[SCM] Samba Shared Repository - branch master updated
Michael Adam
obnox at samba.org
Tue May 8 12:46:03 MDT 2012
The branch, master has been updated
via d36aecc s4:libcli:raw: fix a comment typo in smb_setfileinfo()
via 6713ebf s4:torture: add a new smb2.session.reauth5 test: rename after reauth to anon - fails
via 35009eb s4:torture: add a new smb2.session.reauth4 test: setting security descriptor after reauth to anon - works
from 4cc04a2 s3-docs: Fix bug #7930.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit d36aecc9c5211ce1c4cd76380e3a9a966d248bce
Author: Michael Adam <obnox at samba.org>
Date: Tue May 8 16:46:03 2012 +0200
s4:libcli:raw: fix a comment typo in smb_setfileinfo()
Autobuild-User: Michael Adam <obnox at samba.org>
Autobuild-Date: Tue May 8 20:45:16 CEST 2012 on sn-devel-104
commit 6713ebfd6059fbad0cf0bceeccf8f5d5c83eb3a7
Author: Michael Adam <obnox at samba.org>
Date: Tue May 8 16:45:10 2012 +0200
s4:torture: add a new smb2.session.reauth5 test: rename after reauth to anon - fails
commit 35009eb3a964b3728c11c93fed8eaee9a0adc97f
Author: Michael Adam <obnox at samba.org>
Date: Tue May 8 16:44:06 2012 +0200
s4:torture: add a new smb2.session.reauth4 test: setting security descriptor after reauth to anon - works
-----------------------------------------------------------------------
Summary of changes:
source4/libcli/raw/interfaces.h | 2 +-
source4/torture/smb2/session.c | 350 +++++++++++++++++++++++++++++++++++++++
2 files changed, 351 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h
index 1f913b7..05dea50 100644
--- a/source4/libcli/raw/interfaces.h
+++ b/source4/libcli/raw/interfaces.h
@@ -1140,7 +1140,7 @@ union smb_setfileinfo {
} in;
} unix_link, unix_hlink;
- /* RAW_FILEINFO_SET_SEC_DESC */
+ /* RAW_SFILEINFO_SEC_DESC */
struct {
enum smb_setfileinfo_level level;
struct {
diff --git a/source4/torture/smb2/session.c b/source4/torture/smb2/session.c
index 8386241..1f27222 100644
--- a/source4/torture/smb2/session.c
+++ b/source4/torture/smb2/session.c
@@ -27,6 +27,7 @@
#include "../libcli/smb/smbXcli_base.h"
#include "lib/cmdline/popt_common.h"
#include "auth/credentials/credentials.h"
+#include "libcli/security/security.h"
#define CHECK_VAL(v, correct) do { \
@@ -380,6 +381,353 @@ done:
return ret;
}
+/**
+ * test setting security descriptor after reauth.
+ */
+bool test_session_reauth4(struct torture_context *tctx, struct smb2_tree *tree)
+{
+ NTSTATUS status;
+ TALLOC_CTX *mem_ctx = talloc_new(tctx);
+ char fname[256];
+ struct smb2_handle _h1;
+ struct smb2_handle *h1 = NULL;
+ struct smb2_create io1;
+ bool ret = true;
+ union smb_fileinfo qfinfo;
+ union smb_setfileinfo sfinfo;
+ struct cli_credentials *anon_creds = NULL;
+ uint32_t secinfo_flags = SECINFO_OWNER
+ | SECINFO_GROUP
+ | SECINFO_DACL
+ | SECINFO_PROTECTED_DACL
+ | SECINFO_UNPROTECTED_DACL;
+ struct security_descriptor *sd1, *sd2, sd3;
+ struct security_ace ace;
+ struct dom_sid *extra_sid;
+
+ /* Add some random component to the file name. */
+ snprintf(fname, 256, "session_reauth4_%s.dat",
+ generate_random_str(tctx, 8));
+
+ smb2_util_unlink(tree, fname);
+
+ smb2_oplock_create_share(&io1, fname,
+ smb2_util_share_access(""),
+ smb2_util_oplock_level("b"));
+
+ status = smb2_create(tree, mem_ctx, &io1);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ _h1 = io1.out.file.handle;
+ h1 = &_h1;
+ CHECK_CREATED(&io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
+ CHECK_VAL(io1.out.oplock_level, smb2_util_oplock_level("b"));
+
+ /* get the security descriptor */
+
+ ZERO_STRUCT(qfinfo);
+
+ qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
+ qfinfo.query_secdesc.in.file.handle = _h1;
+ qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
+
+ status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ sd1 = qfinfo.query_secdesc.out.sd;
+
+ /* re-authenticate as anonymous */
+
+ anon_creds = cli_credentials_init_anon(mem_ctx);
+ torture_assert(tctx, (anon_creds != NULL), "talloc error");
+
+ status = smb2_session_setup_spnego(tree->session,
+ anon_creds,
+ 0 /* previous_session_id */);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ /* give full access on the file to anonymous */
+
+ extra_sid = dom_sid_parse_talloc(tctx, SID_NT_ANONYMOUS);
+
+ ZERO_STRUCT(ace);
+ ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
+ ace.flags = 0;
+ ace.access_mask = SEC_STD_ALL | SEC_FILE_ALL;
+ ace.trustee = *extra_sid;
+
+ status = security_descriptor_dacl_add(sd1, &ace);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ ZERO_STRUCT(sfinfo);
+ sfinfo.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
+ sfinfo.set_secdesc.in.file.handle = _h1;
+ sfinfo.set_secdesc.in.secinfo_flags = SECINFO_DACL;
+ sfinfo.set_secdesc.in.sd = sd1;
+
+ status = smb2_setinfo_file(tree, &sfinfo);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ /* re-authenticate as original user again */
+
+ status = smb2_session_setup_spnego(tree->session,
+ cmdline_credentials,
+ 0 /* previous_session_id */);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ /* re-get the security descriptor */
+
+ ZERO_STRUCT(qfinfo);
+
+ qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
+ qfinfo.query_secdesc.in.file.handle = _h1;
+ qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
+
+ status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ ret = true;
+
+done:
+ if (h1 != NULL) {
+ smb2_util_close(tree, *h1);
+ }
+
+ smb2_util_unlink(tree, fname);
+
+ talloc_free(tree);
+
+ talloc_free(mem_ctx);
+
+ return ret;
+}
+
+/**
+ * test renaming after reauth.
+ * compare security descriptors before and after rename/reauth
+ */
+bool test_session_reauth5(struct torture_context *tctx, struct smb2_tree *tree)
+{
+ NTSTATUS status;
+ TALLOC_CTX *mem_ctx = talloc_new(tctx);
+ char fname[256];
+ char fname2[256];
+ struct smb2_handle _h1;
+ struct smb2_handle *h1 = NULL;
+ struct smb2_create io1;
+ bool ret = true;
+ union smb_fileinfo qfinfo;
+ union smb_setfileinfo sfinfo;
+ struct cli_credentials *anon_creds = NULL;
+ uint32_t secinfo_flags = SECINFO_OWNER
+ | SECINFO_GROUP
+ | SECINFO_DACL
+ | SECINFO_PROTECTED_DACL
+ | SECINFO_UNPROTECTED_DACL;
+ struct security_descriptor *sd1, *sd2, sd3;
+ struct security_ace ace;
+ struct dom_sid *extra_sid;
+
+ /* Add some random component to the file name. */
+ snprintf(fname, 256, "session_reauth5_%s.dat",
+ generate_random_str(tctx, 8));
+
+ smb2_util_unlink(tree, fname);
+
+ smb2_oplock_create_share(&io1, fname,
+ smb2_util_share_access(""),
+ smb2_util_oplock_level("b"));
+
+ status = smb2_create(tree, mem_ctx, &io1);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ _h1 = io1.out.file.handle;
+ h1 = &_h1;
+ CHECK_CREATED(&io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
+ CHECK_VAL(io1.out.oplock_level, smb2_util_oplock_level("b"));
+
+ /* get the security descriptor */
+
+ ZERO_STRUCT(qfinfo);
+
+ qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
+ qfinfo.query_secdesc.in.file.handle = _h1;
+ qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
+
+ status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ sd1 = qfinfo.query_secdesc.out.sd;
+
+ /* re-authenticate as anonymous */
+
+ anon_creds = cli_credentials_init_anon(mem_ctx);
+ torture_assert(tctx, (anon_creds != NULL), "talloc error");
+
+ status = smb2_session_setup_spnego(tree->session,
+ anon_creds,
+ 0 /* previous_session_id */);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ /* try to rename the file: fails */
+
+ snprintf(fname2, 256, "session_reauth5.2_%s.dat",
+ generate_random_str(tctx, 8));
+
+ smb2_util_unlink(tree, fname2);
+
+ ZERO_STRUCT(sfinfo);
+ sfinfo.rename_information.level = RAW_SFILEINFO_RENAME_INFORMATION;
+ sfinfo.rename_information.in.file.handle = _h1;
+ sfinfo.rename_information.in.overwrite = true;
+ sfinfo.rename_information.in.new_name = fname2;
+
+ status = smb2_setinfo_file(tree, &sfinfo);
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+
+ /* re-authenticate as original user again */
+
+ status = smb2_session_setup_spnego(tree->session,
+ cmdline_credentials,
+ 0 /* previous_session_id */);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ /* give full access on the file to anonymous */
+
+ extra_sid = dom_sid_parse_talloc(tctx, SID_NT_ANONYMOUS);
+
+ ZERO_STRUCT(ace);
+ ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
+ ace.flags = 0;
+ ace.access_mask = SEC_STD_ALL | SEC_FILE_ALL;
+ ace.trustee = *extra_sid;
+
+ status = security_descriptor_dacl_add(sd1, &ace);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ ZERO_STRUCT(sfinfo);
+ sfinfo.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
+ sfinfo.set_secdesc.in.file.handle = _h1;
+ sfinfo.set_secdesc.in.secinfo_flags = secinfo_flags;
+ sfinfo.set_secdesc.in.sd = sd1;
+
+ status = smb2_setinfo_file(tree, &sfinfo);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ /* re-get the security descriptor */
+
+ ZERO_STRUCT(qfinfo);
+
+ qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
+ qfinfo.query_secdesc.in.file.handle = _h1;
+ qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
+
+ status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ /* re-authenticate as anonymous - again */
+
+ anon_creds = cli_credentials_init_anon(mem_ctx);
+ torture_assert(tctx, (anon_creds != NULL), "talloc error");
+
+ status = smb2_session_setup_spnego(tree->session,
+ anon_creds,
+ 0 /* previous_session_id */);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ /* try to rename the file: fails */
+
+ snprintf(fname2, 256, "session_reauth3.2_%s.dat",
+ generate_random_str(tctx, 8));
+
+ smb2_util_unlink(tree, fname2);
+
+ ZERO_STRUCT(sfinfo);
+ sfinfo.rename_information.level = RAW_SFILEINFO_RENAME_INFORMATION;
+ sfinfo.rename_information.in.file.handle = _h1;
+ sfinfo.rename_information.in.overwrite = true;
+ sfinfo.rename_information.in.new_name = fname2;
+
+ status = smb2_setinfo_file(tree, &sfinfo);
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+
+ /* re-authenticate as original user - again */
+
+ status = smb2_session_setup_spnego(tree->session,
+ cmdline_credentials,
+ 0 /* previous_session_id */);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ /* rename the file - for verification that it works */
+
+ ZERO_STRUCT(sfinfo);
+ sfinfo.rename_information.level = RAW_SFILEINFO_RENAME_INFORMATION;
+ sfinfo.rename_information.in.file.handle = _h1;
+ sfinfo.rename_information.in.overwrite = true;
+ sfinfo.rename_information.in.new_name = fname2;
+
+ status = smb2_setinfo_file(tree, &sfinfo);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ /* closs the file, check it is gone and reopen under the new name */
+
+ smb2_util_close(tree, _h1);
+
+ ZERO_STRUCT(io1);
+
+ smb2_generic_create_share(&io1,
+ NULL /* lease */, false /* dir */,
+ fname,
+ NTCREATEX_DISP_OPEN,
+ smb2_util_share_access(""),
+ smb2_util_oplock_level("b"),
+ 0 /* leasekey */, 0 /* leasestate */);
+
+ status = smb2_create(tree, mem_ctx, &io1);
+ CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
+
+ ZERO_STRUCT(io1);
+
+ smb2_generic_create_share(&io1,
+ NULL /* lease */, false /* dir */,
+ fname2,
+ NTCREATEX_DISP_OPEN,
+ smb2_util_share_access(""),
+ smb2_util_oplock_level("b"),
+ 0 /* leasekey */, 0 /* leasestate */);
+
+ status = smb2_create(tree, mem_ctx, &io1);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ _h1 = io1.out.file.handle;
+ h1 = &_h1;
+ CHECK_CREATED(&io1, EXISTED, FILE_ATTRIBUTE_ARCHIVE);
+ CHECK_VAL(io1.out.oplock_level, smb2_util_oplock_level("b"));
+
+ /* try to access the file via the old handle */
+
+ ZERO_STRUCT(qfinfo);
+
+ qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
+ qfinfo.query_secdesc.in.file.handle = _h1;
+ qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
+
+ status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ sd2 = qfinfo.query_secdesc.out.sd;
+
+done:
+ if (h1 != NULL) {
+ smb2_util_close(tree, *h1);
+ }
+
+ smb2_util_unlink(tree, fname);
+
+ talloc_free(tree);
+
+ talloc_free(mem_ctx);
+
+ return ret;
+}
+
struct torture_suite *torture_smb2_session_init(void)
{
struct torture_suite *suite =
@@ -389,6 +737,8 @@ struct torture_suite *torture_smb2_session_init(void)
torture_suite_add_1smb2_test(suite, "reauth1", test_session_reauth1);
torture_suite_add_1smb2_test(suite, "reauth2", test_session_reauth2);
torture_suite_add_1smb2_test(suite, "reauth3", test_session_reauth3);
+ torture_suite_add_1smb2_test(suite, "reauth4", test_session_reauth4);
+ torture_suite_add_1smb2_test(suite, "reauth5", test_session_reauth5);
suite->description = talloc_strdup(suite, "SMB2-SESSION tests");
--
Samba Shared Repository
More information about the samba-cvs
mailing list