Is FSCTL_VALIDATE_NEGOTIATE_INFO mandatory in samba-4.4 & onwards

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Is FSCTL_VALIDATE_NEGOTIATE_INFO mandatory in samba-4.4 & onwards

Samba - samba-technical mailing list
Hello,

I was reading about secure Dialect negotiation to prevent man-in-middle
to downgrade dialects & capabilities.
_https://blogs.msdn.microsoft.com/openspecification/2012/06/28/smb3-secure-dialect-negotiation/_

I wanted to ask, is there any option to disable SMB2 to do dialect
renegotiation as present in Windows8 clients, as they can control using
RequireSecureNegotiate.

--
Thanks
Amit Kumar
!!If you stumble, get back up.
What happened yesterday, no longer matters.
Today is another day to move closer to your GOAL!!

Reply | Threaded
Open this post in threaded view
|

Re: Is FSCTL_VALIDATE_NEGOTIATE_INFO mandatory in samba-4.4 & onwards

Samba - samba-technical mailing list
On Thu, Apr 20, 2017 at 04:31:30PM +0530, amit kumar via samba-technical wrote:
> Hello,
>
> I was reading about secure Dialect negotiation to prevent man-in-middle
> to downgrade dialects & capabilities.
> _https://blogs.msdn.microsoft.com/openspecification/2012/06/28/smb3-secure-dialect-negotiation/_
>
> I wanted to ask, is there any option to disable SMB2 to do dialect
> renegotiation as present in Windows8 clients, as they can control using
> RequireSecureNegotiate.

No, right now this is mandatory in the SMB2+ client code.

Why do you want to turn this off ?

Reply | Threaded
Open this post in threaded view
|

Re: Is FSCTL_VALIDATE_NEGOTIATE_INFO mandatory in samba-4.4 & onwards

Samba - samba-technical mailing list
In reply to this post by Samba - samba-technical mailing list
Hello,

Apologies... But Can experts answer this? Or direct me to appropriate
mailing list..

Thanks

Amit


On 04/20/2017 04:31 PM, amit kumar wrote:

>
> Hello,
>
> I was reading about secure Dialect negotiation to prevent
> man-in-middle to downgrade dialects & capabilities.
> _https://blogs.msdn.microsoft.com/openspecification/2012/06/28/smb3-secure-dialect-negotiation/_
>
> I wanted to ask, is there any option to disable SMB2 to do dialect
> renegotiation as present in Windows8 clients, as they can control
> using RequireSecureNegotiate.
> --
> Thanks
> Amit Kumar
> !!If you stumble, get back up.
> What happened yesterday, no longer matters.
> Today is another day to move closer to your GOAL!!

--
Thanks
Amit Kumar
!!If you stumble, get back up.
What happened yesterday, no longer matters.
Today is another day to move closer to your GOAL!!