2 * Defines for smb packet dissection
3 * Copyright 1999, Richard Sharpe <rsharpe@ns.aus.com>
5 * $Id: smb.h,v 1.33 2002/02/20 21:46:42 guy Exp $
7 * Ethereal - Network traffic analyzer
8 * By Gerald Combs <gerald@ethereal.com>
9 * Copyright 1998, 1999 Gerald Combs
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version 2
14 * of the License, or (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
27 * Don't include if already included
33 /* SMB command codes, from the SNIA CIFS spec. */
35 #define SMB_COM_CREATE_DIRECTORY 0x00
36 #define SMB_COM_DELETE_DIRECTORY 0x01
37 #define SMB_COM_OPEN 0x02
38 #define SMB_COM_CREATE 0x03
39 #define SMB_COM_CLOSE 0x04
40 #define SMB_COM_FLUSH 0x05
41 #define SMB_COM_DELETE 0x06
42 #define SMB_COM_RENAME 0x07
43 #define SMB_COM_QUERY_INFORMATION 0x08
44 #define SMB_COM_SET_INFORMATION 0x09
45 #define SMB_COM_READ 0x0A
46 #define SMB_COM_WRITE 0x0B
47 #define SMB_COM_LOCK_BYTE_RANGE 0x0C
48 #define SMB_COM_UNLOCK_BYTE_RANGE 0x0D
49 #define SMB_COM_CREATE_TEMPORARY 0x0E
50 #define SMB_COM_CREATE_NEW 0x0F
51 #define SMB_COM_CHECK_DIRECTORY 0x10
52 #define SMB_COM_PROCESS_EXIT 0x11
53 #define SMB_COM_SEEK 0x12
54 #define SMB_COM_LOCK_AND_READ 0x13
55 #define SMB_COM_WRITE_AND_UNLOCK 0x14
56 #define SMB_COM_READ_RAW 0x1A
57 #define SMB_COM_READ_MPX 0x1B
58 #define SMB_COM_READ_MPX_SECONDARY 0x1C
59 #define SMB_COM_WRITE_RAW 0x1D
60 #define SMB_COM_WRITE_MPX 0x1E
61 #define SMB_COM_WRITE_MPX_SECONDARY 0x1F
62 #define SMB_COM_WRITE_COMPLETE 0x20
63 #define SMB_COM_QUERY_SERVER 0x21
64 #define SMB_COM_SET_INFORMATION2 0x22
65 #define SMB_COM_QUERY_INFORMATION2 0x23
66 #define SMB_COM_LOCKING_ANDX 0x24
67 #define SMB_COM_TRANSACTION 0x25
68 #define SMB_COM_TRANSACTION_SECONDARY 0x26
69 #define SMB_COM_IOCTL 0x27
70 #define SMB_COM_IOCTL_SECONDARY 0x28
71 #define SMB_COM_COPY 0x29
72 #define SMB_COM_MOVE 0x2A
73 #define SMB_COM_ECHO 0x2B
74 #define SMB_COM_WRITE_AND_CLOSE 0x2C
75 #define SMB_COM_OPEN_ANDX 0x2D
76 #define SMB_COM_READ_ANDX 0x2E
77 #define SMB_COM_WRITE_ANDX 0x2F
78 #define SMB_COM_NEW_FILE_SIZE 0x30
79 #define SMB_COM_CLOSE_AND_TREE_DISC 0x31
80 #define SMB_COM_TRANSACTION2 0x32
81 #define SMB_COM_TRANSACTION2_SECONDARY 0x33
82 #define SMB_COM_FIND_CLOSE2 0x34
83 #define SMB_COM_FIND_NOTIFY_CLOSE 0x35
84 /* Used by Xenix/Unix 0x60-0x6E */
85 #define SMB_COM_TREE_CONNECT 0x70
86 #define SMB_COM_TREE_DISCONNECT 0x71
87 #define SMB_COM_NEGOTIATE 0x72
88 #define SMB_COM_SESSION_SETUP_ANDX 0x73
89 #define SMB_COM_LOGOFF_ANDX 0x74
90 #define SMB_COM_TREE_CONNECT_ANDX 0x75
91 #define SMB_COM_QUERY_INFORMATION_DISK 0x80
92 #define SMB_COM_SEARCH 0x81
93 #define SMB_COM_FIND 0x82
94 #define SMB_COM_FIND_UNIQUE 0x83
95 #define SMB_COM_FIND_CLOSE 0x84
96 #define SMB_COM_NT_TRANSACT 0xA0
97 #define SMB_COM_NT_TRANSACT_SECONDARY 0xA1
98 #define SMB_COM_NT_CREATE_ANDX 0xA2
99 #define SMB_COM_NT_CANCEL 0xA4
100 #define SMB_COM_NT_RENAME 0xA5
101 #define SMB_COM_OPEN_PRINT_FILE 0xC0
102 #define SMB_COM_WRITE_PRINT_FILE 0xC1
103 #define SMB_COM_CLOSE_PRINT_FILE 0xC2
104 #define SMB_COM_GET_PRINT_QUEUE 0xC3
105 #define SMB_COM_READ_BULK 0xD8
106 #define SMB_COM_WRITE_BULK 0xD9
107 #define SMB_COM_WRITE_BULK_DATA 0xDA
111 #define SMB_SUCCESS 0x00 /* All OK */
112 #define SMB_ERRDOS 0x01 /* DOS based error */
113 #define SMB_ERRSRV 0x02 /* server error, network file manager */
114 #define SMB_ERRHRD 0x03 /* Hardware style error */
115 #define SMB_ERRCMD 0x04 /* Not an SMB format command */
117 /* SMB X/Open error codes for the ERRDOS error class */
118 #define SMBE_badfunc 1 /* Invalid function (or system call) */
119 #define SMBE_badfile 2 /* File not found (pathname error) */
120 #define SMBE_badpath 3 /* Directory not found */
121 #define SMBE_nofids 4 /* Too many open files */
122 #define SMBE_noaccess 5 /* Access denied */
123 #define SMBE_badfid 6 /* Invalid fid */
124 #define SMBE_nomem 8 /* Out of memory */
125 #define SMBE_badmem 9 /* Invalid memory block address */
126 #define SMBE_badenv 10 /* Invalid environment */
127 #define SMBE_badaccess 12 /* Invalid open mode */
128 #define SMBE_baddata 13 /* Invalid data (only from ioctl call) */
130 #define SMBE_baddrive 15 /* Invalid drive */
131 #define SMBE_remcd 16 /* Attempt to delete current directory */
132 #define SMBE_diffdevice 17 /* rename/move across different filesystems */
133 #define SMBE_nofiles 18 /* no more files found in file search */
134 #define SMBE_badshare 32 /* Share mode on file conflict with open mode */
135 #define SMBE_lock 33 /* Lock request conflicts with existing lock */
136 #define SMBE_unsup 50 /* Request unsupported, returned by Win 95, RJS 20Jun98 */
137 #define SMBE_nosuchshare 67 /* Share does not exits */
138 #define SMBE_filexists 80 /* File in operation already exists */
139 #define SMBE_invalidparam 87 /* Invalid parameter */
140 #define SMBE_cannotopen 110 /* Cannot open the file specified */
141 #define SMBE_insufficientbuffer 122/* Insufficient buffer size */
142 #define SMBE_unknownlevel 124
143 #define SMBE_alreadyexists 183 /* File already exists */
144 #define SMBE_badpipe 230 /* Named pipe invalid */
145 #define SMBE_pipebusy 231 /* All instances of pipe are busy */
146 #define SMBE_pipeclosing 232 /* named pipe close in progress */
147 #define SMBE_notconnected 233 /* No process on other end of named pipe */
148 #define SMBE_moredata 234 /* More data to be returned */
149 #define SMBE_baddirectory 267 /* Invalid directory name in a path. */
150 #define SMBE_eas_didnt_fit 275 /* Extended attributes didn't fit */
151 #define SMBE_eas_nsup 282 /* Extended attributes not supported */
152 #define SMBE_notify_buf_small 1022 /* Buffer too small to return change notify. */
153 #define SMBE_unknownipc 2142
154 #define SMBE_noipc 66 /* don't support ipc */
156 /* These errors seem to be only returned by the NT printer driver system */
158 #define SMBE_unknownprinterdriver 1797 /* Unknown printer driver */
159 #define SMBE_invalidprintername 1801 /* Invalid printer name */
160 #define SMBE_printeralreadyexists 1802 /* Printer already exists */
161 #define SMBE_invaliddatatype 1804 /* Invalid datatype */
162 #define SMBE_invalidenvironment 1805 /* Invalid environment */
163 #define SMBE_printerdriverinuse 3001 /* Printer driver in use */
165 /* Error codes for the ERRSRV class */
167 #define SMBE_error 1 /* Non specific error code */
168 #define SMBE_badpw 2 /* Bad password */
169 #define SMBE_badtype 3 /* reserved */
170 #define SMBE_access 4 /* No permissions to do the requested operation */
171 #define SMBE_invnid 5 /* tid invalid */
172 #define SMBE_invnetname 6 /* Invalid servername */
173 #define SMBE_invdevice 7 /* Invalid device */
174 #define SMBE_qfull 49 /* Print queue full */
175 #define SMBE_qtoobig 50 /* Queued item too big */
176 #define SMBE_qeof 51 /* EOF in print queue dump */
177 #define SMBE_invpfid 52 /* Invalid print file in smb_fid */
178 #define SMBE_smbcmd 64 /* Unrecognised command */
179 #define SMBE_srverror 65 /* smb server internal error */
180 #define SMBE_filespecs 67 /* fid and pathname invalid combination */
