ruby_smb 3.1.1 → 3.1.2

data/lib/ruby_smb/fscc/file_information.rb

@@ -17,10 +17,26 @@ module RubySMB
       # contents of a directory.
       FILE_BOTH_DIRECTORY_INFORMATION    = 0x03
 
+      # Information class used to query or set file information.
+      FILE_BASIC_INFORMATION             = 0x04
+
+      # Information class is used to query file information.
+      FILE_STANDARD_INFORMATION          = 0x05
+
+      # Information class used to query for the file system's 64-bit file ID.
+      FILE_INTERNAL_INFORMATION          = 0x06
+
       # Information class used to query for the size of the extended attributes
       # (EA) for a file.
       FILE_EA_INFORMATION                = 0x07
 
+      # Information class used to query the access rights of a file that were
+      # granted when the file was opened.
+      FILE_ACCESS_INFORMATION            = 0x08
+
+      # Information class is used locally to query the name of a file.
+      FILE_NAME_INFORMATION              = 0x09
+
       # Information class used to rename a file.
       FILE_RENAME_INFORMATION            = 0x0A
 
@@ -31,6 +47,17 @@ module RubySMB
       # Information class used to mark a file for deletion.
       FILE_DISPOSITION_INFORMATION       = 0x0D
 
+      # Information class used to query or set the position of the file pointer
+      # within a file.
+      FILE_POSITION_INFORMATION          = 0x0E
+
+      # Information class used to query or set the mode of the file.
+      FILE_MODE_INFORMATION              = 0x10
+
+      # Information class used to query the buffer alignment required by the
+      # underlying device.
+      FILE_ALIGNMENT_INFORMATION         = 0x11
+
       # Information class used to enumerate the data streams of a file or a
       # directory.
       FILE_STREAM_INFORMATION            = 0x16
@@ -57,6 +84,10 @@ module RubySMB
       FILE_NORMALIZED_NAME_INFORMATION = 0x30
 
 
+      # Information class is used to query a collection of file information
+      # structures.
+      FILE_ALL_INFORMATION = 0x12
+
       # These Information Classes can be used by SMB1 using the pass-through
       # Information Levels when available on the server (CAP_INFOLEVEL_PASSTHRU
       # capability flag in an SMB_COM_NEGOTIATE server response). The constant
@@ -69,25 +100,27 @@ module RubySMB
         constants.select { |c| c.upcase == c }.find { |c| const_get(c) == value }
       end
 
-      # The FILE_NAME_INFORMATION type as defined in
-      # https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-fscc/20406fb1-605f-4629-ba9a-c67ee25f23d2
-      class FileNameInformation < BinData::Record
-        endian :little
-        uint32           :file_name_length, label: 'File Name Length',  initial_value: -> { file_name.do_num_bytes }
-        string16         :file_name,        label: 'File Name',         read_length: -> { file_name_length }
-      end
-
       require 'ruby_smb/fscc/file_information/file_directory_information'
       require 'ruby_smb/fscc/file_information/file_full_directory_information'
       require 'ruby_smb/fscc/file_information/file_disposition_information'
       require 'ruby_smb/fscc/file_information/file_id_full_directory_information'
       require 'ruby_smb/fscc/file_information/file_both_directory_information'
       require 'ruby_smb/fscc/file_information/file_id_both_directory_information'
+      require 'ruby_smb/fscc/file_information/file_name_information'
       require 'ruby_smb/fscc/file_information/file_names_information'
+      require 'ruby_smb/fscc/file_information/file_normalized_name_information'
       require 'ruby_smb/fscc/file_information/file_rename_information'
       require 'ruby_smb/fscc/file_information/file_network_open_information'
       require 'ruby_smb/fscc/file_information/file_ea_information'
       require 'ruby_smb/fscc/file_information/file_stream_information'
+      require 'ruby_smb/fscc/file_information/file_basic_information'
+      require 'ruby_smb/fscc/file_information/file_standard_information'
+      require 'ruby_smb/fscc/file_information/file_internal_information'
+      require 'ruby_smb/fscc/file_information/file_access_information'
+      require 'ruby_smb/fscc/file_information/file_position_information'
+      require 'ruby_smb/fscc/file_information/file_mode_information'
+      require 'ruby_smb/fscc/file_information/file_alignment_information'
+      require 'ruby_smb/fscc/file_information/file_all_information'
     end
   end
 end

