[Samba] OS/2 client crash on "Find Close2"
Andreas Paulick
paulick at faro.de
Tue Aug 8 09:19:43 GMT 2006
Andreas Taegener schrieb:
> Hello,
>
> I have just migrated an old OS/2 file server to a Linux box with Samba
> 3.0.23a. Now the OS/2 clients crash from time to time. I found a way
> to reproduce/force the crash using PMMail and did some experiments.
>
> The popuplog.os2 on the clients (Warp4 and eComStation) always names a
> sys3175 in pmshell.exe / doscall1.dll.
>
> Using Ethereal and comparing the network traffic between a) a client
> and the Samba server and b) the same client and an OS/2 server (in
> this setup the client doesn't crash) I found at least one difference
> in the SMB protocol. It is the "Find Close2 Response" SMB message.
>
> Here is the packet from the Samba server logged by Ethereal:
>
> ---START-----------------------------------------------------
> No. Time Source Destination
> Protocol Info
> 153 02:09:53.405713 192.168.1.223 192.168.1.1
> SMB Find Close2 Response
>
> Frame 153 (97 bytes on wire, 97 bytes captured)
> Arrival Time: Aug 7, 2006 02:09:53.405713000
> Time delta from previous packet: 0.000384000 seconds
> Time since reference or first frame: 58.338749000 seconds
> Frame Number: 153
> Packet Length: 97 bytes
> Capture Length: 97 bytes
> Protocols in frame: eth:ip:tcp:nbss:smb
> Ethernet II, Src: srv3.taegi.eideltown.de (00:01:af:01:a0:a2), Dst:
> Intel_3a:01:e1 (00:02:b3:3a:01:e1)
> Destination: Intel_3a:01:e1 (00:02:b3:3a:01:e1)
> Source: srv3.taegi.eideltown.de (00:01:af:01:a0:a2)
> Type: IP (0x0800)
> Frame check sequence: 0x94bcdc1f [correct]
> Internet Protocol, Src: 192.168.1.223 (192.168.1.223), Dst:
> 192.168.1.1 (192.168.1.1)
> Version: 4
> Header length: 20 bytes
> Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
> 0000 00.. = Differentiated Services Codepoint: Default (0x00)
> .... ..0. = ECN-Capable Transport (ECT): 0
> .... ...0 = ECN-CE: 0
> Total Length: 79
> Identification: 0xcd9b (52635)
> Flags: 0x04 (Don't Fragment)
> 0... = Reserved bit: Not set
> .1.. = Don't fragment: Set
> ..0. = More fragments: Not set
> Fragment offset: 0
> Time to live: 64
> Protocol: TCP (0x06)
> Header checksum: 0xe8dc [correct]
> Good: True
> Bad : False
> Source: 192.168.1.223 (192.168.1.223)
> Destination: 192.168.1.1 (192.168.1.1)
> Transmission Control Protocol, Src Port: netbios-ssn (139), Dst Port:
> 1024 (1024), Seq: 45598, Ack: 1364, Len: 39
> Source port: netbios-ssn (139)
> Destination port: 1024 (1024)
> Sequence number: 45598 (relative sequence number)
> Next sequence number: 45637 (relative sequence number)
> Acknowledgement number: 1364 (relative ack number)
> Header length: 20 bytes
> Flags: 0x0018 (PSH, ACK)
> 0... .... = Congestion Window Reduced (CWR): Not set
> .0.. .... = ECN-Echo: Not set
> ..0. .... = Urgent: Not set
> ...1 .... = Acknowledgment: Set
> .... 1... = Push: Set
> .... .0.. = Reset: Not set
> .... ..0. = Syn: Not set
> .... ...0 = Fin: Not set
> Window size: 5360
> Checksum: 0x60fa [correct]
> SEQ/ACK analysis
> This is an ACK to the segment in frame: 152
> The RTT to ACK the segment was: 0.000384000 seconds
> NetBIOS Session Service
> Message Type: Session message
> Flags: 0x00
> .... ...0 = Add 0 to length
> Length: 35
> SMB (Server Message Block Protocol)
> SMB Header
> Server Component: SMB
> Response to: 152
> Time from request: 0.000384000 seconds
> SMB Command: Find Close2 (0x34)
> Error Class: Success (0x00)
> Reserved: 00
> Error Code: No Error
> Flags: 0x88
> 1... .... = Request/Response: Message is a response to the
> client/redirector
> .0.. .... = Notify: Notify client only on open
