Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6

Version 1.50

------------

Fix NTLMv2 signing. NFS server mounted over cifs works (if cifs mount is

done with "serverino" mount option).  Add support for POSIX Unlink

(helps with certain sharing violation cases when server such as

Samba supports newer POSIX CIFS Protocol Extensions).

Version 1.49

------------

IPv6 support.  Enable ipv6 addresses to be passed on mount (put the ipv6

default uid and gid for files when they are certain that the uids or

gids on the server do not match those of the client.  Make "sec=none"

mount override username (so that null user connection is attempted)

to match what documentation said.

to match what documentation said. Support for very large reads, over 127K,

available to some newer servers (such as Samba 3.0.26 and later but

note that it also requires setting CIFSMaxBufSize at module install

time to a larger value which may hurt performance in some cases).

Make sign option force signing (or fail if server does not support it).

Version 1.48

------------

		during the local client kernel build will be used.

		If server does not support Unicode, this parameter is

		unused.

  rsize		default read size (usually 16K)

  wsize		default write size (usually 16K, 32K is often better over GigE)

		maximum wsize currently allowed by CIFS is 57344 (14 4096 byte

		pages)

  rsize		default read size (usually 16K). The client currently

		can not use rsize larger than CIFSMaxBufSize. CIFSMaxBufSize

		defaults to 16K and may be changed (from 8K to the maximum

		kmalloc size allowed by your kernel) at module install time

		for cifs.ko. Setting CIFSMaxBufSize to a very large value

		will cause cifs to use more memory and may reduce performance

		in some cases.  To use rsize greater than 127K (the original

		cifs protocol maximum) also requires that the server support

		a new Unix Capability flag (for very large read) which some

		newer servers (e.g. Samba 3.0.26 or later) do. rsize can be

		set from a minimum of 2048 to a maximum of 130048 (127K or

		CIFSMaxBufSize, whichever is smaller)

  wsize		default write size (default 57344)

		maximum wsize currently allowed by CIFS is 57344 (fourteen

		4096 byte pages)

  rw		mount the network share read-write (note that the

		server may still consider the share read-only)

  ro		mount network share read-only

		Note that this does not affect the normal ACL check on the

		target machine done by the server software (of the server

		ACL against the user name provided at mount time).

  serverino	Use servers inode numbers instead of generating automatically

  serverino	Use server's inode numbers instead of generating automatically

		incrementing inode numbers on the client.  Although this will

		make it easier to spot hardlinked files (as they will have

		the same inode numbers) and inode numbers may be persistent,

		are unique if multiple server side mounts are exported under a

		single share (since inode numbers on the servers might not

		be unique if multiple filesystems are mounted under the same

		shared higher level directory).  Note that this requires that

		the server support the CIFS Unix Extensions as other servers

		do not return a unique IndexNumber on SMB FindFirst (most

		servers return zero as the IndexNumber).  Parameter has no

		effect to Windows servers and others which do not support the

		CIFS Unix Extensions.

		shared higher level directory).  Note that some older

		(e.g. pre-Windows 2000) do not support returning UniqueIDs

		or the CIFS Unix Extensions equivalent and for those

		this mount option will have no effect.  Exporting cifs mounts

		under nfsd requires this mount option on the cifs mount.

  noserverino   Client generates inode numbers (rather than using the actual one

		from the server) by default.

  setuids       If the CIFS Unix extensions are negotiated with the server

	echo 1 > /proc/fs/cifs/traceSMB

Two other experimental features are under development and to test 

require enabling CONFIG_CIFS_EXPERIMENTAL

Two other experimental features are under development. To test these

requires enabling CONFIG_CIFS_EXPERIMENTAL

	More efficient write operations

	ipv6 enablement

	DNOTIFY fcntl: needed for support of directory change 

			    notification and perhaps later for file leases)

d) Kerberos/SPNEGO session setup support - (started)

e) More testing of NTLMv2 authentication (mostly implemented - double check

that NTLMv2 signing works, also need to cleanup now unneeded SessSetup code in

fs/cifs/connect.c)

e) Cleanup now unneeded SessSetup code in

fs/cifs/connect.c and add back in NTLMSSP code if any servers

need it

f) MD5-HMAC signing SMB PDUs when SPNEGO style SessionSetup 

used (Kerberos or NTLMSSP). Signing alreadyimplemented for NTLM

succeed but still return access denied (appears to be Windows 

server not cifs client problem) and has not been reproduced recently.

NTFS partitions do not have this problem.

4) Unix/POSIX capabilities are reset after reconnection, and affect

a few fields in the tree connection but we do do not know which

superblocks to apply these changes to.  We should probably walk

the list of superblocks to set these.  Also need to check the

flags on the second mount to the same share, and see if we

can do the same trick that NFS does to remount duplicate shares.

Misc testing to do

==================

			return 0;

		} else if ((cls != ASN1_CTX) || (con != ASN1_CON)

			   || (tag != ASN1_EOC)) {

			cFYI(1,("cls = %d con = %d tag = %d end = %p (%d) exit 0",

			cFYI(1,

			     ("cls = %d con = %d tag = %d end = %p (%d) exit 0",

			      cls, con, tag, end, *end));

			return 0;

		}

			return 0;

		} else if ((cls != ASN1_UNI) || (con != ASN1_CON)

			   || (tag != ASN1_SEQ)) {

			cFYI(1,("cls = %d con = %d tag = %d end = %p (%d) exit 1",

			cFYI(1,

			     ("cls = %d con = %d tag = %d end = %p (%d) exit 1",

			      cls, con, tag, end, *end));

			return 0;