data/lib/ruby_smb/fscc/file_system_information/file_fs_attribute_information.rb

@@ -7,6 +7,7 @@ module RubySMB
         CLASS_LEVEL = FileSystemInformation::FILE_FS_ATTRIBUTE_INFORMATION
 
         endian :little
+
         struct   :file_system_attributes,            label: 'File System Attributes' do
           bit1   :file_supports_reparse_points,      label: 'FS Supports Reparse Points'
           bit1   :file_supports_sparse_files,        label: 'FS Supports Sparse Files'

data/lib/ruby_smb/fscc/file_system_information/file_fs_volume_information.rb

@@ -7,6 +7,7 @@ module RubySMB
         CLASS_LEVEL = FileSystemInformation::FILE_FS_VOLUME_INFORMATION
 
         endian :little
+
         file_time :volume_creation_time, label: 'Volume Creation Time'
         uint32    :volume_serial_number, label: 'Volume Serial Number'
         uint32    :volume_label_length,  label: 'Volume Label Length', initial_value: -> { volume_label.do_num_bytes }

data/lib/ruby_smb/fscc/file_system_information.rb

@@ -15,6 +15,10 @@ module RubySMB
       FILE_FS_VOLUME_FLAGS_INFORMATION = 10
       FILE_FS_SECTOR_SIZE_INFORMATION  = 11
 
+      def self.name(value)
+        constants.select { |c| c.upcase == c }.find { |c| const_get(c) == value }
+      end
+
       require 'ruby_smb/fscc/file_system_information/file_fs_attribute_information'
       require 'ruby_smb/fscc/file_system_information/file_fs_volume_information'
     end

data/lib/ruby_smb/gss/provider/ntlm.rb

@@ -113,6 +113,7 @@ module RubySMB
           def process_ntlm_type3(type3_msg)
             if type3_msg.user == '' && type3_msg.domain == ''
               if @provider.allow_anonymous
+                @session_key = "\x00".b * 16 # see MS-NLMP section 3.4
                 return WindowsError::NTStatus::STATUS_SUCCESS
               end
 
@@ -126,6 +127,12 @@ module RubySMB
               domain: type3_msg.domain
             )
             if account.nil?
+              if @provider.allow_guests
+                logger.info("NTLM authentication request succeeded for #{dbg_string} (guest)")
+                @session_key = "\x00".b * 16 # see MS-NLMP section 3.4
+                return WindowsError::NTStatus::STATUS_SUCCESS
+              end
+
               logger.info("NTLM authentication request failed for #{dbg_string} (no account)")
               return WindowsError::NTStatus::STATUS_LOGON_FAILURE
             end
@@ -233,25 +240,31 @@ module RubySMB
                 domain: type3_msg.domain
               )
               if account.nil?
-                if @provider.allow_anonymous
+                if type3_msg.user == ''
+                  is_guest = false
                   identity = IDENTITY_ANONYMOUS
+                else
+                  is_guest = true
+                  identity = Account.new(type3_msg.user.encode(''.encoding), '', type3_msg.domain.encode(''.encoding)).to_s
                 end
               else
+                is_guest = false
                 identity = account.to_s
               end
             end
 
-            Result.new(buffer, nt_status, identity)
+            Result.new(buffer, nt_status, identity, is_guest)
           end
         end
 
         # @param [Boolean] allow_anonymous whether or not to allow anonymous authentication attempts
         # @param [String] default_domain the default domain to use for authentication, unless specified 'WORKGROUP' will
         #   be used
-        def initialize(allow_anonymous: false, default_domain: 'WORKGROUP')
+        def initialize(allow_anonymous: false, allow_guests: false, default_domain: 'WORKGROUP')
           raise ArgumentError, 'Must specify a default domain' unless default_domain
 
           @allow_anonymous = allow_anonymous
+          @allow_guests = allow_guests
           @default_domain = default_domain
           @accounts = []
           @generate_server_challenge = -> { SecureRandom.bytes(8) }

data/lib/ruby_smb/gss/provider.rb

@@ -7,7 +7,11 @@ module RubySMB
       # A special constant implying that the authenticated user is anonymous.
       IDENTITY_ANONYMOUS = :anonymous
       # The result of a processed GSS request.
-      Result = Struct.new(:buffer, :nt_status, :identity)
+      Result = Struct.new(:buffer, :nt_status, :identity, :is_guest) do
+        def is_anonymous
+          identity == Gss::Provider::IDENTITY_ANONYMOUS
+        end
+      end
 
       #
       # The base class for a GSS authentication provider. This class defines a common interface and is not usable as a
@@ -26,6 +30,11 @@ module RubySMB
         # Whether or not anonymous authentication attempts should be permitted.
         #
         attr_accessor :allow_anonymous
+
+        #
+        # Whether or not unknown users should be allowed to authenticate as guests.
+        #
+        attr_accessor :allow_guests
       end
     end
   end

data/lib/ruby_smb/server/server_client/session_setup.rb

@@ -80,12 +80,14 @@ module RubySMB
           if gss_result.nt_status == WindowsError::NTStatus::STATUS_SUCCESS
             session.state = :valid
             session.user_id = gss_result.identity
+            session.is_guest = !!gss_result.is_guest
             session.key = @gss_authenticator.session_key
-            session.signing_required = request.security_mode.signing_required == 1
+            session.signing_required = request.security_mode.signing_required == 1 || (!session.is_guest && !session.is_anonymous)
 
             response.smb2_header.credits = 32
-            @cipher_id = 0 if session.is_anonymous # disable encryption for anonymous users
+            @cipher_id = 0 if session.is_anonymous || session.is_guest # disable encryption for anonymous users and guest users which have a null session key
             response.session_flags.encrypt_data = 1 unless @cipher_id == 0
+            response.session_flags.guest = session.is_guest
           elsif gss_result.nt_status == WindowsError::NTStatus::STATUS_MORE_PROCESSING_REQUIRED && @dialect == '0x0311'
             update_preauth_hash(response)
           end

data/lib/ruby_smb/server/server_client.rb

@@ -19,7 +19,7 @@ module RubySMB
       include RubySMB::Server::ServerClient::ShareIO
       include RubySMB::Server::ServerClient::TreeConnect
 
-      attr_reader :dialect, :session_table
+      attr_reader :dialect, :dispatcher, :session_table
 
       # @param [Server] server the server that accepted this connection
       # @param [Dispatcher::Socket] dispatcher the connection's socket dispatcher
@@ -57,6 +57,14 @@ module RubySMB
         @dispatcher.tcp_socket.getpeername
       end
 
+      def peerhost
+        ::Socket::unpack_sockaddr_in(getpeername)[1]
+      end
+
+      def peerport
+        ::Socket::unpack_sockaddr_in(getpeername)[0]
+      end
+
       #
       # Handle a request after the dialect has been negotiated. This is the main
       # handler for all requests after the connection has been established. If a

data/lib/ruby_smb/server/session.rb

@@ -64,7 +64,7 @@ module RubySMB
       attr_accessor :tree_connect_table
 
       # Untyped hash for storing additional arbitrary metadata about the current session
-      # @!attribute [rw] metadaa
+      # @!attribute [rw] metadata
       #   @return [Hash]
       attr_accessor :metadata
 
@@ -72,6 +72,10 @@ module RubySMB
       # @!attribute [r] creation_time
       #   @return [Time]
       attr_reader   :creation_time
+
+      # Whether or not the authenticated user is a guest.
+      # @!attribute [rw] is_guest
+      attr_accessor :is_guest
     end
   end
 end

data/lib/ruby_smb/server/share/provider/disk/processor/close.rb

@@ -9,27 +9,31 @@ module RubySMB
             module Close
               def do_close_smb1(request)
                 # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-cifs/99b767e2-8f0e-438b-ace5-4323940f2dc8
-                if @handles.delete(request.parameter_block.fid).nil?
+                handle = @handles.delete(request.parameter_block.fid)
+                if handle.nil?
                   response = RubySMB::SMB1::Packet::EmptyPacket.new
                   response.smb_header.nt_status = WindowsError::NTStatus::STATUS_INVALID_HANDLE
                   return response
                 end
 
