Bug 19010 - Samba-ssl problems (version 2.0.7-2) connecting to Windows NT
Samba-ssl problems (version 2.0.7-2) connecting to Windows NT
Product: Red Hat Linux
Classification: Retired
Component: samba (Show other bugs)
noarch Linux
high Severity medium
: ---
: ---
Assigned To: Trond Eivind Glomsrxd
Dale Lovelace
Depends On:
  Show dependency treegraph
Reported: 2000-10-12 20:48 EDT by Dean Samuels
Modified: 2007-03-26 23:36 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-05-07 15:10:17 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Dean Samuels 2000-10-12 20:48:16 EDT
It has been brought to our attention that a bug with the samba-ssl
distribution that comes
with RH7 MAY exist.  

Problem: Unable to connect to any Windows NT computer using this version of
SAMBA-ssl version that comes with Red Hat 7.  Even by typing a simple
'smbclient' command reveals the following output:

SSL: Error error setting CA cert locations: error:00000000::lib(0) :func(0)
:reason(0) trying default locations.
added interface ip= bcast= nmask=
Usage: smbclient service <password> [options]
Version 2.0.7
 -s smb.conf           pathname to smb.conf file
 -O socket_options     socket options to use
 -R name resolve order use these name resolution services only
 -M host               send a winpopup message to the host
 -i scope              use this NetBIOS scope
 -N                    don't ask for a password
 -n netbios name.      Use this name as my netbios name
 -d debuglevel         set the debuglevel
 -P                    connect to service as a printer
 -p port               connect to the specified port
 -l log basename.      Basename for log/debug files
 -h                    Print this help message.
 -I dest IP            use this IP to connect to
 -E                    write messages to stderr instead of stdout
 -U username           set the network username
 -L host               get a list of shares available on a host
 -t terminal code      terminal i/o code {sjis|euc|jis7|jis8|junet|hex}
 -m max protocol       set the max protocol level
 -W workgroup          set the workgroup name
 -T<c|x>IXFqgbNan      command line tar
 -D directory          start from directory
 -c command string     execute semicolon separated commands
 -b xmit/send buffer   changes the transmit/send buffer (default: 65520)

Notice the error at the start.

Furthermore, after downloading the samba source (without ssl) and
recompiling, then the connections to a NT station could successfully be
accomplished.  Is this a known bug??
Urgency on this matter would be greatly appreciated.
Comment 1 Luke Reeves 2000-10-21 22:58:35 EDT
I can confirm this bug in the Redhat 7.0 RPM packages for Samba.  I can't
connect to Windows 95, 98 and 2000 machines with the same error as reported
above.  As well, no external machines can connect to me.
Comment 2 Nalin Dahyabhai 2000-10-25 10:54:43 EDT
The SSL-related message is a spurious error which you can cure by adding "ssl CA
certFile = /etc/httpd/conf/ssl.crt/ca-bundle.crt" if you have mod_ssl
installed.  (Future versions of the openssl package will provide this file, and
future versions of the samba package will be configured to use it by default).

I'm not able to reproduce the "can't connect" problem you're seeing.
Comment 3 pogosyan 2001-01-07 14:57:31 EST
I can confirm that SSL related message is spurious. I'm getting it (even having
ssl = no in smb.conf )
but all connections are working fine
Comment 4 Zoltan Arpadffy 2001-02-03 18:36:12 EST
ssl CA certFile = /etc/httpd/conf/ssl.crt/server.crt" does work, but just for 
localhost - if I'm running smbclient from the host, but login attempts from 
windows are unsuccessful. If you're set up security = share than public shares 
are visible.
Comment 5 Trond Eivind Glomsrxd 2001-06-20 17:04:00 EDT
Ssl is disabled in our newer RPMs (at least 2.2.0-1 and up, probably earlier).
This should elimate the problem.

Note You need to log in before you can comment on or make changes to this bug.