Force the encoding on a new copy of the string

lib/ruby_smb/gss/provider/ntlm.rb

@@ -124,8 +124,8 @@ def process_ntlm_type3(type3_msg)
             dbg_string = "#{type3_msg.domain.encode(''.encoding)}\\#{type3_msg.user.encode(''.encoding)}"
             logger.debug("NTLM authentication request received for #{dbg_string}")
             account = @provider.get_account(
-              type3_msg.user.force_encoding('UTF-16LE').encode,
-              domain: type3_msg.domain.force_encoding('UTF-16LE').encode
+              type3_msg.user,
+              domain: type3_msg.domain
             )
             if account.nil?
               if @provider.allow_guests
@@ -154,7 +154,7 @@ def process_ntlm_type3(type3_msg)
               ntlmv2_hash = Net::NTLM.ntlmv2_hash(
                 Net::NTLM::EncodeUtil.encode_utf16le(account.username),
                 Net::NTLM::EncodeUtil.encode_utf16le(account.password),
-                type3_msg.domain.force_encoding('ASCII-8BIT'),  # don't use the account domain because of the special '.' value
+                type3_msg.domain.dup.force_encoding('ASCII-8BIT'),  # don't use the account domain because of the special '.' value
                 {client_challenge: their_blob[16...24], unicode: true}
               )
 

spec/lib/ruby_smb/gss/provider/ntlm/authenticator_spec.rb

@@ -155,6 +155,8 @@
 
       context 'when the password is correct' do
         it 'should process a NTLM type 3 message and return STATUS_SUCCESS' do
+          type3_msg.user.force_encoding('UTF-16LE')
+          type3_msg.domain.force_encoding('UTF-16LE')
           status = authenticator.process_ntlm_type3(type3_msg)
           expect(status).to be_a WindowsError::ErrorCode
           expect(status).to eq WindowsError::NTStatus::STATUS_SUCCESS