBlob;
2703 __u32 negotiate_flags, capabilities;
2704 __u16 count;
2705
2706 cFYI(1, ("In NTLMSSPSessSetup (Authenticate)"));
2707 if(ses == NULL)
2708 return -EINVAL;
2709 user = ses->userName;
2710 domain = ses->domainName;
2711 smb_buffer = cifs_buf_get();
2712 if (smb_buffer == NULL) {
2713 return -ENOMEM;
2714 }
2715 smb_buffer_response = smb_buffer;
2716 pSMB = (SESSION_SETUP_ANDX *) smb_buffer;
2717 pSMBr = (SESSION_SETUP_ANDX *) smb_buffer_response;
2718
2719 /* send SMBsessionSetup here */
2720 header_assemble(smb_buffer, SMB_COM_SESSION_SETUP_ANDX,
2721 NULL /* no tCon exists yet */ , 12 /* wct */ );
Steve French1982c342005-08-17 12:38:22 -07002722
2723 smb_buffer->Mid = GetNextMid(ses->server);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002724 pSMB->req.hdr.Flags |= (SMBFLG_CASELESS | SMBFLG_CANONICAL_PATH_FORMAT);
2725 pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
2726 pSMB->req.AndXCommand = 0xFF;
2727 pSMB->req.MaxBufferSize = cpu_to_le16(ses->server->maxBuf);
2728 pSMB->req.MaxMpxCount = cpu_to_le16(ses->server->maxReq);
2729
2730 pSMB->req.hdr.Uid = ses->Suid;
2731
2732 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
2733 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
2734
2735 capabilities = CAP_LARGE_FILES | CAP_NT_SMBS | CAP_LEVEL_II_OPLOCKS |
2736 CAP_EXTENDED_SECURITY;
2737 if (ses->capabilities & CAP_UNICODE) {
2738 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
2739 capabilities |= CAP_UNICODE;
2740 }
2741 if (ses->capabilities & CAP_STATUS32) {
2742 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
2743 capabilities |= CAP_STATUS32;
2744 }
2745 if (ses->capabilities & CAP_DFS) {
2746 smb_buffer->Flags2 |= SMBFLG2_DFS;
2747 capabilities |= CAP_DFS;
2748 }
2749 pSMB->req.Capabilities = cpu_to_le32(capabilities);
2750
2751 bcc_ptr = (char *) &pSMB->req.SecurityBlob;
2752 SecurityBlob = (PAUTHENTICATE_MESSAGE) bcc_ptr;
2753 strncpy(SecurityBlob->Signature, NTLMSSP_SIGNATURE, 8);
2754 SecurityBlob->MessageType = NtLmAuthenticate;
2755 bcc_ptr += SecurityBlobLength;
2756 negotiate_flags =
2757 NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_REQUEST_TARGET |
2758 NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_TARGET_INFO |
2759 0x80000000 | NTLMSSP_NEGOTIATE_128;
2760 if(sign_CIFS_PDUs)
2761 negotiate_flags |= /* NTLMSSP_NEGOTIATE_ALWAYS_SIGN |*/ NTLMSSP_NEGOTIATE_SIGN;
2762 if(ntlmv2_flag)
2763 negotiate_flags |= NTLMSSP_NEGOTIATE_NTLMV2;
2764
2765/* setup pointers to domain name and workstation name */
2766
2767 SecurityBlob->WorkstationName.Buffer = 0;
2768 SecurityBlob->WorkstationName.Length = 0;
2769 SecurityBlob->WorkstationName.MaximumLength = 0;
2770 SecurityBlob->SessionKey.Length = 0;
2771 SecurityBlob->SessionKey.MaximumLength = 0;
2772 SecurityBlob->SessionKey.Buffer = 0;
2773
2774 SecurityBlob->LmChallengeResponse.Length = 0;
2775 SecurityBlob->LmChallengeResponse.MaximumLength = 0;
2776 SecurityBlob->LmChallengeResponse.Buffer = 0;
2777
2778 SecurityBlob->NtChallengeResponse.Length =
Steve French7c7b25b2006-06-01 19:20:10 +00002779 cpu_to_le16(CIFS_SESS_KEY_SIZE);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002780 SecurityBlob->NtChallengeResponse.MaximumLength =
Steve French7c7b25b2006-06-01 19:20:10 +00002781 cpu_to_le16(CIFS_SESS_KEY_SIZE);
2782 memcpy(bcc_ptr, ntlm_session_key, CIFS_SESS_KEY_SIZE);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002783 SecurityBlob->NtChallengeResponse.Buffer =
2784 cpu_to_le32(SecurityBlobLength);
Steve French7c7b25b2006-06-01 19:20:10 +00002785 SecurityBlobLength += CIFS_SESS_KEY_SIZE;
