lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 18 Apr 2020 23:53:57 -0500
From:   Steve French <smfrench@...il.com>
To:     Florian Weimer <fweimer@...hat.com>
Cc:     David Howells <dhowells@...hat.com>,
        linux-nfs <linux-nfs@...r.kernel.org>,
        CIFS <linux-cifs@...r.kernel.org>, linux-afs@...ts.infradead.org,
        ceph-devel@...r.kernel.org, keyrings@...r.kernel.org,
        Network Development <netdev@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: What's a good default TTL for DNS keys in the kernel

commit 28eb24ff75c5ac130eb326b3b4d0dcecfc0f427d
Author: Paulo Alcantara <paulo@...lo.ac>
Date:   Tue Nov 20 15:16:36 2018 -0200

    cifs: Always resolve hostname before reconnecting

    In case a hostname resolves to a different IP address (e.g. long
    running mounts), make sure to resolve it every time prior to calling
    generic_ip_connect() in reconnect.
...

(Note that this patch may have some minor dependencies on a few other
DFS related patches that were merged immediately before it.
08744015492f cifs: Add support for failover in cifs_reconnect_tcon()
a3a53b760379 cifs: Add support for failover in smb2_reconnect()
23324407143d cifs: Only free DFS target list if we actually got one
e511d31753e3 cifs: start DFS cache refresher in cifs_mount()
93d5cb517db3 cifs: Add support for failover in cifs_reconnect()
4a367dc04435 cifs: Add support for failover in cifs_mount()
1c780228e9d4 cifs: Make use of DFS cache to get new DFS referrals

On Sat, Apr 18, 2020 at 1:11 PM Florian Weimer <fweimer@...hat.com> wrote:
>
> * Steve French:
>
> >>> The question remains what the expected impact of TTL expiry is.  Will
> >>> the kernel just perform a new DNS query if it needs one?
> >
> > For SMB3/CIFS mounts, Paulo added support last year for automatic
> > reconnect if the IP address of the server changes.  It also is helpful
> > when DFS (global name space) addresses change.
>
> Do you have reference to the source code implementation?  Thanks.
>
> Florian
>


-- 
Thanks,

Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