2 Unix SMB/CIFS implementation.
3 test suite for session setup operations
4 Copyright (C) Andrew Tridgell 2003
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 #include "libcli/raw/libcliraw.h"
23 #include "librpc/gen_ndr/ndr_security.h"
24 #include "libcli/composite/composite.h"
25 #include "libcli/smb_composite/smb_composite.h"
26 #include "lib/cmdline/popt_common.h"
27 #include "lib/events/events.h"
29 #define BASEDIR "\\rawcontext"
31 #define CHECK_STATUS(status, correct) do { \
32 if (!NT_STATUS_EQUAL(status, correct)) { \
33 printf("(%s) Incorrect status %s - should be %s\n", \
34 __location__, nt_errstr(status), nt_errstr(correct)); \
39 #define CHECK_VALUE(v, correct) do { \
40 if ((v) != (correct)) { \
41 printf("(%s) Incorrect value %s=%d - should be %d\n", \
42 __location__, #v, v, correct); \
47 #define CHECK_NOT_VALUE(v, correct) do { \
48 if ((v) == (correct)) { \
49 printf("(%s) Incorrect value %s=%d - should not be %d\n", \
50 __location__, #v, v, correct); \
59 static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
63 struct smbcli_session *session;
64 struct smbcli_session *session2;
65 struct smbcli_session *session3;
66 struct smbcli_session *session4;
67 struct cli_credentials *anon_creds;
68 struct smbcli_session *sessions[15];
69 struct composite_context *composite_contexts[15];
70 struct smbcli_tree *tree;
71 struct smb_composite_sesssetup setup;
72 struct smb_composite_sesssetup setups[15];
77 const char *fname = BASEDIR "\\test.txt";
81 printf("TESTING SESSION HANDLING\n");
83 if (!torture_setup_dir(cli, BASEDIR)) {
87 printf("create a second security context on the same transport\n");
88 session = smbcli_session_init(cli->transport, mem_ctx, False);
90 setup.in.sesskey = cli->transport->negotiate.sesskey;
91 setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
92 setup.in.workgroup = lp_workgroup();
94 setup.in.credentials = cmdline_credentials;
96 status = smb_composite_sesssetup(session, &setup);
97 CHECK_STATUS(status, NT_STATUS_OK);
99 session->vuid = setup.out.vuid;
101 printf("create a third security context on the same transport, with vuid set\n");
102 session2 = smbcli_session_init(cli->transport, mem_ctx, False);
104 session2->vuid = session->vuid;
105 setup.in.sesskey = cli->transport->negotiate.sesskey;
106 setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
107 setup.in.workgroup = lp_workgroup();
109 setup.in.credentials = cmdline_credentials;
111 status = smb_composite_sesssetup(session2, &setup);
112 CHECK_STATUS(status, NT_STATUS_OK);
114 session2->vuid = setup.out.vuid;
115 printf("vuid1=%d vuid2=%d vuid3=%d\n", cli->session->vuid, session->vuid, session2->vuid);
117 if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
118 /* Samba4 currently fails this - we need to determine if this insane behaviour is important */
119 if (session2->vuid == session->vuid) {
120 printf("server allows the user to re-use an existing vuid in session setup \n");
123 CHECK_NOT_VALUE(session2->vuid, session->vuid);
125 talloc_free(session2);
127 if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
128 printf("create a fourth security context on the same transport, without extended security\n");
129 session3 = smbcli_session_init(cli->transport, mem_ctx, False);
131 session3->vuid = session->vuid;
132 setup.in.sesskey = cli->transport->negotiate.sesskey;
133 setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non extended security login (should fail) */
134 setup.in.workgroup = lp_workgroup();
136 setup.in.credentials = cmdline_credentials;
139 status = smb_composite_sesssetup(session3, &setup);
140 CHECK_STATUS(status, NT_STATUS_LOGON_FAILURE);
142 printf("create a fouth anonymous security context on the same transport, without extended security\n");
143 session4 = smbcli_session_init(cli->transport, mem_ctx, False);
145 session4->vuid = session->vuid;
146 setup.in.sesskey = cli->transport->negotiate.sesskey;
147 setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non extended security login (should fail) */
148 setup.in.workgroup = lp_workgroup();
150 anon_creds = cli_credentials_init(mem_ctx);
151 cli_credentials_set_conf(anon_creds);
152 cli_credentials_set_anonymous(anon_creds);
154 setup.in.credentials = anon_creds;
156 status = smb_composite_sesssetup(session3, &setup);
157 CHECK_STATUS(status, NT_STATUS_OK);
159 talloc_free(session4);
162 printf("use the same tree as the existing connection\n");
163 tree = smbcli_tree_init(session, mem_ctx, False);
164 tree->tid = cli->tree->tid;
166 printf("create a file using the new vuid\n");
167 io.generic.level = RAW_OPEN_NTCREATEX;
168 io.ntcreatex.in.root_fid = 0;
169 io.ntcreatex.in.flags = 0;
170 io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
171 io.ntcreatex.in.create_options = 0;
172 io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
173 io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
174 io.ntcreatex.in.alloc_size = 0;
175 io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
176 io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
177 io.ntcreatex.in.security_flags = 0;
178 io.ntcreatex.in.fname = fname;
179 status = smb_raw_open(tree, mem_ctx, &io);
180 CHECK_STATUS(status, NT_STATUS_OK);
181 fnum = io.ntcreatex.out.fnum;
183 printf("write using the old vuid\n");
184 wr.generic.level = RAW_WRITE_WRITEX;
185 wr.writex.in.fnum = fnum;
186 wr.writex.in.offset = 0;
187 wr.writex.in.wmode = 0;
188 wr.writex.in.remaining = 0;
189 wr.writex.in.count = 1;
190 wr.writex.in.data = &c;
192 status = smb_raw_write(cli->tree, &wr);
193 CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
195 printf("write with the new vuid\n");
196 status = smb_raw_write(tree, &wr);
197 CHECK_STATUS(status, NT_STATUS_OK);
198 CHECK_VALUE(wr.writex.out.nwritten, 1);
200 printf("logoff the new vuid\n");
201 status = smb_raw_ulogoff(session);
202 CHECK_STATUS(status, NT_STATUS_OK);
204 printf("the new vuid should not now be accessible\n");
205 status = smb_raw_write(tree, &wr);
206 CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
208 printf("second logoff for the new vuid should fail\n");
209 status = smb_raw_ulogoff(session);
210 CHECK_STATUS(status, NT_STATUS_DOS(ERRSRV, ERRbaduid));
211 talloc_free(session);
213 printf("the fnum should have been auto-closed\n");
214 cl.close.level = RAW_CLOSE_CLOSE;
215 cl.close.in.fnum = fnum;
216 cl.close.in.write_time = 0;
217 status = smb_raw_close(cli->tree, &cl);
218 CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
220 printf("create %d secondary security contexts on the same transport\n",
221 (int)ARRAY_SIZE(sessions));
222 for (i=0; i <ARRAY_SIZE(sessions); i++) {
223 setups[i].in.sesskey = cli->transport->negotiate.sesskey;
224 setups[i].in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
225 setups[i].in.workgroup = lp_workgroup();
227 setups[i].in.credentials = cmdline_credentials;
229 sessions[i] = smbcli_session_init(cli->transport, mem_ctx, False);
