ruby_smb 3.0.0 → 3.0.4

data/lib/ruby_smb/dcerpc/print_system/rpc_enum_printer_drivers_response.rb

@@ -0,0 +1,23 @@
+module RubySMB
+  module Dcerpc
+    module PrintSystem
+
+      # [3.1.4.4.2 RpcEnumPrinterDrivers (Opnum 10)](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rprn/857d00ac-3682-4a0d-86ca-3d3c372e5e4a)
+      class RpcEnumPrinterDriversResponse < BinData::Record
+        attr_reader :opnum
+
+        endian :little
+
+        def initialize_instance
+          super
+          @opnum = RPC_ENUM_PRINTER_DRIVERS
+        end
+
+        rprn_byte_array_ptr  :p_drivers
+        ndr_uint32           :pcb_needed
+        ndr_uint32           :pc_returned
+        ndr_uint32           :error_status
+      end
+    end
+  end
+end

data/lib/ruby_smb/dcerpc/print_system/rpc_get_printer_driver_directory_request.rb

@@ -0,0 +1,24 @@
+module RubySMB
+  module Dcerpc
+    module PrintSystem
+
+      # [3.1.4.4.4 RpcGetPrinterDriverDirectory (Opnum 12)](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rprn/9df11cf4-4098-4852-ad72-d1f75a82bffe)
+      class RpcGetPrinterDriverDirectoryRequest < BinData::Record
+        attr_reader :opnum
+
+        endian :little
+
+        def initialize_instance
+          super
+          @opnum = RPC_GET_PRINTER_DRIVER_DIRECTORY
+        end
+
+        ndr_wide_stringz_ptr :p_name
+        ndr_wide_stringz_ptr :p_environment
+        ndr_uint32           :level
+        rprn_byte_array_ptr  :p_driver_directory
+        ndr_uint32           :cb_buf
+      end
+    end
+  end
+end

data/lib/ruby_smb/dcerpc/print_system/rpc_get_printer_driver_directory_response.rb

@@ -0,0 +1,22 @@
+module RubySMB
+  module Dcerpc
+    module PrintSystem
+
+      # [3.1.4.4.4 RpcGetPrinterDriverDirectory (Opnum 12)](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rprn/9df11cf4-4098-4852-ad72-d1f75a82bffe)
+      class RpcGetPrinterDriverDirectoryResponse < BinData::Record
+        attr_reader :opnum
+
+        endian :little
+
+        def initialize_instance
+          super
+          @opnum = RPC_GET_PRINTER_DRIVER_DIRECTORY
+        end
+
+        rprn_byte_array_ptr :p_driver_directory
+        ndr_uint32          :pcb_needed
+        ndr_uint32          :error_status
+      end
+    end
+  end
+end

