[samba-jp:22872] sambaサーバーでWin10対応したところ、Win7およびWin10クライアント端末から時々アクセスできない現象が発生しました

NEO 宇佐美 喜夫 yoshio.usami.mw @ west.ntt.co.jp
2018年 8月 6日 (月) 14:13:05 JST


お世話になります。
宇佐美です。

sambaサーバーでWin10対応したところ、Win7およびWin10クライア
ント端末から時々アクセスできない現象が発生しました。

パケットキャプチャとsmbdログを解析したところ、クライアント
端末から「SMB2 Negotiate Protocol Request 」を送信している
場合にsambaサーバー側で「Invalid SMB request」となり
「Negotiate Protocol Responce」を返していないことがわかりま
した。

クライアント端末がアクセスできる場合は、sambaサーバー側で
「SMB Negotiate Protocol Request 」を受信し、
「SMB2 Negotiate Protocol Responce」で「Dialect: 0x0202」
(SMB2.0.2)を返しています。


(Q1)Win7およびWin10クライアント端末が
  「SMB2 Negotiate Protocol Request 」を送信するのは
  どのような場合でしょうか


(Q2)samba3.6.23-12は「SMB2 Negotiate Protocol Request 」に
  対応しているのでしょうか。

(Q3)対応している場合、sambaサーバー側が
  「SMB2 Negotiate Protocol Request 」を受信した場合に
  「SMB2 Negotiate Protocol Responce」を返せるようにするには
  どうしたらよいでしょうか。

(Q4)対応していない場合、対応しているバージョンはどれでしょうか



以上2点教えていただけないでしょうか。
よろしくお願いいたします。



◆Linux・sambaバージョン

# cat /etc/redhat-release
CentOS release 6.4 (Final)

# uname -r
2.6.32-358.el6.x86_64

# smbd -V
Version 3.6.23-12.el6


◆smb.conf設定

 #Win10対応
 #max protocol = NT1
 max protocol = SMB2
 min protocol = CORE

◆パケットキャプチャとsmbdログ(アクセスできない場合)

"3550","17:03:38.339710","100.91.151.254","10.79.166.154","SMB2","162","Negotiate Protocol Request"
SMB2 (Server Message Block Protocol version 2)
    SMB2 Header
        Server Component: SMB2
        Header Length: 64
        Credit Charge: 1
        Channel Sequence: 0
        Reserved: 0000
        Command: Negotiate Protocol (0)
        Credits requested: 31
        Flags: 0x00000000
            .... .... .... .... .... .... .... ...0 = Response: This is a REQUEST
            .... .... .... .... .... .... .... ..0. = Async command: This is a SYNC command
            .... .... .... .... .... .... .... .0.. = Chained: This pdu is NOT a chained command
            .... .... .... .... .... .... .... 0... = Signing: This pdu is NOT signed
            .... .... .... .... .... .... .000 .... = Priority: This pdu does NOT contain a PRIORITY1
            ...0 .... .... .... .... .... .... .... = DFS operation: This is a normal operation
            ..0. .... .... .... .... .... .... .... = Replay operation: This is NOT a replay operation
        Chain Offset: 0x00000000
        Message ID: Unknown (0)
        Process Id: 0x0000feff
        Tree Id: 0x00000000
        Session Id: 0x0000000000000000
        Signature: 00000000000000000000000000000000
    Negotiate Protocol Request (0x00)
        StructureSize: 0x0024
            0000 0000 0010 010. = Fixed Part Length: 18
            .... .... .... ...0 = Dynamic Part: False
        Dialect count: 2
        Security mode: 0x01, Signing enabled
            .... ...1 = Signing enabled: True
            .... ..0. = Signing required: False
        Reserved: 0000
        Capabilities: 0x00000000
            .... .... .... .... .... .... .... ...0 = DFS: This host does NOT support DFS
            .... .... .... .... .... .... .... ..0. = LEASING: This host does NOT support LEASING
            .... .... .... .... .... .... .... .0.. = LARGE MTU: This host does NOT support LARGE_MTU
            .... .... .... .... .... .... .... 0... = MULTI CHANNEL: This host does NOT support MULTI CHANNEL
            .... .... .... .... .... .... ...0 .... = PERSISTENT HANDLES: This host does NOT support PERSISTENT HANDLES
            .... .... .... .... .... .... ..0. .... = DIRECTORY LEASING: This host does NOT support DIRECTORY LEASING
            .... .... .... .... .... .... .0.. .... = ENCRYPTION: This host does NOT support ENCRYPTION
        Client Guid: 04952c46-956e-11e8-89f7-005056964ff3
        NegotiateContextOffset: 0x0000
        NegotiateContextCount: 0
        Reserved: 0000
        Dialect: 0x0202
        Dialect: 0x0210

"3551","17:03:38.339731","10.79.166.154","100.91.151.254","TCP","54","445 → 55229 [ACK] Seq=1 Ack=109 Win=14720 Len=0"

"3552","17:03:38.386807","10.79.166.154","100.91.151.254","TCP","54","445 → 55229 [FIN, ACK] Seq=1 Ack=109 Win=14720 Len=0"
Transmission Control Protocol, Src Port: 445, Dst Port: 55229, Seq: 1, Ack: 109, Len: 0
    Source Port: 445
    Destination Port: 55229
    [Stream index: 1]
    [TCP Segment Len: 0]
    Sequence number: 1    (relative sequence number)
    [Next sequence number: 1    (relative sequence number)]
    Acknowledgment number: 109    (relative ack number)
    0101 .... = Header Length: 20 bytes (5)
    Flags: 0x011 (FIN, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Nonce: Not set
        .... 0... .... = Congestion Window Reduced (CWR): Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 0... = Push: Not set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...1 = Fin: Set
            [Expert Info (Chat/Sequence): Connection finish (FIN)]
                [Connection finish (FIN)]
                [Severity level: Chat]
                [Group: Sequence]
        [TCP Flags: ・・・・・・・A・・・F]
    Window size value: 115
    [Calculated window size: 14720]
    [Window size scaling factor: 128]
    Checksum: 0x4e33 [unverified]
    [Checksum Status: Unverified]
    Urgent pointer: 0
    [Timestamps]
        [Time since first frame in this TCP stream: 0.064782000 seconds]
        [Time since previous frame in this TCP stream: 0.047076000 seconds]

"3553","17:03:38.400109","100.91.151.254","10.79.166.154","TCP","60","55229 → 445 [ACK] Seq=109 Ack=2 Win=131328 Len=0"
"3555","17:03:38.401960","100.91.151.254","10.79.166.154","TCP","66","55230 → 445 [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1"


smbd[14188]: [2018/08/03 10:35:00.630334,  3] smbd/oplock.c:922(init_oplocks)
smbd[14188]:   init_oplocks: initializing messages.
smbd[14188]: [2018/08/03 10:35:00.630595,  3] smbd/oplock_linux.c:246(linux_init_kernel_oplocks)
smbd[14188]:   Linux kernel oplocks enabled
smbd[14188]: [2018/08/03 10:35:00.630962,  3] smbd/process.c:1609(process_smb)
smbd[14188]:   Transaction 0 of length 178 (0 toread)
smbd[14188]: [2018/08/03 10:35:00.634182,  0] smbd/process.c:525(init_smb_request)
smbd[14188]:   init_smb_request: invalid wct number 255 (size 178)
smbd[14188]: [2018/08/03 10:35:00.634544,  3] smbd/server_exit.c:181(exit_server_common)
smbd[14188]:   Server exit (Invalid SMB request) 


◆パケットキャプチャとsmbdログ(アクセスできる場合)

"4","13:14:56.254717","100.91.151.254","10.79.166.154","SMB","213","Negotiate Protocol Request"
SMB (Server Message Block Protocol)
    SMB Header
        Server Component: SMB
        SMB Command: Negotiate Protocol (0x72)
        NT Status: STATUS_SUCCESS (0x00000000)
        Flags: 0x18, Canonicalized Pathnames, Case Sensitivity
            0... .... = Request/Response: Message is a request to the server
            .0.. .... = Notify: Notify client only on open
            ..0. .... = Oplocks: OpLock not requested/granted
            ...1 .... = Canonicalized Pathnames: Pathnames are canonicalized
            .... 1... = Case Sensitivity: Path names are caseless
            .... ..0. = Receive Buffer Posted: Receive buffer has not been posted
            .... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported
        Flags2: 0xc853, Unicode Strings, Error Code Type, Extended Security Negotiation, Long Names Used, Security Signatures Required, Extended Attributes, Long Names Allowed
            1... .... .... .... = Unicode Strings: Strings are Unicode
            .1.. .... .... .... = Error Code Type: Error codes are NT error codes
            ..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only
            ...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs
            .... 1... .... .... = Extended Security Negotiation: Extended security negotiation is supported
            .... .0.. .... .... = Reparse Path: The request does not use a @GMT reparse path
            .... .... .1.. .... = Long Names Used: Path names in request are long file names
            .... .... ...1 .... = Security Signatures Required: Security signatures are required
            .... .... .... 0... = Compressed: Compression is not requested
            .... .... .... .0.. = Security Signatures: Security signatures are not supported
            .... .... .... ..1. = Extended Attributes: Extended attributes are supported
            .... .... .... ...1 = Long Names Allowed: Long file names are allowed in the response
        Process ID High: 0
        Signature: 0000000000000000
        Reserved: 0000
        Tree ID: 65535
        Process ID: 65279
        User ID: 0
        Multiplex ID: 0
    Negotiate Protocol Request (0x72)
        Word Count (WCT): 0
        Byte Count (BCC): 34
        Requested Dialects
            Dialect: NT LM 0.12
            Dialect: SMB 2.002
            Dialect: SMB 2.???
Negotiate Protocol Request (0x72)
    Word Count (WCT): 0
    Byte Count (BCC): 34
    Requested Dialects
        Dialect: NT LM 0.12
        Dialect: SMB 2.002
        Dialect: SMB 2.???


