| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 04 May 2022 17:58:54 -0300
From: Paulo Alcantara <pc@....nz>
To: Tom Talpey <tom@...pey.com>, Steven French <sfrench@...ba.org>,
Byron Stanoszek <gandalf@...ds.org>,
Shyam Prasad N <nspmangalore@...il.com>
Cc: linux-cifs@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: CIFS regression mounting vers=1.0 NTLMSSP when hostname is too
long
Tom Talpey <tom@...pey.com> writes:
> I think the most conservative and spec-compliant choice should be made.
> SMB1 should not be pushing the envelope of interoperability, in this day
> and age.
OK.
> I believe the NetBIOS name is a fixed array of 16 octets, right? So, if
> the nodename is shorter, it needs to be padded with 0's.
Right.
> Did this code change recently? Why???
We used to not send the WorkstationName during NTLMSSP until recent
patch from Shyam:
commit 49bd49f983b5026e4557d31c5d737d9657c4113e
Author: Shyam Prasad N <sprasad@...rosoft.com>
Date: Fri Nov 5 19:03:57 2021 +0000
cifs: send workstation name during ntlmssp session setup
During the ntlmssp session setup (authenticate phases)
send the client workstation info. This can make debugging easier on
servers.
Signed-off-by: Shyam Prasad N <sprasad@...rosoft.com>
Reviewed-by: Paulo Alcantara (SUSE) <pc@....nz>
Reviewed-by: Enzo Matsumiya <ematsumiya@...e.de>
Signed-off-by: Steve French <stfrench@...rosoft.com>
Unfortunately some servers did not seem to enforce it to be 16 bytes
long, so the reason why we didn't catch it earlier.
Steve, Shyam, let me know if it does make sense to you and then I can
work on a patch to fix it properly.
Powered by blists - more mailing lists