RubyGems - ruby_smb - Versions diffs - 1.0.3 → 2.0.1 - Mend

ruby_smb 1.0.3 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (200) hide show

checksums.yaml +5 -5
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/.travis.yml +3 -2
data/Gemfile +6 -2
data/README.md +35 -47
data/examples/enum_registry_key.rb +28 -0
data/examples/enum_registry_values.rb +30 -0
data/examples/negotiate.rb +51 -8
data/examples/pipes.rb +2 -1
data/examples/read_file_encryption.rb +56 -0
data/examples/read_registry_key_value.rb +32 -0
data/lib/ruby_smb.rb +4 -1
data/lib/ruby_smb/client.rb +233 -22
data/lib/ruby_smb/client/authentication.rb +70 -33
data/lib/ruby_smb/client/echo.rb +20 -2
data/lib/ruby_smb/client/encryption.rb +62 -0
data/lib/ruby_smb/client/negotiation.rb +172 -24
data/lib/ruby_smb/client/signing.rb +19 -0
data/lib/ruby_smb/client/tree_connect.rb +24 -18
data/lib/ruby_smb/client/utils.rb +8 -7
data/lib/ruby_smb/client/winreg.rb +46 -0
data/lib/ruby_smb/crypto.rb +30 -0
data/lib/ruby_smb/dcerpc.rb +38 -0
data/lib/ruby_smb/dcerpc/bind.rb +2 -2
data/lib/ruby_smb/dcerpc/bind_ack.rb +2 -2
data/lib/ruby_smb/dcerpc/error.rb +3 -0
data/lib/ruby_smb/dcerpc/ndr.rb +95 -16
data/lib/ruby_smb/dcerpc/pdu_header.rb +1 -1
data/lib/ruby_smb/dcerpc/request.rb +28 -9
data/lib/ruby_smb/dcerpc/rrp_unicode_string.rb +35 -0
data/lib/ruby_smb/dcerpc/srvsvc.rb +10 -0
data/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all.rb +9 -0
data/lib/ruby_smb/dcerpc/winreg.rb +340 -0
data/lib/ruby_smb/dcerpc/winreg/close_key_request.rb +24 -0
data/lib/ruby_smb/dcerpc/winreg/close_key_response.rb +27 -0
data/lib/ruby_smb/dcerpc/winreg/enum_key_request.rb +45 -0
data/lib/ruby_smb/dcerpc/winreg/enum_key_response.rb +42 -0
data/lib/ruby_smb/dcerpc/winreg/enum_value_request.rb +39 -0
data/lib/ruby_smb/dcerpc/winreg/enum_value_response.rb +36 -0
data/lib/ruby_smb/dcerpc/winreg/open_key_request.rb +34 -0
data/lib/ruby_smb/dcerpc/winreg/open_key_response.rb +25 -0
data/lib/ruby_smb/dcerpc/winreg/open_root_key_request.rb +43 -0
data/lib/ruby_smb/dcerpc/winreg/open_root_key_response.rb +35 -0
data/lib/ruby_smb/dcerpc/winreg/query_info_key_request.rb +27 -0
data/lib/ruby_smb/dcerpc/winreg/query_info_key_response.rb +40 -0
data/lib/ruby_smb/dcerpc/winreg/query_value_request.rb +39 -0
data/lib/ruby_smb/dcerpc/winreg/query_value_response.rb +57 -0
data/lib/ruby_smb/dcerpc/winreg/regsam.rb +40 -0
data/lib/ruby_smb/dispatcher/socket.rb +4 -3
data/lib/ruby_smb/error.rb +68 -2
data/lib/ruby_smb/generic_packet.rb +33 -4
data/lib/ruby_smb/smb1/commands.rb +1 -1
data/lib/ruby_smb/smb1/file.rb +66 -15
data/lib/ruby_smb/smb1/packet/close_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/close_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/echo_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/echo_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/empty_packet.rb +10 -1
data/lib/ruby_smb/smb1/packet/logoff_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/logoff_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/negotiate_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/negotiate_response.rb +3 -7
data/lib/ruby_smb/smb1/packet/negotiate_response_extended.rb +4 -4
data/lib/ruby_smb/smb1/packet/nt_create_andx_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/nt_create_andx_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/nt_trans/create_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/nt_trans/create_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/nt_trans/request.rb +2 -4
data/lib/ruby_smb/smb1/packet/nt_trans/response.rb +2 -1
data/lib/ruby_smb/smb1/packet/read_andx_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/read_andx_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/session_setup_legacy_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/session_setup_legacy_response.rb +3 -2
data/lib/ruby_smb/smb1/packet/session_setup_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/session_setup_response.rb +3 -2
data/lib/ruby_smb/smb1/packet/trans/peek_nmpipe_request.rb +0 -1
data/lib/ruby_smb/smb1/packet/trans/peek_nmpipe_response.rb +3 -2
data/lib/ruby_smb/smb1/packet/trans/request.rb +2 -5
data/lib/ruby_smb/smb1/packet/trans/response.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_request.rb +1 -1
data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_response.rb +1 -1
data/lib/ruby_smb/smb1/packet/trans2/find_first2_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/find_first2_response.rb +8 -2
data/lib/ruby_smb/smb1/packet/trans2/find_next2_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/find_next2_response.rb +8 -2
data/lib/ruby_smb/smb1/packet/trans2/open2_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/open2_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/request.rb +2 -4
data/lib/ruby_smb/smb1/packet/trans2/request_secondary.rb +2 -4
data/lib/ruby_smb/smb1/packet/trans2/response.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/set_file_information_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/set_file_information_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/tree_connect_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/tree_connect_response.rb +13 -3
data/lib/ruby_smb/smb1/packet/tree_disconnect_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/tree_disconnect_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/write_andx_request.rb +3 -6
data/lib/ruby_smb/smb1/packet/write_andx_response.rb +2 -1
data/lib/ruby_smb/smb1/pipe.rb +87 -6
data/lib/ruby_smb/smb1/tree.rb +50 -3
data/lib/ruby_smb/smb2/bit_field/session_flags.rb +2 -1
data/lib/ruby_smb/smb2/bit_field/share_flags.rb +6 -4
data/lib/ruby_smb/smb2/file.rb +103 -25
data/lib/ruby_smb/smb2/negotiate_context.rb +108 -0
data/lib/ruby_smb/smb2/packet.rb +2 -0
data/lib/ruby_smb/smb2/packet/close_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/close_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/compression_transform_header.rb +41 -0
data/lib/ruby_smb/smb2/packet/create_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/create_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/echo_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/echo_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/error_packet.rb +15 -3
data/lib/ruby_smb/smb2/packet/ioctl_request.rb +2 -5
data/lib/ruby_smb/smb2/packet/ioctl_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/logoff_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/logoff_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/negotiate_request.rb +51 -17
data/lib/ruby_smb/smb2/packet/negotiate_response.rb +52 -5
data/lib/ruby_smb/smb2/packet/query_directory_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/query_directory_response.rb +8 -2
data/lib/ruby_smb/smb2/packet/read_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/read_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/session_setup_request.rb +2 -5
data/lib/ruby_smb/smb2/packet/session_setup_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/set_info_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/set_info_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/transform_header.rb +84 -0
data/lib/ruby_smb/smb2/packet/tree_connect_request.rb +93 -10
data/lib/ruby_smb/smb2/packet/tree_connect_response.rb +10 -22
data/lib/ruby_smb/smb2/packet/tree_disconnect_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/tree_disconnect_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/write_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/write_response.rb +2 -1
data/lib/ruby_smb/smb2/pipe.rb +86 -12
data/lib/ruby_smb/smb2/smb2_header.rb +1 -1
data/lib/ruby_smb/smb2/tree.rb +65 -21
data/lib/ruby_smb/version.rb +1 -1
data/ruby_smb.gemspec +5 -3
data/spec/lib/ruby_smb/client_spec.rb +1612 -108
data/spec/lib/ruby_smb/crypto_spec.rb +25 -0
data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/bind_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/ndr_spec.rb +410 -0
data/spec/lib/ruby_smb/dcerpc/request_spec.rb +50 -7
data/spec/lib/ruby_smb/dcerpc/rrp_unicode_string_spec.rb +98 -0
data/spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb +13 -0
data/spec/lib/ruby_smb/dcerpc/srvsvc_spec.rb +60 -0
data/spec/lib/ruby_smb/dcerpc/winreg/close_key_request_spec.rb +28 -0
data/spec/lib/ruby_smb/dcerpc/winreg/close_key_response_spec.rb +36 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_request_spec.rb +108 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_response_spec.rb +97 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_request_spec.rb +94 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_response_spec.rb +82 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_key_request_spec.rb +74 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_key_response_spec.rb +35 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_request_spec.rb +90 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_request_spec.rb +39 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_response_spec.rb +113 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_request_spec.rb +88 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_response_spec.rb +150 -0
data/spec/lib/ruby_smb/dcerpc/winreg/regsam_spec.rb +32 -0
data/spec/lib/ruby_smb/dcerpc/winreg_spec.rb +710 -0
data/spec/lib/ruby_smb/dcerpc_spec.rb +81 -0
data/spec/lib/ruby_smb/dispatcher/socket_spec.rb +2 -2
data/spec/lib/ruby_smb/error_spec.rb +59 -0
data/spec/lib/ruby_smb/generic_packet_spec.rb +52 -4
data/spec/lib/ruby_smb/smb1/file_spec.rb +191 -2
data/spec/lib/ruby_smb/smb1/packet/empty_packet_spec.rb +68 -0
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_response_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_response_spec.rb +1 -1
data/spec/lib/ruby_smb/smb1/packet/trans2/find_first2_response_spec.rb +11 -2
data/spec/lib/ruby_smb/smb1/packet/trans2/find_next2_response_spec.rb +11 -2
data/spec/lib/ruby_smb/smb1/packet/tree_connect_response_spec.rb +40 -0
data/spec/lib/ruby_smb/smb1/pipe_spec.rb +272 -149
data/spec/lib/ruby_smb/smb1/tree_spec.rb +44 -7
data/spec/lib/ruby_smb/smb2/bit_field/session_flags_spec.rb +9 -0
data/spec/lib/ruby_smb/smb2/bit_field/share_flags_spec.rb +27 -0
data/spec/lib/ruby_smb/smb2/file_spec.rb +323 -6
data/spec/lib/ruby_smb/smb2/negotiate_context_spec.rb +332 -0
data/spec/lib/ruby_smb/smb2/packet/compression_transform_header_spec.rb +108 -0
data/spec/lib/ruby_smb/smb2/packet/error_packet_spec.rb +78 -0
data/spec/lib/ruby_smb/smb2/packet/negotiate_request_spec.rb +138 -3
data/spec/lib/ruby_smb/smb2/packet/negotiate_response_spec.rb +120 -2
data/spec/lib/ruby_smb/smb2/packet/query_directory_response_spec.rb +8 -0
data/spec/lib/ruby_smb/smb2/packet/transform_header_spec.rb +220 -0
data/spec/lib/ruby_smb/smb2/packet/tree_connect_request_spec.rb +339 -9
data/spec/lib/ruby_smb/smb2/packet/tree_connect_response_spec.rb +3 -22
data/spec/lib/ruby_smb/smb2/pipe_spec.rb +286 -149
data/spec/lib/ruby_smb/smb2/smb2_header_spec.rb +2 -2
data/spec/lib/ruby_smb/smb2/tree_spec.rb +261 -2
metadata +191 -83
metadata.gz.sig +0 -0
data/lib/ruby_smb/smb1/dcerpc.rb +0 -67
data/lib/ruby_smb/smb2/dcerpc.rb +0 -70
data/spec/lib/ruby_smb/smb1/packet/error_packet_spec.rb +0 -37

data/lib/ruby_smb/smb1/tree.rb CHANGED

@@ -39,11 +39,20 @@ module RubySMB
       # Disconnects this Tree from the current session
       #
       # @return [WindowsError::ErrorCode] the NTStatus sent back by the server.
+      # @raise [RubySMB::Error::InvalidPacket] if the response is not a TreeDisconnectResponse packet
       def disconnect!
         request = RubySMB::SMB1::Packet::TreeDisconnectRequest.new
         request = set_header_fields(request)
         raw_response = client.send_recv(request)
         response = RubySMB::SMB1::Packet::TreeDisconnectResponse.read(raw_response)
+        unless response.valid?
+          raise RubySMB::Error::InvalidPacket.new(
+            expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
+            expected_cmd:   RubySMB::SMB1::Packet::TreeDisconnectResponse::COMMAND,
+            received_proto: response.smb_header.protocol,
+            received_cmd:   response.smb_header.command
+          )
+        end
         response.status_code
       end
@@ -113,11 +122,25 @@ module RubySMB
         raw_response = @client.send_recv(nt_create_andx_request)
         response = RubySMB::SMB1::Packet::NtCreateAndxResponse.read(raw_response)
-        unless response.smb_header.command == RubySMB::SMB1::Commands::SMB_COM_NT_CREATE_ANDX
-          raise RubySMB::Error::InvalidPacket, 'Not a NtCreateAndxResponse packet'
+        unless response.valid?
