The branch, master has been updated
via 5c219a1 s4:torture: Add raw.session.reauth2 test
via 61e023b s4:torture: rename raw.session.reauth => raw.session.reauth1
via d58f7cd s3:smbd: allow creating new spnego sessions only with a 0
vuid
via 84ce448 s3:smbd: SMBtdis should return ERRSRV, ERRinvnid instead of
NETWORK_NAME_DELETED
via d79b46f selftest/Samba3: add 'smbd:suicide mode = yes'
from 7db6374 s3:idmap_cache: improve checks for format of value string
in idmap_cache_find_sid2unixid()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 5c219a1c5cc9450743c946aeb4a2b99e58f15b2d
Author: Volker Lendecke <[email protected]>
Date: Wed May 2 15:54:03 2012 +0200
s4:torture: Add raw.session.reauth2 test
Signed-off-by: Stefan Metzmacher <[email protected]>
Autobuild-User: Stefan Metzmacher <[email protected]>
Autobuild-Date: Fri May 18 18:25:42 CEST 2012 on sn-devel-104
commit 61e023bbf6c6918e58d272c32261c65c88b0fe97
Author: Stefan Metzmacher <[email protected]>
Date: Fri May 18 13:39:48 2012 +0200
s4:torture: rename raw.session.reauth => raw.session.reauth1
metze
commit d58f7cd5469baba5b47bbd6923103aa4c6b42c91
Author: Stefan Metzmacher <[email protected]>
Date: Thu May 3 16:13:08 2012 +0200
s3:smbd: allow creating new spnego sessions only with a 0 vuid
Found by the raw.context test.
metze
commit 84ce4484e7cee8a1d32da698a23941d2ed429b0c
Author: Stefan Metzmacher <[email protected]>
Date: Thu May 3 15:53:56 2012 +0200
s3:smbd: SMBtdis should return ERRSRV, ERRinvnid instead of
NETWORK_NAME_DELETED
Found by the raw.context test.
metze
commit d79b46f358d7e6fd942bb0f3da2174455e9b1740
Author: Stefan Metzmacher <[email protected]>
Date: Thu May 17 01:06:29 2012 +0200
selftest/Samba3: add 'smbd:suicide mode = yes'
metze
-----------------------------------------------------------------------
Summary of changes:
selftest/target/Samba3.pm | 1 +
source3/smbd/reply.c | 2 +-
source3/smbd/sesssetup.c | 5 ++
source4/torture/raw/session.c | 148 ++++++++++++++++++++++++++++++++++++++++-
4 files changed, 152 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 04026be..d55c6d7 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -845,6 +845,7 @@ sub provision($$$$$$)
interfaces = $server_ip/8
bind interfaces only = yes
panic action = $self->{srcdir}/selftest/gdb_backtrace %d
%\$(MAKE_TEST_BINARY)
+ smbd:suicide mode = yes
workgroup = $domain
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index dc43106..45f761c 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -5058,7 +5058,7 @@ void reply_tdis(struct smb_request *req)
if (!conn) {
DEBUG(4,("Invalid connection in tdis\n"));
- reply_nterror(req, NT_STATUS_NETWORK_NAME_DELETED);
+ reply_force_doserror(req, ERRSRV, ERRinvnid);
END_PROFILE(SMBtdis);
return;
}
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 7d1535a..f9ba976 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -202,6 +202,11 @@ static void reply_sesssetup_and_X_spnego(struct
smb_request *req)
/* Do we have a valid vuid now ? */
if (!is_partial_auth_vuid(sconn, vuid)) {
+ if (vuid != 0) {
+ reply_force_doserror(req, ERRSRV, ERRbaduid);
+ return;
+ }
+
/* No, start a new authentication setup. */
vuid = register_initial_vuid(sconn);
if (vuid == UID_FIELD_INVALID) {
diff --git a/source4/torture/raw/session.c b/source4/torture/raw/session.c
index 3402693..21fb4da 100644
--- a/source4/torture/raw/session.c
+++ b/source4/torture/raw/session.c
@@ -25,10 +25,11 @@
#include "lib/cmdline/popt_common.h"
#include "param/param.h"
#include "torture/util.h"
+#include "auth/credentials/credentials.h"
-static bool test_session_reauth(struct torture_context *tctx,
- struct smbcli_state *cli)
+static bool test_session_reauth1(struct torture_context *tctx,
+ struct smbcli_state *cli)
{
NTSTATUS status;
struct smb_composite_sesssetup io;
@@ -82,12 +83,153 @@ done:
return ok;
}
+static bool test_session_reauth2_oplock_timeout(
+ struct smbcli_transport *transport, uint16_t tid, uint16_t fnum,
+ uint8_t level, void *private_data)
+{
+ return true;
+}
+
+static bool test_session_reauth2(struct torture_context *tctx,
+ struct smbcli_state *cli)
+{
+ char *random_string;
+ char *fname;
+ union smb_open io_open;
+ struct smb_composite_sesssetup io_sesssetup;
+ union smb_fileinfo io_qsecdesc;
+ struct smbcli_request *req;
+ struct cli_credentials *anon_creds;
+ NTSTATUS status;
+ uint16_t fnum;
+ ssize_t nwritten;
+ uint16_t vuid1 = cli->session->vuid;
+
+ random_string = generate_random_str(tctx, 8);
+ torture_assert(tctx, (random_string != NULL),
+ "memory allocation failed");
+ fname = talloc_asprintf(tctx, "raw_session_reauth2_%s.dat",
+ random_string);
+ talloc_free(random_string);
+ torture_assert(tctx, (fname != NULL), "memory allocation failed");
+
