ruby_smb 3.0.4 → 3.1.0

data/lib/ruby_smb/server/server_client/encryption.rb

@@ -0,0 +1,66 @@
+module RubySMB
+  class Server
+    class ServerClient
+      # Contains the methods for handling encryption / decryption
+      module Encryption
+        def smb3_encrypt(data, session)
+          encryption_algorithm = SMB2::EncryptionCapabilities::ENCRYPTION_ALGORITHM_MAP[@cipher_id]
+          raise RubySMB::Error::EncryptionError.new('The encryption algorithm has not been set') if encryption_algorithm.nil?
+
+          key_bit_len = OpenSSL::Cipher.new(encryption_algorithm).key_len * 8
+
+          case @dialect
+          when '0x0300', '0x0302'
+            server_encryption_key = RubySMB::Crypto::KDF.counter_mode(
+              session.key,
+              "SMB2AESCCM\x00",
+              "ServerOut\x00",
+              length: key_bit_len
+            )
+          when '0x0311'
+            server_encryption_key = RubySMB::Crypto::KDF.counter_mode(
+              session.key,
+              "SMBS2CCipherKey\x00",
+              @preauth_integrity_hash_value,
+              length: key_bit_len
+            )
+          else
+            raise RubySMB::Error::EncryptionError.new('Dialect is incompatible with SMBv3 decryption')
+          end
+
+          th = RubySMB::SMB2::Packet::TransformHeader.new(flags: 1, session_id: session.id)
+          th.encrypt(data, server_encryption_key, algorithm: encryption_algorithm)
+          th
+        end
+
+        def smb3_decrypt(encrypted_request, session)
+          encryption_algorithm = SMB2::EncryptionCapabilities::ENCRYPTION_ALGORITHM_MAP[@cipher_id]
+          raise RubySMB::Error::EncryptionError.new('The encryption algorithm has not been set') if encryption_algorithm.nil?
+
+          key_bit_len = OpenSSL::Cipher.new(encryption_algorithm).key_len * 8
+
+          case @dialect
+          when '0x0300', '0x0302'
+            client_encryption_key = RubySMB::Crypto::KDF.counter_mode(
+              session.key,
+              "SMB2AESCCM\x00",
+              "ServerIn \x00",
+              length: key_bit_len
+            )
+          when '0x0311'
+            client_encryption_key = RubySMB::Crypto::KDF.counter_mode(
+              session.key,
+              "SMBC2SCipherKey\x00",
+              @preauth_integrity_hash_value,
+              length: key_bit_len
+            )
+          else
+            raise RubySMB::Error::EncryptionError.new('Dialect is incompatible with SMBv3 encryption')
+          end
+
+          encrypted_request.decrypt(client_encryption_key, algorithm: encryption_algorithm)
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/server/server_client/negotiation.rb

@@ -119,14 +119,25 @@ module RubySMB
             )
 
             nc = request.find_negotiate_context(SMB2::NegotiateContext::SMB2_ENCRYPTION_CAPABILITIES)
-            cipher = nc&.data&.ciphers&.first
-            cipher = 0 unless SMB2::EncryptionCapabilities::ENCRYPTION_ALGORITHM_MAP.include? cipher
+            ciphers = nc&.data&.ciphers
+            if ciphers
+              cipher = ciphers.find { |cipher| SMB2::EncryptionCapabilities::ENCRYPTION_ALGORITHM_MAP.include?(cipher) }
+              @cipher_id = cipher unless cipher.nil?
+            end
+
             contexts << SMB2::NegotiateContext.new(
               context_type: SMB2::NegotiateContext::SMB2_ENCRYPTION_CAPABILITIES,
               data: {
-                ciphers: [ cipher ]
+                ciphers: [ @cipher_id ]
               }
             )
+          elsif dialect == '0x0300' || dialect == '0x0302'
+            if request.capabilities.encryption == 1
+              response.capabilities.encryption = 1
+              @cipher_id = SMB2::EncryptionCapabilities::AES_128_CCM
+            else
+              response.capabilities = 0
+            end
           end
 
           # the order in which the response is built is important to ensure it is valid

data/lib/ruby_smb/server/server_client/session_setup.rb

@@ -2,7 +2,7 @@ module RubySMB
   class Server
     class ServerClient
       module SessionSetup
-        def do_session_setup_smb1(request, session)
+        def do_session_setup_andx_smb1(request, session)
           session_id = request.smb_header.uid
           if session_id == 0
             session_id = rand(1..0x10000)
@@ -41,6 +41,17 @@ module RubySMB
           response
         end
 
