SMB_QUERY_FILE_ALL_INFO not correct in SNIA spec?

Wed Mar 3 14:29:30 GMT 2004

Yes, a long time ago:

http://thread.gmane.org/gmane.network.samba.internals/5499
--- snip ---
After poking around with a sniffer, here is what I think it looks 
like:

    TIME    CreationTime;
    TIME    LastAccessTime;
    TIME    LastWriteTime;
    TIME    ChangeTime;
    ULONG   Attributes; 
    ULONG   Pad1;  // assumed
    LARGE_INTEGER AllocationSize;
    LARGE_INTEGER EndOfFile;
    ULONG   NumberOfLinks;
    UCHAR   DeletePending;
    UCHAR   Directory;
    USHORT  Pad2; // assumed
    ULONG   EaSize;
    ULONG   FileNameLength;
    STRING  FileName[];

This is simply the concatenation of Basic Info, Standard Info (plus 
padding, Pad2, which is not in the SNIA spec), EA Info, and 
File Name Info. There is no sign of the rest of the information
(internal file system index numbers, open-file information) being
present.

In my test I used a Win 2000 client, a Win 2000 server, and used
SMB_COM_QUERY_FILE_INFORMATION (by fid, not by path).

My questions:

1) Can anyone else confirm my interpretation?

--- snip ---

[smbclient4 has the inode field removed (other than smbclient3) ]

A snippet of trace from KDE konqueror using libsmbclient against Win2k3
follows. There is another glitch in kioslave/libsmbclient: files >2GB
are shown as something in the Terabyte range! (the size fields in FFirst/Next
are restricted to int32 - so for every file a querypathinfo follows)

The traced file has size 19166 (0x4ADE) and allocSize 0x5000
The four timestamps start at 00082
The Attributes are 0x00000021 (readonly, archive)
Pad1 is 0x00000000 and then follows alu as uint64 and size as uint64.
n_link is 0x00000001 
EAsize is 0x00000000 - 0x00000022 is the length of the path.

Ethereal is definetly broken here (as are smbclient 3 and 4 with
their offsets to size)

--- Netmon V5.00.943 that doesn't decode this trans2 call ---
SMB: R transact2 Query path info (response to frame 305)
[...]
    SMB: Command = C transact2
        SMB: Word count = 10
        SMB: Word parameters
        SMB: Total parm bytes = 2
        SMB: Total data bytes = 106
        SMB: Parameter bytes = 2 (0x2)
        SMB: Parameter offset = 56 (0x38)
        SMB: Parameter Displacement = 0 (0x0)
        SMB: Data bytes = 106 (0x6A)
        SMB: Data offset = 60 (0x3C)
        SMB: Data Displacement = 0 (0x0)
        SMB: Max setup words = 0
        SMB: Byte count = 111
        SMB: Byte parameters
        SMB: Transaction data
        SMB: Transaction parameters
00000:  00 10 DC E0 EF D7 00 10 DC CB 65 7C 08 00 45 00   ..Üàï×..ÜËe|..E.
00010:  00 DE 0E 95 40 00 80 06 00 00 AC 10 03 9C AC 10   .Þ.?@.?...¬..?¬.
00020:  03 90 01 BD 80 8A C9 8C 0B D6 70 C0 8E 35 80 18   ..œ??É?.ÖpÀ?5?.
00030:  41 E1 60 1D 00 00 01 01 08 0A 00 00 A9 C1 00 3E   Aá`.........©Á.>
00040:  41 52 00 00 00 A6 FF 53 4D 42 32 00 00 00 00 88   AR...ŠÿSMB2....?
00050:  01 C8 00 00 00 00 00 00 00 00 00 00 00 00 01 08   .È..............
00060:  0D 0B 01 08 54 00 0A 02 00 6A 00 00 00 02 00 38   ....T....j.....8
00070:  00 00 00 6A 00 3C 00 00 00 00 00 6F 00 00 00 00   ...j.<.....o....
00080:  00 01 52 70 30 24 FF 00 C4 01 D2 33 FA 25 FF 00   ..Rp0$ÿ.Ä.Ò3ú%ÿ.
00090:  C4 01 00 30 35 9C 64 66 C3 01 00 30 35 9C 64 66   Ä..05?dfÃ..05?df
000A0:  C3 01 21 00 00 00 00 00 00 00 00 50 00 00 00 00   Ã.!........P....
000B0:  00 00 DE 4A 00 00 00 00 00 00 01 00 00 00 00 00   ..ÞJ............
000C0:  00 00 00 00 00 00 22 00 00 00 5C 00 4D 00 61 00   ......"...\.M.a.
000D0:  63 00 46 00 69 00 6C 00 65 00 73 00 5C 00 4C 00   c.F.i.l.e.s.\.L.
000E0:  49 00 43 00 45 00 4E 00 53 00 45 00               I.C.E.N.S.E.