Was this page helpful?
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

2.2.1.1 SMB2 Packet Header - ASYNC

If the SMB2_FLAGS_ASYNC_COMMAND bit is set in Flags, the header takes the following form.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

ProtocolId

StructureSize

CreditCharge

(ChannelSequence/Reserved)/Status

Command

CreditRequest/CreditResponse

Flags

NextCommand

MessageId

...

AsyncId

...

SessionId

...

Signature

...

...

...

ProtocolId (4 bytes): The protocol identifier. The value MUST be (in network order) 0xFE, 'S', 'M', and 'B'.

StructureSize (2 bytes): MUST be set to 64, which is the size, in bytes, of the SMB2 header structure.

CreditCharge (2 bytes): In the SMB 2.0.2 dialect, this field MUST NOT be used and MUST be reserved. The sender MUST set this to 0, and the receiver MUST ignore it. In all other dialects, this field indicates the number of credits that this request consumes.

(ChannelSequence/Reserved)/Status (4 bytes): In a request, this field is interpreted in different ways depending on the SMB2 dialect.

In the SMB 3.x dialect family, this field is interpreted as the ChannelSequence field followed by the Reserved field in a request.

ChannelSequence (2 bytes): This field is an indication to the server about the client's Channel change.

Reserved (2 bytes): This field SHOULD be set to zero and the server MUST ignore it on receipt.

In the SMB 2.0.2 and SMB 2.1 dialects, this field is interpreted as the Status field in a request.

Status (4 bytes): The client MUST set this field to 0 and the server MUST ignore it on receipt. 

In all SMB dialects for a response this field is interpreted as the Status field. This field can be set to any value. For a list of valid status codes, see [MS-ERREF] section 2.3.

Command (2 bytes): The command code of this packet. This field MUST contain one of the following valid commands:

Name

Value

SMB2 NEGOTIATE

0x0000

SMB2 SESSION_SETUP

0x0001

SMB2 LOGOFF

0x0002

SMB2 TREE_CONNECT

0x0003

SMB2 TREE_DISCONNECT

0x0004

SMB2 CREATE

0x0005

SMB2 CLOSE

0x0006

SMB2 FLUSH

0x0007

SMB2 READ

0x0008

SMB2 WRITE

0x0009

SMB2 LOCK

0x000A

SMB2 IOCTL

0x000B

SMB2 CANCEL

0x000C

SMB2 ECHO

0x000D

SMB2 QUERY_DIRECTORY

0x000E

SMB2 CHANGE_NOTIFY

0x000F

SMB2 QUERY_INFO

0x0010

SMB2 SET_INFO

0x0011

SMB2 OPLOCK_BREAK

0x0012

CreditRequest/CreditResponse (2 bytes): On a request, this field indicates the number of credits the client is requesting. On a response, it indicates the number of credits granted to the client.

Flags (4 bytes): A flags field, which indicates how to process the operation. This field MUST be constructed using the following values:

Value

Meaning

SMB2_FLAGS_SERVER_TO_REDIR

0x00000001

When set, indicates the message is a response rather than a request. This MUST be set on responses sent from the server to the client, and MUST NOT be set on requests sent from the client to the server.

SMB2_FLAGS_ASYNC_COMMAND

0x00000002

When set, indicates that this is an ASYNC SMB2 header. Always set for headers of the form described in this section.

SMB2_FLAGS_RELATED_OPERATIONS

0x00000004

When set in an SMB2 request, indicates that this request is a related operation in a compounded request chain. The use of this flag in an SMB2 request is as specified in section 3.2.4.1.4.

When set in an SMB2 compound response, indicates that the request corresponding to this response was part of a related operation in a compounded request chain. The use of this flag in an SMB2 response is as specified in section 3.3.5.2.7.2.

SMB2_FLAGS_SIGNED

0x00000008

When set, indicates that this packet has been signed. The use of this flag is as specified in section 3.1.5.1.

SMB2_FLAGS_PRIORITY_MASK

0x00000070

This flag is only valid for the SMB 3.1.1 dialect. It is a mask for the requested I/O priority of the request, and it MUST be a value in the range 0 to 7.

SMB2_FLAGS_DFS_OPERATIONS

0x10000000

When set, indicates that this command is a Distributed File System (DFS) operation. The use of this flag is as specified in section 3.3.5.9.

SMB2_FLAGS_REPLAY_OPERATION

0x20000000

This flag is only valid for the SMB 3.x dialect family. When set, it indicates that this command is a replay operation.

The client MUST ignore this bit on receipt.

NextCommand (4 bytes): For a compounded request, this field MUST be set to the offset, in bytes, from the beginning of this SMB2 header to the start of the subsequent 8-byte aligned SMB2 header. If this is not a compounded request, or this is the last header in a compounded request, this value MUST be 0.

MessageId (8 bytes): A value that identifies a message request and response uniquely across all messages that are sent on the same SMB 2 Protocol transport connection.

AsyncId (8 bytes): A unique identification number that is created by the server to handle operations asynchronously, as specified in section 3.3.4.2.

SessionId (8 bytes): Uniquely identifies the established session for the command. This MUST be 0 for requests that do not have an associated user context. This MUST be 0 for the first SMB2 SESSION_SETUP Request for a specified security principal. The following SMB 2 Protocol commands do not require the SessionId to be set to a nonzero value received from a previous SMB2 SESSION_SETUP Response. The client MUST set the SessionId to 0, and the server SHOULD<2> ignore this value for the following commands:

Signature (16 bytes): The 16-byte signature of the message, if SMB2_FLAGS_SIGNED is set in the Flags field of the SMB2 header. If the message is not signed, this field MUST be 0.

Show:
© 2016 Microsoft