Joined: 26 Mar 2013 Posts: 1858 Location: Hung Hom, Hong Kong
Posted: Sat Jan 06, 2024 14:16 Post subject:
TCB13 wrote:
There's nothing to be solved in ksmbd. This is an issue with the backport that was done in DD-WRT and it only affects DD-WRT running on older kernels + macOS.
How old? Long before DD-WRT moving to ksmbd? Does it also involve older MacOS versions?
I do NOT run MacOS. SO my stand might not be neutral enough. Sorry then! _________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!
There's nothing to be solved in ksmbd. This is an issue with the backport that was done in DD-WRT and it only affects DD-WRT running on older kernels + macOS.
How old? Long before DD-WRT moving to ksmbd? Does it also involve older MacOS versions?
I do NOT run MacOS. SO my stand might not be neutral enough. Sorry then!
Let me give you the results of the tests we did:
- macOS Mojave (10.14) + DD-WRT's ksmbd 3.4.6 (kernel 4.4): works fine
- macOS Ventura (13) + DD-WRT's ksmbd 3.4.6 (kernel 4.4): fails to connect
- macOS Mojave (10.14) + OpenWRT ksmbd 3.4.6 (kernel 5.15): works fine
- macOS Ventura (13) + OpenWRT ksmbd 3.4.6 (kernel 5.15): works fine
- macOS Mojave (10.14) + Debian 12 ksmbd 3.4.6 (kernel 6.1): works fine
- macOS Ventura (13) + Debian 12 ksmbd 3.4.6 (kernel 6.1): works fine
It only fails on modern macOS versions combined with the backported ksmbd for the 4.x kernel. ksmbd was not designed for that kernel in the first place and from all the information gathered, comments from both the developers and egc it is most likely some very specific feature around cryptography that recent versions of macOS require that isn't working properly on the older kernel / backported version.
Around September, Namjae managed to talk to some Apple developer of the SMB client and he asked us to run a few tests and share packet dumps. I used my test machines to run the tests and he later submitted the results to the developer. Still no answers.
We've no way to further debug this. macOS doesn't provide useful logs when it fails and the DD-WRT's ksmbd version is very slimmed down and doesn't produce logs either. Maybe the developer will find something on the packet traces that could point us into some direction or maybe he won't.
Ideally it would be good to get a version of DD-WRT with a ksmbd that included full logging capabilities as it would most likely show what's happening when a macOS client fails to connect. _________________ 1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
Joined: 26 Mar 2013 Posts: 1858 Location: Hung Hom, Hong Kong
Posted: Sun Jan 07, 2024 3:46 Post subject:
TCB13 wrote:
Let me give you the results of the tests we did:
- macOS Mojave (10.14) + DD-WRT's ksmbd 3.4.6 (kernel 4.4): works fine
- macOS Ventura (13) + DD-WRT's ksmbd 3.4.6 (kernel 4.4): fails to connect
... more ...
We've no way to further debug this. macOS doesn't provide useful logs when it fails and the DD-WRT's ksmbd version is very slimmed down and doesn't produce logs either. Maybe the developer will find something on the packet traces that could point us into some direction or maybe he won't.
Ideally it would be good to get a version of DD-WRT with a ksmbd that included full logging capabilities as it would most likely show what's happening when a macOS client fails to connect.
So both MacOS' SMB client and DD-WRT's ksmbd didn't provide logs? Um... I like logging. It usually helps.
Does MacOS have TCP/IP networking tools like tcpdump? It could make things going. But using them might be difficult.
Are you absolutely sure that the ksmbd in DD-WRT has extra codes due to backporting? Disabling logs does not always mean injection of bad codes.
Do you know the programmers in the older standalone Samba project? They might be more experienced than everyone you knew! _________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!
Joined: 06 Jun 2006 Posts: 7492 Location: Dresden, Germany
Posted: Sun Jan 07, 2024 8:32 Post subject:
mwchang wrote:
TCB13 wrote:
Let me give you the results of the tests we did:
- macOS Mojave (10.14) + DD-WRT's ksmbd 3.4.6 (kernel 4.4): works fine
- macOS Ventura (13) + DD-WRT's ksmbd 3.4.6 (kernel 4.4): fails to connect
... more ...
