1 /*
2 * Copyright (c) 2000-2001 Boris Popov
3 * All rights reserved.
4 *
5 * Now many of these defines are from samba4 code, by Andrew Tridgell.
6 * (Permission given to Conrad Minshall at CIFS plugfest Aug 13 2003.)
7 * (Note the main decision was whether to use defines found in MS includes
8 * and web pages, versus Samba, and the deciding factor is which developers
9 * are more likely to be looking at this code base.)
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. All advertising materials mentioning features or use of this software
20 * must display the following acknowledgement:
21 * This product includes software developed by Boris Popov.
22 * 4. Neither the name of the author nor the names of any co-contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
25 *
26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * SUCH DAMAGE.
37 *
38 * $Id: smb.h,v 1.36.90.1 2005/05/27 02:35:29 lindak Exp $
39 */
40
41 /*
42 * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
43 * Copyright 2018 Nexenta Systems, Inc. All rights reserved.
44 */
45
46 #ifndef _NETSMB_SMB_H_
47 #define _NETSMB_SMB_H_
48
49 /*
50 * Common definitions and structures for SMB/CIFS protocol
51 * This file should be purely SMB protocol definition stuff.
52 * (Please don't make it a catch-all:)
53 */
54
55 #include <smb/doserror.h>
56 #include <smb/lmerr.h>
57 #include <smb/nterror.h>
58 #include <smb/ntstatus.h>
59
60 /*
61 * SMB dialects that we have to deal with.
62 */
63 enum smb_dialects {
64 SMB_DIALECT_NONE,
65 SMB_DIALECT_CORE, /* PC NETWORK PROGRAM 1.0, PCLAN1.0 */
66 SMB_DIALECT_COREPLUS, /* MICROSOFT NETWORKS 1.03 */
67 SMB_DIALECT_LANMAN1_0, /* MICROSOFT NETWORKS 3.0, LANMAN1.0 */
68 SMB_DIALECT_LANMAN2_0, /* LM1.2X002, DOS LM1.2X002, Samba */
69 SMB_DIALECT_LANMAN2_1, /* DOS LANMAN2.1, LANMAN2.1 */
70 SMB_DIALECT_NTLM0_12, /* NT LM 0.12, etc. */
71 SMB_DIALECT_SMB2_FF /* SMB1 negotiate to SMB2 */
72 };
73
74 /*
75 * Formats of data/string buffers
76 */
77 #define SMB_DT_DATA 1
78 #define SMB_DT_DIALECT 2
79 #define SMB_DT_PATHNAME 3
80 #define SMB_DT_ASCII 4
81 #define SMB_DT_VARIABLE 5
82
83 /*
84 * SMB header
85 */
86
87 #define SMB_SIGNATURE "\xFFSMB"
88 #define SMB_SIGLEN 4
89 #define SMB_HDRCMD(p) (*((uchar_t *)(p) + SMB_SIGLEN))
90 #define SMB_HDRMID(p) (*(ushort_t *)((uchar_t *)(p) + 30))
91 #define SMB_HDR_OFF_MID 30
92 #define SMB_HDRLEN 32
93
94 #define SMB_HDR_V1 0xFF
95 #define SMB_HDR_V2 0xFE
96 #define SMB_HDR_V3E 0xFD /* SMB3 encrypted */
97
98 /*
99 * bits in the smb_flags field
100 */
101 #define SMB_FLAGS_SUPPORT_LOCKREAD 0x01
102 #define SMB_FLAGS_CLIENT_BUF_AVAIL 0x02
103 #define SMB_FLAGS_CASELESS 0x08
104 #define SMB_FLAGS_CANONICAL_PATHNAMES 0x10
105 #define SMB_FLAGS_REQUEST_OPLOCK 0x20
106 #define SMB_FLAGS_REQUEST_BATCH_OPLOCK 0x40
107 #define SMB_FLAGS_SERVER_RESP 0x80
108
109 /*
110 * bits in the smb_flags2 field
111 */
112 #define SMB_FLAGS2_KNOWS_LONG_NAMES 0x0001
113 #define SMB_FLAGS2_KNOWS_EAS 0x0002 /* client know about EAs */
114 #define SMB_FLAGS2_SECURITY_SIGNATURE 0x0004 /* check SMB integrity */
115 #define SMB_FLAGS2_IS_LONG_NAME 0x0040 /* any path name is long name */
116 #define SMB_FLAGS2_EXT_SEC 0x0800 /* client aware of Extended */
117 /* Security negotiation */
118 #define SMB_FLAGS2_DFS 0x1000 /* resolve paths in DFS */
119 #define SMB_FLAGS2_PAGING_IO 0x2000 /* for exec */
120 #define SMB_FLAGS2_ERR_STATUS 0x4000 /* 1 - status.status */
121 #define SMB_FLAGS2_UNICODE 0x8000 /* use Unicode for strings */
122
123 #define SMB_UID_UNKNOWN 0xffff
124 #define SMB_TID_UNKNOWN 0xffff
125 #define SMB_FID_UNUSED 0xffff
126
127 /*
128 * Security mode bits
129 */
130 #define SMB_SM_USER 0x01 /* server in the user security mode */
131 #define SMB_SM_ENCRYPT 0x02 /* use challenge/responce */
132 #define SMB_SM_SIGS 0x04
133 #define SMB_SM_SIGS_REQUIRE 0x08
134
135 /*
136 * Action bits in session setup reply
137 */
138 #define SMB_ACT_GUEST 0x01
139
140 /*
141 * NTLM capabilities
142 */
143 #define SMB_CAP_RAW_MODE 0x0001
144 #define SMB_CAP_MPX_MODE 0x0002
145 #define SMB_CAP_UNICODE 0x0004
146 #define SMB_CAP_LARGE_FILES 0x0008 /* 64 bit offsets supported */
147 #define SMB_CAP_NT_SMBS 0x0010
148 #define SMB_CAP_RPC_REMOTE_APIS 0x0020
149 #define SMB_CAP_STATUS32 0x0040
150 #define SMB_CAP_LEVEL_II_OPLOCKS 0x0080
151 #define SMB_CAP_LOCK_AND_READ 0x0100
152 #define SMB_CAP_NT_FIND 0x0200
153 #define SMB_CAP_DFS 0x1000
154 #define SMB_CAP_INFOLEVEL_PASSTHRU 0x2000
155 #define SMB_CAP_LARGE_READX 0x4000
156 #define SMB_CAP_LARGE_WRITEX 0x8000
157 #define SMB_CAP_UNIX 0x00800000
158 #define SMB_CAP_BULK_TRANSFER 0x20000000
159 #define SMB_CAP_COMPRESSED_DATA 0x40000000
160 #define SMB_CAP_EXT_SECURITY 0x80000000
161
162 /* SMB_COM_TREE_CONNECT_ANDX flags. See [MS-SMB] for a complete description. */
163 #define TREE_CONNECT_ANDX_DISCONNECT_TID 0x0001
164 #define TREE_CONNECT_ANDX_EXTENDED_SIGNATURES 0x0004
165 #define TREE_CONNECT_ANDX_EXTENDED_RESPONSE 0x0008
166
167 /*
168 * SMB_COM_TREE_CONNECT_ANDX optional support flags. See [MS-SMB] for a
169 * complete description.
