ruby_smb 1.1.0 → 2.0.0

data/lib/ruby_smb/dispatcher/socket.rb

@@ -48,7 +48,7 @@ module RubySMB
           end
 
         rescue IOError, Errno::ECONNABORTED, Errno::ECONNRESET => e
-          raise RubySMB::Error::CommunicationError, "An error occured writing to the Socket: #{e.message}"
+          raise RubySMB::Error::CommunicationError, "An error occurred writing to the Socket: #{e.message}"
         end
         nil
       end
@@ -84,7 +84,7 @@ module RubySMB
         end
         data
       rescue Errno::EINVAL, Errno::ECONNABORTED, Errno::ECONNRESET, TypeError, NoMethodError => e
-        raise RubySMB::Error::CommunicationError, "An error occured reading from the Socket #{e.message}"
+        raise RubySMB::Error::CommunicationError, "An error occurred reading from the Socket #{e.message}"
       end
     end
   end

data/lib/ruby_smb/error.rb

@@ -53,7 +53,28 @@ module RubySMB
     end
 
     # Raised when a response packet has a NTStatus code that was unexpected.
-    class UnexpectedStatusCode < RubySMBError; end
+    class UnexpectedStatusCode < RubySMBError
+      attr_reader :status_code
+
+      def initialize(status_code)
+        case status_code
+        when WindowsError::ErrorCode
+          @status_code = status_code
+        when Integer
+          @status_code = WindowsError::NTStatus.find_by_retval(status_code).first
+          if @status_code.nil?
+            @status_code = WindowsError::ErrorCode.new("0x#{status_code.to_s(16)}", status_code, "Unknown 0x#{status_code.to_s(16)}")
+          end
+        else
+          raise ArgumentError, "Status code must be a WindowsError::ErrorCode or an Integer, got #{status_code.class}"
+        end
+        super
+      end
+
+      def to_s
+        "The server responded with an unexpected status code: #{status_code.name}"
+      end
+    end
 
     # Raised when an error occurs with the underlying socket.
     class CommunicationError < RubySMBError; end
@@ -65,5 +86,11 @@ module RubySMB
     # Raised when trying to parse raw binary into a BitField and the data
     # is invalid.
     class InvalidBitField < RubySMBError; end
+
+    # Raised when an encryption operation fails
+    class EncryptionError < RubySMBError; end
+
+    # Raised when an signing operation fails
+    class SigningError < RubySMBError; end
   end
 end

data/lib/ruby_smb/smb1/commands.rb

@@ -10,7 +10,7 @@ module RubySMB
       SMB_COM_TRANSACTION2_SECONDARY  = 0x33
       SMB_COM_TREE_DISCONNECT         = 0x71
       SMB_COM_NEGOTIATE               = 0x72
-      SMB_COM_SESSION_SETUP           = 0x73
+      SMB_COM_SESSION_SETUP_ANDX      = 0x73
       SMB_COM_LOGOFF                  = 0x74
       SMB_COM_TREE_CONNECT            = 0x75
       SMB_COM_NT_TRANSACT             = 0xA0

data/lib/ruby_smb/smb1/file.rb

@@ -91,7 +91,7 @@ module RubySMB
           )
         end
         unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
         response.status_code
       end
@@ -127,7 +127,7 @@ module RubySMB
             )
           end
           unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-            raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+            raise RubySMB::Error::UnexpectedStatusCode, response.status_code
           end
 
           if response.is_a?(RubySMB::SMB1::Packet::ReadAndxResponse)
@@ -176,7 +176,7 @@ module RubySMB
           )
         end
         unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
 
         response.data_block.data.to_binary_s
@@ -244,7 +244,7 @@ module RubySMB
             )
           end
           unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-            raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+            raise RubySMB::Error::UnexpectedStatusCode, response.status_code
           end
           bytes_written = response.parameter_block.count_low + (response.parameter_block.count_high << 16)
           total_bytes_written += bytes_written

data/lib/ruby_smb/smb1/packet/session_setup_legacy_request.rb

@@ -4,7 +4,7 @@ module RubySMB
       # A SMB1 SMB_COM_SESSION_SETUP_ANDX Request Packet, without NTLMSSP as defined in
       # [2.2.4.53.1 Request](https://msdn.microsoft.com/en-us/library/ee441849.aspx)
       class SessionSetupLegacyRequest < RubySMB::GenericPacket
-        COMMAND = RubySMB::SMB1::Commands::SMB_COM_SESSION_SETUP
+        COMMAND = RubySMB::SMB1::Commands::SMB_COM_SESSION_SETUP_ANDX
 
         # A SMB1 Parameter Block as defined by the {SessionSetupRequest}
         class ParameterBlock < RubySMB::SMB1::ParameterBlock

data/lib/ruby_smb/smb1/packet/session_setup_legacy_response.rb

@@ -1,10 +1,10 @@
 module RubySMB
   module SMB1
     module Packet
-      # A SMB1 SMB_COM_SESSION_SETUP Legacy Response Packet as defined in
+      # A SMB1 SMB_COM_SESSION_SETUP_ANDX Legacy Response Packet as defined in
       # [2.2.4.53.2 Response](https://msdn.microsoft.com/en-us/library/ee442143.aspx)
       class SessionSetupLegacyResponse < RubySMB::GenericPacket
-        COMMAND = RubySMB::SMB1::Commands::SMB_COM_SESSION_SETUP
+        COMMAND = RubySMB::SMB1::Commands::SMB_COM_SESSION_SETUP_ANDX
 
         # A SMB1 Parameter Block as defined by the {SessionSetupResponse}
         class ParameterBlock < RubySMB::SMB1::ParameterBlock

data/lib/ruby_smb/smb1/packet/session_setup_request.rb

@@ -4,7 +4,7 @@ module RubySMB
       # A SMB1 SMB_COM_SESSION_SETUP_ANDX Request Packet as defined in
       # [2.2.4.6.1](https://msdn.microsoft.com/en-us/library/cc246328.aspx)
       class SessionSetupRequest < RubySMB::GenericPacket
-        COMMAND = RubySMB::SMB1::Commands::SMB_COM_SESSION_SETUP
+        COMMAND = RubySMB::SMB1::Commands::SMB_COM_SESSION_SETUP_ANDX
 
         # A SMB1 Parameter Block as defined by the {SessionSetupRequest}
         class ParameterBlock < RubySMB::SMB1::ParameterBlock

data/lib/ruby_smb/smb1/packet/session_setup_response.rb

@@ -1,10 +1,10 @@
 module RubySMB
   module SMB1
     module Packet
-      # A SMB1 SMB_COM_SESSION_SETUP Response Packet as defined in
+      # A SMB1 SMB_COM_SESSION_SETUP_ANDX Response Packet as defined in
       # [2.2.4.6.2](https://msdn.microsoft.com/en-us/library/cc246329.aspx)
       class SessionSetupResponse < RubySMB::GenericPacket
-        COMMAND = RubySMB::SMB1::Commands::SMB_COM_SESSION_SETUP
+        COMMAND = RubySMB::SMB1::Commands::SMB_COM_SESSION_SETUP_ANDX
 
         # A SMB1 Parameter Block as defined by the {SessionSetupResponse}
         class ParameterBlock < RubySMB::SMB1::ParameterBlock

data/lib/ruby_smb/smb1/packet/write_andx_request.rb

@@ -43,7 +43,7 @@ module RubySMB
 
         # Represents the specific layout of the DataBlock for a {WriteAndxRequest} Packet.
         class DataBlock < RubySMB::SMB1::DataBlock
-          uint8  :pad,  label: 'Pad'
+          string :pad,  label: 'Pad', length: 1
           string :data, label: 'Data'
         end
 

data/lib/ruby_smb/smb1/pipe.rb

@@ -47,7 +47,7 @@ module RubySMB
         end
 
         unless response.status_code == WindowsError::NTStatus::STATUS_BUFFER_OVERFLOW or response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
 
