aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--UPDATING4
-rw-r--r--sys/conf/NOTES2
-rw-r--r--sys/conf/files4
-rw-r--r--sys/conf/files.alpha2
-rw-r--r--sys/conf/files.amd642
-rw-r--r--sys/conf/files.i3862
-rw-r--r--sys/conf/files.ia642
-rw-r--r--sys/conf/files.pc982
-rw-r--r--sys/conf/files.powerpc2
-rw-r--r--sys/conf/files.sparc642
-rw-r--r--sys/conf/options3
-rw-r--r--sys/modules/smbfs/Makefile11
-rw-r--r--sys/netsmb/smb_crypt.c34
-rw-r--r--sys/netsmb/smb_smb.c2
14 files changed, 17 insertions, 57 deletions
diff --git a/UPDATING b/UPDATING
index 014f74ba56df..f850a7663eec 100644
--- a/UPDATING
+++ b/UPDATING
@@ -21,6 +21,10 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 7.x IS SLOW:
developers choose to disable these features on build machines
to maximize performance.
+20060305:
+ The NETSMBCRYPTO kernel option has been retired because its
+ functionality is always included in NETSMB and smbfs.ko now.
+
20060303:
The TDFX_LINUX kernel option was retired and replaced by the
tdfx_linux device. The latter can be loaded as a kernel module.
diff --git a/sys/conf/NOTES b/sys/conf/NOTES
index a6daab6fbe2f..12398cc92f86 100644
--- a/sys/conf/NOTES
+++ b/sys/conf/NOTES
@@ -489,9 +489,7 @@ options NETATALKDEBUG #Appletalk debugging
# SMB/CIFS requester
# NETSMB enables support for SMB protocol, it requires LIBMCHAIN and LIBICONV
# options.
-# NETSMBCRYPTO enables support for encrypted passwords.
options NETSMB #SMB/CIFS requester
-options NETSMBCRYPTO #encrypted password support for SMB
# mchain library. It can be either loaded as KLD or compiled into kernel
options LIBMCHAIN
diff --git a/sys/conf/files b/sys/conf/files
index b46ff2816c1a..cc91a6ab5d37 100644
--- a/sys/conf/files
+++ b/sys/conf/files
@@ -334,8 +334,8 @@ contrib/pf/net/pf_osfp.c optional pf \
contrib/pf/netinet/in4_cksum.c optional pf inet
crypto/blowfish/bf_ecb.c optional ipsec ipsec_esp
crypto/blowfish/bf_skey.c optional crypto | ipsec ipsec_esp
-crypto/des/des_ecb.c optional crypto | ipsec ipsec_esp | netsmbcrypto
-crypto/des/des_setkey.c optional crypto | ipsec ipsec_esp | netsmbcrypto
+crypto/des/des_ecb.c optional crypto | ipsec ipsec_esp | netsmb
+crypto/des/des_setkey.c optional crypto | ipsec ipsec_esp | netsmb
crypto/rc4/rc4.c optional netgraph_mppc_encryption
crypto/rijndael/rijndael-alg-fst.c optional crypto | geom_bde | \
ipsec | random | wlan_ccmp
diff --git a/sys/conf/files.alpha b/sys/conf/files.alpha
index cef1c350e22d..46c4ce3fc5f4 100644
--- a/sys/conf/files.alpha
+++ b/sys/conf/files.alpha
@@ -146,7 +146,7 @@ compat/linux/linux_stats.c optional compat_linux
compat/linux/linux_util.c optional compat_linux
