NetShareEnum: disable sanity check for better compatibility with Windows
Volker Lendecke
Volker.Lendecke at SerNet.DE
Sun Nov 29 06:46:12 MST 2009
On Sun, Nov 29, 2009 at 02:15:18PM +0100, Giovanni Bajo wrote:
> the attached patches increase Samba compatibility with Windows by
> disabling a sanity check which prevents Samba from issuing an answer to
> a NetShareEnum request in case of a corrupted (invalid) packet.
>
> Long version. I have recently bought a Samsung BD-P3600 bluray player.
> This unit has wired/wifi connection and a primitive/buggy support for
> streaming files off Windows shares. It works well if the shares are on a
> Windows PC, but it fails to detect shares on Linux and Mac OSX. I
> investigated the problem and it turns out that the bluray player sends
> an invalid packet:
>
> 0000 00 1b fc 91 80 08 00 12 fb 2a d9 7c 08 00 45 00 ........ .*.|..E.
> 0010 00 9e b8 2e 40 00 40 06 fe c2 c0 a8 01 17 c0 a8 .... at .@. ........
> 0020 01 01 cc 54 00 8b 46 cc 34 d6 de 00 9f ae 80 18 ...T..F. 4.......
> 0030 0b 68 01 e3 00 00 01 01 08 0a 00 00 99 c7 00 64 .h...... .......d
> 0040 41 2d 00 00 00 66 ff 53 4d 42 25 00 00 00 00 08 A-...f.S MB%.....
> 0050 01 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 ........ ........
> 0060 3b 00 00 00 9f 00 0e 1a 00 00 00 63 00 ff ff 00 ;....... ...c....
> 0070 00 00 00 00 00 00 00 00 00 1a 00 4c 00 00 00 66 ........ ...L...f
> 0080 00 00 00 27 00 5c 50 49 50 45 5c 4c 41 4e 4d 41 ...'.\PI PE\LANMA
> 0090 4e 00 00 00 57 72 4c 65 68 00 42 31 33 42 57 7a N...WrLe h.B13BWz
> 00a0 57 57 57 7a 42 39 42 00 01 00 ff ff WWWzB9B. ....
>
> Microsoft Windows Lanman Remote API Protocol
> Function Code: NetShareEnum (0)
> Parameter Descriptor: WrLeh
> Return Descriptor: B13BWzWWWzB9B
> Detail Level: 1
> Receive Buffer Length: 65535
>
> This packet is malformed because, for level 1 query, the correct return
> descriptor would be "B13BWz". I've attached the full wireshark dump, in
> case it matters.
>
> What happens is that Samba refuses to answer to this query because it
> fails an internal sanity check; instead, Windows happily answers and the
> conversation goes on.
>
> I verified my fix against a samba2 server (this is what I'm running on
> my DDWRT-based router), and forward-ported the same patch on samba3 and
> samba4 trees by visual inspection.
>
> This is my first contribution to Samba, so I'm looking for some guidance
> for this patch to be accepted.
It seems that the descriptor they send is actually a level2
descriptor. Can you get us a trace against a Windows box? I
would be interested to see what they return in this case. Do
they decide based upon the level or the descriptor?
And, would it be possible not to completely drop the check
but to also allow the level2 descriptor for level1?
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20091129/cce3b209/attachment.pgp>
More information about the samba-technical
mailing list