+                handle.file.close if handle.file
+
                 response = RubySMB::SMB1::Packet::CloseResponse.new
                 response
               end
 
               def do_close_smb2(request)
-                local_path = get_local_path(request.file_id)
-                if local_path.nil?
+                handle = @handles.delete(request.file_id.to_binary_s)
+                if handle.nil?
                   response = RubySMB::SMB2::Packet::ErrorPacket.new
                   response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_FILE_CLOSED
                   return response
                 end
 
-                @handles.delete(request.file_id.to_binary_s)
+                handle.file.close if handle.file
+
                 response = RubySMB::SMB2::Packet::CloseResponse.new
-                set_common_info(response, local_path)
+                set_common_info(response, handle.local_path)
                 response.flags = 1
                 response
               end

data/lib/ruby_smb/server/share/provider/disk/processor/create.rb

@@ -38,7 +38,7 @@ module RubySMB
                   block.allocation_size = get_allocation_size(local_path)
                 end
 
-                @handles[response.parameter_block.fid] = Handle.new(path, local_path, false)
+                @handles[response.parameter_block.fid] = Handle.new(path, local_path, false, local_path.file? ? local_path.open : nil)
                 response
               end
 
@@ -131,7 +131,7 @@ module RubySMB
                   response.contexts_length = 0
                 end
 
-                @handles[response.file_id.to_binary_s] = Handle.new(path, local_path, durable)
+                @handles[response.file_id.to_binary_s] = Handle.new(path, local_path, durable, local_path.file? ? local_path.open : nil)
                 response
               end
             end

data/lib/ruby_smb/server/share/provider/disk/processor/query.rb

@@ -315,7 +315,7 @@ module RubySMB
 
                 case request.file_information_class
                 when Fscc::FileInformation::FILE_NORMALIZED_NAME_INFORMATION
-                  info = Fscc::FileInformation::FileNameInformation.new(file_name: @handles[request.file_id.to_binary_s].remote_path)
+                  info = Fscc::FileInformation::FileNormalizedNameInformation.new(file_name: @handles[request.file_id.to_binary_s].remote_path)
                 else
                   info = build_fscc_file_information(local_path, request.file_information_class)
                 end
@@ -344,7 +344,7 @@ module RubySMB
                     volume_label: provider.name
                   )
                 else
-                  logger.warn("Can not handle QUERY_INFO request for type: #{request.info_type}, class: #{request.file_information_class}")
+                  logger.warn("Can not handle QUERY_INFO request for type: #{request.info_type}, class: #{request.file_information_class} (#{Fscc::FileSystemInformation.name(request.file_information_class)})")
                   raise NotImplementedError
                 end
 

data/lib/ruby_smb/server/share/provider/disk/processor/read.rb

@@ -9,18 +9,16 @@ module RubySMB
             module Read
               def do_read_andx_smb1(request)
                 # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-cifs/bb8fcb6a-3032-46a1-ad4a-c0d7892921f9
-                local_path = get_local_path(request.parameter_block.fid)
+                handle = @handles[request.parameter_block.fid]
 
-                if local_path.nil?
+                if handle.nil? || handle.file.nil?
                   response = SMB1::Packet::EmptyPacket.new
                   response.smb_header.nt_status = WindowsError::NTStatus::STATUS_INVALID_HANDLE
+                  return response
                 end
 
-                buffer = nil
-                local_path.open do |file|
-                  file.seek(request.parameter_block.offset.snapshot)
-                  buffer = file.read(request.parameter_block.max_count_of_bytes_to_return.snapshot)
-                end
+                handle.file.seek(request.parameter_block.offset.snapshot)
+                buffer = handle.file.read(request.parameter_block.max_count_of_bytes_to_return.snapshot)
 
                 response = SMB1::Packet::ReadAndxResponse.new
                 response.parameter_block.available = 0xffff  # this field is only used for named pipes, must be -1 for all others
@@ -33,20 +31,23 @@ module RubySMB
               end
 
               def do_read_smb2(request)
-                local_path = get_local_path(request.file_id)
-                if local_path.nil?
+                handle = @handles[request.file_id.to_binary_s]
+                if handle.nil?
                   response = RubySMB::SMB2::Packet::ErrorPacket.new
                   response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_FILE_CLOSED
                   return response
                 end
 
