From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from wp530.webpack.hosteurope.de (wp530.webpack.hosteurope.de [80.237.130.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 75DF9815 for ; Fri, 4 Mar 2022 06:43:30 +0000 (UTC) Received: from ip4d144895.dynamic.kabel-deutschland.de ([77.20.72.149] helo=[192.168.66.200]); authenticated by wp530.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) id 1nQ1ey-0006TW-E5; Fri, 04 Mar 2022 07:43:28 +0100 Message-ID: Date: Fri, 4 Mar 2022 07:43:27 +0100 Precedence: bulk X-Mailing-List: regressions@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Subject: Re: Possible regression: unable to mount CIFS 1.0 shares from older machines since 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c Content-Language: en-US To: Steve French , Linus Torvalds Cc: Davyd McColl , ronnie sahlberg , CIFS , LKML , "regressions@lists.linux.dev" References: From: Thorsten Leemhuis In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-bounce-key: webpack.hosteurope.de;regressions@leemhuis.info;1646376210;1defcfb9; X-HE-SMSGID: 1nQ1ey-0006TW-E5 On 03.03.22 02:27, Steve French wrote: > We have been looking to see if we could setup some VMs for something > that old, and we are willing to test against it if it could > realistically be setup, but it has been harder than expected. Ronnie > had some ideas and we are willing to experiment more but realistically > it is very hard to deal with 'legacy museum style' unless we have some > VMs available for old systems. > > Feel free to contact Ronnie and me or Shyam etc (offline if easier) if > you have ideas on how to setup something like this. We don't want to > be encouraging SMB1, but certainly not NTLMv1 auth with SMB1 given its > security weaknesses (especially given the particular uses hackers have > made of 25+ year old NTLMv1 weaknesses). Linus, Steve, thx for your option on this. I not sure if "museum style equipment" really applies here, as the hardware seems to be sold in 2013/2014 and according to the reporter even got a update in 2016. But whatever, yes, it's niche thing and what the hw manufacturer did there was a bad idea. Anyway, I'll stop tracking this then. #regzbot invalid: to niche/risky/old, see Linus and Steve's messages for details > On Wed, Mar 2, 2022 at 6:51 PM Linus Torvalds > wrote: >> >> On Tue, Mar 1, 2022 at 10:58 PM Thorsten Leemhuis >> wrote: >>> >>> Thx for the update. I pointed Linus towards this thread two times now, >>> but he didn't comment on it afaics. CCing him now, maybe that will to >>> the trick. >> >> So I have to admit that I think it's a 20+ year old legacy and >> insecure protocol that nobody should be using. >> >> When the maintainer can't really even test it, and it really has been >> deprecated that long, I get the feeling that somebody who wants it to >> be maintained will need to do that job himself. >> >> This seems to be a _very_ niche thing, possibly legacy museum style >> equipment, and maybe using an older kernel ends up being the answer if >> nobody steps up and maintains it as an external patch. >> >> Linus > > >