samba-4.0 badlock patch cause DCERPC bind_nak if edit windows security
Jones Syue
jonessyue at qnap.com
Fri May 6 07:34:33 UTC 2016
Hello list,
This symptom looks like cause by v4-0 badlock[1] patch,
and please find the attached v1.patch could way around it,
but im not sure if v1.patch is valid or not,
any suggestions are appreciated,
thank you.
Here is the story:
My Linux box has samba-4.0.26[2] with v4-0 badlock patch,
and add 'vfs objects = acl_xattr'.
If edit the security tab on this box (by windows explorer, win8.1),
there are errors alert, said:
'Unable to display the user selection dialog.
A remote procedure call (RPC) protocol error occurred.'
'The program cannot open the required dialog box because it
cannot determine whether the computer named "10.10.10.10"
is joined to a domain. Close this message, and try again.'
The box's log.smbd[3] said:
[2016/05/06 08:39:12.756928, 1, pid=4718, effective(0, 0), real(0, 0),
class=rpc_srv] ../source3/rpc_server/srv_pipe.c:392(check_bind_req)
check_bind_req: changing abstract syntax for UNKNOWN context_id=0 into
UNKNOWN not supported
Reference:
[1]
https://www.samba.org/samba/ftp/patches/security/samba-v4-0-security-2016-04-12-fileserver-only.patch.xz
[2] https://ftp.samba.org/pub/samba/samba-4.0.26.tar.gz
[3]
[2016/05/06 08:39:12.756902, 3, pid=4718, effective(0, 0), real(0, 0),
class=rpc_srv] ../source3/rpc_server/srv_pipe.c:360(check_bind_req)
check_bind_req for \lsarpc
[2016/05/06 08:39:12.756928, 1, pid=4718, effective(0, 0), real(0, 0),
class=rpc_srv] ../source3/rpc_server/srv_pipe.c:392(check_bind_req)
check_bind_req: changing abstract syntax for UNKNOWN context_id=0 into
UNKNOWN not supported
[2016/05/06 08:39:12.756964, 1, pid=4718, effective(0, 0), real(0, 0)]
../librpc/ndr/ndr.c:401(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_BIND_ACK (12)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0044 (68)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 12)
bind_ack: struct dcerpc_bind_ack
max_xmit_frag : 0x10b8 (4280)
max_recv_frag : 0x10b8 (4280)
assoc_group_id : 0x000053f0 (21488)
secondary_address_size : 0x000e (14)
secondary_address : '\PIPE\dssetup'
_pad1 : DATA_BLOB length=0
num_results : 0x01 (1)
ctx_list: ARRAY(1)
ctx_list: struct dcerpc_ack_ctx
result : 0x0002 (2)
reason : 0x0001 (1)
syntax: struct ndr_syntax_id
uuid :
00000000-0000-0000-0000-000000000000
if_version : 0x00000000 (0)
auth_info : DATA_BLOB length=0
[2016/05/06 08:39:12.757418, 1, pid=4718, effective(0, 0), real(0, 0)]
../librpc/ndr/ndr.c:401(ndr_print_debug)
&r: struct ncacn_packet
rpc_vers : 0x05 (5)
rpc_vers_minor : 0x00 (0)
ptype : DCERPC_PKT_BIND_NAK (13)
pfc_flags : 0x03 (3)
1: DCERPC_PFC_FLAG_FIRST
1: DCERPC_PFC_FLAG_LAST
0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
0: DCERPC_PFC_FLAG_CONC_MPX
0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
0: DCERPC_PFC_FLAG_MAYBE
0: DCERPC_PFC_FLAG_OBJECT_UUID
drep: ARRAY(4)
[0] : 0x10 (16)
[1] : 0x00 (0)
[2] : 0x00 (0)
[3] : 0x00 (0)
frag_length : 0x0012 (18)
auth_length : 0x0000 (0)
call_id : 0x00000002 (2)
u : union dcerpc_payload(case 13)
bind_nak: struct dcerpc_bind_nak
reject_reason : 0x0000 (0)
versions : union
dcerpc_bind_nak_versions_ctr(case 0)
[2016/05/06 08:39:12.757715, 10, pid=4718, effective(0, 0), real(0, 0),
class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1756(set_incoming_fault)
Setting fault state
--
Regards,
Jones Syue | 薛懷宗
QNAP Systems, Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: v1.patch
Type: application/octet-stream
Size: 1477 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20160506/f1526401/v1.obj>
More information about the samba-technical
mailing list