search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[ARM] 3115/1: small optimizations to exception vector entry code
[linux-2.6/x86.git] / fs / cifs / connect.c
blobd74367a08d513dd4cf6bb6a3aa090996972ea7f5
1 /*
2 * fs/cifs/connect.c
3 *
4 * Copyright (C) International Business Machines Corp., 2002,2005
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/ipv6.h>
27 #include <linux/pagemap.h>
28 #include <linux/ctype.h>
29 #include <linux/utsname.h>
30 #include <linux/mempool.h>
31 #include <linux/delay.h>
32 #include <linux/completion.h>
33 #include <linux/pagevec.h>
34 #include <asm/uaccess.h>
35 #include <asm/processor.h>
36 #include "cifspdu.h"
37 #include "cifsglob.h"
38 #include "cifsproto.h"
39 #include "cifs_unicode.h"
40 #include "cifs_debug.h"
41 #include "cifs_fs_sb.h"
42 #include "ntlmssp.h"
43 #include "nterr.h"
44 #include "rfc1002pdu.h"
45
46 #define CIFS_PORT 445
47 #define RFC1001_PORT 139
48
49 static DECLARE_COMPLETION(cifsd_complete);
50
51 extern void SMBencrypt(unsigned char *passwd, unsigned char *c8,
52 unsigned char *p24);
53 extern void SMBNTencrypt(unsigned char *passwd, unsigned char *c8,
54 unsigned char *p24);
55
56 extern mempool_t *cifs_req_poolp;
57
58 struct smb_vol {
59 char *username;
60 char *password;
61 char *domainname;
62 char *UNC;
63 char *UNCip;
64 char *in6_addr; /* ipv6 address as human readable form of in6_addr */
65 char *iocharset; /* local code page for mapping to and from Unicode */
66 char source_rfc1001_name[16]; /* netbios name of client */
67 char target_rfc1001_name[16]; /* netbios name of server for Win9x/ME */
68 uid_t linux_uid;
69 gid_t linux_gid;
70 mode_t file_mode;
71 mode_t dir_mode;
72 unsigned rw:1;
73 unsigned retry:1;
74 unsigned intr:1;
75 unsigned setuids:1;
76 unsigned noperm:1;
77 unsigned no_psx_acl:1; /* set if posix acl support should be disabled */
78 unsigned no_xattr:1; /* set if xattr (EA) support should be disabled*/
79 unsigned server_ino:1; /* use inode numbers from server ie UniqueId */
80 unsigned direct_io:1;
81 unsigned remap:1; /* set to remap seven reserved chars in filenames */
82 unsigned posix_paths:1; /* unset to not ask for posix pathnames. */
83 unsigned sfu_emul:1;
84 unsigned nocase; /* request case insensitive filenames */
85 unsigned nobrl; /* disable sending byte range locks to srv */
86 unsigned int rsize;
87 unsigned int wsize;
88 unsigned int sockopt;
89 unsigned short int port;
90 };
91
92 static int ipv4_connect(struct sockaddr_in *psin_server,
93 struct socket **csocket,
94 char * netb_name,
95 char * server_netb_name);
96 static int ipv6_connect(struct sockaddr_in6 *psin_server,
97 struct socket **csocket);
98
99
100 /*
101 * cifs tcp session reconnection
102 *
103 * mark tcp session as reconnecting so temporarily locked
104 * mark all smb sessions as reconnecting for tcp session
105 * reconnect tcp session
106 * wake up waiters on reconnection? - (not needed currently)
107 */
108
109 int
110 cifs_reconnect(struct TCP_Server_Info *server)
111 {
112 int rc = 0;
113 struct list_head *tmp;
114 struct cifsSesInfo *ses;
115 struct cifsTconInfo *tcon;
116 struct mid_q_entry * mid_entry;
117
118 spin_lock(&GlobalMid_Lock);
119 if(server->tcpStatus == CifsExiting) {
120 /* the demux thread will exit normally
121 next time through the loop */
122 spin_unlock(&GlobalMid_Lock);
123 return rc;
124 } else
125 server->tcpStatus = CifsNeedReconnect;
126 spin_unlock(&GlobalMid_Lock);
127 server->maxBuf = 0;
128
129 cFYI(1, ("Reconnecting tcp session"));
130
131 /* before reconnecting the tcp session, mark the smb session (uid)
132 and the tid bad so they are not used until reconnected */
133 read_lock(&GlobalSMBSeslock);
134 list_for_each(tmp, &GlobalSMBSessionList) {
135 ses = list_entry(tmp, struct cifsSesInfo, cifsSessionList);
136 if (ses->server) {
137 if (ses->server == server) {
138 ses->status = CifsNeedReconnect;
139 ses->ipc_tid = 0;
140 }
141 }
142 /* else tcp and smb sessions need reconnection */
143 }
144 list_for_each(tmp, &GlobalTreeConnectionList) {
145 tcon = list_entry(tmp, struct cifsTconInfo, cifsConnectionList);
146 if((tcon) && (tcon->ses) && (tcon->ses->server == server)) {
147 tcon->tidStatus = CifsNeedReconnect;
148 }
149 }
150 read_unlock(&GlobalSMBSeslock);
151 /* do not want to be sending data on a socket we are freeing */
152 down(&server->tcpSem);
153 if(server->ssocket) {
154 cFYI(1,("State: 0x%x Flags: 0x%lx", server->ssocket->state,
155 server->ssocket->flags));
156 server->ssocket->ops->shutdown(server->ssocket,SEND_SHUTDOWN);
157 cFYI(1,("Post shutdown state: 0x%x Flags: 0x%lx", server->ssocket->state,
158 server->ssocket->flags));
159 sock_release(server->ssocket);
160 server->ssocket = NULL;
161 }
162
163 spin_lock(&GlobalMid_Lock);
164 list_for_each(tmp, &server->pending_mid_q) {
165 mid_entry = list_entry(tmp, struct
166 mid_q_entry,
167 qhead);
168 if(mid_entry) {
169 if(mid_entry->midState == MID_REQUEST_SUBMITTED) {
170 /* Mark other intransit requests as needing
171 retry so we do not immediately mark the
172 session bad again (ie after we reconnect
173 below) as they timeout too */
174 mid_entry->midState = MID_RETRY_NEEDED;
175 }
176 }
177 }
178 spin_unlock(&GlobalMid_Lock);
179 up(&server->tcpSem);
180
181 while ((server->tcpStatus != CifsExiting) && (server->tcpStatus != CifsGood))
182 {
183 if(server->protocolType == IPV6) {
184 rc = ipv6_connect(&server->addr.sockAddr6,&server->ssocket);
185 } else {
186 rc = ipv4_connect(&server->addr.sockAddr,
187 &server->ssocket,
188 server->workstation_RFC1001_name,
189 server->server_RFC1001_name);
190 }
191 if(rc) {
192 cFYI(1,("reconnect error %d",rc));
193 msleep(3000);
194 } else {
195 atomic_inc(&tcpSesReconnectCount);
196 spin_lock(&GlobalMid_Lock);
197 if(server->tcpStatus != CifsExiting)
198 server->tcpStatus = CifsGood;
199 server->sequence_number = 0;
200 spin_unlock(&GlobalMid_Lock);
201 /* atomic_set(&server->inFlight,0);*/
202 wake_up(&server->response_q);
203 }
204 }
205 return rc;
206 }
207
208 /*
209 return codes:
210 0 not a transact2, or all data present
211 >0 transact2 with that much data missing
212 -EINVAL = invalid transact2
213
214 */
215 static int check2ndT2(struct smb_hdr * pSMB, unsigned int maxBufSize)
216 {
217 struct smb_t2_rsp * pSMBt;
218 int total_data_size;
219 int data_in_this_rsp;
220 int remaining;
221
222 if(pSMB->Command != SMB_COM_TRANSACTION2)
223 return 0;
224
225 /* check for plausible wct, bcc and t2 data and parm sizes */
226 /* check for parm and data offset going beyond end of smb */
227 if(pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
228 cFYI(1,("invalid transact2 word count"));
229 return -EINVAL;
230 }
231
232 pSMBt = (struct smb_t2_rsp *)pSMB;
233
234 total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount);
235 data_in_this_rsp = le16_to_cpu(pSMBt->t2_rsp.DataCount);
236
237 remaining = total_data_size - data_in_this_rsp;
238
239 if(remaining == 0)
240 return 0;
241 else if(remaining < 0) {
242 cFYI(1,("total data %d smaller than data in frame %d",
243 total_data_size, data_in_this_rsp));
244 return -EINVAL;
245 } else {
246 cFYI(1,("missing %d bytes from transact2, check next response",
247 remaining));
248 if(total_data_size > maxBufSize) {
249 cERROR(1,("TotalDataSize %d is over maximum buffer %d",
250 total_data_size,maxBufSize));
251 return -EINVAL;
252 }
253 return remaining;
254 }
255 }
256
257 static int coalesce_t2(struct smb_hdr * psecond, struct smb_hdr *pTargetSMB)
258 {
259 struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond;
260 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
261 int total_data_size;
262 int total_in_buf;
263 int remaining;
264 int total_in_buf2;
265 char * data_area_of_target;
266 char * data_area_of_buf2;
267 __u16 byte_count;
268
269 total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount);
270
271 if(total_data_size != le16_to_cpu(pSMB2->t2_rsp.TotalDataCount)) {
272 cFYI(1,("total data sizes of primary and secondary t2 differ"));
273 }
274
275 total_in_buf = le16_to_cpu(pSMBt->t2_rsp.DataCount);
276
277 remaining = total_data_size - total_in_buf;
278
279 if(remaining < 0)
280 return -EINVAL;
281
282 if(remaining == 0) /* nothing to do, ignore */
283 return 0;
284
285 total_in_buf2 = le16_to_cpu(pSMB2->t2_rsp.DataCount);
286 if(remaining < total_in_buf2) {
287 cFYI(1,("transact2 2nd response contains too much data"));
288 }
289
290 /* find end of first SMB data area */
291 data_area_of_target = (char *)&pSMBt->hdr.Protocol +
292 le16_to_cpu(pSMBt->t2_rsp.DataOffset);
293 /* validate target area */
294
295 data_area_of_buf2 = (char *) &pSMB2->hdr.Protocol +
296 le16_to_cpu(pSMB2->t2_rsp.DataOffset);
297
298 data_area_of_target += total_in_buf;
299
300 /* copy second buffer into end of first buffer */
301 memcpy(data_area_of_target,data_area_of_buf2,total_in_buf2);
302 total_in_buf += total_in_buf2;
303 pSMBt->t2_rsp.DataCount = cpu_to_le16(total_in_buf);
304 byte_count = le16_to_cpu(BCC_LE(pTargetSMB));
305 byte_count += total_in_buf2;
306 BCC_LE(pTargetSMB) = cpu_to_le16(byte_count);
307
308 byte_count = pTargetSMB->smb_buf_length;
309 byte_count += total_in_buf2;
310
311 /* BB also add check that we are not beyond maximum buffer size */
312
313 pTargetSMB->smb_buf_length = byte_count;
314
315 if(remaining == total_in_buf2) {
316 cFYI(1,("found the last secondary response"));
317 return 0; /* we are done */
318 } else /* more responses to go */
319 return 1;
320
321 }
322
323 static int
324 cifs_demultiplex_thread(struct TCP_Server_Info *server)
325 {
326 int length;
327 unsigned int pdu_length, total_read;
328 struct smb_hdr *smb_buffer = NULL;
329 struct smb_hdr *bigbuf = NULL;
330 struct smb_hdr *smallbuf = NULL;
331 struct msghdr smb_msg;
332 struct kvec iov;
333 struct socket *csocket = server->ssocket;
334 struct list_head *tmp;
335 struct cifsSesInfo *ses;
336 struct task_struct *task_to_wake = NULL;
337 struct mid_q_entry *mid_entry;
338 char temp;
339 int isLargeBuf = FALSE;
340 int isMultiRsp;
341 int reconnect;
342
343 daemonize("cifsd");
344 allow_signal(SIGKILL);
345 current->flags |= PF_MEMALLOC;
346 server->tsk = current; /* save process info to wake at shutdown */
347 cFYI(1, ("Demultiplex PID: %d", current->pid));
348 write_lock(&GlobalSMBSeslock);
349 atomic_inc(&tcpSesAllocCount);
350 length = tcpSesAllocCount.counter;
351 write_unlock(&GlobalSMBSeslock);
352 complete(&cifsd_complete);
353 if(length > 1) {
354 mempool_resize(cifs_req_poolp,
355 length + cifs_min_rcv,
356 GFP_KERNEL);
357 }
358
359 while (server->tcpStatus != CifsExiting) {
360 if (try_to_freeze())
361 continue;
362 if (bigbuf == NULL) {
363 bigbuf = cifs_buf_get();
364 if(bigbuf == NULL) {
365 cERROR(1,("No memory for large SMB response"));
366 msleep(3000);
367 /* retry will check if exiting */
368 continue;
369 }
370 } else if(isLargeBuf) {
371 /* we are reusing a dirtry large buf, clear its start */
372 memset(bigbuf, 0, sizeof (struct smb_hdr));
373 }
374
375 if (smallbuf == NULL) {
376 smallbuf = cifs_small_buf_get();
377 if(smallbuf == NULL) {
378 cERROR(1,("No memory for SMB response"));
379 msleep(1000);
380 /* retry will check if exiting */
381 continue;
382 }
383 /* beginning of smb buffer is cleared in our buf_get */
384 } else /* if existing small buf clear beginning */
385 memset(smallbuf, 0, sizeof (struct smb_hdr));
386
387 isLargeBuf = FALSE;
388 isMultiRsp = FALSE;
389 smb_buffer = smallbuf;
390 iov.iov_base = smb_buffer;
391 iov.iov_len = 4;
392 smb_msg.msg_control = NULL;
393 smb_msg.msg_controllen = 0;
394 length =
395 kernel_recvmsg(csocket, &smb_msg,
396 &iov, 1, 4, 0 /* BB see socket.h flags */);
397
398 if(server->tcpStatus == CifsExiting) {
399 break;
400 } else if (server->tcpStatus == CifsNeedReconnect) {
401 cFYI(1,("Reconnect after server stopped responding"));
402 cifs_reconnect(server);
403 cFYI(1,("call to reconnect done"));
404 csocket = server->ssocket;
405 continue;
406 } else if ((length == -ERESTARTSYS) || (length == -EAGAIN)) {
407 msleep(1); /* minimum sleep to prevent looping
408 allowing socket to clear and app threads to set
409 tcpStatus CifsNeedReconnect if server hung */
410 continue;
411 } else if (length <= 0) {
412 if(server->tcpStatus == CifsNew) {
413 cFYI(1,("tcp session abend after SMBnegprot"));
414 /* some servers kill the TCP session rather than
415 returning an SMB negprot error, in which
416 case reconnecting here is not going to help,
417 and so simply return error to mount */
418 break;
419 }
420 if(length == -EINTR) {
421 cFYI(1,("cifsd thread killed"));
422 break;
423 }
424 cFYI(1,("Reconnect after unexpected peek error %d",
425 length));
426 cifs_reconnect(server);
427 csocket = server->ssocket;
428 wake_up(&server->response_q);
429 continue;
430 } else if (length < 4) {
431 cFYI(1,
432 ("Frame under four bytes received (%d bytes long)",
433 length));
434 cifs_reconnect(server);
435 csocket = server->ssocket;
436 wake_up(&server->response_q);
437 continue;
438 }
439
440 /* The right amount was read from socket - 4 bytes */
441 /* so we can now interpret the length field */
442
443 /* the first byte big endian of the length field,
444 is actually not part of the length but the type
445 with the most common, zero, as regular data */
446 temp = *((char *) smb_buffer);
447
448 /* Note that FC 1001 length is big endian on the wire,
449 but we convert it here so it is always manipulated
450 as host byte order */
451 pdu_length = ntohl(smb_buffer->smb_buf_length);
452 smb_buffer->smb_buf_length = pdu_length;
453
454 cFYI(1,("rfc1002 length 0x%x)", pdu_length+4));
455
456 if (temp == (char) RFC1002_SESSION_KEEP_ALIVE) {
457 continue;
458 } else if (temp == (char)RFC1002_POSITIVE_SESSION_RESPONSE) {
459 cFYI(1,("Good RFC 1002 session rsp"));
460 continue;
461 } else if (temp == (char)RFC1002_NEGATIVE_SESSION_RESPONSE) {
462 /* we get this from Windows 98 instead of
463 an error on SMB negprot response */
