Gitweb:     
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6103335de8afa5d780dcd512abe85c696af7b040
Commit:     6103335de8afa5d780dcd512abe85c696af7b040
Parent:     f6d09982197c4163c70f6af0cf15bb78674105c0
Author:     Steve French <[EMAIL PROTECTED]>
AuthorDate: Wed Jan 9 16:21:36 2008 +0000
Committer:  Steve French <[EMAIL PROTECTED]>
CommitDate: Wed Jan 9 16:21:36 2008 +0000

    [CIFS] DNS name resolution helper upcall for cifs
    
        Adds additional option CIFS_DFS_UPCALL to fs/Kconfig for enabling
            DFS support.  Resolved IP address is saved as a string in the
        key payload.
    
        Igor has a series of related patches that will follow which finish up
        CIFS DFS support
    
    Acked-by: Igor Mammedov <[EMAIL PROTECTED]>
    Signed-off-by: Steve French <[EMAIL PROTECTED]>
---
 fs/Kconfig       |   39 ++++++++++++++++++++++++++-------------
 fs/cifs/Makefile |    2 ++
 fs/cifs/cifsfs.c |   15 ++++++++++++++-
 3 files changed, 42 insertions(+), 14 deletions(-)

diff --git a/fs/Kconfig b/fs/Kconfig
index 487236c..18cd221 100644
--- a/fs/Kconfig
+++ b/fs/Kconfig
@@ -1905,13 +1905,15 @@ config CIFS
          file servers such as Windows 2000 (including Windows 2003, NT 4  
          and Windows XP) as well by Samba (which provides excellent CIFS
          server support for Linux and many other operating systems). Limited
-         support for OS/2 and Windows ME and similar servers is provided as 
well.
-
-         The intent of the cifs module is to provide an advanced
-         network file system client for mounting to CIFS compliant servers,
-         including support for dfs (hierarchical name space), secure per-user
-         session establishment, safe distributed caching (oplock), optional
-         packet signing, Unicode and other internationalization improvements. 
+         support for OS/2 and Windows ME and similar servers is provided as
+         well.
+
+         The cifs module provides an advanced network file system
+         client for mounting to CIFS compliant servers.  It includes
+         support for DFS (hierarchical name space), secure per-user
+         session establishment via Kerberos or NTLM or NTLMv2,
+         safe distributed caching (oplock), optional packet
+         signing, Unicode and other internationalization improvements.
          If you need to mount to Samba or Windows from this machine, say Y.
 
 config CIFS_STATS
@@ -1943,7 +1945,8 @@ config CIFS_WEAK_PW_HASH
          (since 1997) support stronger NTLM (and even NTLMv2 and Kerberos)
          security mechanisms. These hash the password more securely
          than the mechanisms used in the older LANMAN version of the
-          SMB protocol needed to establish sessions with old SMB servers.
+         SMB protocol but LANMAN based authentication is needed to
+         establish sessions with some old SMB servers.
 
          Enabling this option allows the cifs module to mount to older
          LANMAN based servers such as OS/2 and Windows 95, but such
@@ -1951,8 +1954,8 @@ config CIFS_WEAK_PW_HASH
          security mechanisms if you are on a public network.  Unless you
          have a need to access old SMB servers (and are on a private 
          network) you probably want to say N.  Even if this support
-         is enabled in the kernel build, they will not be used
-         automatically. At runtime LANMAN mounts are disabled but
+         is enabled in the kernel build, LANMAN authentication will not be
+         used automatically. At runtime LANMAN mounts are disabled but
          can be set to required (or optional) either in
          /proc/fs/cifs (see fs/cifs/README for more detail) or via an
          option on the mount command. This support is disabled by 
@@ -2018,12 +2021,22 @@ config CIFS_UPCALL
          depends on CIFS_EXPERIMENTAL
          depends on KEYS
          help
-           Enables an upcall mechanism for CIFS which will be used to contact
-           userspace helper utilities to provide SPNEGO packaged Kerberos
-           tickets which are needed to mount to certain secure servers
+           Enables an upcall mechanism for CIFS which accesses
+           userspace helper utilities to provide SPNEGO packaged (RFC 4178)
+           Kerberos tickets which are needed to mount to certain secure servers
            (for which more secure Kerberos authentication is required). If
            unsure, say N.
 
+config CIFS_DFS_UPCALL
+         bool "DFS feature support (EXPERIMENTAL)"
+         depends on CIFS_EXPERIMENTAL
+         depends on KEYS
+         help
+           Enables an upcall mechanism for CIFS which contacts userspace
+           helper utilities to provide server name resolution (host names to
+           IP addresses) which is needed for implicit mounts of DFS junction
+           points. If unsure, say N.
+
 config NCP_FS
        tristate "NCP file system support (to mount NetWare volumes)"
        depends on IPX!=n || INET
diff --git a/fs/cifs/Makefile b/fs/cifs/Makefile
index 45e42fb..09898b8 100644
--- a/fs/cifs/Makefile
+++ b/fs/cifs/Makefile
@@ -9,3 +9,5 @@ cifs-y := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o 
file.o inode.o \
          readdir.o ioctl.o sess.o export.o cifsacl.o
 
 cifs-$(CONFIG_CIFS_UPCALL) += cifs_spnego.o
+
+cifs-$(CONFIG_CIFS_DFS_UPCALL) += dns_resolve.o
diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c
index 093beaa..000b4a5 100644
--- a/fs/cifs/cifsfs.c
+++ b/fs/cifs/cifsfs.c
@@ -44,6 +44,7 @@
 #include "cifs_fs_sb.h"
 #include <linux/mm.h>
 #include <linux/key-type.h>
+#include "dns_resolve.h"
 #include "cifs_spnego.h"
 #define CIFS_MAGIC_NUMBER 0xFF534D42   /* the first four bytes of SMB PDUs */
 
@@ -1015,11 +1016,16 @@ init_cifs(void)
        if (rc)
                goto out_unregister_filesystem;
 #endif
+#ifdef CONFIG_CIFS_DFS_UPCALL
+       rc = register_key_type(&key_type_dns_resolver);
+       if (rc)
+               goto out_unregister_key_type;
+#endif
        oplockThread = kthread_run(cifs_oplock_thread, NULL, "cifsoplockd");
        if (IS_ERR(oplockThread)) {
                rc = PTR_ERR(oplockThread);
                cERROR(1, ("error %d create oplock thread", rc));
-               goto out_unregister_key_type;
+               goto out_unregister_dfs_key_type;
        }
 
        dnotifyThread = kthread_run(cifs_dnotify_thread, NULL, "cifsdnotifyd");
@@ -1033,7 +1039,11 @@ init_cifs(void)
 
  out_stop_oplock_thread:
        kthread_stop(oplockThread);
+ out_unregister_dfs_key_type:
+#ifdef CONFIG_CIFS_DFS_UPCALL
+       unregister_key_type(&key_type_dns_resolver);
  out_unregister_key_type:
+#endif
 #ifdef CONFIG_CIFS_UPCALL
        unregister_key_type(&cifs_spnego_key_type);
  out_unregister_filesystem:
@@ -1059,6 +1069,9 @@ exit_cifs(void)
 #ifdef CONFIG_PROC_FS
        cifs_proc_clean();
 #endif
+#ifdef CONFIG_CIFS_DFS_UPCALL
+       unregister_key_type(&key_type_dns_resolver);
+#endif
 #ifdef CONFIG_CIFS_UPCALL
        unregister_key_type(&cifs_spnego_key_type);
 #endif
-
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to