170 */
171 #define SMB_SUPPORT_SEARCH_BITS 0x0001 /* supports SearchAttributes */
172 #define SMB_SHARE_IS_IN_DFS 0x0002 /* share is managed by DFS */
173 #define SMB_CSC_MASK 0x000C /* Offline-caching bits. */
174 #define SMB_UNIQUE_FILE_NAME 0x0010 /* Long file names only */
175 #define SMB_EXTENDED_SIGNATURES 0x0020 /* Signing key protection. */
176 /* See [MS-SMB] for a complete description of SMB_CSC_MASK bits. */
177 #define SMB_CSC_CACHE_MANUAL_REINT 0x0000
178 #define SMB_CSC_CACHE_AUTO_REINT 0x0004
179 #define SMB_CSC_CACHE_VDO 0x0008
180
181 /*
182 * File attributes
183 */
184 #define SMB_FA_RDONLY 0x01
185 #define SMB_FA_HIDDEN 0x02
186 #define SMB_FA_SYSTEM 0x04
187 #define SMB_FA_VOLUME 0x08
188 #define SMB_FA_DIR 0x10
189 #define SMB_FA_ARCHIVE 0x20
190
191 /*
192 * Extended file attributes
193 */
194 #define SMB_EFA_RDONLY 0x00000001
195 #define SMB_EFA_HIDDEN 0x00000002
196 #define SMB_EFA_SYSTEM 0x00000004
197 #define SMB_EFA_VOLUME 0x00000008
198 #define SMB_EFA_DIRECTORY 0x00000010
199 #define SMB_EFA_ARCHIVE 0x00000020
200 #define SMB_EFA_DEVICE 0x00000040
201 #define SMB_EFA_NORMAL 0x00000080
202 #define SMB_EFA_TEMPORARY 0x00000100
203 #define SMB_EFA_SPARSE 0x00000200
204 #define SMB_EFA_REPARSE_POINT 0x00000400
205 #define SMB_EFA_COMPRESSED 0x00000800
206 #define SMB_EFA_OFFLINE 0x00001000
207 #define SMB_EFA_NONINDEXED 0x00002000
208 #define SMB_EFA_ENCRYPTED 0x00004000
209 #define SMB_EFA_POSIX_SEMANTICS 0x01000000
210 #define SMB_EFA_BACKUP_SEMANTICS 0x02000000
211 #define SMB_EFA_DELETE_ON_CLOSE 0x04000000
212 #define SMB_EFA_SEQUENTIAL_SCAN 0x08000000
213 #define SMB_EFA_RANDOM_ACCESS 0x10000000
214 #define SMB_EFA_NO_BUFFERING 0x20000000
215 #define SMB_EFA_WRITE_THROUGH 0x80000000
216
217 /*
218 * Access Mode Encoding
219 */
220 #define SMB_AM_OPENREAD 0x0000
221 #define SMB_AM_OPENWRITE 0x0001
222 #define SMB_AM_OPENRW 0x0002
223 #define SMB_AM_OPENEXEC 0x0003
224 #define SMB_AM_OPENMODE 0x0003 /* mask for access mode bits */
225 #define SMB_SM_COMPAT 0x0000
226 #define SMB_SM_EXCLUSIVE 0x0010
227 #define SMB_SM_DENYWRITE 0x0020
228 #define SMB_SM_DENYREADEXEC 0x0030
229 #define SMB_SM_DENYNONE 0x0040
230
231 /* NT_CREATE_ANDX flags */
232 #define NTCREATEX_FLAGS_REQUEST_OPLOCK 0x02
233 #define NTCREATEX_FLAGS_REQUEST_BATCH_OPLOCK 0x04
234 #define NTCREATEX_FLAGS_OPEN_DIRECTORY 0x08
235 #define NTCREATEX_FLAGS_EXTENDED 0x10
236
237 /* NT_CREATE_ANDX share_access (share mode) */
238 #define NTCREATEX_SHARE_ACCESS_NONE 0
239 #define NTCREATEX_SHARE_ACCESS_READ 1
240 #define NTCREATEX_SHARE_ACCESS_WRITE 2
241 #define NTCREATEX_SHARE_ACCESS_DELETE 4
242 #define NTCREATEX_SHARE_ACCESS_ALL 7
243
244 /* NT_CREATE_ANDX open_disposition */
245 #define NTCREATEX_DISP_SUPERSEDE 0 /* if file exists supersede it */
246 #define NTCREATEX_DISP_OPEN 1 /* exists ? open it : fail */
247 #define NTCREATEX_DISP_CREATE 2 /* exists ? fail : create it */
248 #define NTCREATEX_DISP_OPEN_IF 3 /* exists ? open it : create it */
249 #define NTCREATEX_DISP_OVERWRITE 4 /* exists ? overwrite : fail */
250 #define NTCREATEX_DISP_OVERWRITE_IF 5 /* exists ? overwrite : create */
251
252 /* NT_CREATE_ANDX create_options */
253 #define NTCREATEX_OPTIONS_DIRECTORY 0x0001
254 #define NTCREATEX_OPTIONS_WRITE_THROUGH 0x0002
255 #define NTCREATEX_OPTIONS_SEQUENTIAL_ONLY 0x0004
256 #define NTCREATEX_OPTIONS_SYNC_ALERT 0x0010
257 #define NTCREATEX_OPTIONS_ASYNC_ALERT 0x0020
258 #define NTCREATEX_OPTIONS_NON_DIRECTORY_FILE 0x0040
259 #define NTCREATEX_OPTIONS_NO_EA_KNOWLEDGE 0x0200
260 #define NTCREATEX_OPTIONS_EIGHT_DOT_THREE_ONLY 0x0400
261 #define NTCREATEX_OPTIONS_RANDOM_ACCESS 0x0800
262 #define NTCREATEX_OPTIONS_DELETE_ON_CLOSE 0x1000
263 #define NTCREATEX_OPTIONS_OPEN_BY_FILE_ID 0x2000
264
265 /* NT_CREATE_ANDX "impersonation" */
266 #define NTCREATEX_IMPERSONATION_ANONYMOUS 0
267 #define NTCREATEX_IMPERSONATION_IDENTIFICATION 1
268 #define NTCREATEX_IMPERSONATION_IMPERSONATION 2
269 #define NTCREATEX_IMPERSONATION_DELEGATION 3
270
271 /* NT_CREATE_ANDX security flags */
272 #define NTCREATEX_SECURITY_DYNAMIC 1
273 #define NTCREATEX_SECURITY_ALL 2
274
275 /* NT_CREATE_ANDX create_action in reply */
276 #define NTCREATEX_ACTION_EXISTED 1
277 #define NTCREATEX_ACTION_CREATED 2
278 #define NTCREATEX_ACTION_TRUNCATED 3
279
280 /* SMB_TRANS2_FIND_FIRST2/SMB_TRANS2_FIND_NEXT2 flags */
281 #define FIND2_CLOSE_AFTER_REQUEST 0x0001
282 #define FIND2_CLOSE_ON_EOS 0x0002
283 #define FIND2_RETURN_RESUME_KEYS 0x0004
284 #define FIND2_CONTINUE_SEARCH 0x0008
285 #define FIND2_BACKUP_INTENT 0x0010
286
287 /*
288 * SMB commands
289 */
290 #define SMB_COM_CREATE_DIRECTORY 0x00
291 #define SMB_COM_DELETE_DIRECTORY 0x01
292 #define SMB_COM_OPEN 0x02
293 #define SMB_COM_CREATE 0x03
294 #define SMB_COM_CLOSE 0x04
295 #define SMB_COM_FLUSH 0x05
296 #define SMB_COM_DELETE 0x06
297 #define SMB_COM_RENAME 0x07
298 #define SMB_COM_QUERY_INFORMATION 0x08
299 #define SMB_COM_SET_INFORMATION 0x09
300 #define SMB_COM_READ 0x0A
301 #define SMB_COM_WRITE 0x0B
302 #define SMB_COM_LOCK_BYTE_RANGE 0x0C
303 #define SMB_COM_UNLOCK_BYTE_RANGE 0x0D
304 #define SMB_COM_CREATE_TEMPORARY 0x0E
305 #define SMB_COM_CREATE_NEW 0x0F
306 #define SMB_COM_CHECK_DIRECTORY 0x10
307 #define SMB_COM_PROCESS_EXIT 0x11
308 #define SMB_COM_SEEK 0x12
309 #define SMB_COM_LOCK_AND_READ 0x13
310 #define SMB_COM_WRITE_AND_UNLOCK 0x14
311 #define SMB_COM_READ_RAW 0x1A
312 #define SMB_COM_READ_MPX 0x1B
313 #define SMB_COM_READ_MPX_SECONDARY 0x1C
314 #define SMB_COM_WRITE_RAW 0x1D
315 #define SMB_COM_WRITE_MPX 0x1E
316 #define SMB_COM_WRITE_COMPLETE 0x20
317 #define SMB_COM_SET_INFORMATION2 0x22
318 #define SMB_COM_QUERY_INFORMATION2 0x23
319 #define SMB_COM_LOCKING_ANDX 0x24
320 #define SMB_COM_TRANSACTION 0x25
321 #define SMB_COM_TRANSACTION_SECONDARY 0x26
322 #define SMB_COM_IOCTL 0x27
323 #define SMB_COM_IOCTL_SECONDARY 0x28
324 #define SMB_COM_COPY 0x29
325 #define SMB_COM_MOVE 0x2A
326 #define SMB_COM_ECHO 0x2B
327 #define SMB_COM_WRITE_AND_CLOSE 0x2C
328 #define SMB_COM_OPEN_ANDX 0x2D
329 #define SMB_COM_READ_ANDX 0x2E
330 #define SMB_COM_WRITE_ANDX 0x2F
331 #define SMB_COM_CLOSE_AND_TREE_DISC 0x31
332 #define SMB_COM_TRANSACTION2 0x32
333 #define SMB_COM_TRANSACTION2_SECONDARY 0x33
334 #define SMB_COM_FIND_CLOSE2 0x34
