Signature check for LOGOFF response

Enzo Matsumiya ematsumiya at
Sat Mar 19 03:20:25 UTC 2022


The LOGOFF command response is not signed (=> signature is 0x0), but we
check it anyway, displaying "sign fail" errors in ring buffer.

As far as I checked, an explicit LOGOUT is only sent when tlink pruning
happens (i.e. TLINK_IDLE_EXPIRE expires), but we have a case of this
causing issues on production env.

I didn't find LOGOFF being a signature check exception in MS-SMB2 rev64.
Relevant sections:

2.2.7 SMB2 LOGOFF Request
2.2.8 SMB2 LOGOFF Response Receiving an SMB2 LOGOFF Response Receiving an SMB2 LOGOFF Request

If this is implementation defined, maybe something like this could work?
(100% untested)

--- a/fs/cifs/smb2transport.c
+++ b/fs/cifs/smb2transport.c
@@ -667,6 +667,7 @@ smb2_verify_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)
         if ((shdr->Command == SMB2_NEGOTIATE) ||
             (shdr->Command == SMB2_SESSION_SETUP) ||
             (shdr->Command == SMB2_OPLOCK_BREAK) ||
+           (shdr->Command == SMB2_LOGOFF) ||
             server->ignore_signature ||
                 return 0;



More information about the samba-technical mailing list