diff options
| author | Josh Boyer <jwboyer@fedoraproject.org> | 2015-01-06 08:57:47 -0500 |
|---|---|---|
| committer | Josh Boyer <jwboyer@fedoraproject.org> | 2015-01-06 08:57:47 -0500 |
| commit | 2dd7a3b242b8149c8e5c897b890a29ce4fea5f7a (patch) | |
| tree | dec8816cfb1637c25edae2fa3d7dc003b00085bc | |
| parent | 94470083395d015165f45652f04ebe523db3a11a (diff) | |
| download | kernel-2dd7a3b242b8149c8e5c897b890a29ce4fea5f7a.tar.gz kernel-2dd7a3b242b8149c8e5c897b890a29ce4fea5f7a.tar.xz kernel-2dd7a3b242b8149c8e5c897b890a29ce4fea5f7a.zip | |
Fix CIFS login issue (rhbz 1163927)
| -rw-r--r-- | Set-UID-in-sess_auth_rawntlmssp_authenticate-too.patch | 44 | ||||
| -rw-r--r-- | kernel.spec | 9 |
2 files changed, 53 insertions, 0 deletions
diff --git a/Set-UID-in-sess_auth_rawntlmssp_authenticate-too.patch b/Set-UID-in-sess_auth_rawntlmssp_authenticate-too.patch new file mode 100644 index 00000000..bc08ddcc --- /dev/null +++ b/Set-UID-in-sess_auth_rawntlmssp_authenticate-too.patch @@ -0,0 +1,44 @@ +From: Sachin Prabhu <sprabhu@redhat.com> +Date: Wed, 3 Dec 2014 12:26:36 +0000 +Subject: [PATCH] Set UID in sess_auth_rawntlmssp_authenticate too + +A user complained that they were unable to login to their cifs share +after a kernel update. From the wiretrace we can see that the server +returns different UIDs as response to NTLMSSP_NEGOTIATE and NTLMSSP_AUTH +phases. + +With changes in the authentication code, we no longer set the +cifs_sess->Suid returned in response to the NTLM_AUTH phase and continue +to use the UID sent in response to the NTLMSSP_NEGOTIATE phase. This +results in the server denying access to the user when the user attempts +to do a tcon connect. + +See https://bugzilla.redhat.com/show_bug.cgi?id=1163927 + +A test kernel containing patch was tested successfully by the user. + +Signed-off-by: Sachin Prabhu <sprabhu@redhat.com> +Signed-off-by: Steve French <steve.french@primarydata.com> +--- + fs/cifs/sess.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c +index 57db63ff88da..446cb7fb3f58 100644 +--- a/fs/cifs/sess.c ++++ b/fs/cifs/sess.c +@@ -1303,6 +1303,11 @@ sess_auth_rawntlmssp_authenticate(struct sess_data *sess_data) + if (le16_to_cpu(pSMB->resp.Action) & GUEST_LOGIN) + cifs_dbg(FYI, "Guest login\n"); /* BB mark SesInfo struct? */ + ++ if (ses->Suid != smb_buf->Uid) { ++ ses->Suid = smb_buf->Uid; ++ cifs_dbg(FYI, "UID changed! new UID = %llu\n", ses->Suid); ++ } ++ + bytes_remaining = get_bcc(smb_buf); + bcc_ptr = pByteArea(smb_buf); + blob_len = le16_to_cpu(pSMB->resp.SecurityBlobLength); +-- +2.1.0 + diff --git a/kernel.spec b/kernel.spec index f86733d0..c14910c5 100644 --- a/kernel.spec +++ b/kernel.spec @@ -673,6 +673,9 @@ Patch26118: userns-Add-a-knob-to-disable-setgroups-on-a-per-user.patch Patch26119: userns-Allow-setting-gid_maps-without-privilege-when.patch Patch26120: userns-Unbreak-the-unprivileged-remount-tests.patch +#rhbz 1163927 +Patch26121: Set-UID-in-sess_auth_rawntlmssp_authenticate-too.patch + # git clone ssh://git.fedorahosted.org/git/kernel-arm64.git, git diff master...devel Patch30000: kernel-arm64.patch @@ -1455,6 +1458,9 @@ ApplyPatch userns-Add-a-knob-to-disable-setgroups-on-a-per-user.patch ApplyPatch userns-Allow-setting-gid_maps-without-privilege-when.patch ApplyPatch userns-Unbreak-the-unprivileged-remount-tests.patch +#rhbz 1163927 +ApplyPatch Set-UID-in-sess_auth_rawntlmssp_authenticate-too.patch + %if 0%{?aarch64patches} ApplyPatch kernel-arm64.patch %ifnarch aarch64 # this is stupid, but i want to notice before secondary koji does. @@ -2329,6 +2335,9 @@ fi # ||----w | # || || %changelog +* Tue Jan 06 2015 Josh Boyer <jwboyer@fedoraproject.org> +- Fix CIFS login issue (rhbz 1163927) + * Mon Dec 29 2014 Josh Boyer <jwboyer@fedoraproject.org> - Enable F2FS (rhbz 972446) |