From patchwork Wed Apr 17 10:38:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Robert Malz X-Patchwork-Id: 1924579 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=185.125.189.65; helo=lists.ubuntu.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=patchwork.ozlabs.org) Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VKHTK5J3Qz1ybJ for ; Wed, 17 Apr 2024 20:39:16 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com) by lists.ubuntu.com with esmtp (Exim 4.86_2) (envelope-from ) id 1rx2gw-00059T-E4; Wed, 17 Apr 2024 10:39:02 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1rx2gt-00058Z-I0 for kernel-team@lists.ubuntu.com; Wed, 17 Apr 2024 10:38:59 +0000 Received: from mail-lj1-f197.google.com (mail-lj1-f197.google.com [209.85.208.197]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 737D83FB69 for ; Wed, 17 Apr 2024 10:38:59 +0000 (UTC) Received: by mail-lj1-f197.google.com with SMTP id 38308e7fff4ca-2d884b718f1so48401011fa.0 for ; Wed, 17 Apr 2024 03:38:59 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713350338; x=1713955138; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=h87iSwtc4jOAVLCfXeT8f7UPDCkAHbGuaEyh2G5Jwug=; b=nz8P3wGkb1t0CSJJBL0GPJi0dSc6mD3e+I14xTjGwOfqKcCaVoi8kaP+ajFHy6aPph G+dPyfHqbyzrtAEcj4o+kHumNQ/CEEmygGgpQ+U1s6Wy1LG/LOsc1dvYckOSIEI+soDF AhUFN40FDob4mXryu3GcIo1Jz85t5SdQBfn19jSaTcrYlyPPw7kfqy2Ck3DtIEXMw7gw Fasud2cvj81rTXSUgCKtO5oD5Z1x/9WQ8vwYhhpDesD1AhoPcBiVv/3ijSqc2t0ofJl6 P6T3xqiFUenFOYMPKXvfTZDc5f4GESA5JrebChbPGgDL7I1vFJ2YR0jjp+RengT7ZItO KWzA== X-Gm-Message-State: AOJu0Yw4EuBpjsN0q6DncREBg3mEhsyAZ5Xsd09cTtehiKT3H761ChMh Y2O26LpN9al4oQkRRNvxzmF4k4QxTTFyLC3uHKhhVfWeP4aJdUlNMyk29PjpeuEq+FTCCJvEb5t +J/ZVayT9MkEDDe0OrVBFmk5t/NPpVFRNP3hIxNbdNWIwwG7bMP0QcuOmL032FZ/xEO5RkcwbH2 zTjF7UAPhtYw== X-Received: by 2002:a05:651c:10ba:b0:2d6:db84:5e93 with SMTP id k26-20020a05651c10ba00b002d6db845e93mr8415683ljn.47.1713350338568; Wed, 17 Apr 2024 03:38:58 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFeQWw/IxXHtTYF4v4xA+vDBLCWARicTsqm6nR64wwlAJZBvXx6lEISsVZRn+06cPIfbPvwXw== X-Received: by 2002:a05:651c:10ba:b0:2d6:db84:5e93 with SMTP id k26-20020a05651c10ba00b002d6db845e93mr8415675ljn.47.1713350338298; Wed, 17 Apr 2024 03:38:58 -0700 (PDT) Received: from rmalz.. (89-64-27-150.dynamic.chello.pl. [89.64.27.150]) by smtp.gmail.com with ESMTPSA id d23-20020a2eb057000000b002d869fec5ebsm1840839ljl.79.2024.04.17.03.38.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 17 Apr 2024 03:38:58 -0700 (PDT) From: Robert Malz To: kernel-team@lists.ubuntu.com Subject: [SRU][F][PATCH 1/1] cifs: fix ntlmssp auth when there is no key exchange Date: Wed, 17 Apr 2024 12:38:55 +0200 Message-Id: <20240417103856.1619778-2-robert.malz@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240417103856.1619778-1-robert.malz@canonical.com> References: <20240417103856.1619778-1-robert.malz@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Paulo Alcantara BugLink: https://bugs.launchpad.net/bugs/2061986 Warn on the lack of key exchange during NTLMSSP authentication rather than aborting it as there are some servers that do not set it in CHALLENGE message. Signed-off-by: Paulo Alcantara (SUSE) Acked-by: Ronnie Sahlberg Signed-off-by: Steve French (backported from commit 9de0737d5ba0425c3154d5d83da12a8fa8595c0f) [rmalz: commit fails to cherry-pick due to changes introduced by commit 49bd49f983b5026e4557d31c5d737d9657c4113e, which is not relevant to the change] Signed-off-by: Robert Malz --- fs/cifs/sess.c | 54 +++++++++++++++++++++++++++++++++----------------- 1 file changed, 36 insertions(+), 18 deletions(-) diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index 30f841a880ac..704f2b1e0650 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -290,8 +290,8 @@ int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len, { unsigned int tioffset; /* challenge message target info area */ unsigned int tilen; /* challenge message target info area length */ - CHALLENGE_MESSAGE *pblob = (CHALLENGE_MESSAGE *)bcc_ptr; + __u32 server_flags; if (blob_len < sizeof(CHALLENGE_MESSAGE)) { cifs_dbg(VFS, "challenge blob len %d too small\n", blob_len); @@ -309,12 +309,37 @@ int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len, return -EINVAL; } + server_flags = le32_to_cpu(pblob->NegotiateFlags); + cifs_dbg(FYI, "%s: negotiate=0x%08x challenge=0x%08x\n", __func__, + ses->ntlmssp->client_flags, server_flags); + + if ((ses->ntlmssp->client_flags & (NTLMSSP_NEGOTIATE_SEAL | NTLMSSP_NEGOTIATE_SIGN)) && + (!