+ smbcli_unlink(cli->tree, fname);
+ smbcli_oplock_handler(cli->transport,
+ test_session_reauth2_oplock_timeout,
+ cli->tree);
+
+ /*
+ base ntcreatex parms
+ */
+ ZERO_STRUCT(io_open);
+ io_open.generic.level = RAW_OPEN_NTCREATEX;
+ io_open.ntcreatex.in.root_fid.fnum = 0;
+ io_open.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_READ |
+ SEC_RIGHTS_FILE_WRITE | SEC_STD_DELETE;
+ io_open.ntcreatex.in.alloc_size = 0;
+ io_open.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
+ io_open.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ |
+ NTCREATEX_SHARE_ACCESS_WRITE;
+ io_open.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF;
+ io_open.ntcreatex.in.create_options = 0;
+ io_open.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
+ io_open.ntcreatex.in.security_flags = 0;
+ io_open.ntcreatex.in.fname = fname;
+
+ torture_comment(tctx, "open with batch oplock\n");
+ io_open.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED |
+ NTCREATEX_FLAGS_REQUEST_OPLOCK |
+ NTCREATEX_FLAGS_REQUEST_BATCH_OPLOCK;
+
+ status = smb_raw_open(cli->tree, tctx, &io_open);
+ torture_assert_ntstatus_ok(tctx, status, "smb_raw_open failed");
+
+ fnum = io_open.ntcreatex.out.file.fnum;
+ torture_assert(
+ tctx,
+ (io_open.ntcreatex.out.oplock_level == BATCH_OPLOCK_RETURN),
+ "did not get batch oplock");
+
+ io_open.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED;
+ req = smb_raw_open_send(cli->tree, &io_open);
+ torture_assert(tctx, (req != NULL), "memory allocation failed");
+
+ /*
+ * Make sure the open went through
+ */
+ status = smbcli_chkpath(cli->tree, "\\");
+ torture_assert_ntstatus_ok(tctx, status, "smb_chkpath failed");
+
+ status = smbcli_nt_delete_on_close(cli->tree, fnum, true);
+ torture_assert_ntstatus_ok(tctx, status, "could not set delete on "
+ "close");
+
+ anon_creds = cli_credentials_init_anon(tctx);
+ torture_assert(tctx, (anon_creds != NULL), "memory allocation failed");
+
+ ZERO_STRUCT(io_sesssetup);
+ io_sesssetup.in.sesskey = cli->transport->negotiate.sesskey;
+ io_sesssetup.in.capabilities = cli->transport->negotiate.capabilities;
+ io_sesssetup.in.credentials = anon_creds;
+ io_sesssetup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
+ io_sesssetup.in.gensec_settings = lpcfg_gensec_settings(
+ tctx, tctx->lp_ctx);
+ status = smb_composite_sesssetup(cli->session, &io_sesssetup);
+ torture_assert_ntstatus_ok(tctx, status, "setup2 failed");
+ torture_assert_int_equal(tctx, io_sesssetup.out.vuid, vuid1, "setup2");
+
+ status = smbcli_close(cli->tree, fnum);
+ torture_assert_ntstatus_ok(tctx, status, "close failed");
+
+ status = smb_raw_open_recv(req, tctx, &io_open);
+ torture_assert_ntstatus_ok(tctx, status, "2nd open failed");
+
+ fnum = io_open.ntcreatex.out.file.fnum;
+
+ nwritten = smbcli_write(cli->tree, fnum, 0, fname, 0, strlen(fname));
+ torture_assert(tctx, (nwritten == strlen(fname)),
+ "smbcli_write failed");
+
+ ZERO_STRUCT(io_qsecdesc);
+ io_qsecdesc.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
+ io_qsecdesc.query_secdesc.in.file.fnum = fnum;
+ io_qsecdesc.query_secdesc.in.secinfo_flags = SECINFO_OWNER;
+ status = smb_raw_fileinfo(cli->tree, tctx, &io_qsecdesc);
+ torture_assert_ntstatus_equal(
+ tctx, status, NT_STATUS_ACCESS_DENIED,
+ "anon qsecdesc did not return ACCESS_DENIED");
+
+ ZERO_STRUCT(io_sesssetup);
+ io_sesssetup.in.sesskey = cli->transport->negotiate.sesskey;
+ io_sesssetup.in.capabilities = cli->transport->negotiate.capabilities;
+ io_sesssetup.in.credentials = cmdline_credentials;
+ io_sesssetup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
+ io_sesssetup.in.gensec_settings = lpcfg_gensec_settings(
+ tctx, tctx->lp_ctx);
+ status = smb_composite_sesssetup(cli->session, &io_sesssetup);
+ torture_assert_ntstatus_ok(tctx, status, "setup3 failed");
+ torture_assert_int_equal(tctx, io_sesssetup.out.vuid, vuid1, "setup2");
+
+ status = smb_raw_fileinfo(cli->tree, tctx, &io_qsecdesc);
+ torture_assert_ntstatus_ok(tctx, status, "2nd qsecdesc failed");
+
+ status = smbcli_nt_delete_on_close(cli->tree, fnum, true);
+ torture_assert_ntstatus_ok(tctx, status, "could not set delete on "
+ "close");
+
+ status = smbcli_close(cli->tree, fnum);
+ torture_assert_ntstatus_ok(tctx, status, "close failed");
+
+ return true;
+}
+
struct torture_suite *torture_raw_session(TALLOC_CTX *mem_ctx)
{
struct torture_suite *suite = torture_suite_create(mem_ctx, "session");
suite->description = talloc_strdup(suite, "RAW-SESSION tests");
- torture_suite_add_1smb_test(suite, "reauth", test_session_reauth);
+ torture_suite_add_1smb_test(suite, "reauth1", test_session_reauth1);
+ torture_suite_add_1smb_test(suite, "reauth2", test_session_reauth2);
return suite;
}
--
Samba Shared Repository
