Tom, sorry for the wrong wording. I wanted to give credit, not putting words in your mouth. Your suggestion is definitely better. Regards Thomas > On 30 Aug 2018, at 19:05, Tom Talpey <ttalpey@xxxxxxxxxxxxx> wrote: > >> -----Original Message----- >> From: Thomas Werschlein <thomas.werschlein@xxxxxxxxxx> >> Sent: Thursday, August 30, 2018 12:29 PM >> To: CIFS <linux-cifs@xxxxxxxxxxxxxxx> >> Cc: Steve French <smfrench@xxxxxxxxx>; Aurélien Aptel <aaptel@xxxxxxxx>; >> Tom Talpey <ttalpey@xxxxxxxxxxxxx> >> Subject: [PATCH] cifs: connect to servername instead of IP for IPC$ share >> >> This change corresponds to the buffer size for the UNC (Aurélien Aptel), >> prevents authentication to be forced down to NTLM (Tom Talpey) and allows > > Well, sort of. "Prevents" isn’t the right word here. If the server only supports NTLM, > then you get what you get. And many servers, if forced down to NTLM, will refuse the > auth. > > Now I think about it again, there's also the question of the server handling of the > sharename. MS-SMB2 section 3.3.5.7 and MS-SRVS 3.1.6.8 cover that. The numeric > address may not match the target share. > > So I guess I'd suggest a more general "provides stronger context for authentication > and share connection". > > Tom. > > >> access to a Microsoft fileserver failover cluster behind a 1:1 NAT firewall. >> >> Signed-off-by: Thomas Werschlein <thomas.werschlein@xxxxxxxxxx> >> --- >> fs/cifs/connect.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c >> index c832a8a1970a..7aa08dba4719 100644 >> --- a/fs/cifs/connect.c >> +++ b/fs/cifs/connect.c >> @@ -2547,7 +2547,7 @@ cifs_setup_ipc(struct cifs_ses *ses, struct smb_vol >> *volume_info) >> if (tcon == NULL) >> return -ENOMEM; >> >> - snprintf(unc, sizeof(unc), "\\\\%s\\IPC$", ses->serverName); >> + snprintf(unc, sizeof(unc), "\\\\%s\\IPC$", ses->server->hostname); >> >> /* cannot fail */ >> nls_codepage = load_nls_default(); >> -- >> 2.18.0
