From patchwork Wed Apr 17 10:38:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Robert Malz X-Patchwork-Id: 1924578 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=185.125.189.65; helo=lists.ubuntu.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=patchwork.ozlabs.org) Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VKHTK4lCxz1yZp for ; Wed, 17 Apr 2024 20:39:16 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com) by lists.ubuntu.com with esmtp (Exim 4.86_2) (envelope-from ) id 1rx2h0-0005AZ-Ii; Wed, 17 Apr 2024 10:39:06 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1rx2gw-00059M-4P for kernel-team@lists.ubuntu.com; Wed, 17 Apr 2024 10:39:02 +0000 Received: from mail-lj1-f198.google.com (mail-lj1-f198.google.com [209.85.208.198]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id D5B943FB69 for ; Wed, 17 Apr 2024 10:39:01 +0000 (UTC) Received: by mail-lj1-f198.google.com with SMTP id 38308e7fff4ca-2d87b880861so51278601fa.1 for ; Wed, 17 Apr 2024 03:39:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713350340; x=1713955140; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DF/KtAPzLoAdRAJQanWrFYi2fEHCr1IVwr1pAJ4Q270=; b=cCPMR9lFXN5tv3/lJa+pbYHS3cG7B6Oq8kgL+cFz1/M6Hmovm4EkGX1PfWmdNS4NPM Lt09M2WSCAj/4e8oqL6fNKDpKtE9fmgH1wTkzncQ50yzK6DCJmgBBjMrufDWl3JGpszC qlKc80SXvGQVNnrG4/SzVAsIYj2n8CHiYj5EMzPIpwOAKiSL3N6e84AE6/KJ9v4KHaDw A7Mzw1VZsUFVO8SVIIVO31l8wnuQpkrKWtnTYTcfHZe06hJtKO1Litr1Wb06h5G9h0WF ZdZnKPjm+nImJ8LUL3nTmnN/mjSTohiW0m/jCxxNgKAlUakM1vh2yHNLVySQDqVFZ4w7 dE+w== X-Gm-Message-State: AOJu0YxmmdgQPqJ9P/otSWFmL/dnzYydWyoXCVqMddt+4feWLIcgCfbz /Osz3/TqGoPa7YcUeCfzQvq1oUAktLh0hJfG9iMZHdcqydzTFpP3h4Q7Cr0/p9AID/GJsMFeB44 8cpiD7xt6JdfXH9NoXwSKmwoIj2j1Qhx0DP344X/9z5BMfWEFTIJy+3ysNwxiYdQcBjkPCIcBU3 Iw8auGOUV/YQ== X-Received: by 2002:a2e:9e82:0:b0:2d8:a82f:50a0 with SMTP id f2-20020a2e9e82000000b002d8a82f50a0mr9608290ljk.35.1713350339836; Wed, 17 Apr 2024 03:38:59 -0700 (PDT) X-Google-Smtp-Source: AGHT+IH7gj9J0QZdu9ox91pVq/2VXvD/kMe1c0ghpRderwl7Q8LSMADM31tFPHojU/7V8cYAH+wwJw== X-Received: by 2002:a2e:9e82:0:b0:2d8:a82f:50a0 with SMTP id f2-20020a2e9e82000000b002d8a82f50a0mr9608277ljk.35.1713350339398; Wed, 17 Apr 2024 03:38:59 -0700 (PDT) Received: from rmalz.. (89-64-27-150.dynamic.chello.pl. [89.64.27.150]) by smtp.gmail.com with ESMTPSA id d23-20020a2eb057000000b002d869fec5ebsm1840839ljl.79.2024.04.17.03.38.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 17 Apr 2024 03:38:58 -0700 (PDT) From: Robert Malz To: kernel-team@lists.ubuntu.com Subject: [SRU][J][PATCH 1/1] cifs: fix ntlmssp auth when there is no key exchange Date: Wed, 17 Apr 2024 12:38:56 +0200 Message-Id: <20240417103856.1619778-3-robert.malz@canonical.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240417103856.1619778-1-robert.malz@canonical.com> References: <20240417103856.1619778-1-robert.malz@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Paulo Alcantara BugLink: https://bugs.launchpad.net/bugs/2061986 Warn on the lack of key exchange during NTLMSSP authentication rather than aborting it as there are some servers that do not set it in CHALLENGE message. Signed-off-by: Paulo Alcantara (SUSE) Acked-by: Ronnie Sahlberg Signed-off-by: Steve French (backported from commit 9de0737d5ba0425c3154d5d83da12a8fa8595c0f) [rmalz: commit fails to cherry-pick due to changes introduced by commit 49bd49f983b5026e4557d31c5d737d9657c4113e, which is not relevant to the change] Signed-off-by: Robert Malz --- fs/cifs/sess.c | 54 +++++++++++++++++++++++++++++++++----------------- 1 file changed, 36 insertions(+), 18 deletions(-) diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c index 0fbd0f78f361..7198f10c62e9 100644 --- a/fs/cifs/sess.c +++ b/fs/cifs/sess.c @@ -582,8 +582,8 @@ int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len, { unsigned int tioffset; /* challenge message target info area */ unsigned int tilen; /* challenge message target info area length */ - CHALLENGE_MESSAGE *pblob = (CHALLENGE_MESSAGE *)bcc_ptr; + __u32 server_flags; if (blob_len < sizeof(CHALLENGE_MESSAGE)) { cifs_dbg(VFS, "challenge blob len %d too small\n", blob_len); @@ -601,12 +601,37 @@ int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len, return -EINVAL; } + server_flags = le32_to_cpu(pblob->NegotiateFlags); + cifs_dbg(FYI, "%s: negotiate=0x%08x challenge=0x%08x\n", __func__, + ses->ntlmssp->client_flags, server_flags); + + if ((ses->ntlmssp->client_flags & (NTLMSSP_NEGOTIATE_SEAL | NTLMSSP_NEGOTIATE_SIGN)) && + (!