SMB2 Session Re-Authentication with same Session id
SMB2 Session Re-Authentication with same Session id
SMB protocol document reference:
Latest version published in 1/29/2024, there is description about session setup request.
3.3.5.5 Receiving an SMB2 SESSION_SETUP Request
When the server receives a request with an SMB2 header with a Command value equal to SMB2
SESSION_SETUP, message handling proceeds as follows:
6. If Session.State is Valid, the server SHOULD process the session setup request as
specified in section 3.3.5.5.2.
3.3.5.5.2 Reauthenticating an Existing Session
Session.State MUST be set to InProgress, and Session.SecurityContext set to NULL.
Authentication is continued as specified in section 3.3.5.5.3. Note that the existing
Session.SessionKey will be retained.
Impact
Issue occurs when Kerberos ticket lifetime expires and the client(AIX server) request for a session request to the server. Client wants to refresh the Kerberos credentials so that client can continue using the existing session ID, keeping open file handles valid. Because of the error returned by the server, smb client gives up its existing session ID and requests a new one. This causes all existing file handles to be invalidated, interrupting ongoing file operations.
Workaround
Need reach to SMB server vendor and ask if it supports SMB re-authentication using same session id.