The branch, master has been updated
via 9a01661 Revert "selftest: mark ^samba4.raw.context.session1 as
flapping, the test was wrong"
via 49dbd38 s4:smb_server/smb: only create a new session with vuid == 0
via 865e9c4 s4:torture/raw/context: test a session setup with a given
invalid vuid
via d7c9da8 selftest: mark ^samba4.raw.context.session1 as flapping,
the test was wrong
via aee52a2 s3:libsmb: remove unused var in smb2cli_set_info_done
from 088436d s3:winbindd:autorid check that transaction start did work
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 9a016613dbc32a5b76043b0c582ee50e495002c0
Author: Stefan Metzmacher <[email protected]>
Date: Mon May 7 17:01:08 2012 +0200
Revert "selftest: mark ^samba4.raw.context.session1 as flapping, the test
was wrong"
This reverts commit 794a9da38fbd88eb3d358d453cc5d21998604caa.
The test is fixed now.
metze
Autobuild-User: Stefan Metzmacher <[email protected]>
Autobuild-Date: Wed May 9 02:53:24 CEST 2012 on sn-devel-104
commit 49dbd380477f9987d2511ca3111af50f2bdd2859
Author: Stefan Metzmacher <[email protected]>
Date: Sun May 6 21:09:47 2012 +0200
s4:smb_server/smb: only create a new session with vuid == 0
metze
commit 865e9c45606e59e111470bbdb35943d8fceff814
Author: Stefan Metzmacher <[email protected]>
Date: Tue May 1 13:33:14 2012 +0200
s4:torture/raw/context: test a session setup with a given invalid vuid
On a session setup with EXTENDED_SECURITY we'll get ERRSRV:ERRbaduid,
while a session setup without EXTENDED_SECURITY ignores the given vuid.
Before this test was doing a reauth of a given vuid, which works for newer
Windows versions, but Windows 2000 gives INVALID_PARAMETER.
metze
commit d7c9da8b89a48f76155f9cc2ac4d03a99a324397
Author: Stefan Metzmacher <[email protected]>
Date: Mon May 7 12:32:28 2012 +0200
selftest: mark ^samba4.raw.context.session1 as flapping, the test was wrong
metze
commit aee52a25386ff2830ee4c89443978fca42dd2b49
Author: Stefan Metzmacher <[email protected]>
Date: Mon May 7 12:33:45 2012 +0200
s3:libsmb: remove unused var in smb2cli_set_info_done
-----------------------------------------------------------------------
Summary of changes:
source3/libsmb/smb2cli_set_info.c | 3 --
source4/smb_server/session.c | 9 ++----
source4/smb_server/smb/sesssetup.c | 12 +++++++--
source4/smb_server/smb2/sesssetup.c | 5 ++++
source4/torture/raw/context.c | 46 ++++++++++++++++++++++-------------
5 files changed, 46 insertions(+), 29 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libsmb/smb2cli_set_info.c
b/source3/libsmb/smb2cli_set_info.c
index 2ffb3ec..bd59535 100644
--- a/source3/libsmb/smb2cli_set_info.c
+++ b/source3/libsmb/smb2cli_set_info.c
@@ -105,9 +105,6 @@ static void smb2cli_set_info_done(struct tevent_req *subreq)
struct tevent_req *req =
tevent_req_callback_data(subreq,
struct tevent_req);
- struct smb2cli_set_info_state *state =
- tevent_req_data(req,
- struct smb2cli_set_info_state);
NTSTATUS status;
static const struct smb2cli_req_expected_response expected[] = {
{
diff --git a/source4/smb_server/session.c b/source4/smb_server/session.c
index 3cb6576..aa8d752 100644
--- a/source4/smb_server/session.c
+++ b/source4/smb_server/session.c
@@ -85,12 +85,9 @@ struct smbsrv_session *smbsrv_session_find_sesssetup(struct
smbsrv_connection *s
p = idr_find(smb_conn->sessions.idtree_vuid, vuid);
if (!p) return NULL;
- /* only return an unfinished session */
- sess = talloc_get_type(p, struct smbsrv_session);
- if (sess && !sess->session_info) {
- return sess;
- }
- return NULL;
+ sess = talloc_get_type_abort(p, struct smbsrv_session);
+
+ return sess;
}
/*
diff --git a/source4/smb_server/smb/sesssetup.c
b/source4/smb_server/smb/sesssetup.c
index 57460fa..b26c128 100644
--- a/source4/smb_server/smb/sesssetup.c
+++ b/source4/smb_server/smb/sesssetup.c
@@ -435,8 +435,7 @@ static void sesssetup_spnego(struct smbsrv_request *req,
union smb_sesssetup *se
vuid = SVAL(req->in.hdr,HDR_UID);
/* lookup an existing session */
- smb_sess = smbsrv_session_find_sesssetup(req->smb_conn, vuid);
- if (!smb_sess) {
+ if (vuid == 0) {
struct gensec_security *gensec_ctx;
status = samba_server_gensec_start(req,
@@ -466,10 +465,17 @@ static void sesssetup_spnego(struct smbsrv_request *req,
union smb_sesssetup *se
status = NT_STATUS_INSUFFICIENT_RESOURCES;
goto failed;
}
+ } else {
+ smb_sess = smbsrv_session_find_sesssetup(req->smb_conn, vuid);
}
if (!smb_sess) {
- status = NT_STATUS_ACCESS_DENIED;
+ status = NT_STATUS_DOS(ERRSRV, ERRbaduid);
+ goto failed;
+ }
+
+ if (smb_sess->session_info) {
