#include "util_tdb.h"
#include "../libcli/smb/read_smb.h"
#include "../libcli/smb/smbXcli_base.h"
-#include "lib/sys_rw_data.h"
+#include "lib/util/sys_rw_data.h"
+#include "lib/util/base64.h"
extern char *optarg;
extern int optind;
fstring host, workgroup, share, password, username, myname;
+struct cli_credentials *torture_creds;
static const char *sockops="TCP_NODELAY";
int torture_nprocs=1;
static int port_to_use=0;
return false;
}
- if (c->use_kerberos) {
- status = cli_gss_smb_encryption_start(c);
- } else {
- status = cli_raw_ntlm_smb_encryption_start(c,
- username,
- password,
- workgroup);
- }
-
+ status = cli_smb1_setup_encryption(c, torture_creds);
if (!NT_STATUS_IS_OK(status)) {
d_printf("Encryption required and "
"setup failed with error %s.\n",
int flags = 0;
NTSTATUS status;
- if (use_kerberos)
- flags |= CLI_FULL_CONNECTION_USE_KERBEROS;
if (use_oplocks)
flags |= CLI_FULL_CONNECTION_OPLOCKS;
if (use_level_II_oplocks)
flags |= CLI_FULL_CONNECTION_LEVEL_II_OPLOCKS;
- status = cli_full_connection(c, myname,
- hostname, NULL, port_to_use,
- sharename, "?????",
- username, workgroup,
- password, flags, signing_state);
+ status = cli_full_connection_creds(c,
+ myname,
+ hostname,
+ NULL, /* dest_ss */
+ port_to_use,
+ sharename,
+ "?????",
+ torture_creds,
+ flags,
+ signing_state);
if (!NT_STATUS_IS_OK(status)) {
printf("failed to open share connection: //%s/%s port:%d - %s\n",
hostname, sharename, port_to_use, nt_errstr(status));
bool torture_cli_session_setup2(struct cli_state *cli, uint16_t *new_vuid)
{
uint16_t old_vuid = cli_state_get_uid(cli);
- size_t passlen = strlen(password);
NTSTATUS status;
bool ret;
cli_state_set_uid(cli, 0);
- status = cli_session_setup(cli, username,
- password, passlen,
- password, passlen,
- workgroup);
+ status = cli_session_setup_creds(cli, torture_creds);
ret = NT_STATUS_IS_OK(status);
*new_vuid = cli_state_get_uid(cli);
cli_state_set_uid(cli, old_vuid);
return False;
}
- status = cli_tree_connect(cli, share, "?????",
- password, strlen(password)+1);
+ status = cli_tree_connect_creds(cli, share, "?????", torture_creds);
if (!NT_STATUS_IS_OK(status)) {
printf("%s refused 2nd tree connect (%s)\n", host,
nt_errstr(status));
NTSTATUS status;
bool ret;
- status = cli_tree_connect(cli, myshare, devtype,
- password, strlen(password)+1);
+ status = cli_tree_connect_creds(cli, myshare, devtype, torture_creds);
if (NT_STATUS_IS_OK(expected_error)) {
if (NT_STATUS_IS_OK(status)) {
NTSTATUS status;
bool ret = True;
- status = cli_full_connection(&cli1, myname,
- host, NULL, port_to_use,
- NULL, NULL,
- username, workgroup,
- password, flags, signing_state);
+ status = cli_full_connection_creds(&cli1,
+ myname,
+ host,
+ NULL, /* dest_ss */
+ port_to_use,
+ NULL, /* service */
+ NULL, /* service_type */
+ torture_creds,
+ flags,
+ signing_state);
if (!NT_STATUS_IS_OK(status)) {
printf("could not open connection\n");
return False;
saved_cnum = cli_state_get_tid(cli);
- if (!NT_STATUS_IS_OK(cli_tree_connect(cli, share, "?????", "", 1)))
+ if (!NT_STATUS_IS_OK(cli_tree_connect(cli, share, "?????", NULL)))
return False;
new_cnum = cli_state_get_tid(cli);
cli_state_set_tid(cli, saved_cnum);
return correct;
}
+
+/*
+ Test wildcard delete.
+ */
+static bool run_wild_deletetest(int dummy)
+{
+ struct cli_state *cli = NULL;
+ const char *dname = "\\WTEST";
+ const char *fname = "\\WTEST\\A";
+ const char *wunlink_name = "\\WTEST\\*";
+ uint16_t fnum1 = (uint16_t)-1;
+ bool correct = false;
+ NTSTATUS status;
+
+ printf("starting wildcard delete test\n");
+
+ if (!torture_open_connection(&cli, 0)) {
+ return false;
+ }
+
+ smbXcli_conn_set_sockopt(cli->conn, sockops);
+
+ cli_unlink(cli, fname, 0);
+ cli_rmdir(cli, dname);
+ status = cli_mkdir(cli, dname);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("mkdir of %s failed %s!\n", dname, nt_errstr(status));
+ goto fail;
+ }
+ status = cli_openx(cli, fname, O_CREAT|O_RDONLY, DENY_NONE, &fnum1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("open of %s failed %s!\n", fname, nt_errstr(status));
+ goto fail;
+ }
+ status = cli_close(cli, fnum1);
+ fnum1 = -1;
+
+ /*
+ * Note the unlink attribute-type of zero. This should
+ * map into FILE_ATTRIBUTE_NORMAL at the server even
+ * on a wildcard delete.
+ */
+
+ status = cli_unlink(cli, wunlink_name, 0);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("unlink of %s failed %s!\n",
+ wunlink_name, nt_errstr(status));
+ goto fail;
+ }
+
+ printf("finished wildcard delete test\n");
+
+ correct = true;
+
+ fail:
+
+ if (fnum1 != (uint16_t)-1) cli_close(cli, fnum1);
+ cli_unlink(cli, fname, 0);
+ cli_rmdir(cli, dname);
+
+ if (cli && !torture_close_connection(cli)) {
+ correct = false;
+ }
+ return correct;
+}
+
static bool run_deletetest_ln(int dummy)
{
struct cli_state *cli;
return correct;
}
-static bool run_pipe_number(int dummy)
-{
- struct cli_state *cli1;
- const char *pipe_name = "\\SPOOLSS";
- uint16_t fnum;
- int num_pipes = 0;
+/*
+ Test rename into a directory with an ACL denying it.
+ */
+static bool run_rename_access(int dummy)
+{
+ static struct cli_state *cli = NULL;
+ static struct cli_state *posix_cli = NULL;
+ const char *src = "test.txt";
+ const char *dname = "dir";
+ const char *dst = "dir\\test.txt";
+ const char *dsrc = "test.dir";
+ const char *ddst = "dir\\test.dir";
+ uint16_t fnum = (uint16_t)-1;
+ struct security_descriptor *sd = NULL;
+ struct security_descriptor *newsd = NULL;
NTSTATUS status;
+ TALLOC_CTX *frame = NULL;
- printf("starting pipenumber test\n");
- if (!torture_open_connection(&cli1, 0)) {
- return False;
- }
+ frame = talloc_stackframe();
+ printf("starting rename access test\n");
- smbXcli_conn_set_sockopt(cli1->conn, sockops);
- while(1) {
- status = cli_ntcreate(cli1, pipe_name, 0, FILE_READ_DATA,
- FILE_ATTRIBUTE_NORMAL,
- FILE_SHARE_READ|FILE_SHARE_WRITE,
- FILE_OPEN_IF, 0, 0, &fnum, NULL);
- if (!NT_STATUS_IS_OK(status)) {
- printf("Open of pipe %s failed with error (%s)\n", pipe_name, nt_errstr(status));
- break;
- }
- num_pipes++;
- printf("\r%6d", num_pipes);
+ /* Windows connection. */
+ if (!torture_open_connection(&cli, 0)) {
+ goto fail;
}
- printf("pipe_number test - we can open %d %s pipes.\n", num_pipes, pipe_name );
- torture_close_connection(cli1);
- return True;
-}
+ smbXcli_conn_set_sockopt(cli->conn, sockops);
-/*
- Test open mode returns on read-only files.
- */
-static bool run_opentest(int dummy)
-{
- static struct cli_state *cli1;
- static struct cli_state *cli2;
- const char *fname = "\\readonly.file";
- uint16_t fnum1, fnum2;
- char buf[20];
- off_t fsize;
- bool correct = True;
- char *tmp_path;
- NTSTATUS status;
+ /* Posix connection. */
+ if (!torture_open_connection(&posix_cli, 0)) {
+ goto fail;
+ }
- printf("starting open test\n");
+ smbXcli_conn_set_sockopt(posix_cli->conn, sockops);
- if (!torture_open_connection(&cli1, 0)) {
- return False;
+ status = torture_setup_unix_extensions(posix_cli);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto fail;
}
- cli_setatr(cli1, fname, 0, 0);
- cli_unlink(cli1, fname, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+ /* Start with a clean slate. */
+ cli_unlink(cli, src, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+ cli_unlink(cli, dst, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+ cli_rmdir(cli, dsrc);
+ cli_rmdir(cli, ddst);
+ cli_rmdir(cli, dname);
- smbXcli_conn_set_sockopt(cli1->conn, sockops);
+ /*
+ * Setup the destination directory with a DENY ACE to
+ * prevent new files within it.
