1 /*
2 * This file and its contents are supplied under the terms of the
3 * Common Development and Distribution License ("CDDL"), version 1.0.
4 * You may only use this file in accordance with the terms of version
5 * 1.0 of the CDDL.
6 *
7 * A full copy of the text of the CDDL should have accompanied this
8 * source. A copy of the CDDL is also available via the Internet at
9 * http://www.illumos.org/license/CDDL.
10 */
11
12 /*
13 * Copyright 2018 Nexenta Systems, Inc. All rights reserved.
14 */
15
16 #ifndef _SMB_SMB2_H
17 #define _SMB_SMB2_H
18
19 #ifdef __cplusplus
20 extern "C" {
21 #endif
22
23 #define SMB2_PROTOCOL_ID { 0xFE, 'S', 'M', 'B' }
24 #define SMB2_HDR_SIZE 64
25 #define SMB3_TFORM_HDR_SIZE 52
26
27 /*
28 * Protocol ID as a 32-bit little-endian integer.
29 */
30 #define SMB2_PROTOCOL_MAGIC 0x424d53fe
31 #define SMB3_ENCRYPTED_MAGIC 0x424d53fd
32
33 /*
34 * SMB2 header command codes.
35 * These are uint16_t on the wire.
36 */
37 typedef enum {
38 SMB2_NEGOTIATE = 0,
39 SMB2_SESSION_SETUP,
40 SMB2_LOGOFF,
41 SMB2_TREE_CONNECT,
42 SMB2_TREE_DISCONNECT,
43 SMB2_CREATE,
44 SMB2_CLOSE,
45 SMB2_FLUSH,
46 SMB2_READ,
47 SMB2_WRITE,
48 SMB2_LOCK,
49 SMB2_IOCTL,
50 SMB2_CANCEL,
51 SMB2_ECHO,
52 SMB2_QUERY_DIRECTORY,
53 SMB2_CHANGE_NOTIFY,
54 SMB2_QUERY_INFO,
55 SMB2_SET_INFO,
56 SMB2_OPLOCK_BREAK,
57 /*
58 * The above (oplock break) is the last real SMB2 op-code.
59 * We use one more slot to represent invalid commands, and
60 * the final enum value is used for array sizes. Keep last!
61 */
62 SMB2_INVALID_CMD,
63 SMB2__NCMDS
64 } SMB2_cmd_code;
65
66 /*
67 * SMB2 header flags.
68 */
69
70 /*
71 * SERVER_TO_REDIR
72 * When set, indicates the message is a response rather than
73 * a request. This MUST be set on responses sent from the
74 * server to the client, and MUST NOT be set on requests
75 * sent from the client to the server.
76 */
77 #define SMB2_FLAGS_SERVER_TO_REDIR 0x00000001
78
79 /*
80 * ASYNC_COMMAND
81 * When set, indicates that this is an ASYNC SMB2 header.
82 * Always set for headers of the form described in this
83 * section.
84 */
85 #define SMB2_FLAGS_ASYNC_COMMAND 0x00000002
86
87 /*
88 * RELATED_OPERATIONS
89 * When set in an SMB2 request, indicates that this request
90 * is a related operation in a compounded request chain.
91 * [MS-SMB2 sec. 3.2.4.1.4]
92 *
93 * When set in an SMB2 compound response, indicates that
94 * the request corresponding to this response was part of a
95 * related operation in a compounded request chain.
96 * [MS-SMB2 sec. 3.3.5.2.7.2]
97 */
98 #define SMB2_FLAGS_RELATED_OPERATIONS 0x00000004
99
100 /*
101 * SIGNED
102 * When set, indicates that this packet has been signed.
103 * [MS-SMB2 3.1.5.1]
104 */
105 #define SMB2_FLAGS_SIGNED 0x00000008
106
107 /*
108 * [MS-SMB2] 3.2.5.3.1 The SessionKey MUST be set to the
109 * first 16 bytes of the cryptographic key from GSSAPI.
110 * (Padded with zeros if the GSSAPI key is shorter.)
