[linux-cifs-client] [PATCH 0/5] cifs: add support for MSKRB5
authentication
Q (Igor Mammedov)
niallain at gmail.com
Thu Aug 21 20:13:52 GMT 2008
On Wed, Aug 20, 2008 at 11:02 PM, Jeff Layton <jlayton at redhat.com> wrote:
> On Wed, 20 Aug 2008 22:40:04 +0400
> "Q (Igor Mammedov)" <niallain at gmail.com> wrote:
>
>> On Wed, Aug 20, 2008 at 9:25 PM, Steve French <smfrench at gmail.com> wrote:
>> > Working around the broken servers by adding the 2nd OID seems a higher
>> > priority. Whether the 2nd fix (not yet written) for the MechList
>> > should be merged fast or wait till 2.6.28 depends on how big/risky it
>> > is (it is late in the 2.6.27 cycle).
>> We can do it in not synchronized way for kernel and samba if
>> cifs.upcall will support
>> fall back. This way we could push MIC support in cifs.upcall as soon
>> as it is possible
>> and when kernel supports mechListMIC, cifs.upcall will be ready for it.
>>
>
> Yes. The mechListMIC change is less dependent on synchronization
> between versions. We can change that in either place and it shouldn't
> break anything.
>
> The sec=mskrb5 change is not as forgiving. A new kernel + and older
> upcall program will not work if the server sends the MSKRB5 OID first.
> This is the reason that I don't want to back out that patch. It would
> have been nice to have that patch make samba 3.2.2, but it looks like
> we missed it...
>
> Igor, I'll plan to respin the kernel patches if you want to concentrate
> on the userspace piece. I should be able to get something ready by
> Thursday sometime...
I just try to do it now while it is still fresh and not a long forgotten.
I will post working patch to cifs.upcall by this evening using your
old patchset
for testing.
> --
> Jeff Layton <jlayton at redhat.com>
>
More information about the linux-cifs-client
mailing list