Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Smb2-protocol: Re: [Smb2-protocol] SMB2 named pipes and TID

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: ronnie sahlberg <ronniesahlberg@xxxxxxxxx>
Date: Mon, 6 Feb 2006 16:15:12 +1100
I found a couple of other    STATUS_PENDING and TID=0    but this time for IOCTL calls.

Most of the time  the client will issue -2   or 0xfffe   as the process id     and the server will issue the same -2 value back to the client.
However, when the server returns STATUS_PENDING it suddenly starts sending a read ProcessID back to the client.

I assume this is to allow Cancel to be able to cancel such requests.  (it is funny that the TID is set to 0 here,  but maybe it is because  processid's are scoped across the entire server  and not across a specific tree)


This is similar/idential to the Notify/Cancel interaction.   I thought Notify and Cancel were a pair,  but apaprently Cancel can be used to cancel any pending command, not just Notify.


The ethereal wiki currently documents this PENDING and processid thing as if it was restricted to the Notify/Cancel pair   which seems wrong.
I will update it later to better reflect    some-pending-command/Cancel  interaction instead.




On 2/6/06, tridge@xxxxxxxxx <tridge@xxxxxxxxx> wrote:
Ronnie,

> I have one trace that contains an instance of DCERPC over a named pipe  and
> where the pipe is slightly busy  so it returns a
> STATUS_PENDING   followed slightly later by the real reply.

yep, I hit that too while running the Samba4 DCERPC tests on smb2. I
have this code in smb2_transport_finish_recv() to cope with it:

        if (NT_STATUS_EQUAL(req->status, STATUS_PENDING)) {
                /* the server has helpfully told us that this request is still being
                   processed. how useful :) */
                talloc_free(buffer);
                return NT_STATUS_OK;
        }

> The weird thing here  and which breaks ethereal is that in both replies
> the TID is suddenly 0   instead of the real value used in the request.

I hadn't noticed that! The Samba4 client lib doesn't check the tid in
the reply, so this didn't trip us up.

> Apart from this   the client still seems happy   so it seems it does not
> check the TID   or require it being the same in a reply as in the request

luckily we did the same thing :-)

Cheers, Tridge

_______________________________________________
Smb2-protocol mailing list
Smb2-protocol@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/smb2-protocol