[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-1092-gdeeeae3

Jeremy Allison jra at samba.org
Sat Jan 5 00:10:23 GMT 2008 

The branch, v3-2-test has been updated
       via  deeeae3ee96f7207a49e1edaa876410b77c33458 (commit)
       via  e85b346f3d73f50d6dea19ffb6cca1180345e687 (commit)
      from  8f36def18e9f980e8db522e1de41e80cfd5f466e (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -----------------------------------------------------------------
commit deeeae3ee96f7207a49e1edaa876410b77c33458
Author: Jeremy Allison <jra at samba.org>
Date:   Fri Jan 4 16:09:48 2008 -0800

    Added -e tests for S3 smbtorture.
    Jeremy.

commit e85b346f3d73f50d6dea19ffb6cca1180345e687
Author: Jeremy Allison <jra at samba.org>
Date:   Fri Jan 4 16:09:24 2008 -0800

    Added -e option to smbtorture to test encrypted versions
    of the tests.
    Jeremy.

-----------------------------------------------------------------------

Summary of changes:
 source/script/tests/test_smbtorture_s3.sh |    2 +
 source/torture/torture.c                  |   61 ++++++++++++++++++++++++++++-
 2 files changed, 62 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/script/tests/test_smbtorture_s3.sh b/source/script/tests/test_smbtorture_s3.sh
index f662eac..e655381 100755
--- a/source/script/tests/test_smbtorture_s3.sh
+++ b/source/script/tests/test_smbtorture_s3.sh
@@ -43,6 +43,8 @@ for t in $tests; do
     start=""
     name="$t"
     testit "$name" $VALGRIND $BINDIR/smbtorture $ADDARGS $unc -U"$username"%"$password" $t || failed=`expr $failed + 1`
+    echo "testing encrypted connection"
+    testit "$name" $VALGRIND $BINDIR/smbtorture $ADDARGS $unc -U"$username"%"$password" -e $t || failed=`expr $failed + 1`
 done
 
 testok $0 $failed
diff --git a/source/torture/torture.c b/source/torture/torture.c
index 082949e..05b4141 100644
--- a/source/torture/torture.c
+++ b/source/torture/torture.c
@@ -37,6 +37,7 @@ static const char *client_txt = "client_oplocks.txt";
 static bool use_kerberos;
 static fstring multishare_conn_fname;
 static bool use_multishare_conn = False;
+static bool do_encrypt;
 
 bool torture_showall = False;
 
@@ -95,6 +96,57 @@ void *shm_setup(int size)
 	return ret;
 }
 
+/********************************************************************
+ Ensure a connection is encrypted.
+********************************************************************/
+
+static bool force_cli_encryption(struct cli_state *c,
+			const char *sharename)
+{
+	uint16 major, minor;
+	uint32 caplow, caphigh;
+	NTSTATUS status;
+
+	if (!SERVER_HAS_UNIX_CIFS(c)) {
+		d_printf("Encryption required and "
+			"server that doesn't support "
+			"UNIX extensions - failing connect\n");
+			return false;
+	}
+
+	if (!cli_unix_extensions_version(c, &major, &minor, &caplow, &caphigh)) {
+		d_printf("Encryption required and "
+			"can't get UNIX CIFS extensions "
+			"version from server.\n");
+		return false;
+	}
+
+	if (!(caplow & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)) {
+		d_printf("Encryption required and "
+			"share %s doesn't support "
+			"encryption.\n", sharename);
+		return false;
+	}
+
+	if (c->use_kerberos) {
+		status = cli_gss_smb_encryption_start(c);
+	} else {
+		status = cli_raw_ntlm_smb_encryption_start(c,
+						username,
+						password,
+						workgroup);
+	}
+
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("Encryption required and "
+			"setup failed with error %s.\n",
+			nt_errstr(status));
+		return false;
+	}
+
+	return true;
+}
+
 
 static struct cli_state *open_nbt_connection(void)
 {
@@ -235,6 +287,10 @@ static bool torture_open_connection_share(struct cli_state **c,
 	if (use_level_II_oplocks) (*c)->use_level_II_oplocks = True;
 	(*c)->timeout = 120000; /* set a really long timeout (2 minutes) */
 
+	if (do_encrypt) {
+		return force_cli_encryption(*c,
+					sharename);
+	}
 	return True;
 }
 
@@ -5425,7 +5481,7 @@ static void usage(void)
 
 	fstrcpy(workgroup, lp_workgroup());
 
-	while ((opt = getopt(argc, argv, "p:hW:U:n:N:O:o:m:Ld:Ac:ks:b:")) != EOF) {
+	while ((opt = getopt(argc, argv, "p:hW:U:n:N:O:o:m:Ld:Aec:ks:b:")) != EOF) {
 		switch (opt) {
 		case 'p':
 			port_to_use = atoi(optarg);
@@ -5463,6 +5519,9 @@ static void usage(void)
 		case 'c':
 			client_txt = optarg;
 			break;
+		case 'e':
+			do_encrypt = true;
+			break;
 		case 'k':
 #ifdef HAVE_KRB5
 			use_kerberos = True;


-- 
Samba Shared Repository

More information about the samba-cvs mailing list