(server_flags & NTLMSSP_NEGOTIATE_56) && !(server_flags & NTLMSSP_NEGOTIATE_128))) { + cifs_dbg(VFS, "%s: requested signing/encryption but server did not return either 56-bit or 128-bit session key size\n", + __func__); + return -EINVAL; + } + if (!(server_flags & NTLMSSP_NEGOTIATE_NTLM) && !(server_flags & NTLMSSP_NEGOTIATE_EXTENDED_SEC)) { + cifs_dbg(VFS, "%s: server does not seem to support either NTLMv1 or NTLMv2\n", __func__); + return -EINVAL; + } + if (ses->server->sign && !(server_flags & NTLMSSP_NEGOTIATE_SIGN)) { + cifs_dbg(VFS, "%s: forced packet signing but server does not seem to support it\n", + __func__); + return -EOPNOTSUPP; + } + if ((ses->ntlmssp->client_flags & NTLMSSP_NEGOTIATE_KEY_XCH) && + !(server_flags & NTLMSSP_NEGOTIATE_KEY_XCH)) + pr_warn_once("%s: authentication has been weakened as server does not support key exchange\n", + __func__); + + ses->ntlmssp->server_flags = server_flags; + memcpy(ses->ntlmssp->cryptkey, pblob->Challenge, CIFS_CRYPTO_KEY_SIZE); - /* BB we could decode pblob->NegotiateFlags; some may be useful */ /* In particular we can examine sign flags */ /* BB spec says that if AvId field of MsvAvTimestamp is populated then we must set the MIC field of the AUTHENTICATE_MESSAGE */ - ses->ntlmssp->server_flags = le32_to_cpu(pblob->NegotiateFlags); + tioffset = le32_to_cpu(pblob->TargetInfoArray.BufferOffset); tilen = le16_to_cpu(pblob->TargetInfoArray.Length); if (tioffset > blob_len || tioffset + tilen > blob_len) { @@ -353,12 +378,12 @@ void build_ntlmssp_negotiate_blob(unsigned char *pbuffer, flags = NTLMSSP_NEGOTIATE_56 | NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_EXTENDED_SEC | - NTLMSSP_NEGOTIATE_SEAL; - if (ses->server->sign) - flags |= NTLMSSP_NEGOTIATE_SIGN; + NTLMSSP_NEGOTIATE_ALWAYS_SIGN | NTLMSSP_NEGOTIATE_SEAL | + NTLMSSP_NEGOTIATE_SIGN; if (!ses->server->session_estab || ses->ntlmssp->sesskey_per_smbsess) flags |= NTLMSSP_NEGOTIATE_KEY_XCH; + ses->ntlmssp->client_flags = flags; sec_blob->NegotiateFlags = cpu_to_le32(flags); sec_blob->WorkstationName.BufferOffset = 0; @@ -417,15 +442,8 @@ int build_ntlmssp_auth_blob(unsigned char **pbuffer, memcpy(sec_blob->Signature, NTLMSSP_SIGNATURE, 8); sec_blob->MessageType = NtLmAuthenticate; - flags = NTLMSSP_NEGOTIATE_56 | - NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_TARGET_INFO | - NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | - NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_EXTENDED_SEC | - NTLMSSP_NEGOTIATE_SEAL; - if (ses->server->sign) - flags |= NTLMSSP_NEGOTIATE_SIGN; - if (!ses->server->session_estab || ses->ntlmssp->sesskey_per_smbsess) - flags |= NTLMSSP_NEGOTIATE_KEY_XCH; + flags = ses->ntlmssp->server_flags | NTLMSSP_REQUEST_TARGET | + NTLMSSP_NEGOTIATE_TARGET_INFO; tmp = *pbuffer + sizeof(AUTHENTICATE_MESSAGE); sec_blob->NegotiateFlags = cpu_to_le32(flags); @@ -491,9 +509,9 @@ int build_ntlmssp_auth_blob(unsigned char **pbuffer, sec_blob->WorkstationName.MaximumLength = 0; tmp += 2; - if (((ses->ntlmssp->server_flags & NTLMSSP_NEGOTIATE_KEY_XCH) || - (ses->ntlmssp->server_flags & NTLMSSP_NEGOTIATE_EXTENDED_SEC)) - && !calc_seckey(ses)) { + if ((ses->ntlmssp->server_flags & NTLMSSP_NEGOTIATE_KEY_XCH) && + (!ses->server->session_estab || ses->ntlmssp->sesskey_per_smbsess) && + !calc_seckey(ses)) { memcpy(tmp, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE); sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - *pbuffer); sec_blob->SessionKey.Length = cpu_to_le16(CIFS_CPHTXT_SIZE);