More patches for smbclient SMB2/3 problems...

Jeremy Allison jra at samba.org
Wed Aug 16 23:52:12 UTC 2017


On Thu, Aug 17, 2017 at 01:05:12AM +0200, Stefan Metzmacher wrote:
> Hi Jeremy,
> 
> here's some more patches I have in my tree.
> I haven't done much testing with them yet.
> 
> I'll start a private autobuild now.

Ping me when you want them reviewed.

At a quick glance they look good but I'll
take a closer look once they've passed
your autobuild.

> From c7b7bd9fa12f614469c6447047b3f8e6f534fdee Mon Sep 17 00:00:00 2001
> From: Stefan Metzmacher <metze at samba.org>
> Date: Sat, 8 Jul 2017 00:57:59 +0200
> Subject: [PATCH 1/5] s3:libsmb: let get_ipc_connect() use
>  CLI_FULL_CONNECTION_FORCE_SMB1
> 
> get_ipc_connect() is only used for calling cli_NetServerEnum().
> 
> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12876
> 
> Signed-off-by: Stefan Metzmacher <metze at samba.org>
> ---
>  source3/libsmb/cliconnect.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
> index d98debc..91fd18b 100644
> --- a/source3/libsmb/cliconnect.c
> +++ b/source3/libsmb/cliconnect.c
> @@ -3746,6 +3746,8 @@ struct cli_state *get_ipc_connect(char *server,
>  		flags |= CLI_FULL_CONNECTION_USE_KERBEROS;
>  	}
>  
> +	flags |= CLI_FULL_CONNECTION_FORCE_SMB1;
> +
>  	nt_status = cli_full_connection(&cli, NULL, server, server_ss, 0, "IPC$", "IPC", 
>  					get_cmdline_auth_info_username(user_info),
>  					lp_workgroup(),
> -- 
> 1.9.1
> 
> 
> From 3fcc81ffb9f261dcb22292626f71f5a3d2ff3f24 Mon Sep 17 00:00:00 2001
> From: Stefan Metzmacher <metze at samba.org>
> Date: Wed, 16 Aug 2017 08:55:43 +0200
> Subject: [PATCH 2/5] s3:smbclient: improve the error messages for smbclient -L
> 
> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12863
> 
> Signed-off-by: Stefan Metzmacher <metze at samba.org>
> ---
>  source3/client/client.c | 11 +++++------
>  1 file changed, 5 insertions(+), 6 deletions(-)
> 
> diff --git a/source3/client/client.c b/source3/client/client.c
> index 83d9b9d..5897cec 100644
> --- a/source3/client/client.c
> +++ b/source3/client/client.c
> @@ -5830,6 +5830,7 @@ static int do_host_query(const char *query_host)
>  	}
>  
>  	if (lp_disable_netbios()) {
> +		d_printf("NetBIOS over TCP disabled -- no workgroup available\n");
>  		goto out;
>  	}
>  
> @@ -5844,21 +5845,19 @@ static int do_host_query(const char *query_host)
>  		 */
>  
>  		cli_shutdown(cli);
> +		d_printf("Reconnecting with SMB1 for workgroup listing.\n");
>  		status = cli_cm_open(talloc_tos(), NULL,
>  				     have_ip ? dest_ss_str : query_host,
>  				     "IPC$", popt_get_cmdline_auth_info(),
>  				     smb_encrypt, max_proto,
>  				     NBT_SMB_PORT, name_type, &cli);
>  		if (!NT_STATUS_IS_OK(status)) {
> -			cli = NULL;
> +			d_printf("Failed to connect with SMB1 "
> +				 "-- no workgroup available\n");
> +			return 0;
>  		}
>  	}
>  
> -	if (cli == NULL) {
> -		d_printf("NetBIOS over TCP disabled -- no workgroup available\n");
> -		return 0;
> -	}
> -
>  	cli_set_timeout(cli, io_timeout*1000);
>  	list_servers(lp_workgroup());
>  out:
> -- 
> 1.9.1
> 
> 
> From 7bfc8552b76a837687bfbf3319874fc010797c84 Mon Sep 17 00:00:00 2001
> From: Stefan Metzmacher <metze at samba.org>
> Date: Wed, 16 Aug 2017 08:56:39 +0200
> Subject: [PATCH 3/5] s3:smbclient: don't try any workgroup listing with
>  "client min protocol = SMB2"
> 
> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12863
> 
> Signed-off-by: Stefan Metzmacher <metze at samba.org>
> ---
>  source3/client/client.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/source3/client/client.c b/source3/client/client.c
> index 5897cec..5ef9ad5 100644
> --- a/source3/client/client.c
> +++ b/source3/client/client.c
