The Samba-Bugzilla – Attachment 6441 Details for
Bug 8046
Authentication in mount.cifs (NTLMv2 in NTLMSSP in SPNEGO in GSS-API)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Wireshark capture
capture.txt (text/plain), 18.74 KB, created by
ncl.bourbaki
on 2011-05-10 15:17:01 UTC
(
hide
)
Description:
Wireshark capture
Filename:
MIME Type:
Creator:
ncl.bourbaki
Created:
2011-05-10 15:17:01 UTC
Size:
18.74 KB
patch
obsolete
>No. Time Source Destination Protocol Info > Client-IP NetApp-IP SMB Negotiate Protocol Request > >Frame 101: 148 bytes on wire (1184 bits), 148 bytes captured (1184 bits) >Ethernet II, Src: Client-Mac, Dst: NetApp-Mac >Internet Protocol, Src: Client-IP, Dst: NetApp-IP >NetBIOS Session Service > Message Type: Session message > Length: 78 >SMB (Server Message Block Protocol) > SMB Header > Server Component: SMB > [Response in: 102] > SMB Command: Negotiate Protocol (0x72) > NT Status: STATUS_SUCCESS (0x00000000) > Flags: 0x00 > 0... .... = Request/Response: Message is a request to the server > .0.. .... = Notify: Notify client only on open > ..0. .... = Oplocks: OpLock not requested/granted > ...0 .... = Canonicalized Pathnames: Pathnames are not canonicalized > .... 0... = Case Sensitivity: Path names are case sensitive > .... ..0. = Receive Buffer Posted: Receive buffer has not been posted > .... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported > Flags2: 0xc801 > 1... .... .... .... = Unicode Strings: Strings are Unicode > .1.. .... .... .... = Error Code Type: Error codes are NT error codes > ..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only > ...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs > .... 1... .... .... = Extended Security Negotiation: Extended security negotiation is supported > .... .... .0.. .... = Long Names Used: Path names in request are not long file names > .... .... .... .0.. = Security Signatures: Security signatures are not supported > .... .... .... ..0. = Extended Attributes: Extended attributes are not supported > .... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response > Process ID High: 0 > Signature: 0000000000000000 > Reserved: 0000 > Tree ID: 0 > Process ID: 4596 > User ID: 0 > Multiplex ID: 1 > Negotiate Protocol Request (0x72) > Word Count (WCT): 0 > Byte Count (BCC): 43 > Requested Dialects > Dialect: LM1.2X002 > Buffer Format: Dialect (2) > Name: LM1.2X002 > Dialect: LANMAN2.1 > Buffer Format: Dialect (2) > Name: LANMAN2.1 > Dialect: NT LM 0.12 > Buffer Format: Dialect (2) > Name: NT LM 0.12 > Dialect: POSIX 2 > Buffer Format: Dialect (2) > Name: POSIX 2 >No. Time Source Destination Protocol Info > NetApp-IP Client-IP SMB Negotiate Protocol Response > >Frame 102: 225 bytes on wire (1800 bits), 225 bytes captured (1800 bits) >Ethernet II, Src: NetApp-Mac, Dst: Client-Mac >Internet Protocol, Src: NetApp-IP, Dst: Client-IP >Transmission Control Protocol, Src Port: microsoft-ds (445), Dst Port: 40522 (40522), Seq: 1, Ack: 83, Len: 159 >NetBIOS Session Service > Message Type: Session message > Length: 155 >SMB (Server Message Block Protocol) > SMB Header > Server Component: SMB > [Response to: 101] > [Time from request: 0.000617000 seconds] > SMB Command: Negotiate Protocol (0x72) > Error Class: Success (0x00) > Reserved: 00 > Error Code: No Error > Flags: 0x98 > 1... .... = Request/Response: Message is a response to the client/redirector > .0.. .... = Notify: Notify client only on open > ..0. .... = Oplocks: OpLock not requested/granted > ...1 .... = Canonicalized Pathnames: Pathnames are canonicalized > .... 1... = Case Sensitivity: Path names are caseless > .... ..0. = Receive Buffer Posted: Receive buffer has not been posted > .... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported > Flags2: 0x8001 > 1... .... .... .... = Unicode Strings: Strings are Unicode > .0.. .... .... .... = Error Code Type: Error codes are DOS error codes > ..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only > ...