smbtorture problems with encryption

Gordon Ross gordon.w.ross at
Fri Aug 5 14:58:38 UTC 2022

Hi all,

I've discovered that several smbtorture tests fail if the server sets
SMB2_SESSION_FLAG_ENCRYPT_DATA in the SessionFlags on the smb2 session
setup response.
After some examination in wireshark and on the server side, it looks
like the essential problem is that after an SMB logon session has been
invalidated (either by smb2_logoff or by logon specifying a previous
session ID) then smbtorture may continue trying to use that session ID
and encryption keys to encrypt outgoing messages.  The server drops
these and disconnects because the session identified in the encryption
transform header is no longer valid.

I took a whack at trying to fix this in smbtorture with a new call to
explicitly turn off encryption for the session we've just logged off,
but my changes aren't working.  Something is turning on
"should_encrypt" and I've run out of patience trying to figure out
where.  (my failed attempt is attached) So, I'm here, asking "Any
better suggestions how to fix this?".

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Failed-attempt-to-fix-smbtorture-durable_open_reopen.patch
Type: application/octet-stream
Size: 2574 bytes
Desc: not available
URL: <>

More information about the samba-technical mailing list