[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Thu Apr 8 17:31:01 UTC 2021
The branch, master has been updated
via fc6eba619eb smbd: SMB2 Compound related chain handling when generation of FileId has failed
via b97b5ca0cbb torture: add another smbtorture compound SMB2 requests test "related9"
via 7f73cde000d torture: add smbtorture compound SMB2 requests test "related8"
via 422302accb8 torture: add smbtorture testcase "related7" for failure in compound related chain
via 97fc7395b56 torture: smbtorture test case to verify Compound related handling
via 5d26aa4069f torture: Add couple of compound related test cases to verify that server should return NTSTATUS of the failed Create for succeeding requests.
from 4a41d970b47 Update status of SMB_VFS_REMOVEXATTR
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit fc6eba619eb91925513d0c62263db894faffd8d6
Author: Ralph Boehme <slow at samba.org>
Date: Thu Apr 8 12:17:22 2021 +0200
smbd: SMB2 Compound related chain handling when generation of FileId has failed
Issue:
We have a scenario where an application sends a Compound Related chain
consisting of:
SMB2_CREATE
SMB2_IOCTL
SMB2_SET_INFO
SMB2_CLOSE
SMB2_CREATE failed with NT_STATUS_ACCESS_DENIED and subsequent
requests all fail. In Samba they return NT_STATUS_FILE_CLOSED.
When I tried the same against a Win2k12 server, I noticed that all the
failed requests of the chain would return NT_STATUS_ACCESS_DENIED.
I believe this behaviour is also mentioned in the [MS-SMB2] Specs
3.3.5.2.7.2: Handling Compounded Related Requests
"When the current operation requires a FileId and the previous
operation either contains or generates a FileId, if the previous
operation fails with an error, the server SHOULD<223> fail the current
operation with the same error code returned by the previous
operation."
Fix:
Save NTATUS of a failed Create request. When we process subsequent
requests of the chain we check if the previous Create has failed. In
case of a Create failure we returned the saved NTSTATUS.
Signed-off-by: Anubhav Rakshit <anubhav.rakshit at gmail.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Apr 8 17:30:50 UTC 2021 on sn-devel-184
commit b97b5ca0cbb9b58e968eac78c3baaa37e031067b
Author: Ralph Boehme <slow at samba.org>
Date: Thu Apr 8 12:25:22 2021 +0200
torture: add another smbtorture compound SMB2 requests test "related9"
This test verifies that if a compound related request is not preceeded by a
request that generates or contains a File-ID, the request fails with
NT_STATUS_INVALID_PARAMETER.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 7f73cde000d808742191c3b4f61893e273a89363
Author: Ralph Boehme <slow at samba.org>
Date: Thu Apr 8 12:14:19 2021 +0200
torture: add smbtorture compound SMB2 requests test "related8"
This verifies that if the initial create fails with
NT_STATUS_OBJECT_NAME_NOT_FOUND, compount related operations fail with the same
error.
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 422302accb8c35f7e7f7aa437a607d4bc29c85a8
Author: Anubhav Rakshit <anubhav.rakshit at gmail.com>
Date: Wed Jul 15 10:14:52 2020 +0530
torture: add smbtorture testcase "related7" for failure in compound related chain
We want to verify what Windows does when the first request of the
chain has failed and an async request is part of the chain. We see
Windows fails the async request with the same error. Also the async
request is immediately failed.
Signed-off-by: Anubhav Rakshit <anubhav.rakshit at gmail.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 97fc7395b56b9f48224c68e60c28a4939ad9f6ea
Author: Anubhav Rakshit <anubhav.rakshit at gmail.com>
Date: Mon May 18 20:20:05 2020 +0530
torture: smbtorture test case to verify Compound related handling
This test case checks what happens when we have an intermediate request
failure and how it impacts rest of the chain.
Signed-off-by: Anubhav Rakshit <anubhav.rakshit at gmail.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 5d26aa4069fd92e7593e6864dba0d7dcc14ff4f8
Author: Anubhav Rakshit <anubhav.rakshit at gmail.com>
Date: Sat May 16 00:02:18 2020 +0530
torture: Add couple of compound related test cases to verify that server should return NTSTATUS of the failed Create for succeeding requests.
We already pass samba3.smb2.compound.related5, but mark related4 as knownfail.