(server_flags & NTLMSSP_NEGOTIATE_56) && !(server_flags & NTLMSSP_NEGOTIATE_128))) { + cifs_dbg(VFS, "%s: requested signing/encryption but server did not return either 56-bit or 128-bit session key size\n", + __func__); + return -EINVAL; + } + if (!(server_flags & NTLMSSP_NEGOTIATE_NTLM) && !(server_flags & NTLMSSP_NEGOTIATE_EXTENDED_SEC)) { + cifs_dbg(VFS, "%s: server does not seem to support either NTLMv1 or NTLMv2\n", __func__); + return -EINVAL; + } + if (ses->server->sign && !(server_flags & NTLMSSP_NEGOTIATE_SIGN)) { + cifs_dbg(VFS, "%s: forced packet signing but server does not seem to support it\n", + __func__); + return -EOPNOTSUPP; + } + if ((ses->ntlmssp->client_flags & NTLMSSP_NEGOTIATE_KEY_XCH) && + !(server_flags & NTLMSSP_NEGOTIATE_KEY_XCH)) + pr_warn_once("%s: authentication has been weakened as server does not support key exchange\n", + __func__); + + ses->ntlmssp->server_flags = server_flags; + memcpy(ses->ntlmssp->cryptkey, pblob->Challenge, CIFS_CRYPTO_KEY_SIZE); - /* BB we could decode pblob->NegotiateFlags; some may be useful */ /* In particular we can examine sign flags */ /* BB spec says that if AvId field of MsvAvTimestamp is populated then we must set the MIC field of the AUTHENTICATE_MESSAGE */ - ses->ntlmssp->server_flags = le32_to_cpu(pblob->NegotiateFlags); + tioffset = le32_to_cpu(pblob->TargetInfoArray.BufferOffset); tilen = le16_to_cpu(pblob->TargetInfoArray.Length); if (tioffset > blob_len || tioffset + tilen > blob_len) { @@ -646,12 +671,12 @@ void build_ntlmssp_negotiate_blob(unsigned char *pbuffer, flags = NTLMSSP_NEGOTIATE_56 | NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_EXTENDED_SEC | - NTLMSSP_NEGOTIATE_SEAL; - if (server->sign) - flags |= NTLMSSP_NEGOTIATE_SIGN; + NTLMSSP_NEGOTIATE_ALWAYS_SIGN | NTLMSSP_NEGOTIATE_SEAL | + NTLMSSP_NEGOTIATE_SIGN; if (!server->session_estab || ses->ntlmssp->sesskey_per_smbsess) flags |= NTLMSSP_NEGOTIATE_KEY_XCH; + ses->ntlmssp->client_flags = flags; sec_blob->NegotiateFlags = cpu_to_le32(flags); sec_blob->WorkstationName.BufferOffset = 0; @@ -710,15 +735,8 @@ int build_ntlmssp_auth_blob(unsigned char **pbuffer, memcpy(sec_blob->Signature, NTLMSSP_SIGNATURE, 8); sec_blob->MessageType = NtLmAuthenticate; - flags = NTLMSSP_NEGOTIATE_56 | - NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_TARGET_INFO | - NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE | - NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_EXTENDED_SEC | - NTLMSSP_NEGOTIATE_SEAL; - if (ses->server->sign) - flags |= NTLMSSP_NEGOTIATE_SIGN; - if (!ses->server->session_estab || ses->ntlmssp->sesskey_per_smbsess) - flags |= NTLMSSP_NEGOTIATE_KEY_XCH; + flags = ses->ntlmssp->server_flags | NTLMSSP_REQUEST_TARGET | + NTLMSSP_NEGOTIATE_TARGET_INFO; tmp = *pbuffer + sizeof(AUTHENTICATE_MESSAGE); sec_blob->NegotiateFlags = cpu_to_le32(flags); @@ -784,9 +802,9 @@ int build_ntlmssp_auth_blob(unsigned char **pbuffer, sec_blob->WorkstationName.MaximumLength = 0; tmp += 2; - if (((ses->ntlmssp->server_flags & NTLMSSP_NEGOTIATE_KEY_XCH) || - (ses->ntlmssp->server_flags & NTLMSSP_NEGOTIATE_EXTENDED_SEC)) - && !calc_seckey(ses)) { + if ((ses->ntlmssp->server_flags & NTLMSSP_NEGOTIATE_KEY_XCH) && + (!ses->server->session_estab || ses->ntlmssp->sesskey_per_smbsess) && + !calc_seckey(ses)) { memcpy(tmp, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE); sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - *pbuffer); sec_blob->SessionKey.Length = cpu_to_le16(CIFS_CPHTXT_SIZE);