2786 bcc_ptr += CIFS_SESS_KEY_SIZE;
Linus Torvalds1da177e2005-04-16 15:20:36 -07002787
2788 if (ses->capabilities & CAP_UNICODE) {
2789 if (domain == NULL) {
2790 SecurityBlob->DomainName.Buffer = 0;
2791 SecurityBlob->DomainName.Length = 0;
2792 SecurityBlob->DomainName.MaximumLength = 0;
2793 } else {
2794 __u16 len =
Steve Frenche89dc922005-11-11 15:18:19 -08002795 cifs_strtoUCS((__le16 *) bcc_ptr, domain, 64,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002796 nls_codepage);
2797 len *= 2;
2798 SecurityBlob->DomainName.MaximumLength =
2799 cpu_to_le16(len);
2800 SecurityBlob->DomainName.Buffer =
2801 cpu_to_le32(SecurityBlobLength);
2802 bcc_ptr += len;
2803 SecurityBlobLength += len;
2804 SecurityBlob->DomainName.Length =
2805 cpu_to_le16(len);
2806 }
2807 if (user == NULL) {
2808 SecurityBlob->UserName.Buffer = 0;
2809 SecurityBlob->UserName.Length = 0;
2810 SecurityBlob->UserName.MaximumLength = 0;
2811 } else {
2812 __u16 len =
Steve Frenche89dc922005-11-11 15:18:19 -08002813 cifs_strtoUCS((__le16 *) bcc_ptr, user, 64,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002814 nls_codepage);
2815 len *= 2;
2816 SecurityBlob->UserName.MaximumLength =
2817 cpu_to_le16(len);
2818 SecurityBlob->UserName.Buffer =
2819 cpu_to_le32(SecurityBlobLength);
2820 bcc_ptr += len;
2821 SecurityBlobLength += len;
2822 SecurityBlob->UserName.Length =
2823 cpu_to_le16(len);
2824 }
2825
Steve Frenche89dc922005-11-11 15:18:19 -08002826 /* SecurityBlob->WorkstationName.Length = cifs_strtoUCS((__le16 *) bcc_ptr, "AMACHINE",64, nls_codepage);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002827 SecurityBlob->WorkstationName.Length *= 2;
2828 SecurityBlob->WorkstationName.MaximumLength = cpu_to_le16(SecurityBlob->WorkstationName.Length);
2829 SecurityBlob->WorkstationName.Buffer = cpu_to_le32(SecurityBlobLength);
2830 bcc_ptr += SecurityBlob->WorkstationName.Length;
2831 SecurityBlobLength += SecurityBlob->WorkstationName.Length;
2832 SecurityBlob->WorkstationName.Length = cpu_to_le16(SecurityBlob->WorkstationName.Length); */
2833
2834 if ((long) bcc_ptr % 2) {
2835 *bcc_ptr = 0;
2836 bcc_ptr++;
2837 }
2838 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002839 cifs_strtoUCS((__le16 *) bcc_ptr, "Linux version ",
Linus Torvalds1da177e2005-04-16 15:20:36 -07002840 32, nls_codepage);
2841 bcc_ptr += 2 * bytes_returned;
2842 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002843 cifs_strtoUCS((__le16 *) bcc_ptr, system_utsname.release, 32,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002844 nls_codepage);
2845 bcc_ptr += 2 * bytes_returned;
2846 bcc_ptr += 2; /* null term version string */
2847 bytes_returned =
Steve Frenche89dc922005-11-11 15:18:19 -08002848 cifs_strtoUCS((__le16 *) bcc_ptr, CIFS_NETWORK_OPSYS,
Linus Torvalds1da177e2005-04-16 15:20:36 -07002849 64, nls_codepage);
2850 bcc_ptr += 2 * bytes_returned;
2851 *(bcc_ptr + 1) = 0;
2852 *(bcc_ptr + 2) = 0;
2853 bcc_ptr += 2; /* null terminate network opsys string */
2854 *(bcc_ptr + 1) = 0;
2855 *(bcc_ptr + 2) = 0;
2856 bcc_ptr += 2; /* null domain */
2857 } else { /* ASCII */
2858 if (domain == NULL) {
2859 SecurityBlob->DomainName.Buffer = 0;
2860 SecurityBlob->DomainName.Length = 0;
2861 SecurityBlob->DomainName.MaximumLength = 0;
2862 } else {
2863 __u16 len;
2864 negotiate_flags |= NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED;
2865 strncpy(bcc_ptr, domain, 63);
2866 len = strnlen(domain, 64);
2867 SecurityBlob->DomainName.MaximumLength =
2868 cpu_to_le16(len);
2869 SecurityBlob->DomainName.Buffer =