230 composite_contexts[i] = smb_composite_sesssetup_send(sessions[i], &setups[i]);
235 /* flush the queue */
236 for (i=0; i < ARRAY_SIZE(sessions); i++) {
237 event_loop_once(composite_contexts[0]->event_ctx);
240 printf("finishing %d secondary security contexts on the same transport\n",
241 (int)ARRAY_SIZE(sessions));
242 for (i=0; i< ARRAY_SIZE(sessions); i++) {
243 status = smb_composite_sesssetup_recv(composite_contexts[i]);
244 CHECK_STATUS(status, NT_STATUS_OK);
245 sessions[i]->vuid = setups[i].out.vuid;
246 printf("VUID: %d\n", sessions[i]->vuid);
247 status = smb_raw_ulogoff(sessions[i]);
248 CHECK_STATUS(status, NT_STATUS_OK);
262 static BOOL test_tree(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
266 const char *share, *host;
267 struct smbcli_tree *tree;
273 const char *fname = BASEDIR "\\test.txt";
276 printf("TESTING TREE HANDLING\n");
278 if (!torture_setup_dir(cli, BASEDIR)) {
282 share = lp_parm_string(-1, "torture", "share");
283 host = lp_parm_string(-1, "torture", "host");
285 printf("create a second tree context on the same session\n");
286 tree = smbcli_tree_init(cli->session, mem_ctx, False);
288 tcon.generic.level = RAW_TCON_TCONX;
289 tcon.tconx.in.flags = 0;
290 tcon.tconx.in.password = data_blob(NULL, 0);
291 tcon.tconx.in.path = talloc_asprintf(mem_ctx, "\\\\%s\\%s", host, share);
292 tcon.tconx.in.device = "A:";
293 status = smb_raw_tcon(tree, mem_ctx, &tcon);
294 CHECK_STATUS(status, NT_STATUS_OK);
297 tree->tid = tcon.tconx.out.tid;
298 printf("tid1=%d tid2=%d\n", cli->tree->tid, tree->tid);
300 printf("try a tconx with a bad device type\n");
301 tcon.tconx.in.device = "FOO";
302 status = smb_raw_tcon(tree, mem_ctx, &tcon);
303 CHECK_STATUS(status, NT_STATUS_BAD_DEVICE_TYPE);
306 printf("create a file using the new tid\n");
307 io.generic.level = RAW_OPEN_NTCREATEX;
308 io.ntcreatex.in.root_fid = 0;
309 io.ntcreatex.in.flags = 0;
310 io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
311 io.ntcreatex.in.create_options = 0;
312 io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
313 io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
314 io.ntcreatex.in.alloc_size = 0;
315 io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
316 io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
317 io.ntcreatex.in.security_flags = 0;
318 io.ntcreatex.in.fname = fname;
319 status = smb_raw_open(tree, mem_ctx, &io);
320 CHECK_STATUS(status, NT_STATUS_OK);
321 fnum = io.ntcreatex.out.fnum;
323 printf("write using the old tid\n");
324 wr.generic.level = RAW_WRITE_WRITEX;
325 wr.writex.in.fnum = fnum;
326 wr.writex.in.offset = 0;
327 wr.writex.in.wmode = 0;
328 wr.writex.in.remaining = 0;
329 wr.writex.in.count = 1;
330 wr.writex.in.data = &c;
332 status = smb_raw_write(cli->tree, &wr);
333 CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
335 printf("write with the new tid\n");
336 status = smb_raw_write(tree, &wr);
337 CHECK_STATUS(status, NT_STATUS_OK);
338 CHECK_VALUE(wr.writex.out.nwritten, 1);
340 printf("disconnect the new tid\n");
341 status = smb_tree_disconnect(tree);
342 CHECK_STATUS(status, NT_STATUS_OK);
344 printf("the new tid should not now be accessible\n");
345 status = smb_raw_write(tree, &wr);
346 CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
348 printf("the fnum should have been auto-closed\n");
349 cl.close.level = RAW_CLOSE_CLOSE;
350 cl.close.in.fnum = fnum;
351 cl.close.in.write_time = 0;
