Problem with CIFS

Jeremy Allison jra at samba.org
Thu Aug 19 20:28:16 GMT 2004


On Wed, Aug 18, 2004 at 09:36:21PM -0500, Steve French wrote:
> >Can you show me where the problem is ? 
> >Currently in smbd/negprot.c we have :
> >
> > /* do spnego in user level security if the client
> > supports it and we can do encrypted passwords*/ 
> >
> >  if (global_encrypted_passwords_negotiated &&
> >            (lp_security() != SEC_SHARE) &&
> >            lp_use_spnego() &&
> >            (SVAL(inbuf, smb_flg2) & FLAGS2_EXTENDED_SECURITY)) {
> >                negotiate_spnego = True;
> >                capabilities |= CAP_EXTENDED_SECURITY;
> >        }
> 
> I think Samba is just missing the else clause in smbd/negprot.c(since
> reply_common sets FLAGS2_EXTENDED_SECURITY otherwise). Something like:
> 
>         else {
>                 remove_from_common_flags2(FLAGS2_EXTENDED_SECURITY);
>                 SSVAL(outbuf,smb_flg2,(SVAL(outbuf,smb_flg2) &
> 			 (~FLAGS2_EXTENDED_SECURITY)));
>         }
> 
> but in any case I have to workaround it in the Linux cifs client by
> paying more attention to the capability bit than to the actual smb flag

FYI: I just fixed this in the 3.x SVN tree. It won't be in 3.0.6
but should be in 3.0.7 and above. Thanks !

Jeremy.


More information about the samba-technical mailing list