Smb2-protocol: Re: [Smb2-protocol] Re: a first look at SMB2

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date: Fri, 25 Nov 2005 23:47:55 +1100
We made some more progress this evening. Thanks to metze and volker
for helping with very useful suggestions.

We now know what the remaining 5 opcodes are, so the full opcode list
is:

#define SMB2_OP_NEGPROT   0x00
#define SMB2_OP_SESSSETUP 0x01
#define SMB2_OP_LOGOFF    0x02
#define SMB2_OP_TCON      0x03
#define SMB2_OP_TDIS      0x04
#define SMB2_OP_CREATE    0x05
#define SMB2_OP_CLOSE     0x06
#define SMB2_OP_FLUSH     0x07
#define SMB2_OP_READ      0x08
#define SMB2_OP_WRITE     0x09
#define SMB2_OP_LOCK      0x0a
#define SMB2_OP_TRANS     0x0b
#define SMB2_OP_CANCEL    0x0c
#define SMB2_OP_KEEPALIVE 0x0d
#define SMB2_OP_FIND      0x0e
#define SMB2_OP_NOTIFY    0x0f
#define SMB2_OP_GETINFO   0x10
#define SMB2_OP_SETINFO   0x11
#define SMB2_OP_BREAK     0x12

We've also implemented all of the above in libcli/smb2/ except for
cancel, notify, break and lock.

Ronnie, here are the structures so you can add the new opcodes to
ethereal.

flush: takes 0x18 body bytes. contains 2 bytes padding, 4 bytes
unknown, and a handle. Returns 4 bytes, seems to be all padding.

keepalive, tdis and logoff: take 4 bytes, all padding (ie. 2 byte
buffer code, 2 byte padding). Return 4 bytes, all padding.

lock: takes 0x30 bytes. byte 2 needs to be 1. takes a file handle at
offset 0x08. All the rest not decoded yet.