352 status = smb_raw_close(cli->tree, &cl);
353 CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
355 /* close down the new tree */
366 static BOOL test_pid(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
374 const char *fname = BASEDIR "\\test.txt";
378 printf("TESTING PID HANDLING\n");
380 if (!torture_setup_dir(cli, BASEDIR)) {
384 printf("create a second pid\n");
385 pid1 = cli->session->pid;
388 printf("pid1=%d pid2=%d\n", pid1, pid2);
390 printf("create a file using the new pid\n");
391 cli->session->pid = pid2;
392 io.generic.level = RAW_OPEN_NTCREATEX;
393 io.ntcreatex.in.root_fid = 0;
394 io.ntcreatex.in.flags = 0;
395 io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
396 io.ntcreatex.in.create_options = 0;
397 io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
398 io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
399 io.ntcreatex.in.alloc_size = 0;
400 io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
401 io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
402 io.ntcreatex.in.security_flags = 0;
403 io.ntcreatex.in.fname = fname;
404 status = smb_raw_open(cli->tree, mem_ctx, &io);
405 CHECK_STATUS(status, NT_STATUS_OK);
406 fnum = io.ntcreatex.out.fnum;
408 printf("write using the old pid\n");
409 cli->session->pid = pid1;
410 wr.generic.level = RAW_WRITE_WRITEX;
411 wr.writex.in.fnum = fnum;
412 wr.writex.in.offset = 0;
413 wr.writex.in.wmode = 0;
414 wr.writex.in.remaining = 0;
415 wr.writex.in.count = 1;
416 wr.writex.in.data = &c;
418 status = smb_raw_write(cli->tree, &wr);
419 CHECK_STATUS(status, NT_STATUS_OK);
420 CHECK_VALUE(wr.writex.out.nwritten, 1);
422 printf("write with the new pid\n");
423 cli->session->pid = pid2;
424 status = smb_raw_write(cli->tree, &wr);
425 CHECK_STATUS(status, NT_STATUS_OK);
426 CHECK_VALUE(wr.writex.out.nwritten, 1);
428 printf("exit the old pid\n");
429 cli->session->pid = pid1;
430 status = smb_raw_exit(cli->session);
431 CHECK_STATUS(status, NT_STATUS_OK);
433 printf("the fnum should still be accessible\n");
434 cli->session->pid = pid1;
435 status = smb_raw_write(cli->tree, &wr);
436 CHECK_STATUS(status, NT_STATUS_OK);
437 CHECK_VALUE(wr.writex.out.nwritten, 1);
439 printf("exit the new pid\n");
440 cli->session->pid = pid2;
441 status = smb_raw_exit(cli->session);
442 CHECK_STATUS(status, NT_STATUS_OK);
444 printf("the fnum should not now be accessible\n");
445 cli->session->pid = pid1;
446 status = smb_raw_write(cli->tree, &wr);
447 CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
449 printf("the fnum should have been auto-closed\n");
450 cl.close.level = RAW_CLOSE_CLOSE;
451 cl.close.in.fnum = fnum;
452 cl.close.in.write_time = 0;
453 status = smb_raw_close(cli->tree, &cl);
454 CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
462 basic testing of session/tree context calls
464 static BOOL torture_raw_context_int(void)
466 struct smbcli_state *cli;
470 if (!torture_open_connection(&cli)) {
474 mem_ctx = talloc_init("torture_raw_context");
476 if (!test_session(cli, mem_ctx)) {
480 if (!test_tree(cli, mem_ctx)) {
484 if (!test_pid(cli, mem_ctx)) {
488 smb_raw_exit(cli->session);
489 smbcli_deltree(cli->tree, BASEDIR);
491 torture_close_connection(cli);
492 talloc_free(mem_ctx);
497 basic testing of session/tree context calls
499 BOOL torture_raw_context(void)
502 if (lp_use_spnego()) {
503 ret &= torture_raw_context_int();
504 lp_set_cmdline("use spnego", "False");
507 ret &= torture_raw_context_int();