464 cFYI(1,("Negative RFC1002 Session Response Error 0x%x)",
465 pdu_length));
466 if(server->tcpStatus == CifsNew) {
467 /* if nack on negprot (rather than
468 ret of smb negprot error) reconnecting
469 not going to help, ret error to mount */
470 break;
471 } else {
472 /* give server a second to
473 clean up before reconnect attempt */
474 msleep(1000);
475 /* always try 445 first on reconnect
476 since we get NACK on some if we ever
477 connected to port 139 (the NACK is
478 since we do not begin with RFC1001
479 session initialize frame) */
480 server->addr.sockAddr.sin_port =
481 htons(CIFS_PORT);
482 cifs_reconnect(server);
483 csocket = server->ssocket;
484 wake_up(&server->response_q);
485 continue;
486 }
487 } else if (temp != (char) 0) {
488 cERROR(1,("Unknown RFC 1002 frame"));
489 cifs_dump_mem(" Received Data: ", (char *)smb_buffer,
490 length);
491 cifs_reconnect(server);
492 csocket = server->ssocket;
493 continue;
494 }
495
496 /* else we have an SMB response */
497 if((pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) ||
498 (pdu_length < sizeof (struct smb_hdr) - 1 - 4)) {
499 cERROR(1, ("Invalid size SMB length %d pdu_length %d",
500 length, pdu_length+4));
501 cifs_reconnect(server);
502 csocket = server->ssocket;
503 wake_up(&server->response_q);
504 continue;
505 }
506
507 /* else length ok */
508 reconnect = 0;
509
510 if(pdu_length > MAX_CIFS_HDR_SIZE - 4) {
511 isLargeBuf = TRUE;
512 memcpy(bigbuf, smallbuf, 4);
513 smb_buffer = bigbuf;
514 }
515 length = 0;
516 iov.iov_base = 4 + (char *)smb_buffer;
517 iov.iov_len = pdu_length;
518 for (total_read = 0; total_read < pdu_length;
519 total_read += length) {
520 length = kernel_recvmsg(csocket, &smb_msg, &iov, 1,
521 pdu_length - total_read, 0);
522 if((server->tcpStatus == CifsExiting) ||
523 (length == -EINTR)) {
524 /* then will exit */
525 reconnect = 2;
526 break;
527 } else if (server->tcpStatus == CifsNeedReconnect) {
528 cifs_reconnect(server);
529 csocket = server->ssocket;
530 /* Reconnect wakes up rspns q */
531 /* Now we will reread sock */
532 reconnect = 1;
533 break;
534 } else if ((length == -ERESTARTSYS) ||
535 (length == -EAGAIN)) {
536 msleep(1); /* minimum sleep to prevent looping,
537 allowing socket to clear and app
538 threads to set tcpStatus
539 CifsNeedReconnect if server hung*/
540 continue;
541 } else if (length <= 0) {
542 cERROR(1,("Received no data, expecting %d",
543 pdu_length - total_read));
544 cifs_reconnect(server);
545 csocket = server->ssocket;
546 reconnect = 1;
547 break;
548 }
549 }
550 if(reconnect == 2)
551 break;
552 else if(reconnect == 1)
553 continue;
554
555 length += 4; /* account for rfc1002 hdr */
556
557
558 dump_smb(smb_buffer, length);
559 if (checkSMB (smb_buffer, smb_buffer->Mid, total_read+4)) {
560 cifs_dump_mem("Bad SMB: ", smb_buffer, 48);
561 continue;
562 }
563
564
565 task_to_wake = NULL;
566 spin_lock(&GlobalMid_Lock);
567 list_for_each(tmp, &server->pending_mid_q) {
568 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
569
570 if ((mid_entry->mid == smb_buffer->Mid) &&
571 (mid_entry->midState == MID_REQUEST_SUBMITTED) &&
572 (mid_entry->command == smb_buffer->Command)) {
573 if(check2ndT2(smb_buffer,server->maxBuf) > 0) {
574 /* We have a multipart transact2 resp */
575 isMultiRsp = TRUE;
576 if(mid_entry->resp_buf) {
577 /* merge response - fix up 1st*/
578 if(coalesce_t2(smb_buffer,
579 mid_entry->resp_buf)) {
580 break;
581 } else {
582 /* all parts received */
583 goto multi_t2_fnd;
584 }
585 } else {
586 if(!isLargeBuf) {
587 cERROR(1,("1st trans2 resp needs bigbuf"));
588 /* BB maybe we can fix this up, switch
589 to already allocated large buffer? */
590 } else {
591 /* Have first buffer */
592 mid_entry->resp_buf =
593 smb_buffer;
594 mid_entry->largeBuf = 1;
595 bigbuf = NULL;
596 }
597 }
598 break;
599 }
600 mid_entry->resp_buf = smb_buffer;
601 if(isLargeBuf)
602 mid_entry->largeBuf = 1;
603 else
604 mid_entry->largeBuf = 0;
605 multi_t2_fnd:
606 task_to_wake = mid_entry->tsk;
607 mid_entry->midState = MID_RESPONSE_RECEIVED;
608 #ifdef CONFIG_CIFS_STATS2
609 mid_entry->when_received = jiffies;
610 #endif
611 break;
612 }
613 }
614 spin_unlock(&GlobalMid_Lock);
615 if (task_to_wake) {
616 /* Was previous buf put in mpx struct for multi-rsp? */
617 if(!isMultiRsp) {
618 /* smb buffer will be freed by user thread */
619 if(isLargeBuf) {
620 bigbuf = NULL;
621 } else
622 smallbuf = NULL;
623 }
624 wake_up_process(task_to_wake);
625 } else if ((is_valid_oplock_break(smb_buffer) == FALSE)
626 && (isMultiRsp == FALSE)) {
627 cERROR(1, ("No task to wake, unknown frame rcvd!"));
628 cifs_dump_mem("Received Data is: ",(char *)smb_buffer,
629 sizeof(struct smb_hdr));
630 }
631 } /* end while !EXITING */
632
633 spin_lock(&GlobalMid_Lock);
634 server->tcpStatus = CifsExiting;
635 server->tsk = NULL;
636 /* check if we have blocked requests that need to free */
637 /* Note that cifs_max_pending is normally 50, but
638 can be set at module install time to as little as two */
639 if(atomic_read(&server->inFlight) >= cifs_max_pending)
640 atomic_set(&server->inFlight, cifs_max_pending - 1);
641 /* We do not want to set the max_pending too low or we
642 could end up with the counter going negative */
643 spin_unlock(&GlobalMid_Lock);
644 /* Although there should not be any requests blocked on
645 this queue it can not hurt to be paranoid and try to wake up requests
646 that may haven been blocked when more than 50 at time were on the wire
647 to the same server - they now will see the session is in exit state
648 and get out of SendReceive. */
649 wake_up_all(&server->request_q);
650 /* give those requests time to exit */
651 msleep(125);
652
653 if(server->ssocket) {
654 sock_release(csocket);
655 server->ssocket = NULL;
656 }
657 /* buffer usuallly freed in free_mid - need to free it here on exit */
658 if (bigbuf != NULL)
659 cifs_buf_release(bigbuf);
660 if (smallbuf != NULL)
661 cifs_small_buf_release(smallbuf);
662
663 read_lock(&GlobalSMBSeslock);
664 if (list_empty(&server->pending_mid_q)) {
665 /* loop through server session structures attached to this and
666 mark them dead */
667 list_for_each(tmp, &GlobalSMBSessionList) {
668 ses =
669 list_entry(tmp, struct cifsSesInfo,
670 cifsSessionList);
671 if (ses->server == server) {
672 ses->status = CifsExiting;
673 ses->server = NULL;
674 }
675 }
676 read_unlock(&GlobalSMBSeslock);
677 } else {
678 /* although we can not zero the server struct pointer yet,
679 since there are active requests which may depnd on them,
680 mark the corresponding SMB sessions as exiting too */
681 list_for_each(tmp, &GlobalSMBSessionList) {
682 ses = list_entry(tmp, struct cifsSesInfo,
683 cifsSessionList);
684 if (ses->server == server) {
685 ses->status = CifsExiting;
686 }
687 }
688
689 spin_lock(&GlobalMid_Lock);
690 list_for_each(tmp, &server->pending_mid_q) {
691 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
692 if (mid_entry->midState == MID_REQUEST_SUBMITTED) {
693 cFYI(1,
694 ("Clearing Mid 0x%x - waking up ",mid_entry->mid));
695 task_to_wake = mid_entry->tsk;
696 if(task_to_wake) {
697 wake_up_process(task_to_wake);
698 }
699 }
700 }
701 spin_unlock(&GlobalMid_Lock);
702 read_unlock(&GlobalSMBSeslock);
703 /* 1/8th of sec is more than enough time for them to exit */
704 msleep(125);
705 }
706
707 if (!list_empty(&server->pending_mid_q)) {
708 /* mpx threads have not exited yet give them
709 at least the smb send timeout time for long ops */
710 /* due to delays on oplock break requests, we need
711 to wait at least 45 seconds before giving up
712 on a request getting a response and going ahead
713 and killing cifsd */
714 cFYI(1, ("Wait for exit from demultiplex thread"));
715 msleep(46000);
716 /* if threads still have not exited they are probably never
717 coming home not much else we can do but free the memory */
718 }
719
720 write_lock(&GlobalSMBSeslock);
721 atomic_dec(&tcpSesAllocCount);
722 length = tcpSesAllocCount.counter;
723
724 /* last chance to mark ses pointers invalid
725 if there are any pointing to this (e.g
726 if a crazy root user tried to kill cifsd
727 kernel thread explicitly this might happen) */
728 list_for_each(tmp, &GlobalSMBSessionList) {
729 ses = list_entry(tmp, struct cifsSesInfo,
730 cifsSessionList);
731 if (ses->server == server) {
732 ses->server = NULL;
733 }
734 }
735 write_unlock(&GlobalSMBSeslock);
736
737 kfree(server);
738 if(length > 0) {
739 mempool_resize(cifs_req_poolp,
740 length + cifs_min_rcv,
741 GFP_KERNEL);
742 }
743
744 complete_and_exit(&cifsd_complete, 0);
745 return 0;
746 }
747
748 static int
749 cifs_parse_mount_options(char *options, const char *devname,struct smb_vol *vol)
750 {
751 char *value;
752 char *data;
753 unsigned int temp_len, i, j;
754 char separator[2];
755
756 separator[0] = ',';
757 separator[1] = 0;
758
759 memset(vol->source_rfc1001_name,0x20,15);
760 for(i=0;i < strnlen(system_utsname.nodename,15);i++) {
761 /* does not have to be a perfect mapping since the field is
762 informational, only used for servers that do not support
763 port 445 and it can be overridden at mount time */
764 vol->source_rfc1001_name[i] =
765 toupper(system_utsname.nodename[i]);
766 }
767 vol->source_rfc1001_name[15] = 0;
768 /* null target name indicates to use *SMBSERVR default called name
769 if we end up sending RFC1001 session initialize */
770 vol->target_rfc1001_name[0] = 0;
771 vol->linux_uid = current->uid; /* current->euid instead? */
772 vol->linux_gid = current->gid;
773 vol->dir_mode = S_IRWXUGO;
774 /* 2767 perms indicate mandatory locking support */
775 vol->file_mode = S_IALLUGO & ~(S_ISUID | S_IXGRP);
776
777 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
778 vol->rw = TRUE;
779
780 /* default is always to request posix paths. */
781 vol->posix_paths = 1;
782
783 if (!options)
784 return 1;
785
786 if(strncmp(options,"sep=",4) == 0) {
787 if(options[4] != 0) {
788 separator[0] = options[4];
789 options += 5;
790 } else {
791 cFYI(1,("Null separator not allowed"));
792 }
793 }
794
795 while ((data = strsep(&options, separator)) != NULL) {
796 if (!*data)
797 continue;
798 if ((value = strchr(data, '=')) != NULL)
799 *value++ = '\0';
800
801 if (strnicmp(data, "user_xattr",10) == 0) {/*parse before user*/
802 vol->no_xattr = 0;
803 } else if (strnicmp(data, "nouser_xattr",12) == 0) {
804 vol->no_xattr = 1;
805 } else if (strnicmp(data, "user", 4) == 0) {
806 if (!value || !*value) {
807 printk(KERN_WARNING
808 "CIFS: invalid or missing username\n");
809 return 1; /* needs_arg; */
810 }
811 if (strnlen(value, 200) < 200) {
812 vol->username = value;
813 } else {
814 printk(KERN_WARNING "CIFS: username too long\n");
815 return 1;
816 }
817 } else if (strnicmp(data, "pass", 4) == 0) {
818 if (!value) {
819 vol->password = NULL;
820 continue;
821 } else if(value[0] == 0) {
822 /* check if string begins with double comma
823 since that would mean the password really
824 does start with a comma, and would not
825 indicate an empty string */
826 if(value[1] != separator[0]) {
827 vol->password = NULL;
828 continue;
829 }
830 }
831 temp_len = strlen(value);
832 /* removed password length check, NTLM passwords
833 can be arbitrarily long */
834
835 /* if comma in password, the string will be
836 prematurely null terminated. Commas in password are
837 specified across the cifs mount interface by a double
838 comma ie ,, and a comma used as in other cases ie ','
839 as a parameter delimiter/separator is single and due
840 to the strsep above is temporarily zeroed. */
841
842 /* NB: password legally can have multiple commas and
843 the only illegal character in a password is null */
844
845 if ((value[temp_len] == 0) &&
846 (value[temp_len+1] == separator[0])) {
847 /* reinsert comma */
848 value[temp_len] = separator[0];
849 temp_len+=2; /* move after the second comma */
850 while(value[temp_len] != 0) {
851 if (value[temp_len] == separator[0]) {
852 if (value[temp_len+1] ==
853 separator[0]) {
854 /* skip second comma */
855 temp_len++;
856 } else {
857 /* single comma indicating start
858 of next parm */
859 break;
860 }
861 }
862 temp_len++;
863 }
864 if(value[temp_len] == 0) {
865 options = NULL;
866 } else {
867 value[temp_len] = 0;
868 /* point option to start of next parm */
869 options = value + temp_len + 1;
870 }
871 /* go from value to value + temp_len condensing
872 double commas to singles. Note that this ends up
873 allocating a few bytes too many, which is ok */
874 vol->password = kzalloc(temp_len, GFP_KERNEL);
875 if(vol->password == NULL) {
876 printk("CIFS: no memory for pass\n");
877 return 1;
878 }
879 for(i=0,j=0;i<temp_len;i++,j++) {
880 vol->password[j] = value[i];
881 if(value[i] == separator[0]
882 && value[i+1] == separator[0]) {
883 /* skip second comma */
884 i++;
885 }
886 }
887 vol->password[j] = 0;
888 } else {
889 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
890 if(vol->password == NULL) {
891 printk("CIFS: no memory for pass\n");
892 return 1;
893 }
894 strcpy(vol->password, value);
895 }
896 } else if (strnicmp(data, "ip", 2) == 0) {
897 if (!value || !*value) {
898 vol->UNCip = NULL;
899 } else if (strnlen(value, 35) < 35) {
900 vol->UNCip = value;
901 } else {
902 printk(KERN_WARNING "CIFS: ip address too long\n");
903 return 1;
904 }
905 } else if ((strnicmp(data, "unc", 3) == 0)
906 || (strnicmp(data, "target", 6) == 0)
907 || (strnicmp(data, "path", 4) == 0)) {
908 if (!value || !*value) {
909 printk(KERN_WARNING
910 "CIFS: invalid path to network resource\n");
911 return 1; /* needs_arg; */
912 }
913 if ((temp_len = strnlen(value, 300)) < 300) {
914 vol->UNC = kmalloc(temp_len+1,GFP_KERNEL);
915 if(vol->UNC == NULL)
916 return 1;
917 strcpy(vol->UNC,value);
918 if (strncmp(vol->UNC, "//", 2) == 0) {
919 vol->UNC[0] = '\\';
920 vol->UNC[1] = '\\';
921 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
922 printk(KERN_WARNING
923 "CIFS: UNC Path does not begin with // or \\\\ \n");
924 return 1;
925 }
926 } else {
927 printk(KERN_WARNING "CIFS: UNC name too long\n");
928 return 1;
929 }
930 } else if ((strnicmp(data, "domain", 3) == 0)
931 || (strnicmp(data, "workgroup", 5) == 0)) {
932 if (!value || !*value) {
933 printk(KERN_WARNING "CIFS: invalid domain name\n");
934 return 1; /* needs_arg; */
935 }
936 /* BB are there cases in which a comma can be valid in
937 a domain name and need special handling? */
938 if (strnlen(value, 65) < 65) {
939 vol->domainname = value;
940 cFYI(1, ("Domain name set"));
941 } else {
942 printk(KERN_WARNING "CIFS: domain name too long\n");
943 return 1;
944 }
945 } else if (strnicmp(data, "iocharset", 9) == 0) {
946 if (!value || !*value) {
947 printk(KERN_WARNING "CIFS: invalid iocharset specified\n");
948 return 1; /* needs_arg; */
949 }
950 if (strnlen(value, 65) < 65) {
951 if(strnicmp(value,"default",7))
952 vol->iocharset = value;
953 /* if iocharset not set load_nls_default used by caller */
954 cFYI(1, ("iocharset set to %s",value));
955 } else {
956 printk(KERN_WARNING "CIFS: iocharset name too long.\n");
957 return 1;
958 }
959 } else if (strnicmp(data, "uid", 3) == 0) {
960 if (value && *value) {
961 vol->linux_uid =
962 simple_strtoul(value, &value, 0);
963 }
964 } else if (strnicmp(data, "gid", 3) == 0) {
965 if (value && *value) {
966 vol->linux_gid =
967 simple_strtoul(value, &value, 0);
968 }
969 } else if (strnicmp(data, "file_mode", 4) == 0) {
970 if (value && *value) {
971 vol->file_mode =
972 simple_strtoul(value, &value, 0);
973 }
974 } else if (strnicmp(data, "dir_mode", 4) == 0) {
975 if (value && *value) {
976 vol->dir_mode =
977 simple_strtoul(value, &value, 0);
978 }
979 } else if (strnicmp(data, "dirmode", 4) == 0) {
980 if (value && *value) {
981 vol->dir_mode =
982 simple_strtoul(value, &value, 0);
983 }
984 } else if (strnicmp(data, "port", 4) == 0) {
985 if (value && *value) {
986 vol->port =
987 simple_strtoul(value, &value, 0);
988 }
989 } else if (strnicmp(data, "rsize", 5) == 0) {
990 if (value && *value) {
991 vol->rsize =
992 simple_strtoul(value, &value, 0);
993 }
994 } else if (strnicmp(data, "wsize", 5) == 0) {
995 if (value && *value) {
996 vol->wsize =
997 simple_strtoul(value, &value, 0);
998 }
999 } else if (strnicmp(data, "sockopt", 5) == 0) {
1000 if (value && *value) {
1001 vol->sockopt =
1002 simple_strtoul(value, &value, 0);
1003 }
1004 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1005 if (!value || !*value || (*value == ' ')) {
1006 cFYI(1,("invalid (empty) netbiosname specified"));
1007 } else {
1008 memset(vol->source_rfc1001_name,0x20,15);
1009 for(i=0;i<15;i++) {
1010 /* BB are there cases in which a comma can be
1011 valid in this workstation netbios name (and need
1012 special handling)? */
1013
1014 /* We do not uppercase netbiosname for user */
1015 if (value[i]==0)
1016 break;
1017 else
1018 vol->source_rfc1001_name[i] = value[i];
1019 }
1020 /* The string has 16th byte zero still from
1021 set at top of the function */
1022 if((i==15) && (value[i] != 0))
1023 printk(KERN_WARNING "CIFS: netbiosname longer than 15 truncated.\n");
1024 }
1025 } else if (strnicmp(data, "servern", 7) == 0) {
1026 /* servernetbiosname specified override *SMBSERVER */
1027 if (!value || !*value || (*value == ' ')) {
1028 cFYI(1,("empty server netbiosname specified"));
1029 } else {
1030 /* last byte, type, is 0x20 for servr type */
1031 memset(vol->target_rfc1001_name,0x20,16);
1032
1033 for(i=0;i<15;i++) {
1034 /* BB are there cases in which a comma can be
1035 valid in this workstation netbios name (and need
1036 special handling)? */
1037
1038 /* user or mount helper must uppercase netbiosname */
1039 if (value[i]==0)
1040 break;
1041 else
1042 vol->target_rfc1001_name[i] = value[i];
1043 }
1044 /* The string has 16th byte zero still from
1045 set at top of the function */
1046 if((i==15) && (value[i] != 0))
1047 printk(KERN_WARNING "CIFS: server netbiosname longer than 15 truncated.\n");
1048 }
1049 } else if (strnicmp(data, "credentials", 4) == 0) {
1050 /* ignore */
1051 } else if (strnicmp(data, "version", 3) == 0) {
1052 /* ignore */
1053 } else if (strnicmp(data, "guest",5) == 0) {
1054 /* ignore */
1055 } else if (strnicmp(data, "rw", 2) == 0) {
1056 vol->rw = TRUE;
1057 } else if ((strnicmp(data, "suid", 4) == 0) ||
1058 (strnicmp(data, "nosuid", 6) == 0) ||
1059 (strnicmp(data, "exec", 4) == 0) ||
1060 (strnicmp(data, "noexec", 6) == 0) ||
1061 (strnicmp(data, "nodev", 5) == 0) ||
1062 (strnicmp(data, "noauto", 6) == 0) ||
1063 (strnicmp(data, "dev", 3) == 0)) {
1064 /* The mount tool or mount.cifs helper (if present)
1065 uses these opts to set flags, and the flags are read
1066 by the kernel vfs layer before we get here (ie
1067 before read super) so there is no point trying to
1068 parse these options again and set anything and it
1069 is ok to just ignore them */
1070 continue;
1071 } else if (strnicmp(data, "ro", 2) == 0) {
1072 vol->rw = FALSE;
1073 } else if (strnicmp(data, "hard", 4) == 0) {
1074 vol->retry = 1;
1075 } else if (strnicmp(data, "soft", 4) == 0) {
1076 vol->retry = 0;
1077 } else if (strnicmp(data, "perm", 4) == 0) {
1078 vol->noperm = 0;
1079 } else if (strnicmp(data, "noperm", 6) == 0) {
1080 vol->noperm = 1;
1081 } else if (strnicmp(data, "mapchars", 8) == 0) {
1082 vol->remap = 1;
1083 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1084 vol->remap = 0;
1085 } else if (strnicmp(data, "sfu", 3) == 0) {
1086 vol->sfu_emul = 1;
1087 } else if (strnicmp(data, "nosfu", 5) == 0) {
1088 vol->sfu_emul = 0;
1089 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1090 vol->posix_paths = 1;
1091 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1092 vol->posix_paths = 0;
1093 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1094 (strnicmp(data, "ignorecase", 10) == 0)) {
1095 vol->nocase = 1;
1096 } else if (strnicmp(data, "brl", 3) == 0) {
1097 vol->nobrl = 0;
1098 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1099 (strnicmp(data, "nolock", 6) == 0)) {
1100 vol->nobrl = 1;
1101 /* turn off mandatory locking in mode
1102 if remote locking is turned off since the
1103 local vfs will do advisory */
1104 if(vol->file_mode == (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1105 vol->file_mode = S_IALLUGO;
1106 } else if (strnicmp(data, "setuids", 7) == 0) {
1107 vol->setuids = 1;
1108 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1109 vol->setuids = 0;
1110 } else if (strnicmp(data, "nohard", 6) == 0) {
1111 vol->retry = 0;
1112 } else if (strnicmp(data, "nosoft", 6) == 0) {
1113 vol->retry = 1;
1114 } else if (strnicmp(data, "nointr", 6) == 0) {
1115 vol->intr = 0;
1116 } else if (strnicmp(data, "intr", 4) == 0) {
1117 vol->intr = 1;
1118 } else if (strnicmp(data, "serverino",7) == 0) {
1119 vol->server_ino = 1;
1120 } else if (strnicmp(data, "noserverino",9) == 0) {
1121 vol->server_ino = 0;
1122 } else if (strnicmp(data, "acl",3) == 0) {
1123 vol->no_psx_acl = 0;
1124 } else if (strnicmp(data, "noacl",5) == 0) {
1125 vol->no_psx_acl = 1;
1126 } else if (strnicmp(data, "direct",6) == 0) {
1127 vol->direct_io = 1;
1128 } else if (strnicmp(data, "forcedirectio",13) == 0) {
1129 vol->direct_io = 1;
1130 } else if (strnicmp(data, "in6_addr",8) == 0) {
1131 if (!value || !*value) {
1132 vol->in6_addr = NULL;
1133 } else if (strnlen(value, 49) == 48) {
1134 vol->in6_addr = value;
1135 } else {
1136 printk(KERN_WARNING "CIFS: ip v6 address not 48 characters long\n");
1137 return 1;
1138 }
1139 } else if (strnicmp(data, "noac", 4) == 0) {
1140 printk(KERN_WARNING "CIFS: Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1141 } else
1142 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",data);
1143 }
1144 if (vol->UNC == NULL) {
1145 if(devname == NULL) {
1146 printk(KERN_WARNING "CIFS: Missing UNC name for mount target\n");
1147 return 1;
1148 }
1149 if ((temp_len = strnlen(devname, 300)) < 300) {
1150 vol->UNC = kmalloc(temp_len+1,GFP_KERNEL);
1151 if(vol->UNC == NULL)
1152 return 1;
1153 strcpy(vol->UNC,devname);
1154 if (strncmp(vol->UNC, "//", 2) == 0) {
1155 vol->UNC[0] = '\\';
1156 vol->UNC[1] = '\\';
1157 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1158 printk(KERN_WARNING "CIFS: UNC Path does not begin with // or \\\\ \n");
1159 return 1;
1160 }
1161 } else {
1162 printk(KERN_WARNING "CIFS: UNC name too long\n");
1163 return 1;
1164 }
1165 }
1166 if(vol->UNCip == NULL)
1167 vol->UNCip = &vol->UNC[2];
1168
1169 return 0;
1170 }
1171
1172 static struct cifsSesInfo *
1173 cifs_find_tcp_session(struct in_addr * target_ip_addr,
1174 struct in6_addr *target_ip6_addr,
1175 char *userName, struct TCP_Server_Info **psrvTcp)
1176 {
1177 struct list_head *tmp;
1178 struct cifsSesInfo *ses;
1179 *psrvTcp = NULL;
1180 read_lock(&GlobalSMBSeslock);
1181
1182 list_for_each(tmp, &GlobalSMBSessionList) {
1183 ses = list_entry(tmp, struct cifsSesInfo, cifsSessionList);
1184 if (ses->server) {
1185 if((target_ip_addr &&
1186 (ses->server->addr.sockAddr.sin_addr.s_addr
1187 == target_ip_addr->s_addr)) || (target_ip6_addr
1188 && memcmp(&ses->server->addr.sockAddr6.sin6_addr,
1189 target_ip6_addr,sizeof(*target_ip6_addr)))){
1190 /* BB lock server and tcp session and increment use count here?? */
1191 *psrvTcp = ses->server; /* found a match on the TCP session */
1192 /* BB check if reconnection needed */
1193 if (strncmp
1194 (ses->userName, userName,
1195 MAX_USERNAME_SIZE) == 0){
1196 read_unlock(&GlobalSMBSeslock);
1197 return ses; /* found exact match on both tcp and SMB sessions */
1198 }
1199 }
1200 }
1201 /* else tcp and smb sessions need reconnection */
1202 }
1203 read_unlock(&GlobalSMBSeslock);
1204 return NULL;
1205 }
1206
1207 static struct cifsTconInfo *
1208 find_unc(__be32 new_target_ip_addr, char *uncName, char *userName)
1209 {
1210 struct list_head *tmp;
1211 struct cifsTconInfo *tcon;
1212
1213 read_lock(&GlobalSMBSeslock);
1214 list_for_each(tmp, &GlobalTreeConnectionList) {
1215 cFYI(1, ("Next tcon - "));
1216 tcon = list_entry(tmp, struct cifsTconInfo, cifsConnectionList);
1217 if (tcon->ses) {
1218 if (tcon->ses->server) {
1219 cFYI(1,
1220 (" old ip addr: %x == new ip %x ?",
1221 tcon->ses->server->addr.sockAddr.sin_addr.
1222 s_addr, new_target_ip_addr));
1223 if (tcon->ses->server->addr.sockAddr.sin_addr.
1224 s_addr == new_target_ip_addr) {
1225 /* BB lock tcon and server and tcp session and increment use count here? */
1226 /* found a match on the TCP session */
1227 /* BB check if reconnection needed */
1228 cFYI(1,("Matched ip, old UNC: %s == new: %s ?",
1229 tcon->treeName, uncName));
1230 if (strncmp
1231 (tcon->treeName, uncName,
1232 MAX_TREE_SIZE) == 0) {
1233 cFYI(1,
1234 ("Matched UNC, old user: %s == new: %s ?",
1235 tcon->treeName, uncName));
1236 if (strncmp
1237 (tcon->ses->userName,
1238 userName,
1239 MAX_USERNAME_SIZE) == 0) {
1240 read_unlock(&GlobalSMBSeslock);
1241 return tcon;/* also matched user (smb session)*/
1242 }
1243 }
1244 }
1245 }
1246 }
1247 }
1248 read_unlock(&GlobalSMBSeslock);
1249 return NULL;
1250 }
1251
1252 int
1253 connect_to_dfs_path(int xid, struct cifsSesInfo *pSesInfo,
1254 const char *old_path, const struct nls_table *nls_codepage,
1255 int remap)
1256 {
1257 unsigned char *referrals = NULL;
1258 unsigned int num_referrals;
1259 int rc = 0;
1260
1261 rc = get_dfs_path(xid, pSesInfo,old_path, nls_codepage,
1262 &num_referrals, &referrals, remap);
1263
1264 /* BB Add in code to: if valid refrl, if not ip address contact
1265 the helper that resolves tcp names, mount to it, try to
1266 tcon to it unmount it if fail */
1267
1268 if(referrals)
1269 kfree(referrals);
1270
1271 return rc;
1272 }
1273
1274 int
1275 get_dfs_path(int xid, struct cifsSesInfo *pSesInfo,
1276 const char *old_path, const struct nls_table *nls_codepage,
1277 unsigned int *pnum_referrals,
1278 unsigned char ** preferrals, int remap)
1279 {
1280 char *temp_unc;
1281 int rc = 0;
1282
1283 *pnum_referrals = 0;
1284
1285 if (pSesInfo->ipc_tid == 0) {
1286 temp_unc = kmalloc(2 /* for slashes */ +
1287 strnlen(pSesInfo->serverName,SERVER_NAME_LEN_WITH_NULL * 2)
1288 + 1 + 4 /* slash IPC$ */ + 2,
1289 GFP_KERNEL);
1290 if (temp_unc == NULL)
1291 return -ENOMEM;
1292 temp_unc[0] = '\\';
1293 temp_unc[1] = '\\';
1294 strcpy(temp_unc + 2, pSesInfo->serverName);
1295 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
1296 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
1297 cFYI(1,
1298 ("CIFS Tcon rc = %d ipc_tid = %d", rc,pSesInfo->ipc_tid));
1299 kfree(temp_unc);
1300 }
1301 if (rc == 0)
1302 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
1303 pnum_referrals, nls_codepage, remap);
1304
1305 return rc;
1306 }
1307
1308 /* See RFC1001 section 14 on representation of Netbios names */
1309 static void rfc1002mangle(char * target,char * source, unsigned int length)
1310 {
1311 unsigned int i,j;
1312
1313 for(i=0,j=0;i<(length);i++) {
1314 /* mask a nibble at a time and encode */
1315 target[j] = 'A' + (0x0F & (source[i] >> 4));
1316 target[j+1] = 'A' + (0x0F & source[i]);
1317 j+=2;
1318 }
1319
1320 }
1321
1322
1323 static int
1324 ipv4_connect(struct sockaddr_in *psin_server, struct socket **csocket,
1325 char * netbios_name, char * target_name)
1326 {
1327 int rc = 0;
1328 int connected = 0;
1329 __be16 orig_port = 0;
1330
1331 if(*csocket == NULL) {
1332 rc = sock_create_kern(PF_INET, SOCK_STREAM, IPPROTO_TCP, csocket);
1333 if (rc < 0) {
1334 cERROR(1, ("Error %d creating socket",rc));
1335 *csocket = NULL;
1336 return rc;
1337 } else {
1338 /* BB other socket options to set KEEPALIVE, NODELAY? */
1339 cFYI(1,("Socket created"));
1340 (*csocket)->sk->sk_allocation = GFP_NOFS;
1341 }
1342 }
1343
1344 psin_server->sin_family = AF_INET;
1345 if(psin_server->sin_port) { /* user overrode default port */
1346 rc = (*csocket)->ops->connect(*csocket,
1347 (struct sockaddr *) psin_server,
1348 sizeof (struct sockaddr_in),0);
1349 if (rc >= 0)
1350 connected = 1;
1351 }
1352
1353 if(!connected) {
1354 /* save original port so we can retry user specified port
1355 later if fall back ports fail this time */
1356 orig_port = psin_server->sin_port;
1357
1358 /* do not retry on the same port we just failed on */
1359 if(psin_server->sin_port != htons(CIFS_PORT)) {
1360 psin_server->sin_port = htons(CIFS_PORT);
1361
1362 rc = (*csocket)->ops->connect(*csocket,
1363 (struct sockaddr *) psin_server,
1364 sizeof (struct sockaddr_in),0);
1365 if (rc >= 0)
1366 connected = 1;
1367 }
1368 }
1369 if (!connected) {
1370 psin_server->sin_port = htons(RFC1001_PORT);
1371 rc = (*csocket)->ops->connect(*csocket, (struct sockaddr *)
1372 psin_server, sizeof (struct sockaddr_in),0);
1373 if (rc >= 0)
1374 connected = 1;
1375 }
1376
1377 /* give up here - unless we want to retry on different
1378 protocol families some day */
1379 if (!connected) {
1380 if(orig_port)
1381 psin_server->sin_port = orig_port;
1382 cFYI(1,("Error %d connecting to server via ipv4",rc));
1383 sock_release(*csocket);
1384 *csocket = NULL;
1385 return rc;
1386 }
1387 /* Eventually check for other socket options to change from
1388 the default. sock_setsockopt not used because it expects
1389 user space buffer */
1390 cFYI(1,("sndbuf %d rcvbuf %d rcvtimeo 0x%lx",(*csocket)->sk->sk_sndbuf,
1391 (*csocket)->sk->sk_rcvbuf, (*csocket)->sk->sk_rcvtimeo));
1392 (*csocket)->sk->sk_rcvtimeo = 7 * HZ;
1393 /* make the bufsizes depend on wsize/rsize and max requests */
1394 if((*csocket)->sk->sk_sndbuf < (200 * 1024))
1395 (*csocket)->sk->sk_sndbuf = 200 * 1024;
1396 if((*csocket)->sk->sk_rcvbuf < (140 * 1024))
1397 (*csocket)->sk->sk_rcvbuf = 140 * 1024;
1398
1399 /* send RFC1001 sessinit */
1400 if(psin_server->sin_port == htons(RFC1001_PORT)) {
1401 /* some servers require RFC1001 sessinit before sending
1402 negprot - BB check reconnection in case where second
1403 sessinit is sent but no second negprot */
1404 struct rfc1002_session_packet * ses_init_buf;
1405 struct smb_hdr * smb_buf;
1406 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet), GFP_KERNEL);
1407 if(ses_init_buf) {
1408 ses_init_buf->trailer.session_req.called_len = 32;
1409 if(target_name && (target_name[0] != 0)) {
1410 rfc1002mangle(ses_init_buf->trailer.session_req.called_name,
1411 target_name, 16);
1412 } else {
1413 rfc1002mangle(ses_init_buf->trailer.session_req.called_name,
1414 DEFAULT_CIFS_CALLED_NAME,16);
1415 }
1416
1417 ses_init_buf->trailer.session_req.calling_len = 32;
1418 /* calling name ends in null (byte 16) from old smb
1419 convention. */
1420 if(netbios_name && (netbios_name[0] !=0)) {
1421 rfc1002mangle(ses_init_buf->trailer.session_req.calling_name,
1422 netbios_name,16);
1423 } else {
1424 rfc1002mangle(ses_init_buf->trailer.session_req.calling_name,
1425 "LINUX_CIFS_CLNT",16);
1426 }
1427 ses_init_buf->trailer.session_req.scope1 = 0;
1428 ses_init_buf->trailer.session_req.scope2 = 0;
1429 smb_buf = (struct smb_hdr *)ses_init_buf;
1430 /* sizeof RFC1002_SESSION_REQUEST with no scope */
1431 smb_buf->smb_buf_length = 0x81000044;
1432 rc = smb_send(*csocket, smb_buf, 0x44,
1433 (struct sockaddr *)psin_server);
1434 kfree(ses_init_buf);
1435 }
1436 /* else the negprot may still work without this
1437 even though malloc failed */
1438
1439 }
1440
1441 return rc;
1442 }
1443
1444 static int
1445 ipv6_connect(struct sockaddr_in6 *psin_server, struct socket **csocket)
1446 {
1447 int rc = 0;
1448 int connected = 0;
1449 __be16 orig_port = 0;
1450
1451 if(*csocket == NULL) {
1452 rc = sock_create_kern(PF_INET6, SOCK_STREAM, IPPROTO_TCP, csocket);
1453 if (rc < 0) {
1454 cERROR(1, ("Error %d creating ipv6 socket",rc));
1455 *csocket = NULL;
1456 return rc;
1457 } else {
1458 /* BB other socket options to set KEEPALIVE, NODELAY? */
1459 cFYI(1,("ipv6 Socket created"));
1460 (*csocket)->sk->sk_allocation = GFP_NOFS;
1461 }
1462 }
1463
1464 psin_server->sin6_family = AF_INET6;
1465
1466 if(psin_server->sin6_port) { /* user overrode default port */
1467 rc = (*csocket)->ops->connect(*csocket,
1468 (struct sockaddr *) psin_server,
1469 sizeof (struct sockaddr_in6),0);
1470 if (rc >= 0)
1471 connected = 1;
1472 }
1473
1474 if(!connected) {
1475 /* save original port so we can retry user specified port
1476 later if fall back ports fail this time */
1477
1478 orig_port = psin_server->sin6_port;
1479 /* do not retry on the same port we just failed on */
1480 if(psin_server->sin6_port != htons(CIFS_PORT)) {
1481 psin_server->sin6_port = htons(CIFS_PORT);
1482
1483 rc = (*csocket)->ops->connect(*csocket,
1484 (struct sockaddr *) psin_server,
1485 sizeof (struct sockaddr_in6),0);
1486 if (rc >= 0)
1487 connected = 1;
1488 }
1489 }
1490 if (!connected) {
1491 psin_server->sin6_port = htons(RFC1001_PORT);
1492 rc = (*csocket)->ops->connect(*csocket, (struct sockaddr *)
1493 psin_server, sizeof (struct sockaddr_in6),0);
1494 if (rc >= 0)
1495 connected = 1;
1496 }
1497
1498 /* give up here - unless we want to retry on different
1499 protocol families some day */
1500 if (!connected) {
1501 if(orig_port)
1502 psin_server->sin6_port = orig_port;
1503 cFYI(1,("Error %d connecting to server via ipv6",rc));
1504 sock_release(*csocket);
1505 *csocket = NULL;
1506 return rc;
1507 }
1508 /* Eventually check for other socket options to change from
1509 the default. sock_setsockopt not used because it expects
1510 user space buffer */
1511 (*csocket)->sk->sk_rcvtimeo = 7 * HZ;
1512
1513 return rc;
1514 }
1515
1516 int
1517 cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
1518 char *mount_data, const char *devname)
1519 {
1520 int rc = 0;
1521 int xid;
1522 int address_type = AF_INET;
1523 struct socket *csocket = NULL;
1524 struct sockaddr_in sin_server;
1525 struct sockaddr_in6 sin_server6;
1526 struct smb_vol volume_info;
1527 struct cifsSesInfo *pSesInfo = NULL;
1528 struct cifsSesInfo *existingCifsSes = NULL;
1529 struct cifsTconInfo *tcon = NULL;
1530 struct TCP_Server_Info *srvTcp = NULL;
1531
1532 xid = GetXid();
1533
1534 /* cFYI(1, ("Entering cifs_mount. Xid: %d with: %s", xid, mount_data)); */
1535
1536 memset(&volume_info,0,sizeof(struct smb_vol));
1537 if (cifs_parse_mount_options(mount_data, devname, &volume_info)) {
1538 if(volume_info.UNC)
1539 kfree(volume_info.UNC);
1540 if(volume_info.password)
1541 kfree(volume_info.password);
1542 FreeXid(xid);
1543 return -EINVAL;
1544 }
1545
1546 if (volume_info.username) {
1547 /* BB fixme parse for domain name here */
1548 cFYI(1, ("Username: %s ", volume_info.username));
1549
1550 } else {
1551 cifserror("No username specified ");
1552 /* In userspace mount helper we can get user name from alternate
1553 locations such as env variables and files on disk */
1554 if(volume_info.UNC)
1555 kfree(volume_info.UNC);
1556 if(volume_info.password)
1557 kfree(volume_info.password);
1558 FreeXid(xid);
1559 return -EINVAL;
1560 }
1561
1562 if (volume_info.UNCip && volume_info.UNC) {
1563 rc = cifs_inet_pton(AF_INET, volume_info.UNCip,&sin_server.sin_addr.s_addr);
1564
1565 if(rc <= 0) {
1566 /* not ipv4 address, try ipv6 */
1567 rc = cifs_inet_pton(AF_INET6,volume_info.UNCip,&sin_server6.sin6_addr.in6_u);
1568 if(rc > 0)
1569 address_type = AF_INET6;
1570 } else {
1571 address_type = AF_INET;
1572 }
1573
1574 if(rc <= 0) {
1575 /* we failed translating address */
1576 if(volume_info.UNC)
1577 kfree(volume_info.UNC);
1578 if(volume_info.password)
1579 kfree(volume_info.password);
1580 FreeXid(xid);
1581 return -EINVAL;
1582 }
1583
1584 cFYI(1, ("UNC: %s ip: %s", volume_info.UNC, volume_info.UNCip));
1585 /* success */
1586 rc = 0;
1587 } else if (volume_info.UNCip){
1588 /* BB using ip addr as server name connect to the DFS root below */
1589 cERROR(1,("Connecting to DFS root not implemented yet"));
1590 if(volume_info.UNC)
1591 kfree(volume_info.UNC);
1592 if(volume_info.password)
1593 kfree(volume_info.password);
1594 FreeXid(xid);
1595 return -EINVAL;
1596 } else /* which servers DFS root would we conect to */ {
1597 cERROR(1,
1598 ("CIFS mount error: No UNC path (e.g. -o unc=//192.168.1.100/public) specified "));
1599 if(volume_info.UNC)
1600 kfree(volume_info.UNC);
1601 if(volume_info.password)
1602 kfree(volume_info.password);
1603 FreeXid(xid);
1604 return -EINVAL;
1605 }
1606
1607 /* this is needed for ASCII cp to Unicode converts */
1608 if(volume_info.iocharset == NULL) {
1609 cifs_sb->local_nls = load_nls_default();
1610 /* load_nls_default can not return null */
1611 } else {
1612 cifs_sb->local_nls = load_nls(volume_info.iocharset);
1613 if(cifs_sb->local_nls == NULL) {
1614 cERROR(1,("CIFS mount error: iocharset %s not found",volume_info.iocharset));
1615 if(volume_info.UNC)
1616 kfree(volume_info.UNC);
1617 if(volume_info.password)
1618 kfree(volume_info.password);
1619 FreeXid(xid);
1620 return -ELIBACC;
1621 }
1622 }
1623
1624 if(address_type == AF_INET)
1625 existingCifsSes = cifs_find_tcp_session(&sin_server.sin_addr,
1626 NULL /* no ipv6 addr */,
1627 volume_info.username, &srvTcp);
1628 else if(address_type == AF_INET6)
1629 existingCifsSes = cifs_find_tcp_session(NULL /* no ipv4 addr */,
1630 &sin_server6.sin6_addr,
1631 volume_info.username, &srvTcp);
1632 else {
1633 if(volume_info.UNC)
1634 kfree(volume_info.UNC);
1635 if(volume_info.password)
1636 kfree(volume_info.password);
1637 FreeXid(xid);
1638 return -EINVAL;
1639 }
1640
1641
1642 if (srvTcp) {
1643 cFYI(1, ("Existing tcp session with server found "));
1644 } else { /* create socket */
1645 if(volume_info.port)
1646 sin_server.sin_port = htons(volume_info.port);
1647 else
1648 sin_server.sin_port = 0;
1649 rc = ipv4_connect(&sin_server,&csocket,
1650 volume_info.source_rfc1001_name,
1651 volume_info.target_rfc1001_name);
1652 if (rc < 0) {
1653 cERROR(1,
1654 ("Error connecting to IPv4 socket. Aborting operation"));
1655 if(csocket != NULL)
1656 sock_release(csocket);
1657 if(volume_info.UNC)
1658 kfree(volume_info.UNC);
1659 if(volume_info.password)
1660 kfree(volume_info.password);
1661 FreeXid(xid);
1662 return rc;
1663 }
1664
1665 srvTcp = kmalloc(sizeof (struct TCP_Server_Info), GFP_KERNEL);
1666 if (srvTcp == NULL) {
1667 rc = -ENOMEM;
1668 sock_release(csocket);
1669 if(volume_info.UNC)
1670 kfree(volume_info.UNC);
1671 if(volume_info.password)
1672 kfree(volume_info.password);
1673 FreeXid(xid);
1674 return rc;
1675 } else {
1676 memset(srvTcp, 0, sizeof (struct TCP_Server_Info));
1677 memcpy(&srvTcp->addr.sockAddr, &sin_server, sizeof (struct sockaddr_in));
1678 atomic_set(&srvTcp->inFlight,0);
1679 /* BB Add code for ipv6 case too */
1680 srvTcp->ssocket = csocket;
1681 srvTcp->protocolType = IPV4;
1682 init_waitqueue_head(&srvTcp->response_q);
1683 init_waitqueue_head(&srvTcp->request_q);
1684 INIT_LIST_HEAD(&srvTcp->pending_mid_q);
1685 /* at this point we are the only ones with the pointer
1686 to the struct since the kernel thread not created yet
1687 so no need to spinlock this init of tcpStatus */
1688 srvTcp->tcpStatus = CifsNew;
1689 init_MUTEX(&srvTcp->tcpSem);
1690 rc = (int)kernel_thread((void *)(void *)cifs_demultiplex_thread, srvTcp,
1691 CLONE_FS | CLONE_FILES | CLONE_VM);
1692 if(rc < 0) {
1693 rc = -ENOMEM;
1694 sock_release(csocket);
1695 if(volume_info.UNC)
1696 kfree(volume_info.UNC);
1697 if(volume_info.password)
1698 kfree(volume_info.password);
1699 FreeXid(xid);
1700 return rc;
1701 }
1702 wait_for_completion(&cifsd_complete);
1703 rc = 0;
1704 memcpy(srvTcp->workstation_RFC1001_name, volume_info.source_rfc1001_name,16);
1705 memcpy(srvTcp->server_RFC1001_name, volume_info.target_rfc1001_name,16);
1706 srvTcp->sequence_number = 0;
1707 }
1708 }
1709
1710 if (existingCifsSes) {
1711 pSesInfo = existingCifsSes;
1712 cFYI(1, ("Existing smb sess found "));
1713 if(volume_info.password)
1714 kfree(volume_info.password);
1715 /* volume_info.UNC freed at end of function */
1716 } else if (!rc) {
1717 cFYI(1, ("Existing smb sess not found "));
1718 pSesInfo = sesInfoAlloc();
1719 if (pSesInfo == NULL)
1720 rc = -ENOMEM;
1721 else {
1722 pSesInfo->server = srvTcp;
1723 sprintf(pSesInfo->serverName, "%u.%u.%u.%u",
1724 NIPQUAD(sin_server.sin_addr.s_addr));
1725 }
1726
1727 if (!rc){
1728 /* volume_info.password freed at unmount */
1729 if (volume_info.password)
1730 pSesInfo->password = volume_info.password;
1731 if (volume_info.username)
1732 strncpy(pSesInfo->userName,
1733 volume_info.username,MAX_USERNAME_SIZE);
1734 if (volume_info.domainname)
1735 strncpy(pSesInfo->domainName,
1736 volume_info.domainname,MAX_USERNAME_SIZE);
1737 pSesInfo->linux_uid = volume_info.linux_uid;
1738 down(&pSesInfo->sesSem);
1739 rc = cifs_setup_session(xid,pSesInfo, cifs_sb->local_nls);
1740 up(&pSesInfo->sesSem);
1741 if(!rc)
1742 atomic_inc(&srvTcp->socketUseCount);
1743 } else
1744 if(volume_info.password)
1745 kfree(volume_info.password);
1746 }
1747
1748 /* search for existing tcon to this server share */
1749 if (!rc) {
1750 if(volume_info.rsize > CIFSMaxBufSize) {
1751 cERROR(1,("rsize %d too large, using MaxBufSize",
1752 volume_info.rsize));
1753 cifs_sb->rsize = CIFSMaxBufSize;
1754 } else if((volume_info.rsize) && (volume_info.rsize <= CIFSMaxBufSize))
1755 cifs_sb->rsize = volume_info.rsize;
1756 else /* default */
1757 cifs_sb->rsize = CIFSMaxBufSize;
1758
1759 if(volume_info.wsize > PAGEVEC_SIZE * PAGE_CACHE_SIZE) {
1760 cERROR(1,("wsize %d too large using 4096 instead",
1761 volume_info.wsize));
1762 cifs_sb->wsize = 4096;
1763 } else if(volume_info.wsize)
1764 cifs_sb->wsize = volume_info.wsize;
1765 else
1766 cifs_sb->wsize = CIFSMaxBufSize; /* default */
1767 if(cifs_sb->rsize < PAGE_CACHE_SIZE) {
1768 cifs_sb->rsize = PAGE_CACHE_SIZE;
1769 /* Windows ME does this */
1770 cFYI(1,("Attempt to set readsize for mount to less than one page (4096)"));
1771 }
1772 cifs_sb->mnt_uid = volume_info.linux_uid;
1773 cifs_sb->mnt_gid = volume_info.linux_gid;