crypto/blowfish/bf_enc.c optional crypto | ipsec ipsec_esp
crypto/des/des_enc.c optional crypto | ipsec ipsec_esp | \
- netsmbcrypto
+ netsmb
dev/advansys/adv_isa.c optional adv isa
dev/aic/aic_isa.c optional aic isa
dev/atkbdc/atkbd.c optional atkbd atkbdc
diff --git a/sys/conf/files.amd64 b/sys/conf/files.amd64
index 403e5ee55c16..41c9c3379a5c 100644
--- a/sys/conf/files.amd64
+++ b/sys/conf/files.amd64
@@ -131,7 +131,7 @@ amd64/pci/pci_bus.c optional pci
amd64/pci/pci_cfgreg.c optional pci
crypto/blowfish/bf_enc.c optional crypto | ipsec ipsec_esp
crypto/des/des_enc.c optional crypto | ipsec ipsec_esp | \
- netsmbcrypto
+ netsmb
dev/acpica/acpi_if.m standard
dev/arcmsr/arcmsr.c optional arcmsr pci
dev/atkbdc/atkbd.c optional atkbd atkbdc
diff --git a/sys/conf/files.i386 b/sys/conf/files.i386
index e5d6b1a5da1d..71c9db186505 100644
--- a/sys/conf/files.i386
+++ b/sys/conf/files.i386
@@ -126,7 +126,7 @@ bf_enc.o optional crypto | ipsec ipsec_esp \
dependency "$S/crypto/blowfish/arch/i386/bf_enc.S $S/crypto/blowfish/arch/i386/bf_enc_586.S $S/crypto/blowfish/arch/i386/bf_enc_686.S" \
compile-with "${CC} -c -I$S/crypto/blowfish/arch/i386 ${ASM_CFLAGS} ${WERROR} ${.IMPSRC}" \
no-implicit-rule
-crypto/des/arch/i386/des_enc.S optional crypto | ipsec ipsec_esp | netsmbcrypto
+crypto/des/arch/i386/des_enc.S optional crypto | ipsec ipsec_esp | netsmb
crypto/via/padlock.c optional padlock
dev/advansys/adv_isa.c optional adv isa
dev/aic/aic_isa.c optional aic isa
diff --git a/sys/conf/files.ia64 b/sys/conf/files.ia64
index 7495a6afa221..42285f9ad7db 100644
--- a/sys/conf/files.ia64
+++ b/sys/conf/files.ia64
@@ -44,7 +44,7 @@ contrib/ia64/libuwx/src/uwx_uinfo.c standard
contrib/ia64/libuwx/src/uwx_utable.c standard
crypto/blowfish/bf_enc.c optional crypto | ipsec ipsec_esp
crypto/des/des_enc.c optional crypto | ipsec ipsec_esp | \
- netsmbcrypto
+ netsmb
dev/advansys/adv_isa.c optional adv isa
dev/aic/aic_isa.c optional aic isa
dev/atkbdc/atkbd.c optional atkbd atkbdc
diff --git a/sys/conf/files.pc98 b/sys/conf/files.pc98
index ea96e4560a93..4621cef32004 100644
--- a/sys/conf/files.pc98
+++ b/sys/conf/files.pc98
@@ -82,7 +82,7 @@ bf_enc.o optional crypto | ipsec ipsec_esp \
dependency "$S/crypto/blowfish/arch/i386/bf_enc.S $S/crypto/blowfish/arch/i386/bf_enc_586.S $S/crypto/blowfish/arch/i386/bf_enc_686.S" \
compile-with "${CC} -c -I$S/crypto/blowfish/arch/i386 ${ASM_CFLAGS} ${WERROR} ${.IMPSRC}" \
no-implicit-rule
-crypto/des/arch/i386/des_enc.S optional crypto | ipsec ipsec_esp | netsmbcrypto
+crypto/des/arch/i386/des_enc.S optional crypto | ipsec ipsec_esp | netsmb
dev/aic/aic_cbus.c optional aic isa
dev/ar/if_ar.c optional ar
