Share via

3.2.5.4 Receiving an SMB_COM_TREE_CONNECT_ANDX Response

  • Article

The processing of an SMB_COM_TREE_CONNECT_ANDX Response is handled as specified in [MS-CIFS] section 3.2.5.4 with the following additions:

Requesting Extended Information

The client MUST determine whether or not the server returned an extended response, as specified in section 2.2.4.7. The client does this by determining whether or not the WordCount is equal to 0x07. If it is, then the client MUST make the new extended information available to the calling application by using the SMB_Header.TID value to set Client.Connection.TreeConnectTable[TID].MaximalShareAccessRights and Client.Connection.TreeConnectTable[TID].GuestMaximalShareAccessRights to the values that are in the response fields of SMB_Parameters.Words.MaximalShareAccessRights and SMB_Parameters.Words.GuestMaximalShareAccessRights, respectively.

Session Key Protection

If the response status is STATUS_SUCCESS and the SMB_EXTENDED_SIGNATURE bit is set in the OptionalSupport field of the SMB_COM_TREE_CONNECT_ANDX response, then the client MUST hash the session key of the calling user. This protects the key that is used for signing by making it unavailable to the calling applications.

The one-way hash MUST be performed on Client.Session.SessionKey that uses the HMAC-MD5 algorithm, as specified in [RFC2104]. The steps are as follows:

  1. Take the 16-byte user session key from Client.Session.SessionKey.

    • If this is an LM authentication where the session key is only 8 bytes, then zero extend it to 16 bytes.

    • If the session key is more than 16 bytes, then use only the first 16 bytes.

  2. Calculate the one-way hash as follows:

     CALL hmac_md5( SSKeyHash, 256, session key, session key length, digest )
 SET user session key = digest

The resulting 16-byte digest is treated as the user's new session key and is returned to the caller who requests it. SSKeyHash is the well-known constant array that is described in section 2.2.2.5.

After the session key has been hashed, the client MUST place the hash into Client.Session.SessionKey and set Client.Session.SessionKeyState to Available, which allows applications to query the session key.

If the TREE_CONNECT_ANDX_EXTENDED_SIGNATURE bit is not set, then the Client.Session.SessionKey is not changed and Client.Session.SessionKeyState MUST be set to Available.