2870 cpu_to_le32(SecurityBlobLength);
2871 bcc_ptr += len;
2872 SecurityBlobLength += len;
2873 SecurityBlob->DomainName.Length = cpu_to_le16(len);
2874 }
2875 if (user == NULL) {
2876 SecurityBlob->UserName.Buffer = 0;
2877 SecurityBlob->UserName.Length = 0;
2878 SecurityBlob->UserName.MaximumLength = 0;
2879 } else {
2880 __u16 len;
2881 strncpy(bcc_ptr, user, 63);
2882 len = strnlen(user, 64);
2883 SecurityBlob->UserName.MaximumLength =
2884 cpu_to_le16(len);
2885 SecurityBlob->UserName.Buffer =
2886 cpu_to_le32(SecurityBlobLength);
2887 bcc_ptr += len;
2888 SecurityBlobLength += len;
2889 SecurityBlob->UserName.Length = cpu_to_le16(len);
2890 }
2891 /* BB fill in our workstation name if known BB */
2892
2893 strcpy(bcc_ptr, "Linux version ");
2894 bcc_ptr += strlen("Linux version ");
2895 strcpy(bcc_ptr, system_utsname.release);
2896 bcc_ptr += strlen(system_utsname.release) + 1;
2897 strcpy(bcc_ptr, CIFS_NETWORK_OPSYS);
2898 bcc_ptr += strlen(CIFS_NETWORK_OPSYS) + 1;
2899 bcc_ptr++; /* null domain */
2900 *bcc_ptr = 0;
2901 }
2902 SecurityBlob->NegotiateFlags = cpu_to_le32(negotiate_flags);
2903 pSMB->req.SecurityBlobLength = cpu_to_le16(SecurityBlobLength);
2904 count = (long) bcc_ptr - (long) pByteArea(smb_buffer);
2905 smb_buffer->smb_buf_length += count;
2906 pSMB->req.ByteCount = cpu_to_le16(count);
2907
2908 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response,
2909 &bytes_returned, 1);
2910 if (rc) {
2911/* rc = map_smb_to_linux_error(smb_buffer_response); *//* done in SendReceive now */
2912 } else if ((smb_buffer_response->WordCount == 3)
2913 || (smb_buffer_response->WordCount == 4)) {
2914 __u16 action = le16_to_cpu(pSMBr->resp.Action);
2915 __u16 blob_len =
2916 le16_to_cpu(pSMBr->resp.SecurityBlobLength);
2917 if (action & GUEST_LOGIN)
2918 cFYI(1, (" Guest login")); /* BB do we want to set anything in SesInfo struct ? */
2919/* if(SecurityBlob2->MessageType != NtLm??){
2920 cFYI("Unexpected message type on auth response is %d "));
2921 } */
2922 if (ses) {
2923 cFYI(1,
2924 ("Does UID on challenge %d match auth response UID %d ",
2925 ses->Suid, smb_buffer_response->Uid));
2926 ses->Suid = smb_buffer_response->Uid; /* UID left in wire format */
2927 bcc_ptr = pByteArea(smb_buffer_response);
2928 /* response can have either 3 or 4 word count - Samba sends 3 */
2929 if ((pSMBr->resp.hdr.WordCount == 3)
2930 || ((pSMBr->resp.hdr.WordCount == 4)
2931 && (blob_len <
2932 pSMBr->resp.ByteCount))) {
2933 if (pSMBr->resp.hdr.WordCount == 4) {
2934 bcc_ptr +=
2935 blob_len;
2936 cFYI(1,
2937 ("Security Blob Length %d ",
2938 blob_len));
2939 }
2940
2941 cFYI(1,
2942 ("NTLMSSP response to Authenticate "));
2943
2944 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
2945 if ((long) (bcc_ptr) % 2) {
2946 remaining_words =
2947 (BCC(smb_buffer_response)
2948 - 1) / 2;
2949 bcc_ptr++; /* Unicode strings must be word aligned */
2950 } else {
2951 remaining_words = BCC(smb_buffer_response) / 2;
2952 }
2953 len =
2954 UniStrnlen((wchar_t *) bcc_ptr,remaining_words - 1);
2955/* We look for obvious messed up bcc or strings in response so we do not go off
2956 the end since (at least) WIN2K and Windows XP have a major bug in not null
2957 terminating last Unicode string in response */
Steve Frencha424f8b2006-05-30 18:06:04 +00002958 if(ses->serverOS)
Steve French08775832006-05-30 18:08:26 +00002959 kfree(ses->serverOS);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002960 ses->serverOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002961 kzalloc(2 * (len + 1), GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002962 cifs_strfromUCS_le(ses->serverOS,
