[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Apr 19 18:27:03 UTC 2019
The branch, master has been updated
via ef35d4d8cd4 s4-torture: add test to check for max. number of channels per session.
via 7a4dad60abe s4-torture: Add lease break retry tests - test4
via befac485a59 s4-torture: Add lease break retry tests - test3
via 63b4b4ce12b s4-torture: Add lease break retry tests - test2
via 311c024b4cc s4-torture: Add lease break retry tests - test1
via ee0a247a9b7 s4-torture: Add oplock break retry tests - test2
via 31c9b74d7ad s4-torture: Add oplock break retry tests - test1
via 3dc532cbe0f s4-torture: Add handlers to block channels for testing
via 018845d49cd s4-torture: Add helper functions to create channels.
via 2a5b0d5bb9b s4-torture: Add #defines required by the new tests
via 0d7d6070351 s4-torture: add torture_block/torture_unblock smb2 transport functions
via 1739468cd92 s4-torture: add test for interface information retrieval for multichannel.
via f115b53c726 s4-torture: Increase timeout for lease/oplock break handlers
via 4e685895ea1 s4-torture: Add handlers to ignore incoming oplock/lease break requests
via e1a96b1a5cf s4-torture: Add function declarations to lease_break_handler.h
via aa28477bbec s4-torture: move torture_wait_for_oplock_break() to central oplock handler.
via 7a73c56907f s4-torture: move oplock break handler out of the replay testsuite.
via 8274303f302 s4-torture: add new smb2 multichannel suite skeleton.
via 14922438972 s4-torture: include torture/util.h in lease break handler
from 9b30fcda640 s3:debug: enable logging for early startup failures
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit ef35d4d8cd4e1e8d1ad1d7ae60f1bc199f12085d
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Mon Mar 11 20:07:09 2019 +0000
s4-torture: add test to check for max. number of channels per session.
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Apr 19 18:26:18 UTC 2019 on sn-devel-144
commit 7a4dad60abeb785ccdf9c433103c4d36425cddfa
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Mon Mar 11 14:47:58 2019 +0000
s4-torture: Add lease break retry tests - test4
Test to see how the server behaves when the client flushes data back to
the server but doesn't send the lease break response over the channel.
Does it then retry the lease break?
This test is specifically expected to run against Samba and will not
work against a MS Windows servers because it uses the ignore method to
ignore oplock breaks sent by the server.
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit befac485a59ce75d52514bfeaa47c85668dfbeca
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Mon Mar 11 14:38:13 2019 +0000
s4-torture: Add lease break retry tests - test3
Check to see how the server behaves if lease break response is sent
over a different channel to one over which the break is received.
The test by default blocks channels by ignoring incoming lease break
requests on that channel. This does not work when testing against a
windows server.
Use --option=torture:use_iptables=true to use iptables to block ports
instead when testing against windows servers.
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 63b4b4ce12b4d72f0dc01d28e5cc66d979fd13d6
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Mon Mar 11 14:34:29 2019 +0000
s4-torture: Add lease break retry tests - test2
Test to check if lease breaks are sent by the server as expected.
The test by default blocks channels by ignoring incoming lease break
requests on that channel. This does not work when testing against a
windows server.
Use --option=torture:use_iptables=true to use iptables to block ports
instead when testing against windows servers.
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 311c024b4cc8507515db82f9e12ea638759657ae
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Mon Mar 11 20:05:02 2019 +0000
s4-torture: Add lease break retry tests - test1
Test to check if lease breaks are sent by the server as expected.
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit ee0a247a9b769d5e5d012b30501002b9c56ccf32
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Mon Mar 11 20:02:33 2019 +0000
s4-torture: Add oplock break retry tests - test2
Test to see if oplock break retries are sent by the server.
Also checks to see if new channels can be created and used
after an oplock break retry.
The test by default blocks channels by ignoring incoming lease break
requests on that channel. This does not work when testing against a
windows server.
Use --option=torture:use_iptables=true to use iptables to block ports
instead when testing against windows servers.
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 31c9b74d7add68dfc8dc1cb7e4234169f7d0b652
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Mon Mar 11 19:42:18 2019 +0000
s4-torture: Add oplock break retry tests - test1
Test to confirm that server sends oplock breaks as expected.
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 3dc532cbe0fd2b3314b832f5d73d09a86e241fe7
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Thu Feb 28 12:51:02 2019 +0000
s4-torture: Add handlers to block channels for testing
We use two methods to block channels
1) Simply ignore incoming oplock break requests and do not respond to
them.
This method doesn't work against Microsoft Windows based servers which
rely on the tcp stack for confirmation that the oplock break command was
sent to the client machine. This is meant to be used with samba servers
and is the default method.
2) Use iptables to block the channel.
The method requires the use of a privileged account and can only be used
on Linux systems with iptables installed. To use this blocking method,
pass the option
--option=torture:use_iptables=true
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 018845d49cd29c392127f84364698ea1722dba8b
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Thu Feb 28 12:09:08 2019 +0000
s4-torture: Add helper functions to create channels.
Helper functions used by both oplock and lease break tests.
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 2a5b0d5bb9bc354cede9657378a2af4c79614772
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Mon Mar 11 17:14:44 2019 +0000
s4-torture: Add #defines required by the new tests
New macros used by our tests.
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 0d7d6070351f79301f17f3c5edd649aee3bbe770
Author: Günther Deschner <gd at samba.org>
Date: Thu Sep 29 06:49:50 2016 +0200
s4-torture: add torture_block/torture_unblock smb2 transport functions
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 1739468cd92ac1c20fba5886857feb275cb52772
Author: Günther Deschner <gd at samba.org>
Date: Tue Jan 19 15:39:34 2016 +0100
s4-torture: add test for interface information retrieval for multichannel.
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit f115b53c7266a780ab492df483ebfa4704e3e003
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Mon May 28 17:24:54 2018 +0530
s4-torture: Increase timeout for lease/oplock break handlers
0.1 seconds is not enough when running tests against a server over the
network and are causing timing related bugs. We increase this to 1
second.
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 4e685895ea1395c53c1ef68259760a1aaf2a7fc1
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Sat Mar 16 12:25:07 2019 +0000
s4-torture: Add handlers to ignore incoming oplock/lease break requests
For use in multichannel oplock break tests. These handers ignore
incoming oplock and lease break requests so that we can test the
oplock/lease break retries on the server.
This is meant for use with samba servers which rely on receiving a reply
from the client before timeout.
Windows servers rely on underlying tcp commands to decide if the oplock
break command was delivered successfully to the client and therefore
cannot be tested with this method.
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit e1a96b1a5cf4e793cf321b3c777deb4e3e821f99
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Sat Mar 16 12:11:04 2019 +0000
s4-torture: Add function declarations to lease_break_handler.h
Do not completely depend on proto.h.
Also move torture_reset_break_info() to lease_break_handler.h so that
the layout is similar to that of oplock_break_handler.*
Signed-off-by: Sachin Prabhu <sprabhu at redhat.com>
Reviewed-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit aa28477bbec4dd29826b33fce35429724d48acd3
Author: Sachin Prabhu <sprabhu at redhat.com>
Date: Thu Mar 14 18:15:27 2019 +0000
s4-torture: move torture_wait_for_oplock_break() to central oplock handler.
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 7a73c56907f5f56d989a37703865c15422cce233
Author: Günther Deschner <gd at samba.org>
Date: Wed Sep 28 21:23:20 2016 +0200
s4-torture: move oplock break handler out of the replay testsuite.
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 8274303f3023af1f80e353af552646b2158c4df9
Author: Günther Deschner <gd at samba.org>
Date: Tue Jan 19 14:55:03 2016 +0100
s4-torture: add new smb2 multichannel suite skeleton.
Also Skip MC tests for s4 ntvfs fileserver, it's not supported at all.
Use knownfail for s3 fileserver for the time being (until socketwrapper
supports fd-passing).