+          if response.is_a?(RubySMB::SMB1::Packet::EmptyPacket) &&
+               response.smb_header.protocol == RubySMB::SMB1::SMB_PROTOCOL_ID &&
+               response.smb_header.command == response.original_command
+            raise RubySMB::Error::InvalidPacket.new(
+              'The response seems to be an SMB1 NtCreateAndxResponse but an '\
+              'error occurs while parsing it. It is probably missing the '\
+              'required extended information.'
+            )
+          end
+          raise RubySMB::Error::InvalidPacket.new(
+            expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
+            expected_cmd:   RubySMB::SMB1::Packet::NtCreateAndxResponse::COMMAND,
+            received_proto: response.smb_header.protocol,
+            received_cmd:   response.smb_header.command
+          )
         end
         unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
         case response.parameter_block.resource_type
@@ -140,6 +163,8 @@ module RubySMB
       # @param pattern [String] search pattern
       # @param type [Class] file information class
       # @return [Array] array of directory structures
+      # @raise [RubySMB::Error::InvalidPacket] if the response is not a Trans2 packet
+      # @raise [RubySMB::Error::UnexpectedStatusCode] if the response NTStatus is not STATUS_SUCCESS
       def list(directory: '\\', pattern: '*', unicode: true,
                type: RubySMB::SMB1::Packet::Trans2::FindInformationLevel::FindFileFullDirectoryInfo)
         find_first_request = RubySMB::SMB1::Packet::Trans2::FindFirst2Request.new
@@ -166,6 +191,17 @@ module RubySMB
         raw_response  = client.send_recv(find_first_request)
         response      = RubySMB::SMB1::Packet::Trans2::FindFirst2Response.read(raw_response)
+        unless response.valid?
+          raise RubySMB::Error::InvalidPacket.new(
+            expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
+            expected_cmd:   RubySMB::SMB1::Packet::Trans2::FindFirst2Response::COMMAND,
+            received_proto: response.smb_header.protocol,
+            received_cmd:   response.smb_header.command
+          )
+        end
+        unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
+        end
         results = response.results(type, unicode: unicode)
@@ -190,6 +226,17 @@ module RubySMB
           raw_response  = client.send_recv(find_next_request)
           response      = RubySMB::SMB1::Packet::Trans2::FindNext2Response.read(raw_response)
+          unless response.valid?
+            raise RubySMB::Error::InvalidPacket.new(
+              expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
+              expected_cmd:   RubySMB::SMB1::Packet::Trans2::FindNext2Response::COMMAND,
+              received_proto: response.smb_header.protocol,
+              received_cmd:   response.smb_header.command
+            )
+          end
+          unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
+            raise RubySMB::Error::UnexpectedStatusCode, response.status_code
+          end
           results += response.results(type, unicode: unicode)

data/lib/ruby_smb/smb2/bit_field/session_flags.rb CHANGED

@@ -4,7 +4,8 @@ module RubySMB
       # The SessionsFlags bit-field for a {RubySMB::SMB2::Packet::SessionSetupResponse}
       class SessionFlags < BinData::Record
         endian  :little
-        bit6    :reserved3,           label: 'Reserved', initial_value: 0
+        bit5    :reserved3,           label: 'Reserved', initial_value: 0
+        bit1    :encrypt_data,        label: 'Encrypt Data', initial_value: 0
         bit1    :null,                label: 'ASYNC Command', initial_value: 0
         bit1    :guest,               label: 'Is Guest?',     initial_value: 0
         resume_byte_alignment

data/lib/ruby_smb/smb2/bit_field/share_flags.rb CHANGED

@@ -8,7 +8,7 @@ module RubySMB
         bit2    :reserved1,                 label: 'Reserved Space'
         bit1    :vdo_caching,               label: 'VDO Caching'
         bit1    :auto_caching,              label: 'Auto Caching'
-        bit2    :reserved2
+        bit2    :reserved2,                 label: 'Reserved Space'
         bit1    :dfs_root,                  label: 'DFS Root'
         bit1    :dfs,                       label: 'DFS'
         # byte boundary
@@ -20,9 +20,11 @@ module RubySMB
         bit1    :namespace_caching,         label: 'Namespace Caching'
         bit1    :shared_delete,             label: 'Force Shared Delete'
         bit1    :restrict_exclusive_opens,  label: 'Restrict Exclusive Opens'
-        bit8    :reserved3,                 label: 'Reserved Space'
-        bit8    :reserved4,                 label: 'Reserved Space'
+        # byte boundary
+        bit5    :reserved3,                 label: 'Reserved Space'
+        bit1    :identity_remoting,         label: 'Identity Remoting'
+        bit2    :reserved4,                 label: 'Reserved Space'
+        bit8    :reserved5,                 label: 'Reserved Space'
         def caching_type
           if vdo_caching == 1 && auto_caching.zero?

