and language lists can be set using new keys in the "options" table
argument. These all default to the same value used before. Also, the
required "cookie" argument is now replaced by an optional "cookie"
key in the "options" table, defaulting to random bytes as the RFC
says the value should be. [Kris]
Only ssh2's fetch_host_key() uses this function, but I'm working on
a script and noticed the design flaw regarding the cookie arg (scripts
shouldn't be required to always pass this when it's specified that its
value should be random). The rest was added because the default is
just a subset of algorithms offered across implementations.
set correctly.
1. Shift the low-order bits of fc by 20 bits, not 28, because fl is a
20-bit field.
2. Use a mask in host byte order to mask fl, which is also provided in
host byte order.
3. Swap | and & in combining fc and fl.
1) Set the 'vc' ('virtual circuit') id to a non-zero value (if it's 0, the smb server will disconnect all hosts who are already connected)
2) Handle the authentication error NT_STATUS_REQUEST_NOT_ACCEPTED, which indicates that there are too many connected hosts (11 is the default on most versions of Windows, or 10 for the anonymous account). If we see the error, we wait and try again.
3) Handle the file creation error, NT_STATUS_PIPE_NOT_AVAILABLE, which appears to be caused by a race condition of some sort. It happens when a large number of connections are attempted simultaneously, and is fixed by a short backoff (50ms worked fine, but I'm using 100ms)
The end result is a significant speedup in our SMB checks without losing data.
number to guarantee it's nonzero (which some target hosts require) rather
than looping for new random numbers.
* ICMP ID values are unimportant, as long as they are nonzero
* The original code to get random numbers was exactly duplicated (new variable,
comment, loop, even whitespace) in the same function, so using a single
variable set initially (albeit differently) simplifies duplication
shouldn't. Also, because of the use of ([...]*), captures can be too
long to fill into the template. This change forces hostname and
domain name to be non-empty. This match should be made more specific
but without example content any changes would involve guessing.
few mystery variations in bytes that don't match up with the
descriptions in the submissions or what users have told me they are
running. I've done my best to get the OS X versions correct.
Corrections may be required to loosen the strict versioning in this
commit.
