linux-cifs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: samba-bugs@samba.org
To: cifs-qa@samba.org
Subject: [Bug 14713] SMBv3 negotiation fails with a Solaris server
Date: Tue, 25 May 2021 22:33:29 +0000	[thread overview]
Message-ID: <bug-14713-10630-LUJ4iXPkcq@https.bugzilla.samba.org/> (raw)
In-Reply-To: <bug-14713-10630@https.bugzilla.samba.org/>

https://bugzilla.samba.org/show_bug.cgi?id=14713

--- Comment #24 from Steve French <sfrench@samba.org> ---
The reason that it is of some value is that if wireshark can decrypt it and
shows no errors (ie decrypt the first encrypted frame, the SMB3.1.1 tree
connect request) then it is even more likely a server bug ... (perhaps some
strange case where they expect a padded response that has a length divisible by
8 or some such bug)

if you have access to the source RPM then rebuilding it might only take a few
minutes (you could e.g. just remove the 2 ifdef CONFIG_CIFS_DEBUG_DUMP_KEYS in
fs/cifs/smb2transport.c

e.g. remove the ifdef and endif here (and the one before that in the same file)

#ifdef CONFIG_CIFS_DEBUG_DUMP_KEYS
        cifs_dbg(VFS, "%s: dumping generated AES session keys\n", __func__);
        /*
         * The session id is opaque in terms of endianness, so we can't
         * print it as a long long. we dump it as we got it on the wire
         */
        cifs_dbg(VFS, "Session Id    %*ph\n", (int)sizeof(ses->Suid),
                        &ses->Suid);
        cifs_dbg(VFS, "Cipher type   %d\n", server->cipher_type);
        cifs_dbg(VFS, "Session Key   %*ph\n",
                 SMB2_NTLMV2_SESSKEY_SIZE, ses->auth_key.response);
        cifs_dbg(VFS, "Signing Key   %*ph\n",
                 SMB3_SIGN_KEY_SIZE, ses->smb3signingkey);
        if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) ||
                (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) {
                cifs_dbg(VFS, "ServerIn Key  %*ph\n",
                                SMB3_GCM256_CRYPTKEY_SIZE,
ses->smb3encryptionkey);
                cifs_dbg(VFS, "ServerOut Key %*ph\n",
                                SMB3_GCM256_CRYPTKEY_SIZE,
ses->smb3decryptionkey);
        } else {
                cifs_dbg(VFS, "ServerIn Key  %*ph\n",
                                SMB3_GCM128_CRYPTKEY_SIZE,
ses->smb3encryptionkey);
                cifs_dbg(VFS, "ServerOut Key %*ph\n",
                                SMB3_GCM128_CRYPTKEY_SIZE,
ses->smb3decryptionkey);
        }
#endif

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

  parent reply	other threads:[~2021-05-25 22:33 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <bug-14713-10630@https.bugzilla.samba.org/>
2021-05-25 14:14 ` [Bug 14713] SMBv3 negotiation fails with a Solaris server samba-bugs
2021-05-25 18:19 ` samba-bugs
2021-05-25 18:26 ` samba-bugs
2021-05-25 18:51 ` samba-bugs
2021-05-25 19:03 ` samba-bugs
2021-05-25 19:09 ` samba-bugs
2021-05-25 19:09 ` samba-bugs
2021-05-25 19:13 ` samba-bugs
2021-05-25 19:19 ` samba-bugs
2021-05-25 19:27 ` samba-bugs
2021-05-25 19:37 ` samba-bugs
2021-05-25 19:42 ` samba-bugs
2021-05-25 19:43 ` samba-bugs
2021-05-25 19:47 ` samba-bugs
2021-05-25 20:31 ` samba-bugs
2021-05-25 20:38 ` samba-bugs
2021-05-25 20:55 ` samba-bugs
2021-05-25 21:40 ` samba-bugs
2021-05-25 22:33 ` samba-bugs [this message]
2021-05-26  8:57 ` samba-bugs
2021-05-26  9:00 ` samba-bugs
2021-05-26  9:47 ` samba-bugs
2021-05-26 15:36 ` samba-bugs
2021-05-26 18:59 ` samba-bugs
2021-05-26 21:51 ` samba-bugs
2021-05-26 21:54 ` samba-bugs
2021-05-26 22:09 ` samba-bugs
2021-05-26 22:26 ` samba-bugs
2021-05-26 22:39 ` samba-bugs
2021-05-27 17:33 ` samba-bugs
2021-05-30 13:51 ` samba-bugs
2021-06-04  6:42 ` samba-bugs
2021-06-04 10:17 ` samba-bugs
2022-02-20 19:07 ` samba-bugs
2022-05-11 18:46 ` samba-bugs

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-14713-10630-LUJ4iXPkcq@https.bugzilla.samba.org/ \
    --to=samba-bugs@samba.org \
    --cc=cifs-qa@samba.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).