data/lib/ruby_smb/smb2/file.rb CHANGED

@@ -52,7 +52,12 @@ module RubySMB
       #   @return [RubySMB::SMB2::Tree]
       attr_accessor :tree
-      def initialize(tree:, response:, name:)
+      # Whether or not the share associated with this tree connect needs to be encrypted (SMB 3.x)
+      # @!attribute [rw] tree_connect_encrypt_data
+      #   @return [Boolean]
+      attr_accessor :tree_connect_encrypt_data
+      def initialize(tree:, response:, name:, encrypt: false)
         raise ArgumentError, 'No Tree Provided' if tree.nil?
         raise ArgumentError, 'No Response Provided' if response.nil?
@@ -66,6 +71,7 @@ module RubySMB
         @last_write   = response.last_write.to_datetime
         @size         = response.end_of_file
         @size_on_disk = response.allocation_size
+        @tree_connect_encrypt_data = encrypt
       end
       # Appends the supplied data to the end of the file.
@@ -79,11 +85,24 @@ module RubySMB
       # Closes the handle to the remote file.
       #
       # @return [WindowsError::ErrorCode] the NTStatus code returned by the operation
+      # @raise [RubySMB::Error::InvalidPacket] if the response is not a CloseResponse packet
+      # @raise [RubySMB::Error::UnexpectedStatusCode] if the response NTStatus is not STATUS_SUCCESS
       def close
         close_request = set_header_fields(RubySMB::SMB2::Packet::CloseRequest.new)
-        raw_response  = tree.client.send_recv(close_request)
+        raw_response  = tree.client.send_recv(close_request, encrypt: @tree_connect_encrypt_data)
         response = RubySMB::SMB2::Packet::CloseResponse.read(raw_response)
-        response.smb2_header.nt_status.to_nt_status
+        unless response.valid?
+          raise RubySMB::Error::InvalidPacket.new(
+            expected_proto: RubySMB::SMB2::SMB2_PROTOCOL_ID,
+            expected_cmd:   RubySMB::SMB2::Packet::CloseResponse::COMMAND,
+            received_proto: response.smb2_header.protocol,
+            received_cmd:   response.smb2_header.command
+          )
+        end
+        unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
+        end
+        response.status_code
       end
       # Read from the file, a specific number of bytes
@@ -93,6 +112,8 @@ module RubySMB
       # @param bytes [Integer] the number of bytes to read
       # @param offset [Integer] the byte offset in the file to start reading from
       # @return [String] the data read from the file
+      # @raise [RubySMB::Error::InvalidPacket] if the response is not a ReadResponse packet
+      # @raise [RubySMB::Error::UnexpectedStatusCode] if the response NTStatus is not STATUS_SUCCESS
       def read(bytes: size, offset: 0)
         atomic_read_size = if bytes > tree.client.server_max_read_size
                              tree.client.server_max_read_size
@@ -101,8 +122,19 @@ module RubySMB
                            end
         read_request = read_packet(read_length: atomic_read_size, offset: offset)
-        raw_response = tree.client.send_recv(read_request)
+        raw_response = tree.client.send_recv(read_request, encrypt: @tree_connect_encrypt_data)
         response     = RubySMB::SMB2::Packet::ReadResponse.read(raw_response)
+        unless response.valid?
+          raise RubySMB::Error::InvalidPacket.new(
+            expected_proto: RubySMB::SMB2::SMB2_PROTOCOL_ID,
+            expected_cmd:   RubySMB::SMB2::Packet::ReadResponse::COMMAND,
+            received_proto: response.smb2_header.protocol,
+            received_cmd:   response.smb2_header.command
+          )
+        end
+        unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
+        end
         data = response.buffer.to_binary_s
@@ -113,8 +145,19 @@ module RubySMB
           atomic_read_size = remaining_bytes if remaining_bytes < tree.client.server_max_read_size
           read_request = read_packet(read_length: atomic_read_size, offset: offset)
-          raw_response = tree.client.send_recv(read_request)
+          raw_response = tree.client.send_recv(read_request, encrypt: @tree_connect_encrypt_data)
           response     = RubySMB::SMB2::Packet::ReadResponse.read(raw_response)
+          unless response.valid?
+            raise RubySMB::Error::InvalidPacket.new(
+              expected_proto: RubySMB::SMB2::SMB2_PROTOCOL_ID,
+              expected_cmd:   RubySMB::SMB2::Packet::ReadResponse::COMMAND,
+              received_proto: response.smb2_header.protocol,
+              received_cmd:   response.smb2_header.command
+            )
+          end
+          unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
+            raise RubySMB::Error::UnexpectedStatusCode, response.status_code
+          end
           data << response.buffer.to_binary_s
           remaining_bytes -= atomic_read_size
@@ -133,17 +176,21 @@ module RubySMB
         read_request.offset       = offset
         read_request
       end
       def send_recv_read(read_length: 0, offset: 0)
         read_request = read_packet(read_length: read_length, offset: offset)
-        raw_response = tree.client.send_recv(read_request)
+        raw_response = tree.client.send_recv(read_request, encrypt: @tree_connect_encrypt_data)
         response = RubySMB::SMB2::Packet::ReadResponse.read(raw_response)
-        if response.status_code == WindowsError::NTStatus::STATUS_PENDING
-          sleep 1
-          raw_response = tree.client.dispatcher.recv_packet
-          response = RubySMB::SMB2::Packet::ReadResponse.read(raw_response)
-        elsif response.status_code != WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+        unless response.valid?
+          raise RubySMB::Error::InvalidPacket.new(
+            expected_proto: RubySMB::SMB2::SMB2_PROTOCOL_ID,
+            expected_cmd:   RubySMB::SMB2::Packet::ReadResponse::COMMAND,
+            received_proto: response.smb2_header.protocol,
+            received_cmd:   response.smb2_header.command
+          )
+        end
+        unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
         response.buffer.to_binary_s
       end
@@ -151,9 +198,18 @@ module RubySMB
       # Delete a file on close
       #
       # @return [WindowsError::ErrorCode] the NTStatus Response code
+      # @raise [RubySMB::Error::InvalidPacket] if the response is not a SetInfoResponse packet
       def delete
-        raw_response = tree.client.send_recv(delete_packet)
+        raw_response = tree.client.send_recv(delete_packet, encrypt: @tree_connect_encrypt_data)
         response = RubySMB::SMB2::Packet::SetInfoResponse.read(raw_response)
+        unless response.valid?
+          raise RubySMB::Error::InvalidPacket.new(
+            expected_proto: RubySMB::SMB2::SMB2_PROTOCOL_ID,
+            expected_cmd:   RubySMB::SMB2::Packet::SetInfoResponse::COMMAND,
+            received_proto: response.smb2_header.protocol,
+            received_cmd:   response.smb2_header.command
+          )
+        end
         response.smb2_header.nt_status.to_nt_status
       end
@@ -182,6 +238,7 @@ module RubySMB
       # @param data [String] the data to write to the file
       # @param offset [Integer] the offset in the file to start writing from
       # @return [WindowsError::ErrorCode] the NTStatus code returned from the operation
+      # @raise [RubySMB::Error::InvalidPacket] if the response is not a WriteResponse packet
       def write(data:'', offset: 0)
         buffer            = data.dup
         bytes             = data.length
@@ -193,8 +250,16 @@ module RubySMB
         while buffer.length > 0 do
           write_request = write_packet(data: buffer.slice!(0,atomic_write_size), offset: offset)
-          raw_response  = tree.client.send_recv(write_request)
+          raw_response  = tree.client.send_recv(write_request, encrypt: @tree_connect_encrypt_data)
           response      = RubySMB::SMB2::Packet::WriteResponse.read(raw_response)
+          unless response.valid?
+            raise RubySMB::Error::InvalidPacket.new(
+              expected_proto: RubySMB::SMB2::SMB2_PROTOCOL_ID,
+              expected_cmd:   RubySMB::SMB2::Packet::WriteResponse::COMMAND,
+              received_proto: response.smb2_header.protocol,
+              received_cmd:   response.smb2_header.command
+            )
+          end
           status        = response.smb2_header.nt_status.to_nt_status
           offset+= atomic_write_size
@@ -215,28 +280,41 @@ module RubySMB
         write_request.buffer        = data
         write_request
       end
       def send_recv_write(data:'', offset: 0)
         pkt = write_packet(data: data, offset: offset)
-        raw_response = tree.client.send_recv(pkt)
+        raw_response = tree.client.send_recv(pkt, encrypt: @tree_connect_encrypt_data)
         response = RubySMB::SMB2::Packet::WriteResponse.read(raw_response)
-        if response.status_code == WindowsError::NTStatus::STATUS_PENDING
-          sleep 1
-          raw_response = tree.client.dispatcher.recv_packet
-          response = RubySMB::SMB2::Packet::WriteResponse.read(raw_response)
-        elsif response.status_code != WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+        unless response.valid?
+          raise RubySMB::Error::InvalidPacket.new(
+            expected_proto: RubySMB::SMB2::SMB2_PROTOCOL_ID,
+            expected_cmd:   RubySMB::SMB2::Packet::WriteResponse::COMMAND,
+            received_proto: response.smb2_header.protocol,
+            received_cmd:   response.smb2_header.command
+          )
+        end
+        unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
         response.write_count
       end
       # Rename a file
       #
       # @param new_file_name [String] the new name
       # @return [WindowsError::ErrorCode] the NTStatus Response code
+      # @raise [RubySMB::Error::InvalidPacket] if the response is not a SetInfoResponse packet
       def rename(new_file_name)
-        raw_response = tree.client.send_recv(rename_packet(new_file_name))
+        raw_response = tree.client.send_recv(rename_packet(new_file_name), encrypt: @tree_connect_encrypt_data)
         response = RubySMB::SMB2::Packet::SetInfoResponse.read(raw_response)
+        unless response.valid?
+          raise RubySMB::Error::InvalidPacket.new(
+            expected_proto: RubySMB::SMB2::SMB2_PROTOCOL_ID,
+            expected_cmd:   RubySMB::SMB2::Packet::SetInfoResponse::COMMAND,
+            received_proto: response.smb2_header.protocol,
+            received_cmd:   response.smb2_header.command
+          )
+        end
         response.smb2_header.nt_status.to_nt_status
       end

data/lib/ruby_smb/smb2/negotiate_context.rb ADDED

@@ -0,0 +1,108 @@
+module RubySMB
+  module SMB2
+    # An SMB2 PREAUTH_INTEGRITY_CAPABILITIES context struct as defined in
+    # [2.2.3.1.1 SMB2_PREAUTH_INTEGRITY_CAPABILITIES](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/5a07bd66-4734-4af8-abcf-5a44ff7ee0e5)
+    class PreauthIntegrityCapabilities < BinData::Record
+      SHA_512 = 0x0001
+      HASH_ALGORITM_MAP = {
+        SHA_512 => 'SHA512'
+      }
+      endian  :little
+      uint16 :hash_algorithm_count, label: 'Hash Algorithm Count', initial_value: -> { hash_algorithms.size }
+      uint16 :salt_length,          label: 'Salt Length',          initial_value: -> { salt.num_bytes }
+      array  :hash_algorithms,      label: 'Hash Algorithms',      type: :uint16, initial_length: -> { hash_algorithm_count }
+      string :salt,                 label: 'Salt',                 read_length: -> { salt_length }
+    end
+    # An SMB2 ENCRYPTION_CAPABILITIES context struct as defined in
+    # [2.2.3.1.2 SMB2_ENCRYPTION_CAPABILITIES](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/16693be7-2b27-4d3b-804b-f605bde5bcdd)
+    class EncryptionCapabilities < BinData::Record
+      AES_128_CCM = 0x0001
+      AES_128_GCM = 0x0002
+      ENCRYPTION_ALGORITHM_MAP = {
+        AES_128_CCM => 'AES-128-CCM',
+        AES_128_GCM => 'AES-128-GCM'
+      }
+      endian  :little
+      uint16 :cipher_count, label: 'Cipher Count', initial_value: -> { ciphers.size }
+      array  :ciphers,      label: 'Ciphers',      type: :uint16, initial_length: -> { cipher_count }
+    end
+    # An SMB2 COMPRESSION_CAPABILITIES context struct as defined in
+    # [2.2.3.1.3 SMB2_COMPRESSION_CAPABILITIES](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/78e0c942-ab41-472b-b117-4a95ebe88271)
+    class CompressionCapabilities < BinData::Record
+      # Flags
+      # Chained compression is not supported.
