I believe that the SMB2 spec says that the CHAINED flag is not allowed in the first request of a compound request

Richard Sharpe realrichardsharpe at gmail.com
Fri Feb 1 16:58:10 MST 2013

Hi folks,

Certainly that is the way that W2K08 behaves and how the smb2.compound
test expects things.

Something like this change is required in Master and 3.6.x:

--- build/cloudcc/build_x86_64/samba-3.6.6/source3/smbd/smb2_server.c.orig
    2013-02-01 23:40:41.444063192 -0800
+++ build/cloudcc/build_x86_64/samba-3.6.6/source3/smbd/smb2_server.c
 2013-02-01 23:42:28.223040408 -0800
@@ -1241,9 +1241,14 @@ NTSTATUS smbd_smb2_request_dispatch(stru

-       allowed_flags = SMB2_HDR_FLAG_CHAINED |
-                       SMB2_HDR_FLAG_SIGNED |
+       /*
+        * SMB2_HDR_FLAG_CHAINED not allowed on the first request in a
+        * compound, so add it later
+        */
+       allowed_flags = SMB2_HDR_FLAG_SIGNED |
+       if (i > 1)
+               allowed_flags |= SMB2_HDR_FLAG_CHAINED;
        if (opcode == SMB2_OP_CANCEL) {
                allowed_flags |= SMB2_HDR_FLAG_ASYNC;

However, there is more to this than meets the eye.

The spec says that all requests in a compound should fail if the first
request has the RELATED flag set (what we call CHAINED), but the
footnote says:
<194> Section If SMB2_FLAGS_RELATED_OPERATIONS is present
in the first request and the request does not have valid SessionId,
TreeId or FileId, Windows servers fail all requests in compounded
chain with error STATUS_INVALID_PARAMETER. Otherwise, the operation
will succeed.

And, in practice, Win2K08 fails the first two in the chain that have
the RELATED bit set with INVALID_PARAMETER, but responds to the third
as if it processed it, because it returned FILE_CLOSED when the test
tried to close the file that would have been opened by the first in
the compound.

Richard Sharpe

More information about the samba-technical mailing list