From owner-freebsd-arch@freebsd.org Tue Nov 27 16:56:06 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1A13E1153FC1 for ; Tue, 27 Nov 2018 16:56:06 +0000 (UTC) (envelope-from yuripv@yuripv.net) Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5E848863B6; Tue, 27 Nov 2018 16:56:05 +0000 (UTC) (envelope-from yuripv@yuripv.net) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 3FF2321D23; Tue, 27 Nov 2018 11:56:04 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Tue, 27 Nov 2018 11:56:04 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yuripv.net; h= subject:to:cc:references:from:message-id:date:mime-version :in-reply-to:content-type; s=fm3; bh=RzKvHCAxIsrgZGT54healUQR7P/ PI+BBRbDhB9RS2bY=; b=pnFMyvGJxuOgKYrMIerXYS6BRJ57K7k31FXeuWGMe3H Szjd2XqYN/127Khd5+BzqsOlVMjwV9OoaeTs9GPy/EFo3dDOiL07UXhy3ZbsVtab +y5BHPo/gik2n7tUEmCFD2lf3LSd51rideGxwJrhOK6OvKZOYh1PC+KcJ/xUArC/ HLVYMgHhV7F8ZuzeAbssNq84t0wPEhoLJYM7pLJ3pQ0Dk0XxWJRtP3SKZPBSFIEd 2gekZv0y1/ucw3abJdguXJDUtMhXZhKfKy20AqIAMP63utOBY4jCBQ5s1d0U7nvM P7HaJcrfLXyvzknKVXAI1NfqhvAWinaNUtjuRvctxRw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=RzKvHC AxIsrgZGT54healUQR7P/PI+BBRbDhB9RS2bY=; b=jgTwQT+fuh2rj6qN2944Os 28cwmCE6abocGWlBQGKVWySjDUjreIquuUwVFlV2RtUII34eESskbyTjnxcZ79zy mNwO8LMDbPfc3CCulUj3Ubpv6OGvpQCZ3SzOGnBZ0LJNggJQZ3NTYMN+GwFLlj5Z p+iq7vxTM/puvAYssEJos0oFoNhOgX1LlI4QnVHDa3CLkXvI3utfIxQf/pPNrJog PRCR/71jKxHKJ4DJqF8ErxRcjKxt3XxZslaXduyJqLdwbA5fFcDPUizXCgSguiGN uIKdc0SgaJdr1a8TI/Wjtai7sgDB6EJAFhepWYI9UjBk/o3E64cO8LudBpiKKUSg == X-ME-Sender: X-ME-Proxy: Received: from thor.yuripv.net (unknown [62.183.125.159]) by mail.messagingengine.com (Postfix) with ESMTPA id C703A102F3; Tue, 27 Nov 2018 11:56:02 -0500 (EST) Subject: Re: Removal or updating of "mount_smbfs" from FreeBSD operating system To: Edward Napierala , gerard@seibercom.net Cc: freebsd-arch@freebsd.org References: <20181126121926.00007626@seibercom.net> From: Yuri Pankov Openpgp: preference=signencrypt Autocrypt: addr=yuripv@yuripv.net; keydata= xsBNBFu8u6IBCADB11gP0QwnorrHjqAtKLHKHNHskhy0s7jqJKfx0YqXgVBKGLJ9/mjLAz0F CBNvemHSDDTs0mEZ9cBKKi6cmsav6+UQgr//yai6hvXLBJqKchSFO4MhmdvBtsGFq1yKz5Zi uhjmimKyIpgBgvMdbgGbGq6cnSB2uEPmZuJr419SVRODOkXukU+F5WHgaHzDdHAIu1asCt2B +6msxqIqlFWcXyZyTGicTGGvC/PFIsVRUtD1dIJANTC876g7DTb7LZXWiWwJpSJ4GKMXMHVX Ct9BoQ4i3nhKbOxb6Io1wsy+NFyWsTJ9KYrxKKPJP3oG8BWb/cqlFqnE4eNSsiq2q7krABEB AAHNH1l1cmkgUGFua292IDx5dXJpcHZAeXVyaXB2Lm5ldD7CwJcEEwEIAEECGwMFCQWjmoAF CwkIBwMFFQoJCAsFFgMCAQACHgECF4AWIQT4arc+w94tPi0v/3CTi+B/sSrhbAUCW708wAIZ AQAKCRCTi+B/sSrhbPxBB/961alcU091O+yKT5/oReHVc/PX0Tz4sW3V44AcgLfYlrZavCro EFz90qmCrl0xqEwuAKcC4bjmL8SjPWAhSN6IH9nxdw+HeZnAPiHm/q679Bu47+nHBl3qD/9p +t1PkKeKZfaWToFMt1nq06ytSu6VLMCwLdlDNe6DReX0ex/afEqKsuaIZSKL4UYjRwklp8PU