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 1492243897242a1b167ee6b0da00a39a39c2db93
Author: Günther Deschner <gd at samba.org>
Date: Wed Sep 20 19:19:37 2017 +0200
s4-torture: include torture/util.h in lease break handler
Signed-off-by: Günther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
selftest/knownfail | 1 +
selftest/skip | 1 +
source4/torture/smb2/block.c | 370 ++++++
source4/torture/smb2/block.h | 45 +
source4/torture/smb2/lease_break_handler.c | 24 +-
source4/torture/smb2/lease_break_handler.h | 18 +-
source4/torture/smb2/multichannel.c | 1870 +++++++++++++++++++++++++++
source4/torture/smb2/oplock.c | 54 -
source4/torture/smb2/oplock_break_handler.c | 154 +++
source4/torture/smb2/oplock_break_handler.h | 56 +
source4/torture/smb2/replay.c | 133 +-
source4/torture/smb2/smb2.c | 1 +
source4/torture/smb2/wscript_build | 3 +
13 files changed, 2532 insertions(+), 198 deletions(-)
create mode 100644 source4/torture/smb2/block.c
create mode 100644 source4/torture/smb2/block.h
create mode 100644 source4/torture/smb2/multichannel.c
create mode 100644 source4/torture/smb2/oplock_break_handler.c
create mode 100644 source4/torture/smb2/oplock_break_handler.h
Changeset truncated at 500 lines:
diff --git a/selftest/knownfail b/selftest/knownfail
index c588f2f5c6b..5bc18a69168 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -200,6 +200,7 @@
^samba3.smb2.lock.*replay
^samba3.smb2.lease.statopen3
^samba3.smb2.lease.unlink # we currently do not downgrade RH lease to R after unlink
+^samba3.smb2.multichannel
^samba4.smb2.ioctl.compress_notsup.*\(ad_dc_ntvfs\)
^samba3.raw.session.*reauth2 # maybe fix this?
^samba3.rpc.lsa.secrets.seal # This gives NT_STATUS_LOCAL_USER_SESSION_KEY
diff --git a/selftest/skip b/selftest/skip
index 3e9a25fc0a3..e628d7ccc85 100644
--- a/selftest/skip
+++ b/selftest/skip
@@ -94,6 +94,7 @@
^samba4.smb2.dir
^samba4.smb2.session
^samba4.smb2.compound
+^samba4.smb2.multichannel
^samba4.smb2.oplock.levelii501 # No test yet
# SMB2 in s4 does not seem to support rename correctly
^samba4.smb2.rename.*\(ad_dc_ntvfs\)$
diff --git a/source4/torture/smb2/block.c b/source4/torture/smb2/block.c
new file mode 100644
index 00000000000..d1e1856bb05
--- /dev/null
+++ b/source4/torture/smb2/block.c
@@ -0,0 +1,370 @@
+/*
+ * Unix SMB/CIFS implementation.
+ *
+ * block SMB2 transports using iptables
+ *
+ * Copyright (C) Guenther Deschner, 2017
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+#include "libcli/smb2/smb2.h"
+#include "torture/torture.h"
+#include "torture/smb2/proto.h"
+#include "system/network.h"
+#include "lib/util/util_net.h"
+#include "torture/smb2/block.h"
+#include "libcli/smb/smbXcli_base.h"
+
+/*
+ * INPUT
+ * |
+ * -----> SAMBA_INPUT
+ * |
+ * -----> SAMBA_INPUT_transportname1
+ * -----> SAMBA_INPUT_transportname2
+ */
+
+
+static bool run_cmd(const char *cmd)
+{
+ int ret;
+
+ DEBUG(10, ("%s will call '%s'\n", __location__, cmd));
+
+ ret = system(cmd);
+ if (ret) {
+ DEBUG(1, ("%s failed to execute system call: %s: %d\n",
+ __location__, cmd, ret));
+ return false;
+ }
+
+ return true;
+}
+
+int smbrun(const char *cmd, int *outfd, char * const *env);
+
+static bool run_cmd_return_buf(TALLOC_CTX *mem_ctx,
+ const char *cmd,
+ int *num_lines, char ***buf)
+{
+ int ret;
+ int fd = -1;
+
+ DEBUG(10, ("%s will call '%s'\n", __location__, cmd));
+
+ ret = smbrun(cmd, &fd, NULL);
+ if (ret) {
+ DEBUG(1, ("%s failed to execute system call: %s: %d\n",
+ __location__, cmd, ret));
+ if (fd != -1) {
+ close(fd);
+ }
+ return false;
+ }
+
+ *buf = fd_lines_load(fd, num_lines, 0, mem_ctx);
+ if (fd != -1) {
+ close(fd);
+ }
+ if (*buf == NULL) {
+ return false;
+ }
+
+ return true;
+}
+
+static const char *iptables_command(struct torture_context *tctx)
+{
+ return torture_setting_string(tctx, "iptables_command",
+ "/usr/sbin/iptables");
+}
+
+char *escape_shell_string(const char *src);
+
+/*
+ * iptables v1.6.1: chain name `SAMBA_INPUT_tree1->session->transport'
+ * too long (must be under 29 chars)
+ *
+ * maybe truncate chainname ?
