The branch, master has been updated
via a7ffbf4 s4:torture: add a rpc.samba3.smb-reauth2 test
via 71f88db s4:torture: add a rpc.samba3.smb-reauth1 test
via e563e5a s4:torture: add a raw.session suite with a
raw.session.reauth test
from 87c2399 Fix bug reported by [email protected].
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit a7ffbf467d0f74ca171ba79e1c6e3506ae862302
Author: Michael Adam <[email protected]>
Date: Wed Apr 25 16:38:56 2012 +0200
s4:torture: add a rpc.samba3.smb-reauth2 test
* Open session.
* Reauth to anon.
* Open lsa pipe.
* Do lsa get username.
* Rauth to original user.
* Do lsa get username again.
expected result: the getusername works and
shows 'NT AUTHORITY\ANONYMOUS LOGON' in both calls.
Autobuild-User: Michael Adam <[email protected]>
Autobuild-Date: Thu Apr 26 02:27:12 CEST 2012 on sn-devel-104
commit 71f88dbbb5f0918d9847148520ff99715a6dbf22
Author: Michael Adam <[email protected]>
Date: Tue Apr 24 13:30:41 2012 +0200
s4:torture: add a rpc.samba3.smb-reauth1 test
It does reauth while using an rpc pipe:
* open session
* open lsa pipe
* do lsa getusername
* reauth to anonymous
* do lsa getusername again
* reauth back to original user
* do reauth again
result: lsa getusername is always possible
and always gives the first (authenticated user)
commit e563e5a2be617f26c6046f82da3b03b856115bbc
Author: Gregor Beck <[email protected]>
Date: Wed Mar 7 13:53:24 2012 +0100
s4:torture: add a raw.session suite with a raw.session.reauth test
Signed-off-by: Michael Adam <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
source4/torture/raw/raw.c | 1 +
source4/torture/raw/session.c | 90 +++++++++++
source4/torture/rpc/samba3rpc.c | 310 +++++++++++++++++++++++++++++++++++++++
source4/torture/wscript_build | 2 +-
4 files changed, 402 insertions(+), 1 deletions(-)
create mode 100644 source4/torture/raw/session.c
Changeset truncated at 500 lines:
diff --git a/source4/torture/raw/raw.c b/source4/torture/raw/raw.c
index d75488b..10a0e89 100644
--- a/source4/torture/raw/raw.c
+++ b/source4/torture/raw/raw.c
@@ -56,6 +56,7 @@ NTSTATUS torture_raw_init(void)
torture_suite_add_suite(suite, torture_raw_write(suite));
torture_suite_add_suite(suite, torture_raw_lock(suite));
torture_suite_add_1smb_test(suite, "context", torture_raw_context);
+ torture_suite_add_suite(suite, torture_raw_session(suite));
torture_suite_add_suite(suite, torture_raw_rename(suite));
torture_suite_add_1smb_test(suite, "seek", torture_raw_seek);
torture_suite_add_1smb_test(suite, "eas", torture_raw_eas);
diff --git a/source4/torture/raw/session.c b/source4/torture/raw/session.c
new file mode 100644
index 0000000..5c454c6
--- /dev/null
+++ b/source4/torture/raw/session.c
@@ -0,0 +1,90 @@
+/*
+ Unix SMB/CIFS implementation.