+        alias :do_session_setup_smb1 :do_session_setup_andx_smb1
+
+        def do_logoff_andx_smb1(request, session)
+          # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-cifs/00fc0299-496c-4330-9089-67358994f272
+          @session_table.delete(request.smb_header.uid)
+          session.logoff!
+
+          response = SMB1::Packet::LogoffResponse.new
+          response
+        end
+
         def do_session_setup_smb2(request, session)
           session_id = request.smb2_header.session_id
           if session_id == 0
@@ -67,11 +78,14 @@ module RubySMB
 
           update_preauth_hash(request) if @dialect == '0x0311'
           if gss_result.nt_status == WindowsError::NTStatus::STATUS_SUCCESS
-            response.smb2_header.credits = 32
             session.state = :valid
             session.user_id = gss_result.identity
             session.key = @gss_authenticator.session_key
             session.signing_required = request.security_mode.signing_required == 1
+
+            response.smb2_header.credits = 32
+            @cipher_id = 0 if session.is_anonymous # disable encryption for anonymous users
+            response.session_flags.encrypt_data = 1 unless @cipher_id == 0
           elsif gss_result.nt_status == WindowsError::NTStatus::STATUS_MORE_PROCESSING_REQUIRED && @dialect == '0x0311'
             update_preauth_hash(response)
           end
@@ -80,7 +94,8 @@ module RubySMB
         end
 
         def do_logoff_smb2(request, session)
-          session = @session_table.delete(session.id)
+          # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/a6fbc502-75a5-42ef-a88c-c67b44817850
+          @session_table.delete(session.id)
           session.logoff!
 
           response = SMB2::Packet::LogoffResponse.new

data/lib/ruby_smb/server/server_client/share_io.rb

@@ -2,6 +2,23 @@ module RubySMB
   class Server
     class ServerClient
       module ShareIO
+        def proxy_share_io_smb1(request, session)
+          share_processor = session.tree_connect_table[request.smb_header.tid]
+          if share_processor.nil?
+            response = SMB1::Packet::EmptyPacket.new
+            response.smb_header.nt_status = WindowsError::NTStatus::STATUS_NETWORK_NAME_DELETED
+            return response
+          end
+
+          logger.debug("Received #{SMB1::Commands.name(request.smb_header.command)} request for share: #{share_processor.provider.name}")
+          share_processor.send(__callee__, request)
+        end
+
+        alias :do_close_smb1          :proxy_share_io_smb1
+        alias :do_nt_create_andx_smb1 :proxy_share_io_smb1
+        alias :do_read_andx_smb1      :proxy_share_io_smb1
+        alias :do_transactions2_smb1  :proxy_share_io_smb1
+
         def proxy_share_io_smb2(request, session)
           # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/9a639360-87be-4d49-a1dd-4c6be0c020bd
           share_processor = session.tree_connect_table[request.smb2_header.tree_id]

data/lib/ruby_smb/server/server_client/tree_connect.rb

@@ -3,6 +3,43 @@ module RubySMB
     class ServerClient
       MAX_TREE_CONNECTIONS = 1000
       module TreeConnect
+        def do_tree_connect_smb1(request, session)
+          # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-cifs/b062f3e3-1b65-4a9a-854a-0ee432499d8f
+          response = RubySMB::SMB1::Packet::TreeConnectResponse.new
+
+          share_name = request.data_block.path.encode('UTF-8').split('\\', 4).last
+          share_provider = @server.shares.transform_keys(&:downcase)[share_name.downcase]
+          if share_provider.nil?
+            logger.warn("Received TREE_CONNECT request for non-existent share: #{share_name}")
+            response.smb_header.nt_status = WindowsError::NTStatus::STATUS_OBJECT_PATH_NOT_FOUND
+            return response
+          end
+          logger.debug("Received TREE_CONNECT request for share: #{share_name}")
+
+          tree_id = rand(1..0xfffe)
+          tree_id = rand(1..0xfffe) while session.tree_connect_table.include?(tree_id)
+
+          response.smb_header.tid = tree_id
+          session.tree_connect_table[tree_id] = share_processor = share_provider.new_processor(self, session)
+          response.parameter_block.access_rights = share_processor.maximal_access
+
+          response
+        end
+
+        def do_tree_disconnect_smb1(request, session)
+          share_processor = session.tree_connect_table.delete(request.smb_header.tid)
+          if share_processor.nil?
+            response = RubySMB::SMB1::Packet::EmptyPacket.new
+            response.smb_header.nt_status = WindowsError::NTStatus::STATUS_NETWORK_NAME_DELETED
+            return response
+          end
+
+          logger.debug("Received TREE_DISCONNECT request for share: #{share_processor.provider.name}")
+          share_processor.disconnect!
+          response = RubySMB::SMB1::Packet::TreeDisconnectResponse.new
+          response
+        end
+
         def do_tree_connect_smb2(request, session)
           response = RubySMB::SMB2::Packet::TreeConnectResponse.new
           response.smb2_header.credits = 1
@@ -13,7 +50,7 @@ module RubySMB
           end
 