"6","13:14:56.271311","10.79.166.154","100.91.151.254","SMB2","282","Negotiate Protocol Response"
SMB2 (Server Message Block Protocol version 2)
    SMB2 Header
        Server Component: SMB2
        Header Length: 64
        Credit Charge: 0
        NT Status: STATUS_SUCCESS (0x00000000)
        Command: Negotiate Protocol (0)
        Credits granted: 1
        Flags: 0x00000001, Response
            .... .... .... .... .... .... .... ...1 = Response: This is a RESPONSE
            .... .... .... .... .... .... .... ..0. = Async command: This is a SYNC command
            .... .... .... .... .... .... .... .0.. = Chained: This pdu is NOT a chained command
            .... .... .... .... .... .... .... 0... = Signing: This pdu is NOT signed
            .... .... .... .... .... .... .000 .... = Priority: This pdu does NOT contain a PRIORITY1
            ...0 .... .... .... .... .... .... .... = DFS operation: This is a normal operation
            ..0. .... .... .... .... .... .... .... = Replay operation: This is NOT a replay operation
        Chain Offset: 0x00000000
        Message ID: Unknown (0)
        Process Id: 0x00000000
        Tree Id: 0x00000000
        Session Id: 0x0000000000000000
        Signature: 00000000000000000000000000000000
    Negotiate Protocol Response (0x00)
        StructureSize: 0x0041
            0000 0000 0100 000. = Fixed Part Length: 32
            .... .... .... ...1 = Dynamic Part: True
        Security mode: 0x01, Signing enabled
            .... ...1 = Signing enabled: True
            .... ..0. = Signing required: False
        Dialect: 0x0202
        NegotiateContextCount: 0
        Server Guid: 2d6f656e-7673-3032-3031-323530000000
        Capabilities: 0x00000000
            .... .... .... .... .... .... .... ...0 = DFS: This host does NOT support DFS
            .... .... .... .... .... .... .... ..0. = LEASING: This host does NOT support LEASING
            .... .... .... .... .... .... .... .0.. = LARGE MTU: This host does NOT support LARGE_MTU
            .... .... .... .... .... .... .... 0... = MULTI CHANNEL: This host does NOT support MULTI CHANNEL
            .... .... .... .... .... .... ...0 .... = PERSISTENT HANDLES: This host does NOT support PERSISTENT HANDLES
            .... .... .... .... .... .... ..0. .... = DIRECTORY LEASING: This host does NOT support DIRECTORY LEASING
            .... .... .... .... .... .... .0.. .... = ENCRYPTION: This host does NOT support ENCRYPTION
        Max Transaction Size: 65536
        Max Read Size: 65536
        Max Write Size: 65536
        Current Time: No time specified (0)
        Boot Time: No time specified (0)
        Blob Offset: 0x00000080
        Blob Length: 96
        Security Blob: 605e06062b0601050502a0543052a024302206092a864886...
            GSS-API Generic Security Service Application Program Interface
                OID: 1.3.6.1.5.5.2 (SPNEGO - Simple Protected Negotiation)
                Simple Protected Negotiation
                    negTokenInit
                        mechTypes: 3 items
                            MechType: 1.2.840.113554.1.2.2 (KRB5 - Kerberos 5)
                            MechType: 1.2.840.48018.1.2.2 (MS KRB5 - Microsoft Kerberos 5)
                            MechType: 1.3.6.1.4.1.311.2.2.10 (NTLMSSP - Microsoft NTLM Security Support Provider)
                        negHints
                            hintName: not_defined_in_RFC4178 @ please_ignore
        NegotiateContextOffset: 0x0000


smbd[14151]: [2018/08/03 10:12:00.699116,  3] smbd/oplock.c:922(init_oplocks)
smbd[14151]:   init_oplocks: initializing messages.
smbd[14151]: [2018/08/03 10:12:00.699493,  3] smbd/oplock_linux.c:246(linux_init_kernel_oplocks)
smbd[14151]:   Linux kernel oplocks enabled
smbd[14151]: [2018/08/03 10:12:00.700284,  3] smbd/process.c:1609(process_smb)
smbd[14151]:   Transaction 0 of length 73 (0 toread)
smbd[14151]: [2018/08/03 10:12:00.701233,  3] smbd/process.c:1414(switch_message)
smbd[14151]:   switch message SMBnegprot (pid 14151) conn 0x0
smbd[14151]: [2018/08/03 10:12:00.703014,  3] smbd/negprot.c:598(reply_negprot)
smbd[14151]:   Requested protocol [NT LM 0.12]
smbd[14151]: [2018/08/03 10:12:00.703346,  3] smbd/negprot.c:598(reply_negprot)
smbd[14151]:   Requested protocol [SMB 2.002]
smbd[14151]: [2018/08/03 10:12:00.703650,  3] smbd/negprot.c:598(reply_negprot)
smbd[14151]:   Requested protocol [SMB 2.???]
smbd[14151]: [2018/08/03 10:12:00.704766,  3] smbd/negprot.c:704(reply_negprot)
smbd[14151]:   Selected protocol SMB 2.002



以上です。





samba-jp メーリングリストの案内