Signed-off-by: Anubhav Rakshit <anubhav.rakshit at gmail.com>
Reviewed-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/globals.h | 1 +
source3/smbd/smb2_create.c | 3 +
source3/smbd/smb2_server.c | 6 +
source4/torture/smb2/compound.c | 641 ++++++++++++++++++++++++++++++++++++++++
4 files changed, 651 insertions(+)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index f49096cba8a..a227fdd903a 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -741,6 +741,7 @@ struct smbd_smb2_request {
bool do_encryption;
struct tevent_timer *async_te;
bool compound_related;
+ NTSTATUS compound_create_err;
/*
* Give the implementation of an SMB2 req a way to tell the SMB2 request
diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c
index dc6bd72591e..ef844fb9346 100644
--- a/source3/smbd/smb2_create.c
+++ b/source3/smbd/smb2_create.c
@@ -331,6 +331,9 @@ static void smbd_smb2_request_create_done(struct tevent_req *tsubreq)
&out_file_id_volatile,
&out_context_blobs);
if (!NT_STATUS_IS_OK(status)) {
+ if (smbd_smb2_is_compound(smb2req)) {
+ smb2req->compound_create_err = status;
+ }
error = smbd_smb2_request_error(smb2req, status);
if (!NT_STATUS_IS_OK(error)) {
smbd_server_connection_terminate(smb2req->xconn,
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index d5b0df33dde..9bd5bf79b30 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -3262,6 +3262,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
fsp = file_fsp_smb2(req, file_id_persistent, file_id_volatile);
if (fsp == NULL) {
+ if (req->compound_related &&
+ !NT_STATUS_IS_OK(req->compound_create_err))
+ {
+ return smbd_smb2_request_error(req,
+ req->compound_create_err);
+ }
if (!call->allow_invalid_fileid) {
return smbd_smb2_request_error(req,
NT_STATUS_FILE_CLOSED);
diff --git a/source4/torture/smb2/compound.c b/source4/torture/smb2/compound.c
index fd657a4a16e..cf19361130f 100644
--- a/source4/torture/smb2/compound.c
+++ b/source4/torture/smb2/compound.c
@@ -24,6 +24,8 @@
#include "libcli/smb2/smb2_calls.h"
#include "torture/torture.h"
#include "torture/smb2/proto.h"
+#include "libcli/security/security.h"
+#include "librpc/gen_ndr/ndr_security.h"
#include "../libcli/smb/smbXcli_base.h"
#define CHECK_STATUS(status, correct) do { \
@@ -441,6 +443,633 @@ done:
return ret;
}
+static bool test_compound_related4(struct torture_context *tctx,
+ struct smb2_tree *tree)
+{
+ const char *fname = "compound_related4.dat";
+ struct security_descriptor *sd = NULL;
+ struct smb2_handle hd;
+ struct smb2_create cr;
+ union smb_setfileinfo set;
+ struct smb2_ioctl io;
+ struct smb2_close cl;
+ struct smb2_request *req[4];
+ NTSTATUS status;
+ bool ret = true;
+
+ smb2_util_unlink(tree, fname);
+
+ ZERO_STRUCT(cr);
+ cr.level = RAW_OPEN_SMB2;
+ cr.in.create_flags = 0;
+ cr.in.desired_access = SEC_STD_READ_CONTROL |
+ SEC_STD_WRITE_DAC |
+ SEC_STD_WRITE_OWNER;
+ cr.in.create_options = 0;
+ cr.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
+ cr.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE |
+ NTCREATEX_SHARE_ACCESS_READ |
+ NTCREATEX_SHARE_ACCESS_WRITE;
+ cr.in.alloc_size = 0;
+ cr.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
+ cr.in.impersonation_level = NTCREATEX_IMPERSONATION_ANONYMOUS;
+ cr.in.security_flags = 0;
+ cr.in.fname = fname;
+
+ status = smb2_create(tree, tctx, &cr);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, "smb2_create failed\n");
+
+ hd = cr.out.file.handle;
+ torture_comment(tctx, "set a sec desc allowing no write by CREATOR_OWNER\n");
+
+ sd = security_descriptor_dacl_create(tctx,
+ 0, NULL, NULL,
+ SID_CREATOR_OWNER,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ SEC_RIGHTS_FILE_READ | SEC_STD_ALL,
+ 0,
+ NULL);
+ torture_assert_not_null_goto(tctx, sd, ret, done,
+ "security_descriptor_dacl_create failed\n");
+
+ set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
+ set.set_secdesc.in.file.handle = hd;
+ set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
+ set.set_secdesc.in.sd = sd;
+
+ status = smb2_setinfo_file(tree, &set);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_setinfo_file failed\n");
+
+ torture_comment(tctx, "try open for write\n");
+ cr.in.desired_access = SEC_FILE_WRITE_DATA;
+ smb2_transport_compound_start(tree->session->transport, 4);
+
+ req[0] = smb2_create_send(tree, &cr);
+ torture_assert_not_null_goto(tctx, req[0], ret, done,
+ "smb2_create_send failed\n");
+
+ hd.data[0] = UINT64_MAX;
+ hd.data[1] = UINT64_MAX;
+
+ smb2_transport_compound_set_related(tree->session->transport, true);
+ ZERO_STRUCT(io);
+ io.in.function = FSCTL_CREATE_OR_GET_OBJECT_ID;
+ io.in.file.handle = hd;
+ io.in.flags = 1;
+
+ req[1] = smb2_ioctl_send(tree, &io);
+ torture_assert_not_null_goto(tctx, req[1], ret, done,
+ "smb2_ioctl_send failed\n");
+
+ ZERO_STRUCT(cl);
+ cl.in.file.handle = hd;
+
+ req[2] = smb2_close_send(tree, &cl);
+ torture_assert_not_null_goto(tctx, req[2], ret, done,
+ "smb2_create_send failed\n");
+
+ set.set_secdesc.in.file.handle = hd;
+
+ req[3] = smb2_setinfo_file_send(tree, &set);
+ torture_assert_not_null_goto(tctx, req[3], ret, done,
+ "smb2_create_send failed\n");
+
+ status = smb2_create_recv(req[0], tree, &cr);
+ torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_ACCESS_DENIED,
+ ret, done,
+ "smb2_create_recv failed\n");
+
+ status = smb2_ioctl_recv(req[1], tree, &io);
+ torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_ACCESS_DENIED,
+ ret, done,
+ "smb2_ioctl_recv failed\n");
+
+ status = smb2_close_recv(req[2], &cl);
+ torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_ACCESS_DENIED,
+ ret, done,
+ "smb2_close_recv failed\n");
+
+ status = smb2_setinfo_recv(req[3]);
+ torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_ACCESS_DENIED,
+ ret, done,
+ "smb2_setinfo_recv failed\n");
+
+done:
+ smb2_util_unlink(tree, fname);
+ smb2_tdis(tree);
+ smb2_logoff(tree->session);
+ return ret;
+}
+
+static bool test_compound_related5(struct torture_context *tctx,
+ struct smb2_tree *tree)
+{
+ struct smb2_handle hd;
+ struct smb2_ioctl io;
+ struct smb2_close cl;
+ struct smb2_request *req[2];
+ NTSTATUS status;
+ bool ret = false;
+
+ smb2_transport_compound_start(tree->session->transport, 2);
+
+ hd.data[0] = UINT64_MAX;
+ hd.data[1] = UINT64_MAX;
+
+ ZERO_STRUCT(io);
+ io.in.function = FSCTL_CREATE_OR_GET_OBJECT_ID;
+ io.in.file.handle = hd;
+ io.in.flags = 1;
+
+ req[0] = smb2_ioctl_send(tree, &io);
+ torture_assert_not_null_goto(tctx, req[0], ret, done,
+ "smb2_ioctl_send failed\n");
+
+ smb2_transport_compound_set_related(tree->session->transport, true);
+
+ ZERO_STRUCT(cl);
+ cl.in.file.handle = hd;
+
+ req[1] = smb2_close_send(tree, &cl);
+ torture_assert_not_null_goto(tctx, req[1], ret, done,
+ "smb2_create_send failed\n");
+
+ status = smb2_ioctl_recv(req[0], tree, &io);
+ torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_FILE_CLOSED,
+ ret, done,
+ "smb2_ioctl_recv failed\n");
+
+ status = smb2_close_recv(req[1], &cl);
+ torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_FILE_CLOSED,
+ ret, done,
+ "smb2_close_recv failed\n");
+
+ ret = true;
+
+done:
+ smb2_tdis(tree);
+ smb2_logoff(tree->session);
+ return ret;
+}
+
+static bool test_compound_related6(struct torture_context *tctx,
+ struct smb2_tree *tree)
+{
+ struct smb2_handle hd;
+ struct smb2_create cr;
+ struct smb2_read rd;
+ struct smb2_write wr;
+ struct smb2_close cl;
+ NTSTATUS status;
+ const char *fname = "compound_related6.dat";
+ struct smb2_request *req[5];
+ uint8_t buf[64];
+ bool ret = true;
+
+ smb2_util_unlink(tree, fname);
+
+ ZERO_STRUCT(cr);
+ cr.level = RAW_OPEN_SMB2;