+ */
+ status = cli_ntcreate(cli,
+ dname,
+ 0,
+ FILE_READ_ATTRIBUTES|READ_CONTROL_ACCESS|
+ WRITE_DAC_ACCESS|FILE_READ_DATA|
+ WRITE_OWNER_ACCESS,
+ FILE_ATTRIBUTE_DIRECTORY,
+ FILE_SHARE_READ|FILE_SHARE_WRITE,
+ FILE_CREATE,
+ FILE_DIRECTORY_FILE,
+ 0,
+ &fnum,
+ NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Create of %s - %s\n", dname, nt_errstr(status));
+ goto fail;
+ }
- status = cli_openx(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE, &fnum1);
+ status = cli_query_secdesc(cli,
+ fnum,
+ frame,
+ &sd);
if (!NT_STATUS_IS_OK(status)) {
- printf("open of %s failed (%s)\n", fname, nt_errstr(status));
- return False;
+ printf("cli_query_secdesc failed for %s (%s)\n",
+ dname, nt_errstr(status));
+ goto fail;
}
- status = cli_close(cli1, fnum1);
+ newsd = security_descriptor_dacl_create(frame,
+ 0,
+ NULL,
+ NULL,
+ SID_WORLD,
+ SEC_ACE_TYPE_ACCESS_DENIED,
+ SEC_DIR_ADD_FILE|SEC_DIR_ADD_SUBDIR,
+ 0,
+ NULL);
+ if (newsd == NULL) {
+ goto fail;
+ }
+ sd->dacl = security_acl_concatenate(frame,
+ newsd->dacl,
+ sd->dacl);
+ if (sd->dacl == NULL) {
+ goto fail;
+ }
+ status = cli_set_secdesc(cli, fnum, sd);
if (!NT_STATUS_IS_OK(status)) {
- printf("close2 failed (%s)\n", nt_errstr(status));
- return False;
+ printf("cli_set_secdesc failed for %s (%s)\n",
+ dname, nt_errstr(status));
+ goto fail;
+ }
+ status = cli_close(cli, fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("close failed for %s (%s)\n",
+ dname, nt_errstr(status));
+ goto fail;
+ }
+ /* Now go around the back and chmod to 777 via POSIX. */
+ status = cli_posix_chmod(posix_cli, dname, 0777);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_posix_chmod failed for %s (%s)\n",
+ dname, nt_errstr(status));
+ goto fail;
}
- status = cli_setatr(cli1, fname, FILE_ATTRIBUTE_READONLY, 0);
+ /* Check we can't create a file within dname via Windows. */
+ status = cli_openx(cli, dst, O_RDWR|O_CREAT|O_EXCL, DENY_NONE, &fnum);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ cli_close(posix_cli, fnum);
+ printf("Create of %s should be ACCESS denied, was %s\n",
+ dst, nt_errstr(status));
+ goto fail;
+ }
+
+ /* Make the sample file/directory. */
+ status = cli_openx(cli, src, O_RDWR|O_CREAT|O_EXCL, DENY_NONE, &fnum);
if (!NT_STATUS_IS_OK(status)) {
- printf("cli_setatr failed (%s)\n", nt_errstr(status));
- return False;
+ printf("open of %s failed (%s)\n", src, nt_errstr(status));
+ goto fail;
+ }
+ status = cli_close(cli, fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_close failed (%s)\n", nt_errstr(status));
+ goto fail;
}
- status = cli_openx(cli1, fname, O_RDONLY, DENY_WRITE, &fnum1);
+ status = cli_mkdir(cli, dsrc);
if (!NT_STATUS_IS_OK(status)) {
- printf("open of %s failed (%s)\n", fname, nt_errstr(status));
- return False;
+ printf("cli_mkdir of %s failed (%s)\n",
+ dsrc, nt_errstr(status));
+ goto fail;
}
- /* This will fail - but the error should be ERRnoaccess, not ERRbadshare. */
- status = cli_openx(cli1, fname, O_RDWR, DENY_ALL, &fnum2);
+ /*
+ * OK - renames of the new file and directory into the
+ * dst directory should fail.
+ */
- if (check_error(__LINE__, status, ERRDOS, ERRnoaccess,
- NT_STATUS_ACCESS_DENIED)) {
- printf("correct error code ERRDOS/ERRnoaccess returned\n");
+ status = cli_rename(cli, src, dst);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ printf("rename of %s -> %s should be ACCESS denied, was %s\n",
+ src, dst, nt_errstr(status));
+ goto fail;
+ }
+ status = cli_rename(cli, dsrc, ddst);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ printf("rename of %s -> %s should be ACCESS denied, was %s\n",
+ src, dst, nt_errstr(status));
+ goto fail;
}
- printf("finished open test 1\n");
+ TALLOC_FREE(frame);
+ return true;
- cli_close(cli1, fnum1);
+ fail:
- /* Now try not readonly and ensure ERRbadshare is returned. */
+ if (posix_cli) {
+ torture_close_connection(posix_cli);
+ }
- cli_setatr(cli1, fname, 0, 0);
+ if (cli) {
+ if (fnum != (uint64_t)-1) {
+ cli_close(cli, fnum);
+ }
+ cli_unlink(cli, src,
+ FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+ cli_unlink(cli, dst,
+ FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+ cli_rmdir(cli, dsrc);
+ cli_rmdir(cli, ddst);
+ cli_rmdir(cli, dname);
- status = cli_openx(cli1, fname, O_RDONLY, DENY_WRITE, &fnum1);
- if (!NT_STATUS_IS_OK(status)) {
- printf("open of %s failed (%s)\n", fname, nt_errstr(status));
- return False;
+ torture_close_connection(cli);
}
- /* This will fail - but the error should be ERRshare. */
- status = cli_openx(cli1, fname, O_RDWR, DENY_ALL, &fnum2);
+ TALLOC_FREE(frame);
+ return false;
+}
- if (check_error(__LINE__, status, ERRDOS, ERRbadshare,
- NT_STATUS_SHARING_VIOLATION)) {
- printf("correct error code ERRDOS/ERRbadshare returned\n");
- }
+/*
+ Test owner rights ACE.
+ */
+static bool run_owner_rights(int dummy)
+{
+ static struct cli_state *cli = NULL;
+ const char *fname = "owner_rights.txt";
+ uint16_t fnum = (uint16_t)-1;
+ struct security_descriptor *sd = NULL;
+ struct security_descriptor *newsd = NULL;
+ NTSTATUS status;
+ TALLOC_CTX *frame = NULL;
- status = cli_close(cli1, fnum1);
- if (!NT_STATUS_IS_OK(status)) {
- printf("close2 failed (%s)\n", nt_errstr(status));
- return False;
+ frame = talloc_stackframe();
+ printf("starting owner rights test\n");
+
+ /* Windows connection. */
+ if (!torture_open_connection(&cli, 0)) {
+ goto fail;
}
- cli_unlink(cli1, fname, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+ smbXcli_conn_set_sockopt(cli->conn, sockops);
- printf("finished open test 2\n");
+ /* Start with a clean slate. */
+ cli_unlink(cli, fname, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
- /* Test truncate open disposition on file opened for read. */
- status = cli_openx(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE, &fnum1);
+ /* Create the test file. */
+ /* Now try and open for read and write-dac. */
+ status = cli_ntcreate(cli,
+ fname,
+ 0,
+ GENERIC_ALL_ACCESS,
+ FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|
+ FILE_SHARE_DELETE,
+ FILE_CREATE,
+ 0,
+ 0,
+ &fnum,
+ NULL);
if (!NT_STATUS_IS_OK(status)) {
- printf("(3) open (1) of %s failed (%s)\n", fname, nt_errstr(status));
- return False;
+ printf("Create of %s - %s\n", fname, nt_errstr(status));
+ goto fail;
}
- /* write 20 bytes. */
+ /* Get the original SD. */
+ status = cli_query_secdesc(cli,
+ fnum,
+ frame,
+ &sd);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_query_secdesc failed for %s (%s)\n",
+ fname, nt_errstr(status));
+ goto fail;
+ }
- memset(buf, '\0', 20);
+ /*
+ * Add an "owner-rights" ACE denying WRITE_DATA,
+ * and an "owner-rights" ACE allowing READ_DATA.
+ */
- status = cli_writeall(cli1, fnum1, 0, (uint8_t *)buf, 0, 20, NULL);
+ newsd = security_descriptor_dacl_create(frame,
+ 0,
+ NULL,
+ NULL,
+ SID_OWNER_RIGHTS,
+ SEC_ACE_TYPE_ACCESS_DENIED,
+ FILE_WRITE_DATA,
+ 0,
+ SID_OWNER_RIGHTS,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ FILE_READ_DATA,
+ 0,
+ NULL);
+ if (newsd == NULL) {
+ goto fail;
+ }
+ sd->dacl = security_acl_concatenate(frame,
+ newsd->dacl,
+ sd->dacl);
+ if (sd->dacl == NULL) {
+ goto fail;
+ }
+ status = cli_set_secdesc(cli, fnum, sd);
if (!NT_STATUS_IS_OK(status)) {
- printf("write failed (%s)\n", nt_errstr(status));
- correct = False;
+ printf("cli_set_secdesc failed for %s (%s)\n",
+ fname, nt_errstr(status));
+ goto fail;
}
-
- status = cli_close(cli1, fnum1);
+ status = cli_close(cli, fnum);
if (!NT_STATUS_IS_OK(status)) {
- printf("(3) close1 failed (%s)\n", nt_errstr(status));
- return False;
+ printf("close failed for %s (%s)\n",
+ fname, nt_errstr(status));
+ goto fail;
+ }
+ fnum = (uint16_t)-1;
+
+ /* Try and open for FILE_WRITE_DATA */
+ status = cli_ntcreate(cli,
+ fname,
+ 0,
+ FILE_WRITE_DATA,
+ FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|
+ FILE_SHARE_DELETE,
+ FILE_OPEN,
+ 0,
+ 0,
+ &fnum,
+ NULL);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ printf("Open of %s - %s\n", fname, nt_errstr(status));
+ goto fail;
}
- /* Ensure size == 20. */
- status = cli_getatr(cli1, fname, NULL, &fsize, NULL);
+ /* Now try and open for FILE_READ_DATA */
+ status = cli_ntcreate(cli,
+ fname,
+ 0,
+ FILE_READ_DATA,
+ FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|
+ FILE_SHARE_DELETE,
+ FILE_OPEN,
+ 0,
+ 0,
+ &fnum,
+ NULL);
if (!NT_STATUS_IS_OK(status)) {
- printf("(3) getatr failed (%s)\n", nt_errstr(status));
- return False;
+ printf("Open of %s - %s\n", fname, nt_errstr(status));
+ goto fail;
}
- if (fsize != 20) {
- printf("(3) file size != 20\n");
- return False;
+ status = cli_close(cli, fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("close failed for %s (%s)\n",
+ fname, nt_errstr(status));
+ goto fail;
}
- /* Now test if we can truncate a file opened for readonly. */
- status = cli_openx(cli1, fname, O_RDONLY|O_TRUNC, DENY_NONE, &fnum1);
+ /* Restore clean slate. */
+ TALLOC_FREE(sd);
+ cli_unlink(cli, fname, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+
+ /* Create the test file. */
+ status = cli_ntcreate(cli,
+ fname,
+ 0,
+ GENERIC_ALL_ACCESS,
+ FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|
+ FILE_SHARE_DELETE,
+ FILE_CREATE,
+ 0,
+ 0,
+ &fnum,
+ NULL);
if (!NT_STATUS_IS_OK(status)) {
- printf("(3) open (2) of %s failed (%s)\n", fname, nt_errstr(status));
- return False;
+ printf("Create of %s - %s\n", fname, nt_errstr(status));
+ goto fail;
}
- status = cli_close(cli1, fnum1);
+ /* Get the original SD. */
+ status = cli_query_secdesc(cli,
+ fnum,
+ frame,
+ &sd);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_query_secdesc failed for %s (%s)\n",
+ fname, nt_errstr(status));
+ goto fail;
+ }
+
+ /*
+ * Add an "owner-rights ACE denying WRITE_DATA,
+ * and an "owner-rights ACE allowing READ_DATA|WRITE_DATA.