data/lib/ruby_smb/dcerpc/print_system.rb

@@ -0,0 +1,69 @@
+module RubySMB
+  module Dcerpc
+    module PrintSystem
+
+      # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rprn/848b8334-134a-4d02-aea4-03b673d6c515
+      UUID = '12345678-1234-abcd-ef00-0123456789ab'.freeze
+      VER_MAJOR = 1
+      VER_MINOR = 0
+
+      # Operation numbers
+      RPC_ENUM_PRINTER_DRIVERS = 10
+      RPC_GET_PRINTER_DRIVER_DIRECTORY = 12
+      RPC_ADD_PRINTER_DRIVER_EX = 89
+
+      # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rprn/b96cc497-59e5-4510-ab04-5484993b259b
+      APD_STRICT_UPGRADE = 0x00000001
+      APD_STRICT_DOWNGRADE = 0x00000002
+      APD_COPY_ALL_FILES = 0x00000004
+      APD_COPY_NEW_FILES = 0x00000008
+      APD_COPY_FROM_DIRECTORY = 0x00000010
+      APD_DONT_COPY_FILES_TO_CLUSTER = 0x00001000
+      APD_COPY_TO_ALL_SPOOLERS = 0x00002000
+      APD_INSTALL_WARNED_DRIVER = 0x00008000
+      APD_RETURN_BLOCKING_STATUS_CODE = 0x00010000
+
+      # [2.2.1.5.2 DRIVER_INFO_2](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rprn/39bbfc30-8768-4cd4-9930-434857e2c2a2)
+      class DriverInfo2 < RubySMB::Dcerpc::Ndr::NdrStruct
+        default_parameter byte_align: 4
+        endian :little
+
+        ndr_uint32 :c_version
+        ndr_wide_stringz_ptr :p_name
+        ndr_wide_stringz_ptr :p_environment
+        ndr_wide_stringz_ptr :p_driver_path
+        ndr_wide_stringz_ptr :p_data_file
+        ndr_wide_stringz_ptr :p_config_file
+      end
+
+      class PDriverInfo2 < DriverInfo2
+        extend RubySMB::Dcerpc::Ndr::PointerClassPlugin
+      end
+
+      # [2.2.1.2.3 DRIVER_CONTAINER](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rprn/3a3f9cf7-8ec4-4921-b1f6-86cf8d139bc2)
+      class DriverContainer < RubySMB::Dcerpc::Ndr::NdrStruct
+        default_parameter byte_align: 4
+        endian :little
+
+        ndr_uint32 :level, check_value: -> { [2].include?(value) }
+        ndr_uint32 :tag
+        choice :driver_info, selection: :level, byte_align: 4 do
+          p_driver_info2 2
+        end
+      end
+
+      # for RpcEnumPrinterDrivers and RpcGetPrinterDriverDirectory `BYTE*` fields
+      class RprnByteArrayPtr < RubySMB::Dcerpc::Ndr::NdrConfArray
+        default_parameters type: :ndr_uint8
+        extend RubySMB::Dcerpc::Ndr::PointerClassPlugin
+      end
+
+      require 'ruby_smb/dcerpc/print_system/rpc_add_printer_driver_ex_request'
+      require 'ruby_smb/dcerpc/print_system/rpc_add_printer_driver_ex_response'
+      require 'ruby_smb/dcerpc/print_system/rpc_enum_printer_drivers_request'
+      require 'ruby_smb/dcerpc/print_system/rpc_enum_printer_drivers_response'
+      require 'ruby_smb/dcerpc/print_system/rpc_get_printer_driver_directory_request'
+      require 'ruby_smb/dcerpc/print_system/rpc_get_printer_driver_directory_response'
+    end
+  end
+end

data/lib/ruby_smb/dcerpc.rb

@@ -50,8 +50,8 @@ module RubySMB
     require 'ruby_smb/dcerpc/rpc_auth3'
     require 'ruby_smb/dcerpc/bind'
     require 'ruby_smb/dcerpc/bind_ack'
-
-
+    require 'ruby_smb/dcerpc/print_system'
+    require 'ruby_smb/dcerpc/encrypting_file_system'
 
     # Bind to the remote server interface endpoint.
     #

data/lib/ruby_smb/field/nt_status.rb

@@ -4,7 +4,26 @@ module RubySMB
   module Field
     # Represents an NTStatus code as defined in
     # [2.3.1 NTSTATUS values](https://msdn.microsoft.com/en-us/library/cc704588.aspx)
-    class NtStatus < BinData::Uint32le
+    class NtStatus < BinData::Primitive
+      endian :little
+      uint32 :val
+
+      def get
+        val.to_i
+      end
+
+      def set(value)
+        case value
+        when WindowsError::ErrorCode
+          set(value.value)
+        when Integer
+          self.val = value
+        else
+          self.val = value.to_i
+        end
+        val
+      end
+
       # Returns a meaningful error code parsed from the numeric value
       #
       # @return [WindowsError::ErrorCode] the ErrorCode object for this code

