Partager via

2.2.4.6.1 Client Request Extensions

  • Article

An SMB_COM_SESSION_SETUP_ANDX request MUST be sent by a client to begin user authentication on an SMB connection and establish an SMB session.

When extended security is being used (see section 3.2.4.2.4), the request MUST take the following form. Aside from the SecurityBlobLength field, the additional capabilities used in the Capabilities field, and the ByteCount and SecurityBlob fields, all other fields are as specified in [MS-CIFS] section 2.2.4.53.1.

 SMB_Parameters
   {
   UCHAR  WordCount;
   Words
     {
     UCHAR  AndXCommand;
     UCHAR  AndXReserved;
     USHORT AndXOffset;
     USHORT MaxBufferSize;
     USHORT MaxMpxCount;
     USHORT VcNumber;
     ULONG  SessionKey;
     USHORT SecurityBlobLength;
     ULONG  Reserved;
     ULONG  Capabilities;
     }
   }
 SMB_Data
   {
   USHORT ByteCount;
   Bytes
     {
     UCHAR      SecurityBlob[SecurityBlobLength];
     SMB_STRING NativeOS[];
     SMB_STRING NativeLanMan[];
     }
   }


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

SMB_Parameters (25 bytes)

...

...

...

SMB_Data (variable)

...

SMB_Parameters (25 bytes):


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

WordCount

Words (24 bytes)

...

...

...

WordCount (1 byte): The value of this field MUST be 0x0C.

Words (24 bytes):


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

AndXCommand

AndXReserved

AndXOffset

MaxBufferSize

MaxMpxCount

VcNumber

SessionKey

...

SecurityBlobLength

Reserved

Capabilities

SecurityBlobLength (2 bytes): This value MUST specify the length in bytes of the variable-length SecurityBlob field that is contained within the request.

Capabilities (4 bytes): A set of client capabilities. This field has the same structure as the SMB_Parameters.Capabilities field of the SMB_COM_NEGOTIATE Server Response specified in section 2.2.4.5.2.<43>

SMB_Data (variable):


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

ByteCount

Bytes (variable)

...

ByteCount (2 bytes): If SMB_FLAGS2_UNICODE is set in the SMB_Header.Flags2 field, then this field MUST be greater than or equal to 0x0004. If SMB_FLAGS2_UNICODE is not set, then this field MUST be greater than or equal to 0x0002.

Bytes (variable):


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

SecurityBlob (variable)

...

NativeOS (variable)

...

NativeLanMan (variable)

...

SecurityBlob (variable): This field MUST be the authentication token sent to the server, as specified in section 3.2.4.2.4 and in [RFC2743].

NativeOS (variable): A string that represents the native operating system of the SMB client. If SMB_FLAGS2_UNICODE is set in the Flags2 field of the SMB header of the request, then the name string MUST be a NULL-terminated array of 16-bit Unicode characters. Otherwise, the name string MUST be a NULL-terminated array of OEM characters. If the name string consists of Unicode characters, then this field MUST be aligned to start on a 2-byte boundary from the start of the SMB header.<44>

NativeLanMan (variable): A string that represents the native LAN manager type of the client. If SMB_FLAGS2_UNICODE is set in the Flags2 field of the SMB header of the request, then the name string MUST be a NULL-terminated array of 16-bit Unicode characters. Otherwise, the name string MUST be a NULL-terminated array of OEM characters. If the name string consists of Unicode characters, then this field MUST be aligned to start on a 2-byte boundary from the start of the SMB header.<45>