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs > .... 0... .... .... = Extended Security Negotiation: Extended security negotiation is not supported > .... .... .0.. .... = Long Names Used: Path names in request are not long file names > .... .... .... .0.. = Security Signatures: Security signatures are not supported > .... .... .... ..0. = Extended Attributes: Extended attributes are not supported > .... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response > Process ID High: 0 > Signature: 0000000000000000 > Reserved: 0000 > Tree ID: 0 > Process ID: 4596 > User ID: 0 > Multiplex ID: 1 > Negotiate Protocol Response (0x72) > Word Count (WCT): 17 > Dialect Index: 2: NT LM 0.12 > Security Mode: 0x07 > .... ...1 = Mode: USER security mode > .... ..1. = Password: ENCRYPTED password. Use challenge/response > .... .1.. = Signatures: Security signatures ENABLED > .... 0... = Sig Req: Security signatures NOT required > Max Mpx Count: 126 > Max VCs: 1 > Max Buffer Size: 33028 > Max Raw Buffer: 65536 > Session Key: 0x6b4c12b9 > Capabilities: 0x8000d3fd > .... .... .... .... .... .... .... ...1 = Raw Mode: Read Raw and Write Raw are supported > .... .... .... .... .... .... .... ..0. = MPX Mode: Read Mpx and Write Mpx are not supported > .... .... .... .... .... .... .... .1.. = Unicode: Unicode strings are supported > .... .... .... .... .... .... .... 1... = Large Files: Large files are supported > .... .... .... .... .... .... ...1 .... = NT SMBs: NT SMBs are supported > .... .... .... .... .... .... ..1. .... = RPC Remote APIs: RPC remote APIs are supported > .... .... .... .... .... .... .1.. .... = NT Status Codes: NT status codes are supported > .... .... .... .... .... .... 1... .... = Level 2 Oplocks: Level 2 oplocks are supported > .... .... .... .... .... ...1 .... .... = Lock and Read: Lock and Read is supported > .... .... .... .... .... ..1. .... .... = NT Find: NT Find is supported > .... .... .... .... ...1 .... .... .... = Dfs: Dfs is supported > .... .... .... .... ..0. .... .... .... = Infolevel Passthru: NT information level request passthrough is not supported > .... .... .... .... .1.. .... .... .... = Large ReadX: Large Read andX is supported > .... .... .... .... 1... .... .... .... = Large WriteX: Large Write andX is supported > .... .... 0... .... .... .... .... .... = UNIX: UNIX extensions are not supported > .... ..0. .... .... .... .... .... .... = Reserved: Reserved > ..0. .... .... .... .... .... .... .... = Bulk Transfer: Bulk Read and Bulk Write are not supported > .0.. .... .... .... .... .... .... .... = Compressed Data: Compressed data transfer is not supported > 1... .... .... .... .... .... .... .... = Extended Security: Extended security exchanges are supported > System Time: May 10, 2011 16:56:23.945396000 CEST > Server Time Zone: -120 min from UTC > Key Length: 0 > Byte Count (BCC): 86 > Server GUID: 4505000gda5ff25e695c5d7f47c94b47 > Security Blob: 604406062b0601050502a03a3038a018301606092a864882... > GSS-API Generic Security Service Application Program Interface > OID: 1.3.6.1.5.5.2 (SPNEGO - Simple Protected Negotiation) > Simple Protected Negotiation > negTokenInit > mechTypes: 2 items > MechType: 1.2.840.48018.1.2.2 (MS KRB5 - Microsoft Kerberos 5) > MechType: 1.2.840.113554.1.2.2 (KRB5 - Kerberos 5) > mechListMIC: 301aa0181b1666696c657230322440494e5452414e45542e... > principal: filer02$@MY.REALM >No. Time Source Destination Protocol Info > Client-IP NetApp-IP SMB Session Setup AndX Request > >Frame 106: 534 bytes on wire (4272 bits), 534 bytes captured (4272 bits) >Ethernet II, Src: Client-Mac, Dst: NetApp-Mac >Internet Protocol, Src: Client-IP, Dst: NetApp-IP >Transmission Control Protocol, Src Port: 40522 (40522), Dst Port: microsoft-ds (445), Seq: 1531, Ack: 160, Len: 468 >NetBIOS Session Service > Message Type: Session message > Length: 1912 >SMB (Server Message Block Protocol) > SMB Header > Server Component: SMB > [Response in: 107] > SMB Command: Session Setup AndX (0x73) > NT Status: STATUS_SUCCESS (0x00000000) > Flags: 0x00 > 0... .... = Request/Response: Message is a request to the server > .0.. .... = Notify: Notify client only on open > ..0. .... = Oplocks: OpLock not requested/granted > ...0 .... = Canonicalized Pathnames: Pathnames are not canonicalized > .... 