r9222: Rename smb_tree_connect() to smb_raw_tcon() to match other raw function
[gd/samba-autobuild/.git] / source4 / torture / raw / context.c
1 /* 
2    Unix SMB/CIFS implementation.
3    test suite for session setup operations
4    Copyright (C) Andrew Tridgell 2003
5    
6    This program is free software; you can redistribute it and/or modify
7    it under the terms of the GNU General Public License as published by
8    the Free Software Foundation; either version 2 of the License, or
9    (at your option) any later version.
10    
11    This program is distributed in the hope that it will be useful,
12    but WITHOUT ANY WARRANTY; without even the implied warranty of
13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14    GNU General Public License for more details.
15    
16    You should have received a copy of the GNU General Public License
17    along with this program; if not, write to the Free Software
18    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
19 */
20
21 #include "includes.h"
22 #include "libcli/raw/libcliraw.h"
23 #include "librpc/gen_ndr/ndr_security.h"
24 #include "libcli/composite/composite.h"
25 #include "lib/cmdline/popt_common.h"
26 #include "lib/events/events.h"
27
28 #define BASEDIR "\\rawcontext"
29
30 #define CHECK_STATUS(status, correct) do { \
31         if (!NT_STATUS_EQUAL(status, correct)) { \
32                 printf("(%s) Incorrect status %s - should be %s\n", \
33                        __location__, nt_errstr(status), nt_errstr(correct)); \
34                 ret = False; \
35                 goto done; \
36         }} while (0)
37
38 #define CHECK_VALUE(v, correct) do { \
39         if ((v) != (correct)) { \
40                 printf("(%s) Incorrect value %s=%d - should be %d\n", \
41                        __location__, #v, v, correct); \
42                 ret = False; \
43                 goto done; \
44         }} while (0)
45
46 #define CHECK_NOT_VALUE(v, correct) do { \
47         if ((v) == (correct)) { \
48                 printf("(%s) Incorrect value %s=%d - should not be %d\n", \
49                        __location__, #v, v, correct); \
50                 ret = False; \
51                 goto done; \
52         }} while (0)
53
54
55 /*
56   test session ops
57 */
58 static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
59 {
60         NTSTATUS status;
61         BOOL ret = True;
62         struct smbcli_session *session;
63         struct smbcli_session *session2;
64         struct smbcli_session *session3;
65         struct smbcli_session *session4;
66         struct cli_credentials *anon_creds;
67         struct smbcli_session *sessions[15];
68         struct composite_context *composite_contexts[15];
69         struct smbcli_tree *tree;
70         struct smb_composite_sesssetup setup;
71         struct smb_composite_sesssetup setups[15];
72         union smb_open io;
73         union smb_write wr;
74         union smb_close cl;
75         int fnum;
76         const char *fname = BASEDIR "\\test.txt";
77         uint8_t c = 1;
78         int i;
79
80         printf("TESTING SESSION HANDLING\n");
81
82         if (!torture_setup_dir(cli, BASEDIR)) {
83                 return False;
84         }
85
86         printf("create a second security context on the same transport\n");
87         session = smbcli_session_init(cli->transport, mem_ctx, False);
88
89         setup.in.sesskey = cli->transport->negotiate.sesskey;
90         setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
91         setup.in.workgroup = lp_workgroup();
92
93         setup.in.credentials = cmdline_credentials;
94
95         status = smb_composite_sesssetup(session, &setup);
96         CHECK_STATUS(status, NT_STATUS_OK);
97         
98         session->vuid = setup.out.vuid;
99
100         printf("create a third security context on the same transport, with vuid set\n");
101         session2 = smbcli_session_init(cli->transport, mem_ctx, False);
102
103         session2->vuid = session->vuid;
104         setup.in.sesskey = cli->transport->negotiate.sesskey;
105         setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
106         setup.in.workgroup = lp_workgroup();
107
108         setup.in.credentials = cmdline_credentials;
109
110         status = smb_composite_sesssetup(session2, &setup);
111         CHECK_STATUS(status, NT_STATUS_OK);
112
113         session2->vuid = setup.out.vuid;
114         printf("vuid1=%d vuid2=%d vuid3=%d\n", cli->session->vuid, session->vuid, session2->vuid);
115         
116         if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
117                 /* Samba4 currently fails this - we need to determine if this insane behaviour is important */
118                 if (session2->vuid == session->vuid) {
119                         printf("server allows the user to re-use an existing vuid in session setup \n");
120                 }
121         } else {
122                 CHECK_NOT_VALUE(session2->vuid, session->vuid);
123         }
124         talloc_free(session2);
125
126         if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
127                 printf("create a fourth security context on the same transport, without extended security\n");
128                 session3 = smbcli_session_init(cli->transport, mem_ctx, False);
129
130                 session3->vuid = session->vuid;
131                 setup.in.sesskey = cli->transport->negotiate.sesskey;
132                 setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non extended security login (should fail) */
133                 setup.in.workgroup = lp_workgroup();
134         
135                 setup.in.credentials = cmdline_credentials;
136         
137
138                 status = smb_composite_sesssetup(session3, &setup);
139                 CHECK_STATUS(status, NT_STATUS_LOGON_FAILURE);
140
141                 printf("create a fouth anonymous security context on the same transport, without extended security\n");
142                 session4 = smbcli_session_init(cli->transport, mem_ctx, False);
143
144                 session4->vuid = session->vuid;
145                 setup.in.sesskey = cli->transport->negotiate.sesskey;
146                 setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non extended security login (should fail) */
147                 setup.in.workgroup = lp_workgroup();
148                 
149                 anon_creds = cli_credentials_init(mem_ctx);
150                 cli_credentials_set_conf(anon_creds);
151                 cli_credentials_set_anonymous(anon_creds);
152
153                 setup.in.credentials = anon_creds;
154         
155                 status = smb_composite_sesssetup(session3, &setup);
156                 CHECK_STATUS(status, NT_STATUS_OK);
157
158                 talloc_free(session4);
159         }
160                 
161         printf("use the same tree as the existing connection\n");
162         tree = smbcli_tree_init(session, mem_ctx, False);
163         tree->tid = cli->tree->tid;
164
165         printf("create a file using the new vuid\n");
166         io.generic.level = RAW_OPEN_NTCREATEX;
167         io.ntcreatex.in.root_fid = 0;
168         io.ntcreatex.in.flags = 0;
169         io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
170         io.ntcreatex.in.create_options = 0;
171         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
172         io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
173         io.ntcreatex.in.alloc_size = 0;
174         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
175         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
176         io.ntcreatex.in.security_flags = 0;
177         io.ntcreatex.in.fname = fname;
178         status = smb_raw_open(tree, mem_ctx, &io);
179         CHECK_STATUS(status, NT_STATUS_OK);
180         fnum = io.ntcreatex.out.fnum;
181
182         printf("write using the old vuid\n");
183         wr.generic.level = RAW_WRITE_WRITEX;
184         wr.writex.in.fnum = fnum;
185         wr.writex.in.offset = 0;
186         wr.writex.in.wmode = 0;
187         wr.writex.in.remaining = 0;
188         wr.writex.in.count = 1;
189         wr.writex.in.data = &c;
190
191         status = smb_raw_write(cli->tree, &wr);
192         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
193
194         printf("write with the new vuid\n");
195         status = smb_raw_write(tree, &wr);
