1 /*
2 * This file and its contents are supplied under the terms of the
3 * Common Development and Distribution License ("CDDL"), version 1.0.
4 * You may only use this file in accordance with the terms of version
5 * 1.0 of the CDDL.
6 *
7 * A full copy of the text of the CDDL should have accompanied this
8 * source. A copy of the CDDL is also available via the Internet at
9 * http://www.illumos.org/license/CDDL.
10 */
11
12 /*
13 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
14 */
15
16 #ifndef _SMB_SMB2_H
17 #define _SMB_SMB2_H
18
19 #ifdef __cplusplus
20 extern "C" {
21 #endif
22
23 #define SMB2_PROTOCOL_ID { 0xFE, 'S', 'M', 'B' }
24 #define SMB2_HDR_SIZE 64
25
26 /*
27 * SMB2 header command codes.
28 * These are uint16_t on the wire.
29 */
30 typedef enum {
31 SMB2_NEGOTIATE = 0,
32 SMB2_SESSION_SETUP,
33 SMB2_LOGOFF,
34 SMB2_TREE_CONNECT,
35 SMB2_TREE_DISCONNECT,
36 SMB2_CREATE,
37 SMB2_CLOSE,
38 SMB2_FLUSH,
39 SMB2_READ,
40 SMB2_WRITE,
41 SMB2_LOCK,
42 SMB2_IOCTL,
43 SMB2_CANCEL,
44 SMB2_ECHO,
45 SMB2_QUERY_DIRECTORY,
46 SMB2_CHANGE_NOTIFY,
47 SMB2_QUERY_INFO,
48 SMB2_SET_INFO,
49 SMB2_OPLOCK_BREAK,
50 /*
51 * The above (oplock break) is the last real SMB2 op-code.
52 * We use one more slot to represent invalid commands, and
53 * the final enum value is used for array sizes. Keep last!
54 */
55 SMB2_INVALID_CMD,
56 SMB2__NCMDS
57 } SMB2_cmd_code;
58
59 /*
60 * SMB2 header flags.
61 */
62
63 /*
64 * SERVER_TO_REDIR
65 * When set, indicates the message is a response rather than
66 * a request. This MUST be set on responses sent from the
67 * server to the client, and MUST NOT be set on requests
68 * sent from the client to the server.
69 */
70 #define SMB2_FLAGS_SERVER_TO_REDIR 0x00000001
71
72 /*
73 * ASYNC_COMMAND
74 * When set, indicates that this is an ASYNC SMB2 header.
75 * Always set for headers of the form described in this
76 * section.
77 */
78 #define SMB2_FLAGS_ASYNC_COMMAND 0x00000002
79
80 /*
81 * RELATED_OPERATIONS
82 * When set in an SMB2 request, indicates that this request
83 * is a related operation in a compounded request chain.
84 * [MS-SMB2 sec. 3.2.4.1.4]
85 *
86 * When set in an SMB2 compound response, indicates that
87 * the request corresponding to this response was part of a
88 * related operation in a compounded request chain.
89 * [MS-SMB2 sec. 3.3.5.2.7.2]
90 */
91 #define SMB2_FLAGS_RELATED_OPERATIONS 0x00000004
92
93 /*
94 * SIGNED
95 * When set, indicates that this packet has been signed.
96 * [MS-SMB2 3.1.5.1]
97 */
98 #define SMB2_FLAGS_SIGNED 0x00000008
99
100 /*
101 * [MS-SMB2] 3.2.5.3.1 The SessionKey MUST be set to the
102 * first 16 bytes of the cryptographic key from GSSAPI.
103 * (Padded with zeros if the GSSAPI key is shorter.)
104 */
105 #define SMB2_SESSION_KEY_LEN 16
106
107 /*
108 * DFS_OPERATIONS
109 * When set, indicates that this command is a Distributed
110 * File System (DFS) operation. [MS-SMB2 3.3.5.9]
111 */
112 #define SMB2_FLAGS_DFS_OPERATIONS 0x10000000
113
114 /*
115 * REPLAY_OPERATION
116 * This flag is only valid for the SMB 3.0 dialect. When set,
117 * it indicates that this command is a replay operation.
118 * The client MUST ignore this bit on receipt.
119 */
120 #define SMB2_FLAGS_REPLAY_OPERATION 0x20000000
121
122 /*
123 * SMB2 Netgotiate [MS-SMB2 2.2.3]
124 */
125
126 #define SMB2_NEGOTIATE_SIGNING_ENABLED 0x01
127 #define SMB2_NEGOTIATE_SIGNING_REQUIRED 0x02
128
129 #define SMB2_CAP_DFS 0x00000001
130
131 /* Added with SMB2.1 */
132 #define SMB2_CAP_DFS 0x00000001
133 #define SMB2_CAP_LEASING 0x00000002
134 /*
135 * LARGE_MTU:
136 * When set, indicates that the client supports multi-credit operations.