+ test suite for session setup operations
+ Copyright (C) Gregor Beck 2012
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "torture.h"
+#include "smb_cli.h"
+#include "torture/raw/proto.h"
+#include "smb_composite/smb_composite.h"
+#include "lib/cmdline/popt_common.h"
+#include "param/param.h"
+#include "torture/util.h"
+
+
+static bool test_session_reauth(struct torture_context *tctx,
+ struct smbcli_state *cli)
+{
+ NTSTATUS status;
+ struct smb_composite_sesssetup io;
+ int fnum, num;
+ const int dlen = 255;
+ char *data;
+ char fname[256];
+ char buf[dlen+1];
+ bool ok = true;
+
+ data = generate_random_str(tctx, dlen);
+ snprintf(fname, sizeof(fname), "raw_session_reconnect_%.8s.dat", data);
+
+ fnum = smbcli_nt_create_full(cli->tree, fname, 0,
+ SEC_RIGHTS_FILE_ALL,
+ FILE_ATTRIBUTE_NORMAL,
+ NTCREATEX_SHARE_ACCESS_NONE,
+ NTCREATEX_DISP_OPEN_IF,
+ NTCREATEX_OPTIONS_DELETE_ON_CLOSE,
+ 0);
+ torture_assert_ntstatus_ok_goto(tctx, smbcli_nt_error(cli->tree), ok,
+ done, "create file");
+ torture_assert_goto(tctx, fnum > 0, ok, done, "create file");
+
+ num = smbcli_smbwrite(cli->tree, fnum, data, 0, dlen);
+ torture_assert_int_equal_goto(tctx, num, dlen, ok, done, "write file");
+
+ ZERO_STRUCT(io);
+ io.in.sesskey = cli->transport->negotiate.sesskey;
+ io.in.capabilities = cli->transport->negotiate.capabilities;
+ io.in.credentials = cmdline_credentials;
+ io.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
+ io.in.gensec_settings = lpcfg_gensec_settings(tctx, tctx->lp_ctx);
+ status = smb_composite_sesssetup(cli->session, &io);
+ torture_assert_ntstatus_ok_goto(tctx, status, ok, done, "setup2");
+
+ num = smbcli_read(cli->tree, fnum, &buf, 0, dlen);
+ torture_assert_int_equal_goto(tctx, num, dlen, ok, done, "read file");
+ torture_assert_str_equal_goto(tctx, buf, data, ok, done, "read file");
+
+done:
+ talloc_free(data);
+
+ if (fnum > 0) {
+ status = smbcli_close(cli->tree, fnum);
+ torture_assert_ntstatus_ok(tctx, status, "close");
+ }
+ return ok;
+}
+
+struct torture_suite *torture_raw_session(TALLOC_CTX *mem_ctx)
+{
+ struct torture_suite *suite = torture_suite_create(mem_ctx, "session");
+ suite->description = talloc_strdup(suite, "RAW-SESSION tests");
+
+ torture_suite_add_1smb_test(suite, "reauth", test_session_reauth);
+
+ return suite;
+}
diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c
index 5274603..d8684da 100644
--- a/source4/torture/rpc/samba3rpc.c
+++ b/source4/torture/rpc/samba3rpc.c
@@ -3272,6 +3272,314 @@ bool torture_samba3_getaliasmembership_0(struct
torture_context *torture)
return true;
}
+/**
+ * Test smb reauthentication while rpc pipe is in use.
+ */
+static bool torture_rpc_smb_reauth1(struct torture_context *torture)
+{
+ TALLOC_CTX *mem_ctx;
+ NTSTATUS status;
+ bool ret = false;
+ struct smbcli_state *cli;
+ struct smbcli_options options;
+ struct smbcli_session_options session_options;
+
+ struct dcerpc_pipe *lsa_pipe;
+ struct dcerpc_binding_handle *lsa_handle;
+ struct lsa_GetUserName r;
+ struct lsa_String *authority_name_p = NULL;
+ char *authority_name_saved = NULL;
+ struct lsa_String *account_name_p = NULL;
+ char *account_name_saved = NULL;
+ struct cli_credentials *anon_creds = NULL;
+ struct smb_composite_sesssetup io;
+
+ mem_ctx = talloc_init("torture_samba3_reauth");
+ torture_assert(torture, (mem_ctx != NULL), "talloc_init failed");
+
+ lpcfg_smbcli_options(torture->lp_ctx, &options);
+ lpcfg_smbcli_session_options(torture->lp_ctx, &session_options);
+
+ status = smbcli_full_connection(mem_ctx, &cli,
+ torture_setting_string(torture, "host",
NULL),
+ lpcfg_smb_ports(torture->lp_ctx),
+ "IPC$", NULL,
+ lpcfg_socket_options(torture->lp_ctx),
+ cmdline_credentials,
+ lpcfg_resolve_context(torture->lp_ctx),
+ torture->ev, &options, &session_options,
+ lpcfg_gensec_settings(torture,
torture->lp_ctx));
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "smbcli_full_connection failed");
+
+ lsa_pipe = dcerpc_pipe_init(mem_ctx, torture->ev);
+ torture_assert_goto(torture, (lsa_pipe != NULL), ret, done,
+ "dcerpc_pipe_init failed");
+ lsa_handle = lsa_pipe->binding_handle;
+
