Commit 6ffbb196 authored by Linus Torvalds's avatar Linus Torvalds

Merge git://

* git://
  [CIFS] Turn off Unicode during session establishment for plaintext authentication
  [CIFS] update cifs change log
  cifs: fix O_APPEND on directio mounts
  [CIFS] Fix plaintext authentication
parents 1586553b c76da9da
......@@ -9,7 +9,10 @@ files (e.g. "cp -a") to Windows servers. For mkdir and create honor setgid bit
on parent directory when server supports Unix Extensions but not POSIX
create. Update cifs.upcall version to handle new Kerberos sec flags
(this requires update of cifs.upcall program from Samba). Fix memory leak
on dns_upcall (resolving DFS referralls).
on dns_upcall (resolving DFS referralls). Fix plain text password
authentication (requires setting SecurityFlags to 0x30030 to enable
lanman and plain text though). Fix writes to be at correct offset when
file is open with O_APPEND and file is on a directio (forcediretio) mount.
Version 1.53
......@@ -542,10 +542,20 @@ SecurityFlags Flags which control security negotiation and
hashing mechanisms (as "must use") on the other hand
does not make much sense. Default flags are
(NTLM, NTLMv2 and packet signing allowed). Maximum
(NTLM, NTLMv2 and packet signing allowed). The maximum
allowable flags if you want to allow mounts to servers
using weaker password hashes is 0x37037 (lanman,
plaintext, ntlm, ntlmv2, signing allowed):
plaintext, ntlm, ntlmv2, signing allowed). Some
SecurityFlags require the corresponding menuconfig
options to be enabled (lanman and plaintext require
CONFIG_CIFS_WEAK_PW_HASH for example). Enabling
plaintext authentication currently requires also
enabling lanman authentication in the security flags
because the cifs module only supports sending
laintext passwords using the older lanman dialect
form of the session setup SMB. (e.g. for authentication
using plain text passwords, set the SecurityFlags
to 0x30030):
may use packet signing 0x00001
must use packet signing 0x01001
......@@ -294,6 +294,7 @@ void calc_lanman_hash(struct cifsSesInfo *ses, char *lnm_session_key)
if ((ses->server->secMode & SECMODE_PW_ENCRYPT) == 0)
if (extended_security & CIFSSEC_MAY_PLNTXT) {
memset(lnm_session_key, 0, CIFS_SESS_KEY_SIZE);
memcpy(lnm_session_key, password_with_pad,
......@@ -833,6 +833,10 @@ ssize_t cifs_user_write(struct file *file, const char __user *write_data,
return -EBADF;
open_file = (struct cifsFileInfo *) file->private_data;
rc = generic_write_checks(file, poffset, &write_size, 0);
if (rc)
return rc;
xid = GetXid();
if (*poffset > file->f_path.dentry->d_inode->i_size)
......@@ -409,6 +409,8 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
char lnm_session_key[CIFS_SESS_KEY_SIZE];
pSMB->req.hdr.Flags2 &= ~SMBFLG2_UNICODE;
/* no capabilities flags in old lanman negotiation */
pSMB->old_req.PasswordLength = cpu_to_le16(CIFS_SESS_KEY_SIZE);
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment