[linux-cifs-client] Re: [PATCH 2.6.18-rc4-mm3 1/2] fs/cifs:
Converting into generic boolean
Steven French
sfrench at us.ibm.com
Fri Sep 1 21:01:30 GMT 2006
Jan Engelhardt <jengelh at linux01.gwdg.de> wrote on 09/01/2006 08:19:49 AM:
> > --- a/fs/cifs/asn1.c 2006-09-01 01:24:45.000000000 +0200
> > +++ b/fs/cifs/asn1.c 2006-09-01 02:43:09.000000000 +0200
> > @@ -457,7 +457,7 @@ decode_negTokenInit(unsigned char *secur
> > unsigned char *sequence_end;
> > unsigned long *oid = NULL;
> > unsigned int cls, con, tag, oidlen, rc;
> > - int use_ntlmssp = FALSE;
> > + int use_ntlmssp = false;
>
> Should not this become 'bool use_ntlmssp'? Possibly in a later patch?
Yes, but ...
fs/cifs/asn1.c file may go away eventually . After getting most of the way
through implementation quite a while ago, I realized that it would be too
risky to rely on SPNEGO parsing in kernel (too easy to overrun buffers)
unless the kernel had dedicated asn1 library (which would be very hard)
With the help of Dave Howells, I have been experimenting with an upcall to
do the decoding of SPNEGO (letting samba libraries take care of that) -
although still allowing secure NTLMv2 (with or without NTLMSSP) to be done
in kernel as an option.
And in particular, I could imagine a tri-state (or four state) value being
appropriate for "use_ntlmssp" (not just on or off) if this were a full
implementation of this security wrapper code.
Steve French
Senior Software Engineer
Linux Technology Center - IBM Austin
phone: 512-838-2294
email: sfrench at-sign us dot ibm dot com
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the linux-cifs-client
mailing list