Bug 12431 - net rap commands broken since fix for CVE-2016-2115
Summary: net rap commands broken since fix for CVE-2016-2115
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Other (show other bugs)
Version: 4.5.1
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Jeremy Allison
QA Contact: Samba QA Contact
Depends on:
Reported: 2016-11-17 00:18 UTC by crisb
Modified: 2017-04-15 01:54 UTC (History)
2 users (show)

See Also:

patch to allow rap commands to work (754 bytes, patch)
2016-11-30 00:18 UTC, crisb
no flags Details
patch that actually works (1.31 KB, patch)
2016-12-04 08:55 UTC, crisb
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description crisb 2016-11-17 00:18:21 UTC
It seems to me like this commit:

had the unintended result of breaking net rap commands.  net rap user/server domain etc all return no results after this change and only adding:

client ipc max protocol = NT1

to smb.conf can fix it.

this of course is in effect the same as changing from SMB_SIGNING_IPC_DEFAULT to SMB_SIGNING_DEFAULT (a code change which makes things work again).

smbtree uses the same rap commands but with SMB_SIGNING_DEFAULT and thus returns results.

I'm not sure RAP works when using the later SMB versions and this is why the change breaks it?   Seems like the code could do with a NET_FLAGS_RAP flag passed by all the methods in net_rap.c which sets the signing mode to SMB_SIGNING_DEFAULT.
Comment 1 crisb 2016-11-30 00:18:11 UTC
Created attachment 12702 [details]
patch to allow rap commands to work
Comment 2 crisb 2016-11-30 00:18:46 UTC
have attached a patch which makes rap commands return something again by default.
Comment 3 Jeremy Allison 2016-11-30 23:10:11 UTC
RAP commands can only work over SMB1. Might be better to just issue an error message if the protocol is greater than NT1.
Comment 4 crisb 2016-12-04 08:55:29 UTC
Created attachment 12717 [details]
patch that actually works