Receiving an SMB_COM_NEGOTIATE Response

Processing of an SMB_COM_NEGOTIATE response is handled as specified in [MS-CIFS] section with the following additions:

Storing extended security token and ServerGUID

If the capabilities returned in the SMB_COM_NEGOTIATE response include CAP_EXTENDED_SECURITY, then the response MUST take the form defined in section, and the client MUST set the Client.Connection.GSSNegotiateToken to the value returned in the SecurityBlob field in the SMB_COM_NEGOTIATE server response.<92> If SecurityBlobLength is 0, then client-initiated authentication, with an authentication protocol of the client's choice, will be used instead of server-initiated SPNEGO authentication as described in [MS-AUTHSOD] section The client MUST also set the Client.Connection.ServerGUID to the value returned in the ServerGUID field in the SMB_COM_NEGOTIATE server response.<93>