| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 09 Dec 2018 21:50:33 +0000
From: Ben Hutchings <ben@...adent.org.uk>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
CC: akpm@...ux-foundation.org, "Aurelien Aptel" <aaptel@...e.com>,
"Thomas Werschlein" <thomas.werschlein@....uzh.ch>,
"Tom Talpey" <ttalpey@...rosoft.com>,
"Steve French" <stfrench@...rosoft.com>
Subject: [PATCH 3.16 184/328] cifs: connect to servername instead of IP
for IPC$ share
3.16.62-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: Thomas Werschlein <thomas.werschlein@....uzh.ch>
commit 395a2076b4064f97d3fce03af15210ff2a7bb7f9 upstream.
This patch is required allows access to a Microsoft fileserver failover
cluster behind a 1:1 NAT firewall.
The change also provides stronger context for authentication and share
connection (see MS-SMB2 3.3.5.7 and MS-SRVS 3.1.6.8) as noted by
Tom Talpey, and addresses comments about the buffer size for the UNC
made by Aurélien Aptel.
Signed-off-by: Thomas Werschlein <thomas.werschlein@....uzh.ch>
Signed-off-by: Steve French <stfrench@...rosoft.com>
CC: Tom Talpey <ttalpey@...rosoft.com>
Reviewed-by: Aurelien Aptel <aaptel@...e.com>
[bwh: Backported to 3.16: The IPC$ path is generated in get_dfs_path()
in a rather fragile way. Rather than replacing all instances of
ses->serverName here, switch to using kasprintf() so the new code
is close to that used upstream.]
Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
---
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -2829,15 +2829,10 @@ get_dfs_path(const unsigned int xid, str
*referrals = NULL;
if (ses->ipc_tid == 0) {
- temp_unc = kmalloc(2 /* for slashes */ +
- strnlen(ses->serverName, SERVER_NAME_LEN_WITH_NULL * 2)
- + 1 + 4 /* slash IPC$ */ + 2, GFP_KERNEL);
+ temp_unc = kasprintf(GFP_KERNEL, "\\\\%s\\IPC$",
+ ses->server->hostname);
if (temp_unc == NULL)
return -ENOMEM;
- temp_unc[0] = '\\';
- temp_unc[1] = '\\';
- strcpy(temp_unc + 2, ses->serverName);
- strcpy(temp_unc + 2 + strlen(ses->serverName), "\\IPC$");
rc = ses->server->ops->tree_connect(xid, ses, temp_unc, NULL,
nls_codepage);
cifs_dbg(FYI, "Tcon rc = %d ipc_tid = %d\n", rc, ses->ipc_tid);
Powered by blists - more mailing lists