Bug 1828 - Pocket PC 2003 (iPAQ) cannot connect if SPNEGO is enabled.
Pocket PC 2003 (iPAQ) cannot connect if SPNEGO is enabled.
Status: RESOLVED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: File Services
3.0.7
x86 Linux
: P3 major
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
: 2174 3133 (view as bug list)
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-09-26 00:42 UTC by Brandon Darbro
Modified: 2006-04-08 22:53 UTC (History)
3 users (show)

See Also:


Attachments
Output of tcpdump when attempting to connect to samba share (11.88 KB, text/plain)
2005-03-04 16:10 UTC, Karl Tompson
no flags Details
Sniff.cap with 3.0.10 from Slackware 10.1 (1.62 KB, text/plain)
2005-03-06 19:07 UTC, Fred Richards
no flags Details
sniff.cap with 3.0.11 & Slackware 10.1 (932 bytes, text/plain)
2005-03-06 19:09 UTC, Fred Richards
no flags Details
tcpdumps between { pocketpc , samba , win2k } (9.55 KB, application/octet-stream)
2005-08-18 04:03 UTC, ayau037
no flags Details
Proposed patch (414 bytes, patch)
2005-10-12 15:52 UTC, Jeremy Allison
no flags Details
Proposed patch (1.42 KB, patch)
2005-10-13 12:45 UTC, Jeremy Allison
no flags Details
Ethereal trace of Pocket PC 2003 accessing the patched Samba server (15.55 KB, application/octet-stream)
2005-10-13 19:28 UTC, Hamlyn Mootoo
no flags Details
Log of 3.0.21 Samba being accessed by Pocket PC 2003 (164.26 KB, text/plain)
2005-10-14 14:11 UTC, Hamlyn Mootoo
no flags Details
Proposed patch (1.02 KB, patch)
2005-10-14 15:06 UTC, Jeremy Allison
no flags Details
Log of Samba server after above patch applied (174.50 KB, text/plain)
2005-10-14 15:53 UTC, Hamlyn Mootoo
no flags Details
Proposed patch (1.63 KB, patch)
2005-10-14 17:44 UTC, Jeremy Allison
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Brandon Darbro 2004-09-26 00:42:37 UTC
Pocket PC 2003 on iPAQ cannot connect to samba shares unless the following
option is used:

  use spnego = No

However, this breaks smbclient (with or without "client use spnego = no" option)
and Windows XP workstations trying to browse the samba server (cannot browse).

Relevent logging information that led me to try disabling spnego:

-------------
[2004/09/26 00:21:43, 3] smbd/process.c:process_smb(1092)
  Transaction 1 of length 51
[2004/09/26 00:21:43, 3] smbd/process.c:switch_message(887)
  switch message SMBnegprot (pid 17789) conn 0x0
[2004/09/26 00:21:43, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/09/26 00:21:43, 3] smbd/negprot.c:reply_negprot(457)
  Requested protocol [NT LM 0.12]
[2004/09/26 00:21:43, 3] smbd/negprot.c:reply_nt1(329)
  using SPNEGO
[2004/09/26 00:21:43, 3] smbd/negprot.c:reply_negprot(545)
  Selected protocol NT LM 0.12
[2004/09/26 00:21:43, 3] smbd/process.c:timeout_processing(1332)
  timeout_processing: End of file from client (client has disconnected).
[2004/09/26 00:21:43, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/09/26 00:21:43, 2] smbd/server.c:exit_server(571)
  Closing connections
[2004/09/26 00:21:43, 3] smbd/connection.c:yield_connection(69)
  Yielding connection to
[2004/09/26 00:21:43, 3] smbd/server.c:exit_server(614)
  Server exit (normal exit)
-------------

I suspect the iPAQ client is being mistakenly detected as being SPNEGO
capable/compliant, when it is not.

*Brandon Darbro
Comment 1 Brandon Darbro 2004-09-29 09:59:14 UTC
I've now confirmed this bug exists also in Samba 3.0.7, so I'm updating the bug
report.