> @@ -5829,6 +5829,11 @@ static int do_host_query(const char *query_host)
>  		}
>  	}
>  
> +	if (lp_client_min_protocol() > PROTOCOL_NT1) {
> +		d_printf("SMB1 disabled -- no workgroup available\n");
> +		goto out;
> +	}
> +
>  	if (lp_disable_netbios()) {
>  		d_printf("NetBIOS over TCP disabled -- no workgroup available\n");
>  		goto out;
> -- 
> 1.9.1
> 
> 
> From 7f8c5b32c3ccc140c0ef6aa3bd75fd4182dbf8c5 Mon Sep 17 00:00:00 2001
> From: Stefan Metzmacher <metze at samba.org>
> Date: Wed, 16 Aug 2017 12:38:30 +0200
> Subject: [PATCH 4/5] s3:libsmb: don't call cli_NetServerEnum() on SMB2/3
>  connections in SMBC_opendir_ctx()
> 
> This is all we can do with when using we allow SMB2/3 and the server supports
> it, 'smb://' can't work unless we implement LLMNR and maybe WSD.
> 
> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12876
> 
> Signed-off-by: Stefan Metzmacher <metze at samba.org>
> ---
>  source3/libsmb/libsmb_dir.c | 13 +++++++++++++
>  1 file changed, 13 insertions(+)
> 
> diff --git a/source3/libsmb/libsmb_dir.c b/source3/libsmb/libsmb_dir.c
> index 8038584..72441c4 100644
> --- a/source3/libsmb/libsmb_dir.c
> +++ b/source3/libsmb/libsmb_dir.c
> @@ -590,6 +590,10 @@ SMBC_opendir_ctx(SMBCCTX *context,
>                                  continue;
>                          }
>  
> +			if (smbXcli_conn_protocol(srv->cli->conn) > PROTOCOL_NT1) {
> +				continue;
> +			}
> +
>                          dir->srv = srv;
>                          dir->dir_type = SMBC_WORKGROUP;
>  
> @@ -704,6 +708,15 @@ SMBC_opendir_ctx(SMBCCTX *context,
>  
>  				dir->srv = srv;
>  
> +				if (smbXcli_conn_protocol(srv->cli->conn) > PROTOCOL_NT1) {
> +					if (dir) {
> +						SAFE_FREE(dir->fname);
> +						SAFE_FREE(dir);
> +					}
> +					TALLOC_FREE(frame);
> +					return NULL;
> +				}
> +
>  				/* Now, list the servers ... */
>  				if (!cli_NetServerEnum(srv->cli, wgroup,
>                                                         0x0000FFFE, list_fn,
> -- 
> 1.9.1
> 
> 
> From 92b52b36025bb394d49d89056cf8d48da2b0d393 Mon Sep 17 00:00:00 2001
> From: Stefan Metzmacher <metze at samba.org>
> Date: Wed, 16 Aug 2017 12:42:48 +0200
> Subject: [PATCH 5/5] s3:libsmb: let do_connect() debug the negotiation result
>  similar to "session request ok"
> 
> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12881
> 
> Signed-off-by: Stefan Metzmacher <metze at samba.org>
> ---
>  source3/libsmb/clidfs.c | 9 +++++++--
>  1 file changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c
> index b740007..5cc220a 100644
> --- a/source3/libsmb/clidfs.c
> +++ b/source3/libsmb/clidfs.c
> @@ -149,6 +149,7 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
>  	const char *domain;
>  	NTSTATUS status;
>  	int flags = 0;
> +	enum protocol_types protocol = PROTOCOL_NONE;
>  	int signing_state = get_cmdline_auth_info_signing_state(auth_info);
>  	struct cli_credentials *creds = NULL;
>  
> @@ -204,7 +205,7 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
>  	}
>  
>  	if (max_protocol == 0) {
> -		max_protocol = PROTOCOL_NT1;
> +		max_protocol = PROTOCOL_LATEST;
>  	}
>  	DEBUG(4,(" session request ok\n"));
>  
> @@ -218,8 +219,12 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx,
>  		cli_shutdown(c);
>  		return status;
>  	}
> +	protocol = smbXcli_conn_protocol(c->conn);
> +	DEBUG(4,(" negotiated dialect[%s] against server[%s]\n",
> +		 smb_protocol_types_string(protocol),
> +		 smbXcli_conn_remote_name(c->conn)));
>  
> -	if (smbXcli_conn_protocol(c->conn) >= PROTOCOL_SMB2_02) {
> +	if (protocol >= PROTOCOL_SMB2_02) {
>  		/* Ensure we ask for some initial credits. */
>  		smb2cli_conn_set_max_credits(c->conn, DEFAULT_SMB2_MAX_CREDITS);
>  	}
> -- 
> 1.9.1
> 







More information about the samba-technical mailing list