Since this change - which looks really strange to me: http://git.samba.org/?p=samba.git;a=commitdiff;h=aca5e33b006d62d9a7fbf42584f93f94bda9dac4 - cli->secblob = data_blob(bytes, MIN(num_bytes, 8)); + + if (num_bytes != 0 && num_bytes != 8) { + tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE); + return; + } + + if (num_bytes == 8) { + memcpy(server_challenge, bytes, 8); + } ---- legacy servers as os/2 cannot be connected anymore. os/2 returns "num_bytes = 17" here - and the former check was obviously working I'm wondering why these new num_bytes checks have been introduced here at all.. Cheers, Günter Btw - with 3.6.1 (and later) smbclient -L legacy_os2server -U valid_user is also no longer working (but this one must be fixed first)
>>...os/2 returns "num_bytes = 17" here - and the former "min" check was obviously working The lanman2.1 "challenge" is always 8 bytes here, but num_bytes includes other stuff .... Cheers, Günter
Can you upload a capture please?
Created attachment 7071 [details] smbclient from git-master tries to connect to an os/2 box
I have added a DEBUG statement at that code section: .... if (num_bytes != 0 && num_bytes != 8) { DEBUG(0, ("GKKK1: num_bytes = %d\n",num_bytes)); tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE); return; } if (num_bytes == 8) { memcpy(server_challenge, bytes, 8); } ...... smbclient //server01/cifs -Ugk Enter gk's password: GKKK1: num_bytes = 17 protocol negotiation failed: NT_STATUS_INVALID_NETWORK_RESPONSE ---- I sent network trace. The "Key Length" is shown as 8, but the "Byte Count" is 17 Cheers, Günter
Hi Stefan, your changes in http://git.samba.org/?p=samba.git;a=commitdiff;h=0fb4991116fe07956ad2355121d7b580486b9a45 are fixing the bug. So it can be closed. Cheers, Günter