smbclient -d 12 -U guest -N -L 172.16.111.212 display: ndr_pull_error(11): Pull bytes 3328 (../librpc/ndr/ndr_string.c:591) rpc_pipe_bind: host 172.16.111.212 bind request returned NT_STATUS_BUFFER_TOO_SMALL cli_rpc_pipe_open_noauth: rpc_pipe_bind for pipe srvsvc failed with error NT_STATUS_BUFFER_TOO_SMALL Could not connect to srvsvc pipe: NT_STATUS_BUFFER_TOO_SMALL Problem can be seen in wireshark in packet: Distributed Computing Environment / Remote Procedure Call (DCE/RPC) Bind_ack, Fragment: Single, FragLen: 68, Call: 1 Version: 5 Version (minor): 0 Packet type: Bind_ack (12) Packet Flags: 0x03 0... .... = Object: Not set .0.. .... = Maybe: Not set ..0. .... = Did Not Execute: Not set ...0 .... = Multiplex: Not set .... 0... = Reserved: Not set .... .0.. = Cancel Pending: Not set .... ..1. = Last Frag: Set .... ...1 = First Frag: Set Data Representation: 00000000 Byte order: Big-endian (0) Character: ASCII (0) Floating-point: IEEE (0) Frag Length: 68 Auth Length: 0 Call ID: 1 Max Xmit Frag: 4280 Max Recv Frag: 4280 Assoc Group: 0x58a2f456 Scndry Addr len: 13 Scndry Addr: \PIPE\ntsvcs Num results: 1 Ctx Item[1]: Acceptance, 32bit NDR Ack result: Acceptance (0) Transfer Syntax: 32bit NDR Syntax ver: 2 0000 00 21 28 75 75 87 12 34 22 d7 3d 59 08 00 45 02 .!(uu..4".=Y..E. 0010 00 b4 33 f6 40 00 3c 06 d2 58 ac 10 6f d4 ac 10 ..3.@.<..X..o... 0020 6f fe 01 bd fa 0b 6f d0 7f 9f 21 8c 09 53 80 18 o.....o...!..S.. 0030 80 26 01 33 00 00 01 01 08 0a 00 0c 77 6d 23 8d .&.3........wm#. 0040 5a 56 00 00 00 7c ff 53 4d 42 25 00 00 00 00 90 ZV...|.SMB%..... 0050 43 88 00 00 00 00 00 00 00 00 00 00 00 00 01 00 C............... 0060 06 56 01 00 05 00 0a 00 00 44 00 00 00 00 00 38 .V.......D.....8 0070 00 00 00 44 00 38 00 00 00 00 00 45 00 00 05 00 ...D.8.....E.... 0080 0c 03 00 00 00 00 00 44 00 00 00 00 00 01 10 b8 .......D........ 0090 10 b8 58 a2 f4 56 00 0d 5c 50 49 50 45 5c 6e 74 ..X..V..\PIPE\nt !!!!!!!!!!!!!!!!!!!!!!! ^^^^^ strlen is interpreted in little-endian as 0x0d00 = 3328 00a0 73 76 63 73 00 00 01 00 00 00 00 00 00 00 8a 88 svcs............ 00b0 5d 04 1c eb 11 c9 9f e8 08 00 2b 10 48 60 00 00 ].........+.H`.. 00c0 00 02 .. note: wireshark display all of the values (also: "Max Xmit Frag" (0x10b8), "Max Recv Frag" (0x10b8), "Frag Length" (0x0044)) in correct endianess so I tried to compare IDLs but both are the same. Here are the octets from the similar packet snooped when talking to Solaris SMB server running on intel: Data Representation: 10000000 Byte order: Little-endian (1) Character: ASCII (0) Floating-point: IEEE (0) Frag Length: 68 Auth Length: 0 Call ID: 1 Max Xmit Frag: 4280 Max Recv Frag: 4280 Assoc Group: 0x58a2f475 Scndry Addr len: 13 Scndry Addr: \PIPE\ntsvcs Num results: 1 Ctx Item[1]: Acceptance, 32bit NDR Ack result: Acceptance (0) Transfer Syntax: 32bit NDR Syntax ver: 2 0000 00 21 28 75 75 87 12 34 22 90 d4 69 08 00 45 02 .!(uu..4"..i..E. 0010 00 b4 90 06 40 00 3c 06 76 49 ac 10 6f d3 ac 10 ....@.<.vI..o... 0020 6f fe 01 bd ea 14 5d 01 dc 16 ee 0e f0 a8 80 18 o.....]......... 0030 80 26 a8 8e 00 00 01 01 08 0a 00 0e 2b fd 23 8d .&..........+.#. 0040 66 59 00 00 00 7c ff 53 4d 42 25 00 00 00 00 90 fY...|.SMB%..... 0050 43 88 00 00 00 00 00 00 00 00 00 00 00 00 01 00 C............... 0060 08 56 01 00 05 00 0a 00 00 44 00 00 00 00 00 38 .V.......D.....8 0070 00 00 00 44 00 38 00 00 00 00 00 45 00 00 05 00 ...D.8.....E.... 0080 0c 03 10 00 00 00 44 00 00 00 01 00 00 00 b8 10 ......D......... ................................................0x10b8 = 4280 0090 b8 10 75 f4 a2 58 0d 00 5c 50 49 50 45 5c 6e 74 ..u..X..\PIPE\nt .....0x10b8............0x000d = 13 00a0 73 76 63 73 00 00 01 00 00 00 00 00 00 00 04 5d svcs...........] PS: Samba is sending "little-endian" even if running on SPARC so it can not be used as a reference and the "big-endian" SMB server is very rare case.
(In reply to Jura Sasek from comment #0) This should already be fixed in master and 4.6. We could backport the following commit to 4.4 and 4.5 https://git.samba.org/?p=samba.git;a=commitdiff;h=1bfba2c5161c0e27f8c27301f25836
Created attachment 12930 [details] Patch for v4-5-test
Created attachment 12931 [details] Patch for v4-4-test
Comment on attachment 12931 [details] Patch for v4-4-test Patch looks right, but it does not have the BUG: entry :-) Acking nevertheless, Karo, bounce back if that's needed.
Pushed to autobuild-v4-{5,4}-test.
I have tested v4-4 patch in the same setup and now it works fine. Thank you for your quick response.
Pushed to both branches. Closing out bug report. Thanks!