summaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorJeff Layton <jlayton@redhat.com>2008-12-05 20:41:21 -0500
committerSteve French <sfrench@us.ibm.com>2008-12-26 02:29:11 +0000
commit00e485b0198ea4f509341373f1d9adb0a5977a2f (patch)
tree2f8a50be11f0551fe8ad2af33a00577621398027 /fs
parent4e53a3fb98d3d5c2941d2e7199dab317a9d4ead3 (diff)
downloadkernel-crypto-00e485b0198ea4f509341373f1d9adb0a5977a2f.tar.gz
kernel-crypto-00e485b0198ea4f509341373f1d9adb0a5977a2f.tar.xz
kernel-crypto-00e485b0198ea4f509341373f1d9adb0a5977a2f.zip
cifs: store password in tcon
cifs: store password in tcon Each tcon has its own password for share-level security. Store it in the tcon and wipe it clean and free it when freeing the tcon. When doing the tree connect with share-level security, use the tcon password instead of the session password. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs')
-rw-r--r--fs/cifs/cifsglob.h1
-rw-r--r--fs/cifs/connect.c25
-rw-r--r--fs/cifs/misc.c4
3 files changed, 23 insertions, 7 deletions
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
index 0fb934d3623..94c1ca0ec95 100644
--- a/fs/cifs/cifsglob.h
+++ b/fs/cifs/cifsglob.h
@@ -242,6 +242,7 @@ struct cifsTconInfo {
struct cifsSesInfo *ses; /* pointer to session associated with */
char treeName[MAX_TREE_SIZE + 1]; /* UNC name of resource in ASCII */
char *nativeFileSystem;
+ char *password; /* for share-level security */
__u16 tid; /* The 2 byte tree id */
__u16 Flags; /* optional support bits */
enum statusEnum tidStatus;
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 3a84a375cb6..3caadf12d76 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -2282,9 +2282,12 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
/* volume_info->password freed at unmount */
if (volume_info->password) {
- pSesInfo->password = volume_info->password;
- /* set to NULL to prevent freeing on exit */
- volume_info->password = NULL;
+ pSesInfo->password = kstrdup(volume_info->password,
+ GFP_KERNEL);
+ if (!pSesInfo->password) {
+ rc = -ENOMEM;
+ goto mount_fail_check;
+ }
}
if (volume_info->username)
strncpy(pSesInfo->userName, volume_info->username,
@@ -2324,7 +2327,16 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
rc = -ENOMEM;
goto mount_fail_check;
}
+
tcon->ses = pSesInfo;
+ if (volume_info->password) {
+ tcon->password = kstrdup(volume_info->password,
+ GFP_KERNEL);
+ if (!tcon->password) {
+ rc = -ENOMEM;
+ goto mount_fail_check;
+ }
+ }
/* check for null share name ie connect to dfs root */
if ((strchr(volume_info->UNC + 3, '\\') == NULL)
@@ -3532,15 +3544,14 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
NTLMv2 password here) */
#ifdef CONFIG_CIFS_WEAK_PW_HASH
if ((extended_security & CIFSSEC_MAY_LANMAN) &&
- (ses->server->secType == LANMAN))
- calc_lanman_hash(ses->password, ses->server->cryptKey,
+ (ses->server->secType == LANMAN))
+ calc_lanman_hash(tcon->password, ses->server->cryptKey,
ses->server->secMode &
SECMODE_PW_ENCRYPT ? true : false,
bcc_ptr);
else
#endif /* CIFS_WEAK_PW_HASH */
- SMBNTencrypt(ses->password,
- ses->server->cryptKey,
+ SMBNTencrypt(tcon->password, ses->server->cryptKey,
bcc_ptr);
bcc_ptr += CIFS_SESS_KEY_SIZE;
diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
index 7c3f4b9230d..a0513605d7e 100644
--- a/fs/cifs/misc.c
+++ b/fs/cifs/misc.c
@@ -132,6 +132,10 @@ tconInfoFree(struct cifsTconInfo *buf_to_free)
}
atomic_dec(&tconInfoAllocCount);
kfree(buf_to_free->nativeFileSystem);
+ if (buf_to_free->password) {
+ memset(buf_to_free->password, 0, strlen(buf_to_free->password));
+ kfree(buf_to_free->password);
+ }
kfree(buf_to_free);
}