+ */
+
+ newsd = security_descriptor_dacl_create(frame,
+ 0,
+ NULL,
+ NULL,
+ SID_OWNER_RIGHTS,
+ SEC_ACE_TYPE_ACCESS_DENIED,
+ FILE_WRITE_DATA,
+ 0,
+ SID_OWNER_RIGHTS,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ FILE_READ_DATA|FILE_WRITE_DATA,
+ 0,
+ NULL);
+ if (newsd == NULL) {
+ goto fail;
+ }
+ sd->dacl = security_acl_concatenate(frame,
+ newsd->dacl,
+ sd->dacl);
+ if (sd->dacl == NULL) {
+ goto fail;
+ }
+ status = cli_set_secdesc(cli, fnum, sd);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_set_secdesc failed for %s (%s)\n",
+ fname, nt_errstr(status));
+ goto fail;
+ }
+ status = cli_close(cli, fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("close failed for %s (%s)\n",
+ fname, nt_errstr(status));
+ goto fail;
+ }
+ fnum = (uint16_t)-1;
+
+ /* Try and open for FILE_WRITE_DATA */
+ status = cli_ntcreate(cli,
+ fname,
+ 0,
+ FILE_WRITE_DATA,
+ FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|
+ FILE_SHARE_DELETE,
+ FILE_OPEN,
+ 0,
+ 0,
+ &fnum,
+ NULL);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ printf("Open of %s - %s\n", fname, nt_errstr(status));
+ goto fail;
+ }
+
+ /* Now try and open for FILE_READ_DATA */
+ status = cli_ntcreate(cli,
+ fname,
+ 0,
+ FILE_READ_DATA,
+ FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|
+ FILE_SHARE_DELETE,
+ FILE_OPEN,
+ 0,
+ 0,
+ &fnum,
+ NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Open of %s - %s\n", fname, nt_errstr(status));
+ goto fail;
+ }
+
+ status = cli_close(cli, fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("close failed for %s (%s)\n",
+ fname, nt_errstr(status));
+ goto fail;
+ }
+
+ /* Restore clean slate. */
+ TALLOC_FREE(sd);
+ cli_unlink(cli, fname, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+
+
+ /* Create the test file. */
+ status = cli_ntcreate(cli,
+ fname,
+ 0,
+ GENERIC_ALL_ACCESS,
+ FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|
+ FILE_SHARE_DELETE,
+ FILE_CREATE,
+ 0,
+ 0,
+ &fnum,
+ NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Create of %s - %s\n", fname, nt_errstr(status));
+ goto fail;
+ }
+
+ /* Get the original SD. */
+ status = cli_query_secdesc(cli,
+ fnum,
+ frame,
+ &sd);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_query_secdesc failed for %s (%s)\n",
+ fname, nt_errstr(status));
+ goto fail;
+ }
+
+ /*
+ * Add an "authenticated users" ACE allowing READ_DATA,
+ * add an "owner-rights" denying READ_DATA,
+ * and an "authenticated users" ACE allowing WRITE_DATA.
+ */
+
+ newsd = security_descriptor_dacl_create(frame,
+ 0,
+ NULL,
+ NULL,
+ SID_NT_AUTHENTICATED_USERS,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ FILE_READ_DATA,
+ 0,
+ SID_OWNER_RIGHTS,
+ SEC_ACE_TYPE_ACCESS_DENIED,
+ FILE_READ_DATA,
+ 0,
+ SID_NT_AUTHENTICATED_USERS,
+ SEC_ACE_TYPE_ACCESS_ALLOWED,
+ FILE_WRITE_DATA,
+ 0,
+ NULL);
+ if (newsd == NULL) {
+ printf("newsd == NULL\n");
+ goto fail;
+ }
+ sd->dacl = security_acl_concatenate(frame,
+ newsd->dacl,
+ sd->dacl);
+ if (sd->dacl == NULL) {
+ printf("sd->dacl == NULL\n");
+ goto fail;
+ }
+ status = cli_set_secdesc(cli, fnum, sd);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_set_secdesc failed for %s (%s)\n",
+ fname, nt_errstr(status));
+ goto fail;
+ }
+ status = cli_close(cli, fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("close failed for %s (%s)\n",
+ fname, nt_errstr(status));
+ goto fail;
+ }
+ fnum = (uint16_t)-1;
+
+ /* Now try and open for FILE_READ_DATA|FILE_WRITE_DATA */
+ status = cli_ntcreate(cli,
+ fname,
+ 0,
+ FILE_READ_DATA|FILE_WRITE_DATA,
+ FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|
+ FILE_SHARE_DELETE,
+ FILE_OPEN,
+ 0,
+ 0,
+ &fnum,
+ NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Open of %s - %s\n", fname, nt_errstr(status));
+ goto fail;
+ }
+
+ status = cli_close(cli, fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("close failed for %s (%s)\n",
+ fname, nt_errstr(status));
+ goto fail;
+ }
+
+ cli_unlink(cli, fname,
+ FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+
+ TALLOC_FREE(frame);
+ return true;
+
+ fail:
+
+ if (cli) {
+ if (fnum != (uint16_t)-1) {
+ cli_close(cli, fnum);
+ }
+ cli_unlink(cli, fname,
+ FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+ torture_close_connection(cli);
+ }
+
+ TALLOC_FREE(frame);
+ return false;
+}
+
+static bool run_pipe_number(int dummy)
+{
+ struct cli_state *cli1;
+ const char *pipe_name = "\\SPOOLSS";
+ uint16_t fnum;
+ int num_pipes = 0;
+ NTSTATUS status;
+
+ printf("starting pipenumber test\n");
+ if (!torture_open_connection(&cli1, 0)) {
+ return False;
+ }
+
+ smbXcli_conn_set_sockopt(cli1->conn, sockops);
+ while(1) {
+ status = cli_ntcreate(cli1, pipe_name, 0, FILE_READ_DATA,
+ FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE,
+ FILE_OPEN_IF, 0, 0, &fnum, NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Open of pipe %s failed with error (%s)\n", pipe_name, nt_errstr(status));
+ break;
+ }
+ num_pipes++;
+ printf("\r%6d", num_pipes);
+ }
+
+ printf("pipe_number test - we can open %d %s pipes.\n", num_pipes, pipe_name );
+ torture_close_connection(cli1);
+ return True;
+}
+
+/*
+ Test open mode returns on read-only files.
+ */
+static bool run_opentest(int dummy)
+{
+ static struct cli_state *cli1;
+ static struct cli_state *cli2;
+ const char *fname = "\\readonly.file";
+ uint16_t fnum1, fnum2;
+ char buf[20];
+ off_t fsize;
+ bool correct = True;
+ char *tmp_path;
+ NTSTATUS status;
+
+ printf("starting open test\n");
+
+ if (!torture_open_connection(&cli1, 0)) {
+ return False;
+ }
+
+ cli_setatr(cli1, fname, 0, 0);
+ cli_unlink(cli1, fname, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+
+ smbXcli_conn_set_sockopt(cli1->conn, sockops);
+
+ status = cli_openx(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE, &fnum1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("open of %s failed (%s)\n", fname, nt_errstr(status));
+ return False;
+ }
+
+ status = cli_close(cli1, fnum1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("close2 failed (%s)\n", nt_errstr(status));
+ return False;
+ }
+
+ status = cli_setatr(cli1, fname, FILE_ATTRIBUTE_READONLY, 0);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_setatr failed (%s)\n", nt_errstr(status));
+ return False;
+ }
+
+ status = cli_openx(cli1, fname, O_RDONLY, DENY_WRITE, &fnum1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("open of %s failed (%s)\n", fname, nt_errstr(status));
+ return False;
+ }
+
+ /* This will fail - but the error should be ERRnoaccess, not ERRbadshare. */
+ status = cli_openx(cli1, fname, O_RDWR, DENY_ALL, &fnum2);
+
+ if (check_error(__LINE__, status, ERRDOS, ERRnoaccess,
+ NT_STATUS_ACCESS_DENIED)) {
+ printf("correct error code ERRDOS/ERRnoaccess returned\n");
+ }
+
+ printf("finished open test 1\n");
+
+ cli_close(cli1, fnum1);
+
+ /* Now try not readonly and ensure ERRbadshare is returned. */
+
+ cli_setatr(cli1, fname, 0, 0);
+
+ status = cli_openx(cli1, fname, O_RDONLY, DENY_WRITE, &fnum1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("open of %s failed (%s)\n", fname, nt_errstr(status));
+ return False;
+ }
+
+ /* This will fail - but the error should be ERRshare. */
+ status = cli_openx(cli1, fname, O_RDWR, DENY_ALL, &fnum2);
+
+ if (check_error(__LINE__, status, ERRDOS, ERRbadshare,
+ NT_STATUS_SHARING_VIOLATION)) {
+ printf("correct error code ERRDOS/ERRbadshare returned\n");
+ }
+
+ status = cli_close(cli1, fnum1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("close2 failed (%s)\n", nt_errstr(status));
+ return False;
+ }
+
+ cli_unlink(cli1, fname, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+
+ printf("finished open test 2\n");
+
+ /* Test truncate open disposition on file opened for read. */
+ status = cli_openx(cli1, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE, &fnum1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("(3) open (1) of %s failed (%s)\n", fname, nt_errstr(status));
+ return False;
+ }
+
+ /* write 20 bytes. */
+
+ memset(buf, '\0', 20);
+
+ status = cli_writeall(cli1, fnum1, 0, (uint8_t *)buf, 0, 20, NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("write failed (%s)\n", nt_errstr(status));
+ correct = False;
+ }
+
+ status = cli_close(cli1, fnum1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("(3) close1 failed (%s)\n", nt_errstr(status));
+ return False;
+ }
+
+ /* Ensure size == 20. */
+ status = cli_getatr(cli1, fname, NULL, &fsize, NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("(3) getatr failed (%s)\n", nt_errstr(status));
+ return False;
+ }
+
+ if (fsize != 20) {
+ printf("(3) file size != 20\n");
+ return False;
+ }
+
+ /* Now test if we can truncate a file opened for readonly. */
+ status = cli_openx(cli1, fname, O_RDONLY|O_TRUNC, DENY_NONE, &fnum1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("(3) open (2) of %s failed (%s)\n", fname, nt_errstr(status));
+ return False;
+ }
+
+ status = cli_close(cli1, fnum1);
if (!NT_STATUS_IS_OK(status)) {
printf("close2 failed (%s)\n", nt_errstr(status));
return False;
goto out;
}
- status = cli_read(cli1, fnum1, buf, 0, 10, &nread);
+ status = cli_read(cli1, fnum1, buf, 0, 10, &nread);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("POSIX read of %s failed (%s)\n", hname,
+ nt_errstr(status));
+ goto out;
+ } else if (nread != 10) {
+ printf("POSIX read of %s failed. Received %ld, expected %d\n",
+ hname, (unsigned long)nread, 10);
+ goto out;
+ }
+
+ if (memcmp(buf, "TEST DATA\n", 10)) {
+ printf("invalid data read from hardlink\n");
+ goto out;
+ }
+
+ /* Do a POSIX lock/unlock. */
+ status = cli_posix_lock(cli1, fnum1, 0, 100, true, READ_LOCK);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("POSIX lock failed %s\n", nt_errstr(status));
+ goto out;
+ }
+
+ /* Punch a hole in the locked area. */
+ status = cli_posix_unlock(cli1, fnum1, 10, 80);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("POSIX unlock failed %s\n", nt_errstr(status));
+ goto out;
+ }
+
+ cli_close(cli1, fnum1);
+
+ /* Open the symlink for read - this should fail. A POSIX
+ client should not be doing opens on a symlink. */
+ status = cli_posix_open(cli1, sname, O_RDONLY, 0, &fnum1);
+ if (NT_STATUS_IS_OK(status)) {
+ printf("POSIX open of %s succeeded (should have failed)\n", sname);
+ goto out;
+ } else {
+ if (!check_both_error(__LINE__, status, ERRDOS, ERRbadpath,
+ NT_STATUS_OBJECT_PATH_NOT_FOUND)) {
+ printf("POSIX open of %s should have failed "
+ "with NT_STATUS_OBJECT_PATH_NOT_FOUND, "
+ "failed with %s instead.\n",
+ sname, nt_errstr(status));
+ goto out;
+ }
+ }
+
+ status = cli_posix_readlink(cli1, sname, namebuf, sizeof(namebuf));
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("POSIX readlink on %s failed (%s)\n", sname, nt_errstr(status));
+ goto out;
+ }
+
+ if (strcmp(namebuf, fname) != 0) {
+ printf("POSIX readlink on %s failed to match name %s (read %s)\n",
+ sname, fname, namebuf);
+ goto out;
+ }
+
+ status = cli_posix_rmdir(cli1, dname);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("POSIX rmdir failed (%s)\n", nt_errstr(status));
+ goto out;
+ }
+
+ /* Check directory opens with a specific permission. */
+ status = cli_posix_mkdir(cli1, dname, 0700);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("POSIX mkdir of %s failed (%s)\n", dname, nt_errstr(status));
+ goto out;
+ }
+
+ /* Ensure st_mode == 0700 */
+ status = cli_posix_stat(cli1, dname, &sbuf);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("stat failed (%s)\n", nt_errstr(status));
+ goto out;
+ }
+
+ if ((sbuf.st_ex_mode & 07777) != 0700) {
+ printf("posix_mkdir - bad permissions 0%o != 0700\n",
+ (unsigned int)(sbuf.st_ex_mode & 07777));
+ goto out;
+ }
+
+ /*
+ * Now create a Windows file, and attempt a POSIX unlink.
+ * This should fail with a sharing violation but due to:
+ *
+ * [Bug 9571] Unlink after open causes smbd to panic
+ *
+ * ensure we've fixed the lock ordering violation.
+ */
+
+ status = cli_ntcreate(cli1, fname_windows, 0,
+ FILE_READ_DATA|FILE_WRITE_DATA, 0,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
+ FILE_CREATE,
+ 0x0, 0x0, &fnum2, NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Windows create of %s failed (%s)\n", fname_windows,
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Now try posix_unlink. */
+ status = cli_posix_unlink(cli1, fname_windows);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION)) {
+ printf("POSIX unlink of %s should fail "
+ "with NT_STATUS_SHARING_VIOLATION "
+ "got %s instead !\n",
+ fname_windows,
+ nt_errstr(status));
+ goto out;
+ }
+
+ cli_close(cli1, fnum2);
+
+ printf("Simple POSIX open test passed\n");
+ correct = true;
+
+ out:
+
+ if (fnum1 != (uint16_t)-1) {
+ cli_close(cli1, fnum1);
+ fnum1 = (uint16_t)-1;
+ }
+
+ if (fnum2 != (uint16_t)-1) {
+ cli_close(cli1, fnum2);
+ fnum2 = (uint16_t)-1;
+ }
+
+ cli_setatr(cli1, sname, 0, 0);
+ cli_posix_unlink(cli1, sname);
+ cli_setatr(cli1, hname, 0, 0);
+ cli_posix_unlink(cli1, hname);
+ cli_setatr(cli1, fname, 0, 0);
+ cli_posix_unlink(cli1, fname);
+ cli_setatr(cli1, dname, 0, 0);
+ cli_posix_rmdir(cli1, dname);
+ cli_setatr(cli1, fname_windows, 0, 0);
+ cli_posix_unlink(cli1, fname_windows);
+
+ if (!torture_close_connection(cli1)) {
+ correct = false;
+ }
+
+ return correct;
+}
+
+/*
+ Test POSIX and Windows ACLs are rejected on symlinks.
+ */
+static bool run_acl_symlink_test(int dummy)
+{
+ static struct cli_state *cli;
+ const char *fname = "posix_file";
+ const char *sname = "posix_symlink";
+ uint16_t fnum = (uint16_t)-1;
+ bool correct = false;
+ NTSTATUS status;
+ char *posix_acl = NULL;
+ size_t posix_acl_len = 0;
+ char *posix_acl_sym = NULL;
+ size_t posix_acl_len_sym = 0;
+ struct security_descriptor *sd = NULL;
+ struct security_descriptor *sd_sym = NULL;
+ TALLOC_CTX *frame = NULL;
+
+ frame = talloc_stackframe();
+
+ printf("Starting acl symlink test\n");
+
+ if (!torture_open_connection(&cli, 0)) {
+ TALLOC_FREE(frame);
+ return false;
+ }
+
+ smbXcli_conn_set_sockopt(cli->conn, sockops);
+
+ status = torture_setup_unix_extensions(cli);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(frame);
+ return false;
+ }
+
+ cli_setatr(cli, fname, 0, 0);
+ cli_posix_unlink(cli, fname);
+ cli_setatr(cli, sname, 0, 0);
+ cli_posix_unlink(cli, sname);
+
+ status = cli_ntcreate(cli,
+ fname,
+ 0,
+ READ_CONTROL_ACCESS,
+ 0,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
+ FILE_CREATE,
+ 0x0,
+ 0x0,
+ &fnum,
+ NULL);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_ntcreate of %s failed (%s)\n",
+ fname,
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Get the Windows ACL on the file. */
+ status = cli_query_secdesc(cli,
+ fnum,
+ frame,
+ &sd);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_query_secdesc failed (%s)\n",
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Get the POSIX ACL on the file. */
+ status = cli_posix_getacl(cli,
+ fname,
+ frame,
+ &posix_acl_len,
+ &posix_acl);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_posix_getacl failed (%s)\n",
+ nt_errstr(status));
+ goto out;
+ }
+
+ status = cli_close(cli, fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("close failed (%s)\n", nt_errstr(status));
+ goto out;
+ }
+ fnum = (uint16_t)-1;
+
+ /* Now create a symlink. */
+ status = cli_posix_symlink(cli, fname, sname);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_posix_symlink of %s -> %s failed (%s)\n",
+ sname,
+ fname,
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Open a handle on the symlink. */
+ status = cli_ntcreate(cli,
+ sname,
+ 0,
+ READ_CONTROL_ACCESS|SEC_STD_WRITE_DAC,
+ 0,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
+ FILE_OPEN,
+ 0x0,
+ 0x0,
+ &fnum,
+ NULL);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_posix_open of %s failed (%s)\n",
+ sname,
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Get the Windows ACL on the symlink handle. Should fail */
+ status = cli_query_secdesc(cli,
+ fnum,
+ frame,
+ &sd_sym);
+
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ printf("cli_query_secdesc on a symlink gave %s. "
+ "Should be NT_STATUS_ACCESS_DENIED.\n",
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Get the POSIX ACL on the symlink pathname. Should fail. */
+ status = cli_posix_getacl(cli,
+ sname,
+ frame,
+ &posix_acl_len_sym,
+ &posix_acl_sym);
+
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ printf("cli_posix_getacl on a symlink gave %s. "
+ "Should be NT_STATUS_ACCESS_DENIED.\n",
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Set the Windows ACL on the symlink handle. Should fail */
+ status = cli_set_security_descriptor(cli,
+ fnum,
+ SECINFO_DACL,
+ sd);
+
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ printf("cli_query_secdesc on a symlink gave %s. "
+ "Should be NT_STATUS_ACCESS_DENIED.\n",
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Set the POSIX ACL on the symlink pathname. Should fail. */
+ status = cli_posix_setacl(cli,
+ sname,
+ posix_acl,
+ posix_acl_len);
+
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ printf("cli_posix_getacl on a symlink gave %s. "
+ "Should be NT_STATUS_ACCESS_DENIED.\n",
+ nt_errstr(status));
+ goto out;
+ }
+
+ printf("ACL symlink test passed\n");
+ correct = true;
+
+ out:
+
+ if (fnum != (uint16_t)-1) {
+ cli_close(cli, fnum);
+ fnum = (uint16_t)-1;
+ }
+
+ cli_setatr(cli, sname, 0, 0);
+ cli_posix_unlink(cli, sname);
+ cli_setatr(cli, fname, 0, 0);
+ cli_posix_unlink(cli, fname);
+
+ if (!torture_close_connection(cli)) {
+ correct = false;
+ }
+
+ TALLOC_FREE(frame);
+ return correct;
+}
+
+/*
+ Test POSIX can delete a file containing streams.
+ */
+static bool run_posix_stream_delete(int dummy)
+{
+ struct cli_state *cli1 = NULL;
+ struct cli_state *cli2 = NULL;
+ const char *fname = "streamfile";
+ const char *stream_fname = "streamfile:Zone.Identifier:$DATA";
+ uint16_t fnum1 = (uint16_t)-1;
+ bool correct = false;
+ NTSTATUS status;
+ TALLOC_CTX *frame = NULL;
+
+ frame = talloc_stackframe();
+
+ printf("Starting POSIX stream delete test\n");
+
+ if (!torture_open_connection(&cli1, 0) ||
+ !torture_open_connection(&cli2, 1)) {
+ TALLOC_FREE(frame);
+ return false;
+ }
+
+ smbXcli_conn_set_sockopt(cli1->conn, sockops);
+ smbXcli_conn_set_sockopt(cli2->conn, sockops);
+
+ status = torture_setup_unix_extensions(cli2);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto out;
+ }
+
+ cli_setatr(cli1, fname, 0, 0);
+ cli_unlink(cli1, fname, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+
+ /* Create the file. */
+ status = cli_ntcreate(cli1,
+ fname,
+ 0,
+ READ_CONTROL_ACCESS,
+ 0,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
+ FILE_CREATE,
+ 0x0,
+ 0x0,
+ &fnum1,
+ NULL);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_ntcreate of %s failed (%s)\n",
+ fname,
+ nt_errstr(status));
+ goto out;
+ }
+
+ status = cli_close(cli1, fnum1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_close of %s failed (%s)\n",
+ fname,
+ nt_errstr(status));
+ goto out;
+ }
+ fnum1 = (uint16_t)-1;
+
+ /* Now create the stream. */
+ status = cli_ntcreate(cli1,
+ stream_fname,
+ 0,
+ FILE_WRITE_DATA,
+ 0,
+ FILE_SHARE_READ|FILE_SHARE_WRITE,
+ FILE_CREATE,
+ 0x0,
+ 0x0,
+ &fnum1,
+ NULL);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_ntcreate of %s failed (%s)\n",
+ stream_fname,
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Leave the stream handle open... */
+
+ /* POSIX unlink should fail. */
+ status = cli_posix_unlink(cli2, fname);
+ if (NT_STATUS_IS_OK(status)) {
+ printf("cli_posix_unlink of %s succeeded, should have failed\n",
+ fname);
+ goto out;
+ }
+
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION)) {
+ printf("cli_posix_unlink of %s failed with (%s) "
+ "should have been NT_STATUS_SHARING_VIOLATION\n",
+ fname,
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Close the stream handle. */
+ status = cli_close(cli1, fnum1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_close of %s failed (%s)\n",
+ stream_fname,
+ nt_errstr(status));
+ goto out;
+ }
+ fnum1 = (uint16_t)-1;
+
+ /* POSIX unlink after stream handle closed should succeed. */
+ status = cli_posix_unlink(cli2, fname);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_posix_unlink of %s failed (%s)\n",
+ fname,
+ nt_errstr(status));
+ goto out;
+ }
+
+ printf("POSIX stream delete test passed\n");
+ correct = true;
+
+ out:
+
+ if (fnum1 != (uint16_t)-1) {
+ cli_close(cli1, fnum1);
+ fnum1 = (uint16_t)-1;
+ }
+
+ cli_setatr(cli1, fname, 0, 0);
+ cli_unlink(cli1, fname, FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN);
+
+ if (!torture_close_connection(cli1)) {
+ correct = false;
+ }
+ if (!torture_close_connection(cli2)) {
+ correct = false;
+ }
+
+ TALLOC_FREE(frame);
+ return correct;
+}
+
+/*
+ Test setting EA's are rejected on symlinks.
