Patchwork cifs: move security option parsing to own function

login
register
mail settings
Submitter Steven French
Date May 27, 2010, 2:47 p.m.
Message ID <OFBA0193DC.B1422D6A-ON87257730.00512ECD-86257730.0051415C@us.ibm.com>
Download mbox | patch
Permalink /patch/53766/
State New
Headers show

Comments

Steven French - May 27, 2010, 2:47 p.m.
This looks fine as long as it doesn't conflict with one of Jeff's recent 
patches which hit sec processing.


Steve French
Senior Software Engineer
Linux Technology Center - IBM Austin
email: sfrench at-sign us dot ibm dot com



Scott Lovenberg <scott.lovenberg@gmail.com> 
05/26/2010 07:45 PM

To
linux-cifs-client@lists.samba.org
cc
jlayton@samba.org, Steven French/Austin/IBM@IBMUS, Scott Lovenberg 
<scott.lovenberg@gmail.com>
Subject
[PATCH] cifs: move security option parsing to own function






Mount security options are now parsed in their own function.

Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
---
 fs/cifs/connect.c |  111 
+++++++++++++++++++++++++++-------------------------
 1 files changed, 58 insertions(+), 53 deletions(-)

+                                return 1;
+                }
+                return 0;
+}
+
+static int
 cifs_parse_mount_options(char *options, const char *devname,
                                                  struct smb_vol *vol)
 {
@@ -1158,59 +1213,9 @@ cifs_parse_mount_options(char *options, const char 
*devname,
                                                                 cERROR(1, 
"no security value specified");
                                                                 continue;
                                                 }
-                                                switch 
(match_token(value, cifs_sec_options, args)) {
-                                                case Opt_sec_krb5i:
- vol->secFlg |= CIFSSEC_MAY_KRB5 |
-  CIFSSEC_MUST_SIGN;
-                                                                break;
-                                                case Opt_sec_krb5p:
-                                                                /* 
vol->secFlg |= CIFSSEC_MUST_SEAL |
-  CIFSSEC_MAY_KRB5; */
-                                                                cERROR(1, 
"Krb5 cifs privacy not supported");
-                                                                return 1;
-                                                case Opt_sec_krb5:
- vol->secFlg |= CIFSSEC_MAY_KRB5;
-                                                                break;
-#ifdef CONFIG_CIFS_EXPERIMENTAL
-                                                case Opt_sec_ntlmsspi:
- vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
-  CIFSSEC_MUST_SIGN;
-                                                                break;
-                                                case Opt_sec_ntlmssp:
- vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
-                                                                break;
-#endif
-                                                case Opt_sec_ntlmv2i:
- vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
-  CIFSSEC_MUST_SIGN;
-                                                                break;
-                                                case Opt_sec_ntlmv2:
- vol->secFlg |= CIFSSEC_MAY_NTLMV2;
-                                                                break;
-                                                case Opt_sec_ntlmi:
- vol->secFlg |= CIFSSEC_MAY_NTLM |
-  CIFSSEC_MUST_SIGN;
-                                                                break;
-                                                case Opt_sec_ntlm:
-                                                                /* ntlm 
is default so can be turned off too */
- vol->secFlg |= CIFSSEC_MAY_NTLM;
-                                                                break;
-                                                case Opt_sec_nontlm:
-                                                                /* BB is 
there a better way to do this? */
- vol->secFlg |= CIFSSEC_MAY_NTLMV2;
-                                                                break;
-#ifdef CONFIG_CIFS_WEAK_PW_HASH
-                                                case Opt_sec_lanman:
- vol->secFlg |= CIFSSEC_MAY_LANMAN;
-                                                                break;
-#endif
-                                                case Opt_sec_none:
- vol->nullauth = 1;
-                                                                break;
-                                                default:
-                                                                cERROR(1, 
"bad security option: %s", value);
-                                                                return 1;
-                                                }
+                                                i = 
cifs_parse_sec_option(value, vol);
+                                                if (i)
+                                                                return i;
                                                 break;
                                 /* unc || target || path */
                                 case Opt_unc:
Jeff Layton - May 27, 2010, 8:38 p.m.
On Thu, 27 May 2010 09:47:31 -0500
Steven French <sfrench@us.ibm.com> wrote:

> This looks fine as long as it doesn't conflict with one of Jeff's recent 
> patches which hit sec processing.
> 
> 

I'm respinning the ones you haven't already taken, so if they conflict
I'll fix them in the respin.

Cheers,

Patch

diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index ee78b65..bf7e40c 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -972,6 +972,61 @@  extract_hostname(const char *unc)
 }
 
 static int
+cifs_parse_sec_option(char *value, struct smb_vol *vol)
+{
+                substring_t args[MAX_OPT_ARGS];
+                switch (match_token(value, cifs_sec_options, args)) {
+                case Opt_sec_krb5i:
+                                vol->secFlg |= CIFSSEC_MAY_KRB5 | 
CIFSSEC_MUST_SIGN;
+                                break;
+                case Opt_sec_krb5p:
+                                /* vol->secFlg |= CIFSSEC_MUST_SEAL | 
CIFSSEC_MAY_KRB5; */
+                                cERROR(1, "Krb5 cifs privacy not 
supported");
+                                return 1;
+                case Opt_sec_krb5:
+                                vol->secFlg |= CIFSSEC_MAY_KRB5;
+                                break;
+#ifdef CONFIG_CIFS_EXPERIMENTAL
+                case Opt_sec_ntlmsspi:
+                                vol->secFlg |= CIFSSEC_MAY_NTLMSSP | 
CIFSSEC_MUST_SIGN;
+                                break;
+                case Opt_sec_ntlmssp:
+                                vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
+                                break;
+#endif
+                case Opt_sec_ntlmv2i:
+                                vol->secFlg |= CIFSSEC_MAY_NTLMV2 | 
CIFSSEC_MUST_SIGN;
+                                break;
+                case Opt_sec_ntlmv2:
+                                vol->secFlg |= CIFSSEC_MAY_NTLMV2;
+                                break;
+                case Opt_sec_ntlmi:
+                                vol->secFlg |= CIFSSEC_MAY_NTLM | 
CIFSSEC_MUST_SIGN;
+                                break;
+                case Opt_sec_ntlm:
+                                /* ntlm is default so can be turned off 
too */
+                                vol->secFlg |= CIFSSEC_MAY_NTLM;
+                                break;
+                case Opt_sec_nontlm:
+                                /* BB is there a better way to do this? 
*/
+                                vol->secFlg |= CIFSSEC_MAY_NTLMV2;
+                                break;
+#ifdef CONFIG_CIFS_WEAK_PW_HASH
+                case Opt_sec_lanman:
+                                vol->secFlg |= CIFSSEC_MAY_LANMAN;
+                                break;
+#endif
+                case Opt_sec_none:
+                                vol->nullauth = 1;
+                                break;
+                default:
+                                cERROR(1, "bad security option: %s", 
value);