           share_name = request.path.encode('UTF-8').split('\\', 4).last
-          share_provider = @server.shares[share_name]
+          share_provider = @server.shares.transform_keys(&:downcase)[share_name.downcase]
 
           if share_provider.nil?
             logger.warn("Received TREE_CONNECT request for non-existent share: #{share_name}")
@@ -31,8 +68,8 @@ module RubySMB
             RubySMB::SMB2::Packet::TreeConnectResponse::SMB2_SHARE_TYPE_PRINT
           end
 
-          tree_id = rand(0xffffffff)
-          tree_id = rand(0xffffffff) while session.tree_connect_table.include?(tree_id)
+          tree_id = rand(1..0xfffffffe)
+          tree_id = rand(1..0xfffffffe) while session.tree_connect_table.include?(tree_id)
 
           response.smb2_header.tree_id = tree_id
           session.tree_connect_table[tree_id] = share_processor = share_provider.new_processor(self, session)

data/lib/ruby_smb/server/server_client.rb

@@ -6,12 +6,14 @@ module RubySMB
 
       require 'ruby_smb/dialect'
       require 'ruby_smb/signing'
+      require 'ruby_smb/server/server_client/encryption'
       require 'ruby_smb/server/server_client/negotiation'
       require 'ruby_smb/server/server_client/session_setup'
       require 'ruby_smb/server/server_client/share_io'
       require 'ruby_smb/server/server_client/tree_connect'
 
       include RubySMB::Signing
+      include RubySMB::Server::ServerClient::Encryption
       include RubySMB::Server::ServerClient::Negotiation
       include RubySMB::Server::ServerClient::SessionSetup
       include RubySMB::Server::ServerClient::ShareIO
@@ -25,6 +27,8 @@ module RubySMB
         @server = server
         @dispatcher = dispatcher
         @dialect = nil
+        @sequence_counter = 0
+        @cipher_id = 0
         @gss_authenticator = server.gss_provider.new_authenticator(self)
         @preauth_integrity_hash_algorithm = nil
         @preauth_integrity_hash_value = nil
@@ -75,8 +79,10 @@ module RubySMB
 
           begin
             response = handle_smb1(raw_request, header)
-          rescue NotImplementedError
-            logger.error("Caught a NotImplementedError while handling a #{SMB1::Commands.name(header.command)} request")
+          rescue NotImplementedError => e
+            message = "Caught a NotImplementedError while handling a #{SMB1::Commands.name(header.command)} request"
+            message << " (#{e.message})" if e.message
+            logger.error(message)
             response = RubySMB::SMB1::Packet::EmptyPacket.new
             response.smb_header.nt_status = WindowsError::NTStatus::STATUS_NOT_SUPPORTED
           end
@@ -86,6 +92,12 @@ module RubySMB
             if response.is_a?(SMB1::Packet::EmptyPacket)
               response.smb_header.command = header.command if response.smb_header.command == 0
               response.smb_header.flags.reply = 1
+              nt_status = response.smb_header.nt_status.to_i
+              message = "Sending an error packet for SMB1 command: #{SMB1::Commands.name(header.command)}, status: 0x#{nt_status.to_s(16).rjust(8, '0')}"
+              if (nt_status_name = WindowsError::NTStatus.find_by_retval(nt_status).first&.name)
+                message << " (#{nt_status_name})"
+              end
+              logger.info(message)
             end
 
