[cifs-protocol] [REG:112080864018345] SMB3 encryption over multiple requests

Bryan Burgin bburgin at microsoft.com
Wed Aug 8 14:16:52 MDT 2012

[dochelp to bcc]
[adding case number and casemail]

Hi Metze,

We created the case 112080864018345 to track this issue, which I will help you with.



-----Original Message-----
From: Stefan (metze) Metzmacher [mailto:metze at samba.org] 
Sent: Wednesday, August 08, 2012 9:38 AM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at cifs.org
Subject: SMB3 encryption over multiple requests


I just found out that windows2012 RC sends multiple compound requests within just one encrypted SMB2_TRANSFORM message.

From reading [MS-SMB2] version 37.0 I had the impression that each request would be encrypted on its own, similar to how signing works.

Can the other receiver side rely on the fact that all messages within a SMB2_TRANSFORM message belong to the same session as the session (referenced by the session id in the SMB2_TRANSFORM header) used for the encryption?

What will happen if a client send unrelated compound requests?

What about async responses with STATUS_PENDING, are they also encrypted?

How does it work, when the last request in a compound chain goes async?

Are Oplock/Lease Break Notifications encrypted?

Can there be more than one SMB2_TRANSFORM message within a transport layer message?


More information about the cifs-protocol mailing list