+ status = dcerpc_pipe_open_smb(lsa_pipe, cli->tree, "\\lsarpc");
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "dcerpc_pipe_open failed");
+
+ status = dcerpc_bind_auth_none(lsa_pipe, &ndr_table_lsarpc);
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "dcerpc_bind_auth_none failed");
+
+ /* lsa getusername */
+
+ ZERO_STRUCT(r);
+ r.in.system_name = "\\";
+ r.in.account_name = &account_name_p;
+ r.in.authority_name = &authority_name_p;
+ r.out.account_name = &account_name_p;
+
+ status = dcerpc_lsa_GetUserName_r(lsa_handle, mem_ctx, &r);
+
+ authority_name_p = *r.out.authority_name;
+
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "GetUserName failed");
+ torture_assert_ntstatus_ok_goto(torture, r.out.result, ret, done,
+ "GetUserName failed");
+
+ torture_comment(torture, "lsa_GetUserName gave '%s\\%s'\n",
+ authority_name_p->string,
+ account_name_p->string);
+
+ account_name_saved = talloc_strdup(mem_ctx, account_name_p->string);
+ torture_assert_goto(torture, (account_name_saved != NULL), ret, done,
+ "talloc failed");
+ authority_name_saved = talloc_strdup(mem_ctx, authority_name_p->string);
+ torture_assert_goto(torture, (authority_name_saved != NULL), ret, done,
+ "talloc failed");
+
+ /* smb re-authenticate as anonymous */
+
+ anon_creds = cli_credentials_init_anon(mem_ctx);
+
+ ZERO_STRUCT(io);
+ io.in.sesskey = cli->transport->negotiate.sesskey;
+ io.in.capabilities = cli->transport->negotiate.capabilities;
+ io.in.credentials = anon_creds;
+ io.in.workgroup = lpcfg_workgroup(torture->lp_ctx);
+ io.in.gensec_settings = lpcfg_gensec_settings(torture, torture->lp_ctx);
+
+ status = smb_composite_sesssetup(cli->session, &io);
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "session reauth to anon failed");
+
+ /* re-do lsa getusername after reauth */
+
+ TALLOC_FREE(authority_name_p);
+ TALLOC_FREE(account_name_p);
+ ZERO_STRUCT(r);
+ r.in.system_name = "\\";
+ r.in.account_name = &account_name_p;
+ r.in.authority_name = &authority_name_p;
+ r.out.account_name = &account_name_p;
+
+ status = dcerpc_lsa_GetUserName_r(lsa_handle, mem_ctx, &r);
+
+ authority_name_p = *r.out.authority_name;
+
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "GetUserName failed");
+ torture_assert_ntstatus_ok_goto(torture, r.out.result, ret, done,
+ "GetUserName failed");
+
+ torture_assert_goto(torture, (strcmp(authority_name_p->string,
authority_name_saved) == 0),
+ ret, done, "authority_name not equal after reauth
to anon");
+ torture_assert_goto(torture, (strcmp(account_name_p->string,
account_name_saved) == 0),
+ ret, done, "account_name not equal after reauth to
anon");
+
+ /* smb re-auth again to the original user */
+
+ ZERO_STRUCT(io);
+ io.in.sesskey = cli->transport->negotiate.sesskey;
+ io.in.capabilities = cli->transport->negotiate.capabilities;
+ io.in.credentials = cmdline_credentials;
+ io.in.workgroup = lpcfg_workgroup(torture->lp_ctx);
+ io.in.gensec_settings = lpcfg_gensec_settings(torture, torture->lp_ctx);
+
+ status = smb_composite_sesssetup(cli->session, &io);
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "session reauth to anon failed");
+
+ /* re-do lsa getusername */
+
+ TALLOC_FREE(authority_name_p);
+ TALLOC_FREE(account_name_p);
+ ZERO_STRUCT(r);
+ r.in.system_name = "\\";
+ r.in.account_name = &account_name_p;
+ r.in.authority_name = &authority_name_p;
+ r.out.account_name = &account_name_p;
+
+ status = dcerpc_lsa_GetUserName_r(lsa_handle, mem_ctx, &r);
+
+ authority_name_p = *r.out.authority_name;
+
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "GetUserName failed");
+ torture_assert_ntstatus_ok_goto(torture, r.out.result, ret, done,
+ "GetUserName failed");
+
+ torture_assert_goto(torture, (strcmp(authority_name_p->string,
authority_name_saved) == 0),
+ ret, done, "authority_name not equal after reauth
to anon");
+ torture_assert_goto(torture, (strcmp(account_name_p->string,
account_name_saved) == 0),
+ ret, done, "account_name not equal after reauth to
anon");
+
+ ret = true;
+
+done:
+ talloc_free(mem_ctx);
+ return ret;
+}
+
+/**
+ * Test smb reauthentication while rpc pipe is in use.
