From owner-freebsd-arch@freebsd.org Mon Nov 26 18:59:21 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 79F121140ABE for ; Mon, 26 Nov 2018 18:59:21 +0000 (UTC) (envelope-from kris@ixsystems.com) Received: from mail-yb1-xb2d.google.com (mail-yb1-xb2d.google.com [IPv6:2607:f8b0:4864:20::b2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AEA6B830D8 for ; Mon, 26 Nov 2018 18:59:20 +0000 (UTC) (envelope-from kris@ixsystems.com) Received: by mail-yb1-xb2d.google.com with SMTP id d18-v6so7944873yba.4 for ; Mon, 26 Nov 2018 10:59:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ixsystems-com.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:openpgp:autocrypt:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=I/fMQNcBBCaOjZLNZwI8wtyTgVTpwfTrkUNvmlSnaFo=; b=0rwZKUng5nUE5SsXRTXUmi/bEhINTFhViRQDnz7naMT9wSwijC7C0Fm3HJZTGcK360 GrvSrltKX89aMD4coeOQ7dkLVzFpdAk2dEbJhI7vX5uGaXMMBx1f/PvEvL8hOrVfxJU9 mHWpss4zoP08yeqLbF2PW/Nxb0t7whNP/ydra6fFodFNzObdJh5S9MNkFP5X3Lw9rKGR yAaaSQywthMGL9p9IN+7Y1FLFuNKgTJEWzSoJHpdoH1PeGT6iOpqrYwyhrf46vVN/2Gi U3rUEjUKgZFN2jpTmS3BZ1CL2nATFPfU2KvWkBF7whwfzScs8JqukNb13nQ96JvZMtxV GpOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding:content-language; bh=I/fMQNcBBCaOjZLNZwI8wtyTgVTpwfTrkUNvmlSnaFo=; b=F/+vRLEjH94N36bBoZNXrfeiYzUXtXwn+4wAe7vVYHChbCr3+hc6QVL7EPnl6TtCjl RLXWTEJsv00nYe8qwP8zqt/JWE7b0/e5jfFnXHe3M24BIprfaJHi3zekfdcut4K8Q4Wt mejJdeYHdYEimWW+5eS6u00a8jgf7iP9j/Mwxnpja09DoqLRRVQsHee4xQzZDcfdjxqr N/KLKs7BHixfEZnNidBiFlsiwoBj7fTCWNFBcgRHXF7us415EwiyBMxshcAVYa7FkiXy saBeQ0YYqQeVmCGFJFiTHJS86ltZbNFif8X762we4vdCCwl5SmKIS2DdnsIvI/YlUaWs iB9A== X-Gm-Message-State: AA+aEWY2dvZR4DPzFRttq1QTgrj6rm8yToB8YKjl+92te8hvaz8F3Ef1 RP+FNDpo+7cLhFU6e2rb1tRbQpMeuKeet0IKanq2UQPjwP6acS3AEE/qXW+jawKgiRUu+3ON7Ot d7UpFFsHSCx5mDeXAPLZnsH2ZTSpVPiU0871G3rEzyGPnJeOOeXyQD7gJtppEhpSCI5w= X-Google-Smtp-Source: AJdET5eBoSyKK74sexfsQ9DVr0SpTAjN5iX5+vmnzI+K3UKlz9YyrAduUdlGaMG8wHbkh7koRolIYA== X-Received: by 2002:a25:718b:: with SMTP id m133-v6mr29026895ybc.79.1543258759581; Mon, 26 Nov 2018 10:59:19 -0800 (PST) Received: from [10.231.5.154] ([12.189.233.129]) by smtp.gmail.com with ESMTPSA id n66-v6sm291466ywe.37.2018.11.26.10.59.18 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 26 Nov 2018 10:59:18 -0800 (PST) Subject: Re: Removal or updating of "mount_smbfs" from FreeBSD operating system To: freebsd-arch@freebsd.org References: <20181126121926.00007626@seibercom.net> <70b84814-89a8-fdef-7092-1cb4a46785e1@yuripv.net> From: Kris Moore Openpgp: preference=signencrypt Autocrypt: addr=kris@ixsystems.com; prefer-encrypt=mutual; keydata= xsFNBFnp+coBEADCFx6BWLwcoFWGz31gP571fwGraNjKwPOoUcL2Xjeyz7Dv5n6v8VDpQIqa jhchZcSEcwbterC7EblpcVGJSUP4ViwZFGFGlmxsKd5YfcJ+8M6VJbsF9usCU+WNOZTGP0hv nu9OQB+pfEbQul3qdKiVd1A5O5+3TSlo0dul6c0ziWqkj5ml0lqNszAc5qLXiKlRzUkHHVEQ tKqWZ+TVFUb8k6P4FnW5qKYieCuMlxuJR3jDLkTGT3U2xAdBRPBNMr7lgXva9dl6q0MEYswT iOozYsF1FrsUj9xVHCPfvJNGCyVIFNWX1IuE1OR6Z9SiGBdQtqKPY6YLO3Yh4WHtSCnOKomF LVEUbM6GfoKKk6yz0ooS24zCW2u31zhY8S1Pn+hEJ02DbIZMewI8XPdqdfVDnqXkMUGibC/X OHLU0aE5kUgws8DJviddP+p1iYEzjt8eFQzkg83FtN0WCpHGPWGF8DjoW58vFkcxXfUa27Yq RBxU3dyark34vL+x6TFjg85q25p73VD6sP/pCnwUZFgVvpu2rIuuE9wWJnrCim3o+3cqYn9A NGUojKnGRU58+SgJKalfSmCF2k04LO27x7uuZesGflq5kRg0ROhGdBvT9Xv47rscoc9HsAjx tEaX9CXgIP4LbjlMUXaBpM1cr5rKQhaYti9KOqI4OcUnnFnJBQARAQABzR9LcmlzIE1vb3Jl IDxrcmlzQGl4c3lzdGVtcy5jb20+wsGOBBMBCAA4FiEE6kMoZ0WccL4k6H+L0I7MhrJaycYF Alnp+coCGyMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQ0I7MhrJaycaFgg/+J1TPhfrK 0SxNLbCSKrGCX6axk/2HezIuu0dPsX7Pv5FJptWKyyp9YqhUT4rmFhZnDg3mRvFp8qJgY1BF zlOfHBPMw+vevetuzj9XpGOUthNNXX2RS2YHmoTvaEBK/x17O5kAjPX1108jpXWx8p0/a8GE /xf1/BJHMUkk4Fc32QFzOqsTMAB4B9O3iogq6CVCfbqrC7trQuPsDv2gEguEu1JzGM0FpWtl tbvSSfrTc5kHQjTjZZQIfow6yS8mfforEDeSFdsf+Q8eIfOt7X1B+xhVOrRhoyYVCV4FvcWh wz/8kFLQKGXZ7Fp52FwWTfVDUzmmZji+5Vp5cQAnVLO2Zr5vNusJbn+jiv6TH6LPp6WLZcb7 cEZTgON2rFSBMb73wleIp2+CPZJ84nzM0fpMHsZPZmVrgxf+OPHdoAChAIXiN1gUBqAhJ2b7 xvycL/Yw2mzcQutlH7us6difgtpczpHTOS3ammVmzwf/Vgtqz+S8jFGNqFQ+CdAfAY1ZYkt/ +yO79mtiZX+/wdf0JH9Rcmyr28rSglGh2hA6zc5swKzSaS8F94EOir3K9jN+DLsS6L92SBmL WIRcgXC9mzA5jIOaKZC03JR2HSwww4NZqd0S/BS91Zjf9Oa8fPqB7pKTrLLJmpQzYyVnoiDC Sb+IkLRHj1fH2fXeq7yl9jZ3+M7OwU0EWen5ygEQAMCa4R90ZXRtv0nM21/v9tx8AtSS7cWI JvMLMhE/0DWOqTbakmdUtoX8fUg/r/jEZ5hnuT0EtTfjou8mxZIOvu3tlG3mb4Fkyc7XYylh 0VPt+vnG4dRLsfzZJduksC8CQlPX9NxM4UeSi/KX5XMK+5eEZV6Z9mhVTnrM40AgngUOdON9 aZJVc39aCwTYT7BZ4mq6jFfMaNxp3GxGHp5f/oE7VVRb+Fj6xq4BP60w4gQS6W5suLY4+hHI 3bkQ9N/M9RbXpa2N5zAZnRFPw9j06kwJGHrHdXSSKF0OTa0GXO4KtUxGUhMkRrZ7vOSPJO8l R3x0cEN1/a76Vn3lsX+xJH28zfhsj6taZwPoP9GOFzuEIzM7PZ7fVm4Ao17i/r10FfrzOWW6 0QehjJ9Mr4Gjj7YxTOWc5NCuZv/jscOzzsLBoVQAUYu9fnCPUBkGpCutO2vAmJkpUkupmtHo +94b87cXtcCFRxRBXTiUhD/Ge9Y+ZElxWgF5mFAs0Lk3Y2t55vWh05SOWiu2JUGucXl3zdfC 5+FrrFs5XfIEFGVBjLsFiwiBII+Eo2QWSjwumrodVGmY4YEieNn1Gje7CxAlDTjjSSPBlpuh Z4gwQ6DSm7BOdlItDhNCkH6J8cWMO05zEnO3b7lcUDMi1xXbiYYKXz1hq8RkU6BSkPo1mYOq hY2XABEBAAHCwXYEGAEIACAWIQTqQyhnRZxwviTof4vQjsyGslrJxgUCWen5ygIbDAAKCRDQ jsyGslrJxvhyD/0Zg5xAiakqry4EzUHkyWGHTjYQtD7qJl+3OT+UCUAceCSz9XsoMSRiVTyN 1gg6DPDqaixF3qq1DEoEiU2HkL4Hpl34oveHDFGLNiyqZJ11T0TG6PhA294PuxdyZgHDqyEz FOpLmZaLQiCs34CX7tDubaGZJjdLVljQ4+S/BMeaBCT8Z16NnuYitLMmwAaaaNl2Sb4n4edA alRYdKY48d3Jl8usKZDVYFiAbTwxzTDM8Zs4owTo4Ynx5XIW0vXD1hkxdEDf3pJz0cxek3Nn 0Nbmayg4ZOvYunRbS4soavwxPmVjIUr8gtxF7SDF2wg+EHMr2Fmnggw4BXqo3P/PKMIAVYZT Bl60+5VgFBqejds0o9Reo9yaUCNSL1DVa8FSWXkS/kFnkud1KIGBeTDIoEidBMZOtRg1obtR G2xdV5G+6NMn2KTUmsPmbwKyf/ii1fujcKXyVHEX0loG3JJ+LNw0zWH3EbrIpiVHZOkk0Dny +mlVdpBoWxz0WvK2mDttr3Qge9a0o1dZ1BTg/+aNxQO04+hVKPk7OEbdR6LpW4ExNGDpXBBN Acr4FZ0yTw8+7XLx2A/F5ETkOPBLUU4KkwMuGCvNeazwkZsjizTg28COWlodT1HQLecstUM6 THbcZJc4jIgSAjKQ87RQ/lCVBCGoaEbJ/zcrsMh5RbMrWszApQ== Message-ID: <70e66ee6-af44-1c48-8daf-c48215dfcf1e@ixsystems.com> Date: Mon, 26 Nov 2018 13:58:12 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.3.1 MIME-Version: 1.0 In-Reply-To: <70b84814-89a8-fdef-7092-1cb4a46785e1@yuripv.net> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Content-Language: en-US X-Rspamd-Queue-Id: AEA6B830D8 X-Spamd-Result: default: False [-4.56 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[ixsystems-com.20150623.gappssmtp.com]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-arch@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[ixsystems-com.20150623.gappssmtp.com:+]; MX_GOOD(-0.01)[cached: ALT3.ASPMX.L.GOOGLE.com]; RCVD_IN_DNSWL_NONE(0.00)[d.2.b.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; NEURAL_HAM_SHORT(-0.89)[-0.892,0]; DMARC_POLICY_ALLOW(-0.50)[ixsystems.com,none]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; IP_SCORE(-0.65)[ipnet: 2607:f8b0::/32(-1.80), asn: 15169(-1.37), country: US(-0.09)]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Nov 2018 18:59:21 -0000 On 11/26/18 1:09 PM, Yuri Pankov wrote: > Gerard Seibert wrote: >> TO WHOM IT MAY CONCERN >> >> The “SMBv1” protocol is a security hazard and was depreciated by Microsoft in >> 2014. There is virtually no use for it anymore. >> >> The “mount_smbfs” utility in FreeBSD only uses that protocol, which results >> in making it useless with newer versions of Microsoft’s operating systems, as >> well as other OS’s that have depreciated the use of SMBv1. >> >> I would like to suggest that FreeBSD do one of the following: >> >> 1) Remove “mount_smbfs” from FreeBSD. This would probably be in versions 12.1 >> or 13. It is perhaps too late to get into FreeBSD 12. > I don't think this is reasonable, more so in a hurry, as this is a > client, and doesn't impose any security issues. > >> 2) Update “mount_smbfs” so that it is compatible with versions SMBv3 and >> greater. While "SMBv2" is not dead, it is definitely comatose. This would be a >> better idea if someone had the time to do it. > There's an entry in https://wiki.freebsd.org/DevSummit/201810: > > ---------------------------------------------------------------------- > updated mount SMBFS smbv3 support (iXsystems) > ---------------------------------------------------------------------- > > I wonder if we could get a bit more information on this -- is this just > a plan, or is it being actively worked on/ready for integration? > We were discussing it at the time, but as of now it's not actively being worked on from the iX side. -- Kris Moore Vice President of Engineering iXsystems, Inc Ph: (408) 943-4100 Ph: (408) 943-4101 The Groundbreaking TrueNAS M-Series - Enterprise Storage & Servers Driven By Open Source