+                if handle.file.nil?
+                  response = RubySMB::SMB2::Packet::ErrorPacket.new
+                  response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_INVALID_HANDLE
+                  return response
+                end
+
                 raise NotImplementedError unless request.channel == SMB2::SMB2_CHANNEL_NONE
 
-                buffer = nil
-                local_path.open do |file|
-                  file.seek(request.offset.snapshot)
-                  buffer = file.read(request.read_length)
-                end
+                handle.file.seek(request.offset.snapshot)
+                buffer = handle.file.read(request.read_length)
 
                 # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/21e8b343-34e9-4fca-8d93-03dd2d3e961e
                 if buffer.nil? || buffer.length == 0 || buffer.length < request.min_bytes

data/lib/ruby_smb/server/share/provider/disk/processor.rb

@@ -1,3 +1,4 @@
+require 'zlib'
 require 'ruby_smb/server/share/provider/processor'
 
 module RubySMB
@@ -16,7 +17,7 @@ module RubySMB
             include RubySMB::Server::Share::Provider::Disk::Processor::Query
             include RubySMB::Server::Share::Provider::Disk::Processor::Read
 
-            Handle = Struct.new(:remote_path, :local_path, :durable?)
+            Handle = Struct.new(:remote_path, :local_path, :durable?, :file)
             def initialize(provider, server_client, session)
               super
               @handles = {}
@@ -30,6 +31,25 @@ module RubySMB
               )
             end
 
+            # Build an access mask bit field for the specified path. The return type is a DirectoryAccessMask if path
+            # is a directory, otherwise it's a FileAccessMask.
+            #
+            # @param Pathname path the path to build an access mask for
+            # @return [DirectoryAccessMask, FileAccessMask] the access mask
+            def smb2_access_mask(path)
+              # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/b3af3aaf-9271-4419-b326-eba0341df7d2
+              if path.directory?
+                am = SMB2::BitField::DirectoryAccessMask.new
+                am.traverse = true
+                am.list = true
+              else
+                am = SMB2::BitField::FileAccessMask.new
+                am.read_data = true
+              end
+              am.read_attr = true
+              am
+            end
+
             private
 