dev/ar/if_ar_pci.c optional ar pci
diff --git a/sys/conf/files.powerpc b/sys/conf/files.powerpc
index b10c32e1e45e..349468751a52 100644
--- a/sys/conf/files.powerpc
+++ b/sys/conf/files.powerpc
@@ -71,7 +71,7 @@ powerpc/powerpc/db_hwwatch.c optional ddb
powerpc/powerpc/db_trace.c optional ddb
crypto/blowfish/bf_enc.c optional ipsec ipsec_esp
-crypto/des/des_enc.c optional ipsec ipsec_esp | netsmbcrypto
+crypto/des/des_enc.c optional ipsec ipsec_esp | netsmb
dev/ofw/openfirm.c standard
dev/ofw/ofw_bus_if.m standard
diff --git a/sys/conf/files.sparc64 b/sys/conf/files.sparc64
index 5c82173f170c..8d4afabaf3ab 100644
--- a/sys/conf/files.sparc64
+++ b/sys/conf/files.sparc64
@@ -20,7 +20,7 @@ ukbdmap.h optional ukbd_dflt_keymap \
#
crypto/blowfish/bf_enc.c optional crypto | ipsec ipsec_esp
crypto/des/des_enc.c optional crypto | ipsec ipsec_esp | \
- netsmbcrypto
+ netsmb
dev/atkbdc/atkbd.c optional atkbd atkbdc
dev/atkbdc/atkbd_atkbdc.c optional atkbd atkbdc
dev/atkbdc/atkbdc.c optional atkbdc
diff --git a/sys/conf/options b/sys/conf/options
index 52c6ec8f5c1b..33b7c98d3364 100644
--- a/sys/conf/options
+++ b/sys/conf/options
@@ -242,8 +242,7 @@ UFS_DIRHASH opt_ufs.h
NFS_ROOT opt_nfsroot.h
# SMB/CIFS requester
-NETSMB opt_netsmb.h
-NETSMBCRYPTO opt_netsmb.h
+NETSMB opt_netsmb.h
# Experimental support for large MS-DOS filesystems; SEE WARNING IN "NOTES"!
MSDOSFS_LARGE opt_msdosfs.h
diff --git a/sys/modules/smbfs/Makefile b/sys/modules/smbfs/Makefile
index bc4316de4a4f..e8432e39297c 100644
--- a/sys/modules/smbfs/Makefile
+++ b/sys/modules/smbfs/Makefile
@@ -19,16 +19,13 @@ SRCS= vnode_if.h \
smbfs_vfsops.c smbfs_node.c smbfs_io.c smbfs_vnops.c \
smbfs_subr.c smbfs_smb.c
-NETSMBCRYPTO=
-
-.if defined(NETSMBCRYPTO)
+# NETSMBCRYPTO
SRCS+= des_ecb.c des_setkey.c
.if ${MACHINE_ARCH} == "i386"
SRCS+= des_enc.S
.else
SRCS+= des_enc.c
.endif
-.endif
# Build with IPX support (1|0)
SMB_IPX?= 0
@@ -52,12 +49,6 @@ opt_inet.h:
opt_ipx.h:
echo "#define IPX 1" > ${.TARGET}
.endif
-
-# XXX netsmb should be a separate module
-.if defined(NETSMBCRYPTO)
-opt_netsmb.h:
- echo "#define NETSMBCRYPTO 1" > ${.TARGET}
-.endif
.endif
.include <bsd.kmod.mk>
diff --git a/sys/netsmb/smb_crypt.c b/sys/netsmb/smb_crypt.c
index e45c379ad746..928ba8ce4b86 100644
--- a/sys/netsmb/smb_crypt.c
+++ b/sys/netsmb/smb_crypt.c
@@ -59,12 +59,10 @@ __FBSDID("$FreeBSD$");
#include <netsmb/smb_rq.h>
#include <netsmb/smb_dev.h>
-#include "opt_netsmb.h"
-
-#ifdef NETSMBCRYPTO
-
#include <crypto/des/des.h>
+#include "opt_netsmb.h"
+
static u_char N8[] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
@@ -87,13 +85,11 @@ smb_E(const u_char *key, u_char *data, u_char *dest)
