If clients use SMB3 encryption and the kerberos authenticated session expires, clients disconnect the connection instead of doing a reauthentication.
Hey Stefan Metzmacher! What configuration and smbclient command line oyu are using? smb.conf .. min protocol = SMB3 smb encrypt = yes # smbclient -k //hostname/myshare -e -mSMB3 -d 10 smb: \> ls dos_clean_name [\*] unix_clean_name [\*] encrypt SMB2 message decrypt SMB2 message encrypt SMB2 message decrypt SMB2 message . D 0 Mon Oct 1 12:07:18 2018 .. DR 0 Mon Oct 1 12:07:12 2018 file1 N 0 Mon Oct 1 12:07:18 2018 encrypt SMB2 message decrypt SMB2 message encrypt SMB2 message decrypt SMB2 message encrypt SMB2 message decrypt SMB2 message encrypt SMB2 message decrypt SMB2 message encrypt SMB2 message decrypt SMB2 message 13973504 blocks of size 1024. 11805284 blocks available Total bytes listed: 0 smb: \> Still SMB2 messages exchanged
Created attachment 14505 [details] Possible patches for master
(In reply to amitkuma from comment #1) With the attached patches (against an unpatched server): bin/smbtorture -Uadministrator%A1b2C3d4 --realm W4EDOM-L4.BASE -W W4EDOM-L4 -k yes //ub1404-163.w4edom-l4.base/torture smb2.session.expire2e smbtorture 4.10.0pre1-DEVELOPERBUILD Using seed 1538388008 time: 2018-10-01 10:00:08.490614 test: expire2e time: 2018-10-01 10:00:08.492142 query info => OK lock => OK 1st notify => PENDING sleep 10 seconds query info => EXPIRED time: 2018-10-01 10:00:18.573290 failure: expire2e [ ../source4/torture/smb2/session.c:1351: status was NT_STATUS_ACCESS_DENIED, expected NT_STATUS_NETWORK_SESSION_EXPIRED: smb2_getinfo_file returned unexpected status ]
Created attachment 14519 [details] Patches for v4-9-test
Created attachment 14520 [details] Patches for v4-8-test
Created attachment 14521 [details] Patches for v4-7-test
Re-assigning to Karolin for inclusion in 4.9.next, 4.8.next, 4.7.next.
(In reply to Jeremy Allison from comment #7) Pushed to autobuild-v4-{9,8,7}-test.
(In reply to Karolin Seeger from comment #8) Pushed to all branches. Closing out bug report. Thanks!
*** Bug 13921 has been marked as a duplicate of this bug. ***