[SCM] Samba Shared Repository - branch v4-0-test updated -
release-4-0-0alpha5-269-g6d8fd4c
Stefan Metzmacher
metze at samba.org
Thu Aug 14 11:16:31 GMT 2008
The branch, v4-0-test has been updated
via 6d8fd4c0089d7e632ec91027a77321aca8c6acc7 (commit)
via ba9d0f6b3c60346df757e7c4c3f5704c0bf26d11 (commit)
via d7d4df78c1de19d0cd7a63daaa2fa0863a243a12 (commit)
via cbd585d2a1e179615eba773cb07385524369c686 (commit)
via 3ea08d430370717463ffab44fed9c42db1002d97 (commit)
via 3c6cadf76861d6522c5ec41953df1ba2fac4910d (commit)
via 14eda93aeface307e1ffd1ea012d8f236fa78290 (commit)
from 43e43dead030f6bffd06631007fdb162c3c6b2b5 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit 6d8fd4c0089d7e632ec91027a77321aca8c6acc7
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Aug 14 13:12:07 2008 +0200
SMB2-CREATE: add a special test for FILE_ATTRIBUTE_ENCRYPTED
Some standalone server (and samba4) doesn't support this.
metze
commit ba9d0f6b3c60346df757e7c4c3f5704c0bf26d11
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Aug 14 09:54:51 2008 +0200
SMB2-CREATE: be more strict in checking file attributes
metze
commit d7d4df78c1de19d0cd7a63daaa2fa0863a243a12
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Aug 14 09:54:22 2008 +0200
SMB2-CREATE: be more strict in error checking
metze
commit cbd585d2a1e179615eba773cb07385524369c686
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Aug 14 09:52:45 2008 +0200
ntvfs_generic: fix handling of create_options for SMB2
metze
commit 3ea08d430370717463ffab44fed9c42db1002d97
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Aug 14 12:48:37 2008 +0200
libcli/smb2: add SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASK
SMB2 returns NOT_SUPPORTED to some more NTCREATE_OPTIONS.
metze
commit 3c6cadf76861d6522c5ec41953df1ba2fac4910d
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Aug 14 12:37:31 2008 +0200
pvfs: fix handling of create_option flags
metze
commit 14eda93aeface307e1ffd1ea012d8f236fa78290
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Aug 14 12:44:25 2008 +0200
libcli/raw: fix the special NTCREATE_OPTIONS_*_MASK values
We now reuse ignored values for the ntvfs backend private flags.
metze
-----------------------------------------------------------------------
Summary of changes:
source/libcli/raw/smb.h | 27 ++++++++++++----
source/libcli/smb2/smb2.h | 4 ++-
source/ntvfs/ntvfs_generic.c | 10 ++----
source/ntvfs/posix/pvfs_open.c | 14 +++++++-
source/torture/smb2/create.c | 63 +++++++++++++++++++++++++++++++--------
5 files changed, 89 insertions(+), 29 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/libcli/raw/smb.h b/source/libcli/raw/smb.h
index 8663792..d4091ac 100644
--- a/source/libcli/raw/smb.h
+++ b/source/libcli/raw/smb.h
@@ -167,17 +167,30 @@
#define NTCREATEX_OPTIONS_NO_RECALL 0x00400000
/* Must be ignored by the server, per MS-SMB 2.2.8 */
#define NTCREATEX_OPTIONS_FREE_SPACE_QUERY 0x00800000
-/* create options these bits are for private use by backends, they are
- not valid on the wire */
-#define NTCREATEX_OPTIONS_PRIVATE_MASK 0xFF000000
-#define NTCREATEX_OPTIONS_PRIVATE_DENY_DOS 0x01000000
-#define NTCREATEX_OPTIONS_PRIVATE_DENY_FCB 0x02000000
-#define NTCREATEX_OPTIONS_MUST_IGNORE_MASK ( NTCREATEX_OPTIONS_TREE_CONNECTION | NTCREATEX_OPTIONS_COMPLETE_IF_OPLOCKED | NTCREATEX_OPTIONS_OPEN_FOR_RECOVERY | NTCREATEX_OPTIONS_FREE_SPACE_QUERY | NTCREATEX_OPTIONS_OPFILTER )
+#define NTCREATEX_OPTIONS_MUST_IGNORE_MASK (NTCREATEX_OPTIONS_TREE_CONNECTION | \
+ NTCREATEX_OPTIONS_OPEN_FOR_RECOVERY | \
+ NTCREATEX_OPTIONS_FREE_SPACE_QUERY | \
+ 0x000F0000)
-#define NTCREATEX_OPTIONS_NOT_SUPPORTED_MASK (0x000F0000 | NTCREATEX_OPTIONS_OPEN_BY_FILE_ID)
+#define NTCREATEX_OPTIONS_NOT_SUPPORTED_MASK (NTCREATEX_OPTIONS_OPEN_BY_FILE_ID)
+#define NTCREATEX_OPTIONS_INVALID_PARAM_MASK (NTCREATEX_OPTIONS_OPFILTER | \
+ NTCREATEX_OPTIONS_SYNC_ALERT | \
+ NTCREATEX_OPTIONS_ASYNC_ALERT | \
+ NTCREATEX_OPTIONS_OPFILTER | \
+ 0xFF000000)
+/*
+ * We reuse some ignored flags for private use.
