ruby_smb 3.1.2 → 3.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 498d32e1eeed4cb410f03dfdc5ea1b23dd5506d89e387a3533494b9f73294ffa
-  data.tar.gz: 838a864709be049725a3978de10d71a0cf9eb75e91d00468cdee07fc5e614250
+  metadata.gz: 0b10829db92d5746b069916440f0e91ca006c370053fdc02621ed75723efbf40
+  data.tar.gz: aeeeb396277c47b16ff977e33344ab08da275a0632d6a9a220aac7e733e91311
 SHA512:
-  metadata.gz: e60651395300c2f7bc88049e7572a2b5376646615da08a1978d8e71afe694ca2f32396e124cbda71cc203811ff8df0241aa072f58aeffa8265498789cab7696f
-  data.tar.gz: e9d3bd5ffb781a01e4382d8f0f2327cd384d4be520a394fbf00336fbc23b9913fae58b380c05c1782c320364edd8ac5e729639091c0f54b32208469972810705
+  metadata.gz: 7269f0664dd840a83d39d5d1b3a953f87d050bcffbea0b9993685ef1ec91c9047a9117d88ee305d2c467555b475a7c15e82f0f8bfa1b98d077ea00fd401de200
+  data.tar.gz: a5997a65e48cd66585896c55cd8a01fbbee4a8b04280a15ecacdd79501fdd42caf772ac712a32228ea6c1991a6db27c9657d8829ca412691df0834e392c45284

data/examples/file_server.rb

@@ -3,81 +3,19 @@
 require 'bundler/setup'
 require 'optparse'
 require 'ruby_smb'
-require 'ruby_smb/gss/provider/ntlm'
 
 # we just need *a* default encoding to handle the strings from the NTLM messages
 Encoding.default_internal = 'UTF-8' if Encoding.default_internal.nil?
 
-options = {
-  allow_anonymous: true,
-  allow_guests: false,
-  domain: nil,
-  username: 'RubySMB',
-  password: 'password',
-  share_name: 'home',
-  share_path: '.',
-  smbv1: true,
-  smbv2: true,
-  smbv3: true
-}
-OptionParser.new do |opts|
-  opts.banner = "Usage: #{File.basename(__FILE__)} [options]"
-  opts.on("--path PATH", "The path to share (default: #{options[:share_path]})") do |path|
+options = RubySMB::Server::Cli.parse(defaults: { share_path: '.' }) do |options, parser|
+  parser.banner = "Usage: #{File.basename(__FILE__)} [options]"
+
+  parser.on("--share-path SHARE_PATH", "The path to share (default: #{options[:share_path]})") do |path|
     options[:share_path] = path
   end
-  opts.on("--share SHARE", "The share name (default: #{options[:share_name]})") do |share|
-    options[:share_name] = share
-  end
-  opts.on("--[no-]anonymous", "Allow anonymous access (default: #{options[:allow_anonymous]})") do |allow_anonymous|
-    options[:allow_anonymous] = allow_anonymous
-  end
-  opts.on("--[no-]smbv1", "Enable or disable SMBv1 (default: #{options[:smbv1] ? 'Enabled' : 'Disabled'})") do |smbv1|
-    options[:smbv1] = smbv1
-  end
-  opts.on("--[no-]smbv2", "Enable or disable SMBv2 (default: #{options[:smbv2] ? 'Enabled' : 'Disabled'})") do |smbv2|
-    options[:smbv2] = smbv2
-  end
-  opts.on("--[no-]smbv3", "Enable or disable SMBv3 (default: #{options[:smbv3] ? 'Enabled' : 'Disabled'})") do |smbv3|
-    options[:smbv3] = smbv3
-  end
-  opts.on("--[no-]guests", "Allow guest accounts (default: #{options[:allow_guests]})") do |allow_guests|
-    options[:allow_guests] = allow_guests
-  end
-  opts.on("--username USERNAME", "The account's username (default: #{options[:username]})") do |username|
-    if username.include?('\\')
-      options[:domain], options[:username] = username.split('\\', 2)
-    else
-      options[:username] = username
-    end
-  end
-  opts.on("--password PASSWORD", "The account's password (default: #{options[:password]})") do |password|
-    options[:password] = password
-  end
-end.parse!
-
-ntlm_provider = RubySMB::Gss::Provider::NTLM.new(
-  allow_anonymous: options[:allow_anonymous],
-  allow_guests: options[:allow_guests]
-)
-ntlm_provider.put_account(options[:username], options[:password], domain: options[:domain])  # password can also be an NTLM hash
-
-server = RubySMB::Server.new(
-  gss_provider: ntlm_provider,
-  logger: :stdout
-)
-server.dialects.select! { |dialect| RubySMB::Dialect[dialect].family != RubySMB::Dialect::FAMILY_SMB1 } unless options[:smbv1]
-server.dialects.select! { |dialect| RubySMB::Dialect[dialect].family != RubySMB::Dialect::FAMILY_SMB2 } unless options[:smbv2]
-server.dialects.select! { |dialect| RubySMB::Dialect[dialect].family != RubySMB::Dialect::FAMILY_SMB3 } unless options[:smbv3]
-
-if server.dialects.empty?
-  puts "at least one version must be enabled"
-  exit false
 end
 
+server = RubySMB::Server::Cli.build(options)
 server.add_share(RubySMB::Server::Share::Provider::Disk.new(options[:share_name], options[:share_path]))
-puts "server is running"
-server.run do
-  puts "received connection"
-  true
-end
 
+RubySMB::Server::Cli.run(server)

data/examples/virtual_file_server.rb

@@ -3,7 +3,6 @@
 require 'bundler/setup'
 require 'optparse'
 require 'ruby_smb'
-require 'ruby_smb/gss/provider/ntlm'
 
 # we just need *a* default encoding to handle the strings from the NTLM messages
 Encoding.default_internal = 'UTF-8' if Encoding.default_internal.nil?
@@ -32,70 +31,23 @@ MAGIC_8_BALL_ANSWERS = [
   'Very doubtful'
 ]
 
-options = {
-  allow_anonymous: true,
-  domain: nil,
-  username: 'RubySMB',
-  password: 'password',
-  share_name: 'home',
-  smbv1: true,
-  smbv2: true,
-  smbv3: true
-}
-OptionParser.new do |opts|
-  opts.banner = "Usage: #{File.basename(__FILE__)} [options]"
-  opts.on("--share SHARE", "The share name (default: #{options[:share_name]})") do |share|
-    options[:share_name] = share
-  end
-  opts.on("--[no-]anonymous", "Allow anonymous access (default: #{options[:allow_anonymous]})") do |allow_anonymous|
-    options[:allow_anonymous] = allow_anonymous
-  end
-  opts.on("--[no-]smbv1", "Enable or disable SMBv1 (default: #{options[:smbv1] ? 'Enabled' : 'Disabled'})") do |smbv1|
-    options[:smbv1] = smbv1
-  end
-  opts.on("--[no-]smbv2", "Enable or disable SMBv2 (default: #{options[:smbv2] ? 'Enabled' : 'Disabled'})") do |smbv2|
-    options[:smbv2] = smbv2
-  end
-  opts.on("--[no-]smbv3", "Enable or disable SMBv3 (default: #{options[:smbv3] ? 'Enabled' : 'Disabled'})") do |smbv3|
-    options[:smbv3] = smbv3
-  end
-  opts.on("--username USERNAME", "The account's username (default: #{options[:username]})") do |username|
-    if username.include?('\\')
-      options[:domain], options[:username] = username.split('\\', 2)
-    else
-      options[:username] = username
-    end
-  end
-  opts.on("--password PASSWORD", "The account's password (default: #{options[:password]})") do |password|
-    options[:password] = password
-  end
-  opts.on("--virtual-content CONTENT", "The virtual share contents") do |virtual_content|
+options = RubySMB::Server::Cli.parse do |options, parser|
+  parser.banner = "Usage: #{File.basename(__FILE__)} [options]"
+
+  parser.on("--virtual-content CONTENT", "The virtual share contents") do |virtual_content|
     options[:virtual_content] = virtual_content
   end
-  opts.on("--virtual-name NAME", "The virtual share file name") do |virtual_name|
+
+  parser.on("--virtual-name NAME", "The virtual share file name") do |virtual_name|
     options[:virtual_name] = virtual_name
   end
-  opts.on("--virtual-type TYPE", "The virtual share type") do |virtual_type|
+
+  parser.on("--virtual-type TYPE", "The virtual share type") do |virtual_type|
     options[:virtual_type] = virtual_type
   end
-end.parse!
-
-ntlm_provider = RubySMB::Gss::Provider::NTLM.new(allow_anonymous: options[:allow_anonymous])
-ntlm_provider.put_account(options[:username], options[:password], domain: options[:domain])  # password can also be an NTLM hash
-
-server = RubySMB::Server.new(
-  gss_provider: ntlm_provider,
-  logger: :stdout
-)
-server.dialects.select! { |dialect| RubySMB::Dialect[dialect].family != RubySMB::Dialect::FAMILY_SMB1 } unless options[:smbv1]
-server.dialects.select! { |dialect| RubySMB::Dialect[dialect].family != RubySMB::Dialect::FAMILY_SMB2 } unless options[:smbv2]
-server.dialects.select! { |dialect| RubySMB::Dialect[dialect].family != RubySMB::Dialect::FAMILY_SMB3 } unless options[:smbv3]
-
-if server.dialects.empty?
-  puts "at least one version must be enabled"
-  exit false
 end
 
