[PATCH] fsctl_validate_neg_info skip some checkings if PROTOCOL_SMB2_02
Jeremy Allison
jra at samba.org
Thu Sep 8 21:51:30 UTC 2016
On Wed, Sep 07, 2016 at 10:38:32PM +0800, Jones Syue wrote:
> Hello list,
>
> The client is windows 10 pro version 1607,
> file server: a linux box with samba-4.4.5.
>
> If the negotiated protocol is NT1, SMB2_10, and SMB3_11,
> the win10 can login to the file server.
>
> But if the negotiated protocol is SMB2_02,
> the win10 failed to login to the file server,
> error alert said: the specified network name is no longer available.
>
> After packets captured:
> https://drive.google.com/folderview?id=0B7hCXnjbSiXFSE9ZOFJTWkM3U3M&usp=sharing
>
> The major difference is fsctl_validate_neg_info().
> With SMB2_02,
> GUID_equal(&in_guid, &conn->smb2.client.guid) is false,
> and smbd would be terminated and disconnected.
>
> Hmm check client guid with SMB2_02 looks a bit strange,
> as smbd_smb2_request_process_negprot() said:
> if (xconn->protocol < PROTOCOL_SMB2_10) {
> /*
> * SMB2_02 doesn't support client guids
> */
> return smbd_smb2_request_done(req, outbody, &outdyn);
> }
>
> Another scenario happened if max protocol = SMB2_02,
> win10 SMB1 negotiate request included dialects:
> SMB 2.??, SMB 2.002, NT LM 0.12, etc.,
> samba-4.4.5 will return SMB2 response with SMB 2.002.
> In this case, both smb2.client.security_mode
> and smb2.client.capabilities are always 0 because win10
> SMB1 negotiate request does not support them.
>
> Hence the attached patch supposed to skip
> smb2 client guid, smb2 client security mode,
> and smb2 client capabilities if the client sent
> SMB1 negotiate request and samba select SMB 2.002,
> please help review and any suggestions are appreciated,
> thank you.
Hi Jones,
Can you explain a little about how you're reproducing
this ? Are you setting "max protocol" in the smb.conf
to see this ?
Cheers,
Jeremy.
More information about the samba-technical
mailing list