+ * This values have different meaning for some ntvfs backends.
+ *
+ * TODO: use values that are ignore for sure...
+ */
+#define NTCREATEX_OPTIONS_PRIVATE_DENY_DOS 0x00010000
+#define NTCREATEX_OPTIONS_PRIVATE_DENY_FCB 0x00020000
+#define NTCREATEX_OPTIONS_PRIVATE_MASK (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS | \
+ NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)
/* ntcreatex impersonation field */
#define NTCREATEX_IMPERSONATION_ANONYMOUS 0
diff --git a/source/libcli/smb2/smb2.h b/source/libcli/smb2/smb2.h
index 5d6341a..f00107d 100644
--- a/source/libcli/smb2/smb2.h
+++ b/source/libcli/smb2/smb2.h
@@ -276,7 +276,9 @@ struct smb2_request {
#define SMB2_CREATE_TAG_TWRP "TWrp"
#define SMB2_CREATE_TAG_QFID "QFid"
-
+/* SMB2 Create ignore some more create_options */
+#define SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASK (NTCREATEX_OPTIONS_TREE_CONNECTION | \
+ NTCREATEX_OPTIONS_OPFILTER)
/*
check that a body has the expected size
diff --git a/source/ntvfs/ntvfs_generic.c b/source/ntvfs/ntvfs_generic.c
index 4f3a7e2..c34bb71 100644
--- a/source/ntvfs/ntvfs_generic.c
+++ b/source/ntvfs/ntvfs_generic.c
@@ -532,16 +532,14 @@ NTSTATUS ntvfs_map_open(struct ntvfs_module_context *ntvfs,
}
/* we need to check these bits before we check the private mask */
- if (io2->generic.in.create_options & NTCREATEX_OPTIONS_NOT_SUPPORTED_MASK) {
+ if (io2->generic.in.create_options & SMB2_CREATE_OPTIONS_NOT_SUPPORTED_MASK) {
status = NT_STATUS_NOT_SUPPORTED;
break;
}
- /* we use a couple of bits of the create options internally */
- if (io2->generic.in.create_options & NTCREATEX_OPTIONS_PRIVATE_MASK) {
- status = NT_STATUS_INVALID_PARAMETER;
- break;
- }
+ /* TODO: find out why only SMB2 ignores these */
+ io2->generic.in.create_options &= ~NTCREATEX_OPTIONS_SYNC_ALERT;
+ io2->generic.in.create_options &= ~NTCREATEX_OPTIONS_ASYNC_ALERT;
status = ntvfs->ops->open(ntvfs, req, io2);
break;
diff --git a/source/ntvfs/posix/pvfs_open.c b/source/ntvfs/posix/pvfs_open.c
index 6114b20..c127885 100644
--- a/source/ntvfs/posix/pvfs_open.c
+++ b/source/ntvfs/posix/pvfs_open.c
@@ -1181,6 +1181,7 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
int fd;
struct odb_lock *lck;
uint32_t create_options;
+ uint32_t create_options_must_ignore_mask;
uint32_t share_access;
uint32_t access_mask;
uint32_t create_action = NTCREATEX_ACTION_EXISTED;
@@ -1206,13 +1207,22 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
return NT_STATUS_INVALID_PARAMETER;
}
- /* These options are ignored */
- create_options &= ~NTCREATEX_OPTIONS_MUST_IGNORE_MASK;
+ /*
+ * These options are ignored,
+ * but we reuse some of them as private values for the generic mapping
+ */
+ create_options_must_ignore_mask = NTCREATEX_OPTIONS_MUST_IGNORE_MASK;
+ create_options_must_ignore_mask &= ~NTCREATEX_OPTIONS_PRIVATE_MASK;
+ create_options &= ~create_options_must_ignore_mask;
if (create_options & NTCREATEX_OPTIONS_NOT_SUPPORTED_MASK) {
return NT_STATUS_NOT_SUPPORTED;
}
+ if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
/* TODO: When we implement HSM, add a hook here not to pull
* the actual file off tape, when this option is passed from
* the client */
diff --git a/source/torture/smb2/create.c b/source/torture/smb2/create.c
index 744c5d2..4d1b4a7 100644
--- a/source/torture/smb2/create.c
+++ b/source/torture/smb2/create.c
@@ -52,8 +52,9 @@ static bool test_create_gentest(struct torture_context *torture, struct smb2_tre
struct smb2_create io;
NTSTATUS status;
TALLOC_CTX *tmp_ctx = talloc_new(tree);
- uint32_t access_mask, file_attributes, file_attributes_set, denied_mask;
+ uint32_t access_mask, file_attributes_set;
uint32_t ok_mask, not_supported_mask, invalid_parameter_mask;
+ uint32_t not_a_directory_mask, unexpected_mask;