+ * Open a second lsa bind after reauth to anon.
+ * Do lsa getusername on that second bind.
+ */
+static bool torture_rpc_smb_reauth2(struct torture_context *torture)
+{
+ TALLOC_CTX *mem_ctx;
+ NTSTATUS status;
+ bool ret = false;
+ struct smbcli_state *cli;
+ struct smbcli_options options;
+ struct smbcli_session_options session_options;
+
+ struct dcerpc_pipe *lsa_pipe;
+ struct dcerpc_binding_handle *lsa_handle;
+ struct lsa_GetUserName r;
+ struct lsa_String *authority_name_p = NULL;
+ char *authority_name_saved = NULL;
+ struct lsa_String *account_name_p = NULL;
+ char *account_name_saved = NULL;
+ struct cli_credentials *anon_creds = NULL;
+ struct smb_composite_sesssetup io;
+
+ mem_ctx = talloc_init("torture_samba3_reauth");
+ torture_assert(torture, (mem_ctx != NULL), "talloc_init failed");
+
+ lpcfg_smbcli_options(torture->lp_ctx, &options);
+ lpcfg_smbcli_session_options(torture->lp_ctx, &session_options);
+
+ status = smbcli_full_connection(mem_ctx, &cli,
+ torture_setting_string(torture, "host",
NULL),
+ lpcfg_smb_ports(torture->lp_ctx),
+ "IPC$", NULL,
+ lpcfg_socket_options(torture->lp_ctx),
+ cmdline_credentials,
+ lpcfg_resolve_context(torture->lp_ctx),
+ torture->ev, &options, &session_options,
+ lpcfg_gensec_settings(torture,
torture->lp_ctx));
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "smbcli_full_connection failed");
+
+ /* smb re-authenticate as anonymous */
+
+ anon_creds = cli_credentials_init_anon(mem_ctx);
+
+ ZERO_STRUCT(io);
+ io.in.sesskey = cli->transport->negotiate.sesskey;
+ io.in.capabilities = cli->transport->negotiate.capabilities;
+ io.in.credentials = anon_creds;
+ io.in.workgroup = lpcfg_workgroup(torture->lp_ctx);
+ io.in.gensec_settings = lpcfg_gensec_settings(torture, torture->lp_ctx);
+
+ status = smb_composite_sesssetup(cli->session, &io);
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "session reauth to anon failed");
+
+ /* open the lsa pipe */
+
+ lsa_pipe = dcerpc_pipe_init(mem_ctx, torture->ev);
+ torture_assert_goto(torture, (lsa_pipe != NULL), ret, done,
+ "dcerpc_pipe_init failed");
+ lsa_handle = lsa_pipe->binding_handle;
+
+ status = dcerpc_pipe_open_smb(lsa_pipe, cli->tree, "\\lsarpc");
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "dcerpc_pipe_open failed");
+
+ status = dcerpc_bind_auth_none(lsa_pipe, &ndr_table_lsarpc);
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "dcerpc_bind_auth_none failed");
+
+ /* lsa getusername */
+
+ ZERO_STRUCT(r);
+ r.in.system_name = "\\";
+ r.in.account_name = &account_name_p;
+ r.in.authority_name = &authority_name_p;
+ r.out.account_name = &account_name_p;
+
+ status = dcerpc_lsa_GetUserName_r(lsa_handle, mem_ctx, &r);
+
+ authority_name_p = *r.out.authority_name;
+
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "GetUserName failed");
+ torture_assert_ntstatus_ok_goto(torture, r.out.result, ret, done,
+ "GetUserName failed");
+
+ torture_comment(torture, "lsa_GetUserName gave '%s\\%s'\n",
+ authority_name_p->string,
+ account_name_p->string);
+
+ account_name_saved = talloc_strdup(mem_ctx, account_name_p->string);
+ torture_assert_goto(torture, (account_name_saved != NULL), ret, done,
+ "talloc failed");
+ authority_name_saved = talloc_strdup(mem_ctx, authority_name_p->string);
+ torture_assert_goto(torture, (authority_name_saved != NULL), ret, done,
+ "talloc failed");
+
+ /* smb re-auth again to the original user */
