Export (0) Print
Expand All

3.2.5.5 Receiving an SMB2 TREE_CONNECT Response

If the Status field of the SMB2 header of the response indicates an error, the client MUST return the received status code to the calling application.

If the Status field of the SMB2 header of the response indicates success, the client MUST locate the session in the Connection.SessionTable using the SessionId in the SMB2 header of the response, and locate the request message in Connection.OutstandingRequests using the MessageId. The client MUST allocate a tree connect object and insert it into the Session.TreeConnectTable. The tree connect is initialized as follows:

  • TreeConnect.TreeConnectId MUST be set to the TreeId that is received in the SMB2 header of the response.

  • TreeConnect.Session MUST be set to the session that is looked up using SessionId from the SMB2 header of the response.

  • TreeConnect.IsDfsShare MUST be set to TRUE, if the SMB2_SHARE_CAP_DFS bit is set in the Capabilities field of the response.

  • TreeConnect.IsCAShare MUST be set to TRUE, if the SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY bit is set in the Capabilities field of the response.

  • TreeConnect.ShareName MUST be set to the share name, taken from the share path in the request message.

  • If Connection.Dialect belongs to the SMB 3.x dialect family, Connection.SupportsEncryption is TRUE, and if the SMB2_SHAREFLAG_ENCRYPT_DATA bit is set in the ShareFlags field of the response, the client MUST do the following:

    • TreeConnect.EncryptData MUST be set to TRUE.

    • If Session.EncryptData is FALSE, the client MUST then generate an encryption key, a decryption key as specified in section 3.1.4.2, by providing the following inputs and store them in Session.EncryptionKey and Session.DecryptionKey:

      • Session.SessionKey as the key derivation key.

      • The case-sensitive ASCII string "SMB2AESCCM" as the label.

      • The label buffer length in bytes, including the terminating null character. The size of "SMB2AESCCM" is 11.

      • The case-sensitive ASCII string as key derivation context. For generating the encryption key, this MUST be "ServerIn "; note the blank space at the end. For generating the decryption key, this MUST be "ServerOut".

      • The context buffer size in bytes, including the terminating null character. For generating both the encryption key and decryption key, the string size is 10.

The client MUST generate a handle for the TreeConnect and return the handle and share type received in the response to the application that initiated the connection to the share. The client sets the share type based on ShareType in the response.

Share type

ShareType

"Disk Share"

SMB2_SHARE_TYPE_DISK

0x01

"Named Pipe"

SMB2_SHARE_TYPE_PIPE

0x02

"Printer Share"

SMB2_SHARE_TYPE_PRINT

0x03

If Connection.Dialect belongs to the SMB 3.x dialect family and the Capabilities field in the response includes SMB2_SHARE_CAP_CLUSTER bit, the client SHOULD invoke the event as specified in [MS-SWN] section 3.2.4.1 by providing Connection.ServerName as Netname parameter.

If Connection.Dialect belongs to the SMB 3.x dialect family and the Capabilities field in the response includes the SMB2_SHARE_CAP_SCALEOUT bit, the client MUST set TreeConnect.IsScaleoutShare to TRUE.

If Connection.Dialect is "3.002" and the Capabilities field in the response includes the SMB2_SHARE_CAP_ASYMMETRIC bit, the client MUST verify if both of the following conditions are true:

  • Connection.SessionTable contains only one entry.

  • Session.TreeConnectTable contains only one entry.

If either of the preceding conditions is FALSE, the client MUST perform the following:

  • Disconnect the tree connection as specified in section 3.2.4.22.

  • Establish a new transport connection, as specified in section 3.2.4.2.1.

  • Send an SMB2 NEGOTIATE request on the new connection, as specified in section 3.2.4.2.2.2.

  • If the SMB2 NEGOTIATE request is successful, the client MUST create a new session on the new connection by sending an SMB2 SESSION_SETUP request, as specified in section 3.2.4.2.3.

  • If the SMB2 SESSION_SETUP request is successful, the client MUST send an SMB2 TREE_CONNECT request, as specified in section 3.2.4.2.4.

