[cifs-protocol] 112080864018345 SMB3 encryption over multiple requests
srenaden at microsoft.com
Wed Aug 8 11:50:30 MDT 2012
Thank you for your inquiry about encryption in SMB3 file sharing protocol. We have created incident 112080864018345 for investigating this issue. One of the Open specifications team member will contact you shortly.
Microsoft Windows Open Specifications
From: Stefan (metze) Metzmacher [mailto:metze at samba.org]
Sent: Wednesday, August 08, 2012 12:38 PM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at cifs.org
Subject: SMB3 encryption over multiple requests
I just found out that windows2012 RC sends multiple compound requests within just one encrypted SMB2_TRANSFORM message.
From reading [MS-SMB2] version 37.0 I had the impression that each request would be encrypted on its own, similar to how signing works.
Can the other receiver side rely on the fact that all messages within a SMB2_TRANSFORM message belong to the same session as the session (referenced by the session id in the SMB2_TRANSFORM header) used for the encryption?
What will happen if a client send unrelated compound requests?
What about async responses with STATUS_PENDING, are they also encrypted?
How does it work, when the last request in a compound chain goes async?
Are Oplock/Lease Break Notifications encrypted?
Can there be more than one SMB2_TRANSFORM message within a transport layer message?
More information about the cifs-protocol