lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAN05THQYKRChdR_4T86dGtCO=xY+cWpfa6_fOVNh9WSB=RNE-A@mail.gmail.com>
Date:   Fri, 6 May 2022 12:19:48 +1000
From:   ronnie sahlberg <ronniesahlberg@...il.com>
To:     Paulo Alcantara <pc@....nz>
Cc:     Tom Talpey <tom@...pey.com>, Steven French <sfrench@...ba.org>,
        Byron Stanoszek <gandalf@...ds.org>,
        Shyam Prasad N <nspmangalore@...il.com>,
        linux-cifs <linux-cifs@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: CIFS regression mounting vers=1.0 NTLMSSP when hostname is too long

On Fri, 6 May 2022 at 11:59, Paulo Alcantara <pc@....nz> wrote:
>
> Tom Talpey <tom@...pey.com> writes:
>
> > I think the most conservative and spec-compliant choice should be made.
> > SMB1 should not be pushing the envelope of interoperability, in this day
> > and age.
>
> OK.
>
> > I believe the NetBIOS name is a fixed array of 16 octets, right? So, if
> > the nodename is shorter, it needs to be padded with 0's.
>
> Right.
>
> > Did this code change recently? Why???
>
> We used to not send the WorkstationName during NTLMSSP until recent
> patch from Shyam:
>
>         commit 49bd49f983b5026e4557d31c5d737d9657c4113e
>         Author: Shyam Prasad N <sprasad@...rosoft.com>
>         Date:   Fri Nov 5 19:03:57 2021 +0000
>
>             cifs: send workstation name during ntlmssp session setup
>
>             During the ntlmssp session setup (authenticate phases)
>             send the client workstation info. This can make debugging easier on
>             servers.
>
>             Signed-off-by: Shyam Prasad N <sprasad@...rosoft.com>
>             Reviewed-by: Paulo Alcantara (SUSE) <pc@....nz>
>             Reviewed-by: Enzo Matsumiya <ematsumiya@...e.de>
>             Signed-off-by: Steve French <stfrench@...rosoft.com>
>
> Unfortunately some servers did not seem to enforce it to be 16 bytes
> long, so the reason why we didn't catch it earlier.
>
> Steve, Shyam, let me know if it does make sense to you and then I can
> work on a patch to fix it properly.

This regression should be easy to fix, but maybe we should not have
done the initial change in the first place.
If things is broken and do not work under SMB1, that is a good thing.
Instead of adding features or fixing
missing parts to SMB1 we should just tell people to switch to SMB2 instead.

I think if things do not work correctly or things are missing in smb1,
that is a GOOD THING.
:-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