diff options
Diffstat (limited to 'fs/cifs/cifssmb.c')
| -rw-r--r-- | fs/cifs/cifssmb.c | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 38f83db20764..de405bfb67d2 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c | |||
| @@ -396,6 +396,7 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) | |||
| 396 | int i; | 396 | int i; |
| 397 | struct TCP_Server_Info * server; | 397 | struct TCP_Server_Info * server; |
| 398 | u16 count; | 398 | u16 count; |
| 399 | unsigned int secFlags; | ||
| 399 | 400 | ||
| 400 | if(ses->server) | 401 | if(ses->server) |
| 401 | server = ses->server; | 402 | server = ses->server; |
| @@ -407,9 +408,16 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) | |||
| 407 | (void **) &pSMB, (void **) &pSMBr); | 408 | (void **) &pSMB, (void **) &pSMBr); |
| 408 | if (rc) | 409 | if (rc) |
| 409 | return rc; | 410 | return rc; |
| 411 | |||
| 412 | /* if any of auth flags (ie not sign or seal) are overriden use them */ | ||
| 413 | if(ses->overrideSecFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL))) | ||
| 414 | secFlags = ses->overrideSecFlg; | ||
| 415 | else /* if override flags set only sign/seal OR them with global auth */ | ||
| 416 | secFlags = extended_security | ses->overrideSecFlg; | ||
| 417 | |||
| 410 | pSMB->hdr.Mid = GetNextMid(server); | 418 | pSMB->hdr.Mid = GetNextMid(server); |
| 411 | pSMB->hdr.Flags2 |= SMBFLG2_UNICODE; | 419 | pSMB->hdr.Flags2 |= SMBFLG2_UNICODE; |
| 412 | if((extended_security & CIFSSEC_MUST_KRB5) == CIFSSEC_MUST_KRB5) | 420 | if((secFlags & CIFSSEC_MUST_KRB5) == CIFSSEC_MUST_KRB5) |
| 413 | pSMB->hdr.Flags2 |= SMBFLG2_EXT_SEC; | 421 | pSMB->hdr.Flags2 |= SMBFLG2_EXT_SEC; |
| 414 | 422 | ||
| 415 | count = 0; | 423 | count = 0; |
| @@ -439,8 +447,8 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) | |||
| 439 | && (pSMBr->DialectIndex == LANMAN_PROT)) { | 447 | && (pSMBr->DialectIndex == LANMAN_PROT)) { |
| 440 | struct lanman_neg_rsp * rsp = (struct lanman_neg_rsp *)pSMBr; | 448 | struct lanman_neg_rsp * rsp = (struct lanman_neg_rsp *)pSMBr; |
| 441 | 449 | ||
| 442 | if((extended_security & CIFSSEC_MAY_LANMAN) || | 450 | if((secFlags & CIFSSEC_MAY_LANMAN) || |
| 443 | (extended_security & CIFSSEC_MAY_PLNTXT)) | 451 | (secFlags & CIFSSEC_MAY_PLNTXT)) |
| 444 | server->secType = LANMAN; | 452 | server->secType = LANMAN; |
| 445 | else { | 453 | else { |
| 446 | cERROR(1, ("mount failed weak security disabled" | 454 | cERROR(1, ("mount failed weak security disabled" |
| @@ -498,12 +506,12 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses) | |||
| 498 | 506 | ||
| 499 | if((server->secMode & SECMODE_PW_ENCRYPT) == 0) | 507 | if((server->secMode & SECMODE_PW_ENCRYPT) == 0) |
| 500 | #ifdef CONFIG_CIFS_WEAK_PW_HASH | 508 | #ifdef CONFIG_CIFS_WEAK_PW_HASH |
| 501 | if ((extended_security & CIFSSEC_MAY_PLNTXT) == 0) | 509 | if ((secFlags & CIFSSEC_MAY_PLNTXT) == 0) |
| 502 | #endif /* CIFS_WEAK_PW_HASH */ | 510 | #endif /* CIFS_WEAK_PW_HASH */ |
| 503 | cERROR(1,("Server requests plain text password" | 511 | cERROR(1,("Server requests plain text password" |
| 504 | " but client support disabled")); | 512 | " but client support disabled")); |
| 505 | 513 | ||
| 506 | if(extended_security & CIFSSEC_MUST_NTLMV2) | 514 | if(secFlags & CIFSSEC_MUST_NTLMV2) |
| 507 | server->secType = NTLMv2; | 515 | server->secType = NTLMv2; |
| 508 | else | 516 | else |
| 509 | server->secType = NTLM; | 517 | server->secType = NTLM; |