Hmm
Looking at more traces, it looks like byte 3 is not a bitmask
it seems
byte 3 == 0 continue reading
byte 3 != 0 read from beginning
On 11/18/05, ronnie sahlberg <ronniesahlberg@xxxxxxxxx> wrote:
> Looking at traces it seems the Find command is stateful in the same
> way GetInfo/SMB2_FILE_INFO_0f reading EAs are.
>
>
> The first two bytes after the two byte buffercode change
> between the values 0 1 2 3 for each of the two bytes.
>
>
> for example ifstest 1065/1088
> These bytes have the values
> 0x01 0x02 and this reads one entry at a time until STATUS_NO_MORE_FILES
>
>
> 1142/1143 a single call with the values
> 0x03 0x01 which reads several entries (all of them)
> followed by
> 0x03 0x00 where client tries to read the rest? but gets NO_MORE_FILES
>
>
>
> ==>
> Byte 2 I only saw these two values:
> 0x01 Read one entry
> 0x03 Read several entries
>
> Byte 3
> 0x00 Continue reading
> 0x01 Read from the beginning
> 0x02
> 0x03 Only had this value when pattern was a specific single file
> i.e. no wildcards
>
>
> I have not enought data to correlate more exact but it could be if set
> Byte 2:
> 0x01 this bit always set
> 0x02 read several entries
>
> Byte 3:
> 0x01 read from the beginning
> 0x02 ???
>
