| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c604d959-61f6-4d6e-97fb-2c74ef07334a@samba.org>
Date: Thu, 21 Aug 2025 10:24:31 +0200
From: Stefan Metzmacher <metze@...ba.org>
To: Namjae Jeon <linkinjeon@...nel.org>
Cc: Xin Long <lucien.xin@...il.com>, network dev <netdev@...r.kernel.org>,
davem@...emloft.net, kuba@...nel.org, Eric Dumazet <edumazet@...gle.com>,
Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>,
Moritz Buhl <mbuhl@...nbsd.org>, Tyler Fanelli <tfanelli@...hat.com>,
Pengtao He <hepengtao@...omi.com>, linux-cifs@...r.kernel.org,
Steve French <smfrench@...il.com>, Paulo Alcantara <pc@...guebit.com>,
Tom Talpey <tom@...pey.com>, kernel-tls-handshake@...ts.linux.dev,
Chuck Lever <chuck.lever@...cle.com>, Jeff Layton <jlayton@...nel.org>,
Benjamin Coddington <bcodding@...hat.com>, Steve Dickson
<steved@...hat.com>, Hannes Reinecke <hare@...e.de>,
Alexander Aring <aahringo@...hat.com>, David Howells <dhowells@...hat.com>,
Cong Wang <xiyou.wangcong@...il.com>, "D . Wythe"
<alibuda@...ux.alibaba.com>, Jason Baron <jbaron@...mai.com>,
illiliti <illiliti@...tonmail.com>, Sabrina Dubroca <sd@...asysnail.net>,
Marcelo Ricardo Leitner <marcelo.leitner@...il.com>,
Daniel Stenberg <daniel@...x.se>,
Andy Gospodarek <andrew.gospodarek@...adcom.com>
Subject: Re: [PATCH net-next v2 01/15] net: define IPPROTO_QUIC and SOL_QUIC
constants
Hi Namjae,
>>> diff --git a/include/linux/socket.h b/include/linux/socket.h
>>> index 3b262487ec06..a7c05b064583 100644
>>> --- a/include/linux/socket.h
>>> +++ b/include/linux/socket.h
>>> @@ -386,6 +386,7 @@ struct ucred {
>>> #define SOL_MCTP 285
>>> #define SOL_SMC 286
>>> #define SOL_VSOCK 287
>>> +#define SOL_QUIC 288
>>>
>>> /* IPX options */
>>> #define IPX_TYPE 1
>>> diff --git a/include/uapi/linux/in.h b/include/uapi/linux/in.h
>>> index ced0fc3c3aa5..34becd90d3a6 100644
>>> --- a/include/uapi/linux/in.h
>>> +++ b/include/uapi/linux/in.h
>>> @@ -85,6 +85,8 @@ enum {
>>> #define IPPROTO_RAW IPPROTO_RAW
>>> IPPROTO_SMC = 256, /* Shared Memory Communications */
>>> #define IPPROTO_SMC IPPROTO_SMC
>>> + IPPROTO_QUIC = 261, /* A UDP-Based Multiplexed and Secure Transport */
>>> +#define IPPROTO_QUIC IPPROTO_QUIC
>>> IPPROTO_MPTCP = 262, /* Multipath TCP connection */
>>> #define IPPROTO_MPTCP IPPROTO_MPTCP
>>> IPPROTO_MAX
>>
>> Can these constants be accepted, soon?
>>
>> Samba 4.23.0 to be released early September will ship userspace code to
>> use them. It would be good to have them correct when kernel's start to
>> support this...
> I'd like to test ksmbd with smbclient of samba, which includes quic support.
> Which Samba branch should I use? How do I enable quic in Samba?
> Do I need to update smb.conf?
With master or 4.23 the simplest way would be
smbclient //ksmbd-server/share \
-Uuser%Passw0rd \
--option='client smb transports = quic' \
--option='tls verify peer = no_check' \
-I 10.0.0.1
Note it only works with a name in the unc otherwise
quic can't work.
For development you may want to use
SSLKEYLOGFILE=/dev/shm/sslkeylogfile.txt smbclient ...
And point wireshark to /dev/shm/sslkeylogfile.txt with
wireshark -o tls.keylog_file:/dev/shm/sslkeylogfile.txt
Or you merge it into a pcapng file like this:
editcap --inject-secrets tls,/dev/shm/sslkeylogfile.txt capture.pcap.gz capture.pcapng.gz
Then 'wireshark capture.pcapng.gz' will have everything to decrypt.
metze
Powered by blists - more mailing lists