         response
@@ -106,7 +106,7 @@ module RubySMB
         end
         unless [WindowsError::NTStatus::STATUS_SUCCESS,
                 WindowsError::NTStatus::STATUS_BUFFER_OVERFLOW].include?(trans_nmpipe_response.status_code)
-          raise RubySMB::Error::UnexpectedStatusCode, trans_nmpipe_response.status_code.name
+          raise RubySMB::Error::UnexpectedStatusCode, trans_nmpipe_response.status_code
         end
 
         raw_data = trans_nmpipe_response.data_block.trans_data.read_data.to_binary_s

data/lib/ruby_smb/smb1/tree.rb

@@ -131,7 +131,7 @@ module RubySMB
           )
         end
         unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
 
         case response.parameter_block.resource_type 
@@ -191,7 +191,7 @@ module RubySMB
           )
         end
         unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
 
         results = response.results(type, unicode: unicode)
@@ -226,7 +226,7 @@ module RubySMB
             )
           end
           unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-            raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+            raise RubySMB::Error::UnexpectedStatusCode, response.status_code
           end
 
           results += response.results(type, unicode: unicode)

data/lib/ruby_smb/smb2/bit_field/session_flags.rb

@@ -4,7 +4,8 @@ module RubySMB
       # The SessionsFlags bit-field for a {RubySMB::SMB2::Packet::SessionSetupResponse}
       class SessionFlags < BinData::Record
         endian  :little
-        bit6    :reserved3,           label: 'Reserved', initial_value: 0
+        bit5    :reserved3,           label: 'Reserved', initial_value: 0
+        bit1    :encrypt_data,        label: 'Encrypt Data', initial_value: 0
         bit1    :null,                label: 'ASYNC Command', initial_value: 0
         bit1    :guest,               label: 'Is Guest?',     initial_value: 0
         resume_byte_alignment

data/lib/ruby_smb/smb2/bit_field/share_flags.rb

@@ -8,7 +8,7 @@ module RubySMB
         bit2    :reserved1,                 label: 'Reserved Space'
         bit1    :vdo_caching,               label: 'VDO Caching'
         bit1    :auto_caching,              label: 'Auto Caching'
-        bit2    :reserved2
+        bit2    :reserved2,                 label: 'Reserved Space'
         bit1    :dfs_root,                  label: 'DFS Root'
         bit1    :dfs,                       label: 'DFS'
         # byte boundary
@@ -20,9 +20,11 @@ module RubySMB
         bit1    :namespace_caching,         label: 'Namespace Caching'
         bit1    :shared_delete,             label: 'Force Shared Delete'
         bit1    :restrict_exclusive_opens,  label: 'Restrict Exclusive Opens'
-
-        bit8    :reserved3,                 label: 'Reserved Space'
-        bit8    :reserved4,                 label: 'Reserved Space'
+        # byte boundary
+        bit5    :reserved3,                 label: 'Reserved Space'
+        bit1    :identity_remoting,         label: 'Identity Remoting'
+        bit2    :reserved4,                 label: 'Reserved Space'
+        bit8    :reserved5,                 label: 'Reserved Space'
 
         def caching_type
           if vdo_caching == 1 && auto_caching.zero?

data/lib/ruby_smb/smb2/file.rb

@@ -52,7 +52,12 @@ module RubySMB
       #   @return [RubySMB::SMB2::Tree]
       attr_accessor :tree
 
-      def initialize(tree:, response:, name:)
+      # Whether or not encryption is required (SMB 3.x)
+      # @!attribute [rw] encryption_required
+      #   @return [Boolean]
+      attr_accessor :encryption_required
+
+      def initialize(tree:, response:, name:, encrypt: false)
         raise ArgumentError, 'No Tree Provided' if tree.nil?
         raise ArgumentError, 'No Response Provided' if response.nil?
 
@@ -66,6 +71,7 @@ module RubySMB
         @last_write   = response.last_write.to_datetime
         @size         = response.end_of_file
         @size_on_disk = response.allocation_size
+        @encryption_required = encrypt
       end
 
       # Appends the supplied data to the end of the file.
@@ -83,7 +89,7 @@ module RubySMB
       # @raise [RubySMB::Error::UnexpectedStatusCode] if the response NTStatus is not STATUS_SUCCESS
       def close
         close_request = set_header_fields(RubySMB::SMB2::Packet::CloseRequest.new)
-        raw_response  = tree.client.send_recv(close_request)
+        raw_response  = tree.client.send_recv(close_request, encrypt: @encryption_required)
         response = RubySMB::SMB2::Packet::CloseResponse.read(raw_response)
         unless response.valid?
           raise RubySMB::Error::InvalidPacket.new(
@@ -94,7 +100,7 @@ module RubySMB
           )
         end
         unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
         response.status_code
       end
@@ -116,7 +122,7 @@ module RubySMB
                            end
 
         read_request = read_packet(read_length: atomic_read_size, offset: offset)
-        raw_response = tree.client.send_recv(read_request)
+        raw_response = tree.client.send_recv(read_request, encrypt: @encryption_required)
         response     = RubySMB::SMB2::Packet::ReadResponse.read(raw_response)
         unless response.valid?
           raise RubySMB::Error::InvalidPacket.new(
@@ -127,7 +133,7 @@ module RubySMB
           )
         end
         unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
 
         data = response.buffer.to_binary_s
@@ -139,7 +145,7 @@ module RubySMB
           atomic_read_size = remaining_bytes if remaining_bytes < tree.client.server_max_read_size
 
           read_request = read_packet(read_length: atomic_read_size, offset: offset)
-          raw_response = tree.client.send_recv(read_request)
+          raw_response = tree.client.send_recv(read_request, encrypt: @encryption_required)
           response     = RubySMB::SMB2::Packet::ReadResponse.read(raw_response)
           unless response.valid?
             raise RubySMB::Error::InvalidPacket.new(
@@ -150,7 +156,7 @@ module RubySMB
             )
           end
           unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-            raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+            raise RubySMB::Error::UnexpectedStatusCode, response.status_code
           end
 
           data << response.buffer.to_binary_s
@@ -170,10 +176,10 @@ module RubySMB
         read_request.offset       = offset
         read_request
       end
-      
+
       def send_recv_read(read_length: 0, offset: 0)
         read_request = read_packet(read_length: read_length, offset: offset)
-        raw_response = tree.client.send_recv(read_request)
+        raw_response = tree.client.send_recv(read_request, encrypt: @encryption_required)
         response = RubySMB::SMB2::Packet::ReadResponse.read(raw_response)
         unless response.valid?
           raise RubySMB::Error::InvalidPacket.new(
@@ -183,20 +189,8 @@ module RubySMB
             received_cmd:   response.smb2_header.command
           )
         end
-        if response.status_code == WindowsError::NTStatus::STATUS_PENDING
-          sleep 1
-          raw_response = tree.client.dispatcher.recv_packet
-          response = RubySMB::SMB2::Packet::ReadResponse.read(raw_response)
-          unless response.valid?
-            raise RubySMB::Error::InvalidPacket.new(
-              expected_proto: RubySMB::SMB2::SMB2_PROTOCOL_ID,
-              expected_cmd:   RubySMB::SMB2::Packet::ReadResponse::COMMAND,
-              received_proto: response.smb2_header.protocol,
-              received_cmd:   response.smb2_header.command
-            )
-          end
-        elsif response.status_code != WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+        unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
         response.buffer.to_binary_s
       end
@@ -206,7 +200,7 @@ module RubySMB
       # @return [WindowsError::ErrorCode] the NTStatus Response code
       # @raise [RubySMB::Error::InvalidPacket] if the response is not a SetInfoResponse packet
       def delete
-        raw_response = tree.client.send_recv(delete_packet)
+        raw_response = tree.client.send_recv(delete_packet, encrypt: @encryption_required)
         response = RubySMB::SMB2::Packet::SetInfoResponse.read(raw_response)
         unless response.valid?
           raise RubySMB::Error::InvalidPacket.new(
@@ -256,7 +250,7 @@ module RubySMB
 
