[PATCH] cifs: set domainName when a domain-key is used in multiuser

[PATCH] cifs: set domainName when a domain-key is used in multiuser

[Ronnie Sahlberg]

RHBZ: 1710429

When we use a domain-key to authenticate using multiuser we must also set
the domainnmame for the new volume as it will be used and passed to the server
in the NTLMSSP Domain-name.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
---
 fs/cifs/connect.c | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index a15a6e738eb5..6f5c3ef327bd 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -2981,6 +2981,7 @@ static int
 cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
 {
 	int rc = 0;
+	int is_domain = 0;
 	const char *delim, *payload;
 	char *desc;
 	ssize_t len;
@@ -3028,6 +3029,7 @@ cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
 			rc = PTR_ERR(key);
 			goto out_err;
 		}
+		is_domain = 1;
 	}
 
 	down_read(&key->sem);
@@ -3085,6 +3087,26 @@ cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
 		goto out_key_put;
 	}
 
+	/*
+	 * If we have a domain key then we must set the domainName in the
+	 * for the request.
+	 */
+	if (is_domain && ses->domainName) {
+		vol->domainname = kstrndup(ses->domainName,
+					   strlen(ses->domainName),
+					   GFP_KERNEL);
+		if (!vol->domainname) {
+			cifs_dbg(FYI, "Unable to allocate %zd bytes for "
+				 "domain\n", len);
+			rc = -ENOMEM;
+			kfree(vol->username);
+			vol->username = NULL;
+			kfree(vol->password);
+			vol->password = NULL;
+			goto out_key_put;
+		}
+	}
+
 out_key_put:
 	up_read(&key->sem);
 	key_put(key);
-- 
2.13.6

Re: [PATCH] cifs: set domainName when a domain-key is used in multiuser

[Steve French]

Tentatively merged into cifs-2.6.git for-next pending testing and any
additional review comments

On Wed, Aug 21, 2019 at 5:10 PM Ronnie Sahlberg <lsahlber@redhat.com> wrote:
>
> RHBZ: 1710429
>
> When we use a domain-key to authenticate using multiuser we must also set
> the domainnmame for the new volume as it will be used and passed to the server
> in the NTLMSSP Domain-name.
>
> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
> ---
>  fs/cifs/connect.c | 22 ++++++++++++++++++++++
>  1 file changed, 22 insertions(+)
>
> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
> index a15a6e738eb5..6f5c3ef327bd 100644
> --- a/fs/cifs/connect.c
> +++ b/fs/cifs/connect.c
> @@ -2981,6 +2981,7 @@ static int
>  cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
>  {
>         int rc = 0;
> +       int is_domain = 0;
>         const char *delim, *payload;
>         char *desc;
>         ssize_t len;
> @@ -3028,6 +3029,7 @@ cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
>                         rc = PTR_ERR(key);
>                         goto out_err;
>                 }
> +               is_domain = 1;
>         }
>
>         down_read(&key->sem);
> @@ -3085,6 +3087,26 @@ cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
>                 goto out_key_put;
>         }
>
> +       /*
> +        * If we have a domain key then we must set the domainName in the
> +        * for the request.
> +        */
> +       if (is_domain && ses->domainName) {
> +               vol->domainname = kstrndup(ses->domainName,
> +                                          strlen(ses->domainName),
> +                                          GFP_KERNEL);
> +               if (!vol->domainname) {
> +                       cifs_dbg(FYI, "Unable to allocate %zd bytes for "
> +                                "domain\n", len);
> +                       rc = -ENOMEM;
> +                       kfree(vol->username);
> +                       vol->username = NULL;
> +                       kfree(vol->password);
> +                       vol->password = NULL;
> +                       goto out_key_put;
> +               }
> +       }
> +
>  out_key_put:
>         up_read(&key->sem);
>         key_put(key);
> --
> 2.13.6
>


-- 
Thanks,

Steve