union smb_fileinfo q;
ZERO_STRUCT(io);
@@ -104,7 +105,11 @@ static bool test_create_gentest(struct torture_context *torture, struct smb2_tre
io.in.file_attributes = 0;
io.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
- ok_mask = not_supported_mask = invalid_parameter_mask = 0;
+ ok_mask = 0;
+ not_supported_mask = 0;
+ invalid_parameter_mask = 0;
+ not_a_directory_mask = 0;
+ unexpected_mask = 0;
{
int i;
for (i=0;i<32;i++) {
@@ -117,11 +122,14 @@ static bool test_create_gentest(struct torture_context *torture, struct smb2_tre
not_supported_mask |= 1<<i;
} else if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
invalid_parameter_mask |= 1<<i;
+ } else if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_A_DIRECTORY)) {
+ not_a_directory_mask |= 1<<i;
} else if (NT_STATUS_EQUAL(status, NT_STATUS_OK)) {
ok_mask |= 1<<i;
status = smb2_util_close(tree, io.out.file.handle);
CHECK_STATUS(status, NT_STATUS_OK);
} else {
+ unexpected_mask |= 1<<i;
printf("create option 0x%08x returned %s\n", 1<<i, nt_errstr(status));
}
}
@@ -129,8 +137,10 @@ static bool test_create_gentest(struct torture_context *torture, struct smb2_tre
io.in.create_options = 0;
CHECK_EQUAL(ok_mask, 0x00efcf7e);
+ CHECK_EQUAL(not_a_directory_mask, 0x00000001);
CHECK_EQUAL(not_supported_mask, 0x00102080);
CHECK_EQUAL(invalid_parameter_mask, 0xff000000);
+ CHECK_EQUAL(unexpected_mask, 0x00000000);
io.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
io.in.file_attributes = 0;
@@ -156,31 +166,58 @@ static bool test_create_gentest(struct torture_context *torture, struct smb2_tre
io.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
io.in.file_attributes = 0;
- file_attributes = 0;
+ ok_mask = 0;
+ invalid_parameter_mask = 0;
+ unexpected_mask = 0;
file_attributes_set = 0;
- denied_mask = 0;
{
int i;
for (i=0;i<32;i++) {
io.in.file_attributes = 1<<i;
+ if (io.in.file_attributes & FILE_ATTRIBUTE_ENCRYPTED) {
+ continue;
+ }
smb2_deltree(tree, FNAME);
status = smb2_create(tree, tmp_ctx, &io);
if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
- file_attributes |= io.in.file_attributes;
- } else if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
- denied_mask |= io.in.file_attributes;
- } else {
- CHECK_STATUS(status, NT_STATUS_OK);
+ invalid_parameter_mask |= 1<<i;
+ } else if (NT_STATUS_IS_OK(status)) {
+ uint32_t expected;
+ ok_mask |= 1<<i;
+
+ expected = (io.in.file_attributes | FILE_ATTRIBUTE_ARCHIVE) & 0x00005127;
+ CHECK_EQUAL(io.out.file_attr, expected);
+ file_attributes_set |= io.out.file_attr;
+
status = smb2_util_close(tree, io.out.file.handle);
CHECK_STATUS(status, NT_STATUS_OK);
- file_attributes_set |= io.out.file_attr;
+ } else {
+ unexpected_mask |= 1<<i;
+ printf("file attribute 0x%08x returned %s\n", 1<<i, nt_errstr(status));
}
}
}
- CHECK_EQUAL(file_attributes, 0xffff8048);
- CHECK_EQUAL(denied_mask, 0x4000);
- CHECK_EQUAL(file_attributes_set, 0x00001127);
+ CHECK_EQUAL(ok_mask, 0x00003fb7);
+ CHECK_EQUAL(invalid_parameter_mask, 0xffff8048);
+ CHECK_EQUAL(unexpected_mask, 0x00000000);
+ CHECK_EQUAL(file_attributes_set, 0x00001127);
+
+ smb2_deltree(tree, FNAME);
+
+ /*
+ * Standalone servers doesn't support encryption
+ */
+ io.in.file_attributes = FILE_ATTRIBUTE_ENCRYPTED;
+ status = smb2_create(tree, tmp_ctx, &io);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ printf("FILE_ATTRIBUTE_ENCRYPTED returned %s\n", nt_errstr(status));
+ } else {
+ CHECK_STATUS(status, NT_STATUS_OK);
+ CHECK_EQUAL(io.out.file_attr, (FILE_ATTRIBUTE_ENCRYPTED | FILE_ATTRIBUTE_ARCHIVE));
+ status = smb2_util_close(tree, io.out.file.handle);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ }
smb2_deltree(tree, FNAME);
--
Samba Shared Repository
More information about the samba-cvs
mailing list