'Re: [cifs-protocol] 113100910848314 session logoff request / response clarification'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       cifs-protocol
Subject:    Re: [cifs-protocol] 113100910848314 session logoff request / response clarification
From:       Shirish Pargaonkar <shirishpargaonkar () gmail ! com>
Date:       2013-10-12 14:18:41
Message-ID: CADT32eLY2ELZ3PhY1Podz9zFFnVN1DQy6q0EVNDOyNM9CATetQ () mail ! gmail ! com
[Download RAW message or body]

Sreekanth,

Thanks.  This is good enough.  I was mainly interested in finding
out the client behaviour in 2), your clarification, applying 3.2.5.1
before 3.2.5.4 is what I was looking for.

Regards,

Shirish

On Fri, Oct 11, 2013 at 1:27 PM, Sreekanth Nadendla
<srenaden@microsoft.com> wrote:
> Hello Shirish,
> Is there a particular reason why you are talking about the errors in a log off \
> scenario ? It seems like you feel like the client and/or server side processing \
> during log off scenario requires special handling that is not explained/inferred in \
> these documents.  Please review the following and let me know if you feel like I \
> have misunderstood anything. 
> 
> 1) Types of error a server can return in response to a session logoff request from \
> a client (section 2.2.8). 
> SMB2 ERROR Response packet is sent by the server to respond to a request that has \
> failed or encountered an error. See section 2.2.2 from MS-SMB2. This document does \
> not describe all possible error conditions and how to handle them. Also review \
> section "3.2.5.1   Receiving Any Message" 
> section 3.2.5.1.3 states  ..".If signature verification fails, the client MUST \
> discard the received message and do no further processing for it. The client MAY \
> also choose to disconnect the connection. ...." 
> 
> 2) The state of the session and expected client behaviour when a server returns an \
> error to a session logoff request. Specifically, does the client behaviour stated \
> in section 3.2.5.4  (Receiving an SMB2 LOGOFF Response) apply in case of an error \
> as well? 
> No. The client processing goes through 3.2.5.1 before going through 3.2.5.4. In the \
> case of an error the client will not process 3.2.5.4. 
> 
> 3) There is no verbiage about server behaviour if the signature verification fails \
> the way it is described for client behaviour if the signature verification fails in \
> section 3.2.5.1.3. In the context of session logoff request, if the signature does \
> not match, what is the correct/expected server behaviour?   Right now, in SMB3 \
> dialect, Windows 8 server returns a response with an  error (access denied) for a \
> missing/mismatched signature.  Is that correct or should a server discard the \
> request and do no further processing for it? 
> 
> In this case, the server behavior is documented in section "3.3.5.2.4   Verifying \
> the Signature". As mentioned, Access Denied is the  expected error and the server \
> MAY disconnect the connection. Note that Windows servers do not disconnect due to \
> mismatched signature. This is true for any request that fails signature \
> verification. 
> 
> 
> Regards,
> Sreekanth Nadendla
> Microsoft Windows Open Specifications
> 
> 
> -----Original Message-----
> From: Shirish Pargaonkar [mailto:shirishpargaonkar@gmail.com]
> Sent: Tuesday, October 8, 2013 8:53 PM
> To: Interoperability Documentation Help
> Cc: cifs-protocol@samba.org
> Subject: session logoff request / response clarification
> 
> ---
> Would like to have a clarification in MS-SMB2 document about the
> 
> 1) Types of error a server can return in response to a session logoff
> request from a client (section 2.2.8).
> 
> 2) The state of the session and expected client behaviour when a server
> returns an error to a session logoff request.
> Specifically, does the client behaviour stated in section 3.2.5.4
> (Receiving an SMB2 LOGOFF Response) apply in case of an error as well?
> 
> 3) There is no verbiage about server behaviour if the signature verification
> fails the way it is described for client behaviour if the signature
> verification fails in section 3.2.5.1.3.
> In the context of session logoff request, if the signature does not match,
> what is the correct/expected server behaviour?
> Right now, in SMB3 dialect, Windows 8 server returns a response with an
> error (access denied) for a missing/mismatched signature.  Is that correct
> or should a server discard the request and do no further processing for it?
> 
> ---
> MS-CIFS document lists the types of error a server may return in response to a \
> session logoff request (section 2.2.4.54.2) but it does not state the state of the \
> smb session and expected client behaviour in case of an error received in logoff \
> response in section 3.2.5.1. In case of signature mismatch in the context of \
> session logoff request, Windows 8 server for smb1 dialect, behaves in a similar way \
> as above (smb3).
_______________________________________________
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

[prev in list] [next in list] [prev in thread] [next in thread] 