181 #define SMBE_badlink 68
182 #define SMBE_badpermits 69 /* Access specified for a file is not valid */
183 #define SMBE_badpid 70
184 #define SMBE_setattrmode 71 /* attribute mode invalid */
185 #define SMBE_paused 81 /* Message server paused */
186 #define SMBE_msgoff 82 /* Not receiving messages */
187 #define SMBE_noroom 83 /* No room for message */
188 #define SMBE_rmuns 87 /* too many remote usernames */
189 #define SMBE_timeout 88 /* operation timed out */
190 #define SMBE_noresource 89 /* No resources currently available for request. */
191 #define SMBE_toomanyuids 90 /* too many userids */
192 #define SMBE_baduid 91 /* bad userid */
193 #define SMBE_useMPX 250 /* temporarily unable to use raw mode, use MPX mode */
194 #define SMBE_useSTD 251 /* temporarily unable to use raw mode, use standard mode */
195 #define SMBE_contMPX 252 /* resume MPX mode */
196 #define SMBE_badPW 253 /* Check this out ... */
197 #define SMBE_nosupport 0xFFFF
198 #define SMBE_unknownsmb 22 /* from NT 3.5 response */
200 /* Error codes for the ERRHRD class */
202 #define SMBE_nowrite 19 /* read only media */
203 #define SMBE_badunit 20 /* Unknown device */
204 #define SMBE_notready 21 /* Drive not ready */
205 #define SMBE_badcmd 22 /* Unknown command */
206 #define SMBE_data 23 /* Data (CRC) error */
207 #define SMBE_badreq 24 /* Bad request structure length */
209 #define SMBE_badmedia 26
210 #define SMBE_badsector 27
211 #define SMBE_nopaper 28
212 #define SMBE_write 29
214 #define SMBE_general 31
215 #define SMBE_badshare 32
217 #define SMBE_wrongdisk 34
218 #define SMBE_FCBunavail 35
219 #define SMBE_sharebufexc 36
220 #define SMBE_diskfull 39
223 * The information we need to save about a request in order to show the
224 * frame number of the request in the dissection of the reply.
227 guint32 frame_req, frame_res;
233 * The information we need to save about a Transaction request in order
234 * to dissect the reply; this includes information for use by the
235 * Remote API and Mailslot dissectors.
236 * XXX - have an additional data structure hung off of this by the
245 guchar *param_descrip; /* Keep these descriptors around */
246 guchar *data_descrip;
247 guchar *aux_data_descrip;
249 } smb_transact_info_t;
254 #define TRANSACTION_PIPE 0
255 #define TRANSACTION_MAILSLOT 1
257 /* this is the structure which is associated with each conversation */
258 typedef struct conv_tables {
259 /* these two tables are used to match requests with responses */
260 GHashTable *unmatched;
262 /* this tables is used by DCERPC over SMB reassembly*/
263 GHashTable *dcerpc_fid_to_frame;
266 typedef struct smb_info {
268 gboolean unicode; /* Are strings in this SMB Unicode? */
269 gboolean request; /* Is this a request? */
273 smb_saved_info_t *sip; /* smb_saved_info_t, if any, for this */
278 * Show file data for a read or write.
280 extern int dissect_file_data(tvbuff_t *tvb, packet_info *pinfo,
281 proto_tree *tree, int offset, guint16 bc, guint16 datalen);
284 * Add a FID to the protocol tree and the Info column.
286 extern void add_fid(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
287 int offset, int len, guint16 fid);
290 * Dissect named pipe state information.
292 extern int dissect_ipc_state(tvbuff_t *tvb, packet_info *pinfo,
293 proto_tree *parent_tree, int offset, gboolean setstate);
295 extern gboolean smb_dcerpc_reassembly;
296 extern GHashTable *dcerpc_fragment_table;
299 * NT and DOS error codes used by other dissectors.
301 extern const value_string NT_errors[];
302 extern const value_string DOS_errors[];