Loading fs/cifs/CHANGES +4 −1 Original line number Diff line number Diff line Loading @@ -9,7 +9,10 @@ files (e.g. "cp -a") to Windows servers. For mkdir and create honor setgid bit on parent directory when server supports Unix Extensions but not POSIX create. Update cifs.upcall version to handle new Kerberos sec flags (this requires update of cifs.upcall program from Samba). Fix memory leak on dns_upcall (resolving DFS referralls). on dns_upcall (resolving DFS referralls). Fix plain text password authentication (requires setting SecurityFlags to 0x30030 to enable lanman and plain text though). Fix writes to be at correct offset when file is open with O_APPEND and file is on a directio (forcediretio) mount. Version 1.53 ------------ Loading fs/cifs/README +12 −2 Original line number Diff line number Diff line Loading @@ -542,10 +542,20 @@ SecurityFlags Flags which control security negotiation and hashing mechanisms (as "must use") on the other hand does not make much sense. Default flags are 0x07007 (NTLM, NTLMv2 and packet signing allowed). Maximum (NTLM, NTLMv2 and packet signing allowed). The maximum allowable flags if you want to allow mounts to servers using weaker password hashes is 0x37037 (lanman, plaintext, ntlm, ntlmv2, signing allowed): plaintext, ntlm, ntlmv2, signing allowed). Some SecurityFlags require the corresponding menuconfig options to be enabled (lanman and plaintext require CONFIG_CIFS_WEAK_PW_HASH for example). Enabling plaintext authentication currently requires also enabling lanman authentication in the security flags because the cifs module only supports sending laintext passwords using the older lanman dialect form of the session setup SMB. (e.g. for authentication using plain text passwords, set the SecurityFlags to 0x30030): may use packet signing 0x00001 must use packet signing 0x01001 Loading Loading
fs/cifs/CHANGES +4 −1 Original line number Diff line number Diff line Loading @@ -9,7 +9,10 @@ files (e.g. "cp -a") to Windows servers. For mkdir and create honor setgid bit on parent directory when server supports Unix Extensions but not POSIX create. Update cifs.upcall version to handle new Kerberos sec flags (this requires update of cifs.upcall program from Samba). Fix memory leak on dns_upcall (resolving DFS referralls). on dns_upcall (resolving DFS referralls). Fix plain text password authentication (requires setting SecurityFlags to 0x30030 to enable lanman and plain text though). Fix writes to be at correct offset when file is open with O_APPEND and file is on a directio (forcediretio) mount. Version 1.53 ------------ Loading
fs/cifs/README +12 −2 Original line number Diff line number Diff line Loading @@ -542,10 +542,20 @@ SecurityFlags Flags which control security negotiation and hashing mechanisms (as "must use") on the other hand does not make much sense. Default flags are 0x07007 (NTLM, NTLMv2 and packet signing allowed). Maximum (NTLM, NTLMv2 and packet signing allowed). The maximum allowable flags if you want to allow mounts to servers using weaker password hashes is 0x37037 (lanman, plaintext, ntlm, ntlmv2, signing allowed): plaintext, ntlm, ntlmv2, signing allowed). Some SecurityFlags require the corresponding menuconfig options to be enabled (lanman and plaintext require CONFIG_CIFS_WEAK_PW_HASH for example). Enabling plaintext authentication currently requires also enabling lanman authentication in the security flags because the cifs module only supports sending laintext passwords using the older lanman dialect form of the session setup SMB. (e.g. for authentication using plain text passwords, set the SecurityFlags to 0x30030): may use packet signing 0x00001 must use packet signing 0x01001 Loading
Steve French <sfrench@us.ibm.com>Steve French <sfrench@us.ibm.com>