[cifs-protocol] SMB1 maximum packet size with signing enabled
George K Colley
gcolley at apple.com
Mon Jun 20 12:42:01 MDT 2011
On Jun 20, 2011, at 6:43 AM, Jeff Layton wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> I've been doing some testing with signing enabled and have found that
> win2k8 seems to consistently return STATUS_ACCESS_DENIED whenever I
> send it a SMB that's larger than 16704 bytes. It seems to have no issue
> with larger sized SMBs when signing is disabled.
> It seems sort of like a protocol violation since the NEGOTIATE response
> from the server has the CAP_LARGE_READX and WRITEX bits set. It's
> possible though that I've missed something in the spec.
> In any case, my questions:
> 1) is this a known limitation in windows, or a bug?
This has been a known issue for a very long time. When signing is on you need to use the negotiated buffer size not the Large CAP size.
> 2) is this common to all (most?) versions of windows?
> 3) is there some way we can detect what the server's limit is in this situation?
If the UNIX CAPS is not set and they have signing on then I turn off CAP_LARGE_WRITEX. Note this does not affect CAP_LARGE_READX.
> Thanks and let me know if you need clarification on these questions,
> - --
> Jeff Layton <jlayton at samba.org>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.17 (GNU/Linux)
> -----END PGP SIGNATURE-----
> cifs-protocol mailing list
> cifs-protocol at cifs.org
More information about the cifs-protocol