             response.smb_header.pid_high = header.pid_high if response.smb_header.pid_high == 0
@@ -95,33 +107,23 @@ module RubySMB
             response.smb_header.mid = header.mid if response.smb_header.mid == 0
           end
         when RubySMB::SMB2::SMB2_PROTOCOL_ID
+          response = _handle_smb2(raw_request)
+        when RubySMB::SMB2::SMB2_TRANSFORM_PROTOCOL_ID
           begin
-            header = RubySMB::SMB2::SMB2Header.read(raw_request)
+            header = RubySMB::SMB2::Packet::TransformHeader.read(raw_request)
           rescue IOError => e
-            logger.error("Caught a #{e.class} while reading the SMB2 header (#{e.message})")
+            logger.error("Caught a #{e.class} while reading the SMB3 Transform header")
             disconnect!
             return
           end
 
           begin
-            response = handle_smb2(raw_request, header)
+            response = handle_smb3_transform(raw_request, header)
           rescue NotImplementedError
-            logger.error("Caught a NotImplementedError while handling a #{SMB2::Commands.name(header.command)} request")
+            logger.error("Caught a NotImplementedError while handling a SMB3 Transform request")
             response = SMB2::Packet::ErrorPacket.new
             response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_NOT_SUPPORTED
-          end
-
-          unless response.nil?
-            # set these header fields if they were not initialized
-            if response.is_a?(SMB2::Packet::ErrorPacket)
-              response.smb2_header.command = header.command if response.smb2_header.command == 0
-              response.smb2_header.flags.reply = 1
-            end
-
-            response.smb2_header.credits = 1 if response.smb2_header.credits == 0
-            response.smb2_header.message_id = header.message_id if response.smb2_header.message_id == 0
-            response.smb2_header.session_id = header.session_id if response.smb2_header.session_id == 0
-            response.smb2_header.tree_id = header.tree_id if response.smb2_header.tree_id == 0
+            response.smb2_header.session_id = header.session_id
           end
         end
 
@@ -193,17 +195,8 @@ module RubySMB
 
         packet = @dispatcher.recv_packet
         if packet && packet.length >= 4 && packet[0...4].unpack1('L>') == RubySMB::SMB2::SMB2_PROTOCOL_ID
-          header = RubySMB::SMB2::SMB2Header.read(packet)
-          unless header.next_command == 0
-            until header.next_command == 0
-              @in_packet_queue.push(packet[0...header.next_command])
-              packet = packet[header.next_command..-1]
-              header = RubySMB::SMB2::SMB2Header.read(packet)
-            end
-
-            @in_packet_queue.push(packet)
-            packet = @in_packet_queue.shift
-          end
+          @in_packet_queue += split_smb2_chain(packet)
+          packet = @in_packet_queue.shift
         end
 
         packet
@@ -214,16 +207,24 @@ module RubySMB
       #
       # @param [GenericPacket] packet the packet to send
       def send_packet(packet)
-        case metadialect&.order
-        when Dialect::ORDER_SMB1
+        case metadialect&.family
+        when Dialect::FAMILY_SMB1
           session_id = packet.smb_header.uid
-        when Dialect::ORDER_SMB2
+        when Dialect::FAMILY_SMB2
           session_id = packet.smb2_header.session_id
+        when Dialect::FAMILY_SMB3
+          if packet.is_a?(RubySMB::SMB2::Packet::TransformHeader)
+            session_id = packet.session_id
+          else
+            session_id = packet.smb2_header.session_id
+          end
         end
         session = @session_table[session_id]
 
-        unless session.nil? || session.is_anonymous || session.key.nil?
+        unless session.nil? || session.is_anonymous || session.key.nil? || packet.is_a?(RubySMB::SMB2::Packet::TransformHeader)
           case metadialect&.family
+          when Dialect::FAMILY_SMB1
+            packet = Signing::smb1_sign(packet, session.key, @sequence_counter)
           when Dialect::FAMILY_SMB2
             packet = Signing::smb2_sign(packet, session.key)
           when Dialect::FAMILY_SMB3
@@ -231,6 +232,7 @@ module RubySMB
           end
         end
 
+        @sequence_counter += 1
         @dispatcher.send_packet(packet)
       end
 