196         CHECK_STATUS(status, NT_STATUS_OK);
197         CHECK_VALUE(wr.writex.out.nwritten, 1);
198
199         printf("logoff the new vuid\n");
200         status = smb_raw_ulogoff(session);
201         CHECK_STATUS(status, NT_STATUS_OK);
202
203         printf("the new vuid should not now be accessible\n");
204         status = smb_raw_write(tree, &wr);
205         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
206
207         printf("second logoff for the new vuid should fail\n");
208         status = smb_raw_ulogoff(session);
209         CHECK_STATUS(status, NT_STATUS_DOS(ERRSRV, ERRbaduid));
210         talloc_free(session);
211
212         printf("the fnum should have been auto-closed\n");
213         cl.close.level = RAW_CLOSE_CLOSE;
214         cl.close.in.fnum = fnum;
215         cl.close.in.write_time = 0;
216         status = smb_raw_close(cli->tree, &cl);
217         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
218
219         printf("create %d secondary security contexts on the same transport\n", 
220                (int)ARRAY_SIZE(sessions));
221         for (i=0; i <ARRAY_SIZE(sessions); i++) {
222                 setups[i].in.sesskey = cli->transport->negotiate.sesskey;
223                 setups[i].in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
224                 setups[i].in.workgroup = lp_workgroup();
225                 
226                 setups[i].in.credentials = cmdline_credentials;
227
228                 sessions[i] = smbcli_session_init(cli->transport, mem_ctx, False);
229                 composite_contexts[i] = smb_composite_sesssetup_send(sessions[i], &setups[i]);
230
231         }
232
233
234         /* flush the queue */
235         for (i=0; i < ARRAY_SIZE(sessions); i++) {
236                 event_loop_once(composite_contexts[0]->event_ctx);
237         }
238
239         printf("finishing %d secondary security contexts on the same transport\n", 
240                (int)ARRAY_SIZE(sessions));
241         for (i=0; i< ARRAY_SIZE(sessions); i++) {
242                 status = smb_composite_sesssetup_recv(composite_contexts[i]);
243                 CHECK_STATUS(status, NT_STATUS_OK);
244                 sessions[i]->vuid = setups[i].out.vuid;
245                 printf("VUID: %d\n", sessions[i]->vuid);
246                 status = smb_raw_ulogoff(sessions[i]);
247                 CHECK_STATUS(status, NT_STATUS_OK);
248         }
249
250
251         talloc_free(tree);
252         
253 done:
254         return ret;
255 }
256
257
258 /*
259   test tree ops
260 */
261 static BOOL test_tree(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
262 {
263         NTSTATUS status;
264         BOOL ret = True;
265         const char *share, *host;
266         struct smbcli_tree *tree;
267         union smb_tcon tcon;
268         union smb_open io;
269         union smb_write wr;
270         union smb_close cl;
271         int fnum;
272         const char *fname = BASEDIR "\\test.txt";
273         uint8_t c = 1;
274
275         printf("TESTING TREE HANDLING\n");
276
277         if (!torture_setup_dir(cli, BASEDIR)) {
278                 return False;
279         }
280
281         share = lp_parm_string(-1, "torture", "share");
282         host  = lp_parm_string(-1, "torture", "host");
283         
284         printf("create a second tree context on the same session\n");
285         tree = smbcli_tree_init(cli->session, mem_ctx, False);
286
287         tcon.generic.level = RAW_TCON_TCONX;
288         tcon.tconx.in.flags = 0;
289         tcon.tconx.in.password = data_blob(NULL, 0);
290         tcon.tconx.in.path = talloc_asprintf(mem_ctx, "\\\\%s\\%s", host, share);
291         tcon.tconx.in.device = "A:";    
292         status = smb_raw_tcon(tree, mem_ctx, &tcon);
293         CHECK_STATUS(status, NT_STATUS_OK);
294         
295
296         tree->tid = tcon.tconx.out.tid;
297         printf("tid1=%d tid2=%d\n", cli->tree->tid, tree->tid);
298
299         printf("try a tconx with a bad device type\n");
300         tcon.tconx.in.device = "FOO";   
301         status = smb_raw_tcon(tree, mem_ctx, &tcon);
302         CHECK_STATUS(status, NT_STATUS_BAD_DEVICE_TYPE);
303
304
305         printf("create a file using the new tid\n