[Bug 247090] New: Konqueror and Nautilus lock up accessing CIFS mounts
https://bugzilla.novell.com/show_bug.cgi?id=247090 Summary: Konqueror and Nautilus lock up accessing CIFS mounts Product: openSUSE 10.2 Version: Final Platform: i586 OS/Version: Other Status: NEW Severity: Critical Priority: P5 - None Component: KDE AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: jrobiso2@ford.com QAContact: qa@suse.de I've tried 3 ways from Sunday, and no matter what I do to the Konqueror configs, etc., konqueror locks up whenever I try and access a cifs mounted directory with it. I tried nautilus (within KDE) and it locked up too. ps aux shows konqueror and kio_file. I have to kill both to end the misery. This is just another reason to go back to smbfs, at least for me. I could care less if it isn't maintained. IT WORKS. openSuSE isn't meant for corporate clients that you have to support, anyhow, so just include smbfs support along with the cifs support. You can leave it out of SLED and SLES if you don't want to support it. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 chrubis@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team- |samba-maintainers@SuSE.de |screening@forge.provo.novell| |.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #1 from jrobiso2@ford.com 2007-02-23 10:48 MST ------- I meant include smbfs support in the kernel, not like "customer support". -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #2 from jrobiso2@ford.com 2007-02-23 10:50 MST ------- What I did was install the previous smb-client package from before its update, then copied smbmount, smbmnt, and smbumount to /usr/local/bin. Then I went ahead and redid the update. Add a few symbolic links, chmod a+s on smbmnt and smbumount, and it works great. So maybe a small rpm with the smbmount. smbmnt, and smbumount, along with the scripting to make the links? Clearly mark it unsupported, etc. but it would certainly help a lot of us. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #3 from jrobiso2@ford.com 2007-05-22 11:59 MST ------- This is still not fixed. What's up with this? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #4 from jrobiso2@ford.com 2007-05-30 09:18 MST ------- Here are the syslog entries from a couple of attempts to use Konq after manually mounting the share: (Domain names and passwords have been changed to protect the innocent). May 30 10:16:41 Jons sudo: jrobiso2 : TTY=pts/1 ; PWD=/home/jrobiso2 ; USER=root ; COMMAND=/bin/mount -t cifs //sic9010201/jrobiso2 $ /home/jrobiso2/Y --verbose -o user=mydomain/jrobiso2%mypassword,uid=jrobiso2,gid=100,rw,soft May 30 10:17:15 Jons kernel: CIFS VFS: RFC1001 size 135 bigger than SMB for Mid=16 May 30 10:17:15 Jons kernel: Bad SMB: : dump of 48 bytes of data at 0xf4c57040 May 30 10:17:15 Jons kernel: 00000087 424d53ff 000000a2 c0018000 . . . . 377 S M B 242 . . . . . . 300 May 30 10:17:15 Jons kernel: 00000000 00000000 00000000 16f1003f . . . . . . . . . . . ? . 361 . May 30 10:17:15 Jons kernel: 0010003f 0000ff2a 003f0100 00000001 ? . . . * 377 . . . ? . . . . . May 30 10:18:11 Jons kernel: CIFS VFS: server not responding May 30 10:18:11 Jons kernel: CIFS VFS: No response for cmd 162 mid 16 May 30 10:18:35 Jons sudo: jrobiso2 : TTY=pts/1 ; PWD=/home/jrobiso2 ; USER=root ; COMMAND=/bin/umount /home/jrobiso2/Y May 30 10:18:50 Jons sudo: jrobiso2 : TTY=pts/1 ; PWD=/home/jrobiso2 ; USER=root ; COMMAND=/bin/mount -t cifs //sic9010201/jrobiso2 $ /home/jrobiso2/Y --verbose -o user=mydomain/jrobiso2%mypassword,uid=jrobiso2,gid=100,rw,soft,noperm May 30 10:19:34 Jons kernel: CIFS VFS: RFC1001 size 135 bigger than SMB for Mid=18 May 30 10:19:34 Jons kernel: Bad SMB: : dump of 48 bytes of data at 0xf4c573c0 May 30 10:19:34 Jons kernel: 00000087 424d53ff 000000a2 c0018000 . . . . 377 S M B 242 . . . . . . 