+server = RubySMB::Server::Cli.build(options)
 virtual_disk = RubySMB::Server::Share::Provider::VirtualDisk.new(options[:share_name])
 
 # greeting is a static text file
@@ -135,9 +87,5 @@ elsif options[:virtual_content] || options[:virtual_name] || options[:virtual_ty
 end
 
 server.add_share(virtual_disk)
-puts "server is running"
-server.run do |server_client|
-  puts "received connection"
-  true
-end
 
+RubySMB::Server::Cli.run(server)

data/lib/ruby_smb/client.rb

@@ -332,7 +332,7 @@ module RubySMB
       # session setup response is received
       @session_encrypt_data = always_encrypt
 
-      @ntlm_client = Net::NTLM::Client.new(
+      @ntlm_client = RubySMB::NTLM::Client.new(
         @username,
         @password,
         workstation: @local_workstation,
@@ -404,7 +404,7 @@ module RubySMB
       @password          = pass.encode('utf-8') || ''.encode('utf-8')
       @username          = user.encode('utf-8') || ''.encode('utf-8')
 
-      @ntlm_client = Net::NTLM::Client.new(
+      @ntlm_client = RubySMB::NTLM::Client.new(
           @username,
           @password,
           workstation: @local_workstation,

data/lib/ruby_smb/ntlm/client.rb

@@ -0,0 +1,74 @@
+module RubySMB::NTLM
+  module Message
+    def deflag
+      security_buffers.inject(head_size) do |cur, a|
+        a[1].offset = cur
+        cur += a[1].data_size
+        has_flag?(:UNICODE) ? cur + cur % 2 : cur
+      end
+    end
+
+    def serialize
+      deflag
+      @alist.map { |n, f| f.serialize }.join + security_buffers.map { |n, f| f.value + (has_flag?(:UNICODE) ? "\x00".b * (f.value.length % 2) : '') }.join
+    end
+  end
+
+  class Client < Net::NTLM::Client
+    class Session < Net::NTLM::Client::Session
+      def authenticate!
+        calculate_user_session_key!
+        type3_opts = {
+          :lm_response   => is_anonymous? ? "\x00".b : lmv2_resp,
+          :ntlm_response => is_anonymous? ? '' : ntlmv2_resp,
+          :domain        => domain,
+          :user          => username,
+          :workstation   => workstation,
+          :flag          => (challenge_message.flag & client.flags)
+        }
+        t3 = Net::NTLM::Message::Type3.create type3_opts
+        t3.extend(Message)
+        if negotiate_key_exchange?
+          t3.enable(:session_key)
+          rc4 = OpenSSL::Cipher.new("rc4")
+          rc4.encrypt
+          rc4.key = user_session_key
+          sk = rc4.update exported_session_key
+          sk << rc4.final
+          t3.session_key = sk
+        end
+        t3
+      end
+
+      def is_anonymous?
+        username == '' && password == ''
+      end
+
+      private
+
+      def use_oem_strings?
+        # @see https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/99d90ff4-957f-4c8a-80e4-5bfe5a9a9832
+        !challenge_message.has_flag?(:UNICODE) && challenge_message.has_flag?(:OEM)
+      end
+
+      def calculate_user_session_key!
+        if is_anonymous?
+          # see MS-NLMP section 3.4
+          @user_session_key = "\x00".b * 16
+        else
+          @user_session_key = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmv2_hash, nt_proof_str)
+        end
+      end
+    end
+
+    def init_context(resp = nil, channel_binding = nil)
+      if resp.nil?
+        @session = nil
+        type1_message
+      else
+        @session = Client::Session.new(self, Net::NTLM::Message.decode64(resp), channel_binding)
+        @session.authenticate!
+      end
+    end
+  end
+end

data/lib/ruby_smb/ntlm.rb

@@ -59,3 +59,4 @@ module RubySMB
   end
 end
 
+require 'ruby_smb/ntlm/client'

data/lib/ruby_smb/server/cli.rb

@@ -0,0 +1,121 @@
+require 'optparse'
+
+module RubySMB
+  class Server
+    module Cli
+      DEFAULT_OPTIONS = {
+        allow_anonymous: true,
+        allow_guests: false,
+        domain: nil,
+        username: 'RubySMB',
+        password: 'password',
+        share_name: 'home',
+        smbv1: true,
+        smbv2: true,
+        smbv3: true
+      }.freeze
+
+      # Parse options from the command line. The resulting option hash is suitable for passing to {build}.
+      #
+      # @yield [options, parser] A block that can be used to update the built option parser.
+      # @yieldparam [Hash<Symbol => >] options The options hash that should be assigned to.
+      # @yieldparam [OptionParser] parser The built option parser.
+      # @param [Hash] defaults Default option values to use.
+      # @return [Hash<Symbol => >] The options hash.
+      #   * :allow_anonymous [Boolean] Whether or not to allow anonymous authentication.
+      #   * :allow_guest [Boolean] Whether or not to allow guest authentication.
+      #   * :username [String] The username of the account to add for authentication.
+      #   * :password [String] The password of the account to add for authentication.
+      #   * :domain [String] The domain of the account to add for authentication.
+      #   * :smbv1 [Boolean] Whether or not to enable SMBv1 dialects.
+      #   * :smbv2 [Boolean] Whether or not to enable SMBv2 dialects.
+      #   * :smbv3 [Boolean] Whether or not to enable SMBv3 dialects.
+      #   * :share_name [String] The name of the share to add.
+      def self.parse(defaults: {}, &block)
+        defaults = DEFAULT_OPTIONS.merge(defaults)
+        options = defaults.clone
+        OptionParser.new do |parser|
+          parser.on("--share-name SHARE_NAME", "The share name (default: #{defaults[:share_name]})") do |share|
+            options[:share_name] = share
+          end
+
+          parser.on("--[no-]anonymous", "Allow anonymous access (default: #{defaults[:allow_anonymous]})") do |allow_anonymous|
+            options[:allow_anonymous] = allow_anonymous
+          end
+
+          parser.on("--[no-]guests", "Allow guest accounts (default: #{defaults[:allow_guests]})") do |allow_guests|
+            options[:allow_guests] = allow_guests
+          end
+
+          parser.on("--[no-]smbv1", "Enable or disable SMBv1 (default: #{defaults[:smbv1] ? 'Enabled' : 'Disabled'})") do |smbv1|
+            options[:smbv1] = smbv1
+          end
+
+          parser.on("--[no-]smbv2", "Enable or disable SMBv2 (default: #{defaults[:smbv2] ? 'Enabled' : 'Disabled'})") do |smbv2|
+            options[:smbv2] = smbv2
+          end
+
+          parser.on("--[no-]smbv3", "Enable or disable SMBv3 (default: #{defaults[:smbv3] ? 'Enabled' : 'Disabled'})") do |smbv3|
+            options[:smbv3] = smbv3
+          end
+
+          parser.on("--username USERNAME", "The account's username (default: #{defaults[:username]})") do |username|
+            if username.include?('\\')
+              options[:domain], options[:username] = username.split('\\', 2)
+            else
+              options[:username] = username
+            end
+          end
+
+          parser.on("--password PASSWORD", "The account's password (default: #{defaults[:password]})") do |password|
+            options[:password] = password
+          end
+
+          block.call(options, parser) if block_given?
+        end.parse!
+
+        options
+      end
+
+      # Build a server instance from the specified options. The NTLM provider will be used for authentication.
+      #
+      # @param [Hash] options the options to use while building the server. See the return value of {parse} for a
+      #   comprehensive list of keys.
+      def self.build(options)
+        ntlm_provider = RubySMB::Gss::Provider::NTLM.new(
+          allow_anonymous: options[:allow_anonymous],
+          allow_guests: options[:allow_guests]
+        )
+        ntlm_provider.put_account(options[:username], options[:password], domain: options[:domain])  # password can also be an NTLM hash
+
+        server = RubySMB::Server.new(
+          gss_provider: ntlm_provider,
+          logger: :stdout
+        )
+        server.dialects.filter! { |dialect| RubySMB::Dialect[dialect].family != RubySMB::Dialect::FAMILY_SMB1 } unless options[:smbv1]
+        server.dialects.filter! { |dialect| RubySMB::Dialect[dialect].family != RubySMB::Dialect::FAMILY_SMB2 } unless options[:smbv2]
+        server.dialects.filter! { |dialect| RubySMB::Dialect[dialect].family != RubySMB::Dialect::FAMILY_SMB3 } unless options[:smbv3]
+
+        server
+      end
+
+      # Run the server forever. At least 1 SMB dialect must be enabled.
+      #
+      # @param [RubySMB::Server] server The server instance to run.
+      # @param [#puts] out The stream to write standard output messages to.
+      # @param [#puts] err The stream to write error messages to.
+      def self.run(server, out: $stdout, err: $stderr)
+        if server.dialects.empty?
+          err.puts 'at least one version must be enabled'
+          return
+        end
+
+        out.puts 'server is running'
+        server.run do |server_client|
+          out.puts 'received connection'
+          true
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/server.rb