		}

			rc = asn1_header_decode(&ctx, &end, &cls, &con, &tag);

			if (!rc) {

				cFYI(1,

				     ("Error 1 decoding negTokenInit header exit 2"));

				     ("Error decoding negTokenInit hdr exit2"));

				return 0;

			}

			if ((tag == ASN1_OJI) && (con == ASN1_PRI)) {

				rc = asn1_oid_decode(&ctx, end, &oid, &oidlen);

				if (rc) {

					cFYI(1,

					  ("OID len = %d oid = 0x%lx 0x%lx 0x%lx 0x%lx",

					   oidlen, *oid, *(oid + 1), *(oid + 2),

					   *(oid + 3)));

					rc = compare_oid(oid, oidlen, NTLMSSP_OID,

						 NTLMSSP_OID_LEN);

					  ("OID len = %d oid = 0x%lx 0x%lx "

					   "0x%lx 0x%lx",

					   oidlen, *oid, *(oid + 1),

					   *(oid + 2), *(oid + 3)));

					rc = compare_oid(oid, oidlen,

						 NTLMSSP_OID, NTLMSSP_OID_LEN);

					kfree(oid);

					if (rc)

						use_ntlmssp = TRUE;

				}

			} else {

				cFYI(1,("This should be an oid what is going on? "));

				cFYI(1, ("Should be an oid what is going on?"));

			}

		}

		if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {

			cFYI(1,

			     ("Error decoding last part of negTokenInit exit 3"));

			     ("Error decoding last part negTokenInit exit3"));

			return 0;

		} else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {	/* tag = 3 indicating mechListMIC */

		} else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {

			/* tag = 3 indicating mechListMIC */

			cFYI(1,

			     ("Exit 4 cls = %d con = %d tag = %d end = %p (%d)",

			      cls, con, tag, end, *end));

		}

		if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {

			cFYI(1,

			     ("Error decoding last part of negTokenInit exit 5"));

			     ("Error decoding last part negTokenInit exit5"));

			return 0;

		} else if ((cls != ASN1_UNI) || (con != ASN1_CON)

			   || (tag != ASN1_SEQ)) {

		if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {

			cFYI(1,

			     ("Error decoding last part of negTokenInit exit 7"));

			     ("Error decoding last part negTokenInit exit 7"));

			return 0;

		} else if ((cls != ASN1_CTX) || (con != ASN1_CON)) {

			cFYI(1,

		}

		if (asn1_header_decode(&ctx, &end, &cls, &con, &tag) == 0) {

			cFYI(1,

			     ("Error decoding last part of negTokenInit exit 9"));

			     ("Error decoding last part negTokenInit exit9"));

			return 0;

		} else if ((cls != ASN1_UNI) || (con != ASN1_PRI)

			   || (tag != ASN1_GENSTR)) {

			      cls, con, tag, end, *end));

			return 0;

		}

		cFYI(1, ("Need to call asn1_octets_decode() function for this %s", ctx.pointer));	/* is this UTF-8 or ASCII? */

		cFYI(1, ("Need to call asn1_octets_decode() function for %s",

			 ctx.pointer));	/* is this UTF-8 or ASCII? */

	}

	/* if (use_kerberos)

		   (ses->serverNOS == NULL)) {

			buf += sprintf(buf, "\nentry for %s not fully "

					"displayed\n\t", ses->serverName);

		} else {

			length =

			    sprintf(buf,

	}

	/* flags look ok - update the global security flags for cifs module */

	extended_security = flags;

	if (extended_security & CIFSSEC_MUST_SIGN) {

		/* requiring signing implies signing is allowed */

		extended_security |= CIFSSEC_MAY_SIGN;

		cFYI(1, ("packet signing now required"));

	} else if ((extended_security & CIFSSEC_MAY_SIGN) == 0) {

		cFYI(1, ("packet signing disabled"));

	}

	/* BB should we turn on MAY flags for other MUST options? */

	return count;

}

/* static int

ntlmv2_enabled_read(char *page, char **start, off_t off,

		       int count, int *eof, void *data)

{

	int len;

	len = sprintf(page, "%d\n", ntlmv2_support);

	len -= off;

	*start = page + off;

	if (len > count)

		len = count;

	else

		*eof = 1;

	if (len < 0)

		len = 0;

	return len;

}

static int

ntlmv2_enabled_write(struct file *file, const char __user *buffer,

			unsigned long count, void *data)

{

	char c;

	int rc;

	rc = get_user(c, buffer);

	if (rc)

		return rc;

	if (c == '0' || c == 'n' || c == 'N')

		ntlmv2_support = 0;

	else if (c == '1' || c == 'y' || c == 'Y')

		ntlmv2_support = 1;

	else if (c == '2')

		ntlmv2_support = 2;

	return count;

}

static int

packet_signing_enabled_read(char *page, char **start, off_t off,

		       int count, int *eof, void *data)

{

	int len;

	len = sprintf(page, "%d\n", sign_CIFS_PDUs);

	len -= off;

	*start = page + off;

	if (len > count)

		len = count;

	else

		*eof = 1;

	if (len < 0)

		len = 0;

	return len;

}

static int

packet_signing_enabled_write(struct file *file, const char __user *buffer,

			unsigned long count, void *data)

{

	char c;

	int rc;

	rc = get_user(c, buffer);

	if (rc)

		return rc;

	if (c == '0' || c == 'n' || c == 'N')

		sign_CIFS_PDUs = 0;

	else if (c == '1' || c == 'y' || c == 'Y')

		sign_CIFS_PDUs = 1;

	else if (c == '2')

		sign_CIFS_PDUs = 2;

	return count;

} */

#endif