lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <lsq.1544392233.857258219@decadent.org.uk>
Date:   Sun, 09 Dec 2018 21:50:33 +0000
From:   Ben Hutchings <ben@...adent.org.uk>
To:     linux-kernel@...r.kernel.org, stable@...r.kernel.org
CC:     akpm@...ux-foundation.org, "Aurelien Aptel" <aaptel@...e.com>,
        "Thomas Werschlein" <thomas.werschlein@....uzh.ch>,
        "Tom Talpey" <ttalpey@...rosoft.com>,
        "Steve French" <stfrench@...rosoft.com>
Subject: [PATCH 3.16 184/328] cifs: connect to servername instead of IP
 for IPC$ share

3.16.62-rc1 review patch.  If anyone has any objections, please let me know.

------------------

From: Thomas Werschlein <thomas.werschlein@....uzh.ch>

commit 395a2076b4064f97d3fce03af15210ff2a7bb7f9 upstream.

This patch is required allows access to a Microsoft fileserver failover
cluster behind a 1:1 NAT firewall.

The change also provides stronger context for authentication and share
connection (see MS-SMB2 3.3.5.7 and MS-SRVS 3.1.6.8) as noted by
Tom Talpey, and addresses comments about the buffer size for the UNC
made by Aurélien Aptel.

Signed-off-by: Thomas Werschlein <thomas.werschlein@....uzh.ch>
Signed-off-by: Steve French <stfrench@...rosoft.com>
CC: Tom Talpey <ttalpey@...rosoft.com>
Reviewed-by: Aurelien Aptel <aaptel@...e.com>
[bwh: Backported to 3.16: The IPC$ path is generated in get_dfs_path()
 in a rather fragile way. Rather than replacing all instances of
 ses->serverName here, switch to using kasprintf() so the new code
 is close to that used upstream.]
Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
---
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -2829,15 +2829,10 @@ get_dfs_path(const unsigned int xid, str
 	*referrals = NULL;
 
 	if (ses->ipc_tid == 0) {
-		temp_unc = kmalloc(2 /* for slashes */ +
-			strnlen(ses->serverName, SERVER_NAME_LEN_WITH_NULL * 2)
-				+ 1 + 4 /* slash IPC$ */ + 2, GFP_KERNEL);
+		temp_unc = kasprintf(GFP_KERNEL, "\\\\%s\\IPC$",
+				     ses->server->hostname);
 		if (temp_unc == NULL)
 			return -ENOMEM;
-		temp_unc[0] = '\\';
-		temp_unc[1] = '\\';
-		strcpy(temp_unc + 2, ses->serverName);
-		strcpy(temp_unc + 2 + strlen(ses->serverName), "\\IPC$");
 		rc = ses->server->ops->tree_connect(xid, ses, temp_unc, NULL,
 						    nls_codepage);
 		cifs_dbg(FYI, "Tcon rc = %d ipc_tid = %d\n", rc, ses->ipc_tid);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