@@ -6,6 +6,7 @@ module RubySMB
   # Currently, the server only supports negotiating and authenticating requests. No other server functionality is
   # available at this time. The negotiating and authentication is supported for SMB versions 1 through 3.1.1.
   class Server
+    require 'ruby_smb/server/cli'
     require 'ruby_smb/server/server_client'
     require 'ruby_smb/server/session'
     require 'ruby_smb/server/share'

data/lib/ruby_smb/version.rb

@@ -1,3 +1,3 @@
 module RubySMB
-  VERSION = '3.1.2'.freeze
+  VERSION = '3.1.3'.freeze
 end

data/spec/lib/ruby_smb/ntlm/client/session_spec.rb

@@ -0,0 +1,114 @@
+require 'spec_helper'
+
+RSpec.describe RubySMB::NTLM::Client::Session do
+  let(:message) { Net::NTLM::Message.decode64(%Q{
+    TlRMTVNTUAACAAAADAAMADgAAAA1goni+fNfw+cInOgAAAAAAAAAAJoAmgBE
+    AAAACgBjRQAAAA9NAFMARgBMAEEAQgACAAwATQBTAEYATABBAEIAAQAeAFcA
+    SQBOAC0AMwBNAFMAUAA4AEsAMgBMAEMARwBDAAQAGABtAHMAZgBsAGEAYgAu
+    AGwAbwBjAGEAbAADADgAVwBJAE4ALQAzAE0AUwBQADgASwAyAEwAQwBHAEMA
+    LgBtAHMAZgBsAGEAYgAuAGwAbwBjAGEAbAAHAAgAS6UAWjxl2AEAAAAA
+  }) }
+  subject(:client) { RubySMB::NTLM::Client.new('rubysmb', 'rubysmb', flags: RubySMB::NTLM::DEFAULT_CLIENT_FLAGS) }
+  subject(:session) { described_class.new(client, message) }
+
+  describe '#authenticate!' do
+    it 'calculates the user session key' do
+      expect(session).to receive(:calculate_user_session_key!).and_call_original
+      session.authenticate!
+    end
+
+    it 'checks if it is anonymous' do
+      expect(session).to receive(:is_anonymous?).at_least(1).times.and_call_original
+      session.authenticate!
+    end
+
+    it 'returns a Type3 message' do
+      expect(session.authenticate!).to be_a Net::NTLM::Message::Type3
+      expect(session.authenticate!).to be_a RubySMB::NTLM::Message
+    end
+
+    context 'when it is anonymous' do
+      before(:each) { allow(session).to receive(:is_anonymous?).and_return(true) }
+      after(:each) { session.authenticate! }
+
+      it 'uses the correct lm response' do
+        expect(session).to_not receive(:lmv2_resp)
+        expect(Net::NTLM::Message::Type3).to receive(:create).and_wrap_original do |method, params|
+          expect(params).to include :lm_response
+          expect(params[:lm_response]).to eq "\x00".b
+          method.call(params)
+        end
+      end
+
+      it 'uses the correct ntlm response' do
+        expect(session).to_not receive(:ntlmv2_resp)
+        expect(Net::NTLM::Message::Type3).to receive(:create).and_wrap_original do |method, params|
+          expect(params).to include :ntlm_response
