[cifs-protocol] SMB1 maximum packet size with signing enabled
George K Colley
gcolley at apple.com
Mon Jun 20 12:42:01 MDT 2011
On Jun 20, 2011, at 6:43 AM, Jeff Layton wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I've been doing some testing with signing enabled and have found that
> win2k8 seems to consistently return STATUS_ACCESS_DENIED whenever I
> send it a SMB that's larger than 16704 bytes. It seems to have no issue
> with larger sized SMBs when signing is disabled.
>
> It seems sort of like a protocol violation since the NEGOTIATE response
> from the server has the CAP_LARGE_READX and WRITEX bits set. It's
> possible though that I've missed something in the spec.
>
> In any case, my questions:
>
> 1) is this a known limitation in windows, or a bug?
This has been a known issue for a very long time. When signing is on you need to use the negotiated buffer size not the Large CAP size.
>
> 2) is this common to all (most?) versions of windows?
Yes
>
> 3) is there some way we can detect what the server's limit is in this situation?
If the UNIX CAPS is not set and they have signing on then I turn off CAP_LARGE_WRITEX. Note this does not affect CAP_LARGE_READX.
George
>
> Thanks and let me know if you need clarification on these questions,
> - --
> Jeff Layton <jlayton at samba.org>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.17 (GNU/Linux)
>
> iEYEARECAAYFAk3/Tm4ACgkQyP0gxQMdzIC4oACfWODLyYLKgAYsoorXWkHp+VQR
> l74AoIv80J9WCpfJRTQP2B/gWn8g4nxR
> =1qM/
> -----END PGP SIGNATURE-----
> _______________________________________________
> cifs-protocol mailing list
> cifs-protocol at cifs.org
> https://lists.samba.org/mailman/listinfo/cifs-protocol
More information about the cifs-protocol
mailing list