| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87tua51550.fsf@cjr.nz>
Date: Wed, 04 May 2022 16:15:07 -0300
From: Paulo Alcantara <pc@....nz>
To: Steven French <sfrench@...ba.org>,
Byron Stanoszek <gandalf@...ds.org>,
Tom Talpey <tom@...pey.com>
Cc: linux-cifs@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: CIFS regression mounting vers=1.0 NTLMSSP when hostname is too
long
Hi Steve,
Steven French <sfrench@...ba.org> writes:
> makes sense - do you see anything related in the NTLMSSP doc?
I'll quote some relevant parts from MS-NLMP which make sense to me:
3.1.5.1.2 Client Receives a CHALLENGE_MESSAGE from the Server
...
If the NTLMSSP_NEGOTIATE_VERSION flag is set by the client application,
the Version field MUST be set to the current version (section 2.2.2.10),
and the Workstation field MUST be set to NbMachineName.
3.2.1.1 Variables Internal to the Protocol
...
NbMachineName: A string that indicates the NetBIOS machine name of the
server.
2.2.2.1 AV_PAIR
...
MsvAvNbComputerName: The server's NetBIOS computer name. The name MUST
be in Unicode, and is not null-terminated. This type of information MUST
be present in the AV_pair list.
and indeed we set NTLMSSP_NEGOTIATE_VERSION in
fs/cifs/sess.c:build_ntlmssp_smb3_negotiate_blob().
Unless I didn't miss anything obvious, I think we should be sending
NetBIOS name or simply truncate utsname()->nodename to 16 bytes as
previously proposed by Byron regardless what protocol version is being
used.
Tom, what is your opinion on that?
Powered by blists - more mailing lists