3.3.5.3.2 Sending X.224 Connection Confirm PDU

  • Article

The structure and fields of the X.224 Connection Confirm PDU are specified in section 2.2.1.2.

The tpktHeader field is initialized as specified in [T123] section 8, while the x224Ccf field is initialized as detailed in [X224] section 13.4 (the Destination reference is set to zero, the Source reference is set to 0x1234, and the Class and options are set to zero). Parameter fields MUST NOT be specified in the variable part of the Connection Response PDU.

The rdpNegData field is left empty if the client did not append any negotiation data to the X.224 Connection Request PDU (section 2.2.1.1). If the client did append negotiation data to the X.224 Connection Request PDU, the rdpNegData field SHOULD contain an RDP Negotiation Response (section 2.2.1.2.1) or RDP Negotiation Failure (section 2.2.1.2.2) structure.

The RDP Negotiation Response structure is sent if the server supports (and is configured to use) one of the client-requested security protocols specified in the X.224 Connection Request PDU and saved in the Received Client Data store (section 3.3.1.1). The selectedProtocol field is initialized with the selected protocol identifier (see section 2.2.1.2.1 for a list of identifiers). If the server decides to use Standard RDP Security mechanisms (section 5.3), it MUST set the selectedProtocol field to PROTOCOL_RDP (0x00000000).

The RDP Negotiation Failure structure is sent if it is not possible to continue the connection with any of the client-requested External Security Protocol (section 5.4.5). The possible failure codes and a reason for sending each of them are listed in section 2.2.1.2.2. After sending the RDP Negotiation Failure structure the server MUST close the connection.

If an External Security Protocol, such as TLS (section 5.4.5.1) or CredSSP (section 5.4.5.2), will be used for the duration of the connection, the server MUST prepare to execute the selected protocol by calling into the relevant External Security Protocol Provider after the X.224 Connection Confirm PDU (with RDP Negotiation Response) has been sent to the client.