+ */
+static bool run_ea_symlink_test(int dummy)
+{
+ static struct cli_state *cli;
+ const char *fname = "posix_file_ea";
+ const char *sname = "posix_symlink_ea";
+ const char *ea_name = "testea_name";
+ const char *ea_value = "testea_value";
+ uint16_t fnum = (uint16_t)-1;
+ bool correct = false;
+ NTSTATUS status;
+ size_t i, num_eas;
+ struct ea_struct *eas = NULL;
+ TALLOC_CTX *frame = NULL;
+
+ frame = talloc_stackframe();
+
+ printf("Starting EA symlink test\n");
+
+ if (!torture_open_connection(&cli, 0)) {
+ TALLOC_FREE(frame);
+ return false;
+ }
+
+ smbXcli_conn_set_sockopt(cli->conn, sockops);
+
+ status = torture_setup_unix_extensions(cli);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(frame);
+ return false;
+ }
+
+ cli_setatr(cli, fname, 0, 0);
+ cli_posix_unlink(cli, fname);
+ cli_setatr(cli, sname, 0, 0);
+ cli_posix_unlink(cli, sname);
+
+ status = cli_ntcreate(cli,
+ fname,
+ 0,
+ READ_CONTROL_ACCESS,
+ 0,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
+ FILE_CREATE,
+ 0x0,
+ 0x0,
+ &fnum,
+ NULL);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_ntcreate of %s failed (%s)\n",
+ fname,
+ nt_errstr(status));
+ goto out;
+ }
+
+ status = cli_close(cli, fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("close failed (%s)\n",
+ nt_errstr(status));
+ goto out;
+ }
+ fnum = (uint16_t)-1;
+
+ /* Set an EA on the path. */
+ status = cli_set_ea_path(cli,
+ fname,
+ ea_name,
+ ea_value,
+ strlen(ea_value)+1);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_set_ea_path failed (%s)\n",
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Now create a symlink. */
+ status = cli_posix_symlink(cli, fname, sname);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_posix_symlink of %s -> %s failed (%s)\n",
+ sname,
+ fname,
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Get the EA list on the path. Should return value set. */
+ status = cli_get_ea_list_path(cli,
+ fname,
+ frame,
+ &num_eas,
+ &eas);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_get_ea_list_path failed (%s)\n",
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Ensure the EA we set is there. */
+ for (i=0; i<num_eas; i++) {
+ if (strcmp(eas[i].name, ea_name) == 0 &&
+ eas[i].value.length == strlen(ea_value)+1 &&
+ memcmp(eas[i].value.data,
+ ea_value,
+ eas[i].value.length) == 0) {
+ break;
+ }
+ }
+
+ if (i == num_eas) {
+ printf("Didn't find EA on pathname %s\n",
+ fname);
+ goto out;
+ }
+
+ num_eas = 0;
+ TALLOC_FREE(eas);
+
+ /* Get the EA list on the symlink. Should return empty list. */
+ status = cli_get_ea_list_path(cli,
+ sname,
+ frame,
+ &num_eas,
+ &eas);
+
if (!NT_STATUS_IS_OK(status)) {
- printf("POSIX read of %s failed (%s)\n", hname,
- nt_errstr(status));
- goto out;
- } else if (nread != 10) {
- printf("POSIX read of %s failed. Received %ld, expected %d\n",
- hname, (unsigned long)nread, 10);
+ printf("cli_get_ea_list_path failed (%s)\n",
+ nt_errstr(status));
goto out;
}
- if (memcmp(buf, "TEST DATA\n", 10)) {
- printf("invalid data read from hardlink\n");
+ if (num_eas != 0) {
+ printf("cli_get_ea_list_path failed (%s)\n",
+ nt_errstr(status));
goto out;
}
- /* Do a POSIX lock/unlock. */
- status = cli_posix_lock(cli1, fnum1, 0, 100, true, READ_LOCK);
- if (!NT_STATUS_IS_OK(status)) {
- printf("POSIX lock failed %s\n", nt_errstr(status));
+ /* Set an EA on the symlink. Should fail. */
+ status = cli_set_ea_path(cli,
+ sname,
+ ea_name,
+ ea_value,
+ strlen(ea_value)+1);
+
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ printf("cli_set_ea_path on a symlink gave %s. "
+ "Should be NT_STATUS_ACCESS_DENIED.\n",
+ nt_errstr(status));
goto out;
}
- /* Punch a hole in the locked area. */
- status = cli_posix_unlock(cli1, fnum1, 10, 80);
- if (!NT_STATUS_IS_OK(status)) {
- printf("POSIX unlock failed %s\n", nt_errstr(status));
- goto out;
+ printf("EA symlink test passed\n");
+ correct = true;
+
+ out:
+
+ if (fnum != (uint16_t)-1) {
+ cli_close(cli, fnum);
+ fnum = (uint16_t)-1;
}
- cli_close(cli1, fnum1);
+ cli_setatr(cli, sname, 0, 0);
+ cli_posix_unlink(cli, sname);
+ cli_setatr(cli, fname, 0, 0);
+ cli_posix_unlink(cli, fname);
- /* Open the symlink for read - this should fail. A POSIX
- client should not be doing opens on a symlink. */
- status = cli_posix_open(cli1, sname, O_RDONLY, 0, &fnum1);
- if (NT_STATUS_IS_OK(status)) {
- printf("POSIX open of %s succeeded (should have failed)\n", sname);
- goto out;
- } else {
- if (!check_both_error(__LINE__, status, ERRDOS, ERRbadpath,
- NT_STATUS_OBJECT_PATH_NOT_FOUND)) {
- printf("POSIX open of %s should have failed "
- "with NT_STATUS_OBJECT_PATH_NOT_FOUND, "
- "failed with %s instead.\n",
- sname, nt_errstr(status));
- goto out;
- }
+ if (!torture_close_connection(cli)) {
+ correct = false;
}
- status = cli_posix_readlink(cli1, sname, namebuf, sizeof(namebuf));
+ TALLOC_FREE(frame);
+ return correct;
+}
+
+/*
+ Test POSIX locks are OFD-locks.
+ */
+static bool run_posix_ofd_lock_test(int dummy)
+{
+ static struct cli_state *cli;
+ const char *fname = "posix_file";
+ uint16_t fnum1 = (uint16_t)-1;
+ uint16_t fnum2 = (uint16_t)-1;
+ bool correct = false;
+ NTSTATUS status;
+ TALLOC_CTX *frame = NULL;
+
+ frame = talloc_stackframe();
+
+ printf("Starting POSIX ofd-lock test\n");
+
+ if (!torture_open_connection(&cli, 0)) {
+ TALLOC_FREE(frame);
+ return false;
+ }
+
+ smbXcli_conn_set_sockopt(cli->conn, sockops);
+
+ status = torture_setup_unix_extensions(cli);
if (!NT_STATUS_IS_OK(status)) {
- printf("POSIX readlink on %s failed (%s)\n", sname, nt_errstr(status));
- goto out;
+ TALLOC_FREE(frame);
+ return false;
}
- if (strcmp(namebuf, fname) != 0) {
- printf("POSIX readlink on %s failed to match name %s (read %s)\n",
- sname, fname, namebuf);
+ cli_setatr(cli, fname, 0, 0);
+ cli_posix_unlink(cli, fname);
+
+ /* Open the file twice. */
+ status = cli_posix_open(cli, fname, O_RDWR|O_CREAT|O_EXCL,
+ 0600, &fnum1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("First POSIX open of %s failed\n", fname);
goto out;
}
- status = cli_posix_rmdir(cli1, dname);
+ status = cli_posix_open(cli, fname, O_RDWR, 0, &fnum2);
if (!NT_STATUS_IS_OK(status)) {
- printf("POSIX rmdir failed (%s)\n", nt_errstr(status));
+ printf("First POSIX open of %s failed\n", fname);
goto out;
}
- /* Check directory opens with a specific permission. */
- status = cli_posix_mkdir(cli1, dname, 0700);
+ /* Set a 0-50 lock on fnum1. */
+ status = cli_posix_lock(cli, fnum1, 0, 50, false, WRITE_LOCK);
if (!NT_STATUS_IS_OK(status)) {
- printf("POSIX mkdir of %s failed (%s)\n", dname, nt_errstr(status));
+ printf("POSIX lock (1) failed %s\n", nt_errstr(status));
goto out;
}
- /* Ensure st_mode == 0700 */
- status = cli_posix_stat(cli1, dname, &sbuf);
+ /* Set a 60-100 lock on fnum2. */
+ status = cli_posix_lock(cli, fnum2, 60, 100, false, WRITE_LOCK);
if (!NT_STATUS_IS_OK(status)) {
- printf("stat failed (%s)\n", nt_errstr(status));
+ printf("POSIX lock (2) failed %s\n", nt_errstr(status));
goto out;
}
- if ((sbuf.st_ex_mode & 07777) != 0700) {
- printf("posix_mkdir - bad permissions 0%o != 0700\n",
- (unsigned int)(sbuf.st_ex_mode & 07777));
+ /* close fnum1 - 0-50 lock should go away. */
+ status = cli_close(cli, fnum1);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("close failed (%s)\n",
+ nt_errstr(status));
goto out;
}
+ fnum1 = (uint16_t)-1;
- /*
- * Now create a Windows file, and attempt a POSIX unlink.
- * This should fail with a sharing violation but due to:
- *
- * [Bug 9571] Unlink after open causes smbd to panic
- *
- * ensure we've fixed the lock ordering violation.
