4.5 Reading from a Remote File
The following diagram demonstrates the steps taken to open a remote file, read from it, and close it. Assume that this sequence starts on a connection where the session and tree connect have been established as described in previous sections with SessionId of 0x40000000011 and TreeId of 0x5, and messages have been exchanged such that the current MessageId is 10.
Figure 10: Reading from a remote file
The client sends an SMB2 CREATE Request for the file "testfile.txt".
Smb2: C CREATE testfile.txt SMB2Header: Size: 64 (0x40) CreditCharge: 0 (0x0) Status: STATUS_SUCCESS Command: CREATE Credits: 111 (0x6F) Flags: 0 (0x0) ServerToRedir: ...............................0 Client to Server AsyncCommand: ..............................0. Command is not asynchronous Related: .............................0.. Packet is single message Signed: ............................0... Packet is not signed Reserved: 0 (0x0) DFS: 0............................... Command is not a DFS Operation NextCommand: 0 (0x0) MessageId: 10 (0xA) Reserved: 0 (0x0) TreeId: 5 (0x5) SessionId: 4398046511121 (0x40000000011) CCreate: Size: 57 (0x39) SecurityFlags: 0 (0x0) RequestedOplockLevel: 9 (0x9) ImpersonationLevel: 2 (0x2) SmbCreateFlags: 0 (0x0) Reserved: 0 (0x0) DesiredAccess: 0x00120089 read: (...............................1) Read Data write: (..............................0.) No Write Data append: (.............................0..) No Append Data readEA: (............................1...) Read EA writeEA: (...........................0....) No Write EA FileExecute: (..........................0.....) No File Execute FileDeleted: (.........................0......) No File Delete FileRead: (........................1.......) File Read Attributes FileWrite: (.......................0........) No File Write Attributes FileAttributes: 0x00000080 ReadOnly: (...............................0) Read/Write Hidden: (..............................0.) Not Hidden System: (.............................0..) Not System Reserverd3: 0 (0x0) Directory: (...........................0....) File Archive: (..........................0.....) Not Archive Device: (.........................0......) Not Device Normal: (........................1.......) Normal Temporary: (.......................0........) Permanent Sparse: (......................0.........) Not Sparse Reparse: (.....................0..........) Not Reparse Point Compressed: (....................0...........) Uncompressed Offline: (...................0............) Content indexed NotIndexed: (..................0.............) Permanent Encrypted: (.................0..............) Unencrypted ShareAccess: Shared for Read/Write CreateDisposition: Open CreateOptions: 0x00000060 dir: (...............................0) non-directory write: (..............................0.) non-write through sq: (.............................0..) non-sequentially writing allowed buffer: (............................0...) intermediate buffering allowed alert: (...........................0....) IO alerts bits not set nonalert: (..........................1.....) Do synchronous IO non-alerts nondir: (.........................1......) Operation is on non-directory file connect: (........................0.......) tree connect bit not set oplock: (.......................0........) complete if oplocked bit not set EA: (......................0.........) no EA knowledge bit is not set filename: (.....................0..........) 8.3 filenames bit is not set random: (....................0...........) random access bit is not set delete: (...................0............) delete on close bit is not set open: (..................0.............) open by filename backup: (.................0..............) open for backup bit not set NameOffset: 120 (0x78) NameLength: 24 (0x18) CreateContextsOffset: 0 (0x0) CreateContextsLength: 0 (0x0) Name: testfile.txt
The server responds with an SMB2 CREATE Response giving the FileId of the opened file.
Smb2: R CREATE FID= SMB2Header: Size: 64 (0x40) CreditCharge: 0 (0x0) Status: STATUS_SUCCESS Command: CREATE Credits: 1 (0x1) Flags: 1 (0x1) ServerToRedir: ...............................1 Server to Client AsyncCommand: ..............................0. Command is not asynchronous Related: .............................0.. Packet is single message Signed: ............................0... Packet is not signed Reserved: 0 (0x0) DFS: 0............................... Command is not a DFS Operation NextCommand: 0 (0x0) MessageId: 10 (0xA) Reserved: 0 (0x0) TreeId: 5 (0x5) SessionId: 4398046511121 (0x40000000011) RCreate: Size: 89 (0x59) OplockLevel: 9 (0x9) Reserved1: 9 (0x9) CreateAction: 1 (0x1) CreationTime: 127972992877715232 (0x1C6A6C24D51DF20) LastAccessTime: 127972992923579232 (0x1C6A6C2500DB360) LastWriteTime: 127972992923579232 (0x1C6A6C2500DB360) ChangeTime: 127972992923579232 (0x1C6A6C2500DB360) AllocationSize: 104 (0x68) EndOfFile: 98 (0x62) FileAttributes: 0x00000020 ReadOnly: (...............................0) Read/Write Hidden: (..............................0.) Not Hidden System: (.............................0..) Not System Reserverd3: 0 (0x0) Directory: (...........................0....) File Archive: (..........................1.....) Archive Device: (.........................0......) Not Device Normal: (........................0.......) Not Normal Temporary: (.......................0........) Permanent Sparse: (......................0.........) Not Sparse Reparse: (.....................0..........) Not Reparse Point Compressed: (....................0...........) Uncompressed Offline: (...................0............) Content indexed NotIndexed: (..................0.............) Permanent Encrypted: (.................0..............) Unencrypted Reserved2: 0 (0x0) Fid: Persistent: 17 (0x11) Volatile: -4294967287 (0xFFFFFFFF00000009) CreateContextsOffset: 0 (0x0) CreateContextsLength: 0 (0x0)
The client sends an SMB2 READ Request to read data from the file.
Smb2: C READ 0x62 bytes from offset 0 (0x0) SMB2Header: Size: 64 (0x40) CreditCharge: 0 (0x0) Status: STATUS_SUCCESS Command: READ Credits: 111 (0x6F) Flags: 0 (0x0) ServerToRedir: ...............................0 Client to Server AsyncCommand: ..............................0. Command is not asynchronous Related: .............................0.. Packet is single message Signed: ............................0... Packet is not signed Reserved: 0 (0x0) DFS: 0............................... Command is not a DFS Operation NextCommand: 0 (0x0) MessageId: 11 (0xB) Reserved: 0 (0x0) TreeId: 5 (0x5) SessionId: 4398046511121 (0x40000000011) CRead: Size: 49 (0x31) Padding: 80 (0x50) Reserved: 0 (0x0) DataLength: 98 (0x62) Offset: 0 (0x0) Fid: Persistent: 17 (0x11) Volatile: -4294967287 (0xFFFFFFFF00000009) MinimumCount: 0 (0x0) Channel: 0 (0x0) RemainingBytes: 0 (0x0) ReadChannelInfoOffset: 0 (0x0) ReadChannelInfoLength: 0 (0x0)
The server responds with an SMB2 READ Response with the data read from the file.
Smb2: R READ 0x62 bytes read SMB2Header: Size: 64 (0x40) CreditCharge: 0 (0x0) Status: STATUS_SUCCESS Command: READ Credits: 1 (0x1) Flags: 1 (0x1) ServerToRedir: ...............................1 Server to Client AsyncCommand: ..............................0. Command is not asynchronous Related: .............................0.. Packet is single message Signed: ............................0... Packet is not signed Reserved: 0 (0x0) DFS: 0............................... Command is not a DFS Operation NextCommand: 0 (0x0) MessageId: 11 (0xB) Reserved: 0 (0x0) TreeId: 5 (0x5) SessionId: 4398046511121 (0x40000000011) RRead: Size: 17 (0x11) DataOffset: 80 (0x50) Reserved: 0 (0x0) DataLength: 98 (0x62) DataRemaining: 0 (0x0) Reserved2: 0 (0x0) Data: (98 bytes)
The client sends an SMB2 CLOSE Request to close the file.
Smb2: C CLOSE FID= SMB2Header: Size: 64 (0x40) CreditCharge: 0 (0x0) Status: STATUS_SUCCESS Command: CLOSE Credits: 111 (0x6F) Flags: 0 (0x0) ServerToRedir: ...............................0 Client to Server AsyncCommand: ..............................0. Command is not asynchronous Related: .............................0.. Packet is single message Signed: ............................0... Packet is not signed Reserved: 0 (0x0) DFS: 0............................... Command is not a DFS Operation NextCommand: 0 (0x0) MessageId: 12 (0xC) Reserved: 0 (0x0) TreeId: 5 (0x5) SessionId: 4398046511121 (0x40000000011) CClose: Size: 24 (0x18) Flags: 1 (0x1) <- Post-query attributes Reserved: 0 (0x0) Fid: Persistent: 9 (0x9) Volatile: -4294967295 (0xFFFFFFFF00000001)
The server sends an SMB2 CLOSE Response indicating the close was successful.
Smb2: R CLOSE SMB2Header: Size: 64 (0x40) CreditCharge: 0 (0x0) Status: STATUS_SUCCESS Command: CLOSE Credits: 1 (0x1) Flags: 1 (0x1) ServerToRedir: ...............................1 Server to Client AsyncCommand: ..............................0. Command is not asynchronous Related: .............................0.. Packet is single message Signed: ............................0... Packet is not signed Reserved: 0 (0x0) DFS: 0............................... Command is not a DFS Operation NextCommand: 0 (0x0) MessageId: 12 (0xC) Reserved: 0 (0x0) TreeId: 5 (0x5) SessionId: 4398046511121 (0x40000000011) RClose: Size: 60 (0x3C) Flags: 1 (0x1) Reserved: 0 (0x0) CreationTime: 127972990708847232 (0x1C6A6C1CC0B9280) LastAccessTime: 127972993090343232 (0x1C6A6C259FE5140) LastWriteTime: 127972992877715232 (0x1C6A6C24D51DF20) ChangeTime: 127972992877715232 (0x1C6A6C24D51DF20) AllocationSize: 0 (0x0) EndOfFile: 0 (0x0) FileAttributes: 0x00000010 ReadOnly: (...............................0) Read/Write Hidden: (..............................0.) Not Hidden System: (.............................0..) Not System Reserverd3: 0 (0x0) Directory: (...........................1....) Directory Archive: (..........................0.....) Not Archive Device: (.........................0......) Not Device Normal: (........................0.......) Not Normal Temporary: (.......................0........) Permanent Sparse: (......................0.........) Not Sparse Reparse: (.....................0..........) Not Reparse Point Compressed: (....................0...........) Uncompressed Offline: (...................0............) Content indexed NotIndexed: (..................0.............) Permanent Encrypted: (.................0..............) Unencrypted