diff options
| -rw-r--r-- | fs/cifs/CHANGES | 5 | ||||
| -rw-r--r-- | fs/cifs/README | 14 |
2 files changed, 16 insertions, 3 deletions
diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES index f9e4ad97a79e..06e521a945c3 100644 --- a/fs/cifs/CHANGES +++ b/fs/cifs/CHANGES | |||
| @@ -9,7 +9,10 @@ files (e.g. "cp -a") to Windows servers. For mkdir and create honor setgid bit | |||
| 9 | on parent directory when server supports Unix Extensions but not POSIX | 9 | on parent directory when server supports Unix Extensions but not POSIX |
| 10 | create. Update cifs.upcall version to handle new Kerberos sec flags | 10 | create. Update cifs.upcall version to handle new Kerberos sec flags |
| 11 | (this requires update of cifs.upcall program from Samba). Fix memory leak | 11 | (this requires update of cifs.upcall program from Samba). Fix memory leak |
| 12 | on dns_upcall (resolving DFS referralls). | 12 | on dns_upcall (resolving DFS referralls). Fix plain text password |
| 13 | authentication (requires setting SecurityFlags to 0x30030 to enable | ||
| 14 | lanman and plain text though). Fix writes to be at correct offset when | ||
| 15 | file is open with O_APPEND and file is on a directio (forcediretio) mount. | ||
| 13 | 16 | ||
| 14 | Version 1.53 | 17 | Version 1.53 |
| 15 | ------------ | 18 | ------------ |
diff --git a/fs/cifs/README b/fs/cifs/README index 68b5c1169d9d..bd2343d4c6a6 100644 --- a/fs/cifs/README +++ b/fs/cifs/README | |||
| @@ -542,10 +542,20 @@ SecurityFlags Flags which control security negotiation and | |||
| 542 | hashing mechanisms (as "must use") on the other hand | 542 | hashing mechanisms (as "must use") on the other hand |
| 543 | does not make much sense. Default flags are | 543 | does not make much sense. Default flags are |
| 544 | 0x07007 | 544 | 0x07007 |
| 545 | (NTLM, NTLMv2 and packet signing allowed). Maximum | 545 | (NTLM, NTLMv2 and packet signing allowed). The maximum |
| 546 | allowable flags if you want to allow mounts to servers | 546 | allowable flags if you want to allow mounts to servers |
| 547 | using weaker password hashes is 0x37037 (lanman, | 547 | using weaker password hashes is 0x37037 (lanman, |
| 548 | plaintext, ntlm, ntlmv2, signing allowed): | 548 | plaintext, ntlm, ntlmv2, signing allowed). Some |
| 549 | SecurityFlags require the corresponding menuconfig | ||
| 550 | options to be enabled (lanman and plaintext require | ||
| 551 | CONFIG_CIFS_WEAK_PW_HASH for example). Enabling | ||
| 552 | plaintext authentication currently requires also | ||
| 553 | enabling lanman authentication in the security flags | ||
| 554 | because the cifs module only supports sending | ||
| 555 | laintext passwords using the older lanman dialect | ||
| 556 | form of the session setup SMB. (e.g. for authentication | ||
| 557 | using plain text passwords, set the SecurityFlags | ||
| 558 | to 0x30030): | ||
| 549 | 559 | ||
| 550 | may use packet signing 0x00001 | 560 | may use packet signing 0x00001 |
| 551 | must use packet signing 0x01001 | 561 | must use packet signing 0x01001 |