des_ecb_encrypt((des_cblock *)data, (des_cblock *)dest, *ksp, 1);
free(ksp, M_SMBTEMP);
}
-#endif
int
smb_encrypt(const u_char *apwd, u_char *C8, u_char *RN)
{
-#ifdef NETSMBCRYPTO
u_char *p, *P14, *S21;
p = malloc(14 + 21, M_SMBTEMP, M_WAITOK);
@@ -112,17 +108,11 @@ smb_encrypt(const u_char *apwd, u_char *C8, u_char *RN)
smb_E(S21 + 14, C8, RN + 16);
free(p, M_SMBTEMP);
return 0;
-#else
- SMBERROR("password encryption is not available\n");
- bzero(RN, 24);
- return EAUTH;
-#endif
}
int
smb_ntencrypt(const u_char *apwd, u_char *C8, u_char *RN)
{
-#ifdef NETSMBCRYPTO
u_char S21[21];
u_int16_t *unipwd;
MD4_CTX *ctxp;
@@ -146,11 +136,6 @@ smb_ntencrypt(const u_char *apwd, u_char *C8, u_char *RN)
smb_E(S21 + 7, C8, RN + 8);
smb_E(S21 + 14, C8, RN + 16);
return 0;
-#else
- SMBERROR("password encryption is not available\n");
- bzero(RN, 24);
- return EAUTH;
-#endif
}
/*
@@ -159,7 +144,6 @@ smb_ntencrypt(const u_char *apwd, u_char *C8, u_char *RN)
int
smb_calcmackey(struct smb_vc *vcp)
{
-#ifdef NETSMBCRYPTO
const char *pwd;
u_int16_t *unipwd;
int len;
@@ -210,10 +194,6 @@ smb_calcmackey(struct smb_vc *vcp)
smb_E(S21 + 14, vcp->vc_ch, vcp->vc_mackey + 32);
return (0);
-#else
- panic("smb_calcmackey: encryption not available");
- return (0);
-#endif /* NETSMBCRYPTO */
}
/*
@@ -222,7 +202,6 @@ smb_calcmackey(struct smb_vc *vcp)
int
smb_rq_sign(struct smb_rq *rqp)
{
-#ifdef NETSMBCRYPTO
struct smb_vc *vcp = rqp->sr_vc;
struct mbchain *mbp;
struct mbuf *mb;
@@ -278,10 +257,6 @@ smb_rq_sign(struct smb_rq *rqp)
bcopy(digest, rqp->sr_rqsig, 8);
return (0);
-#else
- panic("smb_rq_sign: encryption not available");
- return (0);
-#endif /* NETSMBCRYPTO */
}
/*
@@ -290,7 +265,6 @@ smb_rq_sign(struct smb_rq *rqp)
int
smb_rq_verify(struct smb_rq *rqp)
{
-#ifdef NETSMBCRYPTO
struct smb_vc *vcp = rqp->sr_vc;
struct mdchain *mdp;
u_char sigbuf[8];
@@ -332,8 +306,4 @@ smb_rq_verify(struct smb_rq *rqp)
return (EAUTH);
return (0);
-#else
- panic("smb_rq_verify: encryption not available");
- return (0);
-#endif /* NETSMBCRYPTO */
}
diff --git a/sys/netsmb/smb_smb.c b/sys/netsmb/smb_smb.c
index 953456e1c85f..6393a9f05565 100644
--- a/sys/netsmb/smb_smb.c
+++ b/sys/netsmb/smb_smb.c
@@ -197,10 +197,8 @@ smb_smb_negotiate(struct smb_vc *vcp, struct smb_cred *scred)
vcp->vc_chlen = sblen;
vcp->obj.co_flags |= SMBV_ENCRYPT;
}
-#ifdef NETSMBCRYPTO
if (sp->sv_sm & SMB_SM_SIGS_REQUIRE)
vcp->vc_hflags2 |= SMB_FLAGS2_SECURITY_SIGNATURE;
-#endif
vcp->vc_hflags2 |= SMB_FLAGS2_KNOWS_LONG_NAMES;
if (dp->d_id == SMB_DIALECT_NTLM0_12 &&
sp->sv_maxtx < 4096 &&
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-21 11:08:21 +0000