2.2.4.33.1 Request
-
SMB_Parameters { UCHAR WordCount; Words { USHORT TotalParameterCount; USHORT TotalDataCount; USHORT MaxParameterCount; USHORT MaxDataCount; UCHAR MaxSetupCount; UCHAR Reserved1; USHORT Flags; ULONG Timeout; USHORT Reserved2; USHORT ParameterCount; USHORT ParameterOffset; USHORT DataCount; USHORT DataOffset; UCHAR SetupCount; UCHAR Reserved3; USHORT Setup[SetupCount]; } } SMB_Data { USHORT ByteCount; Bytes { SMB_STRING Name; UCHAR Pad1[]; UCHAR Trans_Parameters[ParameterCount]; UCHAR Pad2[]; UCHAR Trans_Data[DataCount]; } }
SMB_Header:
-
The PID, MID, TID, and UID MUST be the same for all requests and responses that are part of the same transaction.
-
TID (2 bytes): If the transaction request is being sent as a class 2 mailslot message, this field MUST have a value of 0xFFFF. The mailslot receiver MAY ignore the TID in the request. In all other cases, this field MUST contain a valid TID. The TID MUST refer to the IPC$ share.
-
UID (2 bytes): If the transaction request is being sent as a class 2 mailslot message, this field MUST have a value of 0xFFFF. The mailslot receiver MAY ignore the UID in the request. In all other cases, this field MUST contain a valid UID.
-
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
SMB_Parameters (variable) |
|||||||||||||||||||||||||||||||
... |
|||||||||||||||||||||||||||||||
SMB_Data (variable) |
|||||||||||||||||||||||||||||||
... |
SMB_Parameters (variable):
The SMB_Parameters section of the SMB_COM_TRANSACTION request contains the information to manage the transaction along with flags and setup information that provide the context for the execution of the operation on the server.
-
0
1
2
3
4
5
6
7
8
91
0
1
2
3
4
5
6
7
8
92
0
1
2
3
4
5
6
7
8
93
0
1WordCount
Words (variable)
...
-
WordCount (1 byte): This field MUST be Words.SetupCount (see below) plus 14 (0x0E). This value represents the total number of parameter words and MUST be greater than or equal to 14 (0x0E).
-
Words (variable):
-
0
1
2
3
4
5
6
7
8
91
0
1
2
3
4
5
6
7
8
92
0
1
2
3
4
5
6
7
8
93
0
1TotalParameterCount
TotalDataCount
MaxParameterCount
MaxDataCount
MaxSetupCount
Reserved1
Flags
Timeout
Reserved2
ParameterCount
ParameterOffset
DataCount
DataOffset
SetupCount
Reserved3
Setup (variable)
...
-
TotalParameterCount (2 bytes): The total number of transaction parameter bytes the client expects to send to the server for this request. Parameter bytes for a transaction are carried within the SMB_Data.Trans_Parameters field of the SMB_COM_TRANSACTION request. If the size of all of the required SMB_Data.Trans_Parameters for a given transaction causes the request to exceed the MaxBufferSize established during session setup, then the client MUST NOT send all of the parameters in one request. The client MUST break up the parameters and send additional requests using the SMB_COM_TRANSACTION_SECONDARY command to send the additional parameters. Any single request MUST NOT exceed the MaxBufferSize established during session setup. The client indicates to the server to expect additional parameters, and thus at least one SMB_COM_TRANSACTION_SECONDARY, by setting ParameterCount (see following) to be less than TotalParameterCount. See SMB_COM_TRANSACTION_SECONDARY for more information.
-
TotalDataCount (2 bytes): The total number of transaction data bytes that the client attempts to send to the server for this request. Data bytes of a transaction are carried within the SMB_Data.Trans_Data field of the SMB_COM_TRANSACTION request. If the size of all of the required SMB_Data.Trans_Data for a given transaction causes the request to exceed the MaxBufferSize established during session setup, then the client MUST NOT send all of the data in one request. The client MUST break up the data and send additional requests using the SMB_COM_TRANSACTION_SECONDARY command to send the additional data. Any single request MUST NOT exceed the MaxBufferSize established during session setup. The client indicates to the server to expect additional data, and thus at least one SMB_COM_TRANSACTION_SECONDARY, by setting DataCount (see following) to be less than TotalDataCount. See SMB_COM_TRANSACTION_SECONDARY for more information.
-
MaxParameterCount (2 bytes): The maximum number of SMB_Data.Trans_Parameters bytes that the client accepts in the transaction response. The server MUST NOT return more than this number of bytes in the SMB_Data.Trans_Parameters field of the response.
-
MaxDataCount (2 bytes): The maximum number of SMB_Data.Trans_Data bytes that the client accepts in the transaction response. The server MUST NOT return more than this number of bytes in the SMB_Data.Trans_Data field.
-
MaxSetupCount (1 byte): The maximum number of bytes that the client accepts in the Setup field of the transaction response. The server MUST NOT return more than this number of bytes in the Setup field.
-
Reserved1 (1 byte): A padding byte. This field MUST be 0x00. Existing CIFS implementations MAY combine this field with MaxSetupCount to form a USHORT. If MaxSetupCount is defined as a USHORT, the high order byte MUST be 0x00.
-
Flags (2 bytes): A set of bit flags that alter the behavior of the requested operation. Unused bit fields MUST be set to zero by the client sending the request, and MUST be ignored by the server receiving the request. The client can set either or both of the following bit flags.
-
-
-
-
Name and bitmask
-
-
-
Meaning
-
-
-
DISCONNECT_TID
-
0x0001
-
-
-
If set, following the completion of the operation the server MUST disconnect the tree connect associated with the tree identifier (TID) field received in the SMB Header (section 2.2.3.1) of this request. The client SHOULD NOT send a subsequent SMB_COM_TREE_DISCONNECT for this tree connect.
-
-
-
NO_RESPONSE
-
0x0002
-
-
-
This is a one-way transaction. The server MUST attempt to complete the transaction, but MUST NOT send a response to the client.<41>
-
-
-
-
-
Timeout (4 bytes): The value of this field MUST be the maximum number of milliseconds that the server SHOULD wait for completion of the transaction before generating a time-out and returning a response to the client. The client SHOULD set this field to 0x00000000 to indicate that no time-out is expected. A value of 0x00000000 indicates that the server returns an error if the resource is not immediately available. If the operation does not complete within the specified time, the server MAY abort the request and send a failure response.<42>
-
Reserved2 (2 bytes): Reserved. This field MUST be 0x0000 in the client request. The server MUST ignore the contents of this field.
-
ParameterCount (2 bytes): The number of transaction parameter bytes that the client attempts to send to the server in this request. Parameter bytes for a transaction are carried within the SMB_Data.Trans_Parameters field of the SMB_COM_TRANSACTION request. If the transaction request fits within a single SMB_COM_TRANSACTION request (the request size does not exceed MaxBufferSize), then this value SHOULD be equal to TotalParameterCount. Otherwise, the sum of the ParameterCount values in the primary and secondary transaction request messages MUST be equal to the smallest TotalParameterCount value reported to the server. If the value of this field is less than the value of TotalParameterCount, then at least one SMB_COM_TRANSACTION_SECONDARY message MUST be used to transfer the remaining transaction SMB_Data.Trans_Parameters bytes. The ParameterCount field MUST be used to determine the number of transaction SMB_Data.Trans_Parameters bytes that are contained within the SMB_COM_TRANSACTION message.
-
ParameterOffset (2 bytes): This field MUST contain the number of bytes from the start of the SMB Header to the start of the SMB_Data.Trans_Parameters field. Server implementations MUST use this value to locate the transaction parameter block within the request. If ParameterCount is zero, the client/server MAY set this field to zero.<43>
-
DataCount (2 bytes): The number of transaction data bytes that the client sends to the server in this request. Data bytes for a transaction are carried within the SMB_Data.Trans_Data field of the SMB_COM_TRANSACTION request. If the transaction request fits within a single SMB_COM_TRANSACTION request (the request size does not exceed MaxBufferSize), then this value SHOULD be equal to TotalDataCount. Otherwise, the sum of the DataCount values in the primary and secondary transaction request messages MUST be equal to the smallest TotalDataCount value reported to the server. If the value of this field is less than the value of TotalDataCount, then at least one SMB_COM_TRANSACTION_SECONDARY message MUST be used to transfer the remaining transaction SMB_Data.Trans_Data bytes. The DataCount field MUST be used to determine the number of transaction SMB_Data.Trans_Data bytes contained within the SMB_COM_TRANSACTION message.
-
DataOffset (2 bytes): This field MUST be the number of bytes from the start of the SMB Header of the request to the start of the SMB_Data.Trans_Data field. Server implementations MUST use this value to locate the transaction data block within the request. If DataCount is zero, the client/server MAY<44> set this field to zero.
-
SetupCount (1 byte): This field MUST be the number of setup words that are included in the transaction request.
-
Reserved3 (1 byte): A padding byte. This field MUST be 0x00. Existing CIFS implementations MAY combine this field with SetupCount to form a USHORT. If SetupCount is defined as a USHORT, the high order byte MUST be 0x00.
-
Setup (variable): An array of two-byte words that provides transaction context to the server. The size and content of the array are specific to individual subcommands.
-
SMB_Data (variable):
The SMB_Data section of the SMB_COM_TRANSACTION request contains the parameters and data that are the input to the transaction operation on the server. SMB_COM_TRANSACTION also includes a Name string that MAY identify the resource (a specific Mailslot or Named Pipe) against which the operation is performed.
-
0
1
2
3
4
5
6
7
8
91
0
1
2
3
4
5
6
7
8
92
0
1
2
3
4
5
6
7
8
93
0
1ByteCount
Bytes (variable)
...
-
ByteCount (2 bytes): The number of bytes in the Bytes array that follows.
-
Bytes (variable):
-
0
1
2
3
4
5
6
7
8
91
0
1
2
3
4
5
6
7
8
92
0
1
2
3
4
5
6
7
8
93
0
1Name (variable)
...
Pad1 (variable)
...
Trans_Parameters (variable)
...
Pad2 (variable)
...
Data (variable)
...
-
Name (variable): The pathname of the mailslot or named pipe to which the transaction subcommand applies, or a client-supplied identifier that provides a name for the transaction. See the individual SMB_COM_TRANSACTION subprotocol subcommand descriptions for information about the value set for each subcommand. If the field is not specified in the section for the subcommands, the field SHOULD be set to \pipe\. If SMB_FLAGS2_UNICODE is set in the Flags2 field of the SMB Header (section 2.2.3.1) of the request, this field MUST be a null-terminated array of 16-bit Unicode characters which MUST be aligned to start on a 2-byte boundary from the start of the SMB header. Otherwise, this field MUST be a null-terminated array of OEM characters. The Name field MUST be the first field in this section.
-
Pad1 (variable): This field SHOULD be used as an array of padding bytes to align the following field to a 4-byte boundary. relative to the start of the SMB Header. This constraint can cause this field to be a zero-length field. This field SHOULD be set to zero by the client/server, and MUST be ignored by the server/client.
-
Trans_Parameters (variable): Transaction parameter bytes. See the individual SMB_COM_TRANSACTION subprotocol subcommands descriptions for information on the parameters sent for each subcommand.
-
Pad2 (variable): This field SHOULD be used as an array of padding bytes to align the following field to a 4-byte boundary. relative to the start of the SMB Header. This can cause this field to be a zero-length field. This field SHOULD be set to zero by the client/server, and MUST be ignored by the server/client.
-
Data (variable): Transaction data bytes. See the individual SMB_COM_TRANSACTION subprotocol subcommands descriptions for information on the data sent for each subcommand.
-