data/lib/ruby_smb/fscc/file_information/file_ea_information.rb

@@ -0,0 +1,14 @@
+module RubySMB
+  module Fscc
+    module FileInformation
+      # The FileEaInformation Class as defined in
+      # [2.4.12 FileEaInformation](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-fscc/db6cf109-ead8-441a-b29e-cb2032778b0f)
+      class FileEaInformation < BinData::Record
+        CLASS_LEVEL = FileInformation::FILE_EA_INFORMATION
+
+        endian :little
+        uint32 :ea_size, label: 'Extended Attributes Size'
+      end
+    end
+  end
+end

data/lib/ruby_smb/fscc/file_information/file_network_open_information.rb

@@ -0,0 +1,22 @@
+module RubySMB
+  module Fscc
+    module FileInformation
+      # The FileNetworkOpenInformation Class as defined in
+      # [2.4.29 FileNetworkOpenInformation](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-fscc/26d261db-58d1-4513-a548-074448cbb146)
+      class FileNetworkOpenInformation < BinData::Record
+        CLASS_LEVEL = FileInformation::FILE_NETWORK_OPEN_INFORMATION
+
+        endian :little
+
+        file_time        :create_time,        label: 'Create Time'
+        file_time        :last_access,        label: 'Last Accessed Time'
+        file_time        :last_write,         label: 'Last Write Time'
+        file_time        :last_change,        label: 'Last Modified Time'
+        int64            :allocation_size,    label: 'Allocated Size'
+        int64            :end_of_file,        label: 'End of File'
+        file_attributes  :file_attributes,    label: 'File Attributes'
+        uint32           :reserved,           label: 'Reserved Space'
+      end
+    end
+  end
+end

data/lib/ruby_smb/fscc/file_information/file_stream_information.rb

@@ -0,0 +1,16 @@
+module RubySMB
+  module Fscc
+    module FileInformation
+      # The FileStreamInformation
+      # [2.4.43 FileStreamInformation](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-fscc/f8762be6-3ab9-411e-a7d6-5cc68f70c78d)
+      class FileStreamInformation < BinData::Record
+        endian :little
+        uint32   :next_entry_offset,      label: 'Next Entry Offset'
+        uint32   :stream_name_length,     label: 'Stream Name Length', initial_value: -> { stream_name.do_num_bytes }
+        int64    :stream_size,            label: 'Stream Size'
+        int64    :stream_allocation_size, label: 'Stream Allocation Size'
+        string16 :stream_name,            label: 'Stream Name', read_length: -> { stream_name_length }
+      end
+    end
+  end
+end

data/lib/ruby_smb/fscc/file_information.rb

@@ -17,6 +17,10 @@ module RubySMB
       # contents of a directory.
       FILE_BOTH_DIRECTORY_INFORMATION    = 0x03
 
+      # Information class used to query for the size of the extended attributes
+      # (EA) for a file.
+      FILE_EA_INFORMATION                = 0x07
+
       # Information class used to rename a file.
       FILE_RENAME_INFORMATION            = 0x0A
 
@@ -27,6 +31,14 @@ module RubySMB
       # Information class used to mark a file for deletion.
       FILE_DISPOSITION_INFORMATION       = 0x0D
 
+      # Information class used to enumerate the data streams of a file or a
+      # directory.
+      FILE_STREAM_INFORMATION            = 0x16
+
+      # This information class is used to query for information that is commonly
+      # needed when a file is opened across a network.
+      FILE_NETWORK_OPEN_INFORMATION      = 0x22
+
       # Information class used in directory enumeration to return detailed
       # information (with extended attributes size, short names and file ID)
       # about the contents of a directory.
@@ -38,6 +50,13 @@ module RubySMB
       FILE_ID_FULL_DIRECTORY_INFORMATION = 0x26
 
 
+      # This information class is used to query the normalized name of a file. A
+      # normalized name is an absolute pathname where each short name component
+      # has been replaced with the corresponding long name component, and each
+      # name component uses the exact letter casing stored on disk.
+      FILE_NORMALIZED_NAME_INFORMATION = 0x30
+
+
       # These Information Classes can be used by SMB1 using the pass-through
       # Information Levels when available on the server (CAP_INFOLEVEL_PASSTHRU
       # capability flag in an SMB_COM_NEGOTIATE server response). The constant
@@ -46,6 +65,13 @@ module RubySMB
       # [2.2.2.3.5 Pass-through Information Level Codes](https://msdn.microsoft.com/en-us/library/ff470158.aspx)
       SMB_INFO_PASSTHROUGH               = 0x03e8
 
+      # The FILE_NAME_INFORMATION type as defined in
+      # https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-fscc/20406fb1-605f-4629-ba9a-c67ee25f23d2
+      class FileNameInformation < BinData::Record
+        endian :little
+        uint32           :file_name_length, label: 'File Name Length',  initial_value: -> { file_name.do_num_bytes }
+        string16         :file_name,        label: 'File Name',         read_length: -> { file_name_length }
+      end
 
       require 'ruby_smb/fscc/file_information/file_directory_information'
       require 'ruby_smb/fscc/file_information/file_full_directory_information'
@@ -55,6 +81,9 @@ module RubySMB
       require 'ruby_smb/fscc/file_information/file_id_both_directory_information'
       require 'ruby_smb/fscc/file_information/file_names_information'
       require 'ruby_smb/fscc/file_information/file_rename_information'
+      require 'ruby_smb/fscc/file_information/file_network_open_information'
+      require 'ruby_smb/fscc/file_information/file_ea_information'
+      require 'ruby_smb/fscc/file_information/file_stream_information'
     end
   end
 end

data/lib/ruby_smb/fscc/file_system_information/file_fs_attribute_information.rb

@@ -0,0 +1,46 @@
+module RubySMB
+  module Fscc
+    module FileSystemInformation
+      # The FileFsAttributeInformation
+      # [2.5.1 FileFsAttributeInformation](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-fscc/ebc7e6e5-4650-4e54-b17c-cf60f6fbeeaa)
+      class FileFsAttributeInformation < BinData::Record
+        CLASS_LEVEL = FileSystemInformation::FILE_FS_ATTRIBUTE_INFORMATION
+
+        endian :little
+        struct   :file_system_attributes,            label: 'File System Attributes' do
+          bit1   :file_supports_reparse_points,      label: 'FS Supports Reparse Points'
+          bit1   :file_supports_sparse_files,        label: 'FS Supports Sparse Files'
+          bit1   :file_volume_quotas,                label: 'FS Supports Quotas'
+          bit1   :file_file_compression,             label: 'FS Supports File Compression'
+          bit1   :file_persistent_acls,              label: 'FS Supports Persistent ACLs'
+          bit1   :file_unicode_on_disk,              label: 'FS Supports Unicode Names'
+          bit1   :file_case_preserved_names,         label: 'FS Preserves Name Casing'
+          bit1   :file_case_sensitive_search,        label: 'FS Supports Case-Sensitive Searching'
+          # byte boundary
+          bit1   :file_volume_is_compressed,         label: 'FS Is Compressed'
+          bit6   :reserved0
+          bit1   :file_supports_remote_storage,      label: 'FS Supports Remote Storage'
+          # byte boundary
+          bit1   :file_supports_extended_attributes, label: 'FS Supports Persistent Extended Attributes'
+          bit1   :file_supports_hard_links,          label: 'FS Supports Hard Links'
+          bit1   :file_supports_transactions,        label: 'FS Supports Transactions'
+          bit1   :file_sequential_write_once,        label: 'FS Is Write Once'
+          bit1   :file_read_only_volume,             label: 'FS Is Read-Only'
+          bit1   :file_named_streams,                label: 'FS Supports Named Streams'
+          bit1   :file_supports_encryption,          label: 'FS Supports Encryption'
+          bit1   :file_supports_object_ids,          label: 'FS Supports Object IDs'
+          # byte boundary
+          bit3   :reserved1
+          bit1   :file_supports_sparse_vdl,          label: 'FS Supports Sparse VDL'
+          bit1   :file_supports_block_refcounting,   label: 'FS Supports Block Reference Counting'
+          bit1   :file_supports_integrity_streams,   label: 'FS Supports Integrity Streams'
+          bit1   :file_supports_usn_journal,         label: 'FS Supports USN Change Journal'
+          bit1   :file_supports_open_by_file_id,     label: 'FS Supports Open By File ID'
+        end
+        int32    :maximum_component_name_length,     label: 'Maximum Component Name Length'
+        uint32   :file_system_name_length,           label: 'File System Name Length', initial_value: -> { file_system_name.do_num_bytes }
+        string16 :file_system_name,                  label: 'File System Name', read_length: -> { file_system_name_length }
+      end
+    end
+  end
+end

