samba-3.0alpha23: smbclient -M ... ?

David Lee t.d.lee at durham.ac.uk
Thu Apr 24 16:59:17 GMT 2003 

This is just a quick "request for confirmation": I realise that, as a
result, I may need to dig deeper myself, but would appreciate any
pointers.


I've just started dabbling with 3.0, using the alpha23 tarball.

Under 2.2.x the command:
   smbclient  -M PC_name  -I ip.no.of.PC

could send a WinPopup message to the PC.  But this seems not to work with
samba-3.0alpha23.

Using Solaris "snoop" to watch the traffic (sorry I don't have the
"ethereal" that folk seems to talk about):

Samba 2.2.x does a nice packet exchange of the various SMBsend* packets.

Samba 3.0alpha23 seems only to do the outbound SMBsendstrt, with no
corresponding reply from the PC.  Further the "originator name" and
"destination name" seem to be expanded up to double length with null
bytes.

Herewith the outbound SMBsendstrt data from "snoop":

2.2.8a:

# SMB:  Command code = 0xd5
# SMB:  Command name =  SMBsendstrt
# SMB:
# SMB:  SMB Status:
# SMB:     - Error class = No error
# SMB:     - Error code = No error
# SMB:
# SMB:  Header:
# SMB:     - Tree ID      (TID) = 0xffff
# SMB:     - Process ID   (PID) = 0x098f
# SMB:     - User ID      (UID) = 0x0000
# SMB:     - Multiplex ID (MID) = 0x0001
# SMB:     - Flags summary = 0x08
# SMB:     - Flags2 summary = 0x0001
# SMB:
# SMB:
#
#
#            0: 0003 470e 18ff 0800 2004 c4ea 0800 4500    ..G..... .....E.
#           16: 005f ca1e 4000 4006 6810 81ea 0246 81ea    ._.. at .@.h....F..
#           32: 0250 804d 008b 70c0 c83c 62d2 d43e 5018    .P.M..p..<b..>P.
#           48: 60f4 9f6c 0000 0000 0033 ff53 4d42 d500    `..l.....3.SMB..
#           64: 0000 0008 0100 0000 0000 0000 0000 0000    ................
#           80: 0000 ffff 8f09 0000 0100 0010 0004 5341    ..............SA
#           96: 4d42 4100 0469 7473 7063 3830 00           MBA..itspc80.



3.0alpha23:

# SMB:  Command code = 0xd5
# SMB:  Command name =  SMBsendstrt
# SMB:
# SMB:  SMB Status:
# SMB:     - Error class = No error
# SMB:     - Error code = No error
# SMB:
# SMB:  Header:
# SMB:     - Tree ID      (TID) = 0xffff
# SMB:     - Process ID   (PID) = 0x0991
# SMB:     - User ID      (UID) = 0x0000
# SMB:     - Multiplex ID (MID) = 0x0001
# SMB:     - Flags summary = 0x08
# SMB:     - Flags2 summary = 0xc801
# SMB:
# SMB:
#
#
#            0: 0003 470e 18ff 0800 2004 c4ea 0800 4500    ..G..... .....E.
#           16: 006e ca27 4000 4006 67f8 81ea 0246 81ea    .n.'@. at .g....F..
#           32: 0250 804e 008b 7146 2b36 635a b292 5018    .P.N..qF+6cZ..P.
#           48: 60f4 ca0a 0000 0000 0042 ff53 4d42 d500    `........B.SMB..
#           64: 0000 0008 01c8 0000 0000 0000 0000 0000    ................
#           80: 0000 ffff 9109 0000 0100 001f 0004 7300    ..............s.
#           96: 6100 6d00 6200 6100 0000 0400 6900 7400    a.m.b.a.....i.t.
#          112: 7300 7000 6300 3800 3000 0000              s.p.c.8.0...

Is there some sort of attempt at non-ASCII coding going on here?  (Does
the so-called "Flags2" play a role here?)  What will happen when these
names bump up against the 15-byte transmission limit within SMDsendstrt?

At seven bytes, my sample "itspc80" is perilously close to that when
doubled up.  And if the length includes the trailing null, then might this
encode over 15 bytes?

Thoughts?


-- 

:  David Lee                                I.T. Service          :
:  Systems Programmer                       Computer Centre       :
:                                           University of Durham  :
:  http://www.dur.ac.uk/t.d.lee/            South Road            :
:                                           Durham                :
:  Phone: +44 191 334 2752                  U.K.                  :

More information about the samba-technical mailing list