Bug 3512 - "use spnego=no" and "server signing=auto" cause client to disconnect after negprot
"use spnego=no" and "server signing=auto" cause client to disconnect after ne...
Status: RESOLVED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: File Services
3.0.21b
Other Linux
: P3 normal
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-02-14 05:30 UTC by Michael Adda+
Modified: 2006-04-20 08:27 UTC (History)
0 users

See Also:


Attachments
tcpdump of smb session creation (1.60 KB, application/octet-stream)
2006-02-14 05:34 UTC, Michael Adda+
no flags Details
Patch for 3.0.21c. (2.30 KB, patch)
2006-02-21 17:19 UTC, Jeremy Allison
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Adda+ 2006-02-14 05:30:16 UTC
Using samba 3.0.21b and putting "use spnego=no" and "server signing=auto" in the smb.conf causes the windows client to disconnect the tcp session brutaly.
The flow of events:
1. client sends negprot request with flags2 security signature bit off and null signature in the smb header.
2. samba sends negprot response with flags2 security signature bit on and known initial signature in the smb header (Windows server never reply this way during my checks - the client always start this), and the signatures bit in the security mode in the response itself is on. (Which indicates the client to start using it).
3. client sends session setup and tree connect request using one transaction, with flags2 security signature bit on and known initial signature in the smb header.
4. samba sends session setup and tree connect response using one transaction, with flags2 security signature bit off (!) and empty signature. (Windows servers are sending signatures from the moment the client starts using them).
5. client sends ntcreateX request with flags2 security signature bit on and real signature in the smb header.
6. samba sends ntcreateX response with flags2 security signature bit off (!) and empty signature.
7. clients shuts the tcp connection.

A tcpdump capture of this is available.
Comment 1 Michael Adda+ 2006-02-14 05:34:54 UTC
Created attachment 1726 [details]
tcpdump of smb session creation

The tcpdump is attached now.
Its format is tcpdump capture file (little-endian) - version 2.4 (Ethernet, capture length 65535)
Comment 2 Jeremy Allison 2006-02-16 22:56:20 UTC
Can you add a debug level 10 log from the server as well please ? Which Windows client are you using ?
Thanks,
Jeremy.
Comment 3 Jeremy Allison 2006-02-21 17:19:41 UTC
Created attachment 1749 [details]
Patch for 3.0.21c.
Comment 4 Gerald (Jerry) Carter 2006-04-20 08:27:14 UTC
closing