[linux-cifs-client] [PATCH] cifs: move security option parsing to own function

Steven French sfrench at us.ibm.com
Thu May 27 08:47:31 MDT 2010


This looks fine as long as it doesn't conflict with one of Jeff's recent 
patches which hit sec processing.


Steve French
Senior Software Engineer
Linux Technology Center - IBM Austin
email: sfrench at-sign us dot ibm dot com



Scott Lovenberg <scott.lovenberg at gmail.com> 
05/26/2010 07:45 PM

To
linux-cifs-client at lists.samba.org
cc
jlayton at samba.org, Steven French/Austin/IBM at IBMUS, Scott Lovenberg 
<scott.lovenberg at gmail.com>
Subject
[PATCH] cifs: move security option parsing to own function






Mount security options are now parsed in their own function.

Signed-off-by: Scott Lovenberg <scott.lovenberg at gmail.com>
---
 fs/cifs/connect.c |  111 
+++++++++++++++++++++++++++-------------------------
 1 files changed, 58 insertions(+), 53 deletions(-)

diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index ee78b65..bf7e40c 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -972,6 +972,61 @@ extract_hostname(const char *unc)
 }
 
 static int
+cifs_parse_sec_option(char *value, struct smb_vol *vol)
+{
+                substring_t args[MAX_OPT_ARGS];
+                switch (match_token(value, cifs_sec_options, args)) {
+                case Opt_sec_krb5i:
+                                vol->secFlg |= CIFSSEC_MAY_KRB5 | 
CIFSSEC_MUST_SIGN;
+                                break;
+                case Opt_sec_krb5p:
+                                /* vol->secFlg |= CIFSSEC_MUST_SEAL | 
CIFSSEC_MAY_KRB5; */
+                                cERROR(1, "Krb5 cifs privacy not 
supported");
+                                return 1;
+                case Opt_sec_krb5:
+                                vol->secFlg |= CIFSSEC_MAY_KRB5;
+                                break;
+#ifdef CONFIG_CIFS_EXPERIMENTAL
+                case Opt_sec_ntlmsspi:
+                                vol->secFlg |= CIFSSEC_MAY_NTLMSSP | 
CIFSSEC_MUST_SIGN;
+                                break;
+                case Opt_sec_ntlmssp:
+                                vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
+                                break;
+#endif
+                case Opt_sec_ntlmv2i:
+                                vol->secFlg |= CIFSSEC_MAY_NTLMV2 | 
CIFSSEC_MUST_SIGN;
+                                break;
+                case Opt_sec_ntlmv2:
+                                vol->secFlg |= CIFSSEC_MAY_NTLMV2;
+                                break;
+                case Opt_sec_ntlmi:
+                                vol->secFlg |= CIFSSEC_MAY_NTLM | 
CIFSSEC_MUST_SIGN;
+                                break;
+                case Opt_sec_ntlm:
+                                /* ntlm is default so can be turned off 
too */
+                                vol->secFlg |= CIFSSEC_MAY_NTLM;
+                                break;
+                case Opt_sec_nontlm:
+                                /* BB is there a better way to do this? 
*/
+                                vol->secFlg |= CIFSSEC_MAY_NTLMV2;
+                                break;
+#ifdef CONFIG_CIFS_WEAK_PW_HASH
+                case Opt_sec_lanman:
+                                vol->secFlg |= CIFSSEC_MAY_LANMAN;
+                                break;
+#endif
+                case Opt_sec_none:
+                                vol->nullauth = 1;
+                                break;
+                default:
+                                cERROR(1, "bad security option: %s", 
value);
+                                return 1;
+                }
+                return 0;
+}
+
+static int
 cifs_parse_mount_options(char *options, const char *devname,
                                                  struct smb_vol *vol)
 {
@@ -1158,59 +1213,9 @@ cifs_parse_mount_options(char *options, const char 
*devname,
                                                                 cERROR(1, 
"no security value specified");
                                                                 continue;
                                                 }
-                                                switch 
(match_token(value, cifs_sec_options, args)) {
-                                                case Opt_sec_krb5i:
- vol->secFlg |= CIFSSEC_MAY_KRB5 |
-  CIFSSEC_MUST_SIGN;
-                                                                break;
-                                                case Opt_sec_krb5p:
-                                                                /* 
vol->secFlg |= CIFSSEC_MUST_SEAL |
-  CIFSSEC_MAY_KRB5; */
-                                                                cERROR(1, 
"Krb5 cifs privacy not supported");
-                                                                return 1;
-                                                case Opt_sec_krb5:
- vol->secFlg |= CIFSSEC_MAY_KRB5;
-                                                                break;
-#ifdef CONFIG_CIFS_EXPERIMENTAL
-                                                case Opt_sec_ntlmsspi:
- vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
-  CIFSSEC_MUST_SIGN;
-                                                                break;
-                                                case Opt_sec_ntlmssp:
- vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
-                                                                break;
-#endif
-                                                case Opt_sec_ntlmv2i:
- vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
-  CIFSSEC_MUST_SIGN;
-                                                                break;
-                                                case Opt_sec_ntlmv2:
- vol->secFlg |= CIFSSEC_MAY_NTLMV2;
-                                                                break;
-                                                case Opt_sec_ntlmi:
- vol->secFlg |= CIFSSEC_MAY_NTLM |
-  CIFSSEC_MUST_SIGN;
-                                                                break;
-                                                case Opt_sec_ntlm:
-                                                                /* ntlm 
is default so can be turned off too */
- vol->secFlg |= CIFSSEC_MAY_NTLM;
-                                                                break;
-                                                case Opt_sec_nontlm:
-                                                                /* BB is 
there a better way to do this? */
- vol->secFlg |= CIFSSEC_MAY_NTLMV2;
-                                                                break;
-#ifdef CONFIG_CIFS_WEAK_PW_HASH
-                                                case Opt_sec_lanman:
- vol->secFlg |= CIFSSEC_MAY_LANMAN;
-                                                                break;
-#endif
-                                                case Opt_sec_none:
- vol->nullauth = 1;
-                                                                break;
-                                                default:
-                                                                cERROR(1, 
"bad security option: %s", value);
-                                                                return 1;
-                                                }
+                                                i = 
cifs_parse_sec_option(value, vol);
+                                                if (i)
+                                                                return i;
                                                 break;
                                 /* unc || target || path */
                                 case Opt_unc:
-- 
1.6.2.5


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/linux-cifs-client/attachments/20100527/0f9e35a1/attachment-0001.html>


More information about the linux-cifs-client mailing list