Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6

* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: [CIFS] Turn off Unicode during session establishment for plaintext authentication [CIFS] update cifs change log cifs: fix O_APPEND on directio mounts [CIFS] Fix plaintext authentication
2008-09-02 10:45:59 -07:00 · 2008-09-02 10:45:59 -07:00 · 6ffbb1964a
commit 6ffbb1964a
parent 1586553bc8 c76da9da1f
5 changed files with 23 additions and 3 deletions
--- a/fs/cifs/CHANGES
+++ b/fs/cifs/CHANGES
@ -9,7 +9,10 @@ files (e.g. "cp -a") to Windows servers.  For mkdir and create honor setgid bit
 on parent directory when server supports Unix Extensions but not POSIX
 create. Update cifs.upcall version to handle new Kerberos sec flags
 (this requires update of cifs.upcall program from Samba).  Fix memory leak
-on dns_upcall (resolving DFS referralls).
+on dns_upcall (resolving DFS referralls).  Fix plain text password
 authentication (requires setting SecurityFlags to 0x30030 to enable
 lanman and plain text though).  Fix writes to be at correct offset when
 file is open with O_APPEND and file is on a directio (forcediretio) mount.
 Version 1.53
 ------------
--- a/fs/cifs/README
+++ b/fs/cifs/README
@ -542,10 +542,20 @@ SecurityFlags		Flags which control security negotiation and
 			hashing mechanisms (as "must use") on the other hand 
 			does not make much sense. Default flags are 
 				0x07007 
-			(NTLM, NTLMv2 and packet signing allowed).  Maximum 
+			(NTLM, NTLMv2 and packet signing allowed).  The maximum 
 			allowable flags if you want to allow mounts to servers
 			using weaker password hashes is 0x37037 (lanman,
-			plaintext, ntlm, ntlmv2, signing allowed):
+			plaintext, ntlm, ntlmv2, signing allowed).  Some
 			SecurityFlags require the corresponding menuconfig
 			options to be enabled (lanman and plaintext require
 			CONFIG_CIFS_WEAK_PW_HASH for example).  Enabling
 			plaintext authentication currently requires also
 			enabling lanman authentication in the security flags
 			because the cifs module only supports sending
 			laintext passwords using the older lanman dialect
 			form of the session setup SMB.  (e.g. for authentication
 			using plain text passwords, set the SecurityFlags
 			to 0x30030):
 			may use packet signing 				0x00001
 			must use packet signing				0x01001
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@ -294,6 +294,7 @@ void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key)
 	if ((ses->server->secMode & SECMODE_PW_ENCRYPT) == 0)
 		if (extended_security & CIFSSEC_MAY_PLNTXT) {
 			memset(lnm_session_key, 0, CIFS_SESS_KEY_SIZE);
 			memcpy(lnm_session_key, password_with_pad,
 				CIFS_ENCPWD_SIZE);
 			return;
--- a/fs/cifs/file.c
+++ b/fs/cifs/file.c
@ -833,6 +833,10 @@ ssize_t cifs_user_write(struct file *file, const char __user *write_data,
 		return -EBADF;
 	open_file = (struct cifsFileInfo *) file->private_data;
 	rc = generic_write_checks(file, poffset, &write_size, 0);
 	if (rc)
 		return rc;
 	xid = GetXid();
 	if (*poffset > file->f_path.dentry->d_inode->i_size)
--- a/fs/cifs/sess.c
+++ b/fs/cifs/sess.c
@ -409,6 +409,8 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
 #ifdef CONFIG_CIFS_WEAK_PW_HASH
 		char lnm_session_key[CIFS_SESS_KEY_SIZE];
 		pSMB->req.hdr.Flags2 &= ~SMBFLG2_UNICODE;
 		/* no capabilities flags in old lanman negotiation */
 		pSMB->old_req.PasswordLength = cpu_to_le16(CIFS_SESS_KEY_SIZE);