[MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request - SMB2_SIGNING_CAPABILITIES negotiate context

Question

[MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request - SMB2_SIGNING_CAPABILITIES negotiate context

Lilia 80

https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/b39f253e-4963-40df-8dff-2f9040ebbeb1

According to spec:

"If the Connection.Dialect is "3.1.1", then the server MUST process the NegotiateContextList..."

"If Connection.Dialect is "3.1.1", then the server MUST build a NegotiateContextList for its negotiate response as follows:

If the server processed the SMB2_SIGNING_CAPABILITIES negotiate request context, then the server MUST build an SMB2_SIGNING_CAPABILITIES negotiate response context by setting the following:

SigningAlgorithms MUST be set to Connection.SigningAlgorithmId.

SigningAlgorithmCount MUST be set to 1."

Since for SMB311 processing this context is a MUST, then responding with the context is also a MUST.

But in reality Windows hosts do not respond with the SMB2_SIGNING_CAPABILITIES context in Negotiate response.

Tom Jebo 2,336 Reputation points Microsoft Employee Moderator

2024-04-04T17:00:02.7433333+00:00

Hi Lilia,

Thank you for reaching out to the Open Specifications team to report this issue with [MS-SMB2]. One of the team members with post shortly to assist you with this.

Best regards,
Tom Jebo
Microsoft Open Specifications Support
Obaid Farooqi MSFT 751 Reputation points Microsoft Employee Moderator

2024-04-04T19:20:10.3266667+00:00

Hi Lilia

I'll help you with this issue. Can you please send me a network trace showing this behavior?

Please send me an email to address dochelp at microsoft dot com and I'll send you a link where you can upload the traces.

Regards,

Obaid Farooqi -MSFT
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

Accepted answer

0 additional answers

Your answer

Tom Jebo 2,336 Reputation points Microsoft Employee Moderator

2024-04-04T17:00:02.7433333+00:00

Hi Lilia,

Thank you for reaching out to the Open Specifications team to report this issue with [MS-SMB2]. One of the team members with post shortly to assist you with this.

Best regards,
Tom Jebo
Microsoft Open Specifications Support
Obaid Farooqi MSFT 751 Reputation points Microsoft Employee Moderator

2024-04-04T19:20:10.3266667+00:00

Hi Lilia

I'll help you with this issue. Can you please send me a network trace showing this behavior?

Please send me an email to address dochelp at microsoft dot com and I'll send you a link where you can upload the traces.

Regards,

Obaid Farooqi -MSFT
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

Answer 1

Update:

This issue is now resolved.

In MS-SMB2, in the following behavior notes, it has been stated that Windows server’s versions older than v20H2 do not process SMB2_SIGNING_CAPABILITIES:

“<17> Section 2.2.3.1: Windows 10 operating system and prior and Windows Server v20H2 operating

system and prior do not send or process SMB2_SIGNING_CAPABILITIES.”

“<125> Section 3.2.4.2.2.2: Windows 10 operating system and prior and Windows Server v20H2

operating system and prior do not send or process SMB2_SIGNING_CAPABILITIES negotiate context.”

The behavior notes above explain what the poster is observing in WS2016.

I have filed a bug against MS-SMB2 to remove the MUST’s in section “Processing the SMB2_SIGNING_CAPABILITIES negotiate context”.

Regards,

Obaid Farooqi - MSFT

Share via

[MS-SMB2] 3.3.5.4 Receiving an SMB2 NEGOTIATE Request - SMB2_SIGNING_CAPABILITIES negotiate context

0 additional answers

Your answer