+
+ ZERO_STRUCT(io);
+ io.in.sesskey = cli->transport->negotiate.sesskey;
+ io.in.capabilities = cli->transport->negotiate.capabilities;
+ io.in.credentials = cmdline_credentials;
+ io.in.workgroup = lpcfg_workgroup(torture->lp_ctx);
+ io.in.gensec_settings = lpcfg_gensec_settings(torture, torture->lp_ctx);
+
+ status = smb_composite_sesssetup(cli->session, &io);
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "session reauth to anon failed");
+
+ /* re-do lsa getusername after reauth */
+
+ TALLOC_FREE(authority_name_p);
+ TALLOC_FREE(account_name_p);
+ ZERO_STRUCT(r);
+ r.in.system_name = "\\";
+ r.in.account_name = &account_name_p;
+ r.in.authority_name = &authority_name_p;
+ r.out.account_name = &account_name_p;
+
+ status = dcerpc_lsa_GetUserName_r(lsa_handle, mem_ctx, &r);
+
+ authority_name_p = *r.out.authority_name;
+
+ torture_assert_ntstatus_ok_goto(torture, status, ret, done,
+ "GetUserName failed");
+ torture_assert_ntstatus_ok_goto(torture, r.out.result, ret, done,
+ "GetUserName failed");
+
+ torture_assert_goto(torture, (strcmp(authority_name_p->string,
authority_name_saved) == 0),
+ ret, done, "authority_name not equal after reauth
to anon");
+ torture_assert_goto(torture, (strcmp(account_name_p->string,
account_name_saved) == 0),
+ ret, done, "account_name not equal after reauth to
anon");
+
+ ret = true;
+
+done:
+ talloc_free(mem_ctx);
+ return ret;
+}
+
struct torture_suite *torture_rpc_samba3(TALLOC_CTX *mem_ctx)
{
struct torture_suite *suite = torture_suite_create(mem_ctx, "samba3");
@@ -3289,6 +3597,8 @@ struct torture_suite *torture_rpc_samba3(TALLOC_CTX
*mem_ctx)
torture_suite_add_simple_test(suite, "winreg",
torture_samba3_rpc_winreg);
torture_suite_add_simple_test(suite, "getaliasmembership-0",
torture_samba3_getaliasmembership_0);
torture_suite_add_simple_test(suite, "regconfig",
torture_samba3_regconfig);
+ torture_suite_add_simple_test(suite, "smb-reauth1",
torture_rpc_smb_reauth1);
+ torture_suite_add_simple_test(suite, "smb-reauth2",
torture_rpc_smb_reauth2);
suite->description = talloc_strdup(suite, "samba3 DCERPC interface
tests");
diff --git a/source4/torture/wscript_build b/source4/torture/wscript_build
index f1692e8..571da55 100644
--- a/source4/torture/wscript_build
+++ b/source4/torture/wscript_build
@@ -19,7 +19,7 @@ bld.SAMBA_MODULE('TORTURE_BASIC',
bld.SAMBA_MODULE('TORTURE_RAW',
- source='raw/qfsinfo.c raw/qfileinfo.c raw/setfileinfo.c raw/search.c
raw/close.c raw/open.c raw/mkdir.c raw/oplock.c raw/notify.c raw/mux.c
raw/ioctl.c raw/chkpath.c raw/unlink.c raw/read.c raw/context.c raw/write.c
raw/lock.c raw/pingpong.c raw/lockbench.c raw/lookuprate.c raw/tconrate.c
raw/openbench.c raw/rename.c raw/eas.c raw/streams.c raw/acls.c raw/seek.c
raw/samba3hide.c raw/samba3misc.c raw/composite.c raw/raw.c raw/offline.c',
+ source='raw/qfsinfo.c raw/qfileinfo.c raw/setfileinfo.c raw/search.c
raw/close.c raw/open.c raw/mkdir.c raw/oplock.c raw/notify.c raw/mux.c
raw/ioctl.c raw/chkpath.c raw/unlink.c raw/read.c raw/context.c raw/session.c
raw/write.c raw/lock.c raw/pingpong.c raw/lockbench.c raw/lookuprate.c
raw/tconrate.c raw/openbench.c raw/rename.c raw/eas.c raw/streams.c raw/acls.c
raw/seek.c raw/samba3hide.c raw/samba3misc.c raw/composite.c raw/raw.c
raw/offline.c',
autoproto='raw/proto.h',
subsystem='smbtorture',
init_function='torture_raw_init',
--
Samba Shared Repository
