[linux-cifs-client] [PATCH] cifs: move security option parsing to own function
Steven French
sfrench at us.ibm.com
Thu May 27 08:47:31 MDT 2010
This looks fine as long as it doesn't conflict with one of Jeff's recent
patches which hit sec processing.
Steve French
Senior Software Engineer
Linux Technology Center - IBM Austin
email: sfrench at-sign us dot ibm dot com
Scott Lovenberg <scott.lovenberg at gmail.com>
05/26/2010 07:45 PM
To
linux-cifs-client at lists.samba.org
cc
jlayton at samba.org, Steven French/Austin/IBM at IBMUS, Scott Lovenberg
<scott.lovenberg at gmail.com>
Subject
[PATCH] cifs: move security option parsing to own function
Mount security options are now parsed in their own function.
Signed-off-by: Scott Lovenberg <scott.lovenberg at gmail.com>
---
fs/cifs/connect.c | 111
+++++++++++++++++++++++++++-------------------------
1 files changed, 58 insertions(+), 53 deletions(-)
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index ee78b65..bf7e40c 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -972,6 +972,61 @@ extract_hostname(const char *unc)
}
static int
+cifs_parse_sec_option(char *value, struct smb_vol *vol)
+{
+ substring_t args[MAX_OPT_ARGS];
+ switch (match_token(value, cifs_sec_options, args)) {
+ case Opt_sec_krb5i:
+ vol->secFlg |= CIFSSEC_MAY_KRB5 |
CIFSSEC_MUST_SIGN;
+ break;
+ case Opt_sec_krb5p:
+ /* vol->secFlg |= CIFSSEC_MUST_SEAL |
CIFSSEC_MAY_KRB5; */
+ cERROR(1, "Krb5 cifs privacy not
supported");
+ return 1;
+ case Opt_sec_krb5:
+ vol->secFlg |= CIFSSEC_MAY_KRB5;
+ break;
+#ifdef CONFIG_CIFS_EXPERIMENTAL
+ case Opt_sec_ntlmsspi:
+ vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
CIFSSEC_MUST_SIGN;
+ break;
+ case Opt_sec_ntlmssp:
+ vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
+ break;
+#endif
+ case Opt_sec_ntlmv2i:
+ vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
CIFSSEC_MUST_SIGN;
+ break;
+ case Opt_sec_ntlmv2:
+ vol->secFlg |= CIFSSEC_MAY_NTLMV2;
+ break;
+ case Opt_sec_ntlmi:
+ vol->secFlg |= CIFSSEC_MAY_NTLM |
CIFSSEC_MUST_SIGN;
+ break;
+ case Opt_sec_ntlm:
+ /* ntlm is default so can be turned off
too */
+ vol->secFlg |= CIFSSEC_MAY_NTLM;
+ break;
+ case Opt_sec_nontlm:
+ /* BB is there a better way to do this?
*/
+ vol->secFlg |= CIFSSEC_MAY_NTLMV2;
+ break;
+#ifdef CONFIG_CIFS_WEAK_PW_HASH
+ case Opt_sec_lanman:
+ vol->secFlg |= CIFSSEC_MAY_LANMAN;
+ break;
+#endif
+ case Opt_sec_none:
+ vol->nullauth = 1;
+ break;
+ default:
+ cERROR(1, "bad security option: %s",
value);
+ return 1;
+ }
+ return 0;
+}
+
+static int
cifs_parse_mount_options(char *options, const char *devname,
struct smb_vol *vol)
{
@@ -1158,59 +1213,9 @@ cifs_parse_mount_options(char *options, const char
*devname,
cERROR(1,
"no security value specified");
continue;
}
- switch
(match_token(value, cifs_sec_options, args)) {
- case Opt_sec_krb5i:
- vol->secFlg |= CIFSSEC_MAY_KRB5 |
- CIFSSEC_MUST_SIGN;
- break;
- case Opt_sec_krb5p:
- /*
vol->secFlg |= CIFSSEC_MUST_SEAL |
- CIFSSEC_MAY_KRB5; */
- cERROR(1,
"Krb5 cifs privacy not supported");
- return 1;
- case Opt_sec_krb5:
- vol->secFlg |= CIFSSEC_MAY_KRB5;
- break;
-#ifdef CONFIG_CIFS_EXPERIMENTAL
- case Opt_sec_ntlmsspi:
- vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
- CIFSSEC_MUST_SIGN;
- break;
- case Opt_sec_ntlmssp:
- vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
- break;
-#endif
- case Opt_sec_ntlmv2i:
- vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
- CIFSSEC_MUST_SIGN;
- break;
- case Opt_sec_ntlmv2:
- vol->secFlg |= CIFSSEC_MAY_NTLMV2;
- break;
- case Opt_sec_ntlmi:
- vol->secFlg |= CIFSSEC_MAY_NTLM |
- CIFSSEC_MUST_SIGN;
- break;
- case Opt_sec_ntlm:
- /* ntlm
is default so can be turned off too */
- vol->secFlg |= CIFSSEC_MAY_NTLM;
- break;
- case Opt_sec_nontlm:
- /* BB is
there a better way to do this? */
- vol->secFlg |= CIFSSEC_MAY_NTLMV2;
- break;
-#ifdef CONFIG_CIFS_WEAK_PW_HASH
- case Opt_sec_lanman:
- vol->secFlg |= CIFSSEC_MAY_LANMAN;
- break;
-#endif
- case Opt_sec_none:
- vol->nullauth = 1;
- break;
- default:
- cERROR(1,
"bad security option: %s", value);
- return 1;
- }
+ i =
cifs_parse_sec_option(value, vol);
+ if (i)
+ return i;
break;
/* unc || target || path */
case Opt_unc:
--
1.6.2.5
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/linux-cifs-client/attachments/20100527/0f9e35a1/attachment-0001.html>
More information about the linux-cifs-client
mailing list