[Samba] SMB Signing issues... smbclient works, mount does not...

Julian Houghton sarlacii at yahoo.com
Mon Jan 26 21:22:28 GMT 2009 

--- On Mon, 26/1/09, Günter Kukkukk <linux at kukkukk.com> wrote:

> From: Günter Kukkukk <linux at kukkukk.com>
> Subject: Re: [Samba] SMB Signing issues... smbclient works, mount does not...
> To: samba at lists.samba.org
<snip> 
> at least most recent cifs vfs (version 1.56) from kernel
> 2.6.28 does
> support the mount option "sign".
> Have a look at the following url for the files README and
> CHANGES
> to see the full details regarding options and change notes:
> (should be _one_ long url line!)
> http://git.kernel.org/?p=linux/kernel/git/sfrench/cifs-2.6.git;a=tree;f=fs/cifs;h=34a787a31402775e2dffc6f3f3c50aaf2e6e24b9;hb=c996d2b116a0f3e1c4d09cfc0e2c926558fece79
> 
> You'll also notice the description of the pseudo file
> at
>   /proc/fs/cifs/PacketSigningEnabled
<snip>

Hi Günter

Mount option "sign" sounds like a good idea... navigating kernel options is intimidating.

Thanks for link, got it all in one line (LOL). Have subsequently downloaded kernel source via apt-get. Browsed to "/usr/src/linux-2.6.22.17.tex2/fs/cifs/" and opened README in less. Way more info than the "info" file. :o) Shot.

Okay, so looking at things now, I do not have the PacketSigningEnabled psuedo-file in my /proc/fs/cifs/ directory. And the dir is readonly. How do I create the file? chmod u+w /proc/fs/cifs & touch Packet... etc.?

I also see that I can play with the SecurityFlags... eg. 0x07007 to enable NTML with signing.

However, setting SecurityFlags to 0x7007 and trying the mount again still fails. Sigh.

*****************************************
Further debug info:

[root at localhost cifs]# tail -n 70 /var/log/syslog
<snip>
Jan 26 23:18:58 localhost kernel:  fs/cifs/cifsfs.c: Devname: //inhep-fs/julian flags: 64
Jan 26 23:18:58 localhost kernel:  fs/cifs/connect.c: CIFS VFS: in cifs_mount as Xid: 2345245 with uid: 0
Jan 26 23:18:58 localhost kernel:  fs/cifs/connect.c: Username: julian
Jan 26 23:18:58 localhost kernel:  fs/cifs/connect.c: UNC: \\inhep-fs\julian ip: 192.200.200.10
Jan 26 23:18:58 localhost kernel:  fs/cifs/connect.c: Socket created
Jan 26 23:18:58 localhost kernel:  fs/cifs/connect.c: sndbuf 16384 rcvbuf 87380 rcvtimeo 0x7fffffff
Jan 26 23:18:58 localhost kernel:  fs/cifs/connect.c: Demultiplex PID: 21083
Jan 26 23:18:58 localhost kernel:  fs/cifs/connect.c: Existing smb sess not found
Jan 26 23:18:58 localhost kernel:  fs/cifs/cifssmb.c: secFlags 0x1003
Jan 26 23:18:58 localhost kernel:  fs/cifs/transport.c: For smb_command 114
Jan 26 23:18:58 localhost kernel:  fs/cifs/transport.c: Sending smb of length 47
Jan 26 23:18:58 localhost kernel:  fs/cifs/connect.c: rfc1002 length 0x6f)
Jan 26 23:18:58 localhost kernel:  fs/cifs/cifssmb.c: Dialect: 0
Jan 26 23:18:58 localhost kernel:  fs/cifs/cifssmb.c: negprot rc 0
Jan 26 23:18:58 localhost kernel:  fs/cifs/connect.c: Security Mode: 0xf Capabilities: 0x1f3fd TimeAdjust: -7200
Jan 26 23:18:58 localhost kernel:  fs/cifs/sess.c: sess setup type 1
Jan 26 23:18:58 localhost kernel:  fs/cifs/transport.c: For smb_command 115
Jan 26 23:18:58 localhost kernel:  fs/cifs/transport.c: Sending smb:  total_len 240
Jan 26 23:18:58 localhost kernel:  fs/cifs/connect.c: rfc1002 length 0x27)
Jan 26 23:18:58 localhost kernel:  CIFS VFS: Unexpected SMB signature
Jan 26 23:18:58 localhost kernel:  fs/cifs/netmisc.c:  !!Mapping smb error code 2240 to POSIX err -13 !!
Jan 26 23:18:58 localhost kernel:  fs/cifs/misc.c: Null buffer passed to cifs_small_buf_release
Jan 26 23:18:58 localhost kernel:  fs/cifs/sess.c: ssetup rc from sendrecv2 is -13
Jan 26 23:18:58 localhost kernel:  fs/cifs/sess.c: ssetup freeing small buf cd70de40
Jan 26 23:18:58 localhost kernel:  CIFS VFS: Send error in SessSetup = -13
Jan 26 23:18:58 localhost kernel:  fs/cifs/connect.c: No session or bad tcon
Jan 26 23:18:58 localhost kernel:  fs/cifs/connect.c: CIFS VFS: leaving cifs_mount (xid = 2345245) rc = -13
Jan 26 23:18:58 localhost kernel:  CIFS VFS: cifs_mount failed w/return code = -13
<snip>

My /proc/fs/cifs/ dir display as follows:
<snip>
[root at localhost cifs]# grep ^ *
cifsFYI:1
DebugData:Display Internal CIFS Data Structures for Debugging
DebugData:---------------------------------------------------
DebugData:CIFS Version 1.49
DebugData:Active VFS Requests: 0
DebugData:Servers:
DebugData:Shares:
Experimental:0
LinuxExtensionsEnabled:0
LookupCacheEnabled:1
MultiuserMount:0
OplockEnabled:1
SecurityFlags:0x7
Stats:Resources in use
Stats:CIFS Session: 0
Stats:Share (unique mount targets): 0
Stats:SMB Request/Response Buffer: 0 Pool size: 4
Stats:SMB Small Req/Resp Buffer: 0 Pool size: 30
Stats:Operations (MIDs): 0
Stats:
Stats:124 session 4 share reconnects
Stats:Total vfs operations: 2345245 maximum at one time: 2
Stats:
traceSMB:0
<snip>

More information about the samba mailing list