*/
    public final int getCommonCapabilities() {
        return this.commonCapabilities;
    }

    /**
     * Gets the initial security blob for authentication negotiation.
     *
     * @return initial security blob
     */
    public byte[] getSecurityBlob() {
        return this.securityBuffer;
    }

    /**

    private int capabilities;

    /**
     * Constructs a session setup AndX request.
     *
     * @param tc the CIFS context containing configuration and credentials
     * @param negotiated the negotiation response containing server capabilities
     * @param andx the next command in the AndX chain, or null
     * @param cred the authentication credentials to use for the session

/**
 * Access to platform-specific features.
 *
 * ### Session Tickets
 *
 * Supported on Android 2.3+.
 * Supported on JDK 8+ via Conscrypt.
 *
 * ### ALPN (Application Layer Protocol Negotiation)
 *
 * Supported on Android 5.0+.
 *
 * Supported on OpenJDK 8 via the JettyALPN-boot library or Conscrypt.
 *
 * Supported on OpenJDK 9+ via SSLParameters and SSLSocket features.
 *

   * to HTTP/1.1.
   */
  public var protocolNegotiationEnabled: Boolean = true

  /**
   * The protocols supported by ALPN on incoming HTTPS connections in order of preference. The list
   * must contain [Protocol.HTTP_1_1]. It must not contain null.
   *
   * This list is ignored when [negotiation is disabled][protocolNegotiationEnabled].
   */

        void testSmb2HeaderLength() {
            assertEquals(64, Smb2Constants.SMB2_HEADER_LENGTH, "SMB2 header must be exactly 64 bytes");
        }
    }

    @Nested
    @DisplayName("Negotiation Constants")
    class NegotiationConstants {

        @Test
        @DisplayName("Signing enabled flag should be 0x0001")
        void testSigningEnabledFlag() {

        // For this test, we'll simulate that no auth header means we should challenge
        // Since we can't mock the internal transport operations easily without real network,
        // we'll test the simpler case where no NTLM negotiation is needed
        when(request.getHeader("Authorization")).thenReturn(null);

        filter.doFilter(request, response, filterChain);

        // Should challenge the client

     */
    int FLAGS2_SECURITY_SIGNATURES = 0x0004;
    /**
     * Security signatures are required flag.
     */
    int FLAGS2_SECURITY_REQUIRE_SIGNATURES = 0x0010;
    /**
     * Extended security negotiation is supported flag.
     */
    int FLAGS2_EXTENDED_SECURITY_NEGOTIATION = 0x0800;
    /**
     * Resolve paths in Distributed File System flag.
     */
    int FLAGS2_RESOLVE_PATHS_IN_DFS = 0x1000;
    /**

    // we should try the next route (if there is one).
    if (e is InterruptedIOException) {
      return e is SocketTimeoutException && !requestSendStarted
    }

    // Look for known client-side or negotiation errors that are unlikely to be fixed by trying
    // again with a different route.
    if (e is SSLHandshakeException) {
      // If the problem was a CertificateException from the X509TrustManager,
      // do not retry.

            }
            if (targ.getResult() != NegTokenTarg.ACCEPT_COMPLETED) {
                throw new SmbException("SPNEGO negotiation did not complete");
            }
            verifyMechListMIC(targ.getMechanismListMIC());
            this.completed = true;
            return null;
        }

        if (inputToken == null) {

        boolean port139Failover = delegatingConfig.isPort139FailoverEnabled();
        boolean dfsStrictView = delegatingConfig.isDfsStrictView();

        // Then
        assertTrue(smb2Only, "Should delegate SMB2 only negotiation");
        assertFalse(secureNegotiate, "Should delegate secure negotiate requirement");
        assertTrue(ntlmTargetName, "Should delegate NTLM target name setting");