300 May 30 10:19:34 Jons kernel: 00000000 00000000 00000000 1a00003f . . . . . . . . . . . ? . . . May 30 10:19:34 Jons kernel: 0012003f 0000ff2a 003f0100 00000001 ? . . . * 377 . . . ? . . . . . May 30 10:20:34 Jons sudo: jrobiso2 : TTY=pts/1 ; PWD=/home/jrobiso2 ; USER=root ; COMMAND=/bin/kill -9 6656 May 30 10:21:01 Jons sudo: jrobiso2 : TTY=pts/1 ; PWD=/home/jrobiso2 ; USER=root ; COMMAND=/bin/kill -9 6656 May 30 10:21:08 Jons sudo: jrobiso2 : TTY=pts/1 ; PWD=/home/jrobiso2 ; USER=root ; COMMAND=/bin/umount /home/jrobiso2/Y May 30 10:21:21 Jons kernel: CIFS VFS: RFC1001 size 135 bigger than SMB for Mid=200 May 30 10:21:21 Jons kernel: Bad SMB: : dump of 48 bytes of data at 0xf4c57580 May 30 10:21:21 Jons kernel: 00000087 424d53ff 000000a2 c0018000 . . . . 377 S M B 242 . . . . . . 300 May 30 10:21:21 Jons kernel: 00000000 00000000 00000000 17a3003f . . . . . . . . . . . ? . 243 . May 30 10:21:21 Jons kernel: 00c8003f 0000ff2a 00400100 00000001 ? . 310 . * 377 . . . . @ . . . . . May 30 10:21:24 Jons sudo: jrobiso2 : TTY=pts/1 ; PWD=/home/jrobiso2 ; USER=root ; COMMAND=/bin/umount /home/jrobiso2/Y May 30 10:21:42 Jons sudo: jrobiso2 : TTY=pts/1 ; PWD=/home/jrobiso2 ; USER=root ; COMMAND=/usr/bin/less /var/log/messages Hmmmmmmm "CIFS VFS: RFC1001 size 135 bigger than SMB for Mid=16" sounds strange. The "kill" commands are there to kill the kio processes associated with konqueror after it locks up. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #5 from jrobiso2@ford.com 2007-05-30 09:19 MST ------- Also, the share server is an EMC NAS. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 anschneider@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |jrobiso2@ford.com ------- Comment #6 from anschneider@novell.com 2007-06-04 03:55 MST ------- I'm not able to reproduce this bug. I've mounted a share from a Windows Server 2003 Small Business Edition with CIFS. Everything works just fine. Describe how to reproduce this bug as exact as possible. Add version of your SUSE installation, cifs packages etc. The same for the server. If it is a Samba server please attach your configurations. http://www.suse.de/~sh/Bugreporting-faq/index.html -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #7 from jrobiso2@ford.com 2007-06-04 07:28 MST ------- Over the weekend I was able to get onto a couple of other networks and play around with their Windows mounts. CIFS and SMBFS both did fine. Looks like this is an issue with EMC NAS systems, rather than CIFS itself. Should we close this and open one for EMC NAS', or just continue this one? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 anschneider@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Info Provider|jrobiso2@ford.com |sfrench@us.ibm.com Summary|Konqueror and Nautilus lock |Konqueror and Nautilus lock up accessing CIFS |up accessing CIFS mounts |mounts on EMC NAS systems ------- Comment #8 from anschneider@novell.com 2007-06-05 03:17 MST ------- Steve: I've roughly checked the CHANGES file of the CIFS kernel module and didn't find any reference to EMC. The Samba buzilla is currently down. Could you comment on this? Thanks. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #9 from sfrench@us.ibm.com 2007-06-05 10:24 MST ------- Based on the log mismatch it looks like another case of a possible server bug (length mismatch). We have to be careful with these because a length mismatch could indicate security problems not just a server bug. We have seen a couple of less important examples of this with other servers (but not on NTCreateX as apparently we see here with the EMC server). The reason some other clients work is probably because they are not properly checking for potential buffer overruns. The Linux CIFS client was able to relax the length checks in a few cases. A patch went in to mainline on Oct 12 (patch d103e164bee2f21d0efe7d713cbbb0a443ba480d) that relaxed the length checks on a few cases that seemed safe (and also worked around a bug we saw in one server which caused slow unmount due to an invalid ulogoffX e.g.). Do you have this patch in this version of OpenSuSE (not sure what the cifs version is that they are running)? http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdif... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 sfrench@us.ibm.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|sfrench@us.ibm.com | ------- Comment #10 from sfrench@us.ibm.com 2007-06-05 10:26 MST ------- We tested the Linux CIFS client against EMC last year at at least one of the network interoperability events, and found a few (server) bugs which we mentioned to their developers but I don't remember seeing the problem that this customer described. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #11 from sfrench@us.ibm.com 2007-06-05 10:33 MST ------- It would be helpful to get a wireshark (ethereal) trace of this problem (it is easier to read network traces formatted in wireshark than it is to decode by hand the smb dumped in dmesg). Also if you are seeing a process hung on the client in the cifs module - could you get the stack trace ("echo t > /proc/sysrq-trigger") presumably it is hung in Open (due to the invalid NTCreateX response). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #12 from sfrench@us.ibm.com 2007-06-05 10:43 MST ------- If this turns out to be a malformed SMB response as we expect, let me know the EMC bug number so we can include that in our documentation. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #13 from anschneider@novell.com 2007-06-06 03:06 MST ------- The patch which is linked in comment #9 is applied in the latest Kernel (2.6.18.8-0.3) of openSUSE 10.2. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 anschneider@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |jrobiso2@ford.com ------- Comment #14 from anschneider@novell.com 2007-06-06 03:14 MST ------- Jonathon: Could you please reproduce the bug and capture the packets with wireshark. Attach the dump to the bug. If you need assistance, let me know. Thanks. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 jrobiso2@ford.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|jrobiso2@ford.com | ------- Comment #15 from jrobiso2@ford.com 2007-06-06 08:33 MST ------- Attached is the wireshark log, filtered for comms between myself and the EMC server. Please note that the first 3 entries occurred BEFORE I clicked the "Y" drive icon in Konqueror. Not sure what was going on, since only the one cifs mount existed at the time. Here is what I did to re-create the konqueror failure: 1. Login to KDE 2. Unmount the pam_mount mounted smbfs filesystems 3. sudo mount -t cifs //sic9010201/jrobiso2$ /home/jrobiso2/Y -o username=jrobiso2,password=MYPASS,workgroup=MYWKGRP,uid=jrobiso2,gid=users (the uid and gid were needed to ensure the user jrobiso2 had rw access to the mount) 4. Open konqueror using the KDE panel icon. 5. started wireshark (sudo) and set the filter in "options". 6. started wireshark monitoring 7. Clicked on the "Y" directory icon in konqueror. Note that while I appear to have access via terminal window, attempts to vi a plain text file fail, locking up vi too. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #16 from jrobiso2@ford.com 2007-06-06 08:35 MST ------- Created an attachment (id=144491) --> (https://bugzilla.novell.com/attachment.cgi?id=144491&action=view) Wireshark traps during konqueror crash -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 anschneider@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |sfrench@us.ibm.com ------- Comment #17 from anschneider@novell.com 2007-06-06 09:00 MST ------- Steve: Jonathon attached a wireshark dump. Could you please take a look at the dump. Thanks. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #18 from sfrench@us.ibm.com 2007-06-06 12:34 MST ------- clear server bug, 32 invalid bytes of junk follow a bcc (size of data area) of zero, not certain whether it is harmless or could pose a security risk if we allow arbitrary junk beyond to follow bcc. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #19 from sfrench@us.ibm.com 2007-06-06 12:39 MST ------- Created an attachment (id=144562) --> (https://bugzilla.novell.com/attachment.cgi?id=144562&action=view) screenshot of malformed server response See attached screenshot - server sent 32 bytes of junk follow the bcc (size of data area, highlighted) in frame 18 (SMB NTCreateX response). This may be too small to carry the payload for virus or pose security risk (which may be why other clients ignore that this frame is malformed) so not clear whether workaround is appropriate. Please let us know if EMC has already fixed the bug in their server. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #20 from sfrench@us.ibm.com 2007-06-06 12:41 MST ------- Any idea where the vi process is blocked ... presumably in cifs SendReceive ("echo t > /proc/sysrq-trigger"). We should certainly recover from this better on the client - even if we choose to continue to ignore the bad response. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #21 from sfrench@us.ibm.com 2007-06-06 12:52 MST ------- One thing that I don't understand is that looking at the function checkSMB in fs/cifs/misc.c, the cifs client allows a malformed response which as long as it claims to be only up to 512 bytes too long (presumably this is too small to be dangerous and the worst case we had found was a similar server bug on a Windows QueryPathInfo error response). Can you attach your version of checkSMB in this build? (or the whole fs/cifs/misc.c)? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #22 from anschneider@novell.com 2007-06-06 13:19 MST ------- Created an attachment (id=144568) --> (https://bugzilla.novell.com/attachment.cgi?id=144568&action=view) CIFS misc.c from openSUSE kernel-source-2.6.18.8-0.3 Here is the complete misc.c from the current openSUSE kernel. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #23 from sfrench@us.ibm.com 2007-06-06 14:05 MST ------- could you please enable debugging just before the failure (and turn off right after the failure). echo 7 > /proc/fs/cifs/cifsFYI and to turn tracing off echo 0 > /proc/fs/cifs/cifsFYI There is a trace point (disabled by default) just before the "CIFS VFS: RFC1001 size 135 bigger than SMB for MID ..." line which I would like to see since it looks like it should work. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 anschneider@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Info Provider|sfrench@us.ibm.com |jrobiso2@ford.com ------- Comment #24 from anschneider@novell.com 2007-06-06 14:22 MST ------- Jonathon: Could you please reproduce the problem again. Enable the debugging described in comment #23 and attach the syslog output again. Thanks. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 jrobiso2@ford.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW Info Provider|jrobiso2@ford.com | ------- Comment #25 from jrobiso2@ford.com 2007-06-07 04:51 MST ------- Small problem: syslog (/var/log/messages) got nothing. So I unmounted the cifs and remounted them. Only did the konq failure thing during the first mount. Still empty /var/log/messages. Then I tried dmesg. LOTS of stuff there! Then I check again, and /var/log/messages is full! So I'll attach that here. Note that just before the RFC1001 complaint is: fs/cifs/misc.c: Calculated size 19835 vs length 139 mismatch for mid 181 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #26 from jrobiso2@ford.com 2007-06-07 04:53 MST ------- Created an attachment (id=144723) --> (https://bugzilla.novell.com/attachment.cgi?id=144723&action=view) /var/log/messages full of cifs stuff -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 anschneider@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |sfrench@us.ibm.com ------- Comment #27 from anschneider@novell.com 2007-06-08 02:05 MST ------- Steve: Jonathon attached the requested logs. Does this help? Thanks. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #28 from sfrench@us.ibm.com 2007-06-08 14:09 MST ------- OK - this makes sense now and shows multiple server bugs in one frame (see frame 18) not just one server bug. a) The frame length is 139 (135 not counting the RFC1001 length field itself) while the frame length should be 107 for an SMB NTCreateX (open) response. b) The wct (size of parameter area) is 0x2A but should be 0x22 c) the bcc is either in the wrong place or unitialized (the length of the data area is over 18,000 bytes but should be zero). If the wct were correct (0x22) then the bcc would be zero and there would be 32 bytes of junk sent at the end of the frame (which is incorrect, but probably harmless), but since wct is incorrect the bcc is huge (probably unitialized) and followed by a small amount of junk. While it is possible to parse such a frame by hand guessing what the server was trying to do - allowing frames to copy beyond the end of the buffer could be a security exposure. If you can let us know a reference number for the EMC bug, I can put a note about this in the cifs documentation so we can alert customers to apply the security fix to their server. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #29 from sfrench@us.ibm.com 2007-06-08 14:51 MST ------- Not sure if this information will help EMC or not - but they appear to be mishandling the "EXTENDED_RESPONSE_REQUIRED" flag on the NTCreateX request (this flag is not set - when it is not set the wct is 0x22, when it is set the wct is 0x2A and of course they also misinitialize the size of the data area - ie the bcc field in the frame) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #31 from jrobiso2@ford.com 2007-06-11 08:54 MST ------- I wanted to thank everyone for jumping onto this. I know I can't be the only one who uses EMC stuff, or they wouldn't be in business. Most of our Linux servers are running SLES 9, so they are still using smbfs. Does SLES 10 use CIFS? If so, plan on a huge problem with your corporate clients soon! Since we are usually 6 months or more behind any non-security updates, I figure that even if EMC does fix this problem, I won't see it on my NAS for about a year from now. So for the forseeable future, I'll have to stick with smbfs. And that leads back to an original argument - should we be making an rpm available for folks who need old-fashioned smbfs connectivity and cannot move to cifs yet? I can make an attempt at it (it wouldn't be very pretty) but whereas I might spend a 30 hours getting it just right, one of you experts would spend 10 minutes. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #32 from sfrench@us.ibm.com 2007-06-11 23:35 MST ------- I can trivially change cifs to request the "EXTENDED_RESPONSE_REQUIRED" on NTCreateX and there is a chance the server would then handle bcc correctly since it is common for the newer Windows clients to turn that flag on. The problem is finding a logical way to turn that on. The basic question I am wrestling with is do we really want to weaken packet validity checks just because some other clients don't check response packets carefully (I would actually like to check response packets more strictly with the security focus)? If there is another way to approach this with a client workaround, let's consider it even if I am uncomfortable with the other approaches that come to mind ... ie mount options that would selectively ignore length checks/potential buffer overruns - or perhaps a mount option that would ignore the bcc (length of the data area) on particular SMBs (in this case SMB NTCreateX). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #33 from sfrench@us.ibm.com 2007-06-11 23:38 MST ------- Created an attachment (id=145452) --> (https://bugzilla.novell.com/attachment.cgi?id=145452&action=view) patch to request extended info on NTCreateX - possible workaround Would you let me know if this patch helps workaround the bug (it is possible that the server will still set the wrong length field - but it is worth a try) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 coolo@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Component|KDE |Kernel -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090 ------- Comment #34 from jrobiso2@ford.com 2007-06-12 07:43 MST ------- I don't have the sources installed, etc. I would need to install them (and their deps) to install this patch. I'll give it try later today. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=247090#c35
Rob van Schaik
https://bugzilla.novell.com/show_bug.cgi?id=247090#c36
--- Comment #36 from Steve French
https://bugzilla.novell.com/show_bug.cgi?id=247090#c37
Wayne Berthiaume
https://bugzilla.novell.com/show_bug.cgi?id=247090#c38
--- Comment #38 from Wayne Berthiaume
https://bugzilla.novell.com/show_bug.cgi?id=247090#c39
--- Comment #39 from Jonathon Robison
https://bugzilla.novell.com/show_bug.cgi?id=247090#c40
Wayne Berthiaume
https://bugzilla.novell.com/show_bug.cgi?id=247090#c41
--- Comment #41 from Wayne Berthiaume
participants (1)
-
bugzilla_noreply@novell.com