I did some digging into the issue. Here are my findings so far:
The feature is no longer supported for newer (safer) SMB protocol versions. See [1].
This issue was reported upstream (and eventually dropped) on [2], which originated from [3] where the issue is described with more details.
The regression was introduced in this upstream commit [4]. The relevant code was refactored later in [5].
While patching the code downstream may have security implications (I will bring this to upstream), a workaround exists:
run with the reported command with the following option
$ smbclient -NL localhost --option 'client use spnego = no'
Alternativelly, in the general section in smb.conf set
client use spnego = no
For newer versions (verified in samba 4.14), you should also set the protocol. For instance
$ smbclient -NL localhost --option 'client use spnego = no' --option 'client max protocol = NT1'
Note that the "use spnego" option is deprecated since samba 4.13, and will be removed [6] (I will also bring this up upstream).
Finally, it is worth to mention that the changes which introduced this regression are related to known vulnerabilities. See [7] and [8] for further reference.
Hi Axis,
Thanks for the detailed bug report :)
I did some digging into the issue. Here are my findings so far:
The feature is no longer supported for newer (safer) SMB protocol versions. See [1].
This issue was reported upstream (and eventually dropped) on [2], which originated from [3] where the issue is described with more details.
The regression was introduced in this upstream commit [4]. The relevant code was refactored later in [5].
While patching the code downstream may have security implications (I will bring this to upstream), a workaround exists:
run with the reported command with the following option
$ smbclient -NL localhost --option 'client use spnego = no'
Alternativelly, in the general section in smb.conf set
client use spnego = no
For newer versions (verified in samba 4.14), you should also set the protocol. For instance
$ smbclient -NL localhost --option 'client use spnego = no' --option 'client max protocol = NT1'
Note that the "use spnego" option is deprecated since samba 4.13, and will be removed [6] (I will also bring this up upstream).
Finally, it is worth to mention that the changes which introduced this regression are related to known vulnerabilities. See [7] and [8] for further reference.
[1] https:/ /bugzilla. samba.org/ show_bug. cgi?id= 12863 /bugzilla. samba.org/ show_bug. cgi?id= 12061 /bugzilla. samba.org/ show_bug. cgi?id= 11849#c14 769f798d02c0610 f91859bd38 c1391841193a391 1fb0681cb5 /www.samba. org/samba/ docs/current/ man-html/ smb.conf. 5.html# CLIENTUSESPNEGO /www.samba. org/samba/ security/ CVE-2016- 2110.html /www.samba. org/samba/ security/ CVE-2016- 2111.html
[2] https:/
[3] https:/
[4] e72ad193a53e20b
[5] 5b8ed5009bb4868
[6] https:/
[7] https:/
[8] https:/