As reported by Richard Sharpe on samba-technical: Apple has a bug in their handling of credits when Samba returns STATUS_PENDING for a SESSION SETUP request. Such responses only seem to occur when the Samba server is under heavy load. Samba issues one credit in such cases, and, as per the spec issues zero credits in the final successful response to the SESSION SETUP. The Mac then issues a TREE CREATE, consuming one credit and getting one credit. The Mac then issues a compound CREATE and CLOSE. This is a protocol violation and Samba drops the connection. I have communicated this issue to Apple, but I also created the attached patch to mitigate the issue while Apple thinks about fixing their code. Metze and Jeremy followed up with a proposed workaround: > >> I'd propose to skip the STATUS_PENDING using > >> smb2_request_set_async_internal() and leave the credit handling as is. > > > > Trouble with that is the client may then timeout. > > I think that's what windows also does that, but we should retest that > with a Samba dc and sleep(60) in SamLogon*. If that's the Windows behavior that makes sense that the Mac would be expecting that rather than the intermediate response with credits. I bet Apple only tested sessionsetup timeout against the Windows server, and so our response makes them go down an untested codepath (credits granted on intermediate sessionsetup reply) and that's what triggered the Mac client bug. Just my guess :-).
Created attachment 14862 [details] WIP patch against master - DO NOT PUSH ! Just collecting this so we have a record.
Created attachment 15068 [details] Patches for v4-10-test
Created attachment 15069 [details] Patches for v4-9-test
Created attachment 15070 [details] Patches for v4-8-test
Re-assigning to Karolin for inclusion in 4.10.next, 4.9.next (and 4.8.next if there is one ?).
(In reply to Jeremy Allison from comment #5) Pushed to autobuild-v4-{10,9}-test. 4.8 is in the security fixes only mode...
(In reply to Karolin Seeger from comment #6) Pushed to both branches. Closing out bug report. Thanks!