1774 cifs_sb->mnt_file_mode = volume_info.file_mode;
1775 cifs_sb->mnt_dir_mode = volume_info.dir_mode;
1776 cFYI(1,("file mode: 0x%x dir mode: 0x%x",cifs_sb->mnt_file_mode,cifs_sb->mnt_dir_mode));
1777
1778 if(volume_info.noperm)
1779 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
1780 if(volume_info.setuids)
1781 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
1782 if(volume_info.server_ino)
1783 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
1784 if(volume_info.remap)
1785 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
1786 if(volume_info.no_xattr)
1787 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
1788 if(volume_info.sfu_emul)
1789 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
1790 if(volume_info.nobrl)
1791 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
1792
1793 if(volume_info.direct_io) {
1794 cFYI(1,("mounting share using direct i/o"));
1795 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
1796 }
1797
1798 tcon =
1799 find_unc(sin_server.sin_addr.s_addr, volume_info.UNC,
1800 volume_info.username);
1801 if (tcon) {
1802 cFYI(1, ("Found match on UNC path "));
1803 /* we can have only one retry value for a connection
1804 to a share so for resources mounted more than once
1805 to the same server share the last value passed in
1806 for the retry flag is used */
1807 tcon->retry = volume_info.retry;
1808 tcon->nocase = volume_info.nocase;
1809 } else {
1810 tcon = tconInfoAlloc();
1811 if (tcon == NULL)
1812 rc = -ENOMEM;
1813 else {
1814 /* check for null share name ie connect to dfs root */
1815
1816 /* BB check if this works for exactly length three strings */
1817 if ((strchr(volume_info.UNC + 3, '\\') == NULL)
1818 && (strchr(volume_info.UNC + 3, '/') ==
1819 NULL)) {
1820 rc = connect_to_dfs_path(xid, pSesInfo,
1821 "", cifs_sb->local_nls,
1822 cifs_sb->mnt_cifs_flags &
1823 CIFS_MOUNT_MAP_SPECIAL_CHR);
1824 if(volume_info.UNC)
1825 kfree(volume_info.UNC);
1826 FreeXid(xid);
1827 return -ENODEV;
1828 } else {
1829 rc = CIFSTCon(xid, pSesInfo,
1830 volume_info.UNC,
1831 tcon, cifs_sb->local_nls);
1832 cFYI(1, ("CIFS Tcon rc = %d", rc));
1833 }
1834 if (!rc) {
1835 atomic_inc(&pSesInfo->inUse);
1836 tcon->retry = volume_info.retry;
1837 tcon->nocase = volume_info.nocase;
1838 }
1839 }
1840 }
1841 }
1842 if(pSesInfo) {
1843 if (pSesInfo->capabilities & CAP_LARGE_FILES) {
1844 sb->s_maxbytes = (u64) 1 << 63;
1845 } else
1846 sb->s_maxbytes = (u64) 1 << 31; /* 2 GB */
1847 }
1848
1849 sb->s_time_gran = 100;
1850
1851 /* on error free sesinfo and tcon struct if needed */
1852 if (rc) {
1853 /* if session setup failed, use count is zero but
1854 we still need to free cifsd thread */
1855 if(atomic_read(&srvTcp->socketUseCount) == 0) {
1856 spin_lock(&GlobalMid_Lock);
1857 srvTcp->tcpStatus = CifsExiting;
1858 spin_unlock(&GlobalMid_Lock);
1859 if(srvTcp->tsk) {
1860 send_sig(SIGKILL,srvTcp->tsk,1);
1861 wait_for_completion(&cifsd_complete);
1862 }
1863 }
1864 /* If find_unc succeeded then rc == 0 so we can not end */
1865 if (tcon) /* up accidently freeing someone elses tcon struct */
1866 tconInfoFree(tcon);
1867 if (existingCifsSes == NULL) {
1868 if (pSesInfo) {
1869 if ((pSesInfo->server) &&
1870 (pSesInfo->status == CifsGood)) {
1871 int temp_rc;
1872 temp_rc = CIFSSMBLogoff(xid, pSesInfo);
1873 /* if the socketUseCount is now zero */
1874 if((temp_rc == -ESHUTDOWN) &&
1875 (pSesInfo->server->tsk)) {
1876 send_sig(SIGKILL,pSesInfo->server->tsk,1);
1877 wait_for_completion(&cifsd_complete);
1878 }
1879 } else
1880 cFYI(1, ("No session or bad tcon"));
1881 sesInfoFree(pSesInfo);
1882 /* pSesInfo = NULL; */
1883 }
1884 }
1885 } else {
1886 atomic_inc(&tcon->useCount);
1887 cifs_sb->tcon = tcon;
1888 tcon->ses = pSesInfo;
1889
1890 /* do not care if following two calls succeed - informational only */
1891 CIFSSMBQFSDeviceInfo(xid, tcon);
1892 CIFSSMBQFSAttributeInfo(xid, tcon);
1893 if (tcon->ses->capabilities & CAP_UNIX) {
1894 if(!CIFSSMBQFSUnixInfo(xid, tcon)) {
1895 if(!volume_info.no_psx_acl) {
1896 if(CIFS_UNIX_POSIX_ACL_CAP &
1897 le64_to_cpu(tcon->fsUnixInfo.Capability))
1898 cFYI(1,("server negotiated posix acl support"));
1899 sb->s_flags |= MS_POSIXACL;
1900 }
1901
1902 /* Try and negotiate POSIX pathnames if we can. */
1903 if (volume_info.posix_paths && (CIFS_UNIX_POSIX_PATHNAMES_CAP &
1904 le64_to_cpu(tcon->fsUnixInfo.Capability))) {
1905 if (!CIFSSMBSetFSUnixInfo(xid, tcon, CIFS_UNIX_POSIX_PATHNAMES_CAP)) {
1906 cFYI(1,("negotiated posix pathnames support"));
1907 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_POSIX_PATHS;
1908 } else {
1909 cFYI(1,("posix pathnames support requested but not supported"));
1910 }
1911 }
1912 }
1913 }
1914 if (!(tcon->ses->capabilities & CAP_LARGE_WRITE_X))
1915 cifs_sb->wsize = min(cifs_sb->wsize,
1916 (tcon->ses->server->maxBuf -
1917 MAX_CIFS_HDR_SIZE));
1918 if (!(tcon->ses->capabilities & CAP_LARGE_READ_X))
1919 cifs_sb->rsize = min(cifs_sb->rsize,
1920 (tcon->ses->server->maxBuf -
1921 MAX_CIFS_HDR_SIZE));
1922 }
1923
1924 /* volume_info.password is freed above when existing session found
1925 (in which case it is not needed anymore) but when new sesion is created
1926 the password ptr is put in the new session structure (in which case the
1927 password will be freed at unmount time) */
1928 if(volume_info.UNC)
1929 kfree(volume_info.UNC);
1930 FreeXid(xid);
1931 return rc;
1932 }
1933
1934 static int
1935 CIFSSessSetup(unsigned int xid, struct cifsSesInfo *ses,
1936 char session_key[CIFS_SESSION_KEY_SIZE],
1937 const struct nls_table *nls_codepage)
1938 {
1939 struct smb_hdr *smb_buffer;
1940 struct smb_hdr *smb_buffer_response;
1941 SESSION_SETUP_ANDX *pSMB;
1942 SESSION_SETUP_ANDX *pSMBr;
1943 char *bcc_ptr;
1944 char *user;
1945 char *domain;
1946 int rc = 0;
1947 int remaining_words = 0;
1948 int bytes_returned = 0;
1949 int len;
1950 __u32 capabilities;
1951 __u16 count;
1952
1953 cFYI(1, ("In sesssetup "));
1954 if(ses == NULL)
1955 return -EINVAL;
1956 user = ses->userName;
1957 domain = ses->domainName;
1958 smb_buffer = cifs_buf_get();
1959 if (smb_buffer == NULL) {
1960 return -ENOMEM;
1961 }
1962 smb_buffer_response = smb_buffer;
1963 pSMBr = pSMB = (SESSION_SETUP_ANDX *) smb_buffer;
1964
1965 /* send SMBsessionSetup here */
1966 header_assemble(smb_buffer, SMB_COM_SESSION_SETUP_ANDX,
1967 NULL /* no tCon exists yet */ , 13 /* wct */ );
1968
1969 smb_buffer->Mid = GetNextMid(ses->server);
1970 pSMB->req_no_secext.AndXCommand = 0xFF;
1971 pSMB->req_no_secext.MaxBufferSize = cpu_to_le16(ses->server->maxBuf);
1972 pSMB->req_no_secext.MaxMpxCount = cpu_to_le16(ses->server->maxReq);
1973
1974 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
1975 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
1976
1977 capabilities = CAP_LARGE_FILES | CAP_NT_SMBS | CAP_LEVEL_II_OPLOCKS |
1978 CAP_LARGE_WRITE_X | CAP_LARGE_READ_X;
1979 if (ses->capabilities & CAP_UNICODE) {
1980 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
1981 capabilities |= CAP_UNICODE;
1982 }
1983 if (ses->capabilities & CAP_STATUS32) {
1984 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
1985 capabilities |= CAP_STATUS32;
1986 }
1987 if (ses->capabilities & CAP_DFS) {
1988 smb_buffer->Flags2 |= SMBFLG2_DFS;
1989 capabilities |= CAP_DFS;
1990 }
1991 pSMB->req_no_secext.Capabilities = cpu_to_le32(capabilities);
1992
1993 pSMB->req_no_secext.CaseInsensitivePasswordLength =
1994 cpu_to_le16(CIFS_SESSION_KEY_SIZE);
1995
1996 pSMB->req_no_secext.CaseSensitivePasswordLength =
1997 cpu_to_le16(CIFS_SESSION_KEY_SIZE);
1998 bcc_ptr = pByteArea(smb_buffer);
1999 memcpy(bcc_ptr, (char *) session_key, CIFS_SESSION_KEY_SIZE);
2000 bcc_ptr += CIFS_SESSION_KEY_SIZE;
2001 memcpy(bcc_ptr, (char *) session_key, CIFS_SESSION_KEY_SIZE);
2002 bcc_ptr += CIFS_SESSION_KEY_SIZE;
2003
2004 if (ses->capabilities & CAP_UNICODE) {
2005 if ((long) bcc_ptr % 2) { /* must be word aligned for Unicode */
2006 *bcc_ptr = 0;
2007 bcc_ptr++;
2008 }
2009 if(user == NULL)
2010 bytes_returned = 0; /* skill null user */
2011 else
2012 bytes_returned =
2013 cifs_strtoUCS((wchar_t *) bcc_ptr, user, 100,
2014 nls_codepage);
2015 /* convert number of 16 bit words to bytes */
2016 bcc_ptr += 2 * bytes_returned;
2017 bcc_ptr += 2; /* trailing null */
2018 if (domain == NULL)
2019 bytes_returned =
2020 cifs_strtoUCS((wchar_t *) bcc_ptr,
2021 "CIFS_LINUX_DOM", 32, nls_codepage);
2022 else
2023 bytes_returned =
2024 cifs_strtoUCS((wchar_t *) bcc_ptr, domain, 64,
2025 nls_codepage);
2026 bcc_ptr += 2 * bytes_returned;
2027 bcc_ptr += 2;
2028 bytes_returned =
2029 cifs_strtoUCS((wchar_t *) bcc_ptr, "Linux version ",
2030 32, nls_codepage);
2031 bcc_ptr += 2 * bytes_returned;
2032 bytes_returned =
2033 cifs_strtoUCS((wchar_t *) bcc_ptr, system_utsname.release,
2034 32, nls_codepage);
2035 bcc_ptr += 2 * bytes_returned;
2036 bcc_ptr += 2;
2037 bytes_returned =
2038 cifs_strtoUCS((wchar_t *) bcc_ptr, CIFS_NETWORK_OPSYS,
2039 64, nls_codepage);
2040 bcc_ptr += 2 * bytes_returned;
2041 bcc_ptr += 2;
2042 } else {
2043 if(user != NULL) {
2044 strncpy(bcc_ptr, user, 200);
2045 bcc_ptr += strnlen(user, 200);
2046 }
2047 *bcc_ptr = 0;
2048 bcc_ptr++;
2049 if (domain == NULL) {
2050 strcpy(bcc_ptr, "CIFS_LINUX_DOM");
2051 bcc_ptr += strlen("CIFS_LINUX_DOM") + 1;
2052 } else {
2053 strncpy(bcc_ptr, domain, 64);
2054 bcc_ptr += strnlen(domain, 64);
2055 *bcc_ptr = 0;
2056 bcc_ptr++;
2057 }
2058 strcpy(bcc_ptr, "Linux version ");
2059 bcc_ptr += strlen("Linux version ");
2060 strcpy(bcc_ptr, system_utsname.release);
2061 bcc_ptr += strlen(system_utsname.release) + 1;
2062 strcpy(bcc_ptr, CIFS_NETWORK_OPSYS);
2063 bcc_ptr += strlen(CIFS_NETWORK_OPSYS) + 1;
2064 }
2065 count = (long) bcc_ptr - (long) pByteArea(smb_buffer);
2066 smb_buffer->smb_buf_length += count;
2067 pSMB->req_no_secext.ByteCount = cpu_to_le16(count);
2068
2069 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response,
2070 &bytes_returned, 1);
2071 if (rc) {
2072 /* rc = map_smb_to_linux_error(smb_buffer_response); now done in SendReceive */
2073 } else if ((smb_buffer_response->WordCount == 3)
2074 || (smb_buffer_response->WordCount == 4)) {
2075 __u16 action = le16_to_cpu(pSMBr->resp.Action);
2076 __u16 blob_len = le16_to_cpu(pSMBr->resp.SecurityBlobLength);
2077 if (action & GUEST_LOGIN)
2078 cFYI(1, (" Guest login")); /* do we want to mark SesInfo struct ? */
2079 ses->Suid = smb_buffer_response->Uid; /* UID left in wire format (le) */
2080 cFYI(1, ("UID = %d ", ses->Suid));
2081 /* response can have either 3 or 4 word count - Samba sends 3 */
2082 bcc_ptr = pByteArea(smb_buffer_response);
2083 if ((pSMBr->resp.hdr.WordCount == 3)
2084 || ((pSMBr->resp.hdr.WordCount == 4)
2085 && (blob_len < pSMBr->resp.ByteCount))) {
2086 if (pSMBr->resp.hdr.WordCount == 4)
2087 bcc_ptr += blob_len;
2088
2089 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
2090 if ((long) (bcc_ptr) % 2) {
2091 remaining_words =
2092 (BCC(smb_buffer_response) - 1) /2;
2093 bcc_ptr++; /* Unicode strings must be word aligned */
2094 } else {
2095 remaining_words =
2096 BCC(smb_buffer_response) / 2;
2097 }
2098 len =
2099 UniStrnlen((wchar_t *) bcc_ptr,
2100 remaining_words - 1);
2101 /* We look for obvious messed up bcc or strings in response so we do not go off
2102 the end since (at least) WIN2K and Windows XP have a major bug in not null
2103 terminating last Unicode string in response */
2104 ses->serverOS = kzalloc(2 * (len + 1), GFP_KERNEL);
2105 if(ses->serverOS == NULL)
2106 goto sesssetup_nomem;
2107 cifs_strfromUCS_le(ses->serverOS,
2108 (wchar_t *)bcc_ptr, len,nls_codepage);
2109 bcc_ptr += 2 * (len + 1);
2110 remaining_words -= len + 1;
2111 ses->serverOS[2 * len] = 0;
2112 ses->serverOS[1 + (2 * len)] = 0;
2113 if (remaining_words > 0) {
2114 len = UniStrnlen((wchar_t *)bcc_ptr,
2115 remaining_words-1);
2116 ses->serverNOS = kzalloc(2 * (len + 1),GFP_KERNEL);
2117 if(ses->serverNOS == NULL)
2118 goto sesssetup_nomem;
2119 cifs_strfromUCS_le(ses->serverNOS,
2120 (wchar_t *)bcc_ptr,len,nls_codepage);
2121 bcc_ptr += 2 * (len + 1);
2122 ses->serverNOS[2 * len] = 0;
2123 ses->serverNOS[1 + (2 * len)] = 0;
2124 if(strncmp(ses->serverNOS,
2125 "NT LAN Manager 4",16) == 0) {
2126 cFYI(1,("NT4 server"));
2127 ses->flags |= CIFS_SES_NT4;
2128 }
2129 remaining_words -= len + 1;
2130 if (remaining_words > 0) {
2131 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
2132 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */
2133 ses->serverDomain =
2134 kzalloc(2*(len+1),GFP_KERNEL);
2135 if(ses->serverDomain == NULL)
2136 goto sesssetup_nomem;
2137 cifs_strfromUCS_le(ses->serverDomain,
2138 (wchar_t *)bcc_ptr,len,nls_codepage);
2139 bcc_ptr += 2 * (len + 1);
2140 ses->serverDomain[2*len] = 0;
2141 ses->serverDomain[1+(2*len)] = 0;
2142 } /* else no more room so create dummy domain string */
2143 else
2144 ses->serverDomain =
2145 kzalloc(2, GFP_KERNEL);
2146 } else { /* no room so create dummy domain and NOS string */
2147 /* if these kcallocs fail not much we
2148 can do, but better to not fail the
2149 sesssetup itself */
2150 ses->serverDomain =
2151 kzalloc(2, GFP_KERNEL);
2152 ses->serverNOS =
2153 kzalloc(2, GFP_KERNEL);
2154 }
2155 } else { /* ASCII */
2156 len = strnlen(bcc_ptr, 1024);
2157 if (((long) bcc_ptr + len) - (long)
2158 pByteArea(smb_buffer_response)
2159 <= BCC(smb_buffer_response)) {
2160 ses->serverOS = kzalloc(len + 1,GFP_KERNEL);
2161 if(ses->serverOS == NULL)
2162 goto sesssetup_nomem;
2163 strncpy(ses->serverOS,bcc_ptr, len);
2164
2165 bcc_ptr += len;
2166 bcc_ptr[0] = 0; /* null terminate the string */
2167 bcc_ptr++;
2168
2169 len = strnlen(bcc_ptr, 1024);
2170 ses->serverNOS = kzalloc(len + 1,GFP_KERNEL);
2171 if(ses->serverNOS == NULL)
2172 goto sesssetup_nomem;
2173 strncpy(ses->serverNOS, bcc_ptr, len);
2174 bcc_ptr += len;
2175 bcc_ptr[0] = 0;
2176 bcc_ptr++;
2177
2178 len = strnlen(bcc_ptr, 1024);
