Signature check for LOGOFF response
Enzo Matsumiya
ematsumiya at suse.de
Sat Mar 19 03:20:25 UTC 2022
Hi,
The LOGOFF command response is not signed (=> signature is 0x0), but we
check it anyway, displaying "sign fail" errors in ring buffer.
As far as I checked, an explicit LOGOUT is only sent when tlink pruning
happens (i.e. TLINK_IDLE_EXPIRE expires), but we have a case of this
causing issues on production env.
I didn't find LOGOFF being a signature check exception in MS-SMB2 rev64.
Relevant sections:
2.2.7 SMB2 LOGOFF Request
2.2.8 SMB2 LOGOFF Response
3.2.5.4 Receiving an SMB2 LOGOFF Response
3.3.5.6 Receiving an SMB2 LOGOFF Request
If this is implementation defined, maybe something like this could work?
(100% untested)
--- a/fs/cifs/smb2transport.c
+++ b/fs/cifs/smb2transport.c
@@ -667,6 +667,7 @@ smb2_verify_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)
if ((shdr->Command == SMB2_NEGOTIATE) ||
(shdr->Command == SMB2_SESSION_SETUP) ||
(shdr->Command == SMB2_OPLOCK_BREAK) ||
+ (shdr->Command == SMB2_LOGOFF) ||
server->ignore_signature ||
(!server->session_estab))
return 0;
Thoughts?
Enzo
More information about the samba-technical
mailing list