+ */
+static const char *samba_chain_name(struct torture_context *tctx,
+ const char *name,
+ const char *prefix)
+{
+ const char *s;
+ char *sm;
+
+ s = talloc_asprintf(tctx, "%s_%s", prefix, name);
+ if (s == NULL) {
+ return NULL;
+ }
+
+ sm = escape_shell_string(s);
+ if (sm == NULL) {
+ return NULL;
+ }
+
+ s = talloc_strdup(tctx, sm);
+ free(sm);
+
+ return s;
+}
+
+static bool filter_tcp_setup(struct torture_context *tctx,
+ bool unblock)
+{
+ const char *cmd_in, *cmd_out;
+ const char *ipt = iptables_command(tctx);
+
+ if (unblock) {
+ cmd_in = talloc_asprintf(tctx,
+ "%s -L SAMBA_INPUT > /dev/null 2>&1 && "
+ "("
+ "%s -F SAMBA_INPUT; "
+ "%s -D INPUT -j SAMBA_INPUT; "
+ "%s -X SAMBA_INPUT;"
+ ")",
+ ipt, ipt, ipt, ipt);
+ cmd_out = talloc_asprintf(tctx,
+ "%s -L SAMBA_OUTPUT > /dev/null 2>&1 && "
+ "("
+ "%s -F SAMBA_OUTPUT;"
+ "%s -D OUTPUT -j SAMBA_OUTPUT;"
+ "%s -X SAMBA_OUTPUT;"
+ ")",
+ ipt, ipt, ipt, ipt);
+ } else {
+ cmd_in = talloc_asprintf(tctx,
+ "%s -L SAMBA_INPUT > /dev/null 2>&1 || "
+ "("
+ "%s -N SAMBA_INPUT && "
+ "%s -I INPUT -j SAMBA_INPUT "
+ ")",
+ ipt, ipt, ipt);
+ cmd_out = talloc_asprintf(tctx,
+ "%s -L SAMBA_OUTPUT > /dev/null 2>&1 || "
+ "("
+ "%s -N SAMBA_OUTPUT && "
+ "%s -I OUTPUT -j SAMBA_OUTPUT;"
+ ")",
+ ipt, ipt, ipt);
+ }
+
+ if (cmd_in == NULL || cmd_out == NULL) {
+ return false;
+ }
+
+ if (!run_cmd(cmd_in)) {
+ return false;
+ }
+ /* if (!run_cmd(cmd_out)) { return false; } */
+
+ return true;
+}
+
+static bool filter_tcp_setup_name(struct torture_context *tctx,
+ const char *name, bool unblock)
+{
+ const char *cmd_in, *cmd_out;
+ const char *chain_in, *chain_out;
+ const char *ipt = iptables_command(tctx);
+
+ chain_in = samba_chain_name(tctx, name, "SAMBA_INPUT");
+ chain_out = samba_chain_name(tctx, name, "SAMBA_OUTPUT");
+ if (chain_in == NULL || chain_out == NULL) {
+ return false;
+ }
+
+ if (unblock) {
+ cmd_in = talloc_asprintf(tctx, "%s -F %s; "
+ "%s -D SAMBA_INPUT -j %s; "
+ "%s -X %s",
+ ipt, chain_in,
+ ipt, chain_in,
+ ipt, chain_in);
+ cmd_out = talloc_asprintf(tctx, "%s -F %s; "
+ "%s -D SAMBA_OUTPUT -j %s; "
+ "%s -X %s",
+ ipt, chain_out,
+ ipt, chain_out,
+ ipt, chain_out);
+ } else {
+ cmd_in = talloc_asprintf(tctx, "%s -L %s > /dev/null 2>&1 || "
+ "%s -N %s && "
+ "%s -I SAMBA_INPUT -j %s",
+ ipt, chain_in,
+ ipt, chain_in,
+ ipt, chain_in);
+ cmd_out = talloc_asprintf(tctx, "%s -L %s > /dev/null 2>&1 || "
+ "%s -N %s && "
+ "%s -I SAMBA_OUTPUT -j %s",
+ ipt, chain_out,
+ ipt, chain_out,
+ ipt, chain_out);
+ }
+
+ if (cmd_in == NULL || cmd_out == NULL) {
+ return false;
+ }
+
+ if (!run_cmd(cmd_in)) {
+ return false;
+ }
+ /* if (!run_cmd(cmd_out)) return false; */
+
+ return true;
+}
+
+/* '11 452 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:43062' */
+static bool get_packet_count(const char *s, uint32_t *count)
+{
+ int i = 0;
+ char *p;
+
+ if (s == NULL) {
+ return false;
+ }
+
+ while (s[i] == ' ') {
+ s++;
+ }
+
+ p = strchr(s, ' ');
+ if (p == NULL) {
+ return false;
+ }
+ *p = '\0';
+