2179 ses->serverDomain = kzalloc(len + 1,GFP_KERNEL);
2180 if(ses->serverDomain == NULL)
2181 goto sesssetup_nomem;
2182 strncpy(ses->serverDomain, bcc_ptr, len);
2183 bcc_ptr += len;
2184 bcc_ptr[0] = 0;
2185 bcc_ptr++;
2186 } else
2187 cFYI(1,
2188 ("Variable field of length %d extends beyond end of smb ",
2189 len));
2190 }
2191 } else {
2192 cERROR(1,
2193 (" Security Blob Length extends beyond end of SMB"));
2194 }
2195 } else {
2196 cERROR(1,
2197 (" Invalid Word count %d: ",
2198 smb_buffer_response->WordCount));
2199 rc = -EIO;
2200 }
2201 sesssetup_nomem: /* do not return an error on nomem for the info strings,
2202 since that could make reconnection harder, and
2203 reconnection might be needed to free memory */
2204 if (smb_buffer)
2205 cifs_buf_release(smb_buffer);
2206
2207 return rc;
2208 }
2209
2210 static int
2211 CIFSSpnegoSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2212 char *SecurityBlob,int SecurityBlobLength,
2213 const struct nls_table *nls_codepage)
2214 {
2215 struct smb_hdr *smb_buffer;
2216 struct smb_hdr *smb_buffer_response;
2217 SESSION_SETUP_ANDX *pSMB;
2218 SESSION_SETUP_ANDX *pSMBr;
2219 char *bcc_ptr;
2220 char *user;
2221 char *domain;
2222 int rc = 0;
2223 int remaining_words = 0;
2224 int bytes_returned = 0;
2225 int len;
2226 __u32 capabilities;
2227 __u16 count;
2228
2229 cFYI(1, ("In spnego sesssetup "));
2230 if(ses == NULL)
2231 return -EINVAL;
2232 user = ses->userName;
2233 domain = ses->domainName;
2234
2235 smb_buffer = cifs_buf_get();
2236 if (smb_buffer == NULL) {
2237 return -ENOMEM;
2238 }
2239 smb_buffer_response = smb_buffer;
2240 pSMBr = pSMB = (SESSION_SETUP_ANDX *) smb_buffer;
2241
2242 /* send SMBsessionSetup here */
2243 header_assemble(smb_buffer, SMB_COM_SESSION_SETUP_ANDX,
2244 NULL /* no tCon exists yet */ , 12 /* wct */ );
2245
2246 smb_buffer->Mid = GetNextMid(ses->server);
2247 pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
2248 pSMB->req.AndXCommand = 0xFF;
2249 pSMB->req.MaxBufferSize = cpu_to_le16(ses->server->maxBuf);
2250 pSMB->req.MaxMpxCount = cpu_to_le16(ses->server->maxReq);
2251
2252 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
2253 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
2254
2255 capabilities = CAP_LARGE_FILES | CAP_NT_SMBS | CAP_LEVEL_II_OPLOCKS |
2256 CAP_EXTENDED_SECURITY;
2257 if (ses->capabilities & CAP_UNICODE) {
2258 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
2259 capabilities |= CAP_UNICODE;
2260 }
2261 if (ses->capabilities & CAP_STATUS32) {
2262 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
2263 capabilities |= CAP_STATUS32;
2264 }
2265 if (ses->capabilities & CAP_DFS) {
2266 smb_buffer->Flags2 |= SMBFLG2_DFS;
2267 capabilities |= CAP_DFS;
2268 }
2269 pSMB->req.Capabilities = cpu_to_le32(capabilities);
2270
2271 pSMB->req.SecurityBlobLength = cpu_to_le16(SecurityBlobLength);
2272 bcc_ptr = pByteArea(smb_buffer);
2273 memcpy(bcc_ptr, SecurityBlob, SecurityBlobLength);
2274 bcc_ptr += SecurityBlobLength;
2275
2276 if (ses->capabilities & CAP_UNICODE) {
2277 if ((long) bcc_ptr % 2) { /* must be word aligned for Unicode strings */
2278 *bcc_ptr = 0;
2279 bcc_ptr++;
2280 }
2281 bytes_returned =
2282 cifs_strtoUCS((wchar_t *) bcc_ptr, user, 100, nls_codepage);
2283 bcc_ptr += 2 * bytes_returned; /* convert num of 16 bit words to bytes */
2284 bcc_ptr += 2; /* trailing null */
2285 if (domain == NULL)
2286 bytes_returned =
2287 cifs_strtoUCS((wchar_t *) bcc_ptr,
2288 "CIFS_LINUX_DOM", 32, nls_codepage);
2289 else
2290 bytes_returned =
2291 cifs_strtoUCS((wchar_t *) bcc_ptr, domain, 64,
2292 nls_codepage);
2293 bcc_ptr += 2 * bytes_returned;
2294 bcc_ptr += 2;
2295 bytes_returned =
2296 cifs_strtoUCS((wchar_t *) bcc_ptr, "Linux version ",
2297 32, nls_codepage);
2298 bcc_ptr += 2 * bytes_returned;
2299 bytes_returned =
2300 cifs_strtoUCS((wchar_t *) bcc_ptr, system_utsname.release, 32,
2301 nls_codepage);
2302 bcc_ptr += 2 * bytes_returned;
2303 bcc_ptr += 2;
2304 bytes_returned =
2305 cifs_strtoUCS((wchar_t *) bcc_ptr, CIFS_NETWORK_OPSYS,
2306 64, nls_codepage);
2307 bcc_ptr += 2 * bytes_returned;
2308 bcc_ptr += 2;
2309 } else {
2310 strncpy(bcc_ptr, user, 200);
2311 bcc_ptr += strnlen(user, 200);
2312 *bcc_ptr = 0;
2313 bcc_ptr++;
2314 if (domain == NULL) {
2315 strcpy(bcc_ptr, "CIFS_LINUX_DOM");
2316 bcc_ptr += strlen("CIFS_LINUX_DOM") + 1;
2317 } else {
2318 strncpy(bcc_ptr, domain, 64);
2319 bcc_ptr += strnlen(domain, 64);
2320 *bcc_ptr = 0;
2321 bcc_ptr++;
2322 }
2323 strcpy(bcc_ptr, "Linux version ");
2324 bcc_ptr += strlen("Linux version ");
2325 strcpy(bcc_ptr, system_utsname.release);
2326 bcc_ptr += strlen(system_utsname.release) + 1;
2327 strcpy(bcc_ptr, CIFS_NETWORK_OPSYS);
2328 bcc_ptr += strlen(CIFS_NETWORK_OPSYS) + 1;
2329 }
2330 count = (long) bcc_ptr - (long) pByteArea(smb_buffer);
2331 smb_buffer->smb_buf_length += count;
2332 pSMB->req.ByteCount = cpu_to_le16(count);
2333
2334 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response,
2335 &bytes_returned, 1);
2336 if (rc) {
2337 /* rc = map_smb_to_linux_error(smb_buffer_response); *//* done in SendReceive now */
2338 } else if ((smb_buffer_response->WordCount == 3)
2339 || (smb_buffer_response->WordCount == 4)) {
2340 __u16 action = le16_to_cpu(pSMBr->resp.Action);
2341 __u16 blob_len =
2342 le16_to_cpu(pSMBr->resp.SecurityBlobLength);
2343 if (action & GUEST_LOGIN)
2344 cFYI(1, (" Guest login")); /* BB do we want to set anything in SesInfo struct ? */
2345 if (ses) {
2346 ses->Suid = smb_buffer_response->Uid; /* UID left in wire format (le) */
2347 cFYI(1, ("UID = %d ", ses->Suid));
2348 bcc_ptr = pByteArea(smb_buffer_response); /* response can have either 3 or 4 word count - Samba sends 3 */
2349
2350 /* BB Fix below to make endian neutral !! */
2351
2352 if ((pSMBr->resp.hdr.WordCount == 3)
2353 || ((pSMBr->resp.hdr.WordCount == 4)
2354 && (blob_len <
2355 pSMBr->resp.ByteCount))) {
2356 if (pSMBr->resp.hdr.WordCount == 4) {
2357 bcc_ptr +=
2358 blob_len;
2359 cFYI(1,
2360 ("Security Blob Length %d ",
2361 blob_len));
2362 }
2363
2364 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
2365 if ((long) (bcc_ptr) % 2) {
2366 remaining_words =
2367 (BCC(smb_buffer_response)
2368 - 1) / 2;
2369 bcc_ptr++; /* Unicode strings must be word aligned */
2370 } else {
2371 remaining_words =
2372 BCC
2373 (smb_buffer_response) / 2;
2374 }
2375 len =
2376 UniStrnlen((wchar_t *) bcc_ptr,
2377 remaining_words - 1);
2378 /* We look for obvious messed up bcc or strings in response so we do not go off
2379 the end since (at least) WIN2K and Windows XP have a major bug in not null
2380 terminating last Unicode string in response */
2381 ses->serverOS =
2382 kzalloc(2 * (len + 1), GFP_KERNEL);
2383 cifs_strfromUCS_le(ses->serverOS,
2384 (wchar_t *)
2385 bcc_ptr, len,
2386 nls_codepage);
2387 bcc_ptr += 2 * (len + 1);
2388 remaining_words -= len + 1;
2389 ses->serverOS[2 * len] = 0;
2390 ses->serverOS[1 + (2 * len)] = 0;
2391 if (remaining_words > 0) {
2392 len = UniStrnlen((wchar_t *)bcc_ptr,
2393 remaining_words
2394 - 1);
2395 ses->serverNOS =
2396 kzalloc(2 * (len + 1),
2397 GFP_KERNEL);
2398 cifs_strfromUCS_le(ses->serverNOS,
2399 (wchar_t *)bcc_ptr,
2400 len,
2401 nls_codepage);
2402 bcc_ptr += 2 * (len + 1);
2403 ses->serverNOS[2 * len] = 0;
2404 ses->serverNOS[1 + (2 * len)] = 0;
2405 remaining_words -= len + 1;
2406 if (remaining_words > 0) {
2407 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
2408 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */
2409 ses->serverDomain = kzalloc(2*(len+1),GFP_KERNEL);
2410 cifs_strfromUCS_le(ses->serverDomain,
2411 (wchar_t *)bcc_ptr,
2412 len,
2413 nls_codepage);
2414 bcc_ptr += 2*(len+1);
2415 ses->serverDomain[2*len] = 0;
2416 ses->serverDomain[1+(2*len)] = 0;
2417 } /* else no more room so create dummy domain string */
2418 else
2419 ses->serverDomain =
2420 kzalloc(2,GFP_KERNEL);
2421 } else { /* no room so create dummy domain and NOS string */
2422 ses->serverDomain = kzalloc(2, GFP_KERNEL);
2423 ses->serverNOS = kzalloc(2, GFP_KERNEL);
2424 }
2425 } else { /* ASCII */
2426
2427 len = strnlen(bcc_ptr, 1024);
2428 if (((long) bcc_ptr + len) - (long)
2429 pByteArea(smb_buffer_response)
2430 <= BCC(smb_buffer_response)) {
2431 ses->serverOS = kzalloc(len + 1, GFP_KERNEL);
2432 strncpy(ses->serverOS, bcc_ptr, len);
2433
2434 bcc_ptr += len;
2435 bcc_ptr[0] = 0; /* null terminate the string */
2436 bcc_ptr++;
2437
2438 len = strnlen(bcc_ptr, 1024);
2439 ses->serverNOS = kzalloc(len + 1,GFP_KERNEL);
2440 strncpy(ses->serverNOS, bcc_ptr, len);
2441 bcc_ptr += len;
2442 bcc_ptr[0] = 0;
2443 bcc_ptr++;
2444
2445 len = strnlen(bcc_ptr, 1024);
2446 ses->serverDomain = kzalloc(len + 1, GFP_KERNEL);
2447 strncpy(ses->serverDomain, bcc_ptr, len);
2448 bcc_ptr += len;
2449 bcc_ptr[0] = 0;
2450 bcc_ptr++;
2451 } else
2452 cFYI(1,
2453 ("Variable field of length %d extends beyond end of smb ",
2454 len));
2455 }
2456 } else {
2457 cERROR(1,
2458 (" Security Blob Length extends beyond end of SMB"));
2459 }
2460 } else {
2461 cERROR(1, ("No session structure passed in."));
2462 }
2463 } else {
2464 cERROR(1,
2465 (" Invalid Word count %d: ",
2466 smb_buffer_response->WordCount));
2467 rc = -EIO;
2468 }
2469
2470 if (smb_buffer)
2471 cifs_buf_release(smb_buffer);
2472
2473 return rc;
2474 }
2475
2476 static int
2477 CIFSNTLMSSPNegotiateSessSetup(unsigned int xid,
2478 struct cifsSesInfo *ses, int * pNTLMv2_flag,
2479 const struct nls_table *nls_codepage)
2480 {
2481 struct smb_hdr *smb_buffer;
2482 struct smb_hdr *smb_buffer_response;
2483 SESSION_SETUP_ANDX *pSMB;
2484 SESSION_SETUP_ANDX *pSMBr;
2485 char *bcc_ptr;
2486 char *domain;
2487 int rc = 0;
2488 int remaining_words = 0;
2489 int bytes_returned = 0;
2490 int len;
2491 int SecurityBlobLength = sizeof (NEGOTIATE_MESSAGE);
2492 PNEGOTIATE_MESSAGE SecurityBlob;
2493 PCHALLENGE_MESSAGE SecurityBlob2;
2494 __u32 negotiate_flags, capabilities;
2495 __u16 count;
2496
2497 cFYI(1, ("In NTLMSSP sesssetup (negotiate) "));
2498 if(ses == NULL)
2499 return -EINVAL;
2500 domain = ses->domainName;
2501 *pNTLMv2_flag = FALSE;
2502 smb_buffer = cifs_buf_get();
2503 if (smb_buffer == NULL) {
2504 return -ENOMEM;
2505 }
2506 smb_buffer_response = smb_buffer;
2507 pSMB = (SESSION_SETUP_ANDX *) smb_buffer;
2508 pSMBr = (SESSION_SETUP_ANDX *) smb_buffer_response;
2509
2510 /* send SMBsessionSetup here */
2511 header_assemble(smb_buffer, SMB_COM_SESSION_SETUP_ANDX,
2512 NULL /* no tCon exists yet */ , 12 /* wct */ );
2513
2514 smb_buffer->Mid = GetNextMid(ses->server);
2515 pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
2516 pSMB->req.hdr.Flags |= (SMBFLG_CASELESS | SMBFLG_CANONICAL_PATH_FORMAT);
2517
2518 pSMB->req.AndXCommand = 0xFF;
2519 pSMB->req.MaxBufferSize = cpu_to_le16(ses->server->maxBuf);
2520 pSMB->req.MaxMpxCount = cpu_to_le16(ses->server->maxReq);
2521
2522 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
2523 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
2524
2525 capabilities = CAP_LARGE_FILES | CAP_NT_SMBS | CAP_LEVEL_II_OPLOCKS |
2526 CAP_EXTENDED_SECURITY;
2527 if (ses->capabilities & CAP_UNICODE) {
2528 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
2529 capabilities |= CAP_UNICODE;
2530 }
2531 if (ses->capabilities & CAP_STATUS32) {
2532 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
2533 capabilities |= CAP_STATUS32;
2534 }
2535 if (ses->capabilities & CAP_DFS) {
2536 smb_buffer->Flags2 |= SMBFLG2_DFS;
2537 capabilities |= CAP_DFS;
2538 }
2539 pSMB->req.Capabilities = cpu_to_le32(capabilities);
2540
2541 bcc_ptr = (char *) &pSMB->req.SecurityBlob;
2542 SecurityBlob = (PNEGOTIATE_MESSAGE) bcc_ptr;
2543 strncpy(SecurityBlob->Signature, NTLMSSP_SIGNATURE, 8);
2544 SecurityBlob->MessageType = NtLmNegotiate;
2545 negotiate_flags =
2546 NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_OEM |
2547 NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_NTLM | 0x80000000 |
2548 /* NTLMSSP_NEGOTIATE_ALWAYS_SIGN | */ NTLMSSP_NEGOTIATE_128;
2549 if(sign_CIFS_PDUs)
2550 negotiate_flags |= NTLMSSP_NEGOTIATE_SIGN;
2551 if(ntlmv2_support)
2552 negotiate_flags |= NTLMSSP_NEGOTIATE_NTLMV2;
2553 /* setup pointers to domain name and workstation name */
2554 bcc_ptr += SecurityBlobLength;
2555
2556 SecurityBlob->WorkstationName.Buffer = 0;
2557 SecurityBlob->WorkstationName.Length = 0;
2558 SecurityBlob->WorkstationName.MaximumLength = 0;
2559
2560 if (domain == NULL) {
2561 SecurityBlob->DomainName.Buffer = 0;
2562 SecurityBlob->DomainName.Length = 0;
2563 SecurityBlob->DomainName.MaximumLength = 0;
2564 } else {
2565 __u16 len;
2566 negotiate_flags |= NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED;
2567 strncpy(bcc_ptr, domain, 63);
2568 len = strnlen(domain, 64);
2569 SecurityBlob->DomainName.MaximumLength =
2570 cpu_to_le16(len);
2571 SecurityBlob->DomainName.Buffer =
2572 cpu_to_le32((long) &SecurityBlob->
2573 DomainString -
2574 (long) &SecurityBlob->Signature);
2575 bcc_ptr += len;
2576 SecurityBlobLength += len;
2577 SecurityBlob->DomainName.Length =
2578 cpu_to_le16(len);
2579 }
2580 if (ses->capabilities & CAP_UNICODE) {
2581 if ((long) bcc_ptr % 2) {
2582 *bcc_ptr = 0;
2583 bcc_ptr++;
2584 }
2585
2586 bytes_returned =
2587 cifs_strtoUCS((wchar_t *) bcc_ptr, "Linux version ",
2588 32, nls_codepage);
2589 bcc_ptr += 2 * bytes_returned;
2590 bytes_returned =
2591 cifs_strtoUCS((wchar_t *) bcc_ptr, system_utsname.release, 32,
2592 nls_codepage);
2593 bcc_ptr += 2 * bytes_returned;
2594 bcc_ptr += 2; /* null terminate Linux version */
2595 bytes_returned =
2596 cifs_strtoUCS((wchar_t *) bcc_ptr, CIFS_NETWORK_OPSYS,
2597 64, nls_codepage);
2598 bcc_ptr += 2 * bytes_returned;
2599 *(bcc_ptr + 1) = 0;
2600 *(bcc_ptr + 2) = 0;
2601 bcc_ptr += 2; /* null terminate network opsys string */
2602 *(bcc_ptr + 1) = 0;
2603 *(bcc_ptr + 2) = 0;
2604 bcc_ptr += 2; /* null domain */
2605 } else { /* ASCII */
2606 strcpy(bcc_ptr, "Linux version ");