Uf98QkrfapyHB67hQMzfI4tPeJaYyv0cTgfq3kUWJx1V6Xi0b6Zxj4ZrB2TXvaMO5g7yhU9E E3WWAvoe4FgB3a7dHe8atnHhq5+Cuvm6+LD4Jh7jvMAE5UMN+xxQpnGpNghHjaCy4vXrLRBZ nhRYzsBNBFu8u6IBCADKih3Q933rDNj4ZA8FhBQ2RlmBgvwOLcDPIL3h0V7h38y3+HisgFSc XACDsdrTlYZ1bRXkD9FHENynBcv0l/3uGJDk8jaGIDE0TP8OQBRp+IaU9/BHnAqrKxTJGIol Dahy2m+yx2yhdc6B4ujWMDqCF1rWOD+ymOWw+VLllOkrHcZa5PJtX9UOGbApZl8ZTM8El4CA NN8F1bg9MWzUi+8LYoGWGc+BwsFS1OUB1c4SPgMu5fD4Wfsr9yRl06fdpEA2YT7B/j5/5RSC 0sE2Zs/tmJ/JRflHJ12ycj59ma2xQMfEJF40hZDpMFQmZvbVqgEg3ocQcltjbxlIKZ/mjC4z ABEBAAHCwHwEGAEKACYWIQT4arc+w94tPi0v/3CTi+B/sSrhbAUCW7y7ogIbDAUJBaOagAAK CRCTi+B/sSrhbIDcCACqAZMcoxUBLZa40a5b24j5i1jplvCYYb3h+Q5lt5+BFJ87kCb4dJuU D3kh2i29BrxWQWa9WNue9ozxeYkbkfXubQYXexVolRsnh64OdGsE8KvorBFBB3zdK/GRt2Jy +jsnTfUWuQllbzMP0MfhCDMk1Mo8WvDH2/cOEP/yLKf20a+cd6nLs7bidjmGXo9pyuBKAtV6 Kv+VRu54AL+A/UBYu/eB3Dtvzcnut+1Zq6KaP++kUwPwINLIk04OBDwN0zRNTiqMAFYYyz2v ZHBB6E1th/l//ZC5b9Dk0ZpFI1bYdL9ymnrZe1MqbGPnDCToQxu00T/pZCm6Z92YrZQYuNwl Message-ID: Date: Tue, 27 Nov 2018 19:55:54 +0300 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.3.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="UrapcRYepkm2apszBDy6aYULFTj49EYBM" X-Rspamd-Queue-Id: 5E848863B6 X-Spamd-Result: default: False [-9.29 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[yuripv.net,messagingengine.com]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.28]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; HAS_ATTACHMENT(0.00)[]; MIME_GOOD(-0.20)[multipart/signed,multipart/mixed,text/plain]; DMARC_NA(0.00)[yuripv.net]; TO_DN_SOME(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[cached: in2-smtp.messagingengine.com]; DKIM_TRACE(0.00)[yuripv.net:+,messagingengine.com:+]; NEURAL_HAM_SHORT(-0.99)[-0.990,0]; SIGNED_PGP(-2.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[28.4.111.66.list.dnswl.org : 127.0.5.1]; RECEIVED_SPAMHAUS_PBL(0.00)[159.125.183.62.zen.spamhaus.org : 127.0.0.11]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:11403, ipnet:66.111.4.0/24, country:US]; MID_RHS_MATCH_FROM(0.00)[]; IP_SCORE(-3.59)[ip: (-9.37), ipnet: 66.111.4.0/24(-4.63), asn: 11403(-3.88), country: US(-0.09)]; FROM_EQ_ENVFROM(0.00)[] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Nov 2018 16:56:06 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --UrapcRYepkm2apszBDy6aYULFTj49EYBM Content-Type: multipart/mixed; boundary="sQAUzOE4SlYgHLLERgfzsw0iWeAEuoR7p"; protected-headers="v1" From: Yuri Pankov To: Edward Napierala , gerard@seibercom.net Cc: freebsd-arch@freebsd.org Message-ID: Subject: Re: Removal or updating of "mount_smbfs" from FreeBSD operating system References: <20181126121926.00007626@seibercom.net> In-Reply-To: --sQAUzOE4SlYgHLLERgfzsw0iWeAEuoR7p Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable Edward