diff options
author | Steve French <sfrench@us.ibm.com> | 2006-05-31 22:40:51 +0000 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2006-05-31 22:40:51 +0000 |
commit | 3979877e5606ecc58c5a31bd0078c6d80ba9cbe7 (patch) | |
tree | d221455b5176ea8b26e750d6498c3ed822998ba3 /fs/Kconfig | |
parent | 26a21b980b1897b11fd7f9ba4bf6060c9e15df10 (diff) | |
download | lwn-3979877e5606ecc58c5a31bd0078c6d80ba9cbe7.tar.gz lwn-3979877e5606ecc58c5a31bd0078c6d80ba9cbe7.zip |
[CIFS] Support for setting up SMB sessions to legacy lanman servers
Diffstat (limited to 'fs/Kconfig')
-rw-r--r-- | fs/Kconfig | 40 |
1 files changed, 38 insertions, 2 deletions
diff --git a/fs/Kconfig b/fs/Kconfig index f9b5842c8d2d..c4eaacb86071 100644 --- a/fs/Kconfig +++ b/fs/Kconfig @@ -1663,7 +1663,7 @@ config CIFS_STATS mounted by the cifs client to be displayed in /proc/fs/cifs/Stats config CIFS_STATS2 - bool "CIFS extended statistics" + bool "Extended statistics" depends on CIFS_STATS help Enabling this option will allow more detailed statistics on SMB @@ -1676,6 +1676,32 @@ config CIFS_STATS2 Unless you are a developer or are doing network performance analysis or tuning, say N. +config CIFS_WEAK_PW_HASH + bool "Support legacy servers which use weaker LANMAN security" + depends on CIFS + help + Modern CIFS servers including Samba and most Windows versions + (since 1997) support stronger NTLM (and even NTLMv2 and Kerberos) + security mechanisms. These hash the password more securely + than the mechanisms used in the older LANMAN version of the + SMB protocol needed to establish sessions with old SMB servers. + + Enabling this option allows the cifs module to mount to older + LANMAN based servers such as OS/2 and Windows 95, but such + mounts may be less secure than mounts using NTLM or more recent + security mechanisms if you are on a public network. Unless you + have a need to access old SMB servers (and are on a private + network) you probably want to say N. Even if this support + is enabled in the kernel build, they will not be used + automatically. At runtime LANMAN mounts are disabled but + can be set to required (or optional) either in + /proc/fs/cifs (see fs/cifs/README for more detail) or via an + option on the mount command. This support is disabled by + default in order to reduce the possibility of a downgrade + attack. + + If unsure, say N. + config CIFS_XATTR bool "CIFS extended attributes" depends on CIFS @@ -1704,6 +1730,16 @@ config CIFS_POSIX (such as Samba 3.10 and later) which can negotiate CIFS POSIX ACL support. If unsure, say N. +config CIFS_DEBUG2 + bool "Enable additional CIFS debugging routines + help + Enabling this option adds a few more debugging routines + to the cifs code which slightly increases the size of + the cifs module and can cause additional logging of debug + messages in some error paths, slowing performance. This + option can be turned off unless you are debugging + cifs problems. If unsure, say N. + config CIFS_EXPERIMENTAL bool "CIFS Experimental Features (EXPERIMENTAL)" depends on CIFS && EXPERIMENTAL @@ -1719,7 +1755,7 @@ config CIFS_EXPERIMENTAL If unsure, say N. config CIFS_UPCALL - bool "CIFS Kerberos/SPNEGO advanced session setup (EXPERIMENTAL)" + bool "Kerberos/SPNEGO advanced session setup (EXPERIMENTAL)" depends on CIFS_EXPERIMENTAL select CONNECTOR help |