2607 bcc_ptr += strlen("Linux version ");
2608 strcpy(bcc_ptr, system_utsname.release);
2609 bcc_ptr += strlen(system_utsname.release) + 1;
2610 strcpy(bcc_ptr, CIFS_NETWORK_OPSYS);
2611 bcc_ptr += strlen(CIFS_NETWORK_OPSYS) + 1;
2612 bcc_ptr++; /* empty domain field */
2613 *bcc_ptr = 0;
2614 }
2615 SecurityBlob->NegotiateFlags = cpu_to_le32(negotiate_flags);
2616 pSMB->req.SecurityBlobLength = cpu_to_le16(SecurityBlobLength);
2617 count = (long) bcc_ptr - (long) pByteArea(smb_buffer);
2618 smb_buffer->smb_buf_length += count;
2619 pSMB->req.ByteCount = cpu_to_le16(count);
2620
2621 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response,
2622 &bytes_returned, 1);
2623
2624 if (smb_buffer_response->Status.CifsError ==
2625 cpu_to_le32(NT_STATUS_MORE_PROCESSING_REQUIRED))
2626 rc = 0;
2627
2628 if (rc) {
2629 /* rc = map_smb_to_linux_error(smb_buffer_response); *//* done in SendReceive now */
2630 } else if ((smb_buffer_response->WordCount == 3)
2631 || (smb_buffer_response->WordCount == 4)) {
2632 __u16 action = le16_to_cpu(pSMBr->resp.Action);
2633 __u16 blob_len = le16_to_cpu(pSMBr->resp.SecurityBlobLength);
2634
2635 if (action & GUEST_LOGIN)
2636 cFYI(1, (" Guest login"));
2637 /* Do we want to set anything in SesInfo struct when guest login? */
2638
2639 bcc_ptr = pByteArea(smb_buffer_response);
2640 /* response can have either 3 or 4 word count - Samba sends 3 */
2641
2642 SecurityBlob2 = (PCHALLENGE_MESSAGE) bcc_ptr;
2643 if (SecurityBlob2->MessageType != NtLmChallenge) {
2644 cFYI(1,
2645 ("Unexpected NTLMSSP message type received %d",
2646 SecurityBlob2->MessageType));
2647 } else if (ses) {
2648 ses->Suid = smb_buffer_response->Uid; /* UID left in le format */
2649 cFYI(1, ("UID = %d ", ses->Suid));
2650 if ((pSMBr->resp.hdr.WordCount == 3)
2651 || ((pSMBr->resp.hdr.WordCount == 4)
2652 && (blob_len <
2653 pSMBr->resp.ByteCount))) {
2654
2655 if (pSMBr->resp.hdr.WordCount == 4) {
2656 bcc_ptr += blob_len;
2657 cFYI(1,
2658 ("Security Blob Length %d ",
2659 blob_len));
2660 }
2661
2662 cFYI(1, ("NTLMSSP Challenge rcvd "));
2663
2664 memcpy(ses->server->cryptKey,
2665 SecurityBlob2->Challenge,
2666 CIFS_CRYPTO_KEY_SIZE);
2667 if(SecurityBlob2->NegotiateFlags & cpu_to_le32(NTLMSSP_NEGOTIATE_NTLMV2))
2668 *pNTLMv2_flag = TRUE;
2669
2670 if((SecurityBlob2->NegotiateFlags &
2671 cpu_to_le32(NTLMSSP_NEGOTIATE_ALWAYS_SIGN))
2672 || (sign_CIFS_PDUs > 1))
2673 ses->server->secMode |=
2674 SECMODE_SIGN_REQUIRED;
2675 if ((SecurityBlob2->NegotiateFlags &
2676 cpu_to_le32(NTLMSSP_NEGOTIATE_SIGN)) && (sign_CIFS_PDUs))
2677 ses->server->secMode |=
2678 SECMODE_SIGN_ENABLED;
2679
2680 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
2681 if ((long) (bcc_ptr) % 2) {
2682 remaining_words =
2683 (BCC(smb_buffer_response)
2684 - 1) / 2;
2685 bcc_ptr++; /* Unicode strings must be word aligned */
2686 } else {
2687 remaining_words =
2688 BCC
2689 (smb_buffer_response) / 2;
2690 }
2691 len =
2692 UniStrnlen((wchar_t *) bcc_ptr,
2693 remaining_words - 1);
2694 /* We look for obvious messed up bcc or strings in response so we do not go off
2695 the end since (at least) WIN2K and Windows XP have a major bug in not null
2696 terminating last Unicode string in response */
2697 ses->serverOS =
2698 kzalloc(2 * (len + 1), GFP_KERNEL);
2699 cifs_strfromUCS_le(ses->serverOS,
2700 (wchar_t *)
2701 bcc_ptr, len,
2702 nls_codepage);
2703 bcc_ptr += 2 * (len + 1);
2704 remaining_words -= len + 1;
2705 ses->serverOS[2 * len] = 0;
2706 ses->serverOS[1 + (2 * len)] = 0;
2707 if (remaining_words > 0) {
2708 len = UniStrnlen((wchar_t *)
2709 bcc_ptr,
2710 remaining_words
2711 - 1);
2712 ses->serverNOS =
2713 kzalloc(2 * (len + 1),
2714 GFP_KERNEL);
2715 cifs_strfromUCS_le(ses->
2716 serverNOS,
2717 (wchar_t *)
2718 bcc_ptr,
2719 len,
2720 nls_codepage);
2721 bcc_ptr += 2 * (len + 1);
2722 ses->serverNOS[2 * len] = 0;
2723 ses->serverNOS[1 +
2724 (2 * len)] = 0;
2725 remaining_words -= len + 1;
2726 if (remaining_words > 0) {
2727 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
2728 /* last string is not always null terminated (for e.g. for Windows XP & 2000) */
2729 ses->serverDomain =
2730 kzalloc(2 *
2731 (len +
2732 1),
2733 GFP_KERNEL);
2734 cifs_strfromUCS_le
2735 (ses->
2736 serverDomain,
2737 (wchar_t *)
2738 bcc_ptr, len,
2739 nls_codepage);
2740 bcc_ptr +=
2741 2 * (len + 1);
2742 ses->
2743 serverDomain[2
2744 * len]
2745 = 0;
2746 ses->
2747 serverDomain[1
2748 +
2749 (2
2750 *
2751 len)]
2752 = 0;
2753 } /* else no more room so create dummy domain string */
2754 else
2755 ses->serverDomain =
2756 kzalloc(2,
2757 GFP_KERNEL);
2758 } else { /* no room so create dummy domain and NOS string */
2759 ses->serverDomain =
2760 kzalloc(2, GFP_KERNEL);
2761 ses->serverNOS =
2762 kzalloc(2, GFP_KERNEL);
2763 }
2764 } else { /* ASCII */
2765 len = strnlen(bcc_ptr, 1024);
2766 if (((long) bcc_ptr + len) - (long)
2767 pByteArea(smb_buffer_response)
2768 <= BCC(smb_buffer_response)) {
2769 ses->serverOS =
2770 kzalloc(len + 1,
2771 GFP_KERNEL);
2772 strncpy(ses->serverOS,
2773 bcc_ptr, len);
2774
2775 bcc_ptr += len;
2776 bcc_ptr[0] = 0; /* null terminate string */
2777 bcc_ptr++;
2778
2779 len = strnlen(bcc_ptr, 1024);
2780 ses->serverNOS =
2781 kzalloc(len + 1,
2782 GFP_KERNEL);
2783 strncpy(ses->serverNOS, bcc_ptr, len);
2784 bcc_ptr += len;
2785 bcc_ptr[0] = 0;
2786 bcc_ptr++;
2787
2788 len = strnlen(bcc_ptr, 1024);
2789 ses->serverDomain =
2790 kzalloc(len + 1,
2791 GFP_KERNEL);
2792 strncpy(ses->serverDomain, bcc_ptr, len);
2793 bcc_ptr += len;
2794 bcc_ptr[0] = 0;
2795 bcc_ptr++;
2796 } else
2797 cFYI(1,
2798 ("Variable field of length %d extends beyond end of smb ",
2799 len));
2800 }
2801 } else {
2802 cERROR(1,
2803 (" Security Blob Length extends beyond end of SMB"));
2804 }
2805 } else {
2806 cERROR(1, ("No session structure passed in."));
2807 }
2808 } else {
2809 cERROR(1,
2810 (" Invalid Word count %d: ",
2811 smb_buffer_response->WordCount));
2812 rc = -EIO;
2813 }
2814
2815 if (smb_buffer)
2816 cifs_buf_release(smb_buffer);
2817
2818 return rc;
2819 }
2820 static int
2821 CIFSNTLMSSPAuthSessSetup(unsigned int xid, struct cifsSesInfo *ses,
2822 char *ntlm_session_key, int ntlmv2_flag,
2823 const struct nls_table *nls_codepage)
2824 {
2825 struct smb_hdr *smb_buffer;
2826 struct smb_hdr *smb_buffer_response;
2827 SESSION_SETUP_ANDX *pSMB;
2828 SESSION_SETUP_ANDX *pSMBr;
2829 char *bcc_ptr;
2830 char *user;
2831 char *domain;
2832 int rc = 0;
2833 int remaining_words = 0;
2834 int bytes_returned = 0;
2835 int len;
2836 int SecurityBlobLength = sizeof (AUTHENTICATE_MESSAGE);
2837 PAUTHENTICATE_MESSAGE SecurityBlob;
2838 __u32 negotiate_flags, capabilities;
2839 __u16 count;
2840
2841 cFYI(1, ("In NTLMSSPSessSetup (Authenticate)"));
2842 if(ses == NULL)
2843 return -EINVAL;
2844 user = ses->userName;
2845 domain = ses->domainName;
2846 smb_buffer = cifs_buf_get();
2847 if (smb_buffer == NULL) {
2848 return -ENOMEM;
2849 }
2850 smb_buffer_response = smb_buffer;
2851 pSMB = (SESSION_SETUP_ANDX *) smb_buffer;
2852 pSMBr = (SESSION_SETUP_ANDX *) smb_buffer_response;
2853
2854 /* send SMBsessionSetup here */
2855 header_assemble(smb_buffer, SMB_COM_SESSION_SETUP_ANDX,
2856 NULL /* no tCon exists yet */ , 12 /* wct */ );
2857
2858 smb_buffer->Mid = GetNextMid(ses->server);
2859 pSMB->req.hdr.Flags |= (SMBFLG_CASELESS | SMBFLG_CANONICAL_PATH_FORMAT);
2860 pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
2861 pSMB->req.AndXCommand = 0xFF;
2862 pSMB->req.MaxBufferSize = cpu_to_le16(ses->server->maxBuf);
2863 pSMB->req.MaxMpxCount = cpu_to_le16(ses->server->maxReq);
2864
2865 pSMB->req.hdr.Uid = ses->Suid;
2866
2867 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
2868 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
2869
2870 capabilities = CAP_LARGE_FILES | CAP_NT_SMBS | CAP_LEVEL_II_OPLOCKS |
2871 CAP_EXTENDED_SECURITY;
2872 if (ses->capabilities & CAP_UNICODE) {
2873 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
2874 capabilities |= CAP_UNICODE;
2875 }
2876 if (ses->capabilities & CAP_STATUS32) {
2877 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
2878 capabilities |= CAP_STATUS32;
2879 }
2880 if (ses->capabilities & CAP_DFS) {
2881 smb_buffer->Flags2 |= SMBFLG2_DFS;
2882 capabilities |= CAP_DFS;
2883 }
2884 pSMB->req.Capabilities = cpu_to_le32(capabilities);
2885
2886 bcc_ptr = (char *) &pSMB->req.SecurityBlob;
2887 SecurityBlob = (PAUTHENTICATE_MESSAGE) bcc_ptr;
2888 strncpy(SecurityBlob->Signature, NTLMSSP_SIGNATURE, 8);
2889 SecurityBlob->MessageType = NtLmAuthenticate;
2890 bcc_ptr += SecurityBlobLength;
2891 negotiate_flags =
2892 NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_REQUEST_TARGET |
2893 NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_TARGET_INFO |
2894 0x80000000 | NTLMSSP_NEGOTIATE_128;
2895 if(sign_CIFS_PDUs)
2896 negotiate_flags |= /* NTLMSSP_NEGOTIATE_ALWAYS_SIGN |*/ NTLMSSP_NEGOTIATE_SIGN;
2897 if(ntlmv2_flag)
2898 negotiate_flags |= NTLMSSP_NEGOTIATE_NTLMV2;
2899
2900 /* setup pointers to domain name and workstation name */
2901
2902 SecurityBlob->WorkstationName.Buffer = 0;
2903 SecurityBlob->WorkstationName.Length = 0;
2904 SecurityBlob->WorkstationName.MaximumLength = 0;
2905 SecurityBlob->SessionKey.Length = 0;
2906 SecurityBlob->SessionKey.MaximumLength = 0;
2907 SecurityBlob->SessionKey.Buffer = 0;
2908
2909 SecurityBlob->LmChallengeResponse.Length = 0;
2910 SecurityBlob->LmChallengeResponse.MaximumLength = 0;
2911 SecurityBlob->LmChallengeResponse.Buffer = 0;
2912
2913 SecurityBlob->NtChallengeResponse.Length =
2914 cpu_to_le16(CIFS_SESSION_KEY_SIZE);
2915 SecurityBlob->NtChallengeResponse.MaximumLength =
2916 cpu_to_le16(CIFS_SESSION_KEY_SIZE);
2917 memcpy(bcc_ptr, ntlm_session_key, CIFS_SESSION_KEY_SIZE);
2918 SecurityBlob->NtChallengeResponse.Buffer =
2919 cpu_to_le32(SecurityBlobLength);
2920 SecurityBlobLength += CIFS_SESSION_KEY_SIZE;
2921 bcc_ptr += CIFS_SESSION_KEY_SIZE;
2922
2923 if (ses->capabilities & CAP_UNICODE) {
2924 if (domain == NULL) {
2925 SecurityBlob->DomainName.Buffer = 0;
2926 SecurityBlob->DomainName.Length = 0;
2927 SecurityBlob->DomainName.MaximumLength = 0;
2928 } else {
2929 __u16 len =
2930 cifs_strtoUCS((wchar_t *) bcc_ptr, domain, 64,
2931 nls_codepage);
2932 len *= 2;
2933 SecurityBlob->DomainName.MaximumLength =
2934 cpu_to_le16(len);
2935 SecurityBlob->DomainName.Buffer =
2936 cpu_to_le32(SecurityBlobLength);
2937 bcc_ptr += len;
2938 SecurityBlobLength += len;
2939 SecurityBlob->DomainName.Length =
2940 cpu_to_le16(len);
2941 }
2942 if (user == NULL) {
2943 SecurityBlob->UserName.Buffer = 0;
2944 SecurityBlob->UserName.Length = 0;
2945 SecurityBlob->UserName.MaximumLength = 0;
2946 } else {
2947 __u16 len =
2948 cifs_strtoUCS((wchar_t *) bcc_ptr, user, 64,
2949 nls_codepage);
2950 len *= 2;
2951 SecurityBlob->UserName.MaximumLength =
2952 cpu_to_le16(len);
2953 SecurityBlob->UserName.Buffer =
2954 cpu_to_le32(SecurityBlobLength);
2955 bcc_ptr += len;
2956 SecurityBlobLength += len;
2957 SecurityBlob->UserName.Length =
2958 cpu_to_le16(len);
2959 }
2960
2961 /* SecurityBlob->WorkstationName.Length = cifs_strtoUCS((wchar_t *) bcc_ptr, "AMACHINE",64, nls_codepage);
2962 SecurityBlob->WorkstationName.Length *= 2;
2963 SecurityBlob->WorkstationName.MaximumLength = cpu_to_le16(SecurityBlob->WorkstationName.Length);
2964 SecurityBlob->WorkstationName.Buffer = cpu_to_le32(SecurityBlobLength);
2965 bcc_ptr += SecurityBlob->WorkstationName.Length;
2966 SecurityBlobLength += SecurityBlob->WorkstationName.Length;
2967 SecurityBlob->WorkstationName.Length = cpu_to_le16(SecurityBlob->WorkstationName.Length); */
2968
2969 if ((long) bcc_ptr % 2) {
2970 *bcc_ptr = 0;
2971 bcc_ptr++;
2972 }
2973 bytes_returned =
2974 cifs_strtoUCS((wchar_t *) bcc_ptr, "Linux version ",
2975 32, nls_codepage);
2976 bcc_ptr += 2 * bytes_returned;
2977 bytes_returned =
2978 cifs_strtoUCS((wchar_t *) bcc_ptr, system_utsname.release, 32,
2979 nls_codepage);
2980 bcc_ptr += 2 * bytes_returned;
2981 bcc_ptr += 2; /* null term version string */
2982 bytes_returned =
2983 cifs_strtoUCS((wchar_t *) bcc_ptr, CIFS_NETWORK_OPSYS,
2984 64, nls_codepage);
2985 bcc_ptr += 2 * bytes_returned;
2986 *(bcc_ptr + 1) = 0;
2987 *(bcc_ptr + 2) = 0;
2988 bcc_ptr += 2; /* null terminate network opsys string */
2989 *(bcc_ptr + 1) = 0;
2990 *(bcc_ptr + 2) = 0;
2991 bcc_ptr += 2; /* null domain */
2992 } else { /* ASCII */
2993 if (domain == NULL) {
2994 SecurityBlob->DomainName.Buffer = 0;
2995 SecurityBlob->DomainName.Length = 0;
2996 SecurityBlob->DomainName.MaximumLength = 0;
2997 } else {
2998 __u16 len;
2999 negotiate_flags |= NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED;
3000 strncpy(bcc_ptr, domain, 63);
3001 len = strnlen(domain, 64);
3002 SecurityBlob->DomainName.MaximumLength =
3003 cpu_to_le16(len);
3004 SecurityBlob->DomainName.Buffer =
3005 cpu_to_le32(SecurityBlobLength);
3006 bcc_ptr += len;
3007 SecurityBlobLength += len;
3008 SecurityBlob->DomainName.Length = cpu_to_le16(len);
3009 }
3010 if (user == NULL) {
3011 SecurityBlob->UserName.Buffer = 0;
3012 SecurityBlob->UserName.Length = 0;
3013 SecurityBlob->UserName.MaximumLength = 0;
3014 } else {
3015 __u16 len;
3016 strncpy(bcc_ptr, user, 63);
3017 len = strnlen(user, 64);
3018 SecurityBlob->UserName.MaximumLength =
3019 cpu_to_le16(len);
3020 SecurityBlob->UserName.Buffer =
3021 cpu_to_le32(SecurityBlobLength);
3022 bcc_ptr += len;
3023 SecurityBlobLength += len;
3024 SecurityBlob->UserName.Length = cpu_to_le16(len);
3025 }
3026 /* BB fill in our workstation name if known BB */
3027
3028 strcpy(bcc_ptr, "Linux version ");
3029 bcc_ptr += strlen("Linux version ");
3030 strcpy(bcc_ptr, system_utsname.release);
3031 bcc_ptr += strlen(system_utsname.release) + 1;
3032 strcpy(bcc_ptr, CIFS_NETWORK_OPSYS);
3033 bcc_ptr += strlen(CIFS_NETWORK_OPSYS) + 1;
3034 bcc_ptr++; /* null domain */
3035 *bcc_ptr = 0;