@@ -260,12 +262,36 @@ module RubySMB
       # @param [RubySMB::SMB1::SMBHeader] header The request header.
       # @return [RubySMB::GenericPacket]
       def handle_smb1(raw_request, header)
-        # session = @session_table[header.uid]
-        session = nil
+        session = @session_table[header.uid]
+
+        if session.nil? && !(header.command == SMB1::Commands::SMB_COM_SESSION_SETUP_ANDX && header.uid == 0)
+          response = SMB1::Packet::EmptyPacket.new
+          response.smb_header.nt_status = WindowsError::NTStatus::STATUS_USER_SESSION_DELETED
+          return response
+        end
+        if session&.state == :expired
+          response = SMB1::Packet::EmptyPacket.new
+          response.smb_header.nt_status = WindowsError::NTStatus::STATUS_NETWORK_SESSION_EXPIRED
+          return response
+        end
 
         case header.command
+        when SMB1::Commands::SMB_COM_CLOSE
+          dispatcher, request_class = :do_close_smb1, SMB1::Packet::CloseRequest
+        when SMB1::Commands::SMB_COM_TREE_DISCONNECT
+          dispatcher, request_class = :do_tree_disconnect_smb1, SMB1::Packet::TreeDisconnectRequest
+        when SMB1::Commands::SMB_COM_LOGOFF_ANDX
+          dispatcher, request_class = :do_logoff_andx_smb1, SMB1::Packet::LogoffRequest
+        when SMB1::Commands::SMB_COM_NT_CREATE_ANDX
+          dispatcher, request_class = :do_nt_create_andx_smb1, SMB1::Packet::NtCreateAndxRequest
+        when SMB1::Commands::SMB_COM_READ_ANDX
+          dispatcher, request_class = :do_read_andx_smb1, SMB1::Packet::ReadAndxRequest
         when SMB1::Commands::SMB_COM_SESSION_SETUP_ANDX
-          dispatcher, request_class = :do_session_setup_smb1, SMB1::Packet::SessionSetupRequest
+          dispatcher, request_class = :do_session_setup_andx_smb1, SMB1::Packet::SessionSetupRequest
+        when SMB1::Commands::SMB_COM_TRANSACTION2
+          dispatcher, request_class = :do_transactions2_smb1, SMB1::Packet::Trans2::Request
+        when SMB1::Commands::SMB_COM_TREE_CONNECT
+          dispatcher, request_class = :do_tree_connect_smb1, SMB1::Packet::TreeConnectRequest
         else
           logger.warn("The SMB1 #{SMB1::Commands.name(header.command)} command is not supported")
           raise NotImplementedError
@@ -276,10 +302,13 @@ module RubySMB
         rescue IOError, RubySMB::Error::InvalidPacket => e
           logger.error("Caught a #{e.class} while reading the SMB1 #{request_class} (#{e.message})")
           response = RubySMB::SMB1::Packet::EmptyPacket.new
+          response.smb_header.nt_status = WindowsError::NTStatus::STATUS_DATA_ERROR
+          return response
         end
 
         if request.is_a?(SMB1::Packet::EmptyPacket)
           logger.error("Received an error packet for SMB1 command: #{SMB1::Commands.name(header.command)}")
+          response = RubySMB::SMB1::Packet::EmptyPacket.new
           response.smb_header.nt_status = WindowsError::NTStatus::STATUS_DATA_ERROR
           return response
         end
@@ -304,6 +333,11 @@ module RubySMB
           response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_USER_SESSION_DELETED
           return response
         end
+        if session&.state == :expired
+          response = SMB2::Packet::ErrorPacket.new
+          response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_NETWORK_SESSION_EXPIRED
+          return response
+        end
 