335 #define SMB_COM_FIND_NOTIFY_CLOSE 0x35
336 #define SMB_COM_TREE_CONNECT 0x70
337 #define SMB_COM_TREE_DISCONNECT 0x71
338 #define SMB_COM_NEGOTIATE 0x72
339 #define SMB_COM_SESSION_SETUP_ANDX 0x73
340 #define SMB_COM_LOGOFF_ANDX 0x74
341 #define SMB_COM_TREE_CONNECT_ANDX 0x75
342 #define SMB_COM_QUERY_INFORMATION_DISK 0x80
343 #define SMB_COM_SEARCH 0x81
344 #define SMB_COM_FIND 0x82
345 #define SMB_COM_FIND_UNIQUE 0x83
346 #define SMB_COM_NT_TRANSACT 0xA0
347 #define SMB_COM_NT_TRANSACT_SECONDARY 0xA1
348 #define SMB_COM_NT_CREATE_ANDX 0xA2
349 #define SMB_COM_NT_CANCEL 0xA4
350 #define SMB_COM_OPEN_PRINT_FILE 0xC0
351 #define SMB_COM_WRITE_PRINT_FILE 0xC1
352 #define SMB_COM_CLOSE_PRINT_FILE 0xC2
353 #define SMB_COM_GET_PRINT_QUEUE 0xC3
354 #define SMB_COM_READ_BULK 0xD8
355 #define SMB_COM_WRITE_BULK 0xD9
356 #define SMB_COM_WRITE_BULK_DATA 0xDA
357
358 /*
359 * SMB_COM_TRANSACTION2 subcommands
360 */
361 #define SMB_TRANS2_OPEN2 0x00
362 #define SMB_TRANS2_FIND_FIRST2 0x01
363 #define SMB_TRANS2_FIND_NEXT2 0x02
364 #define SMB_TRANS2_QUERY_FS_INFORMATION 0x03
365 #define SMB_TRANS2_SETFSINFO 0x04
366 #define SMB_TRANS2_QUERY_PATH_INFORMATION 0x05
367 #define SMB_TRANS2_SET_PATH_INFORMATION 0x06
368 #define SMB_TRANS2_QUERY_FILE_INFORMATION 0x07
369 #define SMB_TRANS2_SET_FILE_INFORMATION 0x08
370 #define SMB_TRANS2_FSCTL 0x09
371 #define SMB_TRANS2_IOCTL2 0x0A
372 #define SMB_TRANS2_FIND_NOTIFY_FIRST 0x0B
373 #define SMB_TRANS2_FIND_NOTIFY_NEXT 0x0C
374 #define SMB_TRANS2_CREATE_DIRECTORY 0x0D
375 #define SMB_TRANS2_SESSION_SETUP 0x0E
376 #define SMB_TRANS2_GET_DFS_REFERRAL 0x10
377 #define SMB_TRANS2_REPORT_DFS_INCONSISTENCY 0x11
378
379 /*
380 * SMB_COM_NT_TRANSACT subcommands
381 */
382 #define NT_TRANSACT_CREATE 0x01
383 #define NT_TRANSACT_IOCTL 0x02
384 #define NT_TRANSACT_SET_SECURITY_DESC 0x03
385 #define NT_TRANSACT_NOTIFY_CHANGE 0x04
386 #define NT_TRANSACT_RENAME 0x05
387 #define NT_TRANSACT_QUERY_SECURITY_DESC 0x06
388 #define NT_TRANSACT_GET_USER_QUOTA 0x07
389 #define NT_TRANSACT_SET_USER_QUOTA 0x08
390
391 /*
392 * SMB_TRANS2_QUERY_FS_INFORMATION levels
393 */
394 #define SMB_QFS_ALLOCATION 1
395 #define SMB_QFS_VOLUME 2
396 #define SMB_QFS_LABEL_INFO 0x101
397 #define SMB_QFS_VOLUME_INFO 0x102
398 #define SMB_QFS_SIZE_INFO 0x103
399 #define SMB_QFS_DEVICE_INFO 0x104
400 #define SMB_QFS_ATTRIBUTE_INFO 0x105
401 #define SMB_QFS_UNIX_INFO 0x200
402 #define SMB_QFS_POSIX_WHOAMI 0x202
403 #define SMB_QFS_MAC_FS_INFO 0x301
404 #define SMB_QFS_VOLUME_INFORMATION 1001
405 #define SMB_QFS_SIZE_INFORMATION 1003
406 #define SMB_QFS_DEVICE_INFORMATION 1004
407 #define SMB_QFS_ATTRIBUTE_INFORMATION 1005
408 #define SMB_QFS_QUOTA_INFORMATION 1006
409 #define SMB_QFS_FULL_SIZE_INFORMATION 1007
410 #define SMB_QFS_OBJECTID_INFORMATION 1008
411
412 /*
413 * NT Notify Change Compeletion Filter
414 * NT Notify Actions
415 * (We don't use these.)
416 */
417
418 /*
419 * SMB_QFS_ATTRIBUTE_INFO bits.
420 * The following info found in msdn
421 * (http://msdn.microsoft.com/library/default.asp?
422 * url=/library/en-us/wmisdk/wmi/win32_cdromdrive.asp)
423 * Naming is mostly as in samba, to help Those Who Google.
