diff options
author | Steve French <sfrench@us.ibm.com> | 2006-06-27 20:13:38 -0400 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2006-06-27 20:13:38 -0400 |
commit | f40c562855294bf4e7268274d7461dc32c1e6b25 (patch) | |
tree | 23259eb48ddd99b080014937781e363993d21624 /fs/cifs/cifssmb.c | |
parent | 0223cf0b10bdb3b557d8884b1a957cc64be843c3 (diff) |
[CIFS] Fix authentication choice so we do not force NTLMv2 unless the
user specifies it is required or turns of ntlm
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs/cifs/cifssmb.c')
-rw-r--r-- | fs/cifs/cifssmb.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index de405bfb67d2..19678c575dfc 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c | |||
@@ -415,6 +415,8 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) | |||
415 | else /* if override flags set only sign/seal OR them with global auth */ | 415 | else /* if override flags set only sign/seal OR them with global auth */ |
416 | secFlags = extended_security | ses->overrideSecFlg; | 416 | secFlags = extended_security | ses->overrideSecFlg; |
417 | 417 | ||
418 | cFYI(1,("secFlags 0x%x",secFlags)); | ||
419 | |||
418 | pSMB->hdr.Mid = GetNextMid(server); | 420 | pSMB->hdr.Mid = GetNextMid(server); |
419 | pSMB->hdr.Flags2 |= SMBFLG2_UNICODE; | 421 | pSMB->hdr.Flags2 |= SMBFLG2_UNICODE; |
420 | if((secFlags & CIFSSEC_MUST_KRB5) == CIFSSEC_MUST_KRB5) | 422 | if((secFlags & CIFSSEC_MUST_KRB5) == CIFSSEC_MUST_KRB5) |
@@ -511,11 +513,13 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) | |||
511 | cERROR(1,("Server requests plain text password" | 513 | cERROR(1,("Server requests plain text password" |
512 | " but client support disabled")); | 514 | " but client support disabled")); |
513 | 515 | ||
514 | if(secFlags & CIFSSEC_MUST_NTLMV2) | 516 | if((secFlags & CIFSSEC_MUST_NTLMV2) == CIFSSEC_MUST_NTLMV2) |
515 | server->secType = NTLMv2; | 517 | server->secType = NTLMv2; |
516 | else | 518 | else if(secFlags & CIFSSEC_MAY_NTLM) |
517 | server->secType = NTLM; | 519 | server->secType = NTLM; |
518 | /* else krb5 ... */ | 520 | else if(secFlags & CIFSSEC_MAY_NTLMV2) |
521 | server->secType = NTLMv2; | ||
522 | /* else krb5 ... any others ... */ | ||
519 | 523 | ||
520 | /* one byte, so no need to convert this or EncryptionKeyLen from | 524 | /* one byte, so no need to convert this or EncryptionKeyLen from |
521 | little endian */ | 525 | little endian */ |