Steve Frenche89dc922005-11-11 15:18:19 -08002963 (__le16 *)
Linus Torvalds1da177e2005-04-16 15:20:36 -07002964 bcc_ptr, len,
2965 nls_codepage);
2966 bcc_ptr += 2 * (len + 1);
2967 remaining_words -= len + 1;
2968 ses->serverOS[2 * len] = 0;
2969 ses->serverOS[1 + (2 * len)] = 0;
2970 if (remaining_words > 0) {
2971 len = UniStrnlen((wchar_t *)
2972 bcc_ptr,
2973 remaining_words
2974 - 1);
Steve Frenchcd49b492006-06-26 04:22:36 +00002975 kfree(ses->serverNOS);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002976 ses->serverNOS =
Pekka Enberge915fc42005-09-06 15:18:35 -07002977 kzalloc(2 * (len + 1),
Linus Torvalds1da177e2005-04-16 15:20:36 -07002978 GFP_KERNEL);
2979 cifs_strfromUCS_le(ses->
2980 serverNOS,
Steve Frenche89dc922005-11-11 15:18:19 -08002981 (__le16 *)
Linus Torvalds1da177e2005-04-16 15:20:36 -07002982 bcc_ptr,
2983 len,
2984 nls_codepage);
2985 bcc_ptr += 2 * (len + 1);
2986 ses->serverNOS[2 * len] = 0;
2987 ses->serverNOS[1+(2*len)] = 0;
2988 remaining_words -= len + 1;
2989 if (remaining_words > 0) {
2990 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
2991 /* last string not always null terminated (e.g. for Windows XP & 2000) */
Steve Frencha424f8b2006-05-30 18:06:04 +00002992 if(ses->serverDomain)
2993 kfree(ses->serverDomain);
Linus Torvalds1da177e2005-04-16 15:20:36 -07002994 ses->serverDomain =
Pekka Enberge915fc42005-09-06 15:18:35 -07002995 kzalloc(2 *
Linus Torvalds1da177e2005-04-16 15:20:36 -07002996 (len +
2997 1),
2998 GFP_KERNEL);
2999 cifs_strfromUCS_le
3000 (ses->
3001 serverDomain,
Steve Frenche89dc922005-11-11 15:18:19 -08003002 (__le16 *)
Linus Torvalds1da177e2005-04-16 15:20:36 -07003003 bcc_ptr, len,
3004 nls_codepage);
3005 bcc_ptr +=
3006 2 * (len + 1);
3007 ses->
3008 serverDomain[2
3009 * len]
3010 = 0;
3011 ses->
3012 serverDomain[1
3013 +
3014 (2
3015 *
3016 len)]
3017 = 0;
3018 } /* else no more room so create dummy domain string */
Steve Frencha424f8b2006-05-30 18:06:04 +00003019 else {
3020 if(ses->serverDomain)
3021 kfree(ses->serverDomain);
Pekka Enberge915fc42005-09-06 15:18:35 -07003022 ses->serverDomain = kzalloc(2,GFP_KERNEL);
Steve Frencha424f8b2006-05-30 18:06:04 +00003023 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07003024 } else { /* no room so create dummy domain and NOS string */
Steve Frencha424f8b2006-05-30 18:06:04 +00003025 if(ses->serverDomain)
3026 kfree(ses->serverDomain);
Pekka Enberge915fc42005-09-06 15:18:35 -07003027 ses->serverDomain = kzalloc(2, GFP_KERNEL);
Steve Frenchcd49b492006-06-26 04:22:36 +00003028 kfree(ses->serverNOS);
Pekka Enberge915fc42005-09-06 15:18:35 -07003029 ses->serverNOS = kzalloc(2, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003030 }
3031 } else { /* ASCII */
3032 len = strnlen(bcc_ptr, 1024);
3033 if (((long) bcc_ptr + len) -
3034 (long) pByteArea(smb_buffer_response)
3035 <= BCC(smb_buffer_response)) {
Steve Frencha424f8b2006-05-30 18:06:04 +00003036 if(ses->serverOS)
3037 kfree(ses->serverOS);
Pekka Enberge915fc42005-09-06 15:18:35 -07003038 ses->serverOS = kzalloc(len + 1,GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003039 strncpy(ses->serverOS,bcc_ptr, len);
3040
3041 bcc_ptr += len;
3042 bcc_ptr[0] = 0; /* null terminate the string */
3043 bcc_ptr++;
3044
3045 len = strnlen(bcc_ptr, 1024);
Steve Frenchcd49b492006-06-26 04:22:36 +00003046 kfree(ses->serverNOS);
Pekka Enberge915fc42005-09-06 15:18:35 -07003047 ses->serverNOS = kzalloc(len+1,GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003048 strncpy(ses->serverNOS, bcc_ptr, len);
