How does the SMB handshake work?
Christopher R. Hertel
crh at samba.org
Sun Dec 7 23:09:36 UTC 2025
Hello.
Are you familiar with Microsoft's Open Specifications docset? The
particular document you're looking for is [MS-SMB2].
[MS-SMB2]:
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/5606ad47-5ee0-437a-817e-70c366052962
See:
* [MS-SMB2; 2.2.31.4] VALIDATE_NEGOTIATE_INFO Request
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/261ec397-d692-4e3e-8bcd-c96ce02bb969
* [MS-SMB2; 3.3.5.15.12] Handling a Validate Negotiate Info Request
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/0b7803eb-d561-48a4-8654-327803f59ec6
Those will be good starting points.
If I recall correctly (and I haven't looked at this exchange in a while),
this exchange is used following the negotiation of protocol parameters and
behaviors. It is a secured exchange, allowing the client and server to
verify what was negotiated and assure one another that there is no
man-in-the-middle downgrading the security of the connection.
Chris -)-----
On 12/7/25 11:31 AM, JPT via samba-technical wrote:
> Hi,
>
> I am currently implementing a SMB-Server using
> https://github.com/TalAloni/SMBLibrary
>
> I am slowly getting to a working server.
>
> But Samba client tries to negotiate the features and I just cannot find any
> information on what is going on.
>
> samba sends:
>
> INTFileStore.DeviceIOControl(handle=(null), ctlCode=0x140204(devicetype=14,
> accessmode=0, function=81),inputLength=28, maxOutputLength=24)
>
> the input buffer contains:
> FSCTL_VALIDATE_NEGOTIATE_INFO request parsed: StructSize=0, DialectCount=0,
> ClientSecMode=0xBE4D, ClientCaps=0x48F4C728,
> ClientGuid=2a997584-1896-3636-0100-020002021002, Dialects=[]
>
> How do I find out what this actually means?
>
> The AI created an example output array, but it needs 28 bytes, while Samba
> only gives 24.
> The AI says it's called SMB2_VALIDATE_NEGOTIATE_INFO_RESPONSE but I just
> cannot find anything on this name or how the output array should look like.
>
> Samba does not increase the buffer size, instead it just tells
> tree connect failed: NT_STATUS_BUFFER_TOO_SMALL
>
> any help appreciated.
>
> JPT
>
>
More information about the samba-technical
mailing list