if (count < 3) {
/* single char or single char followed by null */
c = flags_string[0];
- if (c == '0' || c == 'n' || c == 'N')
+ if (c == '0' || c == 'n' || c == 'N') {
extended_security = CIFSSEC_DEF; /* default */
- else if (c == '1' || c == 'y' || c == 'Y')
+ return count;
+ } else if (c == '1' || c == 'y' || c == 'Y') {
extended_security = CIFSSEC_MAX;
- return count;
+ return count;
+ } else if (!isdigit(c)) {
+ cERROR(1, ("invalid flag %c", c));
+ return -EINVAL;
+ }
}
/* else we have a number */
};
enum securityEnum {
- LANMAN = 0, /* Legacy LANMAN auth */
+ PLAINTXT = 0, /* Legacy with Plaintext passwords */
+ LANMAN, /* Legacy LANMAN auth */
NTLM, /* Legacy NTLM012 auth with NTLM hash */
NTLMv2, /* Legacy NTLM auth with NTLMv2 hash */
RawNTLMSSP, /* NTLMSSP without SPNEGO */
#define CIFSSEC_DEF CIFSSEC_MAY_SIGN | CIFSSEC_MAY_NTLM | CIFSSEC_MAY_NTLMV2
#define CIFSSEC_MAX CIFSSEC_MUST_SIGN | CIFSSEC_MUST_NTLMV2
+#define CIFSSEC_AUTH_MASK (CIFSSEC_MAY_NTLM | CIFSSEC_MAY_NTLMV2 | CIFSSEC_MAY_LANMAN | CIFSSEC_MAY_PLNTXT | CIFSSEC_MAY_KRB5)
/*
*****************************************************************
* All constants go here
pSMB->hdr.Mid = GetNextMid(server);
pSMB->hdr.Flags2 |= (SMBFLG2_UNICODE | SMBFLG2_ERR_STATUS);
+
if ((secFlags & CIFSSEC_MUST_KRB5) == CIFSSEC_MUST_KRB5)
pSMB->hdr.Flags2 |= SMBFLG2_EXT_SEC;
+ else if ((secFlags & CIFSSEC_AUTH_MASK) == CIFSSEC_MAY_KRB5) {
+ cFYI(1, ("Kerberos only mechanism, enable extended security"));
+ pSMB->hdr.Flags2 |= SMBFLG2_EXT_SEC;
+ }
count = 0;
for (i = 0; i < CIFS_NUM_PROT; i++) {
server->secType = NTLM;
else if (secFlags & CIFSSEC_MAY_NTLMV2)
server->secType = NTLMv2;
- /* else krb5 ... any others ... */
+ else if (secFlags & CIFSSEC_MAY_KRB5)
+ server->secType = Kerberos;
+ else if (secFlags & CIFSSEC_MAY_LANMAN)
+ server->secType = LANMAN;
+/* #ifdef CONFIG_CIFS_EXPERIMENTAL
+ else if (secFlags & CIFSSEC_MAY_PLNTXT)
+ server->secType = ??
+#endif */
+ else {
+ rc = -EOPNOTSUPP;
+ cERROR(1, ("Invalid security type"));
+ goto neg_err_exit;
+ }
+ /* else ... any others ...? */
/* one byte, so no need to convert this or EncryptionKeyLen from
little endian */
goto qsec_out;
pSMBr = (struct smb_com_ntransact_rsp *)iov[0].iov_base;
- cERROR(1, ("smb %p parm %p data %p",
- pSMBr, parm, psec_desc)); /* BB removeme BB */
+ cFYI(1, ("smb %p parm %p data %p", pSMBr, parm, psec_desc));
if (le32_to_cpu(pSMBr->ParameterCount) != 4) {
rc = -EIO; /* bad smb */
if (tsk)
kthread_stop(tsk);
}
- } else
+ } else {
cFYI(1, ("No session or bad tcon"));
+ if ((pSesInfo->server) &&
+ (pSesInfo->server->tsk)) {
+ struct task_struct *tsk;
+ force_sig(SIGKILL,
+ pSesInfo->server->tsk);
+ tsk = pSesInfo->server->tsk;
+ if (tsk)
+ kthread_stop(tsk);
+ }
+ }
sesInfoFree(pSesInfo);
/* pSesInfo = NULL; */
}
projects / mirror_ubuntu-artful-kernel.git / commitdiff