*Brandon Darbro
Comment 2 Brandon Darbro 2004-10-06 09:51:52 UTC
This problem will affect many new iPAQ devices, upping priority & severity.
Comment 3 Gerald (Jerry) Carter 2005-02-24 08:43:56 UTC
*** Bug 2174 has been marked as a duplicate of this bug. ***
Comment 4 Karl Tompson 2005-03-04 16:10:50 UTC
Created attachment 1010 [details]
Output of tcpdump when attempting to connect to samba share

I saw a note somewhere that a tcpdump would be useful to help with this bug.
Windows Mobile 2003, Samba 3.0.4 on Slackware 10. This is the output when
trying to open \\server\software share from pocket PC using file explorer.
Pocket PC produces error "Cannot find the file '\\' (or one of its components).
Make sure the path and filename are correct and all required libraries are
available." HTH
Comment 5 Volker Lendecke 2005-03-04 16:39:39 UTC
Thanks for coming back on that. However, you better create a sniff with

tcpdump -i eth0 -n -s 1500 -w /tmp/sniff.cap

and attach /tmp/sniff.cap. stdout of tcpdump is only of quite limited value.

Thanks,

Volker
Comment 6 Fred Richards 2005-03-06 19:07:10 UTC
Created attachment 1011 [details]
Sniff.cap with 3.0.10 from Slackware 10.1

I've had the same problems, and attached a cap file (just like you requested)
... I added "host ipaq" which captured only packets from my IPaq Rx3115,
Windows Mobile PC 2003 Second Edition.	Also, I must note I've updated the ROM
to the newest version from last Friday (Mar 4 2005).  I also downloaded 3.0.11
and recompiled which will be my next attachment.  Also, the "client use spnego
= no" was not set in my config file, although I have tried and it has failed in
the past.
Comment 7 Fred Richards 2005-03-06 19:09:52 UTC
Created attachment 1012 [details]
sniff.cap with 3.0.11 & Slackware 10.1

Capture with Samba 3.0.11 compiled from scratch.
Comment 8 Fred Richards 2005-03-07 06:28:17 UTC
(In reply to comment #7)
> Created an attachment (id=1012) [edit]
> sniff.cap with 3.0.11 & Slackware 10.1
> 
> Capture with Samba 3.0.11 compiled from scratch.

Actually, looking at the tcpdump myself, looks like my pda is sending out udp
nbt broadcasts, three times, and nothing responds.  
Comment 9 ayau037 2005-08-18 04:03:09 UTC
Created attachment 1385 [details]
tcpdumps between { pocketpc , samba , win2k } 

I'm uploading as binary files tcpdumps of connection attempys between these 3
devices:
  192.168.100.101 Windows 2000 pc
  192.168.100.102 Dell Axim X30 running Windows Mobile 2003 Second Editon
(PocketPC)
  192.168.100.10  samba (3.0.9-1.3E.3) on a Centos 3.5 box (Asterisk@Home)
with spnego set to both yes and no.

pocketpc_to_smb_spnego_yes.cap (failure)
pocketpc_to_smb_spnego_no.cap  (success)
pocketpc_to_win2k.cap	       (success)
win2k_to_smb_spnego_no.cap     (success)
win2k_to_smb_spnego_yes.cap    (success)
Comment 10 Jeremy Allison 2005-10-12 15:52:07 UTC
Created attachment 1503 [details]
Proposed patch

I think this should fix the PocketPC problems with SPNEGO. Please try this out
and get back to me.
Jeremy.
Comment 11 Jeremy Allison 2005-10-12 15:53:21 UTC
*** Bug 3133 has been marked as a duplicate of this bug. ***
Comment 12 Fred Richards 2005-10-12 18:03:32 UTC
(In reply to comment #10)
> Created an attachment (id=1503) [edit]
> Proposed patch
> 
> I think this should fix the PocketPC problems with SPNEGO. Please try this out
> and get back to me.
> Jeremy.

I tried with the patch applied to 3.0.20, no go.  I tried again with 3.0.20a and
nothing ... toggled spnego on or off, unable to connect to my samba share.
Comment 13 Jeremy Allison 2005-10-12 18:22:42 UTC
Can you send me an ethereal trace of your ppc failing, with both spnego on and
off please. It's getting to the point you should think about just sending me one
of the damn things :-).