3049 bcc_ptr += len;
3050 bcc_ptr[0] = 0;
3051 bcc_ptr++;
3052
3053 len = strnlen(bcc_ptr, 1024);
Steve Frencha424f8b2006-05-30 18:06:04 +00003054 if(ses->serverDomain)
3055 kfree(ses->serverDomain);
Pekka Enberge915fc42005-09-06 15:18:35 -07003056 ses->serverDomain = kzalloc(len+1,GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003057 strncpy(ses->serverDomain, bcc_ptr, len);
3058 bcc_ptr += len;
3059 bcc_ptr[0] = 0;
3060 bcc_ptr++;
3061 } else
3062 cFYI(1,
3063 ("Variable field of length %d extends beyond end of smb ",
3064 len));
3065 }
3066 } else {
3067 cERROR(1,
3068 (" Security Blob Length extends beyond end of SMB"));
3069 }
3070 } else {
3071 cERROR(1, ("No session structure passed in."));
3072 }
3073 } else {
3074 cERROR(1,
3075 (" Invalid Word count %d: ",
3076 smb_buffer_response->WordCount));
3077 rc = -EIO;
3078 }
3079
3080 if (smb_buffer)
3081 cifs_buf_release(smb_buffer);
3082
3083 return rc;
3084}
3085
3086int
3087CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
3088 const char *tree, struct cifsTconInfo *tcon,
3089 const struct nls_table *nls_codepage)
3090{
3091 struct smb_hdr *smb_buffer;
3092 struct smb_hdr *smb_buffer_response;
3093 TCONX_REQ *pSMB;
3094 TCONX_RSP *pSMBr;
3095 unsigned char *bcc_ptr;
3096 int rc = 0;
3097 int length;
3098 __u16 count;
3099
3100 if (ses == NULL)
3101 return -EIO;
3102
3103 smb_buffer = cifs_buf_get();
3104 if (smb_buffer == NULL) {
3105 return -ENOMEM;
3106 }
3107 smb_buffer_response = smb_buffer;
3108
3109 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3110 NULL /*no tid */ , 4 /*wct */ );
Steve French1982c342005-08-17 12:38:22 -07003111
3112 smb_buffer->Mid = GetNextMid(ses->server);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003113 smb_buffer->Uid = ses->Suid;
3114 pSMB = (TCONX_REQ *) smb_buffer;
3115 pSMBr = (TCONX_RSP *) smb_buffer_response;
3116
3117 pSMB->AndXCommand = 0xFF;
3118 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003119 bcc_ptr = &pSMB->Password[0];
Steve Frencheeac8042006-01-13 21:34:58 -08003120 if((ses->server->secMode) & SECMODE_USER) {
3121 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
Steve French7c7b25b2006-06-01 19:20:10 +00003122 *bcc_ptr = 0; /* password is null byte */
Steve Frencheeac8042006-01-13 21:34:58 -08003123 bcc_ptr++; /* skip password */
Steve French7c7b25b2006-06-01 19:20:10 +00003124 /* already aligned so no need to do it below */
Steve Frencheeac8042006-01-13 21:34:58 -08003125 } else {
Steve French7c7b25b2006-06-01 19:20:10 +00003126 pSMB->PasswordLength = cpu_to_le16(CIFS_SESS_KEY_SIZE);
Steve Frencheeac8042006-01-13 21:34:58 -08003127 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3128 specified as required (when that support is added to
3129 the vfs in the future) as only NTLM or the much
Steve French7c7b25b2006-06-01 19:20:10 +00003130 weaker LANMAN (which we do not send by default) is accepted
Steve Frencheeac8042006-01-13 21:34:58 -08003131 by Samba (not sure whether other servers allow
3132 NTLMv2 password here) */
Steve French7c7b25b2006-06-01 19:20:10 +00003133#ifdef CONFIG_CIFS_WEAK_PW_HASH
3134 if((extended_security & CIFSSEC_MAY_LANMAN) &&
3135 (ses->server->secType == LANMAN))
3136 calc_lanman_hash(ses, bcc_ptr);
3137 else
3138#endif /* CIFS_WEAK_PW_HASH */
Steve Frencheeac8042006-01-13 21:34:58 -08003139 SMBNTencrypt(ses->password,
3140 ses->server->cryptKey,
3141 bcc_ptr);
3142
Steve French7c7b25b2006-06-01 19:20:10 +00003143 bcc_ptr += CIFS_SESS_KEY_SIZE;
3144 if(ses->capabilities & CAP_UNICODE) {
3145 /* must align unicode strings */
