Re: [PATCH 3/8] ntlmv2/ntlmssp do not assume kerberos as default auth mech

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue,  7 Sep 2010 23:45:18 -0500
shirishpargaonkar@xxxxxxxxx wrote:

> From: Shirish Pargaonkar <shirishpargaonkar@xxxxxxxxx>
> 
> 
> kerberos gets selected as a default mechanism if server supports it, over
> the other security mechanisms.
> 
> 
> Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@xxxxxxxxx>
> ---
>  fs/cifs/cifssmb.c |   15 +++++++++------
>  1 files changed, 9 insertions(+), 6 deletions(-)
> 
> diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
> index c65c341..1f1b097 100644
> --- a/fs/cifs/cifssmb.c
> +++ b/fs/cifs/cifssmb.c
> @@ -604,12 +604,15 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
>  			else
>  				rc = -EINVAL;
>  
> -			if (server->sec_kerberos || server->sec_mskerberos)
> -				server->secType = Kerberos;
> -			else if (server->sec_ntlmssp)
> -				server->secType = RawNTLMSSP;
> -			else
> -				rc = -EOPNOTSUPP;
> +			if (server->secType == Kerberos) {
> +				if (!server->sec_kerberos &&
> +						!server->sec_mskerberos)
> +					rc = -EOPNOTSUPP;
> +			} else if (server->secType == RawNTLMSSP) {
> +				if (!server->sec_ntlmssp)
> +					rc = -EOPNOTSUPP;
> +			} else
> +					rc = -EOPNOTSUPP;
>  		}
>  	} else
>  		server->capabilities &= ~CAP_EXTENDED_SECURITY;

Reviewed-by: Jeff Layton <jlayton@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux