Using samba 3.0.21b and putting "use spnego=no" and "server signing=auto" in the smb.conf causes the windows client to disconnect the tcp session brutaly. The flow of events: 1. client sends negprot request with flags2 security signature bit off and null signature in the smb header. 2. samba sends negprot response with flags2 security signature bit on and known initial signature in the smb header (Windows server never reply this way during my checks - the client always start this), and the signatures bit in the security mode in the response itself is on. (Which indicates the client to start using it). 3. client sends session setup and tree connect request using one transaction, with flags2 security signature bit on and known initial signature in the smb header. 4. samba sends session setup and tree connect response using one transaction, with flags2 security signature bit off (!) and empty signature. (Windows servers are sending signatures from the moment the client starts using them). 5. client sends ntcreateX request with flags2 security signature bit on and real signature in the smb header. 6. samba sends ntcreateX response with flags2 security signature bit off (!) and empty signature. 7. clients shuts the tcp connection. A tcpdump capture of this is available.
Created attachment 1726 [details] tcpdump of smb session creation The tcpdump is attached now. Its format is tcpdump capture file (little-endian) - version 2.4 (Ethernet, capture length 65535)
Can you add a debug level 10 log from the server as well please ? Which Windows client are you using ? Thanks, Jeremy.
Created attachment 1749 [details] Patch for 3.0.21c.
closing