- */
+ /* Change the lock context. */
+ cli_setpid(cli, cli_getpid(cli) + 1);
- status = cli_ntcreate(cli1, fname_windows, 0,
- FILE_READ_DATA|FILE_WRITE_DATA, 0,
- FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
- FILE_CREATE,
- 0x0, 0x0, &fnum2, NULL);
+ /* Re-open fnum1. */
+ status = cli_posix_open(cli, fname, O_RDWR, 0, &fnum1);
if (!NT_STATUS_IS_OK(status)) {
- printf("Windows create of %s failed (%s)\n", fname_windows,
- nt_errstr(status));
+ printf("Third POSIX open of %s failed\n", fname);
goto out;
}
- /* Now try posix_unlink. */
- status = cli_posix_unlink(cli1, fname_windows);
- if (!NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION)) {
- printf("POSIX unlink of %s should fail "
- "with NT_STATUS_SHARING_VIOLATION "
- "got %s instead !\n",
- fname_windows,
- nt_errstr(status));
+ /* 60-100 lock should still be there. */
+ status = cli_posix_lock(cli, fnum1, 60, 100, false, WRITE_LOCK);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_FILE_LOCK_CONFLICT)) {
+ printf("POSIX lock 60-100 not there %s\n", nt_errstr(status));
goto out;
}
- cli_close(cli1, fnum2);
+ /* 0-50 lock should be gone. */
+ status = cli_posix_lock(cli, fnum1, 0, 50, false, WRITE_LOCK);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("POSIX lock 0-50 failed %s\n", nt_errstr(status));
+ goto out;
+ }
- printf("Simple POSIX open test passed\n");
+ printf("POSIX OFD lock test passed\n");
correct = true;
out:
if (fnum1 != (uint16_t)-1) {
- cli_close(cli1, fnum1);
+ cli_close(cli, fnum1);
fnum1 = (uint16_t)-1;
}
-
if (fnum2 != (uint16_t)-1) {
- cli_close(cli1, fnum2);
+ cli_close(cli, fnum2);
fnum2 = (uint16_t)-1;
}
- cli_setatr(cli1, sname, 0, 0);
- cli_posix_unlink(cli1, sname);
- cli_setatr(cli1, hname, 0, 0);
- cli_posix_unlink(cli1, hname);
- cli_setatr(cli1, fname, 0, 0);
- cli_posix_unlink(cli1, fname);
- cli_setatr(cli1, dname, 0, 0);
- cli_posix_rmdir(cli1, dname);
- cli_setatr(cli1, fname_windows, 0, 0);
- cli_posix_unlink(cli1, fname_windows);
+ cli_setatr(cli, fname, 0, 0);
+ cli_posix_unlink(cli, fname);
- if (!torture_close_connection(cli1)) {
+ if (!torture_close_connection(cli)) {
correct = false;
}
+ TALLOC_FREE(frame);
return correct;
}
-
static uint32_t open_attrs_table[] = {
FILE_ATTRIBUTE_NORMAL,
FILE_ATTRIBUTE_ARCHIVE,
return False;
}
- status = cli_session_setup(c_nt, "", "", 0, "", 0, workgroup);
+ status = cli_session_setup_anon(c_nt);
if (!NT_STATUS_IS_OK(status)) {
printf("%s rejected the NT-error initial session setup (%s)\n",host, nt_errstr(status));
return False;
return False;
}
- status = cli_session_setup(c_dos, "", "", 0, "", 0, workgroup);
+ status = cli_session_setup_anon(c_dos);
if (!NT_STATUS_IS_OK(status)) {
printf("%s rejected the DOS-error initial session setup (%s)\n",
host, nt_errstr(status));
c_dos->map_dos_errors = false;
for (error=(0xc0000000 | 0x1); error < (0xc0000000| 0xFFF); error++) {
+ struct cli_credentials *user_creds = NULL;
+
fstr_sprintf(user, "%X", error);
- status = cli_session_setup(c_nt, user,
- password, strlen(password),
- password, strlen(password),
- workgroup);
+ user_creds = cli_session_creds_init(talloc_tos(),
+ user,
+ workgroup,
+ NULL, /* realm */
+ password,
+ false, /* use_kerberos */
+ false, /* fallback_after_kerberos */
+ false, /* use_ccache */
+ false); /* password_is_nt_hash */
+ if (user_creds == NULL) {
+ printf("cli_session_creds_init(%s) failed\n", user);
+ return false;
+ }
+
+ status = cli_session_setup_creds(c_nt, user_creds);
if (NT_STATUS_IS_OK(status)) {
printf("/** Session setup succeeded. This shouldn't happen...*/\n");
}
nt_status = NT_STATUS(0xc0000000);
}
- status = cli_session_setup(c_dos, user,
- password, strlen(password),
- password, strlen(password),
- workgroup);
+ status = cli_session_setup_creds(c_dos, user_creds);
if (NT_STATUS_IS_OK(status)) {
printf("/** Session setup succeeded. This shouldn't happen...*/\n");
}
smb_dos_err_class(errclass),
smb_dos_err_name(errclass, errnum),
get_nt_error_c_code(talloc_tos(), NT_STATUS(error)));
+
+ TALLOC_FREE(user_creds);
}
return True;
}
}
for (i=0; i<torture_numops; i++) {
- status = cli_session_setup(
- c, username,
- password, strlen(password),
- password, strlen(password),
- workgroup);
+ status = cli_session_setup_creds(c, torture_creds);
if (!NT_STATUS_IS_OK(status)) {
- d_printf("(%s) cli_session_setup failed: %s\n",
+ d_printf("(%s) cli_session_setup_creds failed: %s\n",
__location__, nt_errstr(status));
return false;
}
status = torture_createdels_recv(req2);
d_printf("torture_createdels_recv returned %s\n", nt_errstr(status));
- return true;
-}
+ return true;
+}
+
+static bool run_mangle1(int dummy)
+{
+ struct cli_state *cli;
+ const char *fname = "this_is_a_long_fname_to_be_mangled.txt";
+ uint16_t fnum;
+ fstring alt_name;
+ NTSTATUS status;
+ time_t change_time, access_time, write_time;
+ off_t size;
+ uint16_t mode;
+
+ printf("starting mangle1 test\n");
+ if (!torture_open_connection(&cli, 0)) {
+ return False;
+ }
+
+ smbXcli_conn_set_sockopt(cli->conn, sockops);
+
+ status = cli_ntcreate(cli, fname, 0, GENERIC_ALL_ACCESS|DELETE_ACCESS,
+ FILE_ATTRIBUTE_NORMAL, 0, FILE_OVERWRITE_IF,
+ 0, 0, &fnum, NULL);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("open %s failed: %s\n", fname, nt_errstr(status));
+ return false;
+ }
+ cli_close(cli, fnum);
+
+ status = cli_qpathinfo_alt_name(cli, fname, alt_name);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("cli_qpathinfo_alt_name failed: %s\n",
+ nt_errstr(status));
+ return false;
+ }
+ d_printf("alt_name: %s\n", alt_name);
+
+ status = cli_openx(cli, alt_name, O_RDONLY, DENY_NONE, &fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("cli_openx(%s) failed: %s\n", alt_name,
+ nt_errstr(status));
+ return false;
+ }
+ cli_close(cli, fnum);
+
+ status = cli_qpathinfo1(cli, alt_name, &change_time, &access_time,
+ &write_time, &size, &mode);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("cli_qpathinfo1(%s) failed: %s\n", alt_name,
+ nt_errstr(status));
+ return false;
+ }
+
+ return true;
+}
+
+static NTSTATUS mangle_illegal_list_shortname_fn(const char *mntpoint,
+ struct file_info *f,
+ const char *mask,
+ void *state)
+{
+ if (f->short_name == NULL) {
+ return NT_STATUS_OK;
+ }
+
+ if (strlen(f->short_name) == 0) {
+ return NT_STATUS_OK;
+ }
+
+ printf("unexpected shortname: %s\n", f->short_name);
+
+ return NT_STATUS_OBJECT_NAME_INVALID;
+}
+
+static NTSTATUS mangle_illegal_list_name_fn(const char *mntpoint,
+ struct file_info *f,
+ const char *mask,
+ void *state)
+{
+ char *name = state;
+
+ printf("name: %s\n", f->name);
+ fstrcpy(name, f->name);
+ return NT_STATUS_OK;
+}
+
+static bool run_mangle_illegal(int dummy)
+{
+ struct cli_state *cli = NULL;
+ struct cli_state *cli_posix = NULL;
+ const char *fname = "\\MANGLE_ILLEGAL\\this_is_a_long_fname_to_be_mangled.txt";
+ const char *illegal_fname = "MANGLE_ILLEGAL/foo:bar";
+ char *mangled_path = NULL;
+ uint16_t fnum;
+ fstring name;
+ fstring alt_name;
+ NTSTATUS status;
+
+ printf("starting mangle-illegal test\n");
+
+ if (!torture_open_connection(&cli, 0)) {
+ return False;
+ }
+
+ smbXcli_conn_set_sockopt(cli->conn, sockops);
+
+ if (!torture_open_connection(&cli_posix, 0)) {
+ return false;
+ }
+
+ smbXcli_conn_set_sockopt(cli_posix->conn, sockops);
+
+ status = torture_setup_unix_extensions(cli_posix);
+ if (!NT_STATUS_IS_OK(status)) {
+ return false;
+ }
+
+ cli_rmdir(cli, "\\MANGLE_ILLEGAL");
+ status = cli_mkdir(cli, "\\MANGLE_ILLEGAL");
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("mkdir1 failed : %s\n", nt_errstr(status));
+ return False;
+ }
+
+ /*
+ * Create a file with illegal NTFS characters and test that we
+ * get a usable mangled name
+ */
+
+ cli_setatr(cli_posix, illegal_fname, 0, 0);
+ cli_posix_unlink(cli_posix, illegal_fname);
+
+ status = cli_posix_open(cli_posix, illegal_fname, O_RDWR|O_CREAT|O_EXCL,
+ 0600, &fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("POSIX create of %s failed (%s)\n",
+ illegal_fname, nt_errstr(status));
+ return false;
+ }
+
+ status = cli_close(cli_posix, fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("close failed (%s)\n", nt_errstr(status));
+ return false;
+ }
+
+ status = cli_list(cli, "\\MANGLE_ILLEGAL\\*", 0, mangle_illegal_list_name_fn, &name);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("cli_list failed: %s\n", nt_errstr(status));
+ return false;
+ }
-static bool run_mangle1(int dummy)
-{
- struct cli_state *cli;
- const char *fname = "this_is_a_long_fname_to_be_mangled.txt";
- uint16_t fnum;
- fstring alt_name;
- NTSTATUS status;
- time_t change_time, access_time, write_time;
- off_t size;
- uint16_t mode;
+ mangled_path = talloc_asprintf(talloc_tos(), "\\MANGLE_ILLEGAL\\%s", name);
+ if (mangled_path == NULL) {
+ return false;
+ }
- printf("starting mangle1 test\n");
- if (!torture_open_connection(&cli, 0)) {
- return False;
+ status = cli_openx(cli, mangled_path, O_RDONLY, DENY_NONE, &fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("cli_openx(%s) failed: %s\n", mangled_path, nt_errstr(status));
+ TALLOC_FREE(mangled_path);
+ return false;
}
+ TALLOC_FREE(mangled_path);
+ cli_close(cli, fnum);
- smbXcli_conn_set_sockopt(cli->conn, sockops);
+ cli_setatr(cli_posix, illegal_fname, 0, 0);
+ cli_posix_unlink(cli_posix, illegal_fname);
+
+ /*
+ * Create a file with a long name and check that we got *no* short name.
