[linux-cifs-client] [RFC/PATCH: 2/2]: CIFS: Add kernel warning if
LanMan password length exceeds limit (try #2)
Suresh Jayaraman
sjayaraman at suse.de
Fri Jan 25 04:31:19 GMT 2008
IMHO, the weakness of LM hashes are well-known in the Security world
and this patch doesn't provide any additional information which could
pose a security risk. However, Steve, if you think it is still having
security concerns, feel free to ignore this one. I presume the
mount.cifs changes will be merged though.
Add a kernel warning if LanMan password length exceeds 14 characters.
Signed-off-by: Suresh Jayaraman <sjayaraman at suse.de>
---
fs/cifs/connect.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index fd9147c..1eabb42 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -988,6 +988,9 @@ cifs_parse_mount_options(char *options, const char *devname,
vol->secFlg |= CIFSSEC_MAY_NTLMV2;
#ifdef CONFIG_CIFS_WEAK_PW_HASH
} else if (strnicmp(value, "lanman", 6) == 0) {
+ if (strnlen(vol->password, 15) >= 15)
+ printk(KERN_WARNING "CIFS: password "
+ "longer than 14, truncated\n");
vol->secFlg |= CIFSSEC_MAY_LANMAN;
#endif
} else if (strnicmp(value, "none", 4) == 0) {
More information about the linux-cifs-client
mailing list