424 */
425 #define FILE_CASE_SENSITIVE_SEARCH 0x00000001
426 #define FILE_CASE_PRESERVED_NAMES 0x00000002
427 #define FILE_UNICODE_ON_DISK 0x00000004
428 #define FILE_PERSISTENT_ACLS 0x00000008
429 #define FILE_FILE_COMPRESSION 0x00000010
430 #define FILE_VOLUME_QUOTAS 0x00000020
431 #define FILE_SUPPORTS_SPARSE_FILES 0x00000040
432 #define FILE_SUPPORTS_REPARSE_POINTS 0x00000080
433 #define FILE_SUPPORTS_REMOTE_STORAGE 0x00000100
434 #define FILE_SUPPORTS_LONG_NAMES 0x00004000
435 #define FILE_VOLUME_IS_COMPRESSED 0x00008000
436 #define FILE_SUPPORTS_OBJECT_IDS 0x00010000
437 #define FILE_SUPPORTS_ENCRYPTION 0x00020000
438 #define FILE_NAMED_STREAMS 0x00040000
439 #define FILE_READ_ONLY_VOLUME 0x00080000
440
441 /*
442 * SMB_TRANS2_QUERY_PATH levels
443 */
444 #define SMB_QFILEINFO_STANDARD 1
445 #define SMB_QFILEINFO_EA_SIZE 2
446 #define SMB_QFILEINFO_EAS_FROM_LIST 3
447 #define SMB_QFILEINFO_ALL_EAS 4
448 #define SMB_QFILEINFO_IS_NAME_VALID 6 /* QPATHINFO only? */
449 #define SMB_QFILEINFO_BASIC_INFO 0x101
450 #define SMB_QFILEINFO_STANDARD_INFO 0x102
451 #define SMB_QFILEINFO_EA_INFO 0x103
452 #define SMB_QFILEINFO_NAME_INFO 0x104
453 #define SMB_QFILEINFO_ALLOCATION_INFO 0x105
454 #define SMB_QFILEINFO_END_OF_FILE_INFO 0x106
455 #define SMB_QFILEINFO_ALL_INFO 0x107
456 #define SMB_QFILEINFO_ALT_NAME_INFO 0x108
457 #define SMB_QFILEINFO_STREAM_INFO 0x109
458 #define SMB_QFILEINFO_COMPRESSION_INFO 0x10b
459 #define SMB_QFILEINFO_UNIX_BASIC 0x200
460 #define SMB_QFILEINFO_UNIX_LINK 0x201
461 #define SMB_QFILEINFO_POSIX_ACL 0x204
462 #define SMB_QFILEINFO_UNIX_INFO2 0x20B
463 #define SMB_QFILEINFO_MAC_DT_GET_APPL 0x306
464 #define SMB_QFILEINFO_MAC_DT_GET_ICON 0x307
465 #define SMB_QFILEINFO_MAC_DT_GET_ICON_INFO 0x308
466 #define SMB_QFILEINFO_MAC_SPOTLIGHT 0x310
467 #define SMB_QFILEINFO_BASIC_INFORMATION 1004
468 #define SMB_QFILEINFO_STANDARD_INFORMATION 1005
469 #define SMB_QFILEINFO_INTERNAL_INFORMATION 1006
470 #define SMB_QFILEINFO_EA_INFORMATION 1007
471 #define SMB_QFILEINFO_ACCESS_INFORMATION 1008
472 #define SMB_QFILEINFO_NAME_INFORMATION 1009
473 #define SMB_QFILEINFO_POSITION_INFORMATION 1014
474 #define SMB_QFILEINFO_MODE_INFORMATION 1016
475 #define SMB_QFILEINFO_ALIGNMENT_INFORMATION 1017
476 #define SMB_QFILEINFO_ALL_INFORMATION 1018
477 #define SMB_QFILEINFO_ALT_NAME_INFORMATION 1021
478 #define SMB_QFILEINFO_STREAM_INFORMATION 1022
479 #define SMB_QFILEINFO_COMPRESSION_INFORMATION 1028
480 #define SMB_QFILEINFO_NETWORK_OPEN_INFORMATION 1034
481 #define SMB_QFILEINFO_ATTRIBUTE_TAG_INFORMATION 1035
482
483 /*
484 * SMB_TRANS2_FIND_FIRST2 information levels
485 */
486 #define SMB_FIND_STANDARD 1
487 #define SMB_FIND_EA_SIZE 2
488 #define SMB_FIND_EAS_FROM_LIST 3
489 #define SMB_FIND_DIRECTORY_INFO 0x101
490 #define SMB_FIND_FULL_DIRECTORY_INFO 0x102
491 #define SMB_FIND_NAME_INFO 0x103
492 #define SMB_FIND_BOTH_DIRECTORY_INFO 0x104
493 #define SMB_FIND_UNIX_INFO 0x200
494 /* Transact 2 Find First levels */
495 #define SMB_FIND_FILE_UNIX 0x202
496 #define SMB_FIND_FILE_UNIX_INFO2 0x20B /* UNIX File Info2 */
497
498 /*
499 * Selectors for NT_TRANSACT_QUERY_SECURITY_DESC and
500 * NT_TRANSACT_SET_SECURITY_DESC. Details found in the MSDN
501 * library by searching on security_information.
502 * Note the protected/unprotected bits did not exist in NT.
503 */
504
505 #define OWNER_SECURITY_INFORMATION 0x00000001
506 #define GROUP_SECURITY_INFORMATION 0x00000002
507 #define DACL_SECURITY_INFORMATION 0x00000004
508 #define SACL_SECURITY_INFORMATION 0x00000008
509 #define UNPROTECTED_SACL_SECURITY_INFORMATION 0x10000000
510 #define UNPROTECTED_DACL_SECURITY_INFORMATION 0x20000000
511 #define PROTECTED_SACL_SECURITY_INFORMATION 0x40000000
512 #define PROTECTED_DACL_SECURITY_INFORMATION 0x80000000
513
514 /*
515 * security descriptor header
516 * it is followed by the optional SIDs and ACLs
517 * note this is "raw", ie little-endian
518 */
519 struct ntsecdesc {
520 uint8_t sd_revision; /* 0x01 observed between W2K */
521 uint8_t sd_pad1;
522 uint16_t sd_flags;
523 uint32_t sd_owneroff; /* offset to owner SID */
524 uint32_t sd_groupoff; /* offset to group SID */
525 uint32_t sd_sacloff; /* offset to system/audit ACL */
526 uint32_t sd_dacloff; /* offset to discretionary ACL */
527 }; /* XXX: __attribute__((__packed__)); */
528 typedef struct ntsecdesc ntsecdesc_t;
529
530 #define wset_sdrevision(s) ((s)->sd_revision = 0x01)
531 #define sdflags(s) (letohs((s)->sd_flags))
532 #define wset_sdflags(s, f) ((s)->sd_flags = letohs(f))
533 #define sdowner(s) \
534 ((struct ntsid *)((s)->sd_owneroff ? \
535 (char *)(s) + letohl((s)->sd_owneroff) : \
536 NULL))
537 #define wset_sdowneroff(s, o) ((s)->sd_owneroff = htolel(o))
538 #define sdgroup(s) \
539 ((struct ntsid *)((s)->sd_groupoff ? \
540 (char *)(s) + letohl((s)->sd_groupoff) : \
541 NULL))
542 #define wset_sdgroupoff(s, o) ((s)->sd_groupoff = htolel(o))
543 #define sdsacl(s) \
544 ((struct ntacl *)((s)->sd_sacloff ? \
545 (char *)(s) + letohl((s)->sd_sacloff) : \
546 NULL))
547 #define wset_sdsacloff(s, o) ((s)->sd_sacloff = htolel(o))