         case header.command
         when SMB2::Commands::CLOSE
@@ -347,6 +381,82 @@ module RubySMB
         logger.debug("Dispatching request to #{dispatcher} (session: #{session.inspect})")
         send(dispatcher, request, session)
       end
+
+      def _handle_smb2(raw_request)
+        begin
+          header = RubySMB::SMB2::SMB2Header.read(raw_request)
+        rescue IOError => e
+          logger.error("Caught a #{e.class} while reading the SMB2 header (#{e.message})")
+          disconnect!
+          return
+        end
+
+        begin
+          response = handle_smb2(raw_request, header)
+        rescue NotImplementedError
+          logger.error("Caught a NotImplementedError while handling a #{SMB2::Commands.name(header.command)} request")
+          response = SMB2::Packet::ErrorPacket.new
+          response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_NOT_SUPPORTED
+        end
+
+        unless response.nil?
+          # set these header fields if they were not initialized
+          if response.is_a?(SMB2::Packet::ErrorPacket)
+            response.smb2_header.command = header.command if response.smb2_header.command == 0
+            response.smb2_header.flags.reply = 1
+            nt_status = response.smb2_header.nt_status.to_i
+            message = "Sending an error packet for SMB2 command: #{SMB2::Commands.name(header.command)}, status: 0x#{nt_status.to_s(16).rjust(8, '0')}"
+            if (nt_status_name = WindowsError::NTStatus.find_by_retval(nt_status).first&.name)
+              message << " (#{nt_status_name})"
+            end
+            logger.info(message)
+          end
+
+          response.smb2_header.credits = 1 if response.smb2_header.credits == 0
+          response.smb2_header.message_id = header.message_id if response.smb2_header.message_id == 0
+          response.smb2_header.session_id = header.session_id if response.smb2_header.session_id == 0
+          response.smb2_header.tree_id = header.tree_id if response.smb2_header.tree_id == 0
+        end
+
+        response
+      end
+
+      def handle_smb3_transform(raw_request, header)
+        session = @session_table[header.session_id]
+        if session.nil?
+          response = SMB2::Packet::ErrorPacket.new
+          response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_USER_SESSION_DELETED
+          return response
+        end
+
+        chain = split_smb2_chain(smb3_decrypt(header, session))
+        chain[0...-1].each do |pt_raw_request|
+          pt_response = _handle_smb2(pt_raw_request)
+          return if pt_response.nil?
+
+          send_packet(smb3_encrypt(pt_response, session))
+        end
+
+        pt_response = _handle_smb2(chain.last)
+        return if pt_response.nil?
+
+        smb3_encrypt(pt_response, session)
+      end
+
+      def split_smb2_chain(buffer)
+        chain = []
+        header = RubySMB::SMB2::SMB2Header.read(buffer)
+        unless header.next_command == 0
+          until header.next_command == 0
+            chain << buffer[0...header.next_command]
+            buffer = buffer[header.next_command..-1]
+            header = RubySMB::SMB2::SMB2Header.read(buffer)
+          end
+        end
+
+        chain << buffer
+        chain
+      end
     end
   end
 end

data/lib/ruby_smb/server/session.rb

@@ -13,6 +13,7 @@ module RubySMB
         @user_id = user_id
         @state = state
         @signing_required = false
+        @metadata = {}
         # tree id => provider processor instance
         @tree_connect_table = {}
         @creation_time = Time.now
@@ -62,6 +63,11 @@ module RubySMB
       #   @return [Hash]
       attr_accessor :tree_connect_table
 
+      # Untyped hash for storing additional arbitrary metadata about the current session
+      # @!attribute [rw] metadaa
+      #   @return [Hash]
+      attr_accessor :metadata
+
       # The time at which this session was created.
       # @!attribute [r] creation_time
       #   @return [Time]

data/lib/ruby_smb/server/share/provider/disk/file_system.rb

@@ -0,0 +1,28 @@
+module RubySMB
+  class Server
+    module Share
+      module Provider
+        class Disk < Base
+          module FileSystem
+            # define attributes of the file system to emulate
+            FileSystem = Struct.new(
+              :name,
+              :max_name_bytes,
+              :case_sensitive_search,
+              :case_preserved_names,
+              :unicode_on_disk
+            )
+
+            NTFS = FileSystem.new(
+              'NTFS',
+              255,
+              true,
+              true,
+              true
+            )
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/server/share/provider/disk/processor/close.rb

@@ -0,0 +1,42 @@
+require 'ruby_smb/server/share/provider/processor'
+
+module RubySMB
+  class Server
+    module Share
+      module Provider
+        class Disk < Base
+          class Processor < Provider::Processor::Base
+            module Close
+              def do_close_smb1(request)
+                # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-cifs/99b767e2-8f0e-438b-ace5-4323940f2dc8
+                if @handles.delete(request.parameter_block.fid).nil?
+                  response = RubySMB::SMB1::Packet::EmptyPacket.new
+                  response.smb_header.nt_status = WindowsError::NTStatus::STATUS_INVALID_HANDLE
+                  return response
+                end
+
+                response = RubySMB::SMB1::Packet::CloseResponse.new
+                response
+              end
+
+              def do_close_smb2(request)
+                local_path = get_local_path(request.file_id)
+                if local_path.nil?
+                  response = RubySMB::SMB2::Packet::ErrorPacket.new
+                  response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_FILE_CLOSED
+                  return response
+                end
+
+                @handles.delete(request.file_id.to_binary_s)
+                response = RubySMB::SMB2::Packet::CloseResponse.new
+                set_common_info(response, local_path)
+                response.flags = 1
+                response
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end