  • If the SMB2 TREE_CONNECT request is successful, the client SHOULD invoke the event as specified in [MS-SWN] section 3.2.4.1 by providing Connection.ServerName as the Netname parameter and TreeConnect.ShareName as the ShareName parameter, and by setting the IsShareNameNotificationRequired parameter to TRUE.

If MaxDialect is "3.000" or "3.002", and RequireSecureNegotiate is TRUE, the client MUST validate the SMB2 NEGOTIATE messages originally sent on this connection by sending a signed VALIDATE_NEGOTIATE_INFO request as specified in section 2.2.31.4. The client MUST issue an SMB2 IOCTL Request as follows:

  • The SMB2 header MUST be initialized as follows:

    • The Command field is set to SMB2 IOCTL.

    • The MessageId field is set as specified in section 3.2.4.1.3.

    • The SessionId field is set to TreeConnect.Session.SessionId.

    • The TreeId field is set to TreeConnect.TreeConnectId.

  • The SMB2 IOCTL Request MUST be initialized as specified in section 2.2.31, with the exception of the following values:

    • The CtlCode field is set to FSCTL_VALIDATE_NEGOTIATE_INFO.

    • The FileId field is set to { 0xFFFFFFFFFFFFFFFF, 0xFFFFFFFFFFFFFFFF }.

    • The InputOffset field is set to the offset of the Buffer[], in bytes, from the beginning of the SMB2 header.

    • The InputCount field is set to the size, in bytes, of the VALIDATE_NEGOTIATE_INFO request structure that is constructed following the syntax specified in section 2.2.31.4.

    • The VALIDATE_NEGOTIATE_INFO request structure is constructed as follows and copied into the request at InputOffset bytes from the beginning of the SMB2 header:

      • Capabilities is set to Connection.ClientCapabilities.

      • Guid is set to the global ClientGuid value.

      • SecurityMode is set to Connection.ClientSecurityMode.

      • Set DialectCount to 0.

      • If the client implements the SMB 2.002 dialect, it MUST do the following:

        • Increment the DialectCount by 1.

        • Set the value in Dialects[DialectCount-1] array to 0x0202.

      • If the client implements the SMB 2.1 dialect, it MUST do the following:

        • Increment the DialectCount by 1.

        • Set the value in Dialects[DialectCount-1] array to 0x0210.

      • If the client implements the SMB 3.0 dialect, it MUST do the following:

        • Increment the DialectCount by 1.

        • Set the value in the Dialects[DialectCount-1] array to 0x0300.

      • If the client implements the SMB 3.02 dialect, it MUST do the following:

        • Increment the DialectCount by 1.

        • Set the value in the Dialects[DialectCount-1] array to 0x0302.

    • The OutputOffset field offset to the Buffer[], in bytes, from the beginning of the SMB2 header.

    • The OutputCount field is set to 0.

    • The MaxInputResponse field is set to 0.

    • The MaxOutputResponse field is set to the size of the VALIDATE_NEGOTIATE_INFO response structure as defined in section 2.2.32.6.

    • The value of the Flags field is set to SMB2_0_IOCTL_IS_FSCTL.

  • The request MUST be signed as specified in section 3.1.4.1, MUST be sent to the server, and the response from the server MUST be handled as specified in section 3.2.5.14.12.

If Connection.Dialect belongs to the SMB 3.x dialect family and Connection.SupportsMultiChannel is TRUE, the client MUST perform the following:

  • The client MUST verify if the session requires additional channels to the server, in an implementation-specific manner.<148>

  • If the session requires additional channels, the client MUST query the network interfaces on the server, as specified in section 3.2.4.20.10, and passing the TreeConnect.

  • From the list of network interfaces returned by the server, as specified in section 3.2.5.14.11, the client MUST use IfIndex to identify distinct interfaces on the server. The client MUST select a network interface for establishing a new channel using implementation-specific criteria.<149>

  • For each server’s network interface selected, the client MUST establish a new transport connection to the server, as specified in section 3.2.4.2.1.

  • The client MUST send SMB2 NEGOTIATE request on the new connection, as specified in section 3.2.4.2.2.2.

  • If the SMB2 NEGOTIATE request is successful, the client MUST bind the current Session to the new the connection as specified in section 3.2.4.2.3.

 
Show:
© 2014 Microsoft