             def build_fscc_file_attributes(path)
@@ -44,6 +64,29 @@ module RubySMB
 
             def build_fscc_file_information(path, info_class, rename: nil)
               case info_class
+              when Fscc::FileInformation::FILE_ACCESS_INFORMATION
+                info = Fscc::FileInformation::FileAccessInformation.new
+                # smb2_access_mask returns back either file or directory access mask depending on what path is,
+                # FileAccessInformation however isn't defined to account for this context so set it from the binary
+                # value
+                info.access_flags.read(smb2_access_mask(path).to_binary_s)
+              when Fscc::FileInformation::FILE_ALIGNMENT_INFORMATION
+                info = Fscc::FileInformation::FileAlignmentInformation.new
+              when Fscc::FileInformation::FILE_ALL_INFORMATION
+                info = Fscc::FileInformation::FileAllInformation.new
+                info.basic_information = build_fscc_file_information(path, Fscc::FileInformation::FILE_BASIC_INFORMATION, rename: rename)
+                info.standard_information = build_fscc_file_information(path, Fscc::FileInformation::FILE_STANDARD_INFORMATION, rename: rename)
+                info.internal_information = build_fscc_file_information(path, Fscc::FileInformation::FILE_INTERNAL_INFORMATION, rename: rename)
+                info.ea_information = build_fscc_file_information(path, Fscc::FileInformation::FILE_EA_INFORMATION, rename: rename)
+                info.access_information = build_fscc_file_information(path, Fscc::FileInformation::FILE_ACCESS_INFORMATION, rename: rename)
+                info.position_information = build_fscc_file_information(path, Fscc::FileInformation::FILE_POSITION_INFORMATION, rename: rename)
+                info.mode_information = build_fscc_file_information(path, Fscc::FileInformation::FILE_MODE_INFORMATION, rename: rename)
+                info.alignment_information = build_fscc_file_information(path, Fscc::FileInformation::FILE_ALIGNMENT_INFORMATION, rename: rename)
+                info.name_information = build_fscc_file_information(path, Fscc::FileInformation::FILE_NAME_INFORMATION, rename: rename)
+              when Fscc::FileInformation::FILE_BASIC_INFORMATION
+                info = Fscc::FileInformation::FileBasicInformation.new
+                set_common_timestamps(info, path)
+                info.file_attributes = build_fscc_file_attributes(path)
               when Fscc::FileInformation::FILE_EA_INFORMATION
                 info = Fscc::FileInformation::FileEaInformation.new
               when Fscc::FileInformation::FILE_FULL_DIRECTORY_INFORMATION
@@ -54,21 +97,42 @@ module RubySMB
                 info = Fscc::FileInformation::FileIdBothDirectoryInformation.new
                 set_common_info(info, path)
                 info.file_name = rename || path.basename.to_s
+              when Fscc::FileInformation::FILE_ID_FULL_DIRECTORY_INFORMATION
+                info = Fscc::FileInformation::FileIdFullDirectoryInformation.new
+                set_common_info(info, path)
+                info.file_name = rename || path.basename.to_s
+              when Fscc::FileInformation::FILE_INTERNAL_INFORMATION
+                info = Fscc::FileInformation::FileInternalInformation.new
+                info.file_id = Zlib::crc32(path.to_s)
+              when Fscc::FileInformation::FILE_MODE_INFORMATION
+                info = Fscc::FileInformation::FileModeInformation.new
+              when Fscc::FileInformation::FILE_NAME_INFORMATION
+                info = Fscc::FileInformation::FileNameInformation.new
+                info.file_name = rename || path.basename.to_s
               when Fscc::FileInformation::FILE_NETWORK_OPEN_INFORMATION
                 info = Fscc::FileInformation::FileNetworkOpenInformation.new
                 set_common_info(info, path)
+              when Fscc::FileInformation::FILE_POSITION_INFORMATION
+                info = Fscc::FileInformation::FilePositionInformation.new
+                info.current_byte_offset = path.size
+              when Fscc::FileInformation::FILE_STANDARD_INFORMATION
+                info = Fscc::FileInformation::FileStandardInformation.new
+                info.allocation_size = get_allocation_size(path)
+                info.end_of_file = path.size
+                info.directory = path.directory? ? 1 : 0
               when Fscc::FileInformation::FILE_STREAM_INFORMATION
-                  unless path.file?
-                    raise NotImplementedError, 'Can only generate FILE_STREAM_INFORMATION for files'
-                  end
-
-                  info = Fscc::FileInformation::FileStreamInformation.new(
-                    stream_size: path.size,
-                    stream_allocation_size: get_allocation_size(path),
-                    stream_name: '::$DATA'
-                  )
+                unless path.file?
+                  raise NotImplementedError, 'Can only generate FILE_STREAM_INFORMATION for files'
+                end
+
+                info = Fscc::FileInformation::FileStreamInformation.new(
+                  stream_size: path.size,
+                  stream_allocation_size: get_allocation_size(path),
+                  stream_name: '::$DATA'
+                )
               else
-                raise NotImplementedError, "Unsupported FSCC file information class: #{info_class} (#{Fscc::FileInformation.name(info_class)})"
+                logger.warn("Unsupported FSCC file information class: #{info_class} (#{Fscc::FileInformation.name(info_class)})")
+                raise NotImplementedError
               end
 
               # some have a next offset field that needs to be set accordingly
@@ -96,7 +160,7 @@ module RubySMB
                 path = path.encode.gsub(/\/|\\/, File::SEPARATOR)
                 path = path.delete_prefix(File::SEPARATOR)
                 local_path = (provider.path + path.encode).cleanpath
-                unless local_path == provider.path || local_path.to_s.start_with?(provider.path.to_s + '/')
+                unless local_path == provider.path || local_path.to_s.start_with?(provider.path.to_s.delete_suffix(File::SEPARATOR) + File::SEPARATOR)
                   raise RuntimeError, "Directory traversal detected to: #{local_path}"
                 end
               else

data/lib/ruby_smb/server/share/provider/disk.rb

@@ -5,14 +5,20 @@ module RubySMB
   class Server
     module Share
       module Provider
+        # This is a share provider that exposes the local file system.
         class Disk < Base
           TYPE = TYPE_DISK
           # emulate NTFS just like Samba does
           FILE_SYSTEM = FileSystem::NTFS
 