137 */
138 #define SMB2_CAP_LARGE_MTU 0x00000004
139
140 /* Added with SMB3.0 */
141 #define SMB2_CAP_MULTI_CHANNEL 0x00000008
142 #define SMB2_CAP_PERSISTENT_HANDLES 0x00000010
143 #define SMB2_CAP_DIRECTORY_LEASING 0x00000020
144 #define SMB2_CAP_ENCRYPTION 0x00000040
145
146 /* SMB2 session flags */
147 #define SMB2_SESSION_FLAG_IS_GUEST 0x0001
148 #define SMB2_SESSION_FLAG_IS_NULL 0x0002
149 #define SMB2_SESSION_FLAG_ENCRYPT_DATA 0x0004
150
151 /*
152 * SMB2 Tree connect, disconnect
153 */
154
155 /* SMB2 sharetype flags */
156 #define SMB2_SHARE_TYPE_DISK 0x1
157 #define SMB2_SHARE_TYPE_PIPE 0x2
158 #define SMB2_SHARE_TYPE_PRINT 0x3
159
160 /* SMB2 share flags */
161 #define SMB2_SHAREFLAG_MANUAL_CACHING 0x00000000
162 #define SMB2_SHAREFLAG_AUTO_CACHING 0x00000010
163 #define SMB2_SHAREFLAG_VDO_CACHING 0x00000020
164 #define SMB2_SHAREFLAG_NO_CACHING 0x00000030
165 #define SMB2_SHAREFLAG_DFS 0x00000001
166 #define SMB2_SHAREFLAG_DFS_ROOT 0x00000002
167 #define SMB2_SHAREFLAG_RESTRICT_EXCLUSIVE_OPENS 0x00000100
168 #define SMB2_SHAREFLAG_FORCE_SHARED_DELETE 0x00000200
169 #define SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING 0x00000400
170 #define SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM 0x00000800
171 #define SMB2_SHAREFLAG_FORCE_LEVELII_OPLOCK 0x00001000
172 /* SMB 3.0 */
173 #define SMB2_SHAREFLAG_ENABLE_HASH_V1 0x00002000
174 #define SMB2_SHAREFLAG_ENABLE_HASH_V2 0x00004000
175 #define SMB2_SHAREFLAG_ENCRYPT_DATA 0x00008000
176
177 /* SMB2 share capabilities */
178 #define SMB2_SHARE_CAP_DFS 0x00000008
179 /* SMB 3.0 */
180 #define SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY 0x00000010
181 #define SMB2_SHARE_CAP_SCALEOUT 0x00000020
182 #define SMB2_SHARE_CAP_CLUSTER 0x00000040
183
184 /*
185 * SMB2 Create (open)
186 */
187
188 /* SMB2 requested oplock levels */
189 #define SMB2_OPLOCK_LEVEL_NONE 0x00
190 #define SMB2_OPLOCK_LEVEL_II 0x01
191 #define SMB2_OPLOCK_LEVEL_EXCLUSIVE 0x08
192 #define SMB2_OPLOCK_LEVEL_BATCH 0x09
193 #define SMB2_OPLOCK_LEVEL_LEASE 0xFF
194
195 /* SMB2 impersonation levels */
196 #define SMB2_IMPERSONATION_ANONYMOUS 0x00
197 #define SMB2_IMPERSONATION_IDENTIFICATION 0x01
198 #define SMB2_IMPERSONATION_IMPERSONATION 0x02
199 #define SMB2_IMPERSONATION_DELEGATE 0x03
200
201 /*
202 * Note: ShareAccess, CreateDispositon, CreateOptions,
203 * all use the same definitions as SMB1 (from MS-FSA).
204 * Ditto FileAccess flags (as with ACLs)
205 */
206
207 /* SMB2 Create Context tags */
208
209 #define SMB2_CREATE_EA_BUFFER 0x45787441 /* ("ExtA") */
210 /*
211 * The data contains the extended attributes
212 * that MUST be stored on the created file.
213 * This value MUST NOT be set for named
214 * pipes and print files.
215 */
216
217 #define SMB2_CREATE_SD_BUFFER 0x53656344 /* ("SecD") */
218 /*
219 * The data contains a security descriptor that
220 * MUST be stored on the created file.
221 * This value MUST NOT be set for named
222 * pipes and print files.
223 */
224
225 #define SMB2_CREATE_DURABLE_HANDLE_REQUEST 0x44486e51 /* ("DHnQ") */
226 /* The client is requesting the open to be durable */
227
228 #define SMB2_CREATE_DURABLE_HANDLE_RECONNECT 0x44486e43 /* ("DHnC") */
229 /*
230 * The client is requesting to reconnect to a
231 * durable open after being disconnected
232 */
233
234 #define SMB2_CREATE_ALLOCATION_SIZE 0x416c5369 /* ("AISi") */
235 /*
236 * The data contains the required allocation
237 * size of the newly created file.
