Linux-CIFS Archive on lore.kernel.org
 help / color / Atom feed
* [CIFS][PATCH] print warning once if mounting with vers=1.0
@ 2020-02-28  7:37 Steve French
  0 siblings, 0 replies; only message in thread
From: Steve French @ 2020-02-28  7:37 UTC (permalink / raw)
  To: CIFS

[-- Attachment #1: Type: text/plain, Size: 282 bytes --]

    We really, really don't want people using insecure dialects
    unless they realize what they are doing ...

    Add print once warning if mounting with vers=1.0 (older SMB1/CIFS
    dialect) instead of the default (SMB2.1 or later, typically
    SMB3.1.1).

-- 
Thanks,

Steve

[-- Attachment #2: 0001-cifs-print-warning-once-if-mounting-with-vers-1.0.patch --]
[-- Type: text/x-patch, Size: 1155 bytes --]

From a413f3274d270209f9f623bca301dbb8a772df63 Mon Sep 17 00:00:00 2001
From: Steve French <stfrench@microsoft.com>
Date: Fri, 28 Feb 2020 01:32:37 -0600
Subject: [PATCH] cifs: print warning once if mounting with vers=1.0

We really, really don't want people using insecure dialects
unless they realize what they are doing ...

Add print once warning if mounting with vers=1.0 (older SMB1/CIFS
dialect) instead of the default (SMB2.1 or later, typically
SMB3.1.1).

Signed-off-by: Steve French <stfrench@microsoft.com>
---
 fs/cifs/connect.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index f4d12b79ceed..27577d71d942 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -1471,6 +1471,9 @@ cifs_parse_smb_version(char *value, struct smb_vol *vol, bool is_smb3)
 			cifs_dbg(VFS, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
 			return 1;
 		}
+		printk_once(KERN_WARNING "Use of the less secure dialect "
+			   "vers=1.0 is not recommended unless required for "
+			   "access to very old servers\n");
 		vol->ops = &smb1_operations;
 		vol->vals = &smb1_values;
 		break;
-- 
2.20.1


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-28  7:37 [CIFS][PATCH] print warning once if mounting with vers=1.0 Steve French

Linux-CIFS Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-cifs/0 linux-cifs/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-cifs linux-cifs/ https://lore.kernel.org/linux-cifs \
		linux-cifs@vger.kernel.org
	public-inbox-index linux-cifs

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-cifs


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git