1 /* 2 * This file and its contents are supplied under the terms of the 3 * Common Development and Distribution License ("CDDL"), version 1.0. 4 * You may only use this file in accordance with the terms of version 5 * 1.0 of the CDDL. 6 * 7 * A full copy of the text of the CDDL should have accompanied this 8 * source. A copy of the CDDL is also available via the Internet at 9 * http://www.illumos.org/license/CDDL. 10 */ 11 12 /* 13 * Copyright 2018 Nexenta Systems, Inc. All rights reserved. 14 */ 15 16 #ifndef _SMB_SMB2_H 17 #define _SMB_SMB2_H 18 19 #ifdef __cplusplus 20 extern "C" { 21 #endif 22 23 #define SMB2_PROTOCOL_ID { 0xFE, 'S', 'M', 'B' } 24 #define SMB2_HDR_SIZE 64 25 #define SMB3_TFORM_HDR_SIZE 52 26 27 /* 28 * Protocol ID as a 32-bit little-endian integer. 29 */ 30 #define SMB2_PROTOCOL_MAGIC 0x424d53fe 31 #define SMB3_ENCRYPTED_MAGIC 0x424d53fd 32 33 /* 34 * SMB2 header command codes. 35 * These are uint16_t on the wire. 36 */ 37 typedef enum { 38 SMB2_NEGOTIATE = 0, 39 SMB2_SESSION_SETUP, 40 SMB2_LOGOFF, 41 SMB2_TREE_CONNECT, 42 SMB2_TREE_DISCONNECT, 43 SMB2_CREATE, 44 SMB2_CLOSE, 45 SMB2_FLUSH, 46 SMB2_READ, 47 SMB2_WRITE, 48 SMB2_LOCK, 49 SMB2_IOCTL, 50 SMB2_CANCEL, 51 SMB2_ECHO, 52 SMB2_QUERY_DIRECTORY, 53 SMB2_CHANGE_NOTIFY, 54 SMB2_QUERY_INFO, 55 SMB2_SET_INFO, 56 SMB2_OPLOCK_BREAK, 57 /* 58 * The above (oplock break) is the last real SMB2 op-code. 59 * We use one more slot to represent invalid commands, and 60 * the final enum value is used for array sizes. Keep last! 61 */ 62 SMB2_INVALID_CMD, 63 SMB2__NCMDS 64 } SMB2_cmd_code; 65 66 /* 67 * SMB2 header flags. 68 */ 69 70 /* 71 * SERVER_TO_REDIR 72 * When set, indicates the message is a response rather than 73 * a request. This MUST be set on responses sent from the 74 * server to the client, and MUST NOT be set on requests 75 * sent from the client to the server. 76 */ 77 #define SMB2_FLAGS_SERVER_TO_REDIR 0x00000001 78 79 /* 80 * ASYNC_COMMAND 81 * When set, indicates that this is an ASYNC SMB2 header. 82 * Always set for headers of the form described in this 83 * section. 84 */ 85 #define SMB2_FLAGS_ASYNC_COMMAND 0x00000002 86 87 /* 88 * RELATED_OPERATIONS 89 * When set in an SMB2 request, indicates that this request 90 * is a related operation in a compounded request chain. 91 * [MS-SMB2 sec. 3.2.4.1.4] 92 * 93 * When set in an SMB2 compound response, indicates that 94 * the request corresponding to this response was part of a 95 * related operation in a compounded request chain. 96 * [MS-SMB2 sec. 3.3.5.2.7.2] 97 */ 98 #define SMB2_FLAGS_RELATED_OPERATIONS 0x00000004 99 100 /* 101 * SIGNED 102 * When set, indicates that this packet has been signed. 103 * [MS-SMB2 3.1.5.1] 104 */ 105 #define SMB2_FLAGS_SIGNED 0x00000008 106 107 /* 108 * [MS-SMB2] 3.2.5.3.1 The SessionKey MUST be set to the 109 * first 16 bytes of the cryptographic key from GSSAPI. 110 * (Padded with zeros if the GSSAPI key is shorter.) 111 */ 112 #define SMB2_SESSION_KEY_LEN 16 113 114 /* 115 * DFS_OPERATIONS 116 * When set, indicates that this command is a Distributed 117 * File System (DFS) operation. [MS-SMB2 3.3.5.9] 118 */ 119 #define SMB2_FLAGS_DFS_OPERATIONS 0x10000000 120 121 /* 122 * REPLAY_OPERATION 123 * This flag is only valid for the SMB 3.0 dialect. When set, 124 * it indicates that this command is a replay operation. 125 * The client MUST ignore this bit on receipt. 126 */ 127 #define SMB2_FLAGS_REPLAY_OPERATION 0x20000000 128 129 /* 130 * SMB2 Netgotiate [MS-SMB2 2.2.3] 131 */ 132 133 #define SMB2_NEGOTIATE_SIGNING_ENABLED 0x01 134 #define SMB2_NEGOTIATE_SIGNING_REQUIRED 0x02 135 136 #define SMB2_CAP_DFS 0x00000001 137 138 /* Added with SMB2.1 */ 139 #define SMB2_CAP_DFS 0x00000001 140 #define SMB2_CAP_LEASING 0x00000002 141 /* 142 * LARGE_MTU: 143 * When set, indicates that the client supports multi-credit operations. 144 */ 145 #define SMB2_CAP_LARGE_MTU 0x00000004 146 147 /* Added with SMB3.0 */ 148 #define SMB2_CAP_MULTI_CHANNEL 0x00000008 149 #define SMB2_CAP_PERSISTENT_HANDLES 0x00000010 150 #define SMB2_CAP_DIRECTORY_LEASING 0x00000020 151 #define SMB2_CAP_ENCRYPTION 0x00000040 152 153 /* SMB2 session flags */ 154 #define SMB2_SESSION_FLAG_IS_GUEST 0x0001 155 #define SMB2_SESSION_FLAG_IS_NULL 0x0002 156 #define SMB2_SESSION_FLAG_ENCRYPT_DATA 0x0004 157 158 /* 159 * Client wants to bind an existing session to a new connection 160 */ 161 #define SMB2_SESSION_FLAG_BINDING 0x01 162 163 /* 164 * SMB2 Tree connect, disconnect 165 */ 166 167 /* SMB2 sharetype flags */ 168 #define SMB2_SHARE_TYPE_DISK 0x1 169 #define SMB2_SHARE_TYPE_PIPE 0x2 170 #define SMB2_SHARE_TYPE_PRINT 0x3 171 172 /* SMB2 share flags */ 173 #define SMB2_SHAREFLAG_MANUAL_CACHING 0x00000000 174 #define SMB2_SHAREFLAG_AUTO_CACHING 0x00000010 175 #define SMB2_SHAREFLAG_VDO_CACHING 0x00000020 176 #define SMB2_SHAREFLAG_NO_CACHING 0x00000030 177 #define SMB2_SHAREFLAG_DFS 0x00000001 178 #define SMB2_SHAREFLAG_DFS_ROOT 0x00000002 179 #define SMB2_SHAREFLAG_RESTRICT_EXCLUSIVE_OPENS 0x00000100 180 #define SMB2_SHAREFLAG_FORCE_SHARED_DELETE 0x00000200 181 #define SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING 0x00000400 182 #define SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM 0x00000800 183 #define SMB2_SHAREFLAG_FORCE_LEVELII_OPLOCK 0x00001000 184 /* SMB 3.0 */ 185 #define SMB2_SHAREFLAG_ENABLE_HASH_V1 0x00002000 186 #define SMB2_SHAREFLAG_ENABLE_HASH_V2 0x00004000 187 #define SMB2_SHAREFLAG_ENCRYPT_DATA 0x00008000 188 189 /* SMB2 share capabilities */ 190 #define SMB2_SHARE_CAP_DFS 0x00000008 191 /* SMB 3.0 */ 192 #define SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY 0x00000010 193 #define SMB2_SHARE_CAP_SCALEOUT 0x00000020 194 #define SMB2_SHARE_CAP_CLUSTER 0x00000040 195 196 /* 197 * SMB2 Create (open) 198 */ 199 200 /* 201 * SMB2 requested oplock levels 202 * Corresponds to ntifs.h OPLOCK_LEVEL_... but NOT the same! 203 */ 204 #define SMB2_OPLOCK_LEVEL_NONE 0x00 205 #define SMB2_OPLOCK_LEVEL_II 0x01 206 #define SMB2_OPLOCK_LEVEL_EXCLUSIVE 0x08 207 #define SMB2_OPLOCK_LEVEL_BATCH 0x09 208 #define SMB2_OPLOCK_LEVEL_LEASE 0xFF 209 210 /* 211 * SMB2 create request lease "type" 212 * Note: Same as ntifs.h OPLOCK_LEVEL_CACHE... 213 */ 214 #define SMB2_LEASE_NONE 0x00 215 #define SMB2_LEASE_READ_CACHING 0x01 216 #define SMB2_LEASE_HANDLE_CACHING 0x02 217 #define SMB2_LEASE_WRITE_CACHING 0x04 218 219 /* SMB2 create lease flags */ 220 #define SMB2_LEASE_FLAG_BREAK_IN_PROGRESS 0x00000002 221 #define SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET 0x00000004 222 223 /* SMB2 impersonation levels */ 224 #define SMB2_IMPERSONATION_ANONYMOUS 0x00 225 #define SMB2_IMPERSONATION_IDENTIFICATION 0x01 226 #define SMB2_IMPERSONATION_IMPERSONATION 0x02 227 #define SMB2_IMPERSONATION_DELEGATE 0x03 228 229 /* 230 * Note: ShareAccess, CreateDispositon, CreateOptions, 231 * all use the same definitions as SMB1 (from MS-FSA). 232 * Ditto FileAccess flags (as with ACLs) 233 */ 234 235 /* SMB2 Create Context tags */ 236 237 #define SMB2_CREATE_EA_BUFFER 0x45787441 /* ("ExtA") */ 238 /* 239 * The data contains the extended attributes 240 * that MUST be stored on the created file. 241 * This value MUST NOT be set for named 242 * pipes and print files. 243 */ 244 245 #define SMB2_CREATE_SD_BUFFER 0x53656344 /* ("SecD") */ 246 /* 247 * The data contains a security descriptor that 248 * MUST be stored on the created file. 249 * This value MUST NOT be set for named 250 * pipes and print files. 251 */ 252 253 #define SMB2_CREATE_DURABLE_HANDLE_REQUEST 0x44486e51 /* ("DHnQ") */ 254 /* The client is requesting the open to be durable */ 255 256 #define SMB2_CREATE_DURABLE_HANDLE_RECONNECT 0x44486e43 /* ("DHnC") */ 257 /* 258 * The client is requesting to reconnect to a 259 * durable open after being disconnected 260 */ 261 262 #define SMB2_CREATE_ALLOCATION_SIZE 0x416c5369 /* ("AISi") */ 263 /* 264 * The data contains the required allocation 265 * size of the newly created file. 266 */ 267 268 #define SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQ 0x4d784163 /* ("MxAc") */ 269 /* 270 * The client is requesting that the server 271 * return maximal access information. 272 */ 273 274 #define SMB2_CREATE_TIMEWARP_TOKEN 0x54577270 /* ("TWrp") */ 275 /* 276 * The client is requesting that the server 277 * open an earlier version of the file identified 278 * by the provided time stamp. 279 */ 280 281 #define SMB2_CREATE_QUERY_ON_DISK_ID 0x51466964 /* ("QFid") */ 282 /* 283 * The client is requesting that the server return a 32-byte 284 * opaque BLOB that uniquely identifies the file being opened 285 * on disk. No data is passed to the server by the client. 286 */ 287 288 #define SMB2_CREATE_DURABLE_HANDLE_REQUEST_V2 0x44483251 /* ("DH2Q") */ 289 /* 290 * The client is requesting the open to be durable. 291 * This value is only supported for the SMB 3.x dialect family. 292 */ 293 294 #define SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2 0x44483243 /* ("DH2C") */ 295 /* 296 * The client is requesting to reconnect to a 297 * durable open after being disconnected. 298 * This value is only supported for the SMB 3.x dialect family. 299 */ 300 301 #define SMB2_DHANDLE_FLAG_PERSISTENT 0x00000002 302 /* A persistent handle is requested. */ 303 304 #define SMB2_CREATE_REQUEST_LEASE 0x52714c73 /* ("RqLs") */ 305 /* 306 * The client is requesting that the server return a lease. 