3.3.5.2.3 Verifying the Sequence Number

If the received request is an SMB2 CANCEL, this section MUST be skipped.

If the received request is an SMB_COM_NEGOTIATE, as described in section 1.7, the server MUST assume that MessageId is zero for this request.

The server MUST check that the MessageId for the received request falls within the Connection.CommandSequenceWindow, as specified in section 3.3.1.7.

If Connection.SupportsMultiCredit is TRUE and the CreditCharge field in the SMB2 header is greater than zero, the server MUST check that a number of CreditCharge consecutive sequence numbers starting from MessageId fall within the Connection.CommandSequenceWindow.

If the server determines that the MessageId or the range of MessageIds for the incoming request is not valid, the server SHOULD<252> terminate the connection. Otherwise, the server MUST remove the MessageId or the range of MessageIds from the Connection.CommandSequenceWindow.