From patchwork Thu May 27 14:47:31 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steven French X-Patchwork-Id: 53766 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.samba.org (fn.samba.org [216.83.154.106]) by ozlabs.org (Postfix) with ESMTP id 93E34B7D1F for ; Fri, 28 May 2010 00:48:06 +1000 (EST) Received: from fn.samba.org (localhost [127.0.0.1]) by lists.samba.org (Postfix) with ESMTP id 42375AC2CC; Thu, 27 May 2010 08:48:06 -0600 (MDT) X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on fn.samba.org X-Spam-Level: X-Spam-Status: No, score=-2.1 required=3.8 tests=AWL, BAYES_00, HTML_MESSAGE, SPF_PASS autolearn=no version=3.2.5 X-Original-To: linux-cifs-client@lists.samba.org Delivered-To: linux-cifs-client@lists.samba.org Received: from e39.co.us.ibm.com (e39.co.us.ibm.com [32.97.110.160]) by lists.samba.org (Postfix) with ESMTP id D8BDDAC066 for ; Thu, 27 May 2010 08:48:00 -0600 (MDT) Received: from d03relay04.boulder.ibm.com (d03relay04.boulder.ibm.com [9.17.195.106]) by e39.co.us.ibm.com (8.14.3/8.13.1) with ESMTP id o4REd4as001758 for ; Thu, 27 May 2010 08:39:04 -0600 Received: from d03av02.boulder.ibm.com (d03av02.boulder.ibm.com [9.17.195.168]) by d03relay04.boulder.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id o4RElgXx086606 for ; Thu, 27 May 2010 08:47:46 -0600 Received: from d03av02.boulder.ibm.com (loopback [127.0.0.1]) by d03av02.boulder.ibm.com (8.14.3/8.13.1/NCO v10.0 AVout) with ESMTP id o4RElWao023862 for ; Thu, 27 May 2010 08:47:32 -0600 Received: from d03nm123.boulder.ibm.com (d03nm123.boulder.ibm.com [9.17.195.149]) by d03av02.boulder.ibm.com (8.14.3/8.13.1/NCO v10.0 AVin) with ESMTP id o4RElWnO023853; Thu, 27 May 2010 08:47:32 -0600 In-Reply-To: <1274921132-21335-1-git-send-email-scott.lovenberg@gmail.com> References: <1274921132-21335-1-git-send-email-scott.lovenberg@gmail.com> To: Scott Lovenberg MIME-Version: 1.0 X-KeepSent: BA0193DC:B1422D6A-87257730:00512ECD; type=4; name=$KeepSent X-Mailer: Lotus Notes Release 8.5.1 September 28, 2009 Message-ID: From: Steven French Date: Thu, 27 May 2010 09:47:31 -0500 X-MIMETrack: Serialize by Router on D03NM123/03/M/IBM(Release 8.5.1HF41 | October 22, 2009) at 05/27/2010 08:47:32, Serialize complete at 05/27/2010 08:47:32 Cc: jlayton@samba.org, linux-cifs-client@lists.samba.org Subject: Re: [linux-cifs-client] [PATCH] cifs: move security option parsing to own function X-BeenThere: linux-cifs-client@lists.samba.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: The Linux CIFS VFS client List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-cifs-client-bounces@lists.samba.org Errors-To: linux-cifs-client-bounces@lists.samba.org This looks fine as long as it doesn't conflict with one of Jeff's recent patches which hit sec processing. Steve French Senior Software Engineer Linux Technology Center - IBM Austin email: sfrench at-sign us dot ibm dot com Scott Lovenberg 05/26/2010 07:45 PM To linux-cifs-client@lists.samba.org cc jlayton@samba.org, Steven French/Austin/IBM@IBMUS, Scott Lovenberg Subject [PATCH] cifs: move security option parsing to own function Mount security options are now parsed in their own function. Signed-off-by: Scott Lovenberg --- fs/cifs/connect.c | 111 +++++++++++++++++++++++++++------------------------- 