+ status = NT_STATUS_INVALID_PARAMETER;
goto failed;
}
diff --git a/source4/smb_server/smb2/sesssetup.c
b/source4/smb_server/smb2/sesssetup.c
index 41f629b..35a1484 100644
--- a/source4/smb_server/smb2/sesssetup.c
+++ b/source4/smb_server/smb2/sesssetup.c
@@ -167,6 +167,11 @@ static void smb2srv_sesssetup_backend(struct
smb2srv_request *req, union smb_ses
}
if (!smb_sess) {
+ status = NT_STATUS_USER_SESSION_DELETED;
+ goto failed;
+ }
+
+ if (smb_sess->session_info) {
/* see WSPP test suite - test 11 */
status = NT_STATUS_REQUEST_NOT_ACCEPTED;
goto failed;
diff --git a/source4/torture/raw/context.c b/source4/torture/raw/context.c
index af53453..386ba34 100644
--- a/source4/torture/raw/context.c
+++ b/source4/torture/raw/context.c
@@ -52,6 +52,7 @@ static bool test_session(struct torture_context *tctx,
bool ret = true;
struct smbcli_session *session;
struct smbcli_session *session2;
+ uint16_t vuid3;
struct smbcli_session *session3;
struct smbcli_session *session4;
struct cli_credentials *anon_creds;
@@ -95,37 +96,50 @@ static bool test_session(struct torture_context *tctx,
session->vuid = setup.out.vuid;
- torture_comment(tctx, "create a third security context on the same
transport, with vuid set\n");
+ torture_comment(tctx, "create a third security context on the same
transport, with given vuid\n");
session2 = smbcli_session_init(cli->transport, tctx, false, options);
- session2->vuid = session->vuid;
+ if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
+ vuid3 = session->vuid+1;
+ if (vuid3 == cli->session->vuid) {
+ vuid3 += 1;
+ }
+ if (vuid3 == UINT16_MAX) {
+ vuid3 += 2;
+ }
+ } else {
+ vuid3 = session->vuid;
+ }
+ session2->vuid = vuid3;
+
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities; /*
ignored in secondary session setup, except by our libs, which care about the
extended security bit */
setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
setup.in.credentials = cmdline_credentials;
- status = smb_composite_sesssetup(session2, &setup);
- CHECK_STATUS(status, NT_STATUS_OK);
+ torture_comment(tctx, "vuid1=%d vuid2=%d vuid3=%d\n",
cli->session->vuid, session->vuid, vuid3);
- session2->vuid = setup.out.vuid;
- torture_comment(tctx, "vuid1=%d vuid2=%d vuid3=%d\n",
cli->session->vuid, session->vuid, session2->vuid);
-
+ status = smb_composite_sesssetup(session2, &setup);
if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
- /* Samba4 currently fails this - we need to determine if this
insane behaviour is important */
- if (session2->vuid == session->vuid) {
- torture_comment(tctx, "server allows the user to re-use
an existing vuid in session setup \n");
- }
+ CHECK_STATUS(status, NT_STATUS_DOS(ERRSRV, ERRbaduid));
} else {
- CHECK_NOT_VALUE(session2->vuid, session->vuid);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ session2->vuid = setup.out.vuid;
+ CHECK_NOT_VALUE(session2->vuid, vuid3);
}
+
+ torture_comment(tctx, "vuid1=%d vuid2=%d vuid3=%d=>%d (%s)\n",
+ cli->session->vuid, session->vuid,
+ vuid3, session2->vuid, nt_errstr(status));
+
talloc_free(session2);
if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
torture_comment(tctx, "create a fourth security context on the
same transport, without extended security\n");
session3 = smbcli_session_init(cli->transport, tctx, false,
options);
- session3->vuid = session->vuid;
+ session3->vuid = vuid3;
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non
extended security login (should fail) */
setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
@@ -144,7 +158,7 @@ static bool test_session(struct torture_context *tctx,
torture_comment(tctx, "create a fouth anonymous security
context on the same transport, without extended security\n");
session4 = smbcli_session_init(cli->transport, tctx, false,
options);
- session4->vuid = session->vuid;
+ session4->vuid = vuid3;
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non
extended security login (should fail) */
setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
@@ -210,6 +224,7 @@ static bool test_session(struct torture_context *tctx,
torture_comment(tctx, "second logoff for the new vuid should fail\n");
status = smb_raw_ulogoff(session);
CHECK_STATUS(status, NT_STATUS_DOS(ERRSRV, ERRbaduid));
+ talloc_free(tree);
talloc_free(session);
torture_comment(tctx, "the fnum should have been auto-closed\n");
@@ -246,9 +261,6 @@ static bool test_session(struct torture_context *tctx,
CHECK_STATUS(status, NT_STATUS_OK);
}
-
- talloc_free(tree);
-
done:
return ret;
}
--
Samba Shared Repository
