[linux-cifs-client] Re: [PATCH 0/6] Introduction: implement
SPNEGO/Kerberos in CIFS (try #3)
Jeff Layton
jlayton at redhat.com
Fri Nov 2 16:21:17 GMT 2007
On Fri, 2 Nov 2007 11:12:40 -0500
"Steve French" <smfrench at gmail.com> wrote:
> This is excellent work (from the three of you in particular). Thank
> you.
>
> Due to the desire by akpm and others to finally deprecate smbfs,
> perhaps we should push these upstream (albeit as experimental) during
> the end of this release cycle (instead of waiting for 2.6.25) unless I
> find problems in the code review, but I do want to go through each of
> these carefully and check them in one at a time.
>
I'd like Igor, in particular, to review this before we commit it, but I
think it's pretty close.
The one thing I have not carefully checked is whether this leaves the
tree cleanly bisectable. So it may need another respin if we think
that'll be an issue.
> On 11/2/07, Jeff Layton <jlayton at redhat.com> wrote:
> > This try #3 of the patchset to implement krb5 mounts with CIFS. This
> > is essentially the same patchset as #2, but has a few small
> > cleanups and I've changed the upcall/downcall format to be better
> > suited to the current design.
> >
> > At this point, I think this is pretty close to being ready for
> > commit. I think I've got the #define's done well enough that this
> > should have little effect on anyone who doesn't have
> > CONFIG_CIFS_UPCALL set. Getting this committed may help move along
> > development on the userspace piece.
> >
> > Again, the list of to-do's:
> >
> > 1) The userspace request-key program is not yet complete. Igor and
> > Simo Sorce have volunteered to write it. I've used Igor's userspace
> > program to test it, but it needs some work (primarily work on
> > having it deal with different UID's). I can envision this being
> > part of the samba tree. smbclient needs to roll up SPNEGO blobs
> > too, so it seems like that code could be shared. I'll defer that
> > decision to those who are writing the program, though...
> >
> > 2) Multi-stage SPNEGO conversations are not yet implemented. It
> > shouldn't be too tough to add them, but as of today, I'm not clear
> > on what they actually look like on the wire. Particularly, I don't
> > know what the SMB status field will look like. So for now, if
> > multi-stage SPNEGO is needed, the mount will probably fail. If
> > someone is able to trigger this and can provide captures or info
> > about it, then we should be able to get that added.
> >
> > 3) multi-user mounts are not currently implemented. I've been
> > chatting with Steve about the best scheme for handling them, so for
> > now, things are pretty much still single-user.
> >
> > Many thanks to Simo Sorce, Steve French and Igor Mammedov for
> > guidance and sample code on this. Comments are appreciated.
> >
> > Signed-off-by: Jeff Layton <jlayton at redhat.com>
> >
> >
>
>
--
Jeff Layton <jlayton at redhat.com>
More information about the linux-cifs-client
mailing list