238 */
239
240 #define SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQ 0x4d784163 /* ("MxAc") */
241 /*
242 * The client is requesting that the server
243 * return maximal access information.
244 */
245
246 #define SMB2_CREATE_TIMEWARP_TOKEN 0x54577270 /* ("TWrp") */
247 /*
248 * The client is requesting that the server
249 * open an earlier version of the file identified
250 * by the provided time stamp.
251 */
252
253 #define SMB2_CREATE_QUERY_ON_DISK_ID 0x51466964 /* ("QFid") */
254 /*
255 * The client is requesting that the server return a 32-byte
256 * opaque BLOB that uniquely identifies the file being opened
257 * on disk. No data is passed to the server by the client.
258 */
259
260 #define SMB2_CREATE_REQUEST_LEASE 0x52714c73 /* ("RqLs") */
261 /*
262 * The client is requesting that the server return a lease.
263 * This value is only supported for the SMB 2.1 and 3.0 dialects.
264 */
265
266 /* SMB2 create request lease */
267 #define SMB2_LEASE_NONE 0x00
268 #define SMB2_LEASE_READ_CACHING 0x01
269 #define SMB2_LEASE_HANDLE_CACHING 0x02
270 #define SMB2_LEASE_WRITE_CACHING 0x04
271
272 /* SMB2 lease break notification flags */
273 #define SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED 0x01
274
275 /*
276 * SMB2 Close
277 */
278 #define SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB 0x0001
279
280 /*
281 * SMB2 Write
282 */
283 #define SMB2_WRITEFLAG_WRITE_THROUGH 0x00000001
284
285 /*
286 * SMB2 Lock Request
287 */
288
289 /* SMB2 lock flags */
290
291 /*
292 * SMB2_LOCKFLAG_SHARED_LOCK
293 * The range MUST be locked shared, allowing other opens
294 * to read from or take a shared lock on the range. All opens
295 * MUST NOT be allowed to write within the range. Other
296 * locks can be requested and taken on this range.
297 */
298 #define SMB2_LOCKFLAG_SHARED_LOCK 0x00000001
299
300 /*
301 * SMB2_LOCKFLAG_EXCLUSIVE_LOCK
302 * The range MUST be locked exclusive, not allowing other
303 * opens to read, write, or lock within the range.
304 */
305 #define SMB2_LOCKFLAG_EXCLUSIVE_LOCK 0x00000002
306
307 /*
308 * SMB2_LOCKFLAG_UNLOCK
309 * The range MUST be unlocked from a previous lock taken
310 * on this range. The unlock range MUST be identical to the
311 * lock range. Sub-ranges cannot be unlocked.
312 */
313 #define SMB2_LOCKFLAG_UNLOCK 0x00000004
314
315 /*
316 * SMB2_LOCKFLAG_FAIL_IMMEDIATELY
317 * The lock operation MUST fail immediately if it conflicts
318 * with an existing lock, instead of waiting for the range to
319 * become available. This can be OR'ed with either of
320 * shared_lock, exclusive_lock (nothing else).
321 */
322 #define SMB2_LOCKFLAG_FAIL_IMMEDIATELY 0x00000010
323
324 /*
325 * SMB2 Ioctl Request
326 */
327 #define SMB2_0_IOCTL_IS_FSCTL 0x00000001
328
329
330 /*
331 * SMB2 Query Directory
332 */
333
334 /*
335 * SMB2 query directory info levels
336 * Same as SMB1 (see ntifs.h)
337 */
338
339 /*
340 * SMB2 Query Directory Flags
341 * (our own names for these - spec. used poor names)
342 */
343 #define SMB2_QDIR_FLAG_RESTART 0x01 /* SMB2_RESTART_SCANS */
344 #define SMB2_QDIR_FLAG_SINGLE 0x02 /* SMB2_RETURN_SINGLE_ENTRY */
345 #define SMB2_QDIR_FLAG_INDEX 0x04 /* SMB2_INDEX_SPECIFIED */
346 #define SMB2_QDIR_FLAG_REOPEN 0x10 /* SMB2_REOPEN */
347
348 /*
349 * SMB2 Query Info Request
350 */
351
352 /* info type */
353 #define SMB2_0_INFO_FILE 0x01
354 /* The file information is requested. */
355 #define SMB2_0_INFO_FILESYSTEM 0x02
356 /* The underlying object store information is requested. */
357 #define SMB2_0_INFO_SECURITY 0x03
358 /* The security information is requested. */
359 #define SMB2_0_INFO_QUOTA 0x04
360 /* The underlying object store quota information is requested. */
361
362 /*
363 * SMB2 Change Nofity Request
364 */
365 #define SMB2_WATCH_TREE 0x00000001
366
367 #ifdef __cplusplus
368 }
369 #endif
370
371 #endif /* _SMB_SMB2_H */