+          expect(params[:ntlm_response]).to eq ''
+          method.call(params)
+        end
+      end
+    end
+
+    context 'when it is not anonymous' do
+      before(:each) { allow(session).to receive(:is_anonymous?).and_return(false) }
+      after(:each) { session.authenticate! }
+
+      it 'uses the correct lm response' do
+        expect(session).to receive(:lmv2_resp).and_call_original
+        expect(Net::NTLM::Message::Type3).to receive(:create).and_wrap_original do |method, params|
+          expect(params).to include :lm_response
+          expect(params[:lm_response].length).to be > 16
+          method.call(params)
+        end
+      end
+
+      it 'uses the correct ntlm response' do
+        expect(session).to receive(:ntlmv2_resp).and_call_original
+        expect(Net::NTLM::Message::Type3).to receive(:create).and_wrap_original do |method, params|
+          expect(params).to include :ntlm_response
+          expect(params[:ntlm_response].length).to be > 16
+          method.call(params)
+        end
+      end
+    end
+  end
+
+  describe '#calculate_user_session_key!' do
+    it 'returns an all zero key when it is anonymous' do
+      expect(session).to receive(:is_anonymous?).and_return(true)
+      expect(session.send(:calculate_user_session_key!)).to eq "\x00".b * 16
+    end
+
+    it 'returns a session key' do
+      expect(session).to receive(:is_anonymous?).and_return(false)
+      expect(session.send(:calculate_user_session_key!)).to_not eq "\x00".b * 16
+    end
+  end
+
+  describe '#is_anonymous?' do
+    it 'returns false when the username is not blank' do
+      allow(session).to receive(:username).and_return('username')
+      allow(session).to receive(:password).and_return('')
+      expect(session.is_anonymous?).to be false
+    end
+
+    it 'returns false when the password is not blank' do
+      allow(session).to receive(:username).and_return('')
+      allow(session).to receive(:password).and_return('password')
+      expect(session.is_anonymous?).to be false
+    end
+
+    it 'returns false when the username is not blank and the password is not blank' do
+      allow(session).to receive(:username).and_return('username')
+      allow(session).to receive(:password).and_return('password')
+      expect(session.is_anonymous?).to be false
+    end
+
+    it 'returns true when the username is blank and the password is blank' do
+      allow(session).to receive(:username).and_return('')
+      allow(session).to receive(:password).and_return('')
+      expect(session.is_anonymous?).to be true
+    end
+  end
+end