         while buffer.length > 0 do
           write_request = write_packet(data: buffer.slice!(0,atomic_write_size), offset: offset)
-          raw_response  = tree.client.send_recv(write_request)
+          raw_response  = tree.client.send_recv(write_request, encrypt: @encryption_required)
           response      = RubySMB::SMB2::Packet::WriteResponse.read(raw_response)
           unless response.valid?
             raise RubySMB::Error::InvalidPacket.new(
@@ -286,10 +280,10 @@ module RubySMB
         write_request.buffer        = data
         write_request
       end
-      
+
       def send_recv_write(data:'', offset: 0)
         pkt = write_packet(data: data, offset: offset)
-        raw_response = tree.client.send_recv(pkt)
+        raw_response = tree.client.send_recv(pkt, encrypt: @encryption_required)
         response = RubySMB::SMB2::Packet::WriteResponse.read(raw_response)
         unless response.valid?
           raise RubySMB::Error::InvalidPacket.new(
@@ -299,31 +293,19 @@ module RubySMB
             received_cmd:   response.smb2_header.command
           )
         end
-        if response.status_code == WindowsError::NTStatus::STATUS_PENDING
-          sleep 1
-          raw_response = tree.client.dispatcher.recv_packet
-          response = RubySMB::SMB2::Packet::WriteResponse.read(raw_response)
-          unless response.valid?
-            raise RubySMB::Error::InvalidPacket.new(
-              expected_proto: RubySMB::SMB2::SMB2_PROTOCOL_ID,
-              expected_cmd:   RubySMB::SMB2::Packet::WriteResponse::COMMAND,
-              received_proto: response.smb2_header.protocol,
-              received_cmd:   response.smb2_header.command
-            )
-          end
-        elsif response.status_code != WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+        unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
         response.write_count
       end
-      
+
       # Rename a file
       #
       # @param new_file_name [String] the new name
       # @return [WindowsError::ErrorCode] the NTStatus Response code
       # @raise [RubySMB::Error::InvalidPacket] if the response is not a SetInfoResponse packet
       def rename(new_file_name)
-        raw_response = tree.client.send_recv(rename_packet(new_file_name))
+        raw_response = tree.client.send_recv(rename_packet(new_file_name), encrypt: @encryption_required)
         response = RubySMB::SMB2::Packet::SetInfoResponse.read(raw_response)
         unless response.valid?
           raise RubySMB::Error::InvalidPacket.new(

