Removal or updating of "mount_smbfs" from FreeBSD operating system

Brooks Davis brooks at freebsd.org
Tue Nov 27 17:15:01 UTC 2018


On Tue, Nov 27, 2018 at 07:55:54PM +0300, Yuri Pankov wrote:
> Edward Napierala wrote:
> > pon., 26 lis 2018 o 17:20 Gerard Seibert <gerard at seibercom.net> napisa??(a):
> >>
> >> TO WHOM IT MAY CONCERN
> >>
> >> The ???SMBv1??? protocol is a security hazard and was depreciated by Microsoft in
> >> 2014. There is virtually no use for it anymore.
> >>
> >> The ???mount_smbfs??? utility in FreeBSD only uses that protocol, which results
> >> in making it useless with newer versions of Microsoft???s operating systems, as
> >> well as other OS???s that have depreciated the use of SMBv1.
> >>
> >> I would like to suggest that FreeBSD do one of the following:
> >>
> >> 1) Remove ???mount_smbfs??? from FreeBSD. This would probably be in versions 12.1
> >> or 13. It is perhaps too late to get into FreeBSD 12.
> >>
> >> 2) Update ???mount_smbfs??? so that it is compatible with versions SMBv3 and
> >> greater. While "SMBv2" is not dead, it is definitely comatose. This would be a
> >> better idea if someone had the time to do it.
> > 
> > FWIW, I believe SMBv3 is just a set of (largely optional) extensions to SMBv2,
> > not an entirely different protocol, like SMBv1 is.  Which means, any version
> > that supports v3 is likely to also handle v2.
> > 
> > There seems to be existing, working code in Nexenta, which is being
> > upstreamed to Illumos:
> > 
> > https://www.illumos.org/issues/9735
> > https://github.com/illumos/illumos-gate/pull/37
> > 
> > Their implementation descends from the one we have in base (and the one
> > from OSX, which also descends from FreeBSD), so it should be possible to
> > merge it.
> 
> Yes, we have it working and tested pretty well.  And that's exactly the
> reason I was asking if there's work in progress for smb2/3 client or not
> before even starting looking into porting the code.
> 
> The problem here is that the code has grown library dependencies which
> are CDDL-licensed, which aren't easy to break (if at all), so if ported,
> it will be covered by WITHOUT_CDDL; hopefully that's acceptable.  It's
> possible that Nexenta-authored code could be relicensed under BSDL (I'll
> have to ask, we already have a precedent with localedef), but sadly that
> doesn't cover everything.

I think making this CDDL is fine.  Certaintly better than failing to
support SMBv2/v3.

-- Brooks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20181127/bd81a4c6/attachment.sig>


More information about the freebsd-arch mailing list