3146 *bcc_ptr = 0; /* null byte password */
3147 bcc_ptr++;
3148 }
Steve Frencheeac8042006-01-13 21:34:58 -08003149 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07003150
Steve Frencha878fb22006-05-30 18:04:19 +00003151 if(ses->server->secMode &
3152 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
Linus Torvalds1da177e2005-04-16 15:20:36 -07003153 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3154
3155 if (ses->capabilities & CAP_STATUS32) {
3156 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3157 }
3158 if (ses->capabilities & CAP_DFS) {
3159 smb_buffer->Flags2 |= SMBFLG2_DFS;
3160 }
3161 if (ses->capabilities & CAP_UNICODE) {
3162 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3163 length =
Steve Frencha878fb22006-05-30 18:04:19 +00003164 cifs_strtoUCS((__le16 *) bcc_ptr, tree,
3165 6 /* max utf8 char length in bytes */ *
3166 (/* server len*/ + 256 /* share len */), nls_codepage);
3167 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
Linus Torvalds1da177e2005-04-16 15:20:36 -07003168 bcc_ptr += 2; /* skip trailing null */
3169 } else { /* ASCII */
Linus Torvalds1da177e2005-04-16 15:20:36 -07003170 strcpy(bcc_ptr, tree);
3171 bcc_ptr += strlen(tree) + 1;
3172 }
3173 strcpy(bcc_ptr, "?????");
3174 bcc_ptr += strlen("?????");
3175 bcc_ptr += 1;
3176 count = bcc_ptr - &pSMB->Password[0];
3177 pSMB->hdr.smb_buf_length += count;
3178 pSMB->ByteCount = cpu_to_le16(count);
3179
3180 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length, 0);
3181
3182 /* if (rc) rc = map_smb_to_linux_error(smb_buffer_response); */
3183 /* above now done in SendReceive */
3184 if ((rc == 0) && (tcon != NULL)) {
3185 tcon->tidStatus = CifsGood;
3186 tcon->tid = smb_buffer_response->Tid;
3187 bcc_ptr = pByteArea(smb_buffer_response);
3188 length = strnlen(bcc_ptr, BCC(smb_buffer_response) - 2);
3189 /* skip service field (NB: this field is always ASCII) */
3190 bcc_ptr += length + 1;
3191 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
3192 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
3193 length = UniStrnlen((wchar_t *) bcc_ptr, 512);
3194 if ((bcc_ptr + (2 * length)) -
3195 pByteArea(smb_buffer_response) <=
3196 BCC(smb_buffer_response)) {
Jesper Juhlf99d49a2005-11-07 01:01:34 -08003197 kfree(tcon->nativeFileSystem);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003198 tcon->nativeFileSystem =
Pekka Enberge915fc42005-09-06 15:18:35 -07003199 kzalloc(length + 2, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003200 cifs_strfromUCS_le(tcon->nativeFileSystem,
Steve Frenche89dc922005-11-11 15:18:19 -08003201 (__le16 *) bcc_ptr,
Linus Torvalds1da177e2005-04-16 15:20:36 -07003202 length, nls_codepage);
3203 bcc_ptr += 2 * length;
3204 bcc_ptr[0] = 0; /* null terminate the string */
3205 bcc_ptr[1] = 0;
3206 bcc_ptr += 2;
3207 }
3208 /* else do not bother copying these informational fields */
3209 } else {
3210 length = strnlen(bcc_ptr, 1024);
3211 if ((bcc_ptr + length) -
3212 pByteArea(smb_buffer_response) <=
3213 BCC(smb_buffer_response)) {
Jesper Juhlf99d49a2005-11-07 01:01:34 -08003214 kfree(tcon->nativeFileSystem);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003215 tcon->nativeFileSystem =
Pekka Enberge915fc42005-09-06 15:18:35 -07003216 kzalloc(length + 1, GFP_KERNEL);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003217 strncpy(tcon->nativeFileSystem, bcc_ptr,
3218 length);
3219 }
3220 /* else do not bother copying these informational fields */
3221 }
Steve French39798772006-05-31 22:40:51 +00003222 if(smb_buffer_response->WordCount == 3)