data/lib/ruby_smb/smb2/negotiate_context.rb

@@ -0,0 +1,108 @@
+module RubySMB
+  module SMB2
+
+    # An SMB2 PREAUTH_INTEGRITY_CAPABILITIES context struct as defined in
+    # [2.2.3.1.1 SMB2_PREAUTH_INTEGRITY_CAPABILITIES](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/5a07bd66-4734-4af8-abcf-5a44ff7ee0e5)
+    class PreauthIntegrityCapabilities < BinData::Record
+      SHA_512 = 0x0001
+      HASH_ALGORITM_MAP = {
+        SHA_512 => 'SHA512'
+      }
+
+      endian  :little
+
+      uint16 :hash_algorithm_count, label: 'Hash Algorithm Count', initial_value: -> { hash_algorithms.size }
+      uint16 :salt_length,          label: 'Salt Length',          initial_value: -> { salt.num_bytes }
+      array  :hash_algorithms,      label: 'Hash Algorithms',      type: :uint16, initial_length: -> { hash_algorithm_count }
+      string :salt,                 label: 'Salt',                 read_length: -> { salt_length }
+    end
+
+    # An SMB2 ENCRYPTION_CAPABILITIES context struct as defined in
+    # [2.2.3.1.2 SMB2_ENCRYPTION_CAPABILITIES](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/16693be7-2b27-4d3b-804b-f605bde5bcdd)
+    class EncryptionCapabilities < BinData::Record
+      AES_128_CCM = 0x0001
+      AES_128_GCM = 0x0002
+      ENCRYPTION_ALGORITHM_MAP = {
+        AES_128_CCM => 'AES-128-CCM',
+        AES_128_GCM => 'AES-128-GCM'
+      }
+
+      endian  :little
+
+      uint16 :cipher_count, label: 'Cipher Count', initial_value: -> { ciphers.size }
+      array  :ciphers,      label: 'Ciphers',      type: :uint16, initial_length: -> { cipher_count }
+    end
+
+    # An SMB2 COMPRESSION_CAPABILITIES context struct as defined in
+    # [2.2.3.1.3 SMB2_COMPRESSION_CAPABILITIES](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/78e0c942-ab41-472b-b117-4a95ebe88271)
+    class CompressionCapabilities < BinData::Record
+      # Flags
+      # Chained compression is not supported.
+      SMB2_COMPRESSION_CAPABILITIES_FLAG_NONE    = 0x00000000
+      # Chained compression is supported on this connection.
+      SMB2_COMPRESSION_CAPABILITIES_FLAG_CHAINED = 0x00000001
+
+      # Compression Algorithms
+      NONE         = 0x0000
+      LZNT1        = 0x0001
+      LZ77         = 0x0002
+      LZ77_Huffman = 0x0003
+      Pattern_V1   = 0x0004
+      COMPRESSION_ALGORITHM_MAP = {
+        NONE         => 'NONE',
+        LZNT1        => 'LZNT1',
+        LZ77         => 'LZ77',
+        LZ77_Huffman => 'LZ77_Huffman',
+        Pattern_V1   => 'Pattern_V1'
+      }
+
+      endian  :little
+
+      uint16 :compression_algorithm_count, label: 'Compression Algorithm Count', initial_value: -> { compression_algorithms.size }
+      uint16 :padding,                     label: 'Padding',                     initial_value: 0
+      uint32 :flags,                       label: 'Flags'
+      array  :compression_algorithms,      label: 'Compression Algorithms',      type: :uint16, initial_length: -> { compression_algorithm_count }
+    end
+
+    # An SMB2 NETNAME_NEGOTIATE_CONTEXT_ID context struct as defined in
+    # [2.2.3.1.4 SMB2_NETNAME_NEGOTIATE_CONTEXT_ID](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/ca6726bd-b9cf-43d9-b0bc-d127d3c993b3)
+    class NetnameNegotiateContextId < BinData::Record
+      endian  :little
+
+      stringz16 :net_name, label: 'Net Name'
+    end
+
+
+    # An SMB2 NEGOTIATE_CONTEXT struct as defined in
+    # [2.2.3.1 SMB2 NEGOTIATE_CONTEXT Request Values](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/15332256-522e-4a53-8cd7-0bd17678a2f7)
+    class NegotiateContext < BinData::Record
+      # The NegotiateContext Data field contains a list of preauthentication integrity hash functions as well as an optional salt value, as specified in section 2.2.3.1.1.
+      SMB2_PREAUTH_INTEGRITY_CAPABILITIES  = 0x0001
+      # The NegotiateContext Data field contains a list of encryption algorithms, as specified in section 2.2.3.1.2.
+      SMB2_ENCRYPTION_CAPABILITIES         = 0x0002
+      # The NegotiateContext Data field contains a list of compression algorithms, as specified in section 2.2.3.1.3.
+      SMB2_COMPRESSION_CAPABILITIES        = 0x0003
+      # The NegotiateContext Data field contains the server name to which the client connects.
+      SMB2_NETNAME_NEGOTIATE_CONTEXT_ID    = 0x0005
+
+      endian  :little
+
+      string :pad,          label: 'Padding',     length: -> { pad_length }
+      uint16 :context_type, label: 'Context Type'
+      uint16 :data_length,  label: 'Data Length', initial_value: -> { data.num_bytes }
+      uint32 :reserved,     label: 'Reserved',    initial_value: 0
+      choice :data,         label: 'Data',        selection: -> { context_type } do
+        preauth_integrity_capabilities SMB2_PREAUTH_INTEGRITY_CAPABILITIES, label: 'Preauthentication Integrity Capabilities'
+        encryption_capabilities        SMB2_ENCRYPTION_CAPABILITIES,        label: 'Encryption Capabilities'
+        compression_capabilities       SMB2_COMPRESSION_CAPABILITIES,       label: 'Compression Capabilities'
+        netname_negotiate_context_id   SMB2_NETNAME_NEGOTIATE_CONTEXT_ID,   label: 'Netname Negotiate Context ID'
+      end
+
+      def pad_length
+        offset = pad.abs_offset % 8
+        (8 - offset) % 8
+      end
+
+    end
+  end
+end