first of all, TC for Android is a great tool. It really made my life better. Thanks!
I'm using OpenSuSE Tumbleweed, which recently updated Samba to v4.11.6. Since then, I get no access to SMB shares anymore.
I've opened this topic as I suspect that this is related to the latest version of Samba. The same configuration worked before. Also, this may be an issue of smbj.
Samba always responds with a "Bad SMB2 signature for message", except I set "min protocol, SMB2_22" or higher, then it fails negotiating a protocol. Changing the SMB2 option does not help.
When I set max protocol = SMB2_02, it can't negotiate with the SMB2 option turned off (makes sense). With SMB2 on, I get the signature error.
It seems like SMB2_10 is always supported, but the SMB2 option unlocks SMB2_02
- TC for Android 2.91
- smbd -V on PC: Version 4.11.5-git.114.5685848b8fcSUSE-oS15.5-x86_64
- smbd -V on RPi: Version 4.11.5-git.114.5685848b8fc1.1-SUSE-oS15.5-aarch64
- Restarted TC between all tries
Log for min protocol = SMB2_10, SMB2 option on or off:
Code: Select all
[2020/03/11 22:07:09.767162, 3] ../../lib/util/access.c:369(allow_access)
Allowed connection from fd20::c06a:d997:73bf:ef61 (fd20::c06a:d997:73bf:ef61)
[2020/03/11 22:07:09.768280, 3] ../../source3/smbd/oplock.c:1414(init_oplocks)
init_oplocks: initializing messages.
[2020/03/11 22:07:09.768444, 3] ../../source3/smbd/process.c:1955(process_smb)
Transaction 0 of length 61 (0 toread)
[2020/03/11 22:07:09.768492, 3] ../../source3/smbd/process.c:1548(switch_message)
switch message SMBnegprot (pid 21890) conn 0x0
[2020/03/11 22:07:09.769256, 3] ../../source3/smbd/negprot.c:636(reply_negprot)
Requested protocol [SMB 2.002]
[2020/03/11 22:07:09.769315, 3] ../../source3/smbd/negprot.c:636(reply_negprot)
Requested protocol [SMB 2.???]
[2020/03/11 22:07:09.769853, 3] ../../source3/smbd/smb2_negprot.c:293(smbd_smb2_request_process_negprot)
Selected protocol SMB2_FF
(...)
[2020/03/11 22:07:09.771085, 3] ../../source3/smbd/negprot.c:776(reply_negprot)
Selected protocol SMB 2.???
[2020/03/11 22:07:09.774511, 3] ../../source3/smbd/smb2_negprot.c:293(smbd_smb2_request_process_negprot)
Selected protocol SMB2_10
[2020/03/11 22:07:09.779540, 3] ../../auth/ntlmssp/ntlmssp_util.c:72(debug_ntlmssp_flags)
Got NTLMSSP neg_flags=0xe0888215
[2020/03/11 22:07:09.786183, 3] ../../auth/ntlmssp/ntlmssp_server.c:550(ntlmssp_server_preauth)
Got user=[guest] domain=[] workstation=[] len1=0 len2=140
(...)
[2020/03/11 22:07:09.787819, 3] ../../source3/param/loadparm.c:1618(lp_add_ipc)
adding IPC service
[2020/03/11 22:07:09.787879, 3] ../../source3/auth/auth.c:199(auth_check_ntlm_password)
check_ntlm_password: Checking password for unmapped user []\[guest]@[] with the new password interface
[2020/03/11 22:07:09.787909, 3] ../../source3/auth/auth.c:202(auth_check_ntlm_password)
check_ntlm_password: mapped user is: []\[guest]@[]
[2020/03/11 22:07:09.788000, 3] ../../source3/auth/check_samsec.c:398(check_sam_security)
check_sam_security: Couldn't find user 'guest' in passdb.
[2020/03/11 22:07:09.788029, 2] ../../source3/auth/auth.c:343(auth_check_ntlm_password)
check_ntlm_password: Authentication for user [guest] -> [guest] FAILED with error NT_STATUS_NO_SUCH_USER, authoritative=1
[2020/03/11 22:07:09.788105, 2] ../../auth/auth_log.c:635(log_authentication_event_human_readable)
Auth: [SMB2,(null)] user []\[guest] at [Mi, 11 Mär 2020 22:07:09.788078 CET] with [NTLMv2] status [NT_STATUS_NO_SUCH_USER] workstation [] remote host [ipv6:fd20::c06a:d997:73bf:ef61:38574] mapped to []\[guest]. local host [ipv6:fd20::14:445]
{"timestamp": "2020-03-11T22:07:09.788235+0100", "type": "Authentication", "Authentication": {"version": {"major": 1, "minor": 2}, "eventId": 4625, "logonId": "0", "logonType": 3, "status": "NT_STATUS_NO_SUCH_USER", "localAddress": "ipv6:fd20::14:445", "remoteAddress": "ipv6:fd20::c06a:d997:73bf:ef61:38574", "serviceDescription": "SMB2", "authDescription": null, "clientDomain": "", "clientAccount": "guest", "workstation": "", "becameAccount": null, "becameDomain": null, "becameSid": null, "mappedAccount": "guest", "mappedDomain": "", "netlogonComputer": null, "netlogonTrustAccount": null, "netlogonNegotiateFlags": "0x00000000", "netlogonSecureChannelType": 0, "netlogonTrustAccountSid": null, "passwordType": "NTLMv2", "duration": 8930}}
[2020/03/11 22:07:09.788321, 3] ../../source3/auth/auth_util.c:2216(do_map_to_guest_server_info)
No such user guest [] - using guest account
[2020/03/11 22:07:09.792154, 0] ../../libcli/smb/smb2_signing.c:236(smb2_signing_check_pdu)
Bad SMB2 signature for message
[2020/03/11 22:07:09.792281, 0] ../../lib/util/util.c:661(dump_data)
[0000] A2 39 16 7F A1 2B 33 13 9F 66 D3 6B 86 01 A9 D7 .9...+3. .f.k....
[2020/03/11 22:07:09.792374, 0] ../../lib/util/util.c:661(dump_data)
[0000] 64 73 D1 A1 5D 10 80 1D DF 23 CB 74 82 C4 6E D9 ds..]... .#.t..n.
[2020/03/11 22:07:09.792459, 3] ../../source3/smbd/smb2_server.c:3254(smbd_smb2_request_error_ex)
smbd_smb2_request_error_ex: smbd_smb2_request_error_ex: idx[1] status[NT_STATUS_ACCESS_DENIED] || at ../../source3/smbd/smb2_server.c:2506
[2020/03/11 22:08:09.827216, 2] ../../source3/smbd/process.c:2886(deadtime_fn)
Closing idle connection
...
Samba log with "min protocol = SMB2_22" (or higher), SMB2 option on or off.
Same for "max protocol = SMB2_02" and SMB2 option off.
Code: Select all
[2020/03/11 22:11:24.948871, 3] ../../lib/util/access.c:369(allow_access)
Allowed connection from fd20::c06a:d997:73bf:ef61 (fd20::c06a:d997:73bf:ef61)
[2020/03/11 22:11:24.949971, 3] ../../source3/smbd/oplock.c:1414(init_oplocks)
init_oplocks: initializing messages.
[2020/03/11 22:11:24.950124, 3] ../../source3/smbd/process.c:1955(process_smb)
Transaction 0 of length 51 (0 toread)
[2020/03/11 22:11:24.950173, 3] ../../source3/smbd/process.c:1548(switch_message)
switch message SMBnegprot (pid 22044) conn 0x0
[2020/03/11 22:11:24.950846, 3] ../../source3/smbd/negprot.c:636(reply_negprot)
Requested protocol [NT LM 0.12]
[2020/03/11 22:11:24.951129, 3] ../../source3/smbd/negprot.c:757(reply_negprot)
reply_negprot: No protocol supported !
[2020/03/11 22:11:24.951559, 3] ../../source3/smbd/server_exit.c:243(exit_server_common)
Server exit (no protocol supported
)