smbserver clears Session Id on LogOff Response breaking signature verification

[jborean93]

Configuration

impacket version: 0.12.0 (All affected)
Python version: Any
Target OS: Any

Debug Output With Command String

There is no debug command to show this change. When an SMB2 LogOff Request is sent the smbserver.py implementation clears out the SessionId value causing the SMB2 Header to have 0 as the SessionId field.

impacket/impacket/smbserver.py

Line 3818 in 65b774d

connData['Uid'] = 0

You can see the packet capture showing that the Session Id value is set to 0 on this message.

While some clients might be able to just find the request the response is for and use the request's session id as the session lookup some clients may just use the value in the response header which will fail. The response from the server should continue to reflect the correct UID/SessionId from the request allowing the client to process the response and validate the signature on the response.

PCAP

If applicable, add a packet capture to help explain your problem.

Additional context

Space for additional context, investigative results, suspected issue.

[jborean93]

I actually think Impacket may still be compliant with the spec and the logic in my client is incorrect. MS-SMB2 states https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/36172e53-ac81-48fb-b2e3-caa3761b9157

For SMB2 SESSION_SETUP, the client MUST retrieve SessionId from SMB2 header of the response. For all other messages, the client MUST retrieve SessionId from the corresponding Request.Message. The client MUST look up the session in the Connection.SessionTable using the SessionId.

So I need to update my logic to retrieve the session id from the associated request. It still would be nice to keep them aligned but I can understand if you don't wish to update the logic.