+ cr.in.create_flags = 0;
+ cr.in.desired_access = SEC_RIGHTS_FILE_ALL;
+ cr.in.create_options = 0;
+ cr.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
+ cr.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE |
+ NTCREATEX_SHARE_ACCESS_READ |
+ NTCREATEX_SHARE_ACCESS_WRITE;
+ cr.in.alloc_size = 0;
+ cr.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
+ cr.in.impersonation_level = NTCREATEX_IMPERSONATION_ANONYMOUS;
+ cr.in.security_flags = 0;
+ cr.in.fname = fname;
+
+ status = smb2_create(tree, tctx, &cr);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_create failed\n");
+
+ hd = cr.out.file.handle;
+
+ ZERO_STRUCT(buf);
+ status = smb2_util_write(tree, hd, buf, 0, ARRAY_SIZE(buf));
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_util_write failed\n");
+
+ torture_comment(tctx, "try open for read\n");
+ cr.in.desired_access = SEC_FILE_READ_DATA;
+ smb2_transport_compound_start(tree->session->transport, 5);
+
+ req[0] = smb2_create_send(tree, &cr);
+ torture_assert_not_null_goto(tctx, req[0], ret, done,
+ "smb2_create_send failed\n");
+
+ hd.data[0] = UINT64_MAX;
+ hd.data[1] = UINT64_MAX;
+
+ smb2_transport_compound_set_related(tree->session->transport, true);
+
+ ZERO_STRUCT(rd);
+ rd.in.file.handle = hd;
+ rd.in.length = 1;
+ rd.in.offset = 0;
+
+ req[1] = smb2_read_send(tree, &rd);
+ torture_assert_not_null_goto(tctx, req[1], ret, done,
+ "smb2_read_send failed\n");
+
+ ZERO_STRUCT(wr);
+ wr.in.file.handle = hd;
+ wr.in.offset = 0;
+ wr.in.data = data_blob_talloc(tctx, NULL, 64);
+
+ req[2] = smb2_write_send(tree, &wr);
+ torture_assert_not_null_goto(tctx, req[2], ret, done,
+ "smb2_write_send failed\n");
+
+ ZERO_STRUCT(rd);
+ rd.in.file.handle = hd;
+ rd.in.length = 1;
+ rd.in.offset = 0;
+
+ req[3] = smb2_read_send(tree, &rd);
+ torture_assert_not_null_goto(tctx, req[3], ret, done,
+ "smb2_read_send failed\n");
+
+ ZERO_STRUCT(cl);
+ cl.in.file.handle = hd;
+
+ req[4] = smb2_close_send(tree, &cl);
+ torture_assert_not_null_goto(tctx, req[4], ret, done,
+ "smb2_close_send failed\n");
+
+ status = smb2_create_recv(req[0], tree, &cr);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_create_recv failed\n");
+
+ status = smb2_read_recv(req[1], tree, &rd);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_read_recv failed\n");
+
+ status = smb2_write_recv(req[2], &wr);
+ torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_ACCESS_DENIED,
+ ret, done,
+ "smb2_write_recv failed\n");
+
+ status = smb2_read_recv(req[3], tree, &rd);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_read_recv failed\n");
+
+ status = smb2_close_recv(req[4], &cl);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_close_recv failed\n");
+
+ done:
+ smb2_util_unlink(tree, fname);
+ smb2_tdis(tree);
+ smb2_logoff(tree->session);
+ return ret;
+}
+
+static bool test_compound_related7(struct torture_context *tctx,
+ struct smb2_tree *tree)
+{
+ const char *fname = "compound_related4.dat";
+ struct security_descriptor *sd = NULL;
+ struct smb2_handle hd;
+ struct smb2_create cr;
+ union smb_setfileinfo set;
+ struct smb2_notify nt;
+ struct smb2_close cl;
+ NTSTATUS status;
+ struct smb2_request *req[4];
+ bool ret = true;
+
+ smb2_util_unlink(tree, fname);
+
+ ZERO_STRUCT(cr);
+ cr.level = RAW_OPEN_SMB2;
+ cr.in.create_flags = 0;
+ cr.in.desired_access = SEC_STD_READ_CONTROL |
+ SEC_STD_WRITE_DAC |
+ SEC_STD_WRITE_OWNER;
+ cr.in.create_options = 0;
+ cr.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
+ cr.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE |
+ NTCREATEX_SHARE_ACCESS_READ |
+ NTCREATEX_SHARE_ACCESS_WRITE;
+ cr.in.alloc_size = 0;
+ cr.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
+ cr.in.impersonation_level = NTCREATEX_IMPERSONATION_ANONYMOUS;
+ cr.in.security_flags = 0;
+ cr.in.fname = fname;
+
+ status = smb2_create(tree, tctx, &cr);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_create failed\n");
+
+ hd = cr.out.file.handle;
+ torture_comment(tctx, "set a sec desc allowing no write by CREATOR_OWNER\n");
+ sd = security_descriptor_dacl_create(tctx,
+ 0, NULL, NULL,
+ SID_CREATOR_OWNER,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ SEC_RIGHTS_FILE_READ | SEC_STD_ALL,
+ 0,
+ NULL);
+ torture_assert_not_null_goto(tctx, sd, ret, done,
+ "security_descriptor_dacl_create failed\n");
+
+ set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
+ set.set_secdesc.in.file.handle = hd;
+ set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
+ set.set_secdesc.in.sd = sd;
+
+ status = smb2_setinfo_file(tree, &set);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_setinfo_file failed\n");
+
+ torture_comment(tctx, "try open for write\n");
+ cr.in.desired_access = SEC_FILE_WRITE_DATA;
+ smb2_transport_compound_start(tree->session->transport, 4);
+
+ req[0] = smb2_create_send(tree, &cr);
+ torture_assert_not_null_goto(tctx, req[0], ret, done,
+ "smb2_create_send failed\n");
+
+ hd.data[0] = UINT64_MAX;
+ hd.data[1] = UINT64_MAX;
+
+ smb2_transport_compound_set_related(tree->session->transport, true);
+
+ ZERO_STRUCT(nt);
+ nt.in.recursive = true;
+ nt.in.buffer_size = 0x1000;
+ nt.in.file.handle = hd;
+ nt.in.completion_filter = FILE_NOTIFY_CHANGE_NAME;
+ nt.in.unknown = 0x00000000;
+
+ req[1] = smb2_notify_send(tree, &nt);
+ torture_assert_not_null_goto(tctx, req[1], ret, done,
+ "smb2_notify_send failed\n");
+
+ ZERO_STRUCT(cl);
+ cl.in.file.handle = hd;
+
+ req[2] = smb2_close_send(tree, &cl);
+ torture_assert_not_null_goto(tctx, req[2], ret, done,
+ "smb2_close_send failed\n");
+
+ set.set_secdesc.in.file.handle = hd;
+
+ req[3] = smb2_setinfo_file_send(tree, &set);
+ torture_assert_not_null_goto(tctx, req[3], ret, done,
+ "smb2_setinfo_file_send failed\n");
+
+ status = smb2_create_recv(req[0], tree, &cr);
+ torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_ACCESS_DENIED,
+ ret, done,
+ "smb2_create_recv failed\n");
+
+ status = smb2_notify_recv(req[1], tree, &nt);
+ torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_ACCESS_DENIED,
+ ret, done,
+ "smb2_notify_recv failed\n");
+
+ status = smb2_close_recv(req[2], &cl);
+ torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_ACCESS_DENIED,
+ ret, done,
+ "smb2_close_recv failed\n");
+
+ status = smb2_setinfo_recv(req[3]);
+ torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_ACCESS_DENIED,
+ ret, done,
+ "smb2_setinfo_recv failed\n");
+
+done:
+ smb2_util_unlink(tree, fname);
+ smb2_tdis(tree);
+ smb2_logoff(tree->session);
+ return ret;
+}
+
+static bool test_compound_related8(struct torture_context *tctx,
+ struct smb2_tree *tree)
+{
+ const char *fname = "compound_related8.dat";
+ const char *fname_nonexisting = "compound_related8.dat.void";
+ struct security_descriptor *sd = NULL;
+ struct smb2_handle hd;
+ struct smb2_create cr;
+ union smb_setfileinfo set;
+ struct smb2_notify nt;
+ struct smb2_close cl;
+ NTSTATUS status;
+ struct smb2_request *req[4];
+ bool ret = true;
+
+ smb2_util_unlink(tree, fname);
+
+ ZERO_STRUCT(cr);
+ cr.level = RAW_OPEN_SMB2;
+ cr.in.create_flags = 0;
+ cr.in.desired_access = SEC_STD_READ_CONTROL |
+ SEC_STD_WRITE_DAC |
+ SEC_STD_WRITE_OWNER;
+ cr.in.create_options = 0;
+ cr.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
+ cr.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE |
+ NTCREATEX_SHARE_ACCESS_READ |
+ NTCREATEX_SHARE_ACCESS_WRITE;
+ cr.in.alloc_size = 0;
+ cr.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
+ cr.in.impersonation_level = NTCREATEX_IMPERSONATION_ANONYMOUS;
--
Samba Shared Repository
More information about the samba-cvs
mailing list