> -----Original Message----- > From: Thomas Werschlein <thomas.werschlein@xxxxxxxxxx> > Sent: Thursday, August 30, 2018 12:29 PM > To: CIFS <linux-cifs@xxxxxxxxxxxxxxx> > Cc: Steve French <smfrench@xxxxxxxxx>; Aurélien Aptel <aaptel@xxxxxxxx>; > Tom Talpey <ttalpey@xxxxxxxxxxxxx> > Subject: [PATCH] cifs: connect to servername instead of IP for IPC$ share > > This change corresponds to the buffer size for the UNC (Aurélien Aptel), > prevents authentication to be forced down to NTLM (Tom Talpey) and allows Well, sort of. "Prevents" isn’t the right word here. If the server only supports NTLM, then you get what you get. And many servers, if forced down to NTLM, will refuse the auth. Now I think about it again, there's also the question of the server handling of the sharename. MS-SMB2 section 3.3.5.7 and MS-SRVS 3.1.6.8 cover that. The numeric address may not match the target share. So I guess I'd suggest a more general "provides stronger context for authentication and share connection". Tom. > access to a Microsoft fileserver failover cluster behind a 1:1 NAT firewall. > > Signed-off-by: Thomas Werschlein <thomas.werschlein@xxxxxxxxxx> > --- > fs/cifs/connect.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c > index c832a8a1970a..7aa08dba4719 100644 > --- a/fs/cifs/connect.c > +++ b/fs/cifs/connect.c > @@ -2547,7 +2547,7 @@ cifs_setup_ipc(struct cifs_ses *ses, struct smb_vol > *volume_info) > if (tcon == NULL) > return -ENOMEM; > > - snprintf(unc, sizeof(unc), "\\\\%s\\IPC$", ses->serverName); > + snprintf(unc, sizeof(unc), "\\\\%s\\IPC$", ses->server->hostname); > > /* cannot fail */ > nls_codepage = load_nls_default(); > -- > 2.18.0
