2.2.10 Call Connect Acknowledge Message (SSTP_MSG_CALL_CONNECT_ACK)

The following diagram specifies the format that MUST be used for this message. The server sends this message in response to an acceptable Call Connect Request message from a client. Note that this message follows the format of an SSTP control packet (section 2.2.2).

The fields of the structure MUST be transmitted in network byte order from left to right.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

Version

Reserved

C

LengthPacket

Message Type

Num Attributes

Reserved1

Attribute ID

LengthPacket1

Reserved2

Hash Protocol Bitmask

Nonce (32 bytes)

...

...

Version (1 byte): An 8-bit (1-byte) field that is used to communicate and negotiate the version of SSTP that is being used. The upper 4 bits are the MAJOR version, which MUST be 0x1, and the lower 4 bits are the MINOR version, which MUST be set to 0x0. This means that the 8-bit value of the Version field MUST be 0x10 and corresponds to Version 1.0.

Reserved (7 bits): This 7-bit field is reserved for future use. MUST be set to zero when sent and MUST be ignored on receipt.

C (1 bit): A 1-bit field that is used to indicate whether the packet is an SSTP control packet or an SSTP data packet. The value MUST be 1 for a Call Connect Acknowledge message that is a control packet.

LengthPacket (2 bytes): A 16-bit unsigned integer in network byte order that packs data for two fields, configured in the following format.

0

1

2

3

4

5

6

7

8

9

1

0

1

2

3

4

5

R

Length

R (4 bits): This 4-bit field is reserved for future use. MUST be set to zero when sent and MUST be ignored on receipt.

Length (12 bits): A 12-bit unsigned integer in network byte order that MUST specify the length, in bytes, of the entire Call Connect Acknowledge message. This field MUST be set to a value of 48 (0x030).

Message Type (2 bytes): A 16-bit field in network byte order that specifies the type of message. It MUST be 0x0002 (that is, SSTP_MSG_CALL_CONNECT_ACK).

Num Attributes (2 bytes): A 16-bit field in network byte order that specifies the number of attributes in the message. This value MUST be 1 for these messages because they contain the Crypto Binding Request attribute only.

Reserved1 (1 byte): This 8-bit field is reserved for future use. MUST be set to zero when sent and MUST be ignored on receipt.

Attribute ID (1 byte): An 8-bit (1-byte) field that is used to specify the type of attribute; its value MUST be 0x04 for the Crypto Binding Request attribute.

LengthPacket1 (2 bytes): A 16-bit unsigned integer in network byte order that packs data for two fields, configured in the following format.

0

1

2

3

4

5

6

7

8

9

1

0

1

2

3

4

5

R1

Length1

R1 (4 bits): This 4-bit field is reserved for future use. MUST be set to zero when sent and MUST be ignored on receipt.

Length1 (12 bits): A 12-bit unsigned integer in network byte order that MUST specify the length of the Crypto Binding Request attribute. Its value MUST be 40 bytes, that is, 0x028.

Reserved2 (3 bytes): This 24-bit field is reserved for future use. MUST be set to zero when sent and MUST be ignored on receipt.

Hash Protocol Bitmask (1 byte): This 1-byte bitmask field is used (with the ServerHashProtocolSupported state variable described in section 3.3.1) to specify the hashing methods allowed by the server that the client uses to compute the Compound MAC in the Crypto Binding attribute. For more information, see section 3.2.5.2. The following bits are defined.

A 1 MUST be placed in the appropriate bit position to select the supported hash protocol. The server MUST select at least one hash protocol. If the server selects both the SHA256 and the SHA1 hash protocols and the client supports both hash protocols (as indicated by the value of the ClientHashProtocolSupported state variable described in section 3.2.1), then the client MUST select the SHA256 protocol. For more information about how the client processes the Hash Protocol Bitmask when it receives a Call Connect Acknowledge message, see section 3.2.5.3.2.


0


1


2


3


4


5


6


7

0

0

0

0

0

0

B

A

Where the bits are defined as:

Value

Description

A

                

CERT_HASH_PROTOCOL_SHA1 is enabled when A=1 and is disabled when A=0.

B

                

CERT_HASH_PROTOCOL_SHA256 is enabled when B=1 and is disabled when B=0.

Nonce (32 bytes): A 256-bit unsigned integer that contains a temporally unique (or random) value. For more information, see [RFC1750].