Signature check for LOGOFF response
ematsumiya at suse.de
Sat Mar 19 03:20:25 UTC 2022
The LOGOFF command response is not signed (=> signature is 0x0), but we
check it anyway, displaying "sign fail" errors in ring buffer.
As far as I checked, an explicit LOGOUT is only sent when tlink pruning
happens (i.e. TLINK_IDLE_EXPIRE expires), but we have a case of this
causing issues on production env.
I didn't find LOGOFF being a signature check exception in MS-SMB2 rev64.
2.2.7 SMB2 LOGOFF Request
2.2.8 SMB2 LOGOFF Response
184.108.40.206 Receiving an SMB2 LOGOFF Response
220.127.116.11 Receiving an SMB2 LOGOFF Request
If this is implementation defined, maybe something like this could work?
@@ -667,6 +667,7 @@ smb2_verify_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)
if ((shdr->Command == SMB2_NEGOTIATE) ||
(shdr->Command == SMB2_SESSION_SETUP) ||
(shdr->Command == SMB2_OPLOCK_BREAK) ||
+ (shdr->Command == SMB2_LOGOFF) ||
More information about the samba-technical