[PATCH] cifs: print error code if smb signature verification fails

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] cifs: print error code if smb signature verification fails
@ 2012-08-03 12:41 Suresh Jayaraman
       [not found] ` <501BC6F3.5050506-IBi9RG/b67k@public.gmane.org>
  0 siblings, 1 reply; 3+ messages in thread
From: Suresh Jayaraman @ 2012-08-03 12:41 UTC (permalink / raw)
  To: Steve French, linux-cifs

While trying to debug a SMB signature related issue with Windows Servers
figured out it might be easier to debug if we print the error code from
cifs_verify_signature(). Also, fix indendation while at it.

Signed-off-by: Suresh Jayaraman <sjayaraman-IBi9RG/b67k@public.gmane.org>
---

 fs/cifs/cifssmb.c   |   11 ++++++++---
 fs/cifs/transport.c |    9 ++++++---
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index 074923c..3413042 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -1576,9 +1576,14 @@ cifs_readv_callback(struct mid_q_entry *mid)
 		/* result already set, check signature */
 		if (server->sec_mode &
 		    (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) {
-			if (cifs_verify_signature(rdata->iov, rdata->nr_iov,
-					  server, mid->sequence_number + 1))
-				cERROR(1, "Unexpected SMB signature");
+			int rc = 0;
+
+			rc = cifs_verify_signature(rdata->iov, rdata->nr_iov,
+						   server,
+						   mid->sequence_number + 1);
+			if (rc)
+				cERROR(1, "SMB signature verification returned
+				       error = %d", rc);
 		}
 		/* FIXME: should this be counted toward the initiating task? */
 		task_io_account_read(rdata->bytes);
diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c
index 83867ef..5d0778d 100644
--- a/fs/cifs/transport.c
+++ b/fs/cifs/transport.c
@@ -503,13 +503,16 @@ cifs_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server,
 	/* convert the length into a more usable form */
 	if (server->sec_mode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) {
 		struct kvec iov;
+		int rc = 0;
 
 		iov.iov_base = mid->resp_buf;
 		iov.iov_len = len;
 		/* FIXME: add code to kill session */
-		if (cifs_verify_signature(&iov, 1, server,
-					  mid->sequence_number + 1) != 0)
-			cERROR(1, "Unexpected SMB signature");
+		rc = cifs_verify_signature(&iov, 1, server,
+					   mid->sequence_number + 1) != 0;
+		if (rc)
+			cERROR(1, "SMB signature verification returned error =
+			       %d", rc);
 	}
 
 	/* BB special case reconnect tid and uid here? */

^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] cifs: print error code if smb signature verification fails
       [not found] ` <501BC6F3.5050506-IBi9RG/b67k@public.gmane.org>
@ 2012-08-03 13:48   ` Jeff Layton
  2012-08-03 15:15   ` Steve French
  1 sibling, 0 replies; 3+ messages in thread
From: Jeff Layton @ 2012-08-03 13:48 UTC (permalink / raw)
  To: Suresh Jayaraman; +Cc: Steve French, linux-cifs

On Fri, 03 Aug 2012 18:11:23 +0530
Suresh Jayaraman <sjayaraman-IBi9RG/b67k@public.gmane.org> wrote:

> While trying to debug a SMB signature related issue with Windows Servers
> figured out it might be easier to debug if we print the error code from
> cifs_verify_signature(). Also, fix indendation while at it.
> 
> Signed-off-by: Suresh Jayaraman <sjayaraman-IBi9RG/b67k@public.gmane.org>
> ---
> 
>  fs/cifs/cifssmb.c   |   11 ++++++++---
>  fs/cifs/transport.c |    9 ++++++---
>  2 files changed, 14 insertions(+), 6 deletions(-)
> 
> diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
> index 074923c..3413042 100644
> --- a/fs/cifs/cifssmb.c
> +++ b/fs/cifs/cifssmb.c
> @@ -1576,9 +1576,14 @@ cifs_readv_callback(struct mid_q_entry *mid)
>  		/* result already set, check signature */
>  		if (server->sec_mode &
>  		    (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) {
> -			if (cifs_verify_signature(rdata->iov, rdata->nr_iov,
> -					  server, mid->sequence_number + 1))
> -				cERROR(1, "Unexpected SMB signature");
> +			int rc = 0;
> +
> +			rc = cifs_verify_signature(rdata->iov, rdata->nr_iov,
> +						   server,
> +						   mid->sequence_number + 1);
> +			if (rc)
> +				cERROR(1, "SMB signature verification returned
> +				       error = %d", rc);
>  		}
>  		/* FIXME: should this be counted toward the initiating task? */
>  		task_io_account_read(rdata->bytes);
> diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c
> index 83867ef..5d0778d 100644
> --- a/fs/cifs/transport.c
> +++ b/fs/cifs/transport.c
> @@ -503,13 +503,16 @@ cifs_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server,
>  	/* convert the length into a more usable form */
>  	if (server->sec_mode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) {
>  		struct kvec iov;
> +		int rc = 0;
>  
>  		iov.iov_base = mid->resp_buf;
>  		iov.iov_len = len;
>  		/* FIXME: add code to kill session */
> -		if (cifs_verify_signature(&iov, 1, server,
> -					  mid->sequence_number + 1) != 0)
> -			cERROR(1, "Unexpected SMB signature");
> +		rc = cifs_verify_signature(&iov, 1, server,
> +					   mid->sequence_number + 1) != 0;
> +		if (rc)
> +			cERROR(1, "SMB signature verification returned error =
> +			       %d", rc);
>  	}
>  
>  	/* BB special case reconnect tid and uid here? */
> --
> To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
> the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reviewed-by: Jeff Layton <jlayton-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] cifs: print error code if smb signature verification fails
       [not found] ` <501BC6F3.5050506-IBi9RG/b67k@public.gmane.org>
  2012-08-03 13:48   ` Jeff Layton
@ 2012-08-03 15:15   ` Steve French
  1 sibling, 0 replies; 3+ messages in thread
From: Steve French @ 2012-08-03 15:15 UTC (permalink / raw)
  To: Suresh Jayaraman; +Cc: linux-cifs

Merged after fixing the build problem in the patch (missing trailing
":- presumably due to breaking a long line > 80 characters
incorrectly)

On Fri, Aug 3, 2012 at 7:41 AM, Suresh Jayaraman <sjayaraman-IBi9RG/b67k@public.gmane.org> wrote:
> While trying to debug a SMB signature related issue with Windows Servers
> figured out it might be easier to debug if we print the error code from
> cifs_verify_signature(). Also, fix indendation while at it.
>
> Signed-off-by: Suresh Jayaraman <sjayaraman-IBi9RG/b67k@public.gmane.org>
> ---
>
>  fs/cifs/cifssmb.c   |   11 ++++++++---
>  fs/cifs/transport.c |    9 ++++++---
>  2 files changed, 14 insertions(+), 6 deletions(-)
>
> diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
> index 074923c..3413042 100644
> --- a/fs/cifs/cifssmb.c
> +++ b/fs/cifs/cifssmb.c
> @@ -1576,9 +1576,14 @@ cifs_readv_callback(struct mid_q_entry *mid)
>                 /* result already set, check signature */
>                 if (server->sec_mode &
>                     (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) {
> -                       if (cifs_verify_signature(rdata->iov, rdata->nr_iov,
> -                                         server, mid->sequence_number + 1))
> -                               cERROR(1, "Unexpected SMB signature");
> +                       int rc = 0;
> +
> +                       rc = cifs_verify_signature(rdata->iov, rdata->nr_iov,
> +                                                  server,
> +                                                  mid->sequence_number + 1);
> +                       if (rc)
> +                               cERROR(1, "SMB signature verification returned
> +                                      error = %d", rc);
>                 }
>                 /* FIXME: should this be counted toward the initiating task? */
>                 task_io_account_read(rdata->bytes);
> diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c
> index 83867ef..5d0778d 100644
> --- a/fs/cifs/transport.c
> +++ b/fs/cifs/transport.c
> @@ -503,13 +503,16 @@ cifs_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server,
>         /* convert the length into a more usable form */
>         if (server->sec_mode & (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) {
>                 struct kvec iov;
> +               int rc = 0;
>
>                 iov.iov_base = mid->resp_buf;
>                 iov.iov_len = len;
>                 /* FIXME: add code to kill session */
> -               if (cifs_verify_signature(&iov, 1, server,
> -                                         mid->sequence_number + 1) != 0)
> -                       cERROR(1, "Unexpected SMB signature");
> +               rc = cifs_verify_signature(&iov, 1, server,
> +                                          mid->sequence_number + 1) != 0;
> +               if (rc)
> +                       cERROR(1, "SMB signature verification returned error =
> +                              %d", rc);
>         }
>
>         /* BB special case reconnect tid and uid here? */



-- 
Thanks,

Steve

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2012-08-03 15:15 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-08-03 12:41 [PATCH] cifs: print error code if smb signature verification fails Suresh Jayaraman
     [not found] ` <501BC6F3.5050506-IBi9RG/b67k@public.gmane.org>
2012-08-03 13:48   ` Jeff Layton
2012-08-03 15:15   ` Steve French

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.