CVS update: samba/source/nsswitch

Christopher R. Hertel crh at ubiqx.mn.org
Thu Jan 16 02:13:00 GMT 2003


On Thu, Jan 16, 2003 at 12:50:57PM +1100, Martin Pool wrote:
> On 16 Jan 2003, Andrew Bartlett <abartlet at samba.org> wrote:
> 
> > Win2k has a bug (feature?) where there is a connection reset if there is
> > a second connection from the SAME IP, before the first
> > session-setup.  
> 
> So an unprivileged process on the client can cause a local denial of
> service just by repeatedly half-opening connections?

Yes.  Early versions of jCIFS did this, in fact.  I was testing it at the
CIFS conference one year and every time jCIFS reconnected the client would
lose all of the smbclient connections that it had.  Tridge kindly
explained it to me.  :)

This behavior is actually written up in the SNIA doc and, I think, the 
Leach/Naik draft.  Normally it doesn't impact Microsoft clients, but there 
is a hotfix for it, since it causes all sorts of trouble for clients on 
the far side of a NAT.

> > Both races need to be protected be separate mutexes.  The first should
> > be protected in as generic a manner as possible, due to the fact that it
> > is *any* connection from the IP.
> 
> Can the connection function be called by a nonprivileged process (say
> rpcclient or smbclient) on the unix machine?  Is so we either need to
> put the mutex somewhere world-writeable (gross) or just be willing to
> take our chances without it.

There are several SMB clients out there now days.  There's jCIFS, the
FreeBSD SMB filesystem, and a few others.  I don't think that there really 
is a "fix" for this problem.  Not on the client side, anyway.

Chris -)-----

-- 
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org



More information about the samba-technical mailing list