307 * This value is only supported for the SMB 2.1 and 3.0 dialects. 308 */ 309 310 #define SMB2_CREATE_CTX_AAPL 0x4141504c /* ("AAPL") */ 311 /* 312 * Client is MacOS X looking for MacOS-specific extensions. 313 */ 314 315 /* 316 * SMB2 Close 317 */ 318 #define SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB 0x0001 319 320 /* 321 * SMB2 Read 322 */ 323 #define SMB2_READFLAG_READ_UNBUFFERED 0x00000001 324 325 /* 326 * SMB2 Write 327 */ 328 #define SMB2_WRITEFLAG_WRITE_THROUGH 0x00000001 329 #define SMB2_WRITEFLAG_WRITE_UNBUFFERED 0x00000002 330 331 /* 332 * SMB2 Lock Request 333 */ 334 335 /* SMB2 lock flags */ 336 337 /* 338 * SMB2_LOCKFLAG_SHARED_LOCK 339 * The range MUST be locked shared, allowing other opens 340 * to read from or take a shared lock on the range. All opens 341 * MUST NOT be allowed to write within the range. Other 342 * locks can be requested and taken on this range. 343 */ 344 #define SMB2_LOCKFLAG_SHARED_LOCK 0x00000001 345 346 /* 347 * SMB2_LOCKFLAG_EXCLUSIVE_LOCK 348 * The range MUST be locked exclusive, not allowing other 349 * opens to read, write, or lock within the range. 350 */ 351 #define SMB2_LOCKFLAG_EXCLUSIVE_LOCK 0x00000002 352 353 /* 354 * SMB2_LOCKFLAG_UNLOCK 355 * The range MUST be unlocked from a previous lock taken 356 * on this range. The unlock range MUST be identical to the 357 * lock range. Sub-ranges cannot be unlocked. 358 */ 359 #define SMB2_LOCKFLAG_UNLOCK 0x00000004 360 361 /* 362 * SMB2_LOCKFLAG_FAIL_IMMEDIATELY 363 * The lock operation MUST fail immediately if it conflicts 364 * with an existing lock, instead of waiting for the range to 365 * become available. This can be OR'ed with either of 366 * shared_lock, exclusive_lock (nothing else). 367 */ 368 #define SMB2_LOCKFLAG_FAIL_IMMEDIATELY 0x00000010 369 370 /* 371 * SMB2 Ioctl Request 372 */ 373 #define SMB2_0_IOCTL_IS_FSCTL 0x00000001 374 375 376 /* 377 * SMB2 Query Directory 378 */ 379 380 /* 381 * SMB2 query directory info levels 382 * Same as SMB1 (see ntifs.h) 383 */ 384 385 /* 386 * SMB2 Query Directory Flags 387 * (our own names for these - spec. used poor names) 388 */ 389 #define SMB2_QDIR_FLAG_RESTART 0x01 /* SMB2_RESTART_SCANS */ 390 #define SMB2_QDIR_FLAG_SINGLE 0x02 /* SMB2_RETURN_SINGLE_ENTRY */ 391 #define SMB2_QDIR_FLAG_INDEX 0x04 /* SMB2_INDEX_SPECIFIED */ 392 #define SMB2_QDIR_FLAG_REOPEN 0x10 /* SMB2_REOPEN */ 393 394 /* 395 * SMB2 Query Info Request 396 */ 397 398 /* info type */ 399 #define SMB2_0_INFO_FILE 0x01 400 /* The file information is requested. */ 401 #define SMB2_0_INFO_FILESYSTEM 0x02 402 /* The underlying object store information is requested. */ 403 #define SMB2_0_INFO_SECURITY 0x03 404 /* The security information is requested. */ 405 #define SMB2_0_INFO_QUOTA 0x04 406 /* The underlying object store quota information is requested. */ 407 408 /* 409 * SMB2 Change Nofity Request 410 */ 411 #define SMB2_WATCH_TREE 0x00000001 412 413 /* SMB2 Oplock Break: lease break notification flags */ 414 #define SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED 0x01 415 416 #ifdef __cplusplus 417 } 418 #endif 419 420 #endif /* _SMB_SMB2_H */ 421