Project

General

Profile

Bug #11659

SMB2 protocol version negotiation needs work

Added by Andrew Stormont about 1 year ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Category:
-
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

No response is emitted when a NEGOTIATE request is received with dialects that are unsupported. This appears to be due to the fact that the response header is not properly initialised. The code also attempts to respond with NT_STATUS_INVALID_PARAMETER:

best_version = smb2_find_best_dialect(s, cl_versions, version_cnt);
if (best_version == 0) {
    cmn_err(CE_NOTE, "clnt %s no supported dialect",
        sr->session->ip_addr_str);
    sr->smb2_status = NT_STATUS_INVALID_PARAMETER;
    rc = -1;
    goto errout;
}

Whereas the correct response is NT_STATUS_NOT_SUPPORTED:

The server MUST select the greatest common dialect between the dialects it implements and the Dialects array of the SMB2 NEGOTIATE request. If a common dialect is not found, the server MUST fail the request with STATUS_NOT_SUPPORTED.

We also do not properly handle the cases where no dialect is given and drop the connection when we should leave it open.

This will be fixed as part of #11665.


Related issues

Related to illumos gate - Bug #11670: SMB2_FLAGS_SIGNED is not valid during NEGOTIATEClosed

Actions
Related to illumos gate - Bug #11665: SMB2 NEGOTIATE Security Mode handling is wrongClosed

Actions
#1

Updated by Andrew Stormont about 1 year ago

  • Description updated (diff)
#2

Updated by Andrew Stormont about 1 year ago

  • Description updated (diff)
#3

Updated by Andrew Stormont about 1 year ago

  • Description updated (diff)
  • Status changed from New to In Progress
  • Assignee set to Andrew Stormont
#4

Updated by Andrew Stormont about 1 year ago

  • Related to Bug #11670: SMB2_FLAGS_SIGNED is not valid during NEGOTIATE added
#5

Updated by Andrew Stormont about 1 year ago

  • Status changed from In Progress to Pending RTI
#6

Updated by Andrew Stormont about 1 year ago

  • Related to Bug #11665: SMB2 NEGOTIATE Security Mode handling is wrong added
#7

Updated by Andrew Stormont about 1 year ago

  • Description updated (diff)
#8

Updated by Electric Monk about 1 year ago

  • Status changed from Pending RTI to Closed
  • % Done changed from 0 to 100

git commit ebc5aadbbe5490fb3d00525924989d180fff369d

commit  ebc5aadbbe5490fb3d00525924989d180fff369d
Author: Andrew Stormont <astormont@racktopsystems.com>
Date:   2019-10-11T22:45:32.000Z

    11665 SMB2 NEGOTIATE Security Mode handling is wrong
    11659 SMB2 protocol version negotiation needs work
    11670 SMB2_FLAGS_SIGNED is not valid during NEGOTIATE
    Reviewed by: Gordon Ross <gordon.w.ross@gmail.com>
    Approved by: Dan McDonald <danmcd@joyent.com>

Also available in: Atom PDF