Re: Problem with CIFS

From: Steve French
Date: Wed Aug 18 2004 - 21:37:18 EST

Next message: Albert Cahalan: "Re: [ANNOUNCE] linux-libc-headers 2.6.8.0"
Previous message: David S. Miller: "Re: ip_evictor can loop"
In reply to: Jeremy Allison: "Re: [linux-cifs-client] re: Problem with CIFS"
Next in thread: Jeremy Allison: "Re: Problem with CIFS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>Can you show me where the problem is ?
>Currently in smbd/negprot.c we have :
>
> /* do spnego in user level security if the client
> supports it and we can do encrypted passwords*/
>
> if (global_encrypted_passwords_negotiated &&
> (lp_security() != SEC_SHARE) &&
> lp_use_spnego() &&
> (SVAL(inbuf, smb_flg2) & FLAGS2_EXTENDED_SECURITY)) {
> negotiate_spnego = True;
> capabilities |= CAP_EXTENDED_SECURITY;
> }

I think Samba is just missing the else clause in smbd/negprot.c(since
reply_common sets FLAGS2_EXTENDED_SECURITY otherwise). Something like:

else {
remove_from_common_flags2(FLAGS2_EXTENDED_SECURITY);
SSVAL(outbuf,smb_flg2,(SVAL(outbuf,smb_flg2) &
(~FLAGS2_EXTENDED_SECURITY)));
}

but in any case I have to workaround it in the Linux cifs client by
paying more attention to the capability bit than to the actual smb flag

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Albert Cahalan: "Re: [ANNOUNCE] linux-libc-headers 2.6.8.0"
Previous message: David S. Miller: "Re: ip_evictor can loop"
In reply to: Jeremy Allison: "Re: [linux-cifs-client] re: Problem with CIFS"
Next in thread: Jeremy Allison: "Re: Problem with CIFS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]