[cifs-protocol] RE: [Pfif] erroneous references to little-endian
Bill Wesse
billwe at microsoft.com
Thu Apr 30 17:33:06 GMT 2009
Good day once again Mr. French! I have verified that our [MS-SMB] working document has already incorporated the necessary deletion of the DialectCount field (2.2.4). The changes will be available in a future document refresh; notifications concerning protocol documentation updates to the Open Specifications are announced via our Protocols Perspective e-Newsletter.
I also checked Network Monitor 3.3 smb2.npl, which has the 'struct SMB2ResponseNegotiate.DialectCount' field defined, and have filed a bug against that. Please read on for further information about this!
Thank you very much for bringing this to our attention. Please let me know if this answers your question satisfactorily; if so, I will consider your question resolved.
If you haven't already done so, you can subscribe to the newsletter at the below link:
Receive the Protocols Perspective e-Newsletter http://www.microsoft.com/protocols/optin.aspx
Each month you'll receive helpful information about:
Protocol Documentation Updates
Patent License Program
Other Licensing Programs
Community Events
Helpful Tips
Licensee Case Studies
==============================================================================
Network Monitor 3.3 can be obtained at: http://connect.microsoft.com/
%SystemDrive%\ProgramData\Microsoft\Network Monitor 3\NPL\Microsoft Parsers\Common\smb2.npl
smb2.npl
Line 180:
Modify:
struct SMB2ResponseNegotiate
{
UINT16 Size;
UINT16 DialectCount;
UINT16 SecurityMode = SMB2SecurityMode(this);
UINT16 DialectRevision = SMB2DialectRevisionTable(this);
UINT16 Reserved;
...
Remove:
UINT16 DialectCount;
Regards,
Bill Wesse
MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
TEL: +1(980) 776-8200
CELL: +1(704) 661-5438
FAX: +1(704) 665-9606
-----Original Message-----
From: Bill Wesse
Sent: Tuesday, April 28, 2009 5:59 AM
To: Steve French; Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: RE: [Pfif] erroneous references to little-endian
Good morning Mr. French! I have created case SRX090428600004 for your question, and will begin my investigation shortly. I will keep you advised of progress!
Regards,
Bill Wesse
MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
TEL: +1(980) 776-8200
CELL: +1(704) 661-5438
FAX: +1(704) 665-9606
-----Original Message-----
From: Steve French [mailto:smfrench at gmail.com]
Sent: Monday, April 27, 2009 9:14 PM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: Re: [Pfif] erroneous references to little-endian
In implementing SMB2 Negotiate protocol support I noticed that the
structure definition is off by 2 bytes.
Section 2.2.4 of MS-SMB2.pdf shows the SMB2 negotiate response as an
SMB2 header followed by
le16 StructureSize; /* Must be 65 */
le16 DialectCount;
le16 SecurityMode;
le16 DialectRevision; /* Should be 0x0202 */
... etc
when it actually has no "DialectCount" which is clear when decoding by
hand (or looking at it in Wireshark)
le16 StructureSize; /* Must be 65 */
le16 SecurityMode;
le16 DialectRevision; /* Should be 0x0202 */
... etc
The server in this case is Vista. The dialect negotiated was 0x0202
in response to an SMB2 only (not SMB) negotiate protocol request.
--
Thanks,
Steve
More information about the cifs-protocol
mailing list