The branch, master has been updated via f0a90a1 libcli: SMB2: NetApps negotiate SMB3_11 but also set the SMB2_CAP_ENCRYPTION flag. from 1b6aa39 vfs_streams_xattr: Fix segfault when running with log level 10
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit f0a90a1287a8f4c4114919a32afaff52e3c69a9b Author: Jeremy Allison <j...@samba.org> Date: Mon Sep 11 16:36:47 2017 -0700 libcli: SMB2: NetApps negotiate SMB3_11 but also set the SMB2_CAP_ENCRYPTION flag. This is a SHOULD not, not a MUST not. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13009 Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: Steve French <sfre...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Thu Sep 14 14:48:20 CEST 2017 on sn-devel-144 ----------------------------------------------------------------------- Summary of changes: libcli/smb/smbXcli_base.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index d73949b..5493954 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -4916,10 +4916,19 @@ static void smbXcli_negprot_smb2_done(struct tevent_req *subreq) return; } + /* + * Here we are now at SMB3_11, so encryption should be + * negotiated via context, not capabilities. + */ + if (conn->smb2.server.capabilities & SMB2_CAP_ENCRYPTION) { - tevent_req_nterror(req, - NT_STATUS_INVALID_NETWORK_RESPONSE); - return; + /* + * Server set SMB2_CAP_ENCRYPTION capability, + * but *SHOULD* not, not *MUST* not. Just mask it off. + * NetApp seems to do this: + * BUG: https://bugzilla.samba.org/show_bug.cgi?id=13009 + */ + conn->smb2.server.capabilities &= ~SMB2_CAP_ENCRYPTION; } negotiate_context_offset = IVAL(body, 60); -- Samba Shared Repository