We've no way to further debug this. macOS doesn't provide useful logs when it fails and the DD-WRT's ksmbd version is very slimmed down and doesn't produce logs either. Maybe the developer will find something on the packet traces that could point us into some direction or maybe he won't.
Ideally it would be good to get a version of DD-WRT with a ksmbd that included full logging capabilities as it would most likely show what's happening when a macOS client fails to connect.
So both MacOS' SMB client and DD-WRT's ksmbd didn't provide logs? Um... I like logging. It usually helps.
Does MacOS have TCP/IP networking tools like tcpdump? It could make things going. But using them might be difficult.
Are you absolutely sure that the ksmbd in DD-WRT has extra codes due to backporting? Disabling logs does not always mean injection of bad codes.
Do you know the programmers in the older standalone Samba project? They might be more experienced than everyone you knew!
mojave works. ventura does not. ahm you know this is a apple problem then. maybe they removes some features for supporting some samba protocol versions. in that case you must adjust your samba server settings to fit to the new requirements of that evil company
mojave works. ventura does not. ahm you know this is a apple problem then.
How do you explain the fact that it works in OpenWRT and Debian with the same ksmbd version then? But not in DD-WRT?
BrainSlayer wrote:
maybe they removes some features for supporting some samba protocol versions. in that case you must adjust your samba server settings to fit to the new requirements of that evil company
That "fix" doesn't work. For what's worth ksmbd.conf supports enabling multichannel and it comes disabled by default. But once again a macOS Ventura client can connect to a Debian 12 machine running ksmbd 3.4.6 with that option disabled.
mwchang wrote:
Does MacOS have TCP/IP networking tools like tcpdump? It could make things going. But using them might be difficult.
That's what the Apple developer asked for (alongside other things). I had a look at the dump and the system does a bunch of authenticiation attemps and then nothing else. There isn't anything explicit there, an error etc.
mwchang wrote:
Are you absolutely sure that the ksmbd in DD-WRT has extra codes due to backporting? Disabling logs does not always mean injection of bad codes.
It has tweaks to support the older kernel at least. The tests lead me to believe this is most likely something missing kernel side or similar. Something that can be probably fixed by tweaking the ksmbd code further but until there are logs I guess its going to be hard.
mwchang wrote:
Do you know the programmers in the older standalone Samba project? They might be more experienced than everyone you knew!
No _________________ 1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
Last edited by TCB13 on Sun Jan 07, 2024 13:29; edited 1 time in total
Joined: 06 Jun 2006 Posts: 7492 Location: Dresden, Germany
Posted: Sun Jan 07, 2024 13:23 Post subject:
TCB13 wrote:
BrainSlayer wrote:
mojave works. ventura does not. ahm you know this is a apple problem then.
How do you explain the fact that it works in OpenWRT and Debian with the same ksmbd version then? But not in DD-WRT?
BrainSlayer wrote:
maybe they removes some features for supporting some samba protocol versions. in that case you must adjust your samba server settings to fit to the new requirements of that evil company
That "fix" doesn't work. For what's worth ksmbd.conf supports enabling multichannel and it comes disabled by default. But once again a macOS Ventura client can connect to a Debian 12 machine running ksmbd 3.4.6 with that option disabled.
mwchang wrote:
Does MacOS have TCP/IP networking tools like tcpdump? It could make things going. But using them might be difficult.
That's what the Apple developer asked for (alongside other things). I had a look at the dump and the system does a bunch of authenticiation attemps and then nothing else. There isn't anything explicit there, an error etc.
mwchang wrote:
Are you absolutely sure that the ksmbd in DD-WRT has extra codes due to backporting? Disabling logs does not always mean injection of bad codes.
It has tweaks to support the older kernel at least. The tests lead me to believe this is most likely something missing kernel side or something similar. Something that can be probably fixed by tweaking the ksmbd code further but until there are logs I guess its going to be hard.
mwchang wrote:
Do you know the programmers in the older standalone Samba project? They might be more experienced than everyone you knew!
