[019/140] cifs: remove bogus first_time check in NTLMv2 session setup code
in [Kernel]
|
Prev: [034/140] SUNRPC: Fix a re-entrancy bug in xs_tcp_read_calldir()
Next: [002/140] net/dccp: expansion of error code size
From: Greg KH on 30 Jul 2010 15:00 2.6.33-stable review patch. If anyone has any objections, please let us know. ------------------ From: Jeff Layton <jlayton(a)redhat.com> commit 8a224d489454b7457105848610cfebebdec5638d upstream. This bug appears to be the result of a cut-and-paste mistake from the NTLMv1 code. The function to generate the MAC key was commented out, but not the conditional above it. The conditional then ended up causing the session setup key not to be copied to the buffer unless this was the first session on the socket, and that made all but the first NTLMv2 session setup fail. Fix this by removing the conditional and all of the commented clutter that made it difficult to see. Reported-by: Gunther Deschner <gdeschne(a)redhat.com> Signed-off-by: Jeff Layton <jlayton(a)redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)suse.de> --- fs/cifs/sess.c | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -722,15 +722,7 @@ ssetup_ntlmssp_authenticate: /* calculate session key */ setup_ntlmv2_rsp(ses, v2_sess_key, nls_cp); - if (first_time) /* should this be moved into common code - with similar ntlmv2 path? */ - /* cifs_calculate_ntlmv2_mac_key(ses->server->mac_signing_key, - response BB FIXME, v2_sess_key); */ - - /* copy session key */ - - /* memcpy(bcc_ptr, (char *)ntlm_session_key,LM2_SESS_KEY_SIZE); - bcc_ptr += LM2_SESS_KEY_SIZE; */ + /* FIXME: calculate MAC key */ memcpy(bcc_ptr, (char *)v2_sess_key, sizeof(struct ntlmv2_resp)); bcc_ptr += sizeof(struct ntlmv2_resp); -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ |