Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: [CIFS] Turn off Unicode during session establishment for plaintext authentication [CIFS] update cifs change log cifs: fix O_APPEND on directio mounts [CIFS] Fix plaintext authentication
This commit is contained in:
commit
6ffbb1964a
@ -9,7 +9,10 @@ files (e.g. "cp -a") to Windows servers. For mkdir and create honor setgid bit
|
||||
on parent directory when server supports Unix Extensions but not POSIX
|
||||
create. Update cifs.upcall version to handle new Kerberos sec flags
|
||||
(this requires update of cifs.upcall program from Samba). Fix memory leak
|
||||
on dns_upcall (resolving DFS referralls).
|
||||
on dns_upcall (resolving DFS referralls). Fix plain text password
|
||||
authentication (requires setting SecurityFlags to 0x30030 to enable
|
||||
lanman and plain text though). Fix writes to be at correct offset when
|
||||
file is open with O_APPEND and file is on a directio (forcediretio) mount.
|
||||
|
||||
Version 1.53
|
||||
------------
|
||||
|
@ -542,10 +542,20 @@ SecurityFlags Flags which control security negotiation and
|
||||
hashing mechanisms (as "must use") on the other hand
|
||||
does not make much sense. Default flags are
|
||||
0x07007
|
||||
(NTLM, NTLMv2 and packet signing allowed). Maximum
|
||||
(NTLM, NTLMv2 and packet signing allowed). The maximum
|
||||
allowable flags if you want to allow mounts to servers
|
||||
using weaker password hashes is 0x37037 (lanman,
|
||||
plaintext, ntlm, ntlmv2, signing allowed):
|
||||
plaintext, ntlm, ntlmv2, signing allowed). Some
|
||||
SecurityFlags require the corresponding menuconfig
|
||||
options to be enabled (lanman and plaintext require
|
||||
CONFIG_CIFS_WEAK_PW_HASH for example). Enabling
|
||||
plaintext authentication currently requires also
|
||||
enabling lanman authentication in the security flags
|
||||
because the cifs module only supports sending
|
||||
laintext passwords using the older lanman dialect
|
||||
form of the session setup SMB. (e.g. for authentication
|
||||
using plain text passwords, set the SecurityFlags
|
||||
to 0x30030):
|
||||
|
||||
may use packet signing 0x00001
|
||||
must use packet signing 0x01001
|
||||
|
@ -294,6 +294,7 @@ void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key)
|
||||
|
||||
if ((ses->server->secMode & SECMODE_PW_ENCRYPT) == 0)
|
||||
if (extended_security & CIFSSEC_MAY_PLNTXT) {
|
||||
memset(lnm_session_key, 0, CIFS_SESS_KEY_SIZE);
|
||||
memcpy(lnm_session_key, password_with_pad,
|
||||
CIFS_ENCPWD_SIZE);
|
||||
return;
|
||||
|
@ -833,6 +833,10 @@ ssize_t cifs_user_write(struct file *file, const char __user *write_data,
|
||||
return -EBADF;
|
||||
open_file = (struct cifsFileInfo *) file->private_data;
|
||||
|
||||
rc = generic_write_checks(file, poffset, &write_size, 0);
|
||||
if (rc)
|
||||
return rc;
|
||||
|
||||
xid = GetXid();
|
||||
|
||||
if (*poffset > file->f_path.dentry->d_inode->i_size)
|
||||
|
@ -409,6 +409,8 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
|
||||
#ifdef CONFIG_CIFS_WEAK_PW_HASH
|
||||
char lnm_session_key[CIFS_SESS_KEY_SIZE];
|
||||
|
||||
pSMB->req.hdr.Flags2 &= ~SMBFLG2_UNICODE;
|
||||
|
||||
/* no capabilities flags in old lanman negotiation */
|
||||
|
||||
pSMB->old_req.PasswordLength = cpu_to_le16(CIFS_SESS_KEY_SIZE);
|
||||
|
Loading…
Reference in New Issue
Block a user