data/lib/ruby_smb/fscc/file_system_information/file_fs_volume_information.rb

@@ -0,0 +1,19 @@
+module RubySMB
+  module Fscc
+    module FileSystemInformation
+      # The FileFsVolumeInformation
+      # [2.5.9 FileFsVolumeInformation](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-fscc/bf691378-c34e-4a13-976e-404ea1a87738)
+      class FileFsVolumeInformation < BinData::Record
+        CLASS_LEVEL = FileSystemInformation::FILE_FS_VOLUME_INFORMATION
+
+        endian :little
+        file_time :volume_creation_time, label: 'Volume Creation Time'
+        uint32    :volume_serial_number, label: 'Volume Serial Number'
+        uint32    :volume_label_length,  label: 'Volume Label Length', initial_value: -> { volume_label.do_num_bytes }
+        uint8     :supports_objects,     label: 'Supports Objects'
+        uint8     :reserved,             label: 'Reserved'
+        string16  :volume_label,         label: 'Volume Label', read_length: -> { volume_label_length }
+      end
+    end
+  end
+end

data/lib/ruby_smb/fscc/file_system_information.rb

@@ -0,0 +1,22 @@
+module RubySMB
+  module Fscc
+    # Namespace and constant values for File System Information Classes, as defined in
+    # [2.5 File System Information Classes](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-fscc/ee12042a-9352-46e3-9f67-c094b75fe6c3)
+    module FileSystemInformation
+      FILE_FS_VOLUME_INFORMATION       = 1
+      FILE_FS_LABEL_INFORMATION        = 2
+      FILE_FS_SIZE_INFORMATION         = 3
+      FILE_FS_DEVICE_INFORMATION       = 4
+      FILE_FS_ATTRIBUTE_INFORMATION    = 5
+      FILE_FS_CONTROL_INFORMATION      = 6
+      FILE_FS_FULL_SIZE_INFORMATION    = 7
+      FILE_FS_OBJECT_ID_INFORMATION    = 8
+      FILE_FS_DRIVER_PATH_INFORMATION  = 9
+      FILE_FS_VOLUME_FLAGS_INFORMATION = 10
+      FILE_FS_SECTOR_SIZE_INFORMATION  = 11
+
+      require 'ruby_smb/fscc/file_system_information/file_fs_attribute_information'
+      require 'ruby_smb/fscc/file_system_information/file_fs_volume_information'
+    end
+  end
+end

data/lib/ruby_smb/fscc.rb

@@ -7,6 +7,7 @@ module RubySMB
     require 'ruby_smb/fscc/file_full_ea_info'
     require 'ruby_smb/fscc/ea_info_array'
     require 'ruby_smb/fscc/file_information'
+    require 'ruby_smb/fscc/file_system_information'
     require 'ruby_smb/fscc/control_codes'
   end
 end

data/lib/ruby_smb/generic_packet.rb

@@ -43,6 +43,8 @@ module RubySMB
       begin
         super(val)
       rescue IOError => e
+        # $stderr.puts "#{e.class}: #{e.message}"
+        # $stderr.puts e.backtrace.join("\n")
         case self.to_s
           when /EmptyPacket|ErrorPacket/
             raise RubySMB::Error::InvalidPacket, 'Not a valid SMB packet'
@@ -68,6 +70,10 @@ module RubySMB
       end
     end
 
