[linux-cifs-client] [PATCH 0/5] Introduction: implement SPNEGO/Kerberos in CIFS (RFC)

[Jeff Layton]

The patchset that follows is a first pass at implementing Kerberos auth
in CIFS. While this does work, it's really more of an RFC at this point
and is not ready to merge yet.

The design with this patchset is to offload SPNEGO processing to
userspace. When the kernel gets a SPNEGO blob in a Negotiate Protocol
reply, it does an upcall to userspace using the keyctl API.

The userspace program is then expected to take the info provided (which
includes the SPNEGO blob) and send back a new SPNEGO blob and a
SessionKey. The the kernel can then use the data in this key as a SPNEGO
blob in its session setup request.

With this patchset plus a hacked up version of Igor Mammedov's userspace
request-key callout program, I'm able to successfully mount a win2k3
server using kerberos auth.

The patchset depends on the patch for cifs_calc_signature2 that I posted
earlier. It also depends on a couple of keyctl patches from David
Howells that are not yet upstream.

Here's a list of known shortcomings with the current patchset:

1) The userspace request-key program is not yet complete. Simo Sorce has
volunteered to write it. I've used Igor's userspace program to test it,
but we need something a bit more robust (perhaps integrated with the
samba sources like mount.cifs is).

2) Multi-stage SPNEGO conversations are not yet implemented. I don't
think it would be too tough to add them, but it will depend somewhat on
the design of the userspace program.

3) NTLMSSP is not yet implemented. The userspace program will need to
handle that to some degree. I'm not clear on what NTLMSSP session setup
actually looks like, so for now it's not implemented.

4) multi-user mounts are not currently implemented. It's possible to do
it (and I think we'll want to) but it's really more suited to the next
phase of this project.

5) I almost certainly don't have all of the logic correct with the
CIFSSEC_MAY/MUST flags. They probably need to be fixed up for this.

Many thanks to Simo Sorce, Steve French and Igor Mammedov for guidance
and sample code on this. Comments are appreciated.

Signed-off-by: Jeff Layton <jlayton at redhat.com>