1 /*
2    Unix SMB/CIFS implementation.
3 
4    SMB2 client library header
5 
6    Copyright (C) Andrew Tridgell 2005
7 
8    This program is free software; you can redistribute it and/or modify
9    it under the terms of the GNU General Public License as published by
10    the Free Software Foundation; either version 3 of the License, or
11    (at your option) any later version.
12 
13    This program is distributed in the hope that it will be useful,
14    but WITHOUT ANY WARRANTY; without even the implied warranty of
15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16    GNU General Public License for more details.
17 
18    You should have received a copy of the GNU General Public License
19    along with this program.  If not, see <http://www.gnu.org/licenses/>.
20 */
21 
22 #ifndef __LIBCLI_SMB2_SMB2_CONSTANTS_H__
23 #define __LIBCLI_SMB2_SMB2_CONSTANTS_H__
24 
25 /* offsets into SMB2_TRANSFORM header elements */
26 #define SMB2_TF_PROTOCOL_ID	0x00 /*  4 bytes */
27 #define SMB2_TF_SIGNATURE	0x04 /* 16 bytes */
28 #define SMB2_TF_NONCE		0x14 /* 16 bytes */
29 #define SMB2_TF_MSG_SIZE	0x24 /*  4 bytes */
30 #define SMB2_TF_RESERVED	0x28 /*  2 bytes */
31 #define SMB2_TF_FLAGS		0x2A /*  2 bytes */
32 #define SMB2_TF_SESSION_ID	0x2C /*  8 bytes */
33 
34 #define SMB2_TF_HDR_SIZE	0x34 /* 52 bytes */
35 
36 #define SMB2_TF_MAGIC 0x424D53FD /* 0xFD 'S' 'M' 'B' */
37 
38 #define SMB2_TF_FLAGS_ENCRYPTED     0x0001
39 
40 /* offsets into header elements for a sync SMB2 request */
41 #define SMB2_HDR_PROTOCOL_ID    0x00
42 #define SMB2_HDR_LENGTH		0x04
43 #define SMB2_HDR_CREDIT_CHARGE	0x06
44 #define SMB2_HDR_EPOCH		SMB2_HDR_CREDIT_CHARGE /* TODO: remove this */
45 #define SMB2_HDR_STATUS		0x08
46 #define SMB2_HDR_CHANNEL_SEQUENCE SMB2_HDR_STATUS /* in requests */
47 #define SMB2_HDR_OPCODE		0x0c
48 #define SMB2_HDR_CREDIT		0x0e
49 #define SMB2_HDR_FLAGS		0x10
50 #define SMB2_HDR_NEXT_COMMAND	0x14
51 #define SMB2_HDR_MESSAGE_ID     0x18
52 #define SMB2_HDR_PID		0x20
53 #define SMB2_HDR_TID		0x24
54 #define SMB2_HDR_SESSION_ID	0x28
55 #define SMB2_HDR_SIGNATURE	0x30 /* 16 bytes */
56 #define SMB2_HDR_BODY		0x40
57 
58 /* offsets into header elements for an async SMB2 request */
59 #define SMB2_HDR_ASYNC_ID	0x20
60 
61 /* header flags */
62 #define SMB2_HDR_FLAG_REDIRECT  0x01
63 #define SMB2_HDR_FLAG_ASYNC     0x02
64 #define SMB2_HDR_FLAG_CHAINED   0x04
65 #define SMB2_HDR_FLAG_SIGNED    0x08
66 #define SMB2_HDR_FLAG_PRIORITY_MASK 0x70
67 #define SMB2_HDR_FLAG_DFS       0x10000000
68 #define SMB2_HDR_FLAG_REPLAY_OPERATION 0x20000000
69 
70 #define SMB2_PRIORITY_MASK_TO_VALUE(__m) (((__m) & SMB2_HDR_FLAG_PRIORITY_MASK) >> 4)
71 #define SMB2_PRIORITY_VALUE_TO_MASK(__v) (((__v) << 4) & SMB2_HDR_FLAG_PRIORITY_MASK)
72 
73 /* SMB2 opcodes */
74 #define SMB2_OP_NEGPROT		0x00
75 #define SMB2_OP_SESSSETUP	0x01
76 #define SMB2_OP_LOGOFF		0x02
77 #define SMB2_OP_TCON		0x03
78 #define SMB2_OP_TDIS		0x04
79 #define SMB2_OP_CREATE		0x05
80 #define SMB2_OP_CLOSE		0x06
81 #define SMB2_OP_FLUSH		0x07
82 #define SMB2_OP_READ		0x08
83 #define SMB2_OP_WRITE		0x09
84 #define SMB2_OP_LOCK		0x0a
85 #define SMB2_OP_IOCTL		0x0b
86 #define SMB2_OP_CANCEL		0x0c
87 #define SMB2_OP_KEEPALIVE	0x0d
88 #define SMB2_OP_QUERY_DIRECTORY	0x0e
89 #define SMB2_OP_NOTIFY		0x0f
90 #define SMB2_OP_GETINFO		0x10
91 #define SMB2_OP_SETINFO		0x11
92 #define SMB2_OP_BREAK		0x12
93 
94 #define SMB2_MAGIC 0x424D53FE /* 0xFE 'S' 'M' 'B' */
95 
96 /* SMB2 negotiate dialects */
97 #define SMB2_DIALECT_REVISION_000       0x0000 /* early beta dialect */
98 #define SMB2_DIALECT_REVISION_202       0x0202
99 #define SMB2_DIALECT_REVISION_210       0x0210
100 #define SMB2_DIALECT_REVISION_222       0x0222
101 #define SMB2_DIALECT_REVISION_224       0x0224
102 #define SMB3_DIALECT_REVISION_300       0x0300
103 #define SMB3_DIALECT_REVISION_302       0x0302
104 #define SMB3_DIALECT_REVISION_310       0x0310
105 #define SMB3_DIALECT_REVISION_311       0x0311
106 #define SMB2_DIALECT_REVISION_2FF       0x02FF
107 
108 /* SMB2 negotiate security_mode */
109 #define SMB2_NEGOTIATE_SIGNING_ENABLED   0x01
110 #define SMB2_NEGOTIATE_SIGNING_REQUIRED  0x02
111 
112 /* SMB2 global capabilities */
113 #define SMB2_CAP_DFS			0x00000001
114 #define SMB2_CAP_LEASING		0x00000002 /* only in dialect >= 0x210 */
115 #define SMB2_CAP_LARGE_MTU		0x00000004 /* only in dialect >= 0x210 */
116 #define SMB2_CAP_MULTI_CHANNEL		0x00000008 /* only in dialect >= 0x222 */
117 #define SMB2_CAP_PERSISTENT_HANDLES	0x00000010 /* only in dialect >= 0x222 */
118 #define SMB2_CAP_DIRECTORY_LEASING	0x00000020 /* only in dialect >= 0x222 */
119 #define SMB2_CAP_ENCRYPTION		0x00000040 /* only in dialect >= 0x222 */
120 
121 /* so we can spot new caps as added */
122 #define SMB2_CAP_ALL (\
123 		SMB2_CAP_DFS | \
124 		SMB2_CAP_LEASING | \
125 		SMB2_CAP_LARGE_MTU | \
126 		SMB2_CAP_MULTI_CHANNEL | \
127 		SMB2_CAP_PERSISTENT_HANDLES | \
128 		SMB2_CAP_DIRECTORY_LEASING | \
129 		SMB2_CAP_ENCRYPTION)
130 
131 /* Types of SMB2 Negotiate Contexts - only in dialect >= 0x310 */
132 #define SMB2_PREAUTH_INTEGRITY_CAPABILITIES 0x0001
133 #define SMB2_ENCRYPTION_CAPABILITIES        0x0002
134 #define SMB2_COMPRESSION_CAPABILITIES       0x0003
135 #define SMB2_NETNAME_NEGOTIATE_CONTEXT_ID   0x0005
136 
137 /* Values for the SMB2_PREAUTH_INTEGRITY_CAPABILITIES Context (>= 0x310) */
138 #define SMB2_PREAUTH_INTEGRITY_SHA512       0x0001
139 
140 /* Values for the SMB2_ENCRYPTION_CAPABILITIES Context (>= 0x310) */
141 #define SMB2_ENCRYPTION_AES128_CCM         0x0001 /* only in dialect >= 0x224 */
142 #define SMB2_ENCRYPTION_AES128_GCM         0x0002 /* only in dialect >= 0x310 */
143 #define SMB2_NONCE_HIGH_MAX(nonce_len_bytes) ((uint64_t)(\
144 	((nonce_len_bytes) >= 16) ? UINT64_MAX : \
145 	((nonce_len_bytes) <= 8) ? 0 : \
146 	(((uint64_t)1 << (((nonce_len_bytes) - 8)*8)) - 1) \
147 	))
148 
149 /* SMB2 session (request) flags */
150 #define SMB2_SESSION_FLAG_BINDING       0x01
151 /*      SMB2_SESSION_FLAG_ENCRYPT_DATA  0x04       only in dialect >= 0x310 */