+          # @param [String] name The name of this share.
+          # @param [String, Pathname] path The local file system path to share. This path must be an absolute path to an existing
+          #   directory.
           def initialize(name, path)
-            path = Pathname.new(File.expand_path(path))
-            raise ArgumentError unless path.directory?
+            path = Pathname.new(File.expand_path(path)) if path.is_a?(String)
+            raise ArgumentError.new('path must be a directory') unless path.directory? # it needs to exist
+            raise ArgumentError.new('path must be absolute') unless path.absolute? # it needs to be absolute so it is independent of the cwd
+
             @path = path
             super(name)
           end

data/lib/ruby_smb/server/share/provider/virtual_disk/virtual_file.rb

@@ -0,0 +1,85 @@
+require 'ruby_smb/server/share/provider/virtual_disk/virtual_pathname'
+require 'ruby_smb/server/share/provider/virtual_disk/virtual_stat'
+
+module RubySMB
+  class Server
+    module Share
+      module Provider
+        class VirtualDisk < Disk
+          # A dynamic file is one whose contents are generated by the specified
+          # block.
+          class VirtualDynamicFile < VirtualPathname
+            # @param [Hash] disk The mapping of paths to objects representing the virtual file system.
+            # @param [String] path The path of this entry.
+            # @param [File::Stat] stat An explicit stat object describing the file.
+            def initialize(disk, path, stat: nil, &block)
+              raise ArgumentError.new('a generation block must be specified') if block.nil?
+
+              @content_generator = block
+              super(disk, path)
+              @stat = stat
+            end
+
+            def generate(server_client, session)
+              content = @content_generator.call(server_client, session)
+              VirtualStaticFile.new(@virtual_disk, @path, content, stat: @stat)
+            end
+          end
+
+          # A static file is one whose contents are known at creation time and
+          # do not change.
+          class VirtualStaticFile < VirtualPathname
+            # @param [Hash] disk The mapping of paths to objects representing the virtual file system.
+            # @param [String] path The path of this entry.
+            # @param [String] content The static content of this file.
+            # @param [File::Stat] stat An explicit stat object describing the file.
+            def initialize(disk, path, content, stat: nil)
+              stat = stat || VirtualStat.new(file?: true, size: content.size)
+              raise ArgumentError.new('stat is not a file') unless stat.file?
+
+              @content = content
+              super(disk, path, stat: stat)
+            end
+
+            def open(mode = 'r', &block)
+              file = StringIO.new(@content)
+              block_given? ? block.call(file) : file
+            end
+
+            attr_reader :content
+          end
+
+          # A mapped file is one who is backed by an entry on disk. The path
+          # need not be present, but if it does exist, it must be a file.
+          class VirtualMappedFile < VirtualPathname
+            # @param [Hash] disk The mapping of paths to objects representing the virtual file system.
+            # @param [String] path The path of this entry.
+            # @param [String, Pathname] mapped_path The path on the local file system to map into the virtual file system.
+            def initialize(disk, path, mapped_path)
+              mapped_path = Pathname.new(File.expand_path(mapped_path)) if mapped_path.is_a?(String)
+              raise ArgumentError.new('mapped_path must be absolute') unless mapped_path.absolute? # it needs to be absolute so it is independent of the cwd
+
+              @virtual_disk = disk
+              @path = path
+              @mapped_path = mapped_path
+            end
+
+            def exist?
+              # filter out anything that's not a directory but allow the file to be missing, this prevents exposing
+              # directories which could yield path confusion errors
+              @mapped_path.exist? && @mapped_path.file?
+            end
+
+            def stat
+              @mapped_path.stat
+            end
+
+            def open(mode = 'r', &block)
+              @mapped_path.open(mode, &block)
+            end
+          end
+        end
+      end
+    end
+  end
+end