3223 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3224 else
3225 tcon->Flags = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07003226 cFYI(1, ("Tcon flags: 0x%x ", tcon->Flags));
3227 } else if ((rc == 0) && tcon == NULL) {
3228 /* all we need to save for IPC$ connection */
3229 ses->ipc_tid = smb_buffer_response->Tid;
3230 }
3231
3232 if (smb_buffer)
3233 cifs_buf_release(smb_buffer);
3234 return rc;
3235}
3236
3237int
3238cifs_umount(struct super_block *sb, struct cifs_sb_info *cifs_sb)
3239{
3240 int rc = 0;
3241 int xid;
3242 struct cifsSesInfo *ses = NULL;
3243 struct task_struct *cifsd_task;
Steve French2fe87f02006-09-21 07:02:52 +00003244 char * tmp;
Linus Torvalds1da177e2005-04-16 15:20:36 -07003245
3246 xid = GetXid();
3247
3248 if (cifs_sb->tcon) {
3249 ses = cifs_sb->tcon->ses; /* save ptr to ses before delete tcon!*/
3250 rc = CIFSSMBTDis(xid, cifs_sb->tcon);
3251 if (rc == -EBUSY) {
3252 FreeXid(xid);
3253 return 0;
3254 }
3255 tconInfoFree(cifs_sb->tcon);
3256 if ((ses) && (ses->server)) {
3257 /* save off task so we do not refer to ses later */
3258 cifsd_task = ses->server->tsk;
3259 cFYI(1, ("About to do SMBLogoff "));
3260 rc = CIFSSMBLogoff(xid, ses);
3261 if (rc == -EBUSY) {
3262 FreeXid(xid);
3263 return 0;
3264 } else if (rc == -ESHUTDOWN) {
3265 cFYI(1,("Waking up socket by sending it signal"));
Steve Frenchf1914012005-08-18 09:37:34 -07003266 if(cifsd_task) {
Linus Torvalds1da177e2005-04-16 15:20:36 -07003267 send_sig(SIGKILL,cifsd_task,1);
Steve Frenchf1914012005-08-18 09:37:34 -07003268 wait_for_completion(&cifsd_complete);
3269 }
Linus Torvalds1da177e2005-04-16 15:20:36 -07003270 rc = 0;
3271 } /* else - we have an smb session
3272 left on this socket do not kill cifsd */
3273 } else
3274 cFYI(1, ("No session or bad tcon"));
3275 }
3276
3277 cifs_sb->tcon = NULL;
Steve French2fe87f02006-09-21 07:02:52 +00003278 tmp = cifs_sb->prepath;
3279 cifs_sb->prepathlen = 0;
3280 cifs_sb->prepath = NULL;
3281 kfree(tmp);
Nishanth Aravamudan041e0e32005-09-10 00:27:23 -07003282 if (ses)
3283 schedule_timeout_interruptible(msecs_to_jiffies(500));
Linus Torvalds1da177e2005-04-16 15:20:36 -07003284 if (ses)
3285 sesInfoFree(ses);
3286
3287 FreeXid(xid);
3288 return rc; /* BB check if we should always return zero here */
3289}
3290
3291int cifs_setup_session(unsigned int xid, struct cifsSesInfo *pSesInfo,
3292 struct nls_table * nls_info)
3293{
3294 int rc = 0;
Steve French7c7b25b2006-06-01 19:20:10 +00003295 char ntlm_session_key[CIFS_SESS_KEY_SIZE];
Linus Torvalds1da177e2005-04-16 15:20:36 -07003296 int ntlmv2_flag = FALSE;
Steve Frenchad009ac2005-04-28 22:41:05 -07003297 int first_time = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07003298
3299 /* what if server changes its buffer size after dropping the session? */
3300 if(pSesInfo->server->maxBuf == 0) /* no need to send on reconnect */ {
3301 rc = CIFSSMBNegotiate(xid, pSesInfo);
3302 if(rc == -EAGAIN) /* retry only once on 1st time connection */ {
3303 rc = CIFSSMBNegotiate(xid, pSesInfo);
3304 if(rc == -EAGAIN)
3305 rc = -EHOSTDOWN;
3306 }
3307 if(rc == 0) {
3308 spin_lock(&GlobalMid_Lock);
3309 if(pSesInfo->server->tcpStatus != CifsExiting)
3310 pSesInfo->server->tcpStatus = CifsGood;
3311 else
3312 rc = -EHOSTDOWN;
3313 spin_unlock(&GlobalMid_Lock);
3314
3315 }
Steve Frenchad009ac2005-04-28 22:41:05 -07003316 first_time = 1;
Linus Torvalds1da177e2005-04-16 15:20:36 -07003317 }
3318 if (!rc) {
Steve French9ac00b72006-09-30 04:13:17 +00003319 pSesInfo->flags = 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -07003320 pSesInfo->capabilities = pSesInfo->server->capabilities;
3321 if(linuxExtEnabled == 0)
3322 pSesInfo->capabilities &= (~CAP_UNIX);
Steve Frenchad009ac2005-04-28 22:41:05 -07003323 /* pSesInfo->sequence_number = 0;*/
Steve French175ec9e2006-09-30 01:07:38 +00003324 cFYI(1,("Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
Linus Torvalds1da177e2005-04-16 15:20:36 -07003325 pSesInfo->server->secMode,
3326 pSesInfo->server->capabilities,
Steve French175ec9e2006-09-30 01:07:38 +00003327 pSesInfo->server->timeAdj));
Steve French189acaa2006-06-23 02:33:48 +00003328 if(experimEnabled < 2)
Steve French39798772006-05-31 22:40:51 +00003329 rc = CIFS_SessSetup(xid, pSesInfo,
3330 first_time, nls_info);
Steve French189acaa2006-06-23 02:33:48 +00003331 else if (extended_security
Steve French175ec9e2006-09-30 01:07:38 +00003332 && (pSesInfo->capabilities
3333 & CAP_EXTENDED_SECURITY)
Linus Torvalds1da177e2005-04-16 15:20:36 -07003334 && (pSesInfo->server->secType == NTLMSSP)) {
Steve French189acaa2006-06-23 02:33:48 +00003335 rc = -EOPNOTSUPP;
Linus Torvalds1da177e2005-04-16 15:20:36 -07003336 } else if (extended_security
3337 && (pSesInfo->capabilities & CAP_EXTENDED_SECURITY)
3338 && (pSesInfo->server->secType == RawNTLMSSP)) {
Steve French5815449d2006-02-14 01:36:20 +00003339 cFYI(1, ("NTLMSSP sesssetup"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07003340 rc = CIFSNTLMSSPNegotiateSessSetup(xid,
3341 pSesInfo,
3342 &ntlmv2_flag,
3343 nls_info);
3344 if (!rc) {
3345 if(ntlmv2_flag) {
3346 char * v2_response;
Steve French175ec9e2006-09-30 01:07:38 +00003347 cFYI(1,("more secure NTLM ver2 hash"));
Linus Torvalds1da177e2005-04-16 15:20:36 -07003348 if(CalcNTLMv2_partial_mac_key(pSesInfo,
3349 nls_info)) {
3350 rc = -ENOMEM;
3351 goto ss_err_exit;
3352 } else
3353 v2_response = kmalloc(16 + 64 /* blob */, GFP_KERNEL);
3354 if(v2_response) {
3355 CalcNTLMv2_response(pSesInfo,v2_response);
Steve Frenchad009ac2005-04-28 22:41:05 -07003356 /* if(first_time)
3357 cifs_calculate_ntlmv2_mac_key(
3358 pSesInfo->server->mac_signing_key,
3359 response, ntlm_session_key, */
Linus Torvalds1da177e2005-04-16 15:20:36 -07003360 kfree(v2_response);
3361 /* BB Put dummy sig in SessSetup PDU? */
3362 } else {
3363 rc = -ENOMEM;
3364 goto ss_err_exit;
3365 }
3366
3367 } else {
3368 SMBNTencrypt(pSesInfo->password,
3369 pSesInfo->server->cryptKey,
3370 ntlm_session_key);
3371
Steve Frenchad009ac2005-04-28 22:41:05 -07003372 if(first_time)
3373 cifs_calculate_mac_key(
3374 pSesInfo->server->mac_signing_key,
3375 ntlm_session_key,
3376 pSesInfo->password);
Linus Torvalds1da177e2005-04-16 15:20:36 -07003377 }
3378 /* for better security the weaker lanman hash not sent
3379 in AuthSessSetup so we no longer calculate it */
3380
3381 rc = CIFSNTLMSSPAuthSessSetup(xid,
3382 pSesInfo,
3383 ntlm_session_key,
3384 ntlmv2_flag,
3385 nls_info);
3386 }
3387 } else { /* old style NTLM 0.12 session setup */
3388 SMBNTencrypt(pSesInfo->password,
3389 pSesInfo->server->cryptKey,
3390 ntlm_session_key);
3391
Steve Frenchad009ac2005-04-28 22:41:05 -07003392 if(first_time)
3393 cifs_calculate_mac_key(
3394 pSesInfo->server->mac_signing_key,
3395 ntlm_session_key, pSesInfo->password);
3396
Linus Torvalds1da177e2005-04-16 15:20:36 -07003397 rc = CIFSSessSetup(xid, pSesInfo,
3398 ntlm_session_key, nls_info);
3399 }
3400 if (rc) {
3401 cERROR(1,("Send error in SessSetup = %d",rc));
3402 } else {
3403 cFYI(1,("CIFS Session Established successfully"));
3404 pSesInfo->status = CifsGood;
3405 }
3406 }
3407ss_err_exit:
3408 return rc;
3409}
3410