Project

General

Profile

Bug #1676

Connections to CIFS service via DNS alias kills other sessions

Added by Gordon Ross almost 8 years ago. Updated almost 8 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
-
Start date:
2011-10-21
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage

Description

Currently, when clients connect to the CIFS service via DNS alias,
other connections from the client get closed by the server.

There is a legacy feature in the CIFS protocol where a client can indicate in its connection request that it believes it has no other connections to this server.
(In the protocol, this is "vcnumber==0") Historically, servers would close any other connections from this client when getting such a request. This is no longer advised, and most other servers don't do this anymore, at least not by default.

Ref: http://ubiqx.org/cifs/SMB.html#SMB.7.1.1

History

#1

Updated by Gordon Ross almost 8 years ago

BTW, closing existing connections when VC number is zero is also a big fat DOS opportunity. This is a bad idea in a number of different ways. Just nuke this, as most other SMB servers have already done.

#2

Updated by Gordon Ross almost 8 years ago

  • Status changed from New to Resolved
comparing with ssh://hg@hg.illumos.org/illumos-gate
searching for changes
changeset:   13515:3e8376ea8eb0
user:        Gordon Ross <gwr@nexenta.com>
date:        Fri Nov 11 21:55:53 2011 -0500
description:
    1676 Connections to CIFS service via DNS alias kills other sessions
    Reviewed by: Albert Lee <trisk@nexenta.com>
    Reviewed by: Yakov Zaytsev <yakov.zaytsev@nexenta.com>
    Approved by: Garrett D'Amore <garrett@nexenta.com>

Also available in: Atom PDF