alternate form of tconX response
sfrench at us.ibm.com
Thu Aug 15 13:18:00 GMT 2002
In the course of our recent poking around ntlmssp we discovered (or
rediscovered perhaps) that the tconX response from Windows 2k (or XP) to
Windows 2k has a wct of 7 not 3 as Samba and everyone else understands.
Turns out that this is controlled by whether the client sets the tcon flags
in the request to 0x0008 (the only flag bit that is documented is 0x0001
which means "disconnect tid"). I confirmed this by forcing the Linux cifs
vfs to set this tconX flag bit. The two extra DWORDs that are being
returned by Windows on the tconX response relate to access control (similar
looking to access flags) - a common default is 0x001f01ff (twice).
Changing the permissions on the root of the share causes these bits to
change in interesting ways but we haven't quite put the puzzle together.
Any ideas as to exactly why two access control dwords? and how to prove
that they represent the access_flags we think that they do? (the windows
gui makes it tricky to set the bits granular enough to figure out how they
map to these flag bits - it oversimplifies)
Senior Software Engineer
Linux Technology Center - IBM Austin
email: sfrench at us.ibm.com
More information about the samba-technical