Jeremy.
Comment 14 Jeremy Allison 2005-10-12 18:23:26 UTC
You do know the patch should be applied to 3.0.20a also (and 3.0.20b when it
ships).... It won't be in a production release until 3.0.21.
Jeremy.
Comment 15 Jeremy Allison 2005-10-13 12:45:04 UTC
Created attachment 1508 [details]
Proposed patch

Get us closer to W2K3 - if no SPNEGO the keylen is zero.
Jeremy.
Comment 16 Fred Richards 2005-10-13 15:22:11 UTC
(In reply to comment #15)
> Created an attachment (id=1508) [edit]
> Proposed patch
> 
> Get us closer to W2K3 - if no SPNEGO the keylen is zero.
> Jeremy.
> 

Hmm still nothing.  Know what's odd?  A tcpdump doesn't show any traffic at all.
 The Ipaq will show "connecting to server" and the little busy circle thing. 
Then I see "the network path was not found" and tcpdump *then* shows some -- NBT
UDP PACKET(137): QUERY; REQUEST; BROADCAST packets to .255 ... and that's it. 
Nothing.

I was almost contimplating shipping you my ipaq temporarily.  Almost. 
Whereabouts do you live?  (Feel free to answer in priv email).  Or, let me know
if you're on the samba irc channel.

Thought maybe I was blocking nbt broadcasts or something, but that doesn't
appear to be the case...
Comment 17 Jeremy Allison 2005-10-13 15:51:09 UTC
The PocketPC may be caching something about the server. Is there a way you can
do a full reset, or look in the registry for any cached parameters w.r.t. a
remote server ? I'm pretty sure we should work now, it's almost impossible to
tell our SMBnegprot reply from a Windows 2003 one.

Jeremy.
Comment 18 Hamlyn Mootoo 2005-10-13 19:28:52 UTC
Created attachment 1509 [details]
Ethereal trace of Pocket PC 2003 accessing the patched Samba server 

This ethereal trace is of a Pocket PC 2003 device repeatedly accessing a Samba
server with the above patches applied. After the correct password is entered on
the PPC, it responds as though the wrong password were entered, and re-asks,
then when the password is entered again, it responds with "Cannot find the file
'\\' (or one of it's components)."
This cycle keeps repeating on successive attemps to access the Samba server.
Comment 19 Jeremy Allison 2005-10-13 19:59:56 UTC
Ok, trace gives me *really* good news. What is happening is that the PPC is
accepting our negprot reply, and then going on to do a NTLMSSP SPNEGO
sessionsetup. Unfortunately the current released version of Samba doesn't
support the NTLMv2 session setup that the pocket pc is sending. The error it's
returning is an "INVALID PARAMETER" error which is generated from the old
NTLMSSP authentication engine.

The good news is that the code that's currently in SVN - which will become Samba
3.0.21 has been rewritten and the Samba4 NTLMSSP engine has been integrated into
the Samba3 code.

What this really means is that this may just work against the 3.0.21 pre-release
code (in SVN) as-is, with no more changes.

I will email you a tarball of the current 3.0.21 source code - build the rpm as
you would the 3.0.20(a or b) rpm. I'll also test this once I have the PPC myself.

Jeremy.
Comment 20 Hamlyn Mootoo 2005-10-14 14:11:25 UTC
Created attachment 1511 [details]
Log of 3.0.21 Samba being accessed by Pocket PC 2003

This is the log.smbd of the Samba server being accessed by a Pocket PC 2003
device (multiple tries).
Comment 21 Jeremy Allison 2005-10-14 15:06:30 UTC
Created attachment 1512 [details]
Proposed patch

PocketPC sends 2 unicode strings instead of ascii. Cope with this.
Jeremy.
Comment 22 Hamlyn Mootoo 2005-10-14 15:53:23 UTC
Created attachment 1513 [details]
Log of Samba server after above patch applied

Same behavior on PPC end, different behavior in log.
Comment 23 Jeremy Allison 2005-10-14 17:44:09 UTC
Created attachment 1514 [details]
Proposed patch

Ok, looks like we shouldn't be parsing the strings at all. Try this patch
on top of the last one - this removes that code.
Jeremy.
Comment 24 Gerald (Jerry) Carter 2006-04-08 22:53:52 UTC
This is fixed now.