Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
cloud-kernel
提交
bf820679
cloud-kernel
项目概览
openanolis
/
cloud-kernel
大约 1 年 前同步成功
通知
158
Star
36
Fork
7
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
10
列表
看板
标记
里程碑
合并请求
2
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
cloud-kernel
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
10
Issue
10
列表
看板
标记
里程碑
合并请求
2
合并请求
2
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
bf820679
编写于
12月 01, 2005
作者:
S
Steve French
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
[CIFS] Kerberos and CIFS ACL support part 1
Signed-off-by:
N
Steve French
<
sfrench@us.ibm.com
>
上级
83451879
变更
4
显示空白变更内容
内联
并排
Showing
4 changed file
with
94 addition
and
9 deletion
+94
-9
fs/cifs/README
fs/cifs/README
+11
-1
fs/cifs/cifsacl.h
fs/cifs/cifsacl.h
+36
-0
fs/cifs/cifspdu.h
fs/cifs/cifspdu.h
+1
-1
fs/cifs/connect.c
fs/cifs/connect.c
+46
-7
未找到文件。
fs/cifs/README
浏览文件 @
bf820679
...
...
@@ -436,6 +436,16 @@ A partial list of the supported mount options follows:
SFU does). In the future the bottom 9 bits of the mode
mode also will be emulated using queries of the security
descriptor (ACL).
sec Security mode. Allowed values are:
none attempt to connection as a null user (no name)
krb5 Use Kerberos version 5 authentication
krb5i Use Kerberos authentication and packet signing
ntlm Use NTLM password hashing (default)
ntlmi Use NTLM password hashing with signing (if
/proc/fs/cifs/PacketSigningEnabled on or if
server requires signing also can be the default)
ntlmv2 Use NTLMv2 password hashing
ntlmv2i Use NTLMv2 password hashing with packet signing
The mount.cifs mount helper also accepts a few mount options before -o
including:
...
...
fs/cifs/cifsacl.h
0 → 100644
浏览文件 @
bf820679
/*
* fs/cifs/cifsacl.h
*
* Copyright (c) International Business Machines Corp., 2005
* Author(s): Steve French (sfrench@us.ibm.com)
*
* This library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published
* by the Free Software Foundation; either version 2.1 of the License, or
* (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
* the GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#ifndef _CIFSACL_H
#define _CIFSACL_H
struct
cifs_sid
{
__u8
revision
;
/* revision level */
__u8
num_subauths
;
__u8
authority
[
6
];
__u8
sub_auth
[
4
];
/* next sub_auth if any ... */
}
__attribute__
((
packed
));
/* everyone */
const
cifs_sid
sid_everyone
=
{
1
,
1
,
{
0
,
0
,
0
,
0
,
0
,
0
},
{
0
,
0
,
0
,
0
}};
/* group users */
const
cifs_sid
sid_user
=
{
1
,
2
,
{
0
,
0
,
0
,
0
,
0
,
5
},
{
32
,
545
,
0
,
0
}};
fs/cifs/cifspdu.h
浏览文件 @
bf820679
/*
* fs/cifs/cifspdu.h
*
* Copyright (c) International Business Machines Corp., 2002
* Copyright (c) International Business Machines Corp., 2002
,2005
* Author(s): Steve French (sfrench@us.ibm.com)
*
* This library is free software; you can redistribute it and/or modify
...
...
fs/cifs/connect.c
浏览文件 @
bf820679
...
...
@@ -82,6 +82,12 @@ struct smb_vol {
unsigned
remap
:
1
;
/* set to remap seven reserved chars in filenames */
unsigned
posix_paths
:
1
;
/* unset to not ask for posix pathnames. */
unsigned
sfu_emul
:
1
;
unsigned
krb5
:
1
;
unsigned
ntlm
:
1
;
unsigned
ntlmv2
:
1
;
unsigned
nullauth
:
1
;
/* attempt to authenticate with null user */
unsigned
sign
:
1
;
unsigned
seal
:
1
;
/* encrypt */
unsigned
nocase
;
/* request case insensitive filenames */
unsigned
nobrl
;
/* disable sending byte range locks to srv */
unsigned
int
rsize
;
...
...
@@ -777,7 +783,7 @@ cifs_parse_mount_options(char *options, const char *devname,struct smb_vol *vol)
/* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
vol
->
rw
=
TRUE
;
vol
->
ntlm
=
TRUE
;
/* default is always to request posix paths. */
vol
->
posix_paths
=
1
;
...
...
@@ -903,6 +909,39 @@ cifs_parse_mount_options(char *options, const char *devname,struct smb_vol *vol)
printk
(
KERN_WARNING
"CIFS: ip address too long
\n
"
);
return
1
;
}
}
else
if
(
strnicmp
(
data
,
"sec"
,
3
)
==
0
)
{
if
(
!
value
||
!*
value
)
{
cERROR
(
1
,(
"no security value specified"
));
continue
;
}
else
if
(
strnicmp
(
value
,
"krb5i"
,
5
)
==
0
)
{
vol
->
sign
=
1
;
vol
->
krb5
=
1
;
}
else
if
(
strnicmp
(
value
,
"krb5p"
,
5
)
==
0
)
{
/* vol->seal = 1;
vol->krb5 = 1; */
cERROR
(
1
,(
"Krb5 cifs privacy not supported"
));
return
1
;
}
else
if
(
strnicmp
(
value
,
"krb5"
,
4
)
==
0
)
{
vol
->
krb5
=
1
;
}
else
if
(
strnicmp
(
value
,
"ntlmv2i"
,
7
)
==
0
)
{
vol
->
ntlmv2
=
1
;
vol
->
sign
=
1
;
}
else
if
(
strnicmp
(
value
,
"ntlmv2"
,
6
)
==
0
)
{
vol
->
ntlmv2
=
1
;
}
else
if
(
strnicmp
(
value
,
"ntlmi"
,
5
)
==
0
)
{
vol
->
ntlm
=
1
;
vol
->
sign
=
1
;
}
else
if
(
strnicmp
(
value
,
"ntlm"
,
4
)
==
0
)
{
/* ntlm is default so can be turned off too */
vol
->
ntlm
=
1
;
}
else
if
(
strnicmp
(
value
,
"nontlm"
,
6
)
==
0
)
{
vol
->
ntlm
=
0
;
}
else
if
(
strnicmp
(
value
,
"none"
,
4
)
==
0
)
{
vol
->
nullauth
=
1
;
}
else
{
cERROR
(
1
,(
"bad security option: %s"
,
value
));
return
1
;
}
}
else
if
((
strnicmp
(
data
,
"unc"
,
3
)
==
0
)
||
(
strnicmp
(
data
,
"target"
,
6
)
==
0
)
||
(
strnicmp
(
data
,
"path"
,
4
)
==
0
))
{
...
...
@@ -1546,7 +1585,7 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
cFYI
(
1
,
(
"Username: %s "
,
volume_info
.
username
));
}
else
{
cifserror
(
"No username specified
"
);
cifserror
(
"No username specified"
);
/* In userspace mount helper we can get user name from alternate
locations such as env variables and files on disk */
kfree
(
volume_info
.
UNC
);
...
...
@@ -1587,7 +1626,7 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
return
-
EINVAL
;
}
else
/* which servers DFS root would we conect to */
{
cERROR
(
1
,
(
"CIFS mount error: No UNC path (e.g. -o unc=//192.168.1.100/public) specified
"
));
(
"CIFS mount error: No UNC path (e.g. -o unc=//192.168.1.100/public) specified"
));
kfree
(
volume_info
.
UNC
);
kfree
(
volume_info
.
password
);
FreeXid
(
xid
);
...
...
@@ -1626,7 +1665,7 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
if
(
srvTcp
)
{
cFYI
(
1
,
(
"Existing tcp session with server found
"
));
cFYI
(
1
,
(
"Existing tcp session with server found"
));
}
else
{
/* create socket */
if
(
volume_info
.
port
)
sin_server
.
sin_port
=
htons
(
volume_info
.
port
);
...
...
@@ -1689,11 +1728,11 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
if
(
existingCifsSes
)
{
pSesInfo
=
existingCifsSes
;
cFYI
(
1
,
(
"Existing smb sess found
"
));
cFYI
(
1
,
(
"Existing smb sess found"
));
kfree
(
volume_info
.
password
);
/* volume_info.UNC freed at end of function */
}
else
if
(
!
rc
)
{
cFYI
(
1
,
(
"Existing smb sess not found
"
));
cFYI
(
1
,
(
"Existing smb sess not found"
));
pSesInfo
=
sesInfoAlloc
();
if
(
pSesInfo
==
NULL
)
rc
=
-
ENOMEM
;
...
...
@@ -1777,7 +1816,7 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
find_unc
(
sin_server
.
sin_addr
.
s_addr
,
volume_info
.
UNC
,
volume_info
.
username
);
if
(
tcon
)
{
cFYI
(
1
,
(
"Found match on UNC path
"
));
cFYI
(
1
,
(
"Found match on UNC path"
));
/* we can have only one retry value for a connection
to a share so for resources mounted more than once
to the same server share the last value passed in
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录