diff options
| -rw-r--r-- | fs/cifs/cifsencrypt.c | 36 |
1 files changed, 23 insertions, 13 deletions
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index c2cbe0e..e7d6373 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -57,9 +57,6 @@ int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server, int rc = 0; char smb_signature[20]; - /* BB remember to initialize sequence number elsewhere and initialize mac_signing key elsewhere BB */ - /* BB remember to add code to save expected sequence number in midQ entry BB */ - if((cifs_pdu == NULL) || (server == NULL)) return -EINVAL; @@ -86,20 +83,33 @@ int cifs_sign_smb(struct smb_hdr * cifs_pdu, struct TCP_Server_Info * server, static int cifs_calc_signature2(const struct kvec * iov, int n_vec, const char * key, char * signature) { - struct MD5Context context; - - if((iov == NULL) || (signature == NULL)) - return -EINVAL; + struct MD5Context context; + int i; - MD5Init(&context); - MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16); + if((iov == NULL) || (signature == NULL)) + return -EINVAL; -/* MD5Update(&context,cifs_pdu->Protocol,cifs_pdu->smb_buf_length); */ /* BB FIXME BB */ + MD5Init(&context); + MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16); + for(i=0;i<n_vec;i++) { + if(iov[i].iov_base == NULL) { + cERROR(1,("null iovec entry")); + return -EIO; + } else if(iov[i].iov_len == 0) + break; /* bail out if we are sent nothing to sign */ + /* The first entry includes a length field (which does not get + signed that occupies the first 4 bytes before the header */ + if(i==0) { + if (iov[0].iov_len <= 8 ) /* cmd field at offset 9 */ + break; /* nothing to sign or corrupt header */ + MD5Update(&context,iov[0].iov_base+4, iov[0].iov_len-4); + } else + MD5Update(&context,iov[i].iov_base, iov[i].iov_len); + } - MD5Final(signature,&context); + MD5Final(signature,&context); - return -EOPNOTSUPP; -/* return 0; */ + return 0; } |
