From patchwork Thu May 27 14:47:31 2010
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steven French <sfrench@us.ibm.com>
X-Patchwork-Id: 102703
Received: from lists.samba.org (fn.samba.org [216.83.154.106])
	by demeter.kernel.org (8.14.3/8.14.3) with ESMTP id o4REm6WY019925
	for <patchwork-cifs-client@patchwork.kernel.org>;
	Thu, 27 May 2010 14:48:41 GMT
Received: from fn.samba.org (localhost [127.0.0.1])
	by lists.samba.org (Postfix) with ESMTP id 42375AC2CC;
	Thu, 27 May 2010 08:48:06 -0600 (MDT)
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on fn.samba.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=3.8 tests=AWL, BAYES_00, HTML_MESSAGE,
	SPF_PASS autolearn=no version=3.2.5
X-Original-To: linux-cifs-client@lists.samba.org
Delivered-To: linux-cifs-client@lists.samba.org
Received: from e39.co.us.ibm.com (e39.co.us.ibm.com [32.97.110.160])
	by lists.samba.org (Postfix) with ESMTP id D8BDDAC066
	for <linux-cifs-client@lists.samba.org>;
	Thu, 27 May 2010 08:48:00 -0600 (MDT)
Received: from d03relay04.boulder.ibm.com (d03relay04.boulder.ibm.com
	[9.17.195.106])
	by e39.co.us.ibm.com (8.14.3/8.13.1) with ESMTP id o4REd4as001758
	for <linux-cifs-client@lists.samba.org>;
	Thu, 27 May 2010 08:39:04 -0600
Received: from d03av02.boulder.ibm.com (d03av02.boulder.ibm.com
	[9.17.195.168])
	by d03relay04.boulder.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id
	o4RElgXx086606 for <linux-cifs-client@lists.samba.org>;
	Thu, 27 May 2010 08:47:46 -0600
Received: from d03av02.boulder.ibm.com (loopback [127.0.0.1])
	by d03av02.boulder.ibm.com (8.14.3/8.13.1/NCO v10.0 AVout) with ESMTP
	id o4RElWao023862 for <linux-cifs-client@lists.samba.org>;
	Thu, 27 May 2010 08:47:32 -0600
Received: from d03nm123.boulder.ibm.com (d03nm123.boulder.ibm.com
	[9.17.195.149])
	by d03av02.boulder.ibm.com (8.14.3/8.13.1/NCO v10.0 AVin) with ESMTP
	id o4RElWnO023853; Thu, 27 May 2010 08:47:32 -0600
In-Reply-To: <1274921132-21335-1-git-send-email-scott.lovenberg@gmail.com>
References: <AANLkTiltwt3AlPW-9Uxahvt_6BCjz0onfVfWBwVuPmmo@mail.gmail.com>
	<1274921132-21335-1-git-send-email-scott.lovenberg@gmail.com>
To: Scott Lovenberg <scott.lovenberg@gmail.com>
MIME-Version: 1.0
X-KeepSent: BA0193DC:B1422D6A-87257730:00512ECD;
 type=4; name=$KeepSent
X-Mailer: Lotus Notes Release 8.5.1 September 28, 2009
Message-ID: 
 <OFBA0193DC.B1422D6A-ON87257730.00512ECD-86257730.0051415C@us.ibm.com>
From: Steven French <sfrench@us.ibm.com>
Date: Thu, 27 May 2010 09:47:31 -0500
X-MIMETrack: Serialize by Router on D03NM123/03/M/IBM(Release 8.5.1HF41 |
	October 22, 2009) at 05/27/2010 08:47:32,
	Serialize complete at 05/27/2010 08:47:32
Cc: jlayton@samba.org, linux-cifs-client@lists.samba.org
Subject: Re: [linux-cifs-client] [PATCH] cifs: move security option parsing
	to own function
X-BeenThere: linux-cifs-client@lists.samba.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: The Linux CIFS VFS client <linux-cifs-client.lists.samba.org>
List-Unsubscribe: <https://lists.samba.org/mailman/options/linux-cifs-client>,
	<mailto:linux-cifs-client-request@lists.samba.org?subject=unsubscribe>
List-Archive: <http://lists.samba.org/pipermail/linux-cifs-client>
List-Post: <mailto:linux-cifs-client@lists.samba.org>
List-Help: <mailto:linux-cifs-client-request@lists.samba.org?subject=help>
List-Subscribe: <https://lists.samba.org/mailman/listinfo/linux-cifs-client>,
	<mailto:linux-cifs-client-request@lists.samba.org?subject=subscribe>
Sender: linux-cifs-client-bounces@lists.samba.org
Errors-To: linux-cifs-client-bounces@lists.samba.org
X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by
	milter-greylist-4.2.3 (demeter.kernel.org [140.211.167.41]);
	Thu, 27 May 2010 14:48:45 +0000 (UTC)


diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index ee78b65..bf7e40c 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -972,6 +972,61 @@ extract_hostname(const char *unc)
 }
 
 static int
+cifs_parse_sec_option(char *value, struct smb_vol *vol)
+{
+                substring_t args[MAX_OPT_ARGS];
+                switch (match_token(value, cifs_sec_options, args)) {
+                case Opt_sec_krb5i:
+                                vol->secFlg |= CIFSSEC_MAY_KRB5 | 
CIFSSEC_MUST_SIGN;
+                                break;
+                case Opt_sec_krb5p:
+                                /* vol->secFlg |= CIFSSEC_MUST_SEAL | 
CIFSSEC_MAY_KRB5; */
+                                cERROR(1, "Krb5 cifs privacy not 
supported");
+                                return 1;
+                case Opt_sec_krb5:
+                                vol->secFlg |= CIFSSEC_MAY_KRB5;
+                                break;
+#ifdef CONFIG_CIFS_EXPERIMENTAL
+                case Opt_sec_ntlmsspi:
+                                vol->secFlg |= CIFSSEC_MAY_NTLMSSP | 
CIFSSEC_MUST_SIGN;
+                                break;
+                case Opt_sec_ntlmssp:
+                                vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
+                                break;
+#endif
+                case Opt_sec_ntlmv2i:
+                                vol->secFlg |= CIFSSEC_MAY_NTLMV2 | 
CIFSSEC_MUST_SIGN;
+                                break;
+                case Opt_sec_ntlmv2:
+                                vol->secFlg |= CIFSSEC_MAY_NTLMV2;
+                                break;
+                case Opt_sec_ntlmi:
+                                vol->secFlg |= CIFSSEC_MAY_NTLM | 
CIFSSEC_MUST_SIGN;
+                                break;
+                case Opt_sec_ntlm:
+                                /* ntlm is default so can be turned off 
too */
+                                vol->secFlg |= CIFSSEC_MAY_NTLM;
+                                break;
+                case Opt_sec_nontlm:
+                                /* BB is there a better way to do this? 
*/
+                                vol->secFlg |= CIFSSEC_MAY_NTLMV2;
+                                break;
+#ifdef CONFIG_CIFS_WEAK_PW_HASH
+                case Opt_sec_lanman:
+                                vol->secFlg |= CIFSSEC_MAY_LANMAN;
+                                break;
+#endif
+                case Opt_sec_none:
+                                vol->nullauth = 1;
+                                break;
+                default:
+                                cERROR(1, "bad security option: %s", 
value);