+    def self.from_hex(val)
+      self.read(val.scan(/../).map { |x| x.hex.chr }.join)
+    end
+
     def status_code
       value = -1
       smb_version = packet_smb_version

data/lib/ruby_smb/gss/provider/authenticator.rb

@@ -17,6 +17,10 @@ module RubySMB
             reset!
           end
 
+          def logger
+            @server_client.logger
+          end
+
           #
           # Process a GSS authentication buffer. If no buffer is specified, the request is assumed to be the first in
           # the negotiation sequence.

data/lib/ruby_smb/gss/provider/ntlm.rb

@@ -50,7 +50,8 @@ module RubySMB
 
             begin
               gss_api = OpenSSL::ASN1.decode(request_buffer)
-            rescue OpenSSL::ASN1::ASN1Error
+            rescue OpenSSL::ASN1::ASN1Error => e
+              logger.error("Failed to parse the ASN1-encoded authentication request (#{e.message})")
               return
             end
 
@@ -114,11 +115,16 @@ module RubySMB
               return WindowsError::NTStatus::STATUS_LOGON_FAILURE
             end
 
+            dbg_string = "#{type3_msg.domain.encode(''.encoding)}\\#{type3_msg.user.encode(''.encoding)}"
+            logger.debug("NTLM authentication request received for #{dbg_string}")
             account = @provider.get_account(
               type3_msg.user,
               domain: type3_msg.domain
             )
-            return WindowsError::NTStatus::STATUS_LOGON_FAILURE if account.nil?
+            if account.nil?
+              logger.info("NTLM authentication request failed for #{dbg_string} (no account)")
+              return WindowsError::NTStatus::STATUS_LOGON_FAILURE
+            end
 
             matches = false
             case type3_msg.ntlm_version
@@ -159,8 +165,12 @@ module RubySMB
               raise NotImplementedError, "authentication via ntlm version #{type3_msg.ntlm_version} is not supported"
             end
 
-            return WindowsError::NTStatus::STATUS_LOGON_FAILURE unless matches
+            unless matches
+              logger.info("NTLM authentication request failed for #{dbg_string} (bad password)")
+              return WindowsError::NTStatus::STATUS_LOGON_FAILURE
+            end
 
+            logger.info("NTLM authentication request succeeded for #{dbg_string}")
             WindowsError::NTStatus::STATUS_SUCCESS
           end
 

data/lib/ruby_smb/server/server_client/negotiation.rb

@@ -73,7 +73,6 @@ module RubySMB
           response.data_block.server_guid = @server.guid
           response.data_block.security_blob = process_gss.buffer
 
-          @state = :session_setup
           @dialect = dialect
           response
         end
@@ -146,7 +145,6 @@ module RubySMB
             update_preauth_hash(response)
           end
 
-          @state = :session_setup
           @dialect = dialect
           response
         end

data/lib/ruby_smb/server/server_client/session_setup.rb

@@ -2,39 +2,26 @@ module RubySMB
   class Server
     class ServerClient
       module SessionSetup
-        #
-        # Setup a new session based on the negotiated dialect. Once session setup is complete, the state will be updated
-        # to :authenticated.
-        #
-        # @param [String] raw_request the session setup request to process
-        def handle_session_setup(raw_request)
-          response = nil
-
-          case metadialect.order
-          when Dialect::ORDER_SMB1
-            request = SMB1::Packet::SessionSetupRequest.read(raw_request)
-            response = do_session_setup_smb1(request)
-          when Dialect::ORDER_SMB2
-            request = SMB2::Packet::SessionSetupRequest.read(raw_request)
-            response = do_session_setup_smb2(request)
-          end
-
-          if response.nil?
-            disconnect!
+        def do_session_setup_smb1(request, session)
+          session_id = request.smb_header.uid
+          if session_id == 0
+            session_id = rand(1..0x10000)
+            session = @session_table[session_id] = Server::Session.new(session_id)
           else
-            send_packet(response)
+            session = @session_table[session_id]
+            if session.nil?
+              response = SMB1::Packet::EmptyPacket.new
+              response.smb_header.nt_status = SMBError::STATUS_SMB_BAD_UID
+              return response
+            end
           end
 