0... = Case Sensitivity: Path names are case sensitive > .... ..0. = Receive Buffer Posted: Receive buffer has not been posted > .... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported > Flags2: 0xd805 > 1... .... .... .... = Unicode Strings: Strings are Unicode > .1.. .... .... .... = Error Code Type: Error codes are NT error codes > ..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only > ...1 .... .... .... = Dfs: Resolve pathnames with Dfs > .... 1... .... .... = Extended Security Negotiation: Extended security negotiation is supported > .... .... .0.. .... = Long Names Used: Path names in request are not long file names > .... .... .... .1.. = Security Signatures: Security signatures are supported > .... .... .... ..0. = Extended Attributes: Extended attributes are not supported > .... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response > Process ID High: 0 > Signature: d223861c9cb23187 > Reserved: 0000 > Tree ID: 0 > Process ID: 4596 > User ID: 0 > Multiplex ID: 2 > Session Setup AndX Request (0x73) > Word Count (WCT): 12 > AndXCommand: No further commands (0xff) > Reserved: 00 > AndXOffset: 0 > Max Buffer: 33028 > Max Mpx Count: 126 > VC Number: 3 > Session Key: 0x6b4c12b9 > Security Blob Length: 1736 > Reserved: 00000000 > Capabilities: 0x8000d0dc > .... .... .... .... .... .... .... ...0 = Raw Mode: Read Raw and Write Raw are not supported > .... .... .... .... .... .... .... ..0. = MPX Mode: Read Mpx and Write Mpx are not supported > .... .... .... .... .... .... .... .1.. = Unicode: Unicode strings are supported > .... .... .... .... .... .... .... 1... = Large Files: Large files are supported > .... .... .... .... .... .... ...1 .... = NT SMBs: NT SMBs are supported > .... .... .... .... .... .... ..0. .... = RPC Remote APIs: RPC remote APIs are not supported > .... .... .... .... .... .... .1.. .... = NT Status Codes: NT status codes are supported > .... .... .... .... .... .... 1... .... = Level 2 Oplocks: Level 2 oplocks are supported > .... .... .... .... .... ...0 .... .... = Lock and Read: Lock and Read is not supported > .... .... .... .... .... ..0. .... .... = NT Find: NT Find is not supported > .... .... .... .... ...1 .... .... .... = Dfs: Dfs is supported > .... .... .... .... ..0. .... .... .... = Infolevel Passthru: NT information level request passthrough is not supported > .... .... .... .... .1.. .... .... .... = Large ReadX: Large Read andX is supported > .... .... .... .... 1... .... .... .... = Large WriteX: Large Write andX is supported > .... .... 0... .... .... .... .... .... = UNIX: UNIX extensions are not supported > .... ..0. .... .... .... .... .... .... = Reserved: Reserved > ..0. .... .... .... .... .... .... .... = Bulk Transfer: Bulk Read and Bulk Write are not supported > .0.. .... .... .... .... .... .... .... = Compressed Data: Compressed data transfer is not supported > 1... .... .... .... .... .... .... .... = Extended Security: Extended security exchanges are supported > Byte Count (BCC): 1853 > Security Blob: 608206c406062b0601050502a08206b8308206b4a00d300b... > GSS-API Generic Security Service Application Program Interface > OID: 1.3.6.1.5.5.2 (SPNEGO - Simple Protected Negotiation) > Simple Protected Negotiation > negTokenInit > mechTypes: 1 item > MechType: 1.2.840.113554.1.2.2 (KRB5 - Kerberos 5) > mechToken: 6082069906092a864886f71201020201006e820688308206... > krb5_blob: 6082069906092a864886f71201020201006e820688308206... > KRB5 OID: 1.2.840.113554.1.2.2 (KRB5 - Kerberos 5) > krb5_tok_id: KRB5_AP_REQ (0x0001) > Kerberos AP-REQ > Pvno: 5 > MSG