Smb2-protocol: Re: [Smb2-protocol] Re: a first look at SMB2

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date: Fri, 25 Nov 2005 16:57:36 +1100
Ronnie,

 > now   the question is   what to call this opcode.
 > 
 > 
 > Transaction ?

yep, you're right. I've now implemented a SMB2 transport for the
dcerpc library in Samba4, and it works fine. As with SMB, it uses SMB2
trans calls for most things, then uses SMB2 read/write calls when the
data doesn't fit, or you have to read more parts of the reply.

While doing this I discovered a few new fields:

 - immediately after the oplocks flags in smb2_create comes the 32 bit
   impersonation field (same meaning as in ntcreatex). This is needed
   for opening the pipe for dcerpc.

 - immediately after the max_response_size in the SMB2 trans request
   comes a set of flags. I've marked it as 64bit, but only the first
   bit seems to matter. It needs to be 1 for dce/rpc. Getting it wrong
   gives STATUS_NOT_SUPPORTED.

 - in smb2_trans request, it seems to take both an 'in' and an 'out'
   buffer. The server seems to ignore whats in the 'in' buffer. This
   seems to be symmetric with the smb2_trans response.

 - why they stick the request in the response is anyones guess. Seems
   to be useless.

Cheers, Tridge