Bug 12805 - SMBv2/3 not working in source4 branch
Summary: SMBv2/3 not working in source4 branch
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: DCE-RPCs and pipes (show other bugs)
Version: 4.15.0
Hardware: x64 All
: P5 normal (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-05-25 09:55 UTC by Mark Ridley
Modified: 2021-10-03 20:55 UTC (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Ridley 2017-05-25 09:55:06 UTC 
Cifsdd can not connect to windows servers with SMB1 disabled. 

There are 2 bugs:

1. The -m switch to specify a max protocol is ignored.
Only values in smb.conf are used

2. When client max protocol = SMB2 and client min protocol = SMB2 is out into the smb.conf file the following error is returned:


cifsdd bs=1M count=10 if=/dev/zero of=//A.B.C.D/C$/a -UA%B
 
cifsdd: connecting to //A.B.C.D/C$: NT_STATUS_INVALID_PARAMETER_MIX
cifsdd: failed to open //A.B.C.D/C$/a
 
From looking through the smbcli_full_connection code it seems NT_STATUS_INVALID_PARAMETER_MIX is just a status returned when anything has going wrong somewhere. Not very informative.
 
This is happening on all versions of samba since 3.4.8
 
Prior to 3.4.7 it was showing NT_STATUS_CONNECTION_RESET because it looks like the code did not do SMB2 or SMB3 at all.
 
This is stopping all code that uses the source4 branch and is getting more urgent as more windows systems switch off SMB1. For example smbclient4, cifsdd and winexe use the source4 branch and are now broken because of this.
 
The source3 branch works fine.
Comment 1 Mark Ridley 2017-05-26 12:21:05 UTC 
After more debugging I have traced the problem to libcli/smb/smbXcli_base.c

        if (min_protocol > max_protocol) {
                tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER_MIX);
                return tevent_req_post(req, ev);
        }

my smb.conf has:
[global]
client min protocol = SMB2
min protocol = SMB2
max protocol = SMB3


I do not think the protocols are getting passed through.

I have debugged the min_protocol and max_protocol enums and min is set to SMB2 and max to NT1
Comment 2 Mark Ridley 2017-05-26 17:21:11 UTC 
The parameter_MIX error is happening because the SMB1 code is being called even though min protocol is SMB2. 

In the SMB1 code it sets max protocol to NT1 so the later check fails because min protocol is SMB2 but max protocol is now NT1. 

Has the SMB2 connect to share tree code been implemented in source4?
Comment 3 Stefan Metzmacher 2017-07-04 19:37:01 UTC 
Lets see if we can fix that before 4.7.0
Comment 4 Stefan Metzmacher 2017-08-16 06:10:15 UTC 
This will be deferred as it's not a regression and it still works against
servers with SMB1 support.
Comment 5 Björn Jacke 2021-10-03 20:55:47 UTC 
your years after this was reported, cifsdd is still broken. Actually I've never run across this binary before. I also see no real need for a cifsdd programm. It also has not man page, which might shed some might on for what it might be usefull :-)

How about just dropping it? If someone objects, he needs to fix it :-)