Nice.
I have updated the wiki and ethereal according to your info. I hope i
got it right.
There are some info in the wiki for both Cancel and Notify and how
they interact.
Byte 2 for Lock, maybe that has to be 1 when you lock a file and 0
when you unlock a file?
Or maybe it is a count of how many lock structures are present?
Old SMB very often used to pass multiple lock/unlocks for different
byteranges in teh same command pdu.
On 11/25/05, tridge@xxxxxxxxx <tridge@xxxxxxxxx> wrote:
> We made some more progress this evening. Thanks to metze and volker
> for helping with very useful suggestions.
>
> We now know what the remaining 5 opcodes are, so the full opcode list
> is:
>
> #define SMB2_OP_NEGPROT 0x00
> #define SMB2_OP_SESSSETUP 0x01
> #define SMB2_OP_LOGOFF 0x02
> #define SMB2_OP_TCON 0x03
> #define SMB2_OP_TDIS 0x04
> #define SMB2_OP_CREATE 0x05
> #define SMB2_OP_CLOSE 0x06
> #define SMB2_OP_FLUSH 0x07
> #define SMB2_OP_READ 0x08
> #define SMB2_OP_WRITE 0x09
> #define SMB2_OP_LOCK 0x0a
> #define SMB2_OP_TRANS 0x0b
> #define SMB2_OP_CANCEL 0x0c
> #define SMB2_OP_KEEPALIVE 0x0d
> #define SMB2_OP_FIND 0x0e
> #define SMB2_OP_NOTIFY 0x0f
> #define SMB2_OP_GETINFO 0x10
> #define SMB2_OP_SETINFO 0x11
> #define SMB2_OP_BREAK 0x12
>
> We've also implemented all of the above in libcli/smb2/ except for
> cancel, notify, break and lock.
>
> Ronnie, here are the structures so you can add the new opcodes to
> ethereal.
>
> flush: takes 0x18 body bytes. contains 2 bytes padding, 4 bytes
> unknown, and a handle. Returns 4 bytes, seems to be all padding.
>
> keepalive, tdis and logoff: take 4 bytes, all padding (ie. 2 byte
> buffer code, 2 byte padding). Return 4 bytes, all padding.
>
> lock: takes 0x30 bytes. byte 2 needs to be 1. takes a file handle at
> offset 0x08. All the rest not decoded yet.
>
> _______________________________________________
> Smb2-protocol mailing list
> Smb2-protocol@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/smb2-protocol
>