+ *count = atoi(s);
+
+ return true;
+}
+
+bool torture_list_tcp_transport_name(struct torture_context *tctx,
+ const char *name,
+ uint32_t *_packets)
+{
+ const char *chain_in, *cmd;
+ int num_lines;
+ char **buf;
+ uint32_t packets = 0;
+ const char *ipt = iptables_command(tctx);
+
+ chain_in = samba_chain_name(tctx, name, "SAMBA_INPUT");
+ if (chain_in == NULL) {
+ return false;
+ }
+
+ cmd = talloc_asprintf(tctx, "%s -L %s -v -n", ipt, chain_in);
+ if (cmd == NULL) {
+ return false;
+ }
+
+ if (!run_cmd_return_buf(tctx, cmd, &num_lines, &buf)) {
+ return false;
+ }
+ SMB_ASSERT(num_lines >= 3);
+
+ if (!get_packet_count(buf[2], &packets)) {
+ return false;
+ }
+
+ torture_comment(tctx, "chain: '%s', packets: %d\n", name, (int)packets);
+
+ if (_packets != NULL) {
+ *_packets = packets;
+ }
+
+ return true;
+}
+
+uint16_t torture_get_local_port_from_transport(struct smb2_transport *t)
+{
+ const struct sockaddr_storage *local_ss;
+
+ local_ss = smbXcli_conn_local_sockaddr(t->conn);
+
+ return get_sockaddr_port(local_ss);
+}
+
+static bool torture_block_tcp_transport_name_internal(
+ struct torture_context *tctx,
+ struct smb2_transport *t,
+ const char *name,
+ bool unblock)
+{
+ char *cmd_in;
+ char *cmd_out;
+ const char *chain_in, *chain_out;
+ uint16_t port = torture_get_local_port_from_transport(t);
+ const char *ipt = iptables_command(tctx);
+
+ chain_in = samba_chain_name(tctx, name, "SAMBA_INPUT");
+ chain_out = samba_chain_name(tctx, name, "SAMBA_OUTPUT");
+ if (chain_in == NULL || chain_out == NULL) {
+ return false;
+ }
+
+ if (!unblock) {
+ filter_tcp_setup(tctx, false);
+ filter_tcp_setup_name(tctx, name, false);
+ }
+
+ torture_comment(tctx, "%sblocking %s dport %d\n",
+ unblock ? "un" : "", name, port);
+
+ cmd_in = talloc_asprintf(tctx,
+ "%s %s %s -p tcp --dport %d -j DROP",
+ ipt, unblock ? "-D" : "-I", chain_in, port);
+ cmd_out = talloc_asprintf(tctx,
+ "%s %s %s -p tcp --sport %d -j DROP",
+ ipt, unblock ? "-D" : "-I", chain_out, port);
+ if (cmd_in == NULL || cmd_out == NULL) {
+ return false;
+ }
+
+ if (!run_cmd(cmd_in)) {
+ return false;
+ }
+ /* if (!run_cmd(cmd_out)) return false; */
+
+ if (unblock) {
+ filter_tcp_setup_name(tctx, name, true);
+ /* better dont cleanup here */
+ /* filter_tcp_setup(tctx, true); */
+ }
+
+ return true;
+}
+
+bool torture_block_tcp_transport_name(struct torture_context *tctx,
+ struct smb2_transport *t,
+ const char *name)
+{
+ return torture_block_tcp_transport_name_internal(tctx, t, name, false);
+}
+
+bool torture_unblock_tcp_transport_name(struct torture_context *tctx,
+ struct smb2_transport *t,
+ const char *name)
+{
+ return torture_block_tcp_transport_name_internal(tctx, t, name, true);
+}
+
+void torture_unblock_cleanup(struct torture_context *tctx)
+{
+ filter_tcp_setup(tctx, true);
+}
diff --git a/source4/torture/smb2/block.h b/source4/torture/smb2/block.h
new file mode 100644
index 00000000000..9278caaa2b7
--- /dev/null
+++ b/source4/torture/smb2/block.h
@@ -0,0 +1,45 @@
+/*
+ * Unix SMB/CIFS implementation.
