linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Carsten Langer <carsten.langer@gmx.de>
To: Steve French <smfrench@gmail.com>,
	Thorsten Leemhuis <regressions@leemhuis.info>
Cc: Davyd McColl <davydm@gmail.com>,
	"lsahlber@redhat.com" <lsahlber@redhat.com>,
	"stfrench@microsoft.com" <stfrench@microsoft.com>,
	"linux-cifs@vger.kernel.org" <linux-cifs@vger.kernel.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"regressions@lists.linux.dev" <regressions@lists.linux.dev>
Subject: Re: Possible regression: unable to mount CIFS 1.0 shares from older machines since 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c
Date: Fri, 14 Oct 2022 21:58:06 +0200	[thread overview]
Message-ID: <0259a530-32af-f6be-b2e5-fcfbda80a052@gmx.de> (raw)
In-Reply-To: <CAH2r5mtE-EjNbF3OhCLmbGQFMbJgRZphQHS+hHLBiWRJPEBqKA@mail.gmail.com>

 > We have been looking to see if we could setup some VMs for something
 > that old, and we are willing to test against it if it could
 > realistically be setup, but it has been harder than expected. Ronnie
 > had some ideas and we are willing to experiment more but realistically
 > it is very hard to deal with 'legacy museum style' unless we have some
 > VMs available for old systems.
 >
 > Feel free to contact Ronnie and me or Shyam etc (offline if easier) if
 > you have ideas on how to setup something like this.   We don't want to
 > be encouraging SMB1, but certainly not NTLMv1 auth with SMB1 given its
 > security weaknesses (especially given the particular uses hackers have
 > made of 25+ year old NTLMv1 weaknesses).

I would be willing to try to set up a VM for testing.

The issue was further discussed in
https://bugzilla.kernel.org/show_bug.cgi?id=215375
I think we could split the topic. The part important for me and others
affected
by this bug is that this regression introduced a protocol violation of
the SMB1
protocol, even for the case where users want to use SMB1 in guest mode,
i.e. without any authentication. At least in this case IMHO we do not need
to discuss NTLMv1 etc., but just make sure that the SMB1 protocol is
again correctly
followed for the case that no user/password is needed. That is what the
proposed patch is
about.

Thus my idea would be to set up an old-enough Samba server providing the
SMB1 protocol
(just) for guest mode, without user/password. If I could then prove that
without patch
the error against that VM occurs and with the patch it works fine, would
that be enough?

But I wonder what you understand by VM? A VirtualBox OVA file? Vmware?
Some Dockerfile
to create an image?
And as this will be a test against a simulated server in a network, are
there standard
requirements how the network is set up between test system and the VM?

- Carsten

  reply	other threads:[~2022-10-14 19:58 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <D58238A4-F04E-458E-AB05-4A74235B2C65@getmailspring.com>
2022-01-10 12:15 ` Possible regression: unable to mount CIFS 1.0 shares from older machines since 76a3c92ec9e0668e4cd0e9ff1782eb68f61a179c Thorsten Leemhuis
2022-01-11  3:16   ` Steve French
2022-10-14 19:58     ` Carsten Langer [this message]
2022-01-10  6:06 Davyd McColl
2022-01-10 14:11 ` Thorsten Leemhuis
2022-01-10 17:31 ` Steve French
2022-01-10 20:30   ` Davyd McColl
2022-01-10 22:13     ` Steve French
2022-01-11  6:45       ` Davyd McColl
2022-01-11 21:51         ` Steve French
2022-01-11 23:26           ` Steve French
2022-01-12  2:32         ` ronnie sahlberg
2022-01-12  5:49           ` Davyd McColl
2022-01-28 13:30             ` Thorsten Leemhuis
2022-01-28 13:39               ` Davyd McColl
2022-01-28 13:50               ` ronnie sahlberg
2022-01-28 14:02                 ` Thorsten Leemhuis
2022-01-28 14:23                   ` ronnie sahlberg
2022-02-18 13:30                   ` Davyd McColl
2022-03-02  6:58                     ` Thorsten Leemhuis
2022-03-02 17:28                       ` Davyd McColl
2022-03-03  0:50                       ` Linus Torvalds
2022-03-03  1:27                         ` Steve French
2022-03-04  6:43                           ` Thorsten Leemhuis
2022-07-27 20:04                         ` Clemens Leu
2022-07-28  2:27                           ` Steve French

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=0259a530-32af-f6be-b2e5-fcfbda80a052@gmx.de \
    --to=carsten.langer@gmx.de \
    --cc=davydm@gmail.com \
    --cc=linux-cifs@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lsahlber@redhat.com \
    --cc=regressions@leemhuis.info \
    --cc=regressions@lists.linux.dev \
    --cc=smfrench@gmail.com \
    --cc=stfrench@microsoft.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).