From patchwork Tue Aug 7 15:11:53 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Layton X-Patchwork-Id: 1286231 Return-Path: X-Original-To: patchwork-cifs-client@patchwork.kernel.org Delivered-To: patchwork-process-083081@patchwork2.kernel.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by patchwork2.kernel.org (Postfix) with ESMTP id 20480DF280 for ; Tue, 7 Aug 2012 15:12:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751202Ab2HGPMA (ORCPT ); Tue, 7 Aug 2012 11:12:00 -0400 Received: from mail-yx0-f174.google.com ([209.85.213.174]:40200 "EHLO mail-yx0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750737Ab2HGPL7 (ORCPT ); Tue, 7 Aug 2012 11:11:59 -0400 Received: by yenl2 with SMTP id l2so3772197yen.19 for ; Tue, 07 Aug 2012 08:11:59 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=sender:from:to:subject:date:message-id:x-mailer:x-gm-message-state; bh=qAiTnpRdEEtQWkAT+FBCvFoK7tBa/CUw2cgt7o7upzQ=; b=DdhuIgSki6k+yo2i6dpGyuJI4BD/A7boWDorBK3W8cRBvAZz5uQF8AjtS2a/yPq3M8 gjajCURgmW+c7F5Jil12yiFahuE1gkUBkhzbDNkaPtvKpeTL278RoJFyn6wsGjSoX3P5 wLWdbyqqoo6IvqB0csUbmwN96vyG/ERGnV8KEdoFj0h2qLEZq6jKHC4lCabkq/iSFtLc v0UaZAb4IEiZ70Ye1GUggbVwrdpzRsghPOBC6ChMPIozNfbSYpS7yHQFN4+pmKOICdyk MDU9AKPTwKBYgHzP+fUM+Q2TDRyzJ5QD7adTb/w9MEwKFIXc2Kd/mcgQ7q97i0JjgVBg b9PQ== Received: by 10.236.145.40 with SMTP id o28mr13799577yhj.70.1344352319366; Tue, 07 Aug 2012 08:11:59 -0700 (PDT) Received: from salusa.poochiereds.net (cpe-069-134-145-027.nc.res.rr.com. [69.134.145.27]) by mx.google.com with ESMTPS id i65sm37365528yhb.3.2012.08.07.08.11.57 (version=SSLv3 cipher=OTHER); Tue, 07 Aug 2012 08:11:58 -0700 (PDT) From: Jeff Layton To: linux-cifs@vger.kernel.org Subject: [PATCH] mount.cifs: deprecate the DOMAIN/username%password username syntax Date: Tue, 7 Aug 2012 11:11:53 -0400 Message-Id: <1344352313-8630-1-git-send-email-jlayton@samba.org> X-Mailer: git-send-email 1.7.11.2 X-Gm-Message-State: ALoCoQlkqh2+SdlL4jICHmIa+36exo7Kq4Bfhmj6hHFK7G0Xuvas5jZ4PwjxaDNEIuCnwF+gXHA8 Sender: linux-cifs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org mount.cifs has in the past allowed users to specify a username using the above syntax, which would populate the domain and password fields with the different pieces. Unfortunately, there are cases where it is legit to have a '/' in a username. krb5 SPNs generally contain a '/' and we have no clear way to distinguish between the two. I don't see any real value in keeping that syntax allowed. It's no easier than specifying "pass=" and "domain=" on the command line. Ditto for credential files. Begin the transition away from that syntax by adding a warning message that support for it will be removed in 5.9. Signed-off-by: Jeff Layton --- mount.cifs.8 | 4 +++- mount.cifs.c | 14 ++++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/mount.cifs.8 b/mount.cifs.8 index f6a66bf..b2a0936 100644 --- a/mount.cifs.8 +++ b/mount.cifs.8 @@ -56,7 +56,9 @@ user=\fIarg\fR .RS 4 specifies the username to connect as\&. If this is not given, then the environment variable \fIUSER\fR -is used\&. This option can also take the form "user%password" or "workgroup/user" or "workgroup/user%password" to allow the password and workgroup to be specified as part of the username\&. +is used\&. +.PP +Earlier versions of mount.cifs also allowed one to specify the username in a "user%password" or "workgroup/user" or "workgroup/user%password" to allow the password and workgroup to be specified as part of the username. Support for those alternate username formats is now deprecated and should no longer be used. Users should use the discrete "pass=" and "dom=" to specify the username. .if n \{\ .sp .\} diff --git a/mount.cifs.c b/mount.cifs.c index 330e528..ef5b43f 100644 --- a/mount.cifs.c +++ b/mount.cifs.c @@ -45,6 +45,7 @@ #include #include #include +#include #ifdef HAVE_SYS_FSUID_H #include #endif /* HAVE_SYS_FSUID_H */ @@ -320,15 +321,22 @@ static int set_password(struct parsed_mount_info *parsed_info, const char *src) * * ...obviously the only required component is "username". The source string * is modified in the process, but it should remain unchanged at the end. + * + * NOTE: the above syntax does not allow for usernames that have slashes in + * them, as some krb5 usernames do. Support for the above syntax will be + * removed in a later version of cifs-utils. Users should use separate options + * instead of overloading this info into the username. */ static int parse_username(char *rawuser, struct parsed_mount_info *parsed_info) { char *user, *password, slash; int rc = 0; + bool warn = false; /* everything after first % sign is a password */ password = strchr(rawuser, '%'); if (password) { + warn = true; rc = set_password(parsed_info, password + 1); if (rc) return rc; @@ -342,6 +350,7 @@ static int parse_username(char *rawuser, struct parsed_mount_info *parsed_info) /* everything before that slash is a domain */ if (user) { + warn = true; slash = *user; *user = '\0'; strlcpy(parsed_info->domain, rawuser, @@ -356,6 +365,11 @@ static int parse_username(char *rawuser, struct parsed_mount_info *parsed_info) if (password) *password = '%'; + if (warn) + fprintf(stderr, "WARNING: The DOMAIN/username%%password syntax " + "for usernames is deprecated and will be " + "removed in version 5.9 of cifs-utils.\n"); + return 0; }