Type: AP-REQ (14) > Padding: 0 > APOptions: 00000000 > 0... .... .... .... .... .... .... .... = reserved: RESERVED bit off > .0.. .... .... .... .... .... .... .... = Use Session Key: Do NOT use the session key to encrypt the ticket > ..0. .... .... .... .... .... .... .... = Mutual required: Mutual authentication is NOT required > Ticket > Tkt-vno: 5 > Realm: MY.REALM > Server Name (Principal): cifs/filer02.my.realm > Name-type: Principal (1) > Name: cifs > Name: filer02.my.realm > enc-part rc4-hmac > Encryption type: rc4-hmac (23) > Kvno: 3 > enc-part: fa7df5e8a541686093c3b37d143290db906b602a2d786976... > Authenticator rc4-hmac > Encryption type: rc4-hmac (23) > Authenticator data: 49724ea25d4311fae185efaaa024138d31e0a73a1e02e040... > Native OS: Linux version 2.6.38-8-generic > Native LAN Manager: CIFS VFS Client for Linux > Primary Domain: >No. Time Source Destination Protocol Info > NetApp-IP Client-IP SMB KRB Error: KRB5KRB_AP_ERR_MODIFIED, Error: STATUS_MORE_PROCESSING_REQUIRED > >Frame 107: 314 bytes on wire (2512 bits), 314 bytes captured (2512 bits) >Ethernet II, Src: NetApp-Mac, Dst: Client-Mac >Internet Protocol, Src: NetApp-IP, Dst: Client-IP >NetBIOS Session Service > Message Type: Session message > Length: 244 >SMB (Server Message Block Protocol) > SMB Header > Server Component: SMB > [Response to: 106] > [Time from request: 0.001178000 seconds] > SMB Command: Session Setup AndX (0x73) > NT Status: STATUS_MORE_PROCESSING_REQUIRED (0xc0000016) > Flags: 0x98 > 1... .... = Request/Response: Message is a response to the client/redirector > .0.. .... = Notify: Notify client only on open > ..0. .... = Oplocks: OpLock not requested/granted > ...1 .... = Canonicalized Pathnames: Pathnames are canonicalized > .... 1... = Case Sensitivity: Path names are caseless > .... ..0. = Receive Buffer Posted: Receive buffer has not been posted > .... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported > Flags2: 0xc807 > 1... .... .... .... = Unicode Strings: Strings are Unicode > .1.. .... .... .... = Error Code Type: Error codes are NT error codes > ..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only > ...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs > .... 1... .... .... = Extended Security Negotiation: Extended security negotiation is supported > .... .... .0.. .... = Long Names Used: Path names in request are not long file names > .... .... .... .1.. = Security Signatures: Security signatures are supported > .... .... .... ..1. = Extended Attributes: Extended attributes are supported > .... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response > Process ID High: 0 > Signature: d223861c9cb23187 > Reserved: 0000 > Tree ID: 0 > Process ID: 4596 > User ID: 2048 > Multiplex ID: 2 > Session Setup AndX Response (0x73) > Word Count (WCT): 4 > AndXCommand: No further commands (0xff) > Reserved: 00 > AndXOffset: 0 > Action: 0x0000 > .... .... .... ...0 = Guest: Not logged in as GUEST > Security Blob Length: 126 > Byte Count (BCC): 201 > Security Blob: a17c307aa0030a0101a10b06092a864886f712010202a266... > GSS-API Generic Security Service Application Program Interface > Simple Protected Negotiation > negTokenTarg > negResult: accept-incomplete (1) > supportedMech: 1.2.840.113554.1.2.2 (KRB5 - Kerberos 5) > responseToken: 606206092a864886f71201020203007e533051a003020105... > krb5_blob: 606206092a864886f71201020203007e533051a003020105... > KRB5 OID: 1.2.840.113554.1.2.2 (KRB5 - Kerberos 5) > krb5_tok_id: KRB5_ERROR (0x0003) > Kerberos KRB-ERROR > Pvno: 5 > MSG Type: KRB-ERROR (30) > stime: 2011-05-10 14:56:23 (UTC) > susec: 951396 > error_code: KRB5KRB_AP_ERR_MODIFIED (41) > Realm: MY.REALM > Server Name (Principal): FILER02$ > Name-type: Principal (1) > Name: FILER02$ > Native OS: Windows 5.0 > Native LAN Manager: Windows 2000 LAN Manager
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=6441">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 8046
: 6441