+      SMB2_COMPRESSION_CAPABILITIES_FLAG_NONE    = 0x00000000
+      # Chained compression is supported on this connection.
+      SMB2_COMPRESSION_CAPABILITIES_FLAG_CHAINED = 0x00000001
+      # Compression Algorithms
+      NONE         = 0x0000
+      LZNT1        = 0x0001
+      LZ77         = 0x0002
+      LZ77_Huffman = 0x0003
+      Pattern_V1   = 0x0004
+      COMPRESSION_ALGORITHM_MAP = {
+        NONE         => 'NONE',
+        LZNT1        => 'LZNT1',
+        LZ77         => 'LZ77',
+        LZ77_Huffman => 'LZ77_Huffman',
+        Pattern_V1   => 'Pattern_V1'
+      }
+      endian  :little
+      uint16 :compression_algorithm_count, label: 'Compression Algorithm Count', initial_value: -> { compression_algorithms.size }
+      uint16 :padding,                     label: 'Padding',                     initial_value: 0
+      uint32 :flags,                       label: 'Flags'
+      array  :compression_algorithms,      label: 'Compression Algorithms',      type: :uint16, initial_length: -> { compression_algorithm_count }
+    end
+    # An SMB2 NETNAME_NEGOTIATE_CONTEXT_ID context struct as defined in
+    # [2.2.3.1.4 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/ca6726bd-b9cf-43d9-b0bc-d127d3c993b3)
+    class NetnameNegotiateContextId < BinData::Record
+      endian  :little
+      stringz16 :net_name, label: 'Net Name'
+    end
+    # An SMB2 NEGOTIATE_CONTEXT struct as defined in
+    # [2.2.3.1 SMB2 NEGOTIATE_CONTEXT Request Values](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/15332256-522e-4a53-8cd7-0bd17678a2f7)
+    class NegotiateContext < BinData::Record
+      # The NegotiateContext Data field contains a list of preauthentication integrity hash functions as well as an optional salt value, as specified in section 2.2.3.1.1.
+      SMB2_PREAUTH_INTEGRITY_CAPABILITIES  = 0x0001
+      # The NegotiateContext Data field contains a list of encryption algorithms, as specified in section 2.2.3.1.2.
+      SMB2_ENCRYPTION_CAPABILITIES         = 0x0002
+      # The NegotiateContext Data field contains a list of compression algorithms, as specified in section 2.2.3.1.3.
+      SMB2_COMPRESSION_CAPABILITIES        = 0x0003
+      # The NegotiateContext Data field contains the server name to which the client connects.
+      SMB2_NETNAME_NEGOTIATE_CONTEXT_ID    = 0x0005
+      endian  :little
+      string :pad,          label: 'Padding',     length: -> { pad_length }
+      uint16 :context_type, label: 'Context Type'
+      uint16 :data_length,  label: 'Data Length', initial_value: -> { data.num_bytes }
+      uint32 :reserved,     label: 'Reserved',    initial_value: 0
+      choice :data,         label: 'Data',        selection: -> { context_type } do
+        preauth_integrity_capabilities SMB2_PREAUTH_INTEGRITY_CAPABILITIES, label: 'Preauthentication Integrity Capabilities'
+        encryption_capabilities        SMB2_ENCRYPTION_CAPABILITIES,        label: 'Encryption Capabilities'
+        compression_capabilities       SMB2_COMPRESSION_CAPABILITIES,       label: 'Compression Capabilities'
+        netname_negotiate_context_id   SMB2_NETNAME_NEGOTIATE_CONTEXT_ID,   label: 'Netname Negotiate Context ID'
+      end
+      def pad_length
+        offset = pad.abs_offset % 8
+        (8 - offset) % 8
+      end
+    end
+  end
+end