| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Based on a patch from a few years ago by Igor Mammedov. This patch
adds the ability for cifs.upcall to establish a TGT using the
system-default keytab.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
|
|
...and switch the code to using strndup. Check for allocation errors as
well, and fix some off-by-one bugs in the ones that decode strings.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
|
|
If cifs.upcall is passed an invalid argument then it will "goto out".
The decoded_args struct however is uninitialized at that point so it
will usually segfault when trying to free fields in it. Move the
initialization up in the function.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Reported-by: Stefan Walter <walteste@inf.ethz.ch>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
|
|
checksum (bug #7890)
Some closed source SMB servers doesn't support all checksum types,
so we should try to match windows clients.
This is almost the same logic which is used by Samba.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
gcc says:
cifs.upcall.c: In function ‘cifs_krb5_get_req’:
cifs.upcall.c:261:2: warning: missing initializer
cifs.upcall.c:261:2: warning: (near initialization for ‘in_creds.client’)
cifs.upcall.c: In function ‘main’:
cifs.upcall.c:622:9: warning: missing initializer
cifs.upcall.c:622:9: warning: (near initialization for ‘arg.ver’)
...this is probably just gcc being balky, but we can silence the
warning. It may also be a micro optimization in an error condition
if we delay zeroing out the struct until it's needed.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Even though all known kernels send the uid= parm to userspace,
cifs.upcall doesn't technically require it. It should though. If one
wasn't sent for some reason, then the setuid wouldn't occur. Error out
if there is no uid= or creduid= parm.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
When I did the original krb5 implementation, I goofed and ended up making
it so that when someone specifies the "uid=" mount option that also affects
the owner of the krb5 credential cache and not just the ownership of the
mount. I'm proposing a patch for the kernel to attempt to fix this by
making the kernel send a "creduid=" parameter in the upcall which is
intended to be the user that should own the credentials cache.
That's not necessarily the same user that has "ownership" of the mount.
Usually the creduid= will be set to the real uid of the user doing the
mounting. When multisession mounts are introduced they will usually set
this to the fsuid that walks into the mount.
To ease the transition, this patch also adds a command line switch that
makes cifs.upcall use the "legacy" uid= parameter instead. Use that if you
want it to behave like it used to.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
- fix URL's and email addresses
- update copyright notices
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...coding style cleanup.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
...eventually it might be better to make autoconf set -I/usr/include/krb5
or whatever and get rid of the #ifdef's here. It's a little tricky to
figure out the include dir however, so this will do for now.
Signed-off-by: Torsten Kurbad <torsten@tk-webart.de>
|
|
Signed-off-by: Torsten Kurbad <torsten@tk-webart.de>
|
|
Rather than using a hardcoded version string, use the VERSION macro
that autoconf provides. This will help make it clear what version
is actually being used in bug reports when someone runs
"mount.cifs -V" or "cifs.upcall --version".
Also, clean up AC_INIT and AM_INIT_AUTOMAKE macros.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
<krb5.h> is deprecated in favor of <krb5/krb5.h>. Also, make autoconf
throw a more helpful error message if it's not present.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
...no need for that now.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
...to hold SPNEGO definitions.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
We need to replace the function that we use to fetch krb5 creds since
that's currently provided by a libsmbclient object.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
...we don't really need a talloc-ified version here. Just use the normal
one. Also don't use strnequal. Use strncasecmp instead.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
...we need our own version.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
(commit 6e510b49c03be9caba4f587f3f6cec547841b0d7)
|
