[PATCH] fsctl_validate_neg_info skip some checkings if PROTOCOL_SMB2_02

[Jones Syue]

Hello list,

The client is windows 10 pro version 1607,
file server: a linux box with samba-4.4.5.

If the negotiated protocol is NT1, SMB2_10, and SMB3_11,
the win10 can login to the file server.

But if the negotiated protocol is SMB2_02,
the win10 failed to login to the file server,
error alert said: the specified network name is no longer available.

After packets captured:
https://drive.google.com/folderview?id=0B7hCXnjbSiXFSE9ZOFJTWkM3U3M&usp=sharing

The major difference is fsctl_validate_neg_info().
With SMB2_02,
GUID_equal(&in_guid, &conn->smb2.client.guid) is false,
and smbd would be terminated and disconnected.

Hmm check client guid with SMB2_02 looks a bit strange,
as smbd_smb2_request_process_negprot() said:
if (xconn->protocol < PROTOCOL_SMB2_10) {
  /*
  * SMB2_02 doesn't support client guids
  */
    return smbd_smb2_request_done(req, outbody, &outdyn);
}

Another scenario happened if max protocol = SMB2_02,
win10 SMB1 negotiate request included dialects:
SMB 2.??, SMB 2.002, NT LM 0.12, etc.,
samba-4.4.5 will return SMB2 response with SMB 2.002.
In this case, both smb2.client.security_mode
and smb2.client.capabilities are always 0 because win10
SMB1 negotiate request does not support them.

Hence the attached patch supposed to skip
smb2 client guid, smb2 client security mode,
and smb2 client capabilities if the client sent
SMB1 negotiate request and samba select SMB 2.002,
please help review and any suggestions are appreciated,
thank you.

--
Regards,
Jones Syue | 薛懷宗
QNAP Systems, Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-fsctl_validate_neg_info-skip-some-checkings-if-PROTO.patch
Type: application/octet-stream
Size: 1348 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20160907/5c058f21/0001-fsctl_validate_neg_info-skip-some-checkings-if-PROTO.obj>