+ */
status = cli_ntcreate(cli, fname, 0, GENERIC_ALL_ACCESS|DELETE_ACCESS,
FILE_ATTRIBUTE_NORMAL, 0, FILE_OVERWRITE_IF,
}
cli_close(cli, fnum);
- status = cli_qpathinfo_alt_name(cli, fname, alt_name);
+ status = cli_list(cli, fname, 0, mangle_illegal_list_shortname_fn, &alt_name);
if (!NT_STATUS_IS_OK(status)) {
- d_printf("cli_qpathinfo_alt_name failed: %s\n",
- nt_errstr(status));
+ d_printf("cli_list failed\n");
return false;
}
- d_printf("alt_name: %s\n", alt_name);
- status = cli_openx(cli, alt_name, O_RDONLY, DENY_NONE, &fnum);
- if (!NT_STATUS_IS_OK(status)) {
- d_printf("cli_openx(%s) failed: %s\n", alt_name,
- nt_errstr(status));
+ cli_unlink(cli, fname, 0);
+ cli_rmdir(cli, "\\MANGLE_ILLEGAL");
+
+ if (!torture_close_connection(cli_posix)) {
return false;
}
- cli_close(cli, fnum);
- status = cli_qpathinfo1(cli, alt_name, &change_time, &access_time,
- &write_time, &size, &mode);
- if (!NT_STATUS_IS_OK(status)) {
- d_printf("cli_qpathinfo1(%s) failed: %s\n", alt_name,
- nt_errstr(status));
+ if (!torture_close_connection(cli)) {
return false;
}
goto out;
}
- status = cli_session_setup(cli2,
- username,
- password,
- strlen(password)+1,
- password,
- strlen(password)+1,
- workgroup);
+ status = cli_session_setup_creds(cli2, torture_creds);
if (!NT_STATUS_IS_OK(status)) {
goto out;
}
status = cli_tree_connect(cli2,
share,
"?????",
- password,
- strlen(password)+1);
+ password);
if (!NT_STATUS_IS_OK(status)) {
goto out;
}
static void pagedsearch_cb(struct tevent_req *req)
{
- int rc;
+ TLDAPRC rc;
struct tldap_message *msg;
char *dn;
rc = tldap_search_paged_recv(req, talloc_tos(), &msg);
- if (rc != TLDAP_SUCCESS) {
+ if (!TLDAP_RC_IS_SUCCESS(rc)) {
d_printf("tldap_search_paged_recv failed: %s\n",
- tldap_err2string(rc));
+ tldap_rc2string(rc));
return;
}
if (tldap_msg_type(msg) != TLDAP_RES_SEARCH_ENTRY) {
static bool run_tldap(int dummy)
{
struct tldap_context *ld;
- int fd, rc;
+ int fd;
+ TLDAPRC rc;
NTSTATUS status;
struct sockaddr_storage addr;
struct tevent_context *ev;
}
rc = tldap_fetch_rootdse(ld);
- if (rc != TLDAP_SUCCESS) {
+ if (!TLDAP_RC_IS_SUCCESS(rc)) {
d_printf("tldap_fetch_rootdse failed: %s\n",
tldap_errstr(talloc_tos(), ld, rc));
return false;
rc = tldap_search(ld, "", TLDAP_SCOPE_BASE, filter,
NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0,
- talloc_tos(), NULL, NULL);
- if (rc != TLDAP_SUCCESS) {
+ talloc_tos(), NULL);
+ if (!TLDAP_RC_IS_SUCCESS(rc)) {
d_printf("tldap_search with complex filter failed: %s\n",
tldap_errstr(talloc_tos(), ld, rc));
return false;
return ret;
}
+struct pidtest_state {
+ bool success;
+ uint16_t vwv[1];
+ DATA_BLOB data;
+};
+
+static void pid_echo_done(struct tevent_req *subreq);
+
+static struct tevent_req *pid_echo_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct cli_state *cli)
+{
+ struct tevent_req *req, *subreq;
+ struct pidtest_state *state;
+
+ req = tevent_req_create(mem_ctx, &state, struct pidtest_state);
+ if (req == NULL) {
+ return NULL;
+ }
+
+ SSVAL(state->vwv, 0, 1);
+ state->data = data_blob_const("hello", 5);
+
+ subreq = smb1cli_req_send(state,
+ ev,
+ cli->conn,
+ SMBecho,
+ 0, 0, /* *_flags */
+ 0, 0, /* *_flags2 */
+ cli->timeout,
+ 0xDEADBEEF, /* pid */
+ NULL, /* tcon */
+ NULL, /* session */
+ ARRAY_SIZE(state->vwv), state->vwv,
+ state->data.length, state->data.data);
+
+ if (tevent_req_nomem(subreq, req)) {
+ return tevent_req_post(req, ev);
+ }
+ tevent_req_set_callback(subreq, pid_echo_done, req);
+ return req;
+}
+
+static void pid_echo_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(
+ subreq, struct tevent_req);
+ struct pidtest_state *state = tevent_req_data(
+ req, struct pidtest_state);
+ NTSTATUS status;
+ uint32_t num_bytes;
+ uint8_t *bytes = NULL;
+ struct iovec *recv_iov = NULL;
+ uint8_t *phdr = NULL;
+ uint16_t pidlow = 0;
+ uint16_t pidhigh = 0;
+ struct smb1cli_req_expected_response expected[] = {
+ {
+ .status = NT_STATUS_OK,
+ .wct = 1,
+ },
+ };
+
+ status = smb1cli_req_recv(subreq, state,
+ &recv_iov,
+ &phdr,
+ NULL, /* pwct */
+ NULL, /* pvwv */
+ NULL, /* pvwv_offset */
+ &num_bytes,
+ &bytes,
+ NULL, /* pbytes_offset */
+ NULL, /* pinbuf */
+ expected, ARRAY_SIZE(expected));
+
+ TALLOC_FREE(subreq);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+
+ if (num_bytes != state->data.length) {
+ tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
+ return;
+ }
+
+ if (memcmp(bytes, state->data.data, num_bytes) != 0) {
+ tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
+ return;
+ }
+
+ /* Check pid low/high == DEADBEEF */
+ pidlow = SVAL(phdr, HDR_PID);
+ if (pidlow != 0xBEEF){
+ printf("Incorrect pidlow 0x%x, should be 0xBEEF\n",
+ (unsigned int)pidlow);
+ tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
+ return;
+ }
+ pidhigh = SVAL(phdr, HDR_PIDHIGH);
+ if (pidhigh != 0xDEAD){
+ printf("Incorrect pidhigh 0x%x, should be 0xDEAD\n",
+ (unsigned int)pidhigh);
+ tevent_req_nterror(req, NT_STATUS_INVALID_NETWORK_RESPONSE);
+ return;
+ }
+
+ tevent_req_done(req);
+}
+
+static NTSTATUS pid_echo_recv(struct tevent_req *req)
+{
+ return tevent_req_simple_recv_ntstatus(req);
+}
+
+static bool run_pidhigh(int dummy)
+{
+ bool success = false;
+ struct cli_state *cli = NULL;
+ NTSTATUS status;
+ struct tevent_context *ev = NULL;
+ struct tevent_req *req = NULL;
+ TALLOC_CTX *frame = talloc_stackframe();
+
+ printf("starting pid high test\n");
+ if (!torture_open_connection(&cli, 0)) {
+ return false;
+ }
+ smbXcli_conn_set_sockopt(cli->conn, sockops);
+
+ ev = samba_tevent_context_init(frame);
+ if (ev == NULL) {
+ goto fail;
+ }
+
+ req = pid_echo_send(frame, ev, cli);
+ if (req == NULL) {
+ goto fail;
+ }
+
+ if (!tevent_req_poll_ntstatus(req, ev, &status)) {
+ goto fail;
+ }
+
+ status = pid_echo_recv(req);
+ if (NT_STATUS_IS_OK(status)) {
+ printf("pid high test ok\n");
+ success = true;
+ }
+
+ fail:
+
+ TALLOC_FREE(frame);
+ torture_close_connection(cli);
+ return success;
+}
+
+/*
+ Test Windows open on a bad POSIX symlink.
+ */
+static bool run_symlink_open_test(int dummy)
+{
+ static struct cli_state *cli;
+ const char *fname = "non_existant_file";
+ const char *sname = "dangling_symlink";
+ uint16_t fnum = (uint16_t)-1;
+ bool correct = false;
+ NTSTATUS status;
+ TALLOC_CTX *frame = NULL;
+
+ frame = talloc_stackframe();
+
+ printf("Starting Windows bad symlink open test\n");
+
+ if (!torture_open_connection(&cli, 0)) {
+ TALLOC_FREE(frame);
+ return false;
+ }
+
+ smbXcli_conn_set_sockopt(cli->conn, sockops);
+
+ status = torture_setup_unix_extensions(cli);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(frame);
+ return false;
+ }
+
+ /* Ensure nothing exists. */
+ cli_setatr(cli, fname, 0, 0);
+ cli_posix_unlink(cli, fname);
+ cli_setatr(cli, sname, 0, 0);
+ cli_posix_unlink(cli, sname);
+
+ /* Create a symlink pointing nowhere. */
+ status = cli_posix_symlink(cli, fname, sname);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_posix_symlink of %s -> %s failed (%s)\n",
+ sname,
+ fname,
+ nt_errstr(status));
+ goto out;
+ }
+
+ /* Now ensure that a Windows open doesn't hang. */
+ status = cli_ntcreate(cli,
+ sname,
+ 0,
+ FILE_READ_DATA|FILE_WRITE_DATA,
+ 0,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
+ FILE_OPEN_IF,
+ 0x0,
+ 0x0,
+ &fnum,
+ NULL);
+
+ /*
+ * We get either NT_STATUS_OBJECT_NAME_NOT_FOUND or
+ * NT_STATUS_OBJECT_PATH_NOT_FOUND depending on if
+ * we use O_NOFOLLOW on the server or not.