data/spec/lib/ruby_smb/ntlm/client_spec.rb

@@ -0,0 +1,36 @@
+require 'spec_helper'
+
+RSpec.describe RubySMB::NTLM::Client do
+  subject(:client) { described_class.new('rubysmb', 'rubysmb', flags: RubySMB::NTLM::DEFAULT_CLIENT_FLAGS) }
+
+  describe '#init_context' do
+    context 'when a response is provided' do
+      let(:resp) { %Q{
+        TlRMTVNTUAACAAAADAAMADgAAAA1goni+fNfw+cInOgAAAAAAAAAAJoAmgBE
+        AAAACgBjRQAAAA9NAFMARgBMAEEAQgACAAwATQBTAEYATABBAEIAAQAeAFcA
+        SQBOAC0AMwBNAFMAUAA4AEsAMgBMAEMARwBDAAQAGABtAHMAZgBsAGEAYgAu
+        AGwAbwBjAGEAbAADADgAVwBJAE4ALQAzAE0AUwBQADgASwAyAEwAQwBHAEMA
+        LgBtAHMAZgBsAGEAYgAuAGwAbwBjAGEAbAAHAAgAS6UAWjxl2AEAAAAA
+      } }
+      it 'returns a Type3 message' do
+        expect(client.init_context(resp)).to be_a Net::NTLM::Message::Type3
+      end
+
+      it 'creates a new session object' do
+        expect(RubySMB::NTLM::Client::Session).to receive(:new).and_call_original
+        client.init_context(resp)
+      end
+    end
+
+    context 'when a response is not provided' do
+      it 'returns a Type1 message' do
+        expect(client.init_context).to be_a Net::NTLM::Message::Type1
+      end
+
+      it 'does not create a new session object' do
+        expect(RubySMB::NTLM::Client::Session).to_not receive(:new)
+        client.init_context
+      end
+    end
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ruby_smb
 version: !ruby/object:Gem::Version
-  version: 3.1.2
+  version: 3.1.3
 platform: ruby
 authors:
 - Metasploit Hackers
@@ -97,7 +97,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2022-05-04 00:00:00.000000000 Z
+date: 2022-05-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: redcarpet
@@ -473,7 +473,9 @@ files:
 - lib/ruby_smb/nbss/session_header.rb
 - lib/ruby_smb/nbss/session_request.rb
 - lib/ruby_smb/ntlm.rb
+- lib/ruby_smb/ntlm/client.rb
 - lib/ruby_smb/server.rb
+- lib/ruby_smb/server/cli.rb
 - lib/ruby_smb/server/server_client.rb
 - lib/ruby_smb/server/server_client/encryption.rb
 - lib/ruby_smb/server/server_client/negotiation.rb
@@ -802,6 +804,8 @@ files:
 - spec/lib/ruby_smb/nbss/netbios_name_spec.rb
 - spec/lib/ruby_smb/nbss/session_header_spec.rb
 - spec/lib/ruby_smb/nbss/session_request_spec.rb
+- spec/lib/ruby_smb/ntlm/client/session_spec.rb
+- spec/lib/ruby_smb/ntlm/client_spec.rb
 - spec/lib/ruby_smb/server/server_client_spec.rb
 - spec/lib/ruby_smb/server/session_spec.rb
 - spec/lib/ruby_smb/server/share/provider/disk_spec.rb
@@ -1112,6 +1116,8 @@ test_files:
 - spec/lib/ruby_smb/nbss/netbios_name_spec.rb
 - spec/lib/ruby_smb/nbss/session_header_spec.rb
 - spec/lib/ruby_smb/nbss/session_request_spec.rb
+- spec/lib/ruby_smb/ntlm/client/session_spec.rb
+- spec/lib/ruby_smb/ntlm/client_spec.rb
 - spec/lib/ruby_smb/server/server_client_spec.rb
 - spec/lib/ruby_smb/server/session_spec.rb
 - spec/lib/ruby_smb/server/share/provider/disk_spec.rb