No
i can just assume that your debian uses different settings or a crypto cipher is used which is not included in the kernel on your router. but thats something i can easily check. _________________ "So you tried to use the computer and it started smoking? Sounds like a Mac to me.." - Louis Rossmann https://www.youtube.com/watch?v=eL_5YDRWqGE&t=60s
i can just assume that your debian uses different settings or a crypto cipher is used which is not included in the kernel on your router. but thats something i can easily check.
That's has been my suspicion as well. Thank you. _________________ 1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
Joined: 06 Jun 2006 Posts: 7492 Location: Dresden, Germany
Posted: Sun Jan 07, 2024 13:39 Post subject:
mmh if its a crypto issue the errors are shown in kernel log. but you never posted such one _________________ "So you tried to use the computer and it started smoking? Sounds like a Mac to me.." - Louis Rossmann https://www.youtube.com/watch?v=eL_5YDRWqGE&t=60s
mmh if its a crypto issue the errors are shown in kernel log. but you never posted such one
Yes, I don't remember seeing any errors on the log. But I'll re-test it and share the log anyways. _________________ 1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
Joined: 26 Mar 2013 Posts: 1858 Location: Hung Hom, Hong Kong
Posted: Sun Jan 07, 2024 15:09 Post subject:
TCB13 wrote:
That "fix" doesn't work. For what's worth ksmbd.conf supports enabling multichannel and it comes disabled by default. But once again a macOS Ventura client can connect to a Debian 12 machine running ksmbd 3.4.6 with that option disabled.
"enabling multichannel" should have nothing to do with your problem. You (we?) got distracted, possibly. If you didn't insist in 3.0 but used SMB 2.0, the result might have changed.
Partially Supported. Planned to implement replay/retry mechanisms for future.
(
SMB 1 "intentionally" excluded?? Well... it's the simplest, the original. I believe the standalone Samba hasn't taken it out??? No.... NOT back then. Well...
I should have kept my Caldera OpenLinux 3.1.1 alive. Could we download very old source codes of Samba and use it in recent Linux kernels?
) _________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!
Joined: 06 Jun 2006 Posts: 7492 Location: Dresden, Germany
Posted: Sun Jan 07, 2024 22:29 Post subject:
i merged the latest upstream code now. there was a patch for compound requests used by macos in ksmbd which was not yet merged. i also saw your discussion at github. so the question is why havent you told me about this ticket you posted there. the solution was clearly written at github _________________ "So you tried to use the computer and it started smoking? Sounds like a Mac to me.." - Louis Rossmann https://www.youtube.com/watch?v=eL_5YDRWqGE&t=60s
i merged the latest upstream code now. there was a patch for compound requests used by macos in ksmbd which was not yet merged. i also saw your discussion at github. so the question is why havent you told me about this ticket you posted there. the solution was clearly written at github
What are you talking about? I posted a link to the discussion on this thread a long time ago and for what's worth there's no clear solution on Github... just speculation.
I was testing with version 3.4.6 on both DD-WRT and Debian 12, how come DD-WRT didn't have that code already if those patches were already present in that version? I'm confused. _________________ 1x Netgear R7800 (latest); 3x Netgear R7000 (latest); 2x Asus RT-N16 (v3.0-r47656); 2x Fonera 2100 (v3.0-r45454).
Joined: 26 Mar 2013 Posts: 1858 Location: Hung Hom, Hong Kong
Posted: Mon Jan 08, 2024 9:15 Post subject:
Micro$oft's SMB/CIFS protocols was never a published standard. There were no ISO nor RFC documents about it. So making them work with Linux is always a hack, be it the standalone Samba or the new kernel-mode ksmbd. Things got a bit complicated with MacOS. We are talking about 3 independent SMB implementations here, I suspect. And then we also have mDNS/Avahi and WSDD.
So... just relax and solve the puzzle. We all have our priorities and troubles. _________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!