3.3.5.1 Receiving Any Message

The following global details are presented to a server that receives any message in addition to what is specified in [MS-CIFS] section 3.3.5.2.

Signing

If a message is received and Server.Connection.IsSigningActive is TRUE the server uses Server.Connection.ServerNextReceiveSequenceNumber and the signature MUST be verified, as specified in section 3.1.5.1.

The server MUST insert the sequence number for the response to this request into the Server.Connection.ServerSendSequenceNumber table with the PID and MID that identifies the request/response pair. (PID and MID are specified in [MS-CIFS] section 2.2.1.6.)

If the signature on the received packet is incorrect, then the server MUST return STATUS_ACCESS_DENIED (ERRDOS/ERRnoaccess) and ServerStatistics.sts0_permerrors MUST be increased by 1. If the signature on the current message is correct, then the server MUST take the following steps.

 IF request command EQUALS SMB_COM_NT_CANCEL THEN
     INCREMENT ServerNextReceiveSequenceNumber
 ELSE IF request has no response THEN
     INCREMENT ServerNextReceiveSequenceNumber BY 2
 ELSE
     SET ServerSendSequenceNumber[PID,MID] TO
         ServerNextReceiveSequenceNumber + 1
     INCREMENT ServerNextReceiveSequenceNumber BY 2
 END IF

Session Validation and Re-authentication

If the SMB_Header.UID of the request is zero, then the server does not need to check for the expiry because a session is not being used for this request.

If the SMB_Header.UID of the request is not zero, then the server MUST check the state of the session.

  • If Connection.SessionTable[UID].AuthenticationState is equal to Expired or ReauthInProgress, and the received message is an SMB_COM_SESSION_SETUP_ANDX request (indicating a session renewal), the behavior is as specified in section 3.3.5.3. For details on how the client handles a session expiration, see section 3.2.5.1.

  • If Connection.SessionTable[UID].AuthenticationState is equal to Expired or ReauthInProgress, and the received message is one of the following requests, the server MUST continue processing the request.

    • SMB_COM_CLOSE

    • SMB_COM_LOGOFF_ANDX

    • SMB_COM_FLUSH

    • SMB_COM_LOCKING_ANDX

    • SMB_COM_TREE_DISCONNECT

    If the received message is not one of the preceding requests, the server SHOULD<104> fail all operations with STATUS_NETWORK_SESSION_EXPIRED until the session renewal is successful.

  • If Server.Connection.SessionTable is not empty, Server.Connection.SessionTable[UID].AuthenticationState is InProgress, and the received message is not an SMB_COM_SESSION_SETUP_ANDX request, then the server SHOULD<105> fail all operations with STATUS_INVALID_HANDLE and MUST increase ServerStatistics.sts0_permerrors by 1.

  • If Server.Connection.SessionTable is not empty, SMB_Header.UID is not found in Server.Connection.SessionTable, and the received message is not an SMB_COM_SESSION_SETUP_ANDX request, then the server MUST fail all operations with STATUS_SMB_BAD_UID and MUST increase ServerStatistics.sts0_permerrors by 1.

  • If Server.Connection.SessionTable is empty, then the server SHOULD<106> disconnect the connection.

  • If Server.Connection.SessionTable[UID].AuthenticationState is InProgress and the received message is an SMB_COM_SESSION_SETUP_ANDX request, the behavior is as specified in section 3.3.5.3.

  • If Server.Connection.SessionTable[UID].AuthenticationState is Valid, then the server MUST allow all operations.