3036 }
3037 SecurityBlob->NegotiateFlags = cpu_to_le32(negotiate_flags);
3038 pSMB->req.SecurityBlobLength = cpu_to_le16(SecurityBlobLength);
3039 count = (long) bcc_ptr - (long) pByteArea(smb_buffer);
3040 smb_buffer->smb_buf_length += count;
3041 pSMB->req.ByteCount = cpu_to_le16(count);
3042
3043 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response,
3044 &bytes_returned, 1);
3045 if (rc) {
3046 /* rc = map_smb_to_linux_error(smb_buffer_response); *//* done in SendReceive now */
3047 } else if ((smb_buffer_response->WordCount == 3)
3048 || (smb_buffer_response->WordCount == 4)) {
3049 __u16 action = le16_to_cpu(pSMBr->resp.Action);
3050 __u16 blob_len =
3051 le16_to_cpu(pSMBr->resp.SecurityBlobLength);
3052 if (action & GUEST_LOGIN)
3053 cFYI(1, (" Guest login")); /* BB do we want to set anything in SesInfo struct ? */
3054 /* if(SecurityBlob2->MessageType != NtLm??){
3055 cFYI("Unexpected message type on auth response is %d "));
3056 } */
3057 if (ses) {
3058 cFYI(1,
3059 ("Does UID on challenge %d match auth response UID %d ",
3060 ses->Suid, smb_buffer_response->Uid));
3061 ses->Suid = smb_buffer_response->Uid; /* UID left in wire format */
3062 bcc_ptr = pByteArea(smb_buffer_response);
3063 /* response can have either 3 or 4 word count - Samba sends 3 */
3064 if ((pSMBr->resp.hdr.WordCount == 3)
3065 || ((pSMBr->resp.hdr.WordCount == 4)
3066 && (blob_len <
3067 pSMBr->resp.ByteCount))) {
3068 if (pSMBr->resp.hdr.WordCount == 4) {
3069 bcc_ptr +=
3070 blob_len;
3071 cFYI(1,
3072 ("Security Blob Length %d ",
3073 blob_len));
3074 }
3075
3076 cFYI(1,
3077 ("NTLMSSP response to Authenticate "));
3078
3079 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
3080 if ((long) (bcc_ptr) % 2) {
3081 remaining_words =
3082 (BCC(smb_buffer_response)
3083 - 1) / 2;
3084 bcc_ptr++; /* Unicode strings must be word aligned */
3085 } else {
3086 remaining_words = BCC(smb_buffer_response) / 2;
3087 }
3088 len =
3089 UniStrnlen((wchar_t *) bcc_ptr,remaining_words - 1);
3090 /* We look for obvious messed up bcc or strings in response so we do not go off
3091 the end since (at least) WIN2K and Windows XP have a major bug in not null
3092 terminating last Unicode string in response */
3093 ses->serverOS =
3094 kzalloc(2 * (len + 1), GFP_KERNEL);
3095 cifs_strfromUCS_le(ses->serverOS,
3096 (wchar_t *)
3097 bcc_ptr, len,
3098 nls_codepage);
3099 bcc_ptr += 2 * (len + 1);
3100 remaining_words -= len + 1;
3101 ses->serverOS[2 * len] = 0;
3102 ses->serverOS[1 + (2 * len)] = 0;
3103 if (remaining_words > 0) {
3104 len = UniStrnlen((wchar_t *)
3105 bcc_ptr,
3106 remaining_words
3107 - 1);
3108 ses->serverNOS =
3109 kzalloc(2 * (len + 1),
3110 GFP_KERNEL);
3111 cifs_strfromUCS_le(ses->
3112 serverNOS,
3113 (wchar_t *)
3114 bcc_ptr,
3115 len,
3116 nls_codepage);
3117 bcc_ptr += 2 * (len + 1);
3118 ses->serverNOS[2 * len] = 0;
3119 ses->serverNOS[1+(2*len)] = 0;
3120 remaining_words -= len + 1;
3121 if (remaining_words > 0) {
3122 len = UniStrnlen((wchar_t *) bcc_ptr, remaining_words);
3123 /* last string not always null terminated (e.g. for Windows XP & 2000) */
3124 ses->serverDomain =
3125 kzalloc(2 *
3126 (len +
3127 1),
3128 GFP_KERNEL);
3129 cifs_strfromUCS_le
3130 (ses->
3131 serverDomain,
3132 (wchar_t *)
3133 bcc_ptr, len,
3134 nls_codepage);
3135 bcc_ptr +=
3136 2 * (len + 1);
3137 ses->
3138 serverDomain[2
3139 * len]
3140 = 0;
3141 ses->
3142 serverDomain[1
3143 +
3144 (2
3145 *
3146 len)]
3147 = 0;
3148 } /* else no more room so create dummy domain string */
3149 else
3150 ses->serverDomain = kzalloc(2,GFP_KERNEL);
3151 } else { /* no room so create dummy domain and NOS string */
3152 ses->serverDomain = kzalloc(2, GFP_KERNEL);
3153 ses->serverNOS = kzalloc(2, GFP_KERNEL);
3154 }
3155 } else { /* ASCII */
3156 len = strnlen(bcc_ptr, 1024);
3157 if (((long) bcc_ptr + len) -
3158 (long) pByteArea(smb_buffer_response)
3159 <= BCC(smb_buffer_response)) {
3160 ses->serverOS = kzalloc(len + 1,GFP_KERNEL);
3161 strncpy(ses->serverOS,bcc_ptr, len);
3162
3163 bcc_ptr += len;
3164 bcc_ptr[0] = 0; /* null terminate the string */
3165 bcc_ptr++;
3166
3167 len = strnlen(bcc_ptr, 1024);
3168 ses->serverNOS = kzalloc(len+1,GFP_KERNEL);
3169 strncpy(ses->serverNOS, bcc_ptr, len);
3170 bcc_ptr += len;
3171 bcc_ptr[0] = 0;
3172 bcc_ptr++;
3173
3174 len = strnlen(bcc_ptr, 1024);
3175 ses->serverDomain = kzalloc(len+1,GFP_KERNEL);
3176 strncpy(ses->serverDomain, bcc_ptr, len);
3177 bcc_ptr += len;
3178 bcc_ptr[0] = 0;
3179 bcc_ptr++;
3180 } else
3181 cFYI(1,
3182 ("Variable field of length %d extends beyond end of smb ",
3183 len));
3184 }
3185 } else {
3186 cERROR(1,
3187 (" Security Blob Length extends beyond end of SMB"));
3188 }
3189 } else {
3190 cERROR(1, ("No session structure passed in."));
3191 }
3192 } else {
3193 cERROR(1,
3194 (" Invalid Word count %d: ",
3195 smb_buffer_response->WordCount));
3196 rc = -EIO;
3197 }
3198
3199 if (smb_buffer)
3200 cifs_buf_release(smb_buffer);
3201
3202 return rc;
3203 }
3204
3205 int
3206 CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
3207 const char *tree, struct cifsTconInfo *tcon,
3208 const struct nls_table *nls_codepage)
3209 {
3210 struct smb_hdr *smb_buffer;
3211 struct smb_hdr *smb_buffer_response;
3212 TCONX_REQ *pSMB;
3213 TCONX_RSP *pSMBr;
3214 unsigned char *bcc_ptr;
3215 int rc = 0;
3216 int length;
3217 __u16 count;
3218
3219 if (ses == NULL)
3220 return -EIO;
3221
3222 smb_buffer = cifs_buf_get();
3223 if (smb_buffer == NULL) {
3224 return -ENOMEM;
3225 }
3226 smb_buffer_response = smb_buffer;
3227
3228 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3229 NULL /*no tid */ , 4 /*wct */ );
3230
3231 smb_buffer->Mid = GetNextMid(ses->server);
3232 smb_buffer->Uid = ses->Suid;
3233 pSMB = (TCONX_REQ *) smb_buffer;
3234 pSMBr = (TCONX_RSP *) smb_buffer_response;
3235
3236 pSMB->AndXCommand = 0xFF;
3237 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
3238 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
3239 bcc_ptr = &pSMB->Password[0];
3240 bcc_ptr++; /* skip password */
3241
3242 if(ses->server->secMode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
3243 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3244
3245 if (ses->capabilities & CAP_STATUS32) {
3246 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3247 }
3248 if (ses->capabilities & CAP_DFS) {
3249 smb_buffer->Flags2 |= SMBFLG2_DFS;
3250 }
3251 if (ses->capabilities & CAP_UNICODE) {
3252 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3253 length =
3254 cifs_strtoUCS((wchar_t *) bcc_ptr, tree, 100, nls_codepage);
3255 bcc_ptr += 2 * length; /* convert num of 16 bit words to bytes */
3256 bcc_ptr += 2; /* skip trailing null */
3257 } else { /* ASCII */
3258
3259 strcpy(bcc_ptr, tree);
3260 bcc_ptr += strlen(tree) + 1;
3261 }
3262 strcpy(bcc_ptr, "?????");
3263 bcc_ptr += strlen("?????");
3264 bcc_ptr += 1;
3265 count = bcc_ptr - &pSMB->Password[0];
3266 pSMB->hdr.smb_buf_length += count;
3267 pSMB->ByteCount = cpu_to_le16(count);
3268
3269 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length, 0);
3270
3271 /* if (rc) rc = map_smb_to_linux_error(smb_buffer_response); */
3272 /* above now done in SendReceive */
3273 if ((rc == 0) && (tcon != NULL)) {
3274 tcon->tidStatus = CifsGood;
3275 tcon->tid = smb_buffer_response->Tid;
3276 bcc_ptr = pByteArea(smb_buffer_response);
3277 length = strnlen(bcc_ptr, BCC(smb_buffer_response) - 2);
3278 /* skip service field (NB: this field is always ASCII) */
3279 bcc_ptr += length + 1;
3280 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
3281 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) {
3282 length = UniStrnlen((wchar_t *) bcc_ptr, 512);
3283 if ((bcc_ptr + (2 * length)) -
3284 pByteArea(smb_buffer_response) <=
3285 BCC(smb_buffer_response)) {
3286 if(tcon->nativeFileSystem)
3287 kfree(tcon->nativeFileSystem);
3288 tcon->nativeFileSystem =
3289 kzalloc(length + 2, GFP_KERNEL);
3290 cifs_strfromUCS_le(tcon->nativeFileSystem,
3291 (wchar_t *) bcc_ptr,
3292 length, nls_codepage);
3293 bcc_ptr += 2 * length;
3294 bcc_ptr[0] = 0; /* null terminate the string */
3295 bcc_ptr[1] = 0;
3296 bcc_ptr += 2;
3297 }
3298 /* else do not bother copying these informational fields */
3299 } else {
3300 length = strnlen(bcc_ptr, 1024);
3301 if ((bcc_ptr + length) -
3302 pByteArea(smb_buffer_response) <=
3303 BCC(smb_buffer_response)) {
3304 if(tcon->nativeFileSystem)
3305 kfree(tcon->nativeFileSystem);
3306 tcon->nativeFileSystem =
3307 kzalloc(length + 1, GFP_KERNEL);
3308 strncpy(tcon->nativeFileSystem, bcc_ptr,
3309 length);
3310 }
3311 /* else do not bother copying these informational fields */
3312 }
3313 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3314 cFYI(1, ("Tcon flags: 0x%x ", tcon->Flags));
3315 } else if ((rc == 0) && tcon == NULL) {
3316 /* all we need to save for IPC$ connection */
3317 ses->ipc_tid = smb_buffer_response->Tid;
3318 }
3319
3320 if (smb_buffer)
3321 cifs_buf_release(smb_buffer);
3322 return rc;
3323 }
3324
3325 int
3326 cifs_umount(struct super_block *sb, struct cifs_sb_info *cifs_sb)
3327 {
3328 int rc = 0;
3329 int xid;
3330 struct cifsSesInfo *ses = NULL;
3331 struct task_struct *cifsd_task;
3332
3333 xid = GetXid();
3334
3335 if (cifs_sb->tcon) {
3336 ses = cifs_sb->tcon->ses; /* save ptr to ses before delete tcon!*/
3337 rc = CIFSSMBTDis(xid, cifs_sb->tcon);
3338 if (rc == -EBUSY) {
3339 FreeXid(xid);
3340 return 0;
3341 }
3342 tconInfoFree(cifs_sb->tcon);
3343 if ((ses) && (ses->server)) {
3344 /* save off task so we do not refer to ses later */
3345 cifsd_task = ses->server->tsk;
3346 cFYI(1, ("About to do SMBLogoff "));
3347 rc = CIFSSMBLogoff(xid, ses);
3348 if (rc == -EBUSY) {
3349 FreeXid(xid);
3350 return 0;
3351 } else if (rc == -ESHUTDOWN) {
3352 cFYI(1,("Waking up socket by sending it signal"));
3353 if(cifsd_task) {
3354 send_sig(SIGKILL,cifsd_task,1);
3355 wait_for_completion(&cifsd_complete);
3356 }
3357 rc = 0;
3358 } /* else - we have an smb session
3359 left on this socket do not kill cifsd */
3360 } else
3361 cFYI(1, ("No session or bad tcon"));
3362 }
3363
3364 cifs_sb->tcon = NULL;
3365 if (ses)
3366 schedule_timeout_interruptible(msecs_to_jiffies(500));
3367 if (ses)
3368 sesInfoFree(ses);
3369
3370 FreeXid(xid);
3371 return rc; /* BB check if we should always return zero here */
3372 }
3373
3374 int cifs_setup_session(unsigned int xid, struct cifsSesInfo *pSesInfo,
3375 struct nls_table * nls_info)
3376 {
3377 int rc = 0;
3378 char ntlm_session_key[CIFS_SESSION_KEY_SIZE];
3379 int ntlmv2_flag = FALSE;
3380 int first_time = 0;
3381
3382 /* what if server changes its buffer size after dropping the session? */
3383 if(pSesInfo->server->maxBuf == 0) /* no need to send on reconnect */ {
3384 rc = CIFSSMBNegotiate(xid, pSesInfo);
3385 if(rc == -EAGAIN) /* retry only once on 1st time connection */ {
3386 rc = CIFSSMBNegotiate(xid, pSesInfo);
3387 if(rc == -EAGAIN)
3388 rc = -EHOSTDOWN;
3389 }
3390 if(rc == 0) {
3391 spin_lock(&GlobalMid_Lock);
3392 if(pSesInfo->server->tcpStatus != CifsExiting)
3393 pSesInfo->server->tcpStatus = CifsGood;
3394 else
3395 rc = -EHOSTDOWN;
3396 spin_unlock(&GlobalMid_Lock);
3397
3398 }
3399 first_time = 1;
3400 }
3401 if (!rc) {
3402 pSesInfo->capabilities = pSesInfo->server->capabilities;
3403 if(linuxExtEnabled == 0)
3404 pSesInfo->capabilities &= (~CAP_UNIX);
3405 /* pSesInfo->sequence_number = 0;*/
3406 cFYI(1,("Security Mode: 0x%x Capabilities: 0x%x Time Zone: %d",
3407 pSesInfo->server->secMode,
3408 pSesInfo->server->capabilities,
3409 pSesInfo->server->timeZone));
3410 if (extended_security
3411 && (pSesInfo->capabilities & CAP_EXTENDED_SECURITY)
3412 && (pSesInfo->server->secType == NTLMSSP)) {
3413 cFYI(1, ("New style sesssetup "));
3414 rc = CIFSSpnegoSessSetup(xid, pSesInfo,
3415 NULL /* security blob */,
3416 0 /* blob length */,
3417 nls_info);
3418 } else if (extended_security
3419 && (pSesInfo->capabilities & CAP_EXTENDED_SECURITY)
3420 && (pSesInfo->server->secType == RawNTLMSSP)) {
3421 cFYI(1, ("NTLMSSP sesssetup "));
3422 rc = CIFSNTLMSSPNegotiateSessSetup(xid,
3423 pSesInfo,
3424 &ntlmv2_flag,
3425 nls_info);
3426 if (!rc) {
3427 if(ntlmv2_flag) {
3428 char * v2_response;
3429 cFYI(1,("Can use more secure NTLM version 2 password hash"));
3430 if(CalcNTLMv2_partial_mac_key(pSesInfo,
3431 nls_info)) {
3432 rc = -ENOMEM;
3433 goto ss_err_exit;
3434 } else
3435 v2_response = kmalloc(16 + 64 /* blob */, GFP_KERNEL);
3436 if(v2_response) {
3437 CalcNTLMv2_response(pSesInfo,v2_response);
3438 /* if(first_time)
3439 cifs_calculate_ntlmv2_mac_key(
3440 pSesInfo->server->mac_signing_key,
3441 response, ntlm_session_key, */
3442 kfree(v2_response);
3443 /* BB Put dummy sig in SessSetup PDU? */
3444 } else {
3445 rc = -ENOMEM;
3446 goto ss_err_exit;
3447 }
3448
3449 } else {
3450 SMBNTencrypt(pSesInfo->password,
3451 pSesInfo->server->cryptKey,
3452 ntlm_session_key);
3453
3454 if(first_time)
3455 cifs_calculate_mac_key(
3456 pSesInfo->server->mac_signing_key,
3457 ntlm_session_key,
3458 pSesInfo->password);
3459 }
3460 /* for better security the weaker lanman hash not sent
3461 in AuthSessSetup so we no longer calculate it */
3462
3463 rc = CIFSNTLMSSPAuthSessSetup(xid,
3464 pSesInfo,
3465 ntlm_session_key,
3466 ntlmv2_flag,
3467 nls_info);
3468 }
3469 } else { /* old style NTLM 0.12 session setup */
3470 SMBNTencrypt(pSesInfo->password,
3471 pSesInfo->server->cryptKey,
3472 ntlm_session_key);
3473
3474 if(first_time)
3475 cifs_calculate_mac_key(
3476 pSesInfo->server->mac_signing_key,
3477 ntlm_session_key, pSesInfo->password);
3478
3479 rc = CIFSSessSetup(xid, pSesInfo,
3480 ntlm_session_key, nls_info);
3481 }
3482 if (rc) {
3483 cERROR(1,("Send error in SessSetup = %d",rc));
3484 } else {
3485 cFYI(1,("CIFS Session Established successfully"));
3486 pSesInfo->status = CifsGood;
3487 }
3488 }
3489 ss_err_exit:
3490 return rc;
3491 }
3492
x86 "subsystem" repository