Share via

3.1.5.1 Receiving a Connect Command

  • Article

If the recipient’s connection (1) state is not ‘transport layer connected’, then the state MUST be set to ‘aborting’, and the recipient MUST send a ConnectClose command as specified in section 3.1.4.2. Otherwise, the connection (1) state MUST be set to ‘connecting’.

The recipient MUST send a ConnectResponse command. The ResponseId and RetryTime fields MUST be determined as follows:

  • If the supplied TargetDeviceURL field is not the same as one of the locally configured LocalDeviceURLs, the ResponseId MUST be set to WrongDevice (0x01).

  • If the supplied MajorVersionNumber and MinorVersionNumber are incompatible with the recipient’s locally configured version, the ResponseId MUST be set to:

    • One of WillUpgrade (0x03) or WontUpgrade (0x04) if the sender’s major version is higher than that of the recipient. The sender’s minor version is used to determine whether WillUpgrade or WontUpgrade is sent.

    • NewVersionRequired (0x05) if the sender’s major version is less than that of the recipient.

  • If the recipient imposes connection (1) restrictions based upon the originating device URL, and one of the supplied SourceDeviceURLs is subject to an application defined security lockout, as specified in [MS-GRVSPMR], the ResponseId MUST be set to ConnectRejected (0x09).

  • If the recipient has a local configured limit to the NumberOfConcurrentDeviceConnections, and the number of connections (1) from the supplied SourceDeviceURL exceeds this limit, the ResponseId MUST be set to Ok (0x00). After responding with the required ConnectResponse, the recipient MUST send a ConnectClose command with a ReasonId of CrossedConnections (0x0c).

  • If the recipient is not able to handle a new connection (1) for any other reason, it MUST set the ResponseId to TryLater (0x02), and the higher-layer MUST specify a suggested RetryTime field.

  • If the recipient is a relay server, additional processing of an embedded Security message as specified in section 3.3.5.1 MUST be performed to determine the ResponseId.

  • If none of the preceding restricting conditions are detected, the ResponseId MUST be set to Ok (0x00).

The remaining fields in the ConnectResponse MUST be set as follows:

  • The recipient MUST set the MajorVersionNumber and MinorVersionNumber fields to its version of SSTP, as specified in section 3.1.1.1.

  • If the ResponseId is Ok, the recipient MUST set the TargetDeviceURLs field to the list of its locally configured LocalDeviceURLs, as specified in section 3.1.1.1.

  • The M (Multi-dropFanout) bit MUST be set to the configured value for MultidropSupported, as specified in section 3.1.1.1.

  • The S (SingleHopFanout) bit MUST be set to the configured value for SingleHopSupported, as specified in section 3.1.1.1.

If the contained ResponseId is Ok, the connection (1) state MUST be set to ‘established’. The SSTP connection (1) state variable Version maintained by the recipient, as specified in section 3.1.1.2, MUST be set to the lesser of the received MinorVersion value, or the receiver’s configured MinorVersion value, as specified in section 3.1.1.1.

If the contained ResponseId is not Ok, the connection (1) state MUST be set to ‘aborting’, and a ConnectClose MUST be sent as the next command with a higher-layer determined ReasonId.