2.2.3 SMB2 NEGOTIATE Request
The SMB2 NEGOTIATE Request packet is used by the client to notify the server what dialects of the SMB 2 Protocol the client understands. This request is composed of an SMB2 header, as specified in section 2.2.1, followed by this request structure.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
StructureSize |
DialectCount |
||||||||||||||||||||||||||||||
SecurityMode |
Reserved |
||||||||||||||||||||||||||||||
Capabilities |
|||||||||||||||||||||||||||||||
ClientGuid |
|||||||||||||||||||||||||||||||
... |
|||||||||||||||||||||||||||||||
... |
|||||||||||||||||||||||||||||||
... |
|||||||||||||||||||||||||||||||
(NegotiateContextOffset,NegotiateContextCount,Reserved2)/ClientStartTime |
|||||||||||||||||||||||||||||||
... |
|||||||||||||||||||||||||||||||
Dialects (variable) |
|||||||||||||||||||||||||||||||
... |
|||||||||||||||||||||||||||||||
Padding (variable) |
|||||||||||||||||||||||||||||||
... |
|||||||||||||||||||||||||||||||
NegotiateContextList (variable) |
|||||||||||||||||||||||||||||||
... |
StructureSize (2 bytes): The client MUST set this field to 36, indicating the size of a NEGOTIATE request. This is not the size of the structure with a single dialect in the Dialects[] array. This value MUST be set regardless of the number of dialects or number of negotiate contexts sent.
DialectCount (2 bytes): The number of dialects that are contained in the Dialects[] array. This value MUST be greater than 0.<8>
SecurityMode (2 bytes): The security mode field specifies whether SMB signing is enabled or required at the client. This field MUST be constructed using the following values.
-
Value
Meaning
SMB2_NEGOTIATE_SIGNING_ENABLED
0x0001
When set, indicates that security signatures are enabled on the client. The server MUST ignore this bit.
SMB2_NEGOTIATE_SIGNING_REQUIRED
0x0002
When set, indicates that security signatures are required by the client.
Reserved (2 bytes): The client MUST set this to 0, and the server SHOULD<9> ignore it on receipt.
Capabilities (4 bytes): If the client implements the SMB 3.x dialect family, the Capabilities field MUST be constructed using the following values. Otherwise, this field MUST be set to 0.
-
Value
Meaning
SMB2_GLOBAL_CAP_DFS
0x00000001
When set, indicates that the client supports the Distributed File System (DFS).
SMB2_GLOBAL_CAP_LEASING
0x00000002
When set, indicates that the client supports leasing.
SMB2_GLOBAL_CAP_LARGE_MTU
0x00000004
When set, indicates that the client supports multi-credit operations.
SMB2_GLOBAL_CAP_MULTI_CHANNEL
0x00000008
When set, indicates that the client supports establishing multiple channels for a single session.
SMB2_GLOBAL_CAP_PERSISTENT_HANDLES
0x00000010
When set, indicates that the client supports persistent handles.
SMB2_GLOBAL_CAP_DIRECTORY_LEASING
0x00000020
When set, indicates that the client supports directory leasing.
SMB2_GLOBAL_CAP_ENCRYPTION
0x00000040
When set, indicates that the client supports encryption with AES-128-CCM cipher.
SMB2_GLOBAL_CAP_NOTIFICATIONS
0x00000080
When set, indicates that the client supports receiving one-way notifications from a server, specified in section 2.2.44.
ClientGuid (16 bytes): It MUST be a GUID (as specified in [MS-DTYP] section 2.3.4.2) generated by the client.
(NegotiateContextOffset,NegotiateContextCount,Reserved2)/ClientStartTime (8 bytes): This field is interpreted in different ways depending on the SMB2 Dialects field.
-
If the Dialects field contains 0x0311, this field is interpreted as the NegotiateContextOffset, NegotiateContextCount, and Reserved2 fields.
-
NegotiateContextOffset (4 bytes): The offset, in bytes, from the beginning of the SMB2 header to the first, 8-byte-aligned negotiate context in the NegotiateContextList.
-
NegotiateContextCount (2 bytes): The number of negotiate contexts in NegotiateContextList.
-
Reserved2 (2 bytes): The client MUST set this to 0, and the server MUST ignore it on receipt.
-
If the Dialects field doesn't contain 0x0311, this field is interpreted as the ClientStartTime field.
ClientStartTime (8 bytes): This field MUST NOT be used and MUST be reserved. The client MUST set this to 0, and the server MUST ignore it on receipt.
Dialects (variable): An array of one or more 16-bit integers specifying the supported dialect revision numbers. The array MUST contain at least one of the following values.
-
Value
Meaning
0x0202
SMB 2.0.2 dialect revision number.
0x0210
SMB 2.1 dialect revision number.<10>
0x0300
SMB 3.0 dialect revision number. <11>
0x0302
SMB 3.0.2 dialect revision number.<12>
0x0311
SMB 3.1.1 dialect revision number.<13>
Padding (variable): Optional padding between the end of the Dialects array and the first negotiate context in NegotiateContextList so that the first negotiate context is 8-byte aligned.
NegotiateContextList (variable): If the Dialects field contains 0x0311, then this field will contain an array of SMB2 NEGOTIATE_CONTEXTs. The first negotiate context in the list MUST appear at the byte offset indicated by the SMB2 NEGOTIATE request's NegotiateContextOffset field. Subsequent negotiate contexts MUST appear at the first 8-byte-aligned offset following the previous negotiate context.