548 #define sddacl(s) \
549 ((struct ntacl *)((s)->sd_dacloff ? \
550 (char *)(s) + letohl((s)->sd_dacloff) : \
551 NULL))
552 #define wset_sddacloff(s, o) ((s)->sd_dacloff = htolel(o))
553
554 /*
555 * sd_flags bits
556 */
557 #define SD_OWNER_DEFAULTED 0x0001
558 #define SD_GROUP_DEFAULTED 0x0002
559 #define SD_DACL_PRESENT 0x0004
560 #define SD_DACL_DEFAULTED 0x0008
561 #define SD_SACL_PRESENT 0x0010
562 #define SD_SACL_DEFAULTED 0x0020
563 #define SD_DACL_TRUSTED 0x0040
564 #define SD_SERVER_SECURITY 0x0080
565 #define SD_DACL_AUTO_INHERIT_REQ 0x0100
566 #define SD_SACL_AUTO_INHERIT_REQ 0x0200
567 #define SD_DACL_AUTO_INHERITED 0x0400
568 #define SD_SACL_AUTO_INHERITED 0x0800
569 #define SD_DACL_PROTECTED 0x1000
570 #define SD_SACL_PROTECTED 0x2000
571 #define SD_RM_CONTROL_VALID 0x4000
572 #define SD_SELF_RELATIVE 0x8000
573
574 /*
575 * access control list header
576 * it is followed by the ACEs
577 * note this is "raw", ie little-endian
578 */
579 struct ntacl {
580 uint8_t acl_revision; /* 0x02 observed with W2K */
581 uint8_t acl_pad1;
582 uint16_t acl_len; /* bytes; includes this header */
583 uint16_t acl_acecount;
584 uint16_t acl_pad2;
585 }; /* XXX: __attribute__((__packed__)); */
586 typedef struct ntacl ntacl_t;
587
588 #define wset_aclrevision(a) ((a)->acl_revision = 0x02)
589 #define acllen(a) (letohs((a)->acl_len))
590 #define wset_acllen(a, l) ((a)->acl_len = htoles(l))
591 #define aclacecount(a) (letohs((a)->acl_acecount))
592 #define wset_aclacecount(a, c) ((a)->acl_acecount = htoles(c))
593 #define aclace(a) ((struct ntace *)((char *)(a) + sizeof (struct ntacl)))
594
595 /*
596 * access control entry header
597 * it is followed by type-specific ace data,
598 * which for the simple types is just a SID
599 * note this is "raw", ie little-endian
600 */
601 struct ntace {
602 uint8_t ace_type;
603 uint8_t ace_flags;
604 uint16_t ace_len; /* bytes; includes this header */
605 uint32_t ace_rights; /* generic, standard, specific, etc */
606 }; /* XXX: __attribute__((__packed__)); */
607
608 #define acetype(a) ((a)->ace_type)
609 #define wset_acetype(a, t) ((a)->ace_type = (t))
610 #define aceflags(a) ((a)->ace_flags)
611 #define wset_aceflags(a, f) ((a)->ace_flags = (f))
612 #define acelen(a) (letohs((a)->ace_len))
613 #define wset_acelen(a, l) ((a)->ace_len = htoles(l))
614 #define acerights(a) (letohl((a)->ace_rights))
615 #define wset_acerights(a, r) ((a)->ace_rights = htolel(r))
616 #define aceace(a) ((struct ntace *)((char *)(a) + acelen(a)))
617 #define acesid(a) ((struct ntsid *)((char *)(a) + sizeof (struct ntace)))
618
619 /*
620 * ace_rights
621 * (Samba bit names are used here, with permission, as the shorter Windows
622 * names are more likely to cause namespace collisions)
623 */
624 #define SA_RIGHT_FILE_READ_DATA 0x00000001
625 #define SA_RIGHT_FILE_WRITE_DATA 0x00000002
626 #define SA_RIGHT_FILE_APPEND_DATA 0x00000004
627 #define SA_RIGHT_FILE_READ_EA 0x00000008
628 #define SA_RIGHT_FILE_WRITE_EA 0x00000010
629 #define SA_RIGHT_FILE_EXECUTE 0x00000020
630 #define SA_RIGHT_FILE_DELETE_CHILD 0x00000040
631 #define SA_RIGHT_FILE_READ_ATTRIBUTES 0x00000080
632 #define SA_RIGHT_FILE_WRITE_ATTRIBUTES 0x00000100
633 #define SA_RIGHT_FILE_ALL_ACCESS 0x000001FF
634
635 #define STD_RIGHT_DELETE_ACCESS 0x00010000
636 #define STD_RIGHT_READ_CONTROL_ACCESS 0x00020000
637 #define STD_RIGHT_WRITE_DAC_ACCESS 0x00040000
638 #define STD_RIGHT_WRITE_OWNER_ACCESS 0x00080000
639 #define STD_RIGHT_SYNCHRONIZE_ACCESS 0x00100000
640 #define STD_RIGHT_ALL_ACCESS 0x001F0000
641
642 #define SEC_RIGHT_SYSTEM_SECURITY 0x01000000
643 /*
644 * Don't use MAXIMUM_ALLOWED as Samba (2.2.3 at least) will
645 * return NT_STATUS_INVALID_LOCK_SEQUENCE
646 */
647 #define SEC_RIGHT_MAXIMUM_ALLOWED 0x02000000
648
649 #define GENERIC_RIGHT_ALL_ACCESS 0x10000000
650 #define GENERIC_RIGHT_EXECUTE_ACCESS 0x20000000
651 #define GENERIC_RIGHT_WRITE_ACCESS 0x40000000
652 #define GENERIC_RIGHT_READ_ACCESS 0x80000000
653
654 /*
655 * these mappings are from Windows sample code but are likely incomplete
656 *
657 * GENERIC_RIGHT_READ_ACCESS :
658 * STD_RIGHT_SYNCHRONIZE_ACCESS |
659 * STD_RIGHT_READ_CONTROL_ACCESS |
660 * SA_RIGHT_FILE_READ_ATTRIBUTES |
661 * SA_RIGHT_FILE_READ_EA |
662 * SA_RIGHT_FILE_READ_DATA
663 * GENERIC_RIGHT_WRITE_ACCESS :
664 * STD_RIGHT_SYNCHRONIZE_ACCESS |
665 * STD_RIGHT_READ_CONTROL_ACCESS |
666 * SA_RIGHT_FILE_WRITE_ATTRIBUTES |
667 * SA_RIGHT_FILE_WRITE_EA |
668 * SA_RIGHT_FILE_APPEND_DATA |
669 * SA_RIGHT_FILE_WRITE_DATA
670 * GENERIC_RIGHT_EXECUTE_ACCESS :
671 * STD_RIGHT_SYNCHRONIZE_ACCESS |
672 * STD_RIGHT_READ_CONTROL_ACCESS |
673 * SA_RIGHT_FILE_READ_ATTRIBUTES |
674 * SA_RIGHT_FILE_EXECUTE
675 * GENERIC_RIGHT_ALL_ACCESS :
676 * STD_RIGHT_SYNCHRONIZE_ACCESS |
677 * STD_RIGHT_WRITE_OWNER_ACCESS |
678 * STD_RIGHT_WRITE_DAC_ACCESS |
679 * STD_RIGHT_READ_CONTROL_ACCESS |
680 * STD_RIGHT_DELETE_ACCESS |
681 * SA_RIGHT_FILE_ALL_ACCESS
682 */
683
684 /*
685 * security identifier header
686 * it is followed by sid_numauth sub-authorities,
687 * which are 32 bits each.
688 * note the subauths are little-endian on the wire, but
689 * need to be big-endian for memberd/DS
690 */
691 #define SIDAUTHSIZE 6
692 struct ntsid {
693 uint8_t sid_revision;
694 uint8_t sid_subauthcount;
695 uint8_t sid_authority[SIDAUTHSIZE]; /* ie not little endian */
696 }; /* XXX: __attribute__((__packed__)); */
697 typedef struct ntsid ntsid_t;
698
699 #define sidsubauthcount(s) (s->sid_subauthcount)
700 #define sidlen(s) (sizeof (struct ntsid) + 4 * (s)->sid_subauthcount)
701 #define MAXSIDLEN (sizeof (struct ntsid) + 4 * KAUTH_NTSID_MAX_AUTHORITIES)
702 #define sidsub(s) ((uint32_t *)((char *)(s) + sizeof (struct ntsid)))
703
704 /*
705 * MS' defined values for ace_type
706 */
707 #define ACCESS_ALLOWED_ACE_TYPE 0x0
708 #define ACCESS_DENIED_ACE_TYPE 0x1
709 #define SYSTEM_AUDIT_ACE_TYPE 0x2
710 #define SYSTEM_ALARM_ACE_TYPE 0x3
711 #define ACCESS_ALLOWED_COMPOUND_ACE_TYPE 0x4
712 #define ACCESS_ALLOWED_OBJECT_ACE_TYPE 0x5
713 #define ACCESS_DENIED_OBJECT_ACE_TYPE 0x6
714 #define SYSTEM_AUDIT_OBJECT_ACE_TYPE 0x7
715 #define SYSTEM_ALARM_OBJECT_ACE_TYPE 0x8
716 #define ACCESS_ALLOWED_CALLBACK_ACE_TYPE 0x9
717 #define ACCESS_DENIED_CALLBACK_ACE_TYPE 0xA
718 #define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE 0xB
719 #define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE 0xC
720 #define SYSTEM_AUDIT_CALLBACK_ACE_TYPE 0xD
721 #define SYSTEM_ALARM_CALLBACK_ACE_TYPE 0xE
722 #define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE 0xF
723 #define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE 0x10
724
725 /*
726 * MS' defined values for ace_flags
727 */
728 #define OBJECT_INHERIT_ACE_FLAG 0x01
729 #define CONTAINER_INHERIT_ACE_FLAG 0x02
730 #define NO_PROPAGATE_INHERIT_ACE_FLAG 0x04
731 #define INHERIT_ONLY_ACE_FLAG 0x08
732 #define INHERITED_ACE_FLAG 0x10
733 #define UNDEF_ACE_FLAG 0x20 /* MS doesn't define it */
734 #define VALID_INHERIT_ACE_FLAGS 0x1F
735 #define SUCCESSFUL_ACCESS_ACE_FLAG 0x40
736 #define FAILED_ACCESS_ACE_FLAG 0x80
737
738 /*
739 * Set PATH/FILE information levels
740 */
741 #define SMB_SFILEINFO_STANDARD 1
742 #define SMB_SFILEINFO_EA_SET 2
743 #define SMB_SFILEINFO_BASIC_INFO 0x101
744 #define SMB_SFILEINFO_DISPOSITION_INFO 0x102
745 #define SMB_SFILEINFO_ALLOCATION_INFO 0x103
746 #define SMB_SFILEINFO_END_OF_FILE_INFO 0x104
747 #define SMB_SFILEINFO_UNIX_BASIC 0x200
748 #define SMB_SFILEINFO_UNIX_LINK 0x201
749 #define SMB_SFILEINFO_UNIX_HLINK 0x203
750 #define SMB_SFILEINFO_POSIX_ACL 0x204
751 #define SMB_SFILEINFO_POSIX_UNLINK 0x20A
752 #define SMB_SFILEINFO_UNIX_INFO2 0x20B
753 #define SMB_SFILEINFO_DIRECTORY_INFORMATION 1001
754 #define SMB_SFILEINFO_FULL_DIRECTORY_INFORMATION 1002
755 #define SMB_SFILEINFO_BOTH_DIRECTORY_INFORMATION 1003
756 #define SMB_SFILEINFO_BASIC_INFORMATION 1004
757 #define SMB_SFILEINFO_STANDARD_INFORMATION 1005
758 #define SMB_SFILEINFO_INTERNAL_INFORMATION 1006
759 #define SMB_SFILEINFO_EA_INFORMATION 1007
760 #define SMB_SFILEINFO_ACCESS_INFORMATION 1008
761 #define SMB_SFILEINFO_NAME_INFORMATION 1009
762 #define SMB_SFILEINFO_RENAME_INFORMATION 1010
763 #define SMB_SFILEINFO_LINK_INFORMATION 1011
764 #define SMB_SFILEINFO_NAMES_INFORMATION 1012
765 #define SMB_SFILEINFO_DISPOSITION_INFORMATION 1013
766 #define SMB_SFILEINFO_POSITION_INFORMATION 1014
767 #define SMB_SFILEINFO_1015 1015 /* ? */
768 #define SMB_SFILEINFO_MODE_INFORMATION 1016
769 #define SMB_SFILEINFO_ALIGNMENT_INFORMATION 1017
770 #define SMB_SFILEINFO_ALL_INFORMATION 1018
771 #define SMB_SFILEINFO_ALLOCATION_INFORMATION 1019
772 #define SMB_SFILEINFO_END_OF_FILE_INFORMATION 1020
773 #define SMB_SFILEINFO_ALT_NAME_INFORMATION 1021
