Yes - I would have liked to change this but clearly too late. On Fri, Sep 23, 2011 at 8:43 AM, Jeff Layton <jlayton@xxxxxxxxxx> wrote: > On Fri, 23 Sep 2011 17:55:05 +0530 > Suresh Jayaraman <sjayaraman@xxxxxxxx> wrote: > >> On 09/23/2011 05:46 PM, Jeff Layton wrote: >> > A printk warning was added to the kernel about the default security >> > mode changing in 3.1. As best I can tell though, that has not happened >> > even though the release is imminent. Are you still planning to change >> > that? If not, are you planning to fix the printk? >> > >> >> Did you mean this one? >> http://www.spinics.net/lists/linux-cifs/msg03976.html >> >> I remember Steve posted this patch sometime ago but I'm not seeing them >> in the cifs development tree.. >> >> >> -Suresh > > Yeah, that's the one. Seems a little late to be adding these sorts of > behavior changes in 3.1 though, so I'm just wondering what the plan is. > > I also have some concerns about defaulting to raw NTLMv2 auth since (at > least) win2k8 rejects unless you go in and tweak registry keys. It > would seem to me to be better to decide the default based on the > negotiation: > > Set extended security bit in the NegProt by default > > If the server sets it, then use NTLMSSP > > If it doesn't then use old NTLM (or NTLMv2) > > That means an overhaul of how sec_mode is handled though, since that's > currently decided too early to do it that way. > > -- > Jeff Layton <jlayton@xxxxxxxxxx> > -- Thanks, Steve -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
