Signature check for LOGOFF response

Tom Talpey tom at talpey.com
Thu Mar 24 15:04:30 UTC 2022


On 3/23/2022 1:29 PM, Enzo Matsumiya wrote:
> Hi Tom,
> 
> On 03/19, Tom Talpey wrote:
>> What server is returning this unsigned response? Assuming it's Windows,
>> that is either a doc bug or (arguably) a server bug, and should be
>> reported before deciding how to address it here.
> 
> It's a NetApp ONTAP 9.5P13. We've identified it's also setting wrong
> signatures on READ responses with STATUS_END_OF_FILE.
> 
> Our tests against Windows Server 2019 showed it to behave ok, so it
> looks like something on NetApp side.

In this case I don't think it is appropriate to apply the suggested
patch. Allowing unsigned or invalidly signed responses will greatly
reduce security. I'll be interested if NetApp provides any information.

Tom.



More information about the samba-technical mailing list