Bug 14152 - smbclient can blunder into the SMB1 specific cli_RNetShareEnum() call on an SMB2 connection.
Summary: smbclient can blunder into the SMB1 specific cli_RNetShareEnum() call on an S...
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: libsmbclient (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-10-03 21:00 UTC by Jeremy Allison
Modified: 2019-10-17 07:57 UTC (History)
2 users (show)

See Also:


Attachments
git-am fix for 4.11.next, 4.10.next (1.19 KB, patch)
2019-10-07 16:04 UTC, Jeremy Allison
asn: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Jeremy Allison 2019-10-03 21:00:20 UTC
Inside source3/client/client.c:browse_host() we have:

4913         if (browse_host_rpc(sort)) {
4914                 return true;
4915         }
4916 
4917         if (lp_client_min_protocol() > PROTOCOL_NT1) {
4918                 return false;
4919         }
4920 
4921         ret = cli_RNetShareEnum(cli, browse_fn, NULL);

which depends on the administrator or user of smbclient setting the 'client min protocol' correctly when talking to an SMB2-only server.

We already have the protocol information on the server we connected to inside cli->conn, so we need to prevent calling the SMB1-only cli_RNetShareEnum() when connected to an SMB2-only server.

libsmbclient already protects against this, so we just missed this in smbclient. We just need to add a:

        if (smbXcli_conn_protocol(conn) > PROTOCOL_NT1) {
                return false;
        }

check before the cli_RNetShareEnum() call to fix this in the same way as it was
fixed for libsmbclient.

I'll upload a patch shortly.
Comment 1 Jeremy Allison 2019-10-07 16:04:23 UTC
Created attachment 15517 [details]
git-am fix for 4.11.next, 4.10.next

Cherry-picked from master.
Comment 2 Andreas Schneider 2019-10-08 13:32:16 UTC
LGTM
Comment 3 Andreas Schneider 2019-10-08 13:33:05 UTC
Karloin, could you please apply the patch to the relevant branches? Thanks!
Comment 4 Karolin Seeger 2019-10-16 11:03:03 UTC
Pushed to autobuild-v4-{11,10}-test.
Comment 5 Karolin Seeger 2019-10-17 07:57:10 UTC
(In reply to Karolin Seeger from comment #4)
Pushed to both branches.
Closing out bug report.

Thanks!