774 #define SMB_SFILEINFO_STREAM_INFORMATION 1022
775 #define SMB_SFILEINFO_PIPE_INFORMATION 1023
776 #define SMB_SFILEINFO_PIPE_LOCAL_INFORMATION 1024
777 #define SMB_SFILEINFO_PIPE_REMOTE_INFORMATION 1025
778 #define SMB_SFILEINFO_MAILSLOT_QUERY_INFORMATION 1026
779 #define SMB_SFILEINFO_MAILSLOT_SET_INFORMATION 1027
780 #define SMB_SFILEINFO_COMPRESSION_INFORMATION 1028
781 #define SMB_SFILEINFO_OBJECT_ID_INFORMATION 1029
782 #define SMB_SFILEINFO_COMPLETION_INFORMATION 1030
783 #define SMB_SFILEINFO_MOVE_CLUSTER_INFORMATION 1031
784 #define SMB_SFILEINFO_QUOTA_INFORMATION 1032
785 #define SMB_SFILEINFO_REPARSE_POINT_INFORMATION 1033
786 #define SMB_SFILEINFO_NETWORK_OPEN_INFORMATION 1034
787 #define SMB_SFILEINFO_ATTRIBUTE_TAG_INFORMATION 1035
788 #define SMB_SFILEINFO_TRACKING_INFORMATION 1036
789 #define SMB_SFILEINFO_MAXIMUM_INFORMATION 1037
790
791 /*
792 * LOCKING_ANDX LockType flags
793 */
794 #define SMB_LOCKING_ANDX_SHARED_LOCK 0x01
795 #define SMB_LOCKING_ANDX_OPLOCK_RELEASE 0x02
796 #define SMB_LOCKING_ANDX_CHANGE_LOCKTYPE 0x04
797 #define SMB_LOCKING_ANDX_CANCEL_LOCK 0x08
798 #define SMB_LOCKING_ANDX_LARGE_FILES 0x10
799
800
801 /*
802 * size of the GUID returned in an extended security negotiate response
803 */
804 #define SMB_GUIDLEN 16
805
806 typedef uint16_t smbfh;
807
808 /*
809 * NTLMv2 blob header structure.
810 */
811 struct ntlmv2_blobhdr {
812 uint32_t header;
813 uint32_t reserved;
814 uint64_t timestamp;
815 uint64_t client_nonce;
816 uint32_t unknown1;
817 };
818 typedef struct ntlmv2_blobhdr ntlmv2_blobhdr_t;
819
820 /*
821 * NTLMv2 name header structure, for names in a blob.
822 */
823 struct ntlmv2_namehdr {
824 uint16_t type;
825 uint16_t len;
826 };
827 typedef struct ntlmv2_namehdr ntlmv2_namehdr_t;
828
829 #define NAMETYPE_EOL 0x0000 /* end of list of names */
830 #define NAMETYPE_MACHINE_NB 0x0001 /* NetBIOS machine name */
831 #define NAMETYPE_DOMAIN_NB 0x0002 /* NetBIOS domain name */
832 #define NAMETYPE_MACHINE_DNS 0x0003 /* DNS machine name */
833 #define NAMETYPE_DOMAIN_DNS 0x0004 /* DNS Active Directory domain name */
834
835 /*
836 * Named pipe commands.
837 */
838 #define TRANS_CALL_NAMED_PIPE 0x54 /* open/write/read/close pipe */
839 #define TRANS_WAIT_NAMED_PIPE 0x53 /* wait for pipe to be !busy */
840 #define TRANS_PEEK_NAMED_PIPE 0x23 /* read but don't remove data */
841 #define TRANS_Q_NAMED_PIPE_HAND_STATE 0x21 /* query pipe handle modes */
842 #define TRANS_SET_NAMED_PIPE_HAND_STATE 0x01 /* set pipe handle modes */
843 #define TRANS_Q_NAMED_PIPE_INFO 0x22 /* query pipe attributes */
844 #define TRANS_TRANSACT_NAMED_PIPE 0x26 /* r/w operation on pipe */
845 #define TRANS_READ_NAMED_PIPE 0x11 /* read pipe in "raw" mode */
846 /* (non message mode) */
847 #define TRANS_WRITE_NAMED_PIPE 0x31 /* write pipe "raw" mode */
848 /* (non message mode) */
849
850 /*
851 * Share types, visible via NetShareEnum
852 */
853 #define STYPE_DISKTREE 0x00000000
854 #define STYPE_PRINTQ 0x00000001
855 #define STYPE_DEVICE 0x00000002
856 #define STYPE_IPC 0x00000003
857 #define STYPE_UNKNOWN 0x00000004
858 #define STYPE_MASK 0x0000000F
859 #define STYPE_TEMPORARY 0x40000000
860 #define STYPE_HIDDEN 0x80000000
861
862 /*
863 * Characters that are not allowed in an SMB file name component.
864 * From MSDN: Naming Files, Paths, ...
865 * < (less than)
866 * > (greater than)
867 * : (colon)
868 * " (double quote)
869 * / (forward slash)
870 * \ (backslash)
871 * | (vertical bar or pipe)
872 * ? (question mark)
873 * * (asterisk)
874 */
875 #define SMB_FILENAME_INVALID_CHARS "<>:\"/\\|?*"
876
877 #endif /* _NETSMB_SMB_H_ */