3.3.5.2.9 Verifying the Session

If Connection.ConstrainedConnection is TRUE, the server SHOULD<219> disconnect the connection.

The server MUST look up the Session in Connection.SessionTable by using the SessionId in the SMB2 header of the request. If SessionId is not found in Connection.SessionTable, the server MUST fail the request with STATUS_USER_SESSION_DELETED.

If a session is found and Session.State is Expired, the server MUST continue to process the SMB2 LOGOFF, SMB2 CLOSE, and SMB2 LOCK commands. If the command is not one of these, the server SHOULD<220> fail the request with STATUS_NETWORK_SESSION_EXPIRED.

If Session.State is InProgress, the server MUST continue to process the SMB2 LOGOFF, SMB2 CLOSE, and SMB2 LOCK commands. If the command is not one of these, the server MUST fail the request with an implementation-specific<221> error code.

If Connection.Dialect belongs to the SMB 3.x dialect family, Session.EncryptData is TRUE, and RejectUnencryptedAccess is TRUE, the server MUST locate the Request in Connection.RequestList for which Request.MessageId matches the MessageId value in the SMB2 header of the request. If Request.IsEncrypted is FALSE, the server MUST fail the request with STATUS_ACCESS_DENIED.

Show: