memory if web socket compression is negotiated but not used.


## Version 4.5.0-RC1

_2020-03-17_

**This release candidate turns on web socket compression.**

The [spec][rfc_7692] includes a sophisticated mechanism for client and server to negotiate
compression features. We strive to offer great performance in our default configuration and so we're

        assertSame(transport, t);
        verify(transport, times(1)).acquire();
    }

    @Test
    @DisplayName("isSignatureSetupRequired depends on digest and negotiate flags")
    void testIsSignatureSetupRequired() throws Exception {
        SmbSessionImpl session = newSession();

        // Case 1: digest already set -> false

     * @return A <code>byte[]</code> containing the local security
     * context.  This is used by the client to negotiate local
     * authentication.
     */
    public byte[] getContext() {
        return context;
    }

    /**
     * Sets the local security context.  This is used by the client
     * to negotiate local authentication.
     *
     * @param context The local security context.
     */

     * both internally supplied passwords are equal. If one {@code NtlmPasswordAuthentication} object has external
     * hashes (meaning negotiated via NTLM HTTP Authentication) and the other does not they will not be equal. This is
     * technically not correct however the server 8 byte challenge would be required to compute and compare the password

        response.getServerData().smaxMpxCount = 1;
        response.getServerData().maxBufferSize = 16384;

        assertTrue(response.isValid(mockContext, request));
        // After negotiation, check if unicode capability is preserved
        assertTrue((response.getNegotiatedCapabilities() & SmbConstants.CAP_UNICODE) != 0);
    }

    @Test
    public void testIsValidWithInvalidDialect() {

import jakarta.servlet.http.HttpServletResponse;

/**
 * SPNEGO (Security Provider Negotiation Protocol) authenticator implementation.
 *
 * This class provides Single Sign-On (SSO) authentication using the SPNEGO protocol,
 * which is commonly used for Kerberos-based authentication in Windows environments.
 * It handles the negotiation between client and server to establish a secure

    /** Extended attributes supported flag */
    int FLAGS2_EXTENDED_ATTRIBUTES = 0x0002;
    /** Security signatures supported flag */
    int FLAGS2_SECURITY_SIGNATURES = 0x0004;
    /** Extended security negotiation flag */
    int FLAGS2_EXTENDED_SECURITY_NEGOTIATION = 0x0800;
    /** Resolve paths in DFS flag */
    int FLAGS2_RESOLVE_PATHS_IN_DFS = 0x1000;
    /** Permit read if execute permission flag */

 *  * If `server_max_window_bits` is less than 15, OkHttp will waste memory on an oversized buffer.
 *
 * See [RFC 7692, 7.1][rfc_7692] for details on negotiation process.
 *
 * [rfc_7692]: https://tools.ietf.org/html/rfc7692#section-7.1
 */
@IgnoreJRERequirement // As of AGP 3.4.1, D8 desugars API 24 hashCode methods.
data class WebSocketExtensions(

            //      e.eaSize = readInt4( buffer, bufferIndex + 64 );
            //      e.shortNameLength = buffer[bufferIndex + 68] & 0xFF;

            /* With NT, the shortName is in Unicode regardless of what is negotiated.
             */

            //      e.shortName = readString( buffer, bufferIndex + 70, e.shortNameLength );
            e.filename = readString(buffer, bufferIndex + 94, e.fileNameLength);

        // observed too that signatures on error responses are sometimes wrong??
        // Looks like the failure case also is just reflecting back the signature we sent

        // with SMB3's negotiation validation it's no longer possible to ignore this (on the validation response)
        // make sure that validation is performed in any case
        final Smb2SigningDigest dgst = getDigest();