From patchwork Thu May 23 15:06:01 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Layton X-Patchwork-Id: 2607591 Return-Path: X-Original-To: patchwork-cifs-client@patchwork.kernel.org Delivered-To: patchwork-process-083081@patchwork2.kernel.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by patchwork2.kernel.org (Postfix) with ESMTP id 770F4DFB78 for ; Thu, 23 May 2013 15:06:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1759456Ab3EWPG3 (ORCPT ); Thu, 23 May 2013 11:06:29 -0400 Received: from mail-qa0-f54.google.com ([209.85.216.54]:52810 "EHLO mail-qa0-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1759203Ab3EWPG2 (ORCPT ); Thu, 23 May 2013 11:06:28 -0400 Received: by mail-qa0-f54.google.com with SMTP id hu16so1699675qab.13 for ; Thu, 23 May 2013 08:06:27 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=sender:from:to:cc:subject:date:message-id:x-mailer:in-reply-to :references:x-gm-message-state; bh=+DNGih633om0GdLS10ag/Ykvmpe1hBIalea0ADP+qJ8=; b=DLsTo14924nHP3SKIp43ME2TqU6UNYjfn+/RSsQKKymq+vEjvZtm6wbZCfI3YX1NvL Y66+/OOJ5Gim8XeV3EHSlC9NT3hx4Qn8ofhMIQYqmUdNrSLhrAB0AQf4wrivyHZucbx7 70vhZwE4N0x7jzHnXKX9coJt9lzMDRaL30MsiFWGMxuqZV40eXRbNfo8Ee4CMdGXeK4Q W/CR0NovCGDFRbwEiHKzpl7d1EDbY3P8E7TDPmZGUn5Ib7FFRydd4x0mRHuwtSTPS0HP G6FCeVn0ZrOf0ZGzcugD4mnKbyIlA3+HFXGtygdcYEufEEX5grRZFpM8yvFlz6pLd/D+ HELA== X-Received: by 10.49.50.162 with SMTP id d2mr13600520qeo.17.1369321587657; Thu, 23 May 2013 08:06:27 -0700 (PDT) Received: from salusa.poochiereds.net (cpe-107-015-113-143.nc.res.rr.com. [107.15.113.143]) by mx.google.com with ESMTPSA id y1sm12688520qad.5.2013.05.23.08.06.26 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Thu, 23 May 2013 08:06:27 -0700 (PDT) From: Jeff Layton To: smfrench@gmail.com Cc: linux-cifs@vger.kernel.org, idra@samba.org Subject: [PATCH 17/19] cifs: update the default global_secflags to include "raw" NTLMv2 Date: Thu, 23 May 2013 11:06:01 -0400 Message-Id: <1369321563-16893-18-git-send-email-jlayton@redhat.com> X-Mailer: git-send-email 1.8.1.4 In-Reply-To: <1369321563-16893-1-git-send-email-jlayton@redhat.com> References: <1369321563-16893-1-git-send-email-jlayton@redhat.com> X-Gm-Message-State: ALoCoQm3OrusBsXJPhWBn10HikwsKoFaY2u2p8qkYrbfrDUdlONwiTFEuSUknoUUO+G67iq5P6Pb Sender: linux-cifs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org Before this patchset, the global_secflags could only offer up a single sectype. With the new set though we have the ability to allow different sectypes since we sort out the one to use after talking to the server. Change the global_secflags to allow NTLMSSP or NTLMv2 by default. If the server sets the extended security bit in the Negotiate response, then we'll use NTLMSSP. If it doesn't then we'll use raw NTLMv2. Signed-off-by: Jeff Layton Reviewed-by: Pavel Shilovsky --- fs/cifs/cifsglob.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 65fd9dd..fc0d004 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -1338,7 +1338,7 @@ require use of the stronger protocol */ #define CIFSSEC_MUST_SEAL 0x40040 /* not supported yet */ #define CIFSSEC_MUST_NTLMSSP 0x80080 /* raw ntlmssp with ntlmv2 */ -#define CIFSSEC_DEF (CIFSSEC_MAY_SIGN | CIFSSEC_MAY_NTLMSSP) +#define CIFSSEC_DEF (CIFSSEC_MAY_SIGN | CIFSSEC_MAY_NTLMV2 | CIFSSEC_MAY_NTLMSSP) #define CIFSSEC_MAX (CIFSSEC_MUST_SIGN | CIFSSEC_MUST_NTLMV2) #define CIFSSEC_AUTH_MASK (CIFSSEC_MAY_NTLM | CIFSSEC_MAY_NTLMV2 | CIFSSEC_MAY_LANMAN | CIFSSEC_MAY_PLNTXT | CIFSSEC_MAY_KRB5 | CIFSSEC_MAY_NTLMSSP) /*