+ *
+ * block SMB2 transports using iptables
+ *
+ * Copyright (C) Guenther Deschner, 2017
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+bool torture_list_tcp_transport_name(struct torture_context *tctx,
+ const char *name,
+ uint32_t *packets);
+
+bool torture_block_tcp_transport_name(struct torture_context *tctx,
+ struct smb2_transport *t,
+ const char *name);
+
+bool torture_unblock_tcp_transport_name(struct torture_context *tctx,
+ struct smb2_transport *t,
+ const char *name);
+
+void torture_unblock_cleanup(struct torture_context *tctx);
+
+uint16_t torture_get_local_port_from_transport(struct smb2_transport *t);
+
+#define torture_block_tcp_transport(_tctx, _t) \
+ torture_block_tcp_transport_name(_tctx, _t, #_t)
+
+#define torture_unblock_tcp_transport(_tctx, _t) \
+ torture_unblock_tcp_transport_name(_tctx, _t, #_t)
+
+#define torture_list_tcp_transport(_tctx, _t, _packets) \
+ torture_list_tcp_transport_name(_tctx, #_t, _packets)
diff --git a/source4/torture/smb2/lease_break_handler.c b/source4/torture/smb2/lease_break_handler.c
index b70234420bd..d741127f3d5 100644
--- a/source4/torture/smb2/lease_break_handler.c
+++ b/source4/torture/smb2/lease_break_handler.c
@@ -72,6 +72,18 @@ bool torture_lease_handler(struct smb2_transport *transport,
return true;
}
+/*
+ * A lease break handler which ignores incoming lease break requests
+ * To be used in cases where the client is expected to ignore incoming
+ * lease break requests
+ */
+bool torture_lease_ignore_handler(struct smb2_transport *transport,
+ const struct smb2_lease_break *lb,
+ void *private_data)
+{
+ return true;
+}
+
/*
Timer handler function notifies the registering function that time is up
*/
@@ -96,8 +108,8 @@ void torture_wait_for_lease_break(struct torture_context *tctx)
bool timesup = false;
int old_count = lease_break_info.count;
- /* Wait .1 seconds for an lease break */
- ne = tevent_timeval_current_ofs(0, 100000);
+ /* Wait 1 second for an lease break */
+ ne = tevent_timeval_current_ofs(0, 1000000);
te = tevent_add_timer(tctx->ev, tmp_ctx, ne, timeout_cb, ×up);
if (te == NULL) {
@@ -124,11 +136,3 @@ done:
return;
}
-
- void torture_reset_lease_break_info(struct torture_context *tctx,
- struct lease_break_info *r)
-{
- ZERO_STRUCTP(r);
- r->tctx = tctx;
-}
-
diff --git a/source4/torture/smb2/lease_break_handler.h b/source4/torture/smb2/lease_break_handler.h
index 54e615c3082..90fde1a9217 100644
--- a/source4/torture/smb2/lease_break_handler.h
--
Samba Shared Repository
More information about the samba-cvs
mailing list