1 files changed, 58 insertions(+), 53 deletions(-) + return 1; + } + return 0; +} + +static int cifs_parse_mount_options(char *options, const char *devname, struct smb_vol *vol) { @@ -1158,59 +1213,9 @@ cifs_parse_mount_options(char *options, const char *devname, cERROR(1, "no security value specified"); continue; } - switch (match_token(value, cifs_sec_options, args)) { - case Opt_sec_krb5i: - vol->secFlg |= CIFSSEC_MAY_KRB5 | - CIFSSEC_MUST_SIGN; - break; - case Opt_sec_krb5p: - /* vol->secFlg |= CIFSSEC_MUST_SEAL | - CIFSSEC_MAY_KRB5; */ - cERROR(1, "Krb5 cifs privacy not supported"); - return 1; - case Opt_sec_krb5: - vol->secFlg |= CIFSSEC_MAY_KRB5; - break; -#ifdef CONFIG_CIFS_EXPERIMENTAL - case Opt_sec_ntlmsspi: - vol->secFlg |= CIFSSEC_MAY_NTLMSSP | - CIFSSEC_MUST_SIGN; - break; - case Opt_sec_ntlmssp: - vol->secFlg |= CIFSSEC_MAY_NTLMSSP; - break; -#endif - case Opt_sec_ntlmv2i: - vol->secFlg |= CIFSSEC_MAY_NTLMV2 | - CIFSSEC_MUST_SIGN; - break; - case Opt_sec_ntlmv2: - vol->secFlg |= CIFSSEC_MAY_NTLMV2; - break; - case Opt_sec_ntlmi: - vol->secFlg |= CIFSSEC_MAY_NTLM | - CIFSSEC_MUST_SIGN; - break; - case Opt_sec_ntlm: - /* ntlm is default so can be turned off too */ - vol->secFlg |= CIFSSEC_MAY_NTLM; - break; - case Opt_sec_nontlm: - /* BB is there a better way to do this? */ - vol->secFlg |= CIFSSEC_MAY_NTLMV2; - break; -#ifdef CONFIG_CIFS_WEAK_PW_HASH - case Opt_sec_lanman: - vol->secFlg |= CIFSSEC_MAY_LANMAN; - break; -#endif - case Opt_sec_none: - vol->nullauth = 1; - break; - default: - cERROR(1, "bad security option: %s", value); - return 1; - } + i = cifs_parse_sec_option(value, vol); + if (i) + return i; break; /* unc || target || path */ case Opt_unc: diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index ee78b65..bf7e40c 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -972,6 +972,61 @@ extract_hostname(const char *unc) } static int +cifs_parse_sec_option(char *value, struct smb_vol *vol) +{ + substring_t args[MAX_OPT_ARGS]; + switch (match_token(value, cifs_sec_options, args)) { + case Opt_sec_krb5i: + vol->secFlg |= CIFSSEC_MAY_KRB5 | CIFSSEC_MUST_SIGN; + break; + case Opt_sec_krb5p: + /* vol->secFlg |= CIFSSEC_MUST_SEAL | CIFSSEC_MAY_KRB5; */ + cERROR(1, "Krb5 cifs privacy not supported"); + return 1; + case Opt_sec_krb5: + vol->secFlg |= CIFSSEC_MAY_KRB5; + break; +#ifdef CONFIG_CIFS_EXPERIMENTAL + case Opt_sec_ntlmsspi: + vol->secFlg |= CIFSSEC_MAY_NTLMSSP | CIFSSEC_MUST_SIGN; + break; + case Opt_sec_ntlmssp: + vol->secFlg |= CIFSSEC_MAY_NTLMSSP; + break; +#endif + case Opt_sec_ntlmv2i: + vol->secFlg |= CIFSSEC_MAY_NTLMV2 | CIFSSEC_MUST_SIGN; + break; + case Opt_sec_ntlmv2: + vol->secFlg |= CIFSSEC_MAY_NTLMV2; + break; + case Opt_sec_ntlmi: + vol->secFlg |= CIFSSEC_MAY_NTLM | CIFSSEC_MUST_SIGN; + break; + case Opt_sec_ntlm: + /* ntlm is default so can be turned off too */ + vol->secFlg |= CIFSSEC_MAY_NTLM; + break; + case Opt_sec_nontlm: + /* BB is there a better way to do this? */ + vol->secFlg |= CIFSSEC_MAY_NTLMV2; + break; +#ifdef CONFIG_CIFS_WEAK_PW_HASH + case Opt_sec_lanman: + vol->secFlg |= CIFSSEC_MAY_LANMAN; + break; +#endif + case Opt_sec_none: + vol->nullauth = 1; + break; + default: + cERROR(1, "bad security option: %s", value);