Commit 20d1752f authored by Chuck Ebbert's avatar Chuck Ebbert Committed by Steve French

[CIFS] Re-enable Lanman security

commit ac683924 ("[CIFS] Allow raw
ntlmssp code to be enabled with sec=ntlmssp") added a new bit to the
allowed security flags mask but seems to have inadvertently removed
Lanman security from the allowed flags. Add it back.

CC: Stable <stable@kernel.org>
Signed-off-by: default avatarChuck Ebbert <cebbert@redhat.com>
Signed-off-by: default avatarSteve French <sfrench@us.ibm.com>
parent 4142e0d1
...@@ -585,9 +585,9 @@ require use of the stronger protocol */ ...@@ -585,9 +585,9 @@ require use of the stronger protocol */
#define CIFSSEC_MUST_LANMAN 0x10010 #define CIFSSEC_MUST_LANMAN 0x10010
#define CIFSSEC_MUST_PLNTXT 0x20020 #define CIFSSEC_MUST_PLNTXT 0x20020
#ifdef CONFIG_CIFS_UPCALL #ifdef CONFIG_CIFS_UPCALL
#define CIFSSEC_MASK 0xAF0AF /* allows weak security but also krb5 */ #define CIFSSEC_MASK 0xBF0BF /* allows weak security but also krb5 */
#else #else
#define CIFSSEC_MASK 0xA70A7 /* current flags supported if weak */ #define CIFSSEC_MASK 0xB70B7 /* current flags supported if weak */
#endif /* UPCALL */ #endif /* UPCALL */
#else /* do not allow weak pw hash */ #else /* do not allow weak pw hash */
#ifdef CONFIG_CIFS_UPCALL #ifdef CONFIG_CIFS_UPCALL
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment