[CIFS] Make sec=none force an anonymous mount

We had a customer report that attempting to make CIFS mount with a null username (i.e. doing an anonymous mount) doesn't work. Looking through the code, it looks like CIFS expects a NULL username from userspace in order to trigger an anonymous mount. The mount.cifs code doesn't seem to ever pass a null username to the kernel, however. It looks also like the kernel can take a sec=none option, but it only seems to look at it if the username is already NULL. This seems redundant and effectively makes sec=none useless. The following patch makes sec=none force an anonymous mount. Signed-off-by: Steve French <sfrench@us.ibm.com>
2024-12-28 11:46:19 +00:00 · 2007-05-05 03:27:49 +00:00 · 2007-05-05 03:27:49 +00:00 · 8426c39c12
commit 8426c39c12
parent 796e5661f6
3 changed files with 24 additions and 8 deletions
--- a/fs/cifs/CHANGES
+++ b/fs/cifs/CHANGES
@ -6,7 +6,9 @@ handle DNS host to ipv6 name translation).  Accept override of uid or gid
 on mount even when Unix Extensions are negotiated (it used to be ignored
 when Unix Extensions were ignored).  This allows users to override the
 default uid and gid for files when they are certain that the uids or
-gids on the server do not match those of the client.
+gids on the server do not match those of the client.  Make "sec=none"
+mount override username (so that null user connection is attempted)
+to match what documentation said.

 Version 1.48
 ------------
--- a/fs/cifs/README
+++ b/fs/cifs/README
@ -472,7 +472,7 @@ including:
 	-V      print mount.cifs version
 	-?      display simple usage information

-With recent 2.6 kernel versions of modutils, the version of the cifs kernel
+With most 2.6 kernel versions of modutils, the version of the cifs kernel
 module can be displayed via modinfo.

 Misc /proc/fs/cifs Flags and Debug Info
@ -521,8 +521,22 @@ SecurityFlags		Flags which control security negotiation and
 			must use plaintext passwords			0x20020
 			(reserved for future packet encryption)		0x00040

-cifsFYI			If set to one, additional debug information is
-			logged to the system error log. (default 0)
+cifsFYI			If set to non-zero value, additional debug information
+			will be logged to the system error log.  This field
+			contains three flags controlling different classes of
+			debugging entries.  The maximum value it can be set
+			to is 7 which enables all debugging points (default 0).
+			Some debugging statements are not compiled into the
+			cifs kernel unless CONFIG_CIFS_DEBUG2 is enabled in the
+			kernel configuration. cifsFYI may be set to one or
+			nore of the following flags (7 sets them all):
+
+			log cifs informational messages			0x01
+			log return codes from cifs entry points		0x02
+			log slow responses (ie which take longer than one second)
+			  CONFIG_CIFS_STATS2 must be enabled in .config	0x03
+				
+				
 traceSMB		If set to one, debug information is logged to the
 			system error log with the start of smb requests
 			and responses (default 0)
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@ -1721,12 +1721,12 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
 		return -EINVAL;
 	}

-	if (volume_info.username) {
+	if (volume_info.nullauth) {
+		cFYI(1,("null user"));
+		volume_info.username = NULL;
+	} else if (volume_info.username) {
 		/* BB fixme parse for domain name here */
 		cFYI(1, ("Username: %s ", volume_info.username));
-
-	} else if (volume_info.nullauth) {
-		cFYI(1,("null user"));
 	} else {
 		cifserror("No username specified");
        /* In userspace mount helper we can get user name from alternate