111 */
112 #define SMB2_SESSION_KEY_LEN 16
113
114 /*
115 * DFS_OPERATIONS
116 * When set, indicates that this command is a Distributed
117 * File System (DFS) operation. [MS-SMB2 3.3.5.9]
118 */
119 #define SMB2_FLAGS_DFS_OPERATIONS 0x10000000
120
121 /*
122 * REPLAY_OPERATION
123 * This flag is only valid for the SMB 3.0 dialect. When set,
124 * it indicates that this command is a replay operation.
125 * The client MUST ignore this bit on receipt.
126 */
127 #define SMB2_FLAGS_REPLAY_OPERATION 0x20000000
128
129 /*
130 * SMB2 Netgotiate [MS-SMB2 2.2.3]
131 */
132
133 #define SMB2_NEGOTIATE_SIGNING_ENABLED 0x01
134 #define SMB2_NEGOTIATE_SIGNING_REQUIRED 0x02
135
136 #define SMB2_CAP_DFS 0x00000001
137
138 /* Added with SMB2.1 */
139 #define SMB2_CAP_DFS 0x00000001
140 #define SMB2_CAP_LEASING 0x00000002
141 /*
142 * LARGE_MTU:
143 * When set, indicates that the client supports multi-credit operations.
144 */
145 #define SMB2_CAP_LARGE_MTU 0x00000004
146
147 /* Added with SMB3.0 */
148 #define SMB2_CAP_MULTI_CHANNEL 0x00000008
149 #define SMB2_CAP_PERSISTENT_HANDLES 0x00000010
150 #define SMB2_CAP_DIRECTORY_LEASING 0x00000020
151 #define SMB2_CAP_ENCRYPTION 0x00000040
152
153 /* SMB2 session flags */
154 #define SMB2_SESSION_FLAG_IS_GUEST 0x0001
155 #define SMB2_SESSION_FLAG_IS_NULL 0x0002
156 #define SMB2_SESSION_FLAG_ENCRYPT_DATA 0x0004
157
158 /*
159 * Client wants to bind an existing session to a new connection
160 */
161 #define SMB2_SESSION_FLAG_BINDING 0x01
162
163 /*
164 * SMB2 Tree connect, disconnect
165 */
166
167 /* SMB2 sharetype flags */
168 #define SMB2_SHARE_TYPE_DISK 0x1
169 #define SMB2_SHARE_TYPE_PIPE 0x2
170 #define SMB2_SHARE_TYPE_PRINT 0x3
171
172 /* SMB2 share flags */
173 #define SMB2_SHAREFLAG_MANUAL_CACHING 0x00000000
174 #define SMB2_SHAREFLAG_AUTO_CACHING 0x00000010
175 #define SMB2_SHAREFLAG_VDO_CACHING 0x00000020
176 #define SMB2_SHAREFLAG_NO_CACHING 0x00000030
177 #define SMB2_SHAREFLAG_DFS 0x00000001
178 #define SMB2_SHAREFLAG_DFS_ROOT 0x00000002
179 #define SMB2_SHAREFLAG_RESTRICT_EXCLUSIVE_OPENS 0x00000100
180 #define SMB2_SHAREFLAG_FORCE_SHARED_DELETE 0x00000200
181 #define SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING 0x00000400
182 #define SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM 0x00000800
183 #define SMB2_SHAREFLAG_FORCE_LEVELII_OPLOCK 0x00001000
184 /* SMB 3.0 */
185 #define SMB2_SHAREFLAG_ENABLE_HASH_V1 0x00002000
186 #define SMB2_SHAREFLAG_ENABLE_HASH_V2 0x00004000
187 #define SMB2_SHAREFLAG_ENCRYPT_DATA 0x00008000
188
189 /* SMB2 share capabilities */
190 #define SMB2_SHARE_CAP_DFS 0x00000008
191 /* SMB 3.0 */
192 #define SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY 0x00000010
193 #define SMB2_SHARE_CAP_SCALEOUT 0x00000020
194 #define SMB2_SHARE_CAP_CLUSTER 0x00000040
195
196 /*
197 * SMB2 Create (open)
198 */
199
200 /*
201 * SMB2 requested oplock levels
202 * Corresponds to ntifs.h OPLOCK_LEVEL_... but NOT the same!
203 */
204 #define SMB2_OPLOCK_LEVEL_NONE 0x00
205 #define SMB2_OPLOCK_LEVEL_II 0x01
206 #define SMB2_OPLOCK_LEVEL_EXCLUSIVE 0x08
207 #define SMB2_OPLOCK_LEVEL_BATCH 0x09
208 #define SMB2_OPLOCK_LEVEL_LEASE 0xFF
209
210 /*
211 * SMB2 create request lease "type"
212 * Note: Same as ntifs.h OPLOCK_LEVEL_CACHE...
213 */
214 #define SMB2_LEASE_NONE 0x00
215 #define SMB2_LEASE_READ_CACHING 0x01
216 #define SMB2_LEASE_HANDLE_CACHING 0x02
217 #define SMB2_LEASE_WRITE_CACHING 0x04
218
219 /* SMB2 create lease flags */
220 #define SMB2_LEASE_FLAG_BREAK_IN_PROGRESS 0x00000002
221 #define SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET 0x00000004
222
223 /* SMB2 impersonation levels */
224 #define SMB2_IMPERSONATION_ANONYMOUS 0x00
225 #define SMB2_IMPERSONATION_IDENTIFICATION 0x01
226 #define SMB2_IMPERSONATION_IMPERSONATION 0x02
227 #define SMB2_IMPERSONATION_DELEGATE 0x03
228
229 /*
230 * Note: ShareAccess, CreateDispositon, CreateOptions,
231 * all use the same definitions as SMB1 (from MS-FSA).
232 * Ditto FileAccess flags (as with ACLs)
233 */
234
235 /* SMB2 Create Context tags */
236
237 #define SMB2_CREATE_EA_BUFFER 0x45787441 /* ("ExtA") */
238 /*
239 * The data contains the extended attributes
240 * that MUST be stored on the created file.
241 * This value MUST NOT be set for named
242 * pipes and print files.
243 */
244
245 #define SMB2_CREATE_SD_BUFFER 0x53656344 /* ("SecD") */
246 /*
247 * The data contains a security descriptor that
248 * MUST be stored on the created file.
249 * This value MUST NOT be set for named
250 * pipes and print files.
251 */
252
253 #define SMB2_CREATE_DURABLE_HANDLE_REQUEST 0x44486e51 /* ("DHnQ") */
254 /* The client is requesting the open to be durable */
255
256 #define SMB2_CREATE_DURABLE_HANDLE_RECONNECT 0x44486e43 /* ("DHnC") */
257 /*
258 * The client is requesting to reconnect to a
259 * durable open after being disconnected
260 */
261
262 #define SMB2_CREATE_ALLOCATION_SIZE 0x416c5369 /* ("AISi") */
263 /*
264 * The data contains the required allocation
265 * size of the newly created file.
266 */
267
268 #define SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQ 0x4d784163 /* ("MxAc") */
269 /*
270 * The client is requesting that the server
271 * return maximal access information.
272 */
273
274 #define SMB2_CREATE_TIMEWARP_TOKEN 0x54577270 /* ("TWrp") */
275 /*
276 * The client is requesting that the server
277 * open an earlier version of the file identified
278 * by the provided time stamp.
279 */
280
281 #define SMB2_CREATE_QUERY_ON_DISK_ID 0x51466964 /* ("QFid") */
282 /*
283 * The client is requesting that the server return a 32-byte
284 * opaque BLOB that uniquely identifies the file being opened
285 * on disk. No data is passed to the server by the client.
286 */
287
288 #define SMB2_CREATE_DURABLE_HANDLE_REQUEST_V2 0x44483251 /* ("DH2Q") */
289 /*
290 * The client is requesting the open to be durable.
291 * This value is only supported for the SMB 3.x dialect family.
292 */
293
294 #define SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2 0x44483243 /* ("DH2C") */
295 /*
296 * The client is requesting to reconnect to a
297 * durable open after being disconnected.
298 * This value is only supported for the SMB 3.x dialect family.
299 */
300
301 #define SMB2_DHANDLE_FLAG_PERSISTENT 0x00000002
302 /* A persistent handle is requested. */
303
304 #define SMB2_CREATE_REQUEST_LEASE 0x52714c73 /* ("RqLs") */
305 /*
306 * The client is requesting that the server return a lease.
307 * This value is only supported for the SMB 2.1 and 3.0 dialects.
308 */
309
310 #define SMB2_CREATE_CTX_AAPL 0x4141504c /* ("AAPL") */
311 /*
312 * Client is MacOS X looking for MacOS-specific extensions.
313 */
314
315 /*
316 * SMB2 Close
317 */
318 #define SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB 0x0001
319
320 /*
321 * SMB2 Read
322 */
323 #define SMB2_READFLAG_READ_UNBUFFERED 0x00000001
324
325 /*
326 * SMB2 Write
327 */
328 #define SMB2_WRITEFLAG_WRITE_THROUGH 0x00000001
329 #define SMB2_WRITEFLAG_WRITE_UNBUFFERED 0x00000002
330
331 /*
332 * SMB2 Lock Request
333 */
334
335 /* SMB2 lock flags */
336
337 /*
338 * SMB2_LOCKFLAG_SHARED_LOCK
339 * The range MUST be locked shared, allowing other opens
340 * to read from or take a shared lock on the range. All opens
341 * MUST NOT be allowed to write within the range. Other
342 * locks can be requested and taken on this range.
343 */
344 #define SMB2_LOCKFLAG_SHARED_LOCK 0x00000001
345
346 /*
347 * SMB2_LOCKFLAG_EXCLUSIVE_LOCK
348 * The range MUST be locked exclusive, not allowing other
349 * opens to read, write, or lock within the range.
350 */
351 #define SMB2_LOCKFLAG_EXCLUSIVE_LOCK 0x00000002
352
353 /*
354 * SMB2_LOCKFLAG_UNLOCK
355 * The range MUST be unlocked from a previous lock taken
356 * on this range. The unlock range MUST be identical to the
357 * lock range. Sub-ranges cannot be unlocked.
358 */
359 #define SMB2_LOCKFLAG_UNLOCK 0x00000004
360
361 /*
362 * SMB2_LOCKFLAG_FAIL_IMMEDIATELY
363 * The lock operation MUST fail immediately if it conflicts
364 * with an existing lock, instead of waiting for the range to
365 * become available. This can be OR'ed with either of
366 * shared_lock, exclusive_lock (nothing else).
367 */
368 #define SMB2_LOCKFLAG_FAIL_IMMEDIATELY 0x00000010
369
370 /*
371 * SMB2 Ioctl Request
372 */
373 #define SMB2_0_IOCTL_IS_FSCTL 0x00000001
374
375
376 /*
377 * SMB2 Query Directory
378 */
379
380 /*
381 * SMB2 query directory info levels
382 * Same as SMB1 (see ntifs.h)
383 */
384
385 /*
386 * SMB2 Query Directory Flags
387 * (our own names for these - spec. used poor names)
388 */
389 #define SMB2_QDIR_FLAG_RESTART 0x01 /* SMB2_RESTART_SCANS */
390 #define SMB2_QDIR_FLAG_SINGLE 0x02 /* SMB2_RETURN_SINGLE_ENTRY */
391 #define SMB2_QDIR_FLAG_INDEX 0x04 /* SMB2_INDEX_SPECIFIED */
392 #define SMB2_QDIR_FLAG_REOPEN 0x10 /* SMB2_REOPEN */
393
394 /*
395 * SMB2 Query Info Request
396 */
397
398 /* info type */
399 #define SMB2_0_INFO_FILE 0x01
400 /* The file information is requested. */
401 #define SMB2_0_INFO_FILESYSTEM 0x02
402 /* The underlying object store information is requested. */
403 #define SMB2_0_INFO_SECURITY 0x03
404 /* The security information is requested. */
405 #define SMB2_0_INFO_QUOTA 0x04
406 /* The underlying object store quota information is requested. */
407
408 /*
409 * SMB2 Change Nofity Request
410 */
411 #define SMB2_WATCH_TREE 0x00000001
412
413 /* SMB2 Oplock Break: lease break notification flags */
414 #define SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED 0x01
415
416 #ifdef __cplusplus
417 }
418 #endif
419
420 #endif /* _SMB_SMB2_H */