> ..0. .... = Oplocks: OpLock not requested/granted
> ...0 .... = Canonicalized Pathnames: Pathnames are not
> canonicalized
> .... 1... = Case Sensitivity: Path names are caseless
> .... ..0. = Receive Buffer Posted: Receive buffer has not
> been posted
> .... ...0 = Lock and Read: Lock&Read, Write&Unlock are not
> supported
> Flags2: 0x0001
> 0... .... .... .... = Unicode Strings: Strings are ASCII
> .0.. .... .... .... = Error Code Type: Error codes are DOS
> error codes
> ..0. .... .... .... = Execute-only Reads: Don't permit
> reads if execute-only
> ...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs
> .... 0... .... .... = Extended Security Negotiation:
> Extended security negotiation is not supported
> .... .... .0.. .... = Long Names Used: Path names in
> request are not long file names
> .... .... .... .0.. = Security Signatures: Security
> signatures are not supported
> .... .... .... ..0. = Extended Attributes: Extended
> attributes are not supported
> .... .... .... ...1 = Long Names Allowed: Long file names
> are allowed in the response
> Process ID High: 0
> Signature: 0000000000000000
> Reserved: 0000
> Tree ID: 7
> Process ID: 84
> User ID: 100
> Multiplex ID: 53506
> Find Close2 Response (0x34)
> Word Count (WCT): 0
> Byte Count (BCC): 0
>
> 0000 00 02 b3 3a 01 e1 00 01 af 01 a0 a2 08 00 45 00 ...:..........E.
> 0010 00 4f cd 9b 40 00 40 06 e8 dc c0 a8 01 df c0 a8 .O.. at .@.........
> 0020 01 01 00 8b 04 00 64 d8 11 35 00 ce f6 10 50 18 ......d..5....P.
> 0030 14 f0 60 fa 00 00 00 00 00 23 ff 53 4d 42 34 00 ..`......#.SMB4.
> 0040 00 00 00 88 01 00 00 00 00 00 00 00 00 00 00 00 ................
> 0050 00 00 07 00 54 00 64 00 02 d1 00 00 00 94 bc dc ....T.d.........
> 0060 1f .
> ---END-------------------------------------------------------
>
>
> And here the packet from the OS/2 server:
>
> ---START-----------------------------------------------------
> No. Time Source Destination
> Protocol Info
> 10956 04:39:42.694870 192.168.1.18 192.168.1.1
> SMB Find Close2 Response[Malformed Packet]
>
> Frame 10956 (96 bytes on wire, 96 bytes captured)
> Arrival Time: Aug 7, 2006 04:39:42.694870000
> Time delta from previous packet: 0.000232000 seconds
> Time since reference or first frame: 244.901074000 seconds
> Frame Number: 10956
> Packet Length: 96 bytes
> Capture Length: 96 bytes
> Protocols in frame: eth:ip:tcp:nbss:smb
> Ethernet II, Src: Ibm_96:23:94 (00:04:ac:96:23:94), Dst:
> Intel_3a:01:e1 (00:02:b3:3a:01:e1)
> Destination: Intel_3a:01:e1 (00:02:b3:3a:01:e1)
> Source: Ibm_96:23:94 (00:04:ac:96:23:94)
> Type: IP (0x0800)
> Frame check sequence: 0xd830e64f [correct]
> Internet Protocol, Src: 192.168.1.18 (192.168.1.18), Dst: 192.168.1.1
> (192.168.1.1)
> Version: 4
> Header length: 20 bytes
> Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
> 0000 00.. = Differentiated Services Codepoint: Default (0x00)
> .... ..0. = ECN-Capable Transport (ECT): 0
> .... ...0 = ECN-CE: 0
> Total Length: 78
> Identification: 0x5d37 (23863)
> Flags: 0x04 (Don't Fragment)
> 0... = Reserved bit: Not set
> .1.. = Don't fragment: Set
> ..0. = More fragments: Not set
> Fragment offset: 0
> Time to live: 64
> Protocol: TCP (0x06)
> Header checksum: 0x5a0f [correct]
> Good: True
> Bad : False
> Source: 192.168.1.18 (192.168.1.18)
> Destination: 192.168.1.1 (192.168.1.1)
> Transmission Control Protocol, Src Port: netbios-ssn (139), Dst Port:
> 1028 (1028), Seq: 2515935, Ack: 1007042, Len: 38
> Source port: netbios-ssn (139)
> Destination port: 1028 (1028)
> Sequence number: 2515935 (relative sequence number)
> Next sequence number: 2515973 (relative sequence number)
> Acknowledgement number: 1007042 (relative ack number)
> Header length: 20 bytes
> Flags: 0x0018 (PSH, ACK)
> 0... .... = Congestion Window Reduced (CWR): Not set
> .0.. .... = ECN-Echo: Not set
> ..0. .... = Urgent: Not set
> ...1 .... = Acknowledgment: Set
> .... 1... = Push: Set
> .... .0.. = Reset: Not set
> .... ..0. = Syn: Not set
> .... ...0 = Fin: Not set
> Window size: 33580
> Checksum: 0xd8a6 [correct]
> NetBIOS Session Service
> Message Type: Session message
> Flags: 0x00
> .... ...0 = Add 0 to length
> Length: 34
> SMB (Server Message Block Protocol)
> SMB Header
> Server Component: SMB
> Response to: 10954
> Time from request: 0.000762000 seconds
> SMB Command: Find Close2 (0x34)
> Error Class: Success (0x00)
> Reserved: 00
> Error Code: No Error
> Flags: 0x88
> 1... .... = Request/Response: Message is a response to the
> client/redirector
> .0.. .... = Notify: Notify client only on open
> ..0. .... = Oplocks: OpLock not requested/granted
> ...0 .... = Canonicalized Pathnames: Pathnames are not
> canonicalized
> .... 1... = Case Sensitivity: Path names are caseless
> .... ..0. = Receive Buffer Posted: Receive buffer has not
> been posted
> .... ...0 = Lock and Read: Lock&Read, Write&Unlock are not
> supported
> Flags2: 0x0003
> 0... .... .... .... = Unicode Strings: Strings are ASCII
> .0.. .... .... .... = Error Code Type: Error codes are DOS
> error codes
> ..0. .... .... .... = Execute-only Reads: Don't permit
> reads if execute-only
> ...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs
> .... 0... .... .... = Extended Security Negotiation:
> Extended security negotiation is not supported
> .... .... .0.. .... = Long Names Used: Path names in
> request are not long file names
> .... .... .... .0.. = Security Signatures: Security
> signatures are not supported
> .... .... .... ..1. = Extended Attributes: Extended
> attributes are supported
> .... .... .... ...1 = Long Names Allowed: Long file names
> are allowed in the response
> Process ID High: 0
> Signature: 0000000000000000
> Reserved: 0000
> Tree ID: 53250
> Process ID: 137
> User ID: 1
> Multiplex ID: 53006
> Find Close2 Response (0x34)
> Word Count (WCT): 0
> [Malformed Packet: SMB]
>
> 0000 00 02 b3 3a 01 e1 00 04 ac 96 23 94 08 00 45 00 ...:......#...E.
> 0010 00 4e 5d 37 40 00 40 06 5a 0f c0 a8 01 12 c0 a8 .N]7 at .@.Z.......
> 0020 01 01 00 8b 04 04 7e 2d 73 51 00 f0 b9 91 50 18 ......~-sQ....P.
> 0030 83 2c d8 a6 00 00 00 00 00 22 ff 53 4d 42 34 00 .,.......".SMB4.
> 0040 00 00 00 88 03 00 00 00 00 00 00 00 00 00 00 00 ................
> 0050 00 00 02 d0 89 00 01 00 0e cf 00 00 d8 30 e6 4f .............0.O
> ---END-------------------------------------------------------
>
>
> The differences are in the last few lines:
>
> ---Samba----------------------------------------
> Find Close2 Response (0x34)
> Word Count (WCT): 0
> Byte Count (BCC): 0
> ------------------------------------------------
>
> ---OS/2-----------------------------------------
> Find Close2 Response (0x34)
> Word Count (WCT): 0
> [Malformed Packet: SMB]
> ------------------------------------------------
>
>
> Has anybody else seen this problem or knows a solution for it? Or is
> it possible to add a workaround to Samba?
>
> Please let me know if more info is required.
>
> Many thanks in advance and kind regards
> Andreas Taegener
>
The sys 3175 in pmshell at accesses sounds to me like broken EA-Support.
Especially Pmmail and WPSWizard struggles at the loss of EAs. The only
solution I have found so far is a downgrade to Samba 3.0.18? (I dont
know the exact the last working version) where the EAs still works.
Greetings/2
Andy
More information about the samba
mailing list