-          nil
-        end
-
-        def do_session_setup_smb1(request)
           gss_result = process_gss(request.data_block.security_blob)
           return if gss_result.nil?
 
           response = SMB1::Packet::SessionSetupResponse.new
           response.smb_header.pid_low = request.smb_header.pid_low
-          response.smb_header.uid = rand(0x10000)
+          response.smb_header.uid = session_id
           response.smb_header.mid = request.smb_header.mid
           response.smb_header.nt_status = gss_result.nt_status.value
           response.smb_header.flags.reply = true
@@ -46,14 +33,28 @@ module RubySMB
           end
 
           if gss_result.nt_status == WindowsError::NTStatus::STATUS_SUCCESS
-            @state = :authenticated
-            @identity = gss_result.identity
+            session.state = :valid
+            session.user_id = gss_result.identity
+            session.key = @gss_authenticator.session_key
           end
 
           response
         end
 
-        def do_session_setup_smb2(request)
+        def do_session_setup_smb2(request, session)
+          session_id = request.smb2_header.session_id
+          if session_id == 0
+            session_id = rand(1..0xfffffffe)
+            session = @session_table[session_id] = Session.new(session_id)
+          else
+            session = @session_table[session_id]
+            if session.nil?
+              response = SMB2::Packet::ErrorPacket.new
+              response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_USER_SESSION_DELETED
+              return response
+            end
+          end
+
           gss_result = process_gss(request.buffer)
           return if gss_result.nil?
 
@@ -61,20 +62,30 @@ module RubySMB
           response.smb2_header.nt_status = gss_result.nt_status.value
           response.smb2_header.credits = 1
           response.smb2_header.message_id = request.smb2_header.message_id
-          response.smb2_header.session_id = @session_id = @session_id || SecureRandom.random_bytes(4).unpack1('V')
+          response.smb2_header.session_id = session_id
           response.buffer = gss_result.buffer
 
           update_preauth_hash(request) if @dialect == '0x0311'
           if gss_result.nt_status == WindowsError::NTStatus::STATUS_SUCCESS
-            @state = :authenticated
-            @identity = gss_result.identity
-            @session_key = @gss_authenticator.session_key
+            response.smb2_header.credits = 32
+            session.state = :valid
+            session.user_id = gss_result.identity
+            session.key = @gss_authenticator.session_key
+            session.signing_required = request.security_mode.signing_required == 1
           elsif gss_result.nt_status == WindowsError::NTStatus::STATUS_MORE_PROCESSING_REQUIRED && @dialect == '0x0311'
             update_preauth_hash(response)
           end
 
           response
         end
+
+        def do_logoff_smb2(request, session)
+          session = @session_table.delete(session.id)
+          session.logoff!
+
+          response = SMB2::Packet::LogoffResponse.new
+          response
+        end
       end
     end
   end

data/lib/ruby_smb/server/server_client/share_io.rb

@@ -0,0 +1,28 @@
+module RubySMB
+  class Server
+    class ServerClient
+      module ShareIO
+        def proxy_share_io_smb2(request, session)
+          # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/9a639360-87be-4d49-a1dd-4c6be0c020bd
+          share_processor = session.tree_connect_table[request.smb2_header.tree_id]
+          if share_processor.nil?
+            response = SMB2::Packet::ErrorPacket.new
+            response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_NETWORK_NAME_DELETED
+            return response
+          end
+
+          logger.debug("Received #{SMB2::Commands.name(request.smb2_header.command)} request for share: #{share_processor.provider.name}")
+          share_processor.send(__callee__, request)
+        end
+
+        alias :do_close_smb2           :proxy_share_io_smb2
+        alias :do_create_smb2          :proxy_share_io_smb2
+        alias :do_ioctl_smb2           :proxy_share_io_smb2
+        alias :do_query_directory_smb2 :proxy_share_io_smb2
+        alias :do_query_info_smb2      :proxy_share_io_smb2
+        alias :do_read_smb2            :proxy_share_io_smb2
+
+      end
+    end
+  end
+end