aboutsummaryrefslogtreecommitdiffstats
path: root/mount.cifs.c
diff options
context:
space:
mode:
authorJeff Layton <jlayton@samba.org>2012-08-07 11:11:26 -0400
committerJeff Layton <jlayton@samba.org>2012-08-07 11:11:26 -0400
commit569cfcb3a467dfdf967a36ed6f7896559edab2ba (patch)
tree5208d6309002400a06c0ca0a851820f1df2697da /mount.cifs.c
parent692842e34c1f2fcc84b6b64136f5e28dd7062f46 (diff)
downloadcifs-utils-569cfcb3a467dfdf967a36ed6f7896559edab2ba.tar.gz
cifs-utils-569cfcb3a467dfdf967a36ed6f7896559edab2ba.tar.xz
cifs-utils-569cfcb3a467dfdf967a36ed6f7896559edab2ba.zip
mount.cifs: deprecate the DOMAIN/username%password username syntax
mount.cifs has in the past allowed users to specify a username using the above syntax, which would populate the domain and password fields with the different pieces. Unfortunately, there are cases where it is legit to have a '/' in a username. krb5 SPNs generally contain a '/' and we have no clear way to distinguish between the two. I don't see any real value in keeping that syntax allowed. It's no easier than specifying "pass=" and "domain=" on the command line. Ditto for credential files. Begin the transition away from that syntax by adding a warning message that support for it will be removed in 5.9. Signed-off-by: Jeff Layton <jlayton@samba.org>
Diffstat (limited to 'mount.cifs.c')
-rw-r--r--mount.cifs.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/mount.cifs.c b/mount.cifs.c
index 330e528..ef5b43f 100644
--- a/mount.cifs.c
+++ b/mount.cifs.c
@@ -45,6 +45,7 @@
#include <libgen.h>
#include <sys/mman.h>
#include <sys/wait.h>
+#include <stdbool.h>
#ifdef HAVE_SYS_FSUID_H
#include <sys/fsuid.h>
#endif /* HAVE_SYS_FSUID_H */
@@ -320,15 +321,22 @@ static int set_password(struct parsed_mount_info *parsed_info, const char *src)
*
* ...obviously the only required component is "username". The source string
* is modified in the process, but it should remain unchanged at the end.
+ *
+ * NOTE: the above syntax does not allow for usernames that have slashes in
+ * them, as some krb5 usernames do. Support for the above syntax will be
+ * removed in a later version of cifs-utils. Users should use separate options
+ * instead of overloading this info into the username.
*/
static int parse_username(char *rawuser, struct parsed_mount_info *parsed_info)
{
char *user, *password, slash;
int rc = 0;
+ bool warn = false;
/* everything after first % sign is a password */
password = strchr(rawuser, '%');
if (password) {
+ warn = true;
rc = set_password(parsed_info, password + 1);
if (rc)
return rc;
@@ -342,6 +350,7 @@ static int parse_username(char *rawuser, struct parsed_mount_info *parsed_info)
/* everything before that slash is a domain */
if (user) {
+ warn = true;
slash = *user;
*user = '\0';
strlcpy(parsed_info->domain, rawuser,
@@ -356,6 +365,11 @@ static int parse_username(char *rawuser, struct parsed_mount_info *parsed_info)
if (password)
*password = '%';
+ if (warn)
+ fprintf(stderr, "WARNING: The DOMAIN/username%%password syntax "
+ "for usernames is deprecated and will be "
+ "removed in version 5.9 of cifs-utils.\n");
+
return 0;
}