On Fri, Dec 17, 2010 at 10:33 AM, Steve French <smfrench@xxxxxxxxx> wrote: > I would like this patch in soon - as was noted it simplifies > build/testing to make these options non-experimental and we need to > have at least an informal schedule for moving code out of experimental > when no bugs found (over a few release cycles) > > Shirish, > Can you point me to any NTLMSSP fixes you think are necessary? Steve, this patch is ready to get merged. I think it would be helpful to have it in as soon as possible, has been Ack'ed by Jeff Layton and tested by Robbert Kouprie (and I did verify too that it works). [PATCH] cifs: Support NTLM2 session security during NTLMSSP authentication [try #5] > > On Fri, Dec 17, 2010 at 9:43 AM, Shirish Pargaonkar > <shirishpargaonkar@xxxxxxxxx> wrote: >> On Fri, Dec 17, 2010 at 9:28 AM, Suresh Jayaraman <sjayaraman@xxxxxxx> wrote: >>> On 12/08/2010 08:33 PM, Jeff Layton wrote: >>>> I see no real need to leave these sorts of options under an >>>> EXPERIMENTAL ifdef. Since you need a mount option to turn this code >>>> on, that only blows out the testing matrix. >>>> >>>> local_leases has been under the EXPERIMENTAL tag for some time, but >>>> it's only the mount option that's under this label. Move it out >>>> from under this tag. >>>> >>>> The NTLMSSP code is also under EXPERIMENTAL, but it needs a mount >>>> option to turn it on, and in the future any distro will reasonably >>>> want this enabled. Go ahead and move it out from under the >>>> EXPERIMENTAL tag. >>>> >>>> Signed-off-by: Jeff Layton <jlayton@xxxxxxxxxx> >>>> --- >>>> fs/cifs/cifssmb.c | 5 +-- >>>> fs/cifs/connect.c | 4 -- >>>> fs/cifs/sess.c | 103 ++++++++++++++++++++++++----------------------------- >>>> 3 files changed, 48 insertions(+), 64 deletions(-) >>> >>> Moving local_leases out sounds fine to me. While I agree that NTLMSSP is >>> something everyone wants moving ahead, I'm not sure whether there are >>> currently any known/open issues with specific Servers. >>> Shirish? >>> >>> Assuming there are none, >> >> Yes. There was one issue in NTLMSSP and it has been fixed and >> the patch hasbeen posted, discussed, and ack'ed by Jeff Layton. >> I am not aware of any other issues at this time that break >> NTLMSSP authentication. >> >> Only change we would want to see is reconciliation of flags sent >> by client in type 1 (negotiation) exchange packet and flags sent >> by server in type 2 (challenge) exchange packet and resultant >> flags and data according to those flags sent by client in >> type 3 (authentication) exchange packet. >> >>> >>> Acked-by: Suresh Jayaraman <sjayaraman@xxxxxxx> >>> >> > > > > -- > Thanks, > > Steve > -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
