The Samba-Bugzilla – Attachment 13574 Details for
Bug 13009
Can't connect to NetApp with SMB3.1.1 due to strict interpretation of encryption flag
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
proposed patch for fixing Samba client library and tools access to NetApp
0001-Connection-to-NetApp-servers-fails-due-to-overly-str.patch (text/plain), 1.40 KB, created by
Steve French
on 2017-09-11 23:10:14 UTC
(
hide
)
Description:
proposed patch for fixing Samba client library and tools access to NetApp
Filename:
MIME Type:
Creator:
Steve French
Created:
2017-09-11 23:10:14 UTC
Size:
1.40 KB
patch
obsolete
>From 02b636c1310a934aeddf9c302aa95325c8dc4b1d Mon Sep 17 00:00:00 2001 >From: Steve French <smfrench@gmail.com> >Date: Mon, 11 Sep 2017 17:39:15 -0500 >Subject: [PATCH] Connection to NetApp servers fails due to overly strict > encryption flag check in SMB3.1.1 > >We can't connect to NetApp with Samba tools in 4.7 since we see that they >return the CAP_ENCRYPTION on SMB3.1.1 (it is redundant to set it in 3.1.1 >as a CAP since we have negotiate contexts, but it is not strictly illegal) > >Edgar's blog entry indicates that the CAP_ENCRYPTION is a "should not set" >(not a "must not set") for 3.1.1 and the document implies that it is invalid >but does not indicate whether it is mandatory. > >Remove the unneeded check for NetApp case. > >Signed-off-by: Steve French <smfrench@gmail.com> >--- > libcli/smb/smbXcli_base.c | 6 ------ > 1 file changed, 6 deletions(-) > >diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c >index d73949b..d409a8d 100644 >--- a/libcli/smb/smbXcli_base.c >+++ b/libcli/smb/smbXcli_base.c >@@ -4916,12 +4916,6 @@ static void smbXcli_negprot_smb2_done(struct tevent_req *subreq) > return; > } > >- if (conn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION) { >- tevent_req_nterror(req, >- NT_STATUS_INVALID_NETWORK_RESPONSE); >- return; >- } >- > negotiate_context_offset = IVAL(body, 60); > if (negotiate_context_offset < security_offset) { > tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE); >-- >2.7.4 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 13009
:
13574
|
13575
|
13584
|
13597