[cifs-protocol] correction to SMB SMB_QUERY_FILE_ALL_INFO info
level
Sebastian Canevari
Sebastian.Canevari at microsoft.com
Fri Sep 12 14:51:22 GMT 2008
Hi Robert,
Your comment is correct and the description is accurate in the upcoming version of the doc defining the fields as 1 byte.
Thanks for the heads up.
Regards,
Sebastian Canevari
Support Escalation Engineer, US-CSS DSC PROTOCOL TEAM
7100 N Hwy 161, Irving, TX - 75039
"Las Colinas - LC2"
Tel: +1 469 775 7849
e-mail: sebastc at microsoft.com<mailto:sebastc at microsoft.com>
We're hiring<http://members.microsoft.com/careers/search/details.aspx?JobID=A976CE32-B0B9-41E3-AF57-05A82B88383E&start=1&interval=10&SortCol=DatePosted>
From: cifs-protocol-bounces+sebastc=microsoft.com at cifs.org [mailto:cifs-protocol-bounces+sebastc=microsoft.com at cifs.org] On Behalf Of robert.hinchliff at quantel.com
Sent: Friday, September 12, 2008 5:56 AM
To: cifs-protocol at samba.org
Subject: [cifs-protocol] correction to SMB SMB_QUERY_FILE_ALL_INFO info level
Hello James, Sebastian and All,
I was hoping somebody could explain some confusion I'm experiencing while trying to understand this thread.
Sebastian's response seems to suggest that the 'DeletePending' and 'Directory' fields should be two bytes wide, but James' e-mail says they should be represented as BOOLEAN, which is defined to be 1 byte in CIFS-TR-1.0.
Am I looking at the wrong definition for BOOLEAN fields?
Sebastian's answer seems to be at odds with existing implementations.
While working on this, Wireshark (1.0.3 with WinPCap 4.0.2) would seem to agree with James' definition, and Microsoft's Network Monitor (beta v3.2) seems to parse the data as originally specified by CIFS-TR-1.0.
Thanks for your time,
Robert Hinchliff
Development Engineer
Quantel Ltd.
*****************************************************************************************************************
Hi James,
We've concluded our investigation and upcoming versions of the document will reflect changes similar to the following:
2.2.13.2 TRANS2_QUERY_FILE_INFORMATION Response
A server MUST send a TRANS2_QUERY_FILE_INFORMATION response in reply to an SMB_COM_TRANSACTION2 client request with a TRANS2_QUERY_FILE_INFORMATION subcommand when the request is successful.
The Data block of the transaction response contains the requested information as follows. Note that this Data block definition augments the definition specified in [CIFS] section 4.2.15. Where differences exist, the information supplied here supercedes information in [CIFS].
This structure is returned by the server whether the query specifies SMB_QUERY_FILE_ALL_INFO level or the native NT passthrough level "FileAllInformation".
0 1 2 3 4 5 6 7 8 9 1
0 1 2 3 4 5 6 7 8 9 2
0 1 2 3 4 5 6 7 8 9 3
0 1
CreationTime
...
LastAccessTime
...
LastWriteTime
...
ChangeTime
...
Attributes
AllocationSize
...
EndofFile
...
NumberOfLinks
DeletePending Directory
Pad EASize
... FileNameLength
... FileName (variable)
...
CreationTime (8 bytes): Time of the file creation.
LastAccessTime (8 bytes): Time of the most recent file access.
LastWriteTime (8 bytes): Time of the most recent write in the file.
ChangeTime (8 bytes): Time of the most recent change to the file.
Attributes (4 bytes): File attributes.
AllocationSize (8 bytes): Allocated size, in bytes, of the file.
EndofFile (8 bytes): Offset to the first free byte in the file.
NumberOfLinks (4 bytes): Number of hard links to the file.
DeletePending (2 bytes): Indicates whether the file is marked for deletion.
Directory (2 bytes): Indicates whether the file is a directory.
Pad (2 bytes): Unused. Provided for alignment.
EASize (4 bytes): Size, in bytes, of the file's extended attributes.
FileNameLength (4 bytes): Length, in bytes, of the file name.
FileName (variable): Name of the file.
This structure is also returned by the TRANS2_QUERY_PATH_INFORMATION Response as specified in section 2.2.13.4.
The FILE_ALL_INFORMATION structure described in [MS-FSCC], is NOT used by [MS-SMB].
Thanks for your help!
I'm attaching a .pdf doc so you can see the answer with the correct format.
Regards,
Sebastian Canevari
Support Escalation Engineer, US-CSS DSC PROTOCOL TEAM
7100 N Hwy 161, Irving, TX - 75039
"Las Colinas - LC2"
Tel: +1 469 775 7849
e-mail: sebastc at microsoft.com<https://lists.samba.org/mailman/listinfo/cifs-protocol>
We're hiring
-----Original Message-----
From: cifs-protocol-bounces+sebastc=microsoft.com at cifs.org<https://lists.samba.org/mailman/listinfo/cifs-protocol> [mailto:cifs-protocol-bounces+sebastc=microsoft.com at cifs.org<https://lists.samba.org/mailman/listinfo/cifs-protocol>] On Behalf Of James Peach
Sent: Thursday, June 19, 2008 10:55 AM
To: cifs-protocol at samba.org<https://lists.samba.org/mailman/listinfo/cifs-protocol>
Subject: [cifs-protocol] correction to SMB SMB_QUERY_FILE_ALL_INFO info level
Hi all,
Just posting this note so that there is something searchable on the web.
The SMB_QUERY_FILE_ALL_INFO info level has been specified incorrectly
as far back as the Leach-Naik drafts. The correct format for this
response is:
Data Block Encoding Description
===================================================================
LARGE_INTEGER CreationTime Time when file was created
LARGE_INTEGER LastAccessTime Time of last file access
LARGE_INTEGER LastWriteTime Time of last write to the file
LARGE_INTEGER ChangeTime Time when file was last changed
ULONG Attributes File Attributes
LARGE_INTEGER AllocationSize Allocated size of the file in number of
bytes
LARGE_INTEGER EndofFile Offset to the first free byte in the file
ULONG NumberOfLinks Number of hard links to the file
BOOLEAN DeletePending Indicates whether the file is marked for deletion
BOOLEAN Directory Indicates whether the file is a directory
USHORT Unknown Could be a padd value?
ULONG EASize Size of the file's extended attributes in bytes
ULONG FileNameLength Length of the file name in number of bytes
STRING FileName Name of the file
All versions of Windows and Samba get this right. AFAIK the only
modern SMB client that uses this info level is the Mac OSX client. I
believe that some versions of NetApp filers get this wrong. Wireshark
used to get this wrong, but recent versions get it right.
I posted this on the MSDN File Services forum, but it ate my
formatting. Hopefully this is more legible :)
--
This e-mail is intended for the named addressees only. Its contents may be privileged or confidential and should be treated as such. If you are not an intended recipient please notify the sender immediately and then delete it; do not copy, distribute, or take any action based on this e-mail. In the pursuit of its legitimate business activities and its conformance with relevant legislation, Quantel may access any e-mail (including attachments) it originates or receives, for potential scrutiny.
Quantel is the trade name used by Quantel Holdings Limited and its subsidiaries. Quantel Holdings Limited is registered in England & Wales. Registration No: 4004913
Contact details for all Quantel Offices and Companies can be found on our website www.quantel.com or by writing to the holding company.
Registered address: Turnpike Road, Newbury, Berkshire, RG14 2NX, United Kingdom
This e-mail is intended for the named addressees only. Its contents may be privileged or confidential and should be treated as such. If you are not an intended recipient please notify the sender immediately and then delete it; do not copy, distribute, or take any action based on this e-mail. In the pursuit of its legitimate business activities and its conformance with relevant legislation, Quantel may access any e-mail (including attachments) it originates or receives, for potential scrutiny. Quantel is the trade name used by Quantel Holdings Limited and its subsidiaries. Quantel Holdings Limited is registered in England & Wales. Registration No: 4004913 Contact details for all Quantel Offices and Companies can be found on our website www.quantel.com or by writing to the holding company. Registered address: Turnpike Road, Newbury, Berkshire, RG14 2NX, United Kingdom
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the cifs-protocol
mailing list