Can we trust the server to return proper signing capability on session setup

Steve French (smfltc) smfltc at
Thu Oct 4 20:13:52 GMT 2007

If the Linux cifs client turns off signing (signing is available by 
default), but the server requires it, the client still attempts session 
setup.  Presumably the original reason for this was that we did not 
trust the server to always get the flags right - and it does not hurt to 
try to continue (if the server does not like getting unsigned packets it 
will take the session down).   The cifs client does log a warning 
message that signing was turned off (on the client) but the server 
requires it, but the error on mount will be "Resouce Temporarily 
Unavailable" (rc = -11) since the server session went away (the user 
does not see a more intuitive error e.g. Operation Not Supported)

1) What should the posix error be (EOPNOTSUPP is not strictly true, and 
EACCESS is misleading) ?

2) Should the client override the tconx error (-11) for this case or not 
attempt tconx at all (when it would get EOPNOTSUPP presumably, but might 
run into problems if the server screwed up the flags as we have seen 
some do recently)

More information about the samba-technical mailing list