+ */
+ if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) ||
+ NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_PATH_NOT_FOUND))
+ {
+ correct = true;
+ } else {
+ printf("cli_ntcreate of %s returned %s - should return"
+ " either (%s) or (%s)\n",
+ sname,
+ nt_errstr(status),
+ nt_errstr(NT_STATUS_OBJECT_NAME_NOT_FOUND),
+ nt_errstr(NT_STATUS_OBJECT_PATH_NOT_FOUND));
+ goto out;
+ }
+
+ correct = true;
+
+ out:
+
+ if (fnum != (uint16_t)-1) {
+ cli_close(cli, fnum);
+ fnum = (uint16_t)-1;
+ }
+
+ cli_setatr(cli, sname, 0, 0);
+ cli_posix_unlink(cli, sname);
+ cli_setatr(cli, fname, 0, 0);
+ cli_posix_unlink(cli, fname);
+
+ if (!torture_close_connection(cli)) {
+ correct = false;
+ }
+
+ TALLOC_FREE(frame);
+ return correct;
+}
+
static bool run_local_substitute(int dummy)
{
bool ok = true;
return ret;
}
+static int local_rbtree_traverse_read(struct db_record *rec, void *private_data)
+{
+ int *count2 = (int *)private_data;
+ (*count2)++;
+ return 0;
+}
+
+static int local_rbtree_traverse_delete(struct db_record *rec, void *private_data)
+{
+ int *count2 = (int *)private_data;
+ (*count2)++;
+ dbwrap_record_delete(rec);
+ return 0;
+}
+
static bool run_local_rbtree(int dummy)
{
struct db_context *db;
bool ret = false;
int i;
+ NTSTATUS status;
+ int count = 0;
+ int count2 = 0;
db = db_open_rbt(NULL);
}
ret = true;
+ count = 0; count2 = 0;
+ status = dbwrap_traverse_read(db, local_rbtree_traverse_read,
+ &count2, &count);
+ printf("%s: read1: %d %d, %s\n", __func__, count, count2, nt_errstr(status));
+ if ((count != count2) || (count != 1000)) {
+ ret = false;
+ }
+ count = 0; count2 = 0;
+ status = dbwrap_traverse(db, local_rbtree_traverse_delete,
+ &count2, &count);
+ printf("%s: delete: %d %d, %s\n", __func__, count, count2, nt_errstr(status));
+ if ((count != count2) || (count != 1000)) {
+ ret = false;
+ }
+ count = 0; count2 = 0;
+ status = dbwrap_traverse_read(db, local_rbtree_traverse_read,
+ &count2, &count);
+ printf("%s: read2: %d %d, %s\n", __func__, count, count2, nt_errstr(status));
+ if ((count != count2) || (count != 0)) {
+ ret = false;
+ }
done:
TALLOC_FREE(db);
sname = strchr_m(fname, ':');
- if (lp_posix_pathnames() || (sname == NULL)) {
+ if (sname == NULL) {
if (pbase != NULL) {
base = talloc_strdup(mem_ctx, fname);
NT_STATUS_HAVE_NO_MEMORY(base);
return true;
}
+static bool run_local_canonicalize_path(int dummy)
+{
+ const char *src[] = {
+ "/foo/..",
+ "/..",
+ "/foo/bar/../baz",
+ "/foo/././",
+ "/../foo",
+ ".././././",
+ ".././././../../../boo",
+ "./..",
+ NULL
+ };
+ const char *dst[] = {
+ "/",
+ "/",
+ "/foo/baz",
+ "/foo",
+ "/foo",
+ "/",
+ "/boo",
+ "/",
+ NULL
+ };
+ unsigned int i;
+
+ for (i = 0; src[i] != NULL; i++) {
+ char *d = canonicalize_absolute_path(talloc_tos(), src[i]);
+ if (d == NULL) {
+ perror("talloc fail\n");
+ return false;
+ }
+ if (strcmp(d, dst[i]) != 0) {
+ d_fprintf(stderr,
+ "canonicalize missmatch %s -> %s != %s",
+ src[i], d, dst[i]);
+ return false;
+ }
+ talloc_free(d);
+ }
+ return true;
+}
+
+static bool run_ign_bad_negprot(int dummy)
+{
+ struct tevent_context *ev;
+ struct tevent_req *req;
+ struct smbXcli_conn *conn;
+ struct sockaddr_storage ss;
+ NTSTATUS status;
+ int fd;
+ bool ok;
+
+ printf("starting ignore bad negprot\n");
+
+ ok = resolve_name(host, &ss, 0x20, true);
+ if (!ok) {
+ d_fprintf(stderr, "Could not resolve name %s\n", host);
+ return false;
+ }
+
+ status = open_socket_out(&ss, 445, 10000, &fd);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "open_socket_out failed: %s\n",
+ nt_errstr(status));
+ return false;
+ }
+
+ conn = smbXcli_conn_create(talloc_tos(), fd, host, SMB_SIGNING_OFF, 0,
+ NULL, 0);
+ if (conn == NULL) {
+ d_fprintf(stderr, "smbXcli_conn_create failed\n");
+ return false;
+ }
+
+ status = smbXcli_negprot(conn, 0, PROTOCOL_CORE, PROTOCOL_CORE);
+ if (NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "smbXcli_negprot succeeded!\n");
+ return false;
+ }
+
+ ev = samba_tevent_context_init(talloc_tos());
+ if (ev == NULL) {
+ d_fprintf(stderr, "samba_tevent_context_init failed\n");
+ return false;
+ }
+
+ req = smb1cli_session_setup_nt1_send(
+ ev, ev, conn, 0, getpid(), NULL, 65503, 2, 1, 0, "", "",
+ data_blob_null, data_blob_null, 0x40,
+ "Windows 2000 2195", "Windows 2000 5.0");
+ if (req == NULL) {
+ d_fprintf(stderr, "smb1cli_session_setup_nt1_send failed\n");
+ return false;
+ }
+
+ ok = tevent_req_poll_ntstatus(req, ev, &status);
+ if (!ok) {
+ d_fprintf(stderr, "tevent_req_poll failed\n");
+ return false;
+ }
+
+ status = smb1cli_session_setup_nt1_recv(req, NULL, NULL, NULL, NULL,
+ NULL, NULL);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_CONNECTION_RESET)) {
+ d_fprintf(stderr, "smb1cli_session_setup_nt1_recv returned "
+ "%s, expected NT_STATUS_CONNECTION_RESET\n",
+ nt_errstr(status));
+ return false;
+ }
+
+ TALLOC_FREE(conn);
+
+ printf("starting ignore bad negprot\n");
+
+ return true;
+}
+
static double create_procs(bool (*fn)(int), bool *result)
{
int i, status;
{"OPEN", run_opentest, 0},
{"POSIX", run_simple_posix_open_test, 0},
{"POSIX-APPEND", run_posix_append, 0},
+ {"POSIX-SYMLINK-ACL", run_acl_symlink_test, 0},
+ {"POSIX-SYMLINK-EA", run_ea_symlink_test, 0},
+ {"POSIX-STREAM-DELETE", run_posix_stream_delete, 0},
+ {"POSIX-OFD-LOCK", run_posix_ofd_lock_test, 0},
+ {"WINDOWS-BAD-SYMLINK", run_symlink_open_test, 0},
{"CASE-INSENSITIVE-CREATE", run_case_insensitive_create, 0},
{"ASYNC-ECHO", run_async_echo, 0},
{ "UID-REGRESSION-TEST", run_uid_regression_test, 0},
#endif
{"XCOPY", run_xcopy, 0},
{"RENAME", run_rename, 0},
+ {"RENAME-ACCESS", run_rename_access, 0},
+ {"OWNER-RIGHTS", run_owner_rights, 0},
{"DELETE", run_deletetest, 0},
+ {"WILDDELETE", run_wild_deletetest, 0},
{"DELETE-LN", run_deletetest_ln, 0},
{"PROPERTIES", run_properties, 0},
{"MANGLE", torture_mangle, 0},
{"MANGLE1", run_mangle1, 0},
+ {"MANGLE-ILLEGAL", run_mangle_illegal, 0},
{"W2K", run_w2ktest, 0},
{"TRANS2SCAN", torture_trans2_scan, 0},
{"NTTRANSSCAN", torture_nttrans_scan, 0},
{ "NOTIFY-BENCH2", run_notify_bench2 },
{ "NOTIFY-BENCH3", run_notify_bench3 },
{ "BAD-NBT-SESSION", run_bad_nbt_session },
+ { "IGN-BAD-NEGPROT", run_ign_bad_negprot },
{ "SMB-ANY-CONNECT", run_smb_any_connect },
{ "NOTIFY-ONLINE", run_notify_online },
{ "SMB2-BASIC", run_smb2_basic },
{ "SMB2-TCON-DEPENDENCE", run_smb2_tcon_dependence },
{ "SMB2-MULTI-CHANNEL", run_smb2_multi_channel },
{ "SMB2-SESSION-REAUTH", run_smb2_session_reauth },
+ { "SMB2-FTRUNCATE", run_smb2_ftruncate },
{ "CLEANUP1", run_cleanup1 },
{ "CLEANUP2", run_cleanup2 },
{ "CLEANUP3", run_cleanup3 },
{ "CLEANUP4", run_cleanup4 },
{ "OPLOCK-CANCEL", run_oplock_cancel },
+ { "PIDHIGH", run_pidhigh },
{ "LOCAL-SUBSTITUTE", run_local_substitute, 0},
{ "LOCAL-GENCACHE", run_local_gencache, 0},
{ "LOCAL-TALLOC-DICT", run_local_talloc_dict, 0},
{ "LOCAL-TEVENT-SELECT", run_local_tevent_select, 0},
{ "LOCAL-CONVERT-STRING", run_local_convert_string, 0},
{ "LOCAL-CONV-AUTH-INFO", run_local_conv_auth_info, 0},
- { "LOCAL-sprintf_append", run_local_sprintf_append, 0},
{ "LOCAL-hex_encode_buf", run_local_hex_encode_buf, 0},
{ "LOCAL-IDMAP-TDB-COMMON", run_idmap_tdb_common_test, 0},
{ "LOCAL-remove_duplicate_addrs2", run_local_remove_duplicate_addrs2, 0},
{ "local-tdb-writer", run_local_tdb_writer, 0 },
{ "LOCAL-DBWRAP-CTDB", run_local_dbwrap_ctdb, 0 },
{ "LOCAL-BENCH-PTHREADPOOL", run_bench_pthreadpool, 0 },
+ { "LOCAL-PTHREADPOOL-TEVENT", run_pthreadpool_tevent, 0 },
+ { "LOCAL-CANONICALIZE-PATH", run_local_canonicalize_path, 0 },
{ "qpathinfo-bufsize", run_qpathinfo_bufsize, 0 },
{NULL, NULL, 0}};
printf("host=%s share=%s user=%s myname=%s\n",
host, share, username, myname);
+ torture_creds = cli_session_creds_init(frame,
+ username,
+ workgroup,
+ NULL, /* realm */
+ password,
+ use_kerberos,
+ false, /* fallback_after_kerberos */
+ false, /* use_ccache */
+ false); /* password_is_nt_hash */
+ if (torture_creds == NULL) {
+ d_printf("cli_session_creds_init() failed.\n");
+ exit(1);
+ }
+
if (argc == optind) {
correct = run_test("ALL");
} else {