Problem with CIFS
Jeremy Allison
jra at samba.org
Thu Aug 19 20:28:16 GMT 2004
On Wed, Aug 18, 2004 at 09:36:21PM -0500, Steve French wrote:
> >Can you show me where the problem is ?
> >Currently in smbd/negprot.c we have :
> >
> > /* do spnego in user level security if the client
> > supports it and we can do encrypted passwords*/
> >
> > if (global_encrypted_passwords_negotiated &&
> > (lp_security() != SEC_SHARE) &&
> > lp_use_spnego() &&
> > (SVAL(inbuf, smb_flg2) & FLAGS2_EXTENDED_SECURITY)) {
> > negotiate_spnego = True;
> > capabilities |= CAP_EXTENDED_SECURITY;
> > }
>
> I think Samba is just missing the else clause in smbd/negprot.c(since
> reply_common sets FLAGS2_EXTENDED_SECURITY otherwise). Something like:
>
> else {
> remove_from_common_flags2(FLAGS2_EXTENDED_SECURITY);
> SSVAL(outbuf,smb_flg2,(SVAL(outbuf,smb_flg2) &
> (~FLAGS2_EXTENDED_SECURITY)));
> }
>
> but in any case I have to workaround it in the Linux cifs client by
> paying more attention to the capability bit than to the actual smb flag
FYI: I just fixed this in the 3.x SVN tree. It won't be in 3.0.6
but should be in 3.0.7 and above. Thanks !
Jeremy.
More information about the samba-technical
mailing list