152 
153 /* SMB2 session (response) flags */
154 #define SMB2_SESSION_FLAG_IS_GUEST       0x0001
155 #define SMB2_SESSION_FLAG_IS_NULL        0x0002
156 #define SMB2_SESSION_FLAG_ENCRYPT_DATA   0x0004 /* in dialect >= 0x224 */
157 
158 /* SMB2 tree connect (request) flags */
159 #define SMB2_SHAREFLAG_CLUSTER_RECONNECT 0x0001 /* only in dialect >= 0x310 */
160 
161 /* SMB2 sharetype flags */
162 #define SMB2_SHARE_TYPE_DISK		0x1
163 #define SMB2_SHARE_TYPE_PIPE		0x2
164 #define SMB2_SHARE_TYPE_PRINT		0x3
165 
166 /* SMB2 share flags */
167 #define SMB2_SHAREFLAG_MANUAL_CACHING                    0x0000
168 #define SMB2_SHAREFLAG_AUTO_CACHING                      0x0010
169 #define SMB2_SHAREFLAG_VDO_CACHING                       0x0020
170 #define SMB2_SHAREFLAG_NO_CACHING                        0x0030
171 #define SMB2_SHAREFLAG_DFS                               0x0001
172 #define SMB2_SHAREFLAG_DFS_ROOT                          0x0002
173 #define SMB2_SHAREFLAG_RESTRICT_EXCLUSIVE_OPENS          0x0100
174 #define SMB2_SHAREFLAG_FORCE_SHARED_DELETE               0x0200
175 #define SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING           0x0400
176 #define SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM       0x0800
177 #define SMB2_SHAREFLAG_FORCE_LEVELII_OPLOCKS             0x1000
178 #define SMB2_SHAREFLAG_ENABLE_HASH_V1                    0x2000
179 #define SMB2_SHAREFLAG_ENABLE_HASH_V2                    0x4000
180 #define SMB2_SHAREFLAG_ENCRYPT_DATA                      0x8000
181 #define SMB2_SHAREFLAG_ALL                               0xFF33
182 
183 /* SMB2 share capabilities */
184 #define SMB2_SHARE_CAP_DFS			0x8
185 #define SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY	0x10 /* in dialect >= 0x222 */
186 #define SMB2_SHARE_CAP_SCALEOUT			0x20 /* in dialect >= 0x222 */
187 #define SMB2_SHARE_CAP_CLUSTER			0x40 /* in dialect >= 0x222 */
188 #define SMB2_SHARE_CAP_ASYMMETRIC		0x80 /* in dialect >= 0x302 */
189 
190 /* SMB2 create security flags */
191 #define SMB2_SECURITY_DYNAMIC_TRACKING                   0x01
192 #define SMB2_SECURITY_EFFECTIVE_ONLY                     0x02
193 
194 /* SMB2 lock flags */
195 #define SMB2_LOCK_FLAG_NONE		0x00000000
196 #define SMB2_LOCK_FLAG_SHARED		0x00000001
197 #define SMB2_LOCK_FLAG_EXCLUSIVE	0x00000002
198 #define SMB2_LOCK_FLAG_UNLOCK		0x00000004
199 #define SMB2_LOCK_FLAG_FAIL_IMMEDIATELY	0x00000010
200 #define SMB2_LOCK_FLAG_ALL_MASK		0x00000017
201 
202 /* SMB2 requested oplock levels */
203 #define SMB2_OPLOCK_LEVEL_NONE                           0x00
204 #define SMB2_OPLOCK_LEVEL_II                             0x01
205 #define SMB2_OPLOCK_LEVEL_EXCLUSIVE                      0x08
206 #define SMB2_OPLOCK_LEVEL_BATCH                          0x09
207 #define SMB2_OPLOCK_LEVEL_LEASE                          0xFF
208 
209 /* SMB2 lease bits */
210 #define SMB2_LEASE_NONE                                  0x00
211 
212 /* SMB2 lease flags */
213 #define SMB2_LEASE_FLAG_BREAK_IN_PROGRESS                0x00000002
214 #define SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET             0x00000004
215 
216 /* SMB2 lease break flags */
217 #define SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED        0x01
218 
219 /* SMB2 impersonation levels */
220 #define SMB2_IMPERSONATION_ANONYMOUS                     0x00
221 #define SMB2_IMPERSONATION_IDENTIFICATION                0x01
222 #define SMB2_IMPERSONATION_IMPERSONATION                 0x02
223 #define SMB2_IMPERSONATION_DELEGATE                      0x03
224 
225 /* SMB2 create tags */
226 #define SMB2_CREATE_TAG_EXTA "ExtA"
227 #define SMB2_CREATE_TAG_MXAC "MxAc"
228 #define SMB2_CREATE_TAG_SECD "SecD"
229 #define SMB2_CREATE_TAG_DHNQ "DHnQ"
230 #define SMB2_CREATE_TAG_DHNC "DHnC"
231 #define SMB2_CREATE_TAG_ALSI "AlSi"
232 #define SMB2_CREATE_TAG_TWRP "TWrp"
233 #define SMB2_CREATE_TAG_QFID "QFid"
234 #define SMB2_CREATE_TAG_RQLS "RqLs"
235 #define SMB2_CREATE_TAG_DH2Q "DH2Q"
236 #define SMB2_CREATE_TAG_DH2C "DH2C"
237 #define SMB2_CREATE_TAG_AAPL "AAPL"
238 #define SMB2_CREATE_TAG_APP_INSTANCE_ID "\x45\xBC\xA6\x6A\xEF\xA7\xF7\x4A\x90\x08\xFA\x46\x2E\x14\x4D\x74"
239 #define SVHDX_OPEN_DEVICE_CONTEXT "\x9C\xCB\xCF\x9E\x04\xC1\xE6\x43\x98\x0E\x15\x8D\xA1\xF6\xEC\x83"
240 
241 /* SMB2 notify flags */
242 #define SMB2_WATCH_TREE 0x0001
243 
244 /* SMB2 Create ignore some more create_options */
245 #define SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASK	(NTCREATEX_OPTIONS_TREE_CONNECTION | \
246 						 NTCREATEX_OPTIONS_OPFILTER)
247 
248 /*
249   SMB2 uses different level numbers for the same old SMB trans2 search levels
250 */
251 #define SMB2_FIND_DIRECTORY_INFO         0x01
252 #define SMB2_FIND_FULL_DIRECTORY_INFO    0x02
253 #define SMB2_FIND_BOTH_DIRECTORY_INFO    0x03
254 #define SMB2_FIND_NAME_INFO              0x0C
255 #define SMB2_FIND_ID_BOTH_DIRECTORY_INFO 0x25
256 #define SMB2_FIND_ID_FULL_DIRECTORY_INFO 0x26
257 
258 /* flags for SMB2 find */
259 #define SMB2_CONTINUE_FLAG_RESTART    0x01
260 #define SMB2_CONTINUE_FLAG_SINGLE     0x02
261 #define SMB2_CONTINUE_FLAG_INDEX      0x04
262 #define SMB2_CONTINUE_FLAG_REOPEN     0x10
263 
264 /* get/setinfo classes, see [MS-SMB2] 2.2.37 and 2.2.39 */
265 #define SMB2_0_INFO_FILE                0x01
266 #define SMB2_0_INFO_FILESYSTEM          0x02
267 #define SMB2_0_INFO_SECURITY            0x03
268 #define SMB2_0_INFO_QUOTA               0x04
269 
270 #define SMB2_CLOSE_FLAGS_FULL_INFORMATION (0x01)
271 
272 #define SMB2_READFLAG_READ_UNBUFFERED	0x01
273 
274 #define SMB2_WRITEFLAG_WRITE_THROUGH	0x00000001
275 #define SMB2_WRITEFLAG_WRITE_UNBUFFERED	0x00000002
276 
277 /* 2.2.31 SMB2 IOCTL Request */
278 #define SMB2_IOCTL_FLAG_IS_FSCTL		0x00000001
279 
280 /*
281  * Flags for durable handle v2 requests
282  */
283 #define SMB2_DHANDLE_FLAG_PERSISTENT 0x00000002
284 
285 /* The AES CCM nonce N of 15 - L octets. Where L=4 */
286 #define SMB2_AES_128_CCM_NONCE_SIZE 11
287 
288 #endif
289