aboutsummaryrefslogtreecommitdiffstats
path: root/fs/cifs/cifssmb.c
diff options
context:
space:
mode:
Diffstat (limited to 'fs/cifs/cifssmb.c')
-rw-r--r--fs/cifs/cifssmb.c18
1 files changed, 13 insertions, 5 deletions
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index 38f83db20764..de405bfb67d2 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -396,6 +396,7 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
396 int i; 396 int i;
397 struct TCP_Server_Info * server; 397 struct TCP_Server_Info * server;
398 u16 count; 398 u16 count;
399 unsigned int secFlags;
399 400
400 if(ses->server) 401 if(ses->server)
401 server = ses->server; 402 server = ses->server;
@@ -407,9 +408,16 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
407 (void **) &pSMB, (void **) &pSMBr); 408 (void **) &pSMB, (void **) &pSMBr);
408 if (rc) 409 if (rc)
409 return rc; 410 return rc;
411
412 /* if any of auth flags (ie not sign or seal) are overriden use them */
413 if(ses->overrideSecFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
414 secFlags = ses->overrideSecFlg;
415 else /* if override flags set only sign/seal OR them with global auth */
416 secFlags = extended_security | ses->overrideSecFlg;
417
410 pSMB->hdr.Mid = GetNextMid(server); 418 pSMB->hdr.Mid = GetNextMid(server);
411 pSMB->hdr.Flags2 |= SMBFLG2_UNICODE; 419 pSMB->hdr.Flags2 |= SMBFLG2_UNICODE;
412 if((extended_security & CIFSSEC_MUST_KRB5) == CIFSSEC_MUST_KRB5) 420 if((secFlags & CIFSSEC_MUST_KRB5) == CIFSSEC_MUST_KRB5)
413 pSMB->hdr.Flags2 |= SMBFLG2_EXT_SEC; 421 pSMB->hdr.Flags2 |= SMBFLG2_EXT_SEC;
414 422
415 count = 0; 423 count = 0;
@@ -439,8 +447,8 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
439 && (pSMBr->DialectIndex == LANMAN_PROT)) { 447 && (pSMBr->DialectIndex == LANMAN_PROT)) {
440 struct lanman_neg_rsp * rsp = (struct lanman_neg_rsp *)pSMBr; 448 struct lanman_neg_rsp * rsp = (struct lanman_neg_rsp *)pSMBr;
441 449
442 if((extended_security & CIFSSEC_MAY_LANMAN) || 450 if((secFlags & CIFSSEC_MAY_LANMAN) ||
443 (extended_security & CIFSSEC_MAY_PLNTXT)) 451 (secFlags & CIFSSEC_MAY_PLNTXT))
444 server->secType = LANMAN; 452 server->secType = LANMAN;
445 else { 453 else {
446 cERROR(1, ("mount failed weak security disabled" 454 cERROR(1, ("mount failed weak security disabled"
@@ -498,12 +506,12 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
498 506
499 if((server->secMode & SECMODE_PW_ENCRYPT) == 0) 507 if((server->secMode & SECMODE_PW_ENCRYPT) == 0)
500#ifdef CONFIG_CIFS_WEAK_PW_HASH 508#ifdef CONFIG_CIFS_WEAK_PW_HASH
501 if ((extended_security & CIFSSEC_MAY_PLNTXT) == 0) 509 if ((secFlags & CIFSSEC_MAY_PLNTXT) == 0)
502#endif /* CIFS_WEAK_PW_HASH */ 510#endif /* CIFS_WEAK_PW_HASH */
503 cERROR(1,("Server requests plain text password" 511 cERROR(1,("Server requests plain text password"
504 " but client support disabled")); 512 " but client support disabled"));
505 513
506 if(extended_security & CIFSSEC_MUST_NTLMV2) 514 if(secFlags & CIFSSEC_MUST_NTLMV2)
507 server->secType = NTLMv2; 515 server->secType = NTLMv2;
508 else 516 else
509 server->secType = NTLM; 517 server->secType = NTLM;