Napierala wrote: > pon., 26 lis 2018 o 17:20 Gerard Seibert napisa=C5= =82(a): >> >> TO WHOM IT MAY CONCERN >> >> The =E2=80=9CSMBv1=E2=80=9D protocol is a security hazard and was depr= eciated by Microsoft in >> 2014. There is virtually no use for it anymore. >> >> The =E2=80=9Cmount_smbfs=E2=80=9D utility in FreeBSD only uses that pr= otocol, which results >> in making it useless with newer versions of Microsoft=E2=80=99s operat= ing systems, as >> well as other OS=E2=80=99s that have depreciated the use of SMBv1. >> >> I would like to suggest that FreeBSD do one of the following: >> >> 1) Remove =E2=80=9Cmount_smbfs=E2=80=9D from FreeBSD. This would proba= bly be in versions 12.1 >> or 13. It is perhaps too late to get into FreeBSD 12. >> >> 2) Update =E2=80=9Cmount_smbfs=E2=80=9D so that it is compatible with = versions SMBv3 and >> greater. While "SMBv2" is not dead, it is definitely comatose. This wo= uld be a >> better idea if someone had the time to do it. >=20 > FWIW, I believe SMBv3 is just a set of (largely optional) extensions to= SMBv2, > not an entirely different protocol, like SMBv1 is. Which means, any ve= rsion > that supports v3 is likely to also handle v2. >=20 > There seems to be existing, working code in Nexenta, which is being > upstreamed to Illumos: >=20 > https://www.illumos.org/issues/9735 > https://github.com/illumos/illumos-gate/pull/37 >=20 > Their implementation descends from the one we have in base (and the one= > from OSX, which also descends from FreeBSD), so it should be possible t= o > merge it. Yes, we have it working and tested pretty well. And that's exactly the reason I was asking if there's work in progress for smb2/3 client or not before even starting looking into porting the code. The problem here is that the code has grown library dependencies which are CDDL-licensed, which aren't easy to break (if at all), so if ported, it will be covered by WITHOUT_CDDL; hopefully that's acceptable. It's possible that Nexenta-authored code could be relicensed under BSDL (I'll have to ask, we already have a precedent with localedef), but sadly that doesn't cover everything. --sQAUzOE4SlYgHLLERgfzsw0iWeAEuoR7p-- --UrapcRYepkm2apszBDy6aYULFTj49EYBM Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEE+Gq3PsPeLT4tL/9wk4vgf7Eq4WwFAlv9dyEACgkQk4vgf7Eq 4WwDZQf8CxGpwQr5mpKdxoIEk35psjlrfb1tHu4szzl/Gp9T5edpUe3Wl+MPY24l EP+3dIC11vfYiwFWH8IVc1Rn709bNVWs2e5Bt3oXAnicwwdY45CbscemlM0ENhFT AsipW8zNlk0RkJ184XqgH1VTZWq3kwUOOz/rnnExWY37InYgGLQLPTmrrMvPPYJn XXG+mVDFY4sGOBwrH4ftjtpyp8uYoP5RW/4vfBS/whoQ84Q07gCJ8HbFyvT3xAa6 qb2hRvmfgarmpG2U0zbMFk7iWQYtKAM/0h7rYuILDl5XOulgO3yJwWa1Nm2ZuchF JYIL7q6D4QlkpE1gFbqFxxZZPaGsGw== =o7cj -----END PGP SIGNATURE----- --UrapcRYepkm2apszBDy6aYULFTj49EYBM--