3.3.5.43 Receiving an SMB_COM_SESSION_SETUP_ANDX Request

  • Article

When the server receives an SMB_COM_SESSION_SETUP_ANDX request from the client, it MUST verify the SessionKey. If the SessionKey received in the request is not equal to Server.Connection.SessionKey, the server MAY fail the request with STATUS_INVALID_PARAMETER.

The server MUST pass the PrimaryDomain, AccountName, OEMPassword, and UnicodePassword fields to the authentication subsystem. If authentication fails, the server MUST increase Server.Statistics.sts0_pwerrors by 1 and MUST reply to the client with STATUS_LOGON_FAILURE (ERRDOS/ERRnoaccess) in an error response. The possible error codes from the authentication subsystem and their detailed description are specified in [RFC2743] and [MS-ERREF].

If Server.Connection.SessionSetupReceived is FALSE and:

  • If authentication was successful or Server.GuestOkay is TRUE:

  • If their corresponding server connection variables are empty, the server MUST save the MaxBufferSize, MaxMpxCount, and Capabilities values reported by the client in the corresponding server connection variables. These values MUST NOT be overridden by values presented in future SMB_COM_SESSION_SETUP_ANDX request messages.

  • If Server.Connection.NativeLanMan and Server.Connection.NativeOS are empty, the server MUST save the NativeLanMan and NativeOS values reported by the client in the Server.Connection.NativeLanMan and Server.Connection.NativeOS variables respectively. These values MUST NOT be overridden by values presented in future SMB_COM_SESSION_SETUP_ANDX request messages.

  • The server MUST query the authentication subsystem to determine which response value was accepted.

If the value accepted for authentication was the value passed in the OEMPassword field:

  • The server MUST set the 0x02 bit in the SMB_Parameters.Words.Action field of the response.

  • Server.ConnectionSigningChallengeResponse MUST be set to the challenge response received in the OEMPassword field in the client request.

  • If LM challenge/response was used instead of LMv2 challenge/response, the entire LM Session Key MUST be stored in Server.Connection.SigningSessionKey. If LMv2 challenge/response was used, the entire NT Session Key MUST be stored in Server.Connection.SigningSessionKey. If the length of Server.Connection.SigningSessionKey is less than 16, the server SHOULD pad it with zeros up to 16 bytes.

If the value accepted for authentication was the value passed in the UnicodePassword field:

  • The server MUST clear the 0x02 bit in the SMB_Parameters.Words.Action field of the response.

  • Server.ConnectionSigningChallengeResponse MUST be set to the challenge response received in the UnicodePassword field in the client request.

The entire NT Session Key MUST be stored in Server.Connection.SigningSessionKey. If the length of Server.Connection.SigningSessionKey is less than 16, the server SHOULD pad it with zeros up to 16 bytes.

  • If authentication was successful and IsSigningActive is TRUE, message signing MUST be initialized.

  • Server.Connection.MaxMpxCount MUST be set to MaxMpxCount field in the request.

  • If MaxMpxCount in the request is less than two, the server MUST set Server.Connection.OpLockSupport to FALSE for this connection. Otherwise, a client attempting to break its own OpLock would always time out because there would not be enough outstanding command slots to properly revoke the OpLock. See section 3.2.5.42 for more information on receiving an OpLock Break Notification.

  • The server MUST set Server.Connection.SessionSetupReceived to TRUE.

  • The server MUST set CreationTime and Server.Connection.IdleTime to be current time.

If authentication failed but Server.GuestOkay is TRUE (allowing Guest Access), the client MUST set the 0x01 bit in the Action field of the response to TRUE and return the response as if authentication had succeeded.

If authentication succeeded, the Server.Session.UserSecurityContext MUST be set to a value representing the user who successfully authenticated on the connection. The security context MUST be obtained from the authentication subsystem. The server MUST invoke the GSS_Inquire_context call as specified in [RFC2743] section 2.2.6, passing the Server.Session.UserSecurityContext as the input parameter, and MUST set Server.Session.UserName to the returned "src_name". If the returned "anon_state" is TRUE, the server MUST set Server.Session.IsAnonymous to TRUE. Otherwise, Server.Session.IsAnonymous MUST be set to FALSE.

If the VcNumber field in the session setup request is 0, the server MUST perform the following processing:

  • Close all sessions in Server.Connection.SessionTable in which UserName matches Server.Session.UserName as specified in section 3.3.4.8.

  • Disconnect each Connection in Server.ConnectionTable, except the current Server.Connection, in which ClientName matches the Server.Connection.ClientName as specified in section 3.3.7.2.

If authentication was successful or Server.GuestOkay is TRUE, a new UID and GlobalSessionId MUST be generated and entered into Server.Connection.SessionTable. If the size of Server.Connection.SessionTable has reached Server.SrvMaxSessionTableSize, the server MUST reply to the client with STATUS_TOO_MANY_SESSIONS (ERRSRV/ERRtoomanyuids) in an error response; otherwise, Server.Statistics.sts0_sopens MUST be increased by 1. The server MUST register the session by invoking the event Server Registers a New Session ([MS-SRVS] section 3.1.6.2) and MUST assign the return value to Session.SessionGlobalId. The server MUST fill in the additional response fields as specified in section 2.2.4.53.2.

If authentication was successful, the server MUST query the session key from the authentication package, as specified in [MS-NLMP]. If the session key is equal to or longer than 16 bytes, only the least significant 16 bytes MUST be stored in Server.Session.SessionKey. Otherwise, the session key MUST be stored in Server.Session.SessionKey and MUST be padded with zeros up to 16 bytes.

The response is sent to the client as specified in section 3.2.4.1.