2.2.5 SMB2 SESSION_SETUP Request

The SMB2 SESSION_SETUP Request packet is sent by the client to request a new authenticated session within a new or existing SMB 2 Protocol transport connection to the server. This request is composed of an SMB2 header as specified in section 2.2.1 followed by this request structure.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

StructureSize

Flags

SecurityMode

Capabilities

Channel

SecurityBufferOffset

SecurityBufferLength

PreviousSessionId

...

Buffer (variable)

...

StructureSize (2 bytes): The client MUST set this field to 25, indicating the size of the request structure, not including the header. The client MUST set it to this value regardless of how long Buffer[] actually is in the request being sent.

Flags (1 byte): If the client implements the SMB 3.x dialect family, this field MUST be set to combination of zero or more of the following values. Otherwise, it MUST be set to 0.

Value

Meaning

SMB2_SESSION_FLAG_BINDING

0x01

When set, indicates that the request is to bind an existing session to a new connection.

SecurityMode (1 byte): The security mode field specifies whether SMB signing is enabled or required at the client. This field MUST be constructed using the following values.

Value

Meaning

SMB2_NEGOTIATE_SIGNING_ENABLED

0x01

When set, indicates that security signatures are enabled on the client. The client MUST set this bit if the SMB2_NEGOTIATE_SIGNING_REQUIRED bit is not set, and MUST NOT set this bit if the SMB2_NEGOTIATE_SIGNING_REQUIRED bit is set. The server MUST ignore this bit.

SMB2_NEGOTIATE_SIGNING_REQUIRED

0x02

When set, indicates that security signatures are required by the client.

Capabilities (4 bytes): Specifies protocol capabilities for the client. This field MUST be constructed using the following values.

Value

Meaning

SMB2_GLOBAL_CAP_DFS

0x00000001

When set, indicates that the client supports the Distributed File System (DFS).

SMB2_GLOBAL_CAP_UNUSED1

0x00000002

SHOULD be set to zero, and server MUST ignore.

SMB2_GLOBAL_CAP_UNUSED2

0x00000004

SHOULD be set to zero and server MUST ignore.

SMB2_GLOBAL_CAP_UNUSED3

0x00000008

SHOULD be set to zero and server MUST ignore.

Values other than those that are defined in the previous table are unused at present and SHOULD<23> be treated as reserved.

Channel (4 bytes): This field MUST NOT be used and MUST be reserved. The client MUST set this to 0, and the server MUST ignore it on receipt.

SecurityBufferOffset (2 bytes): The offset, in bytes, from the beginning of the SMB 2 Protocol header to the security buffer.

SecurityBufferLength (2 bytes): The length, in bytes, of the security buffer.

PreviousSessionId (8 bytes): A previously established session identifier. The server uses this value to identify the client session that was disconnected due to a network error.

Buffer (variable): A variable-length buffer that contains the security buffer for the request, as specified by SecurityBufferOffset and SecurityBufferLength. If the server initiated authentication using SPNEGO, the buffer MUST contain a token as produced by the GSS protocol as specified in section 3.2.4.2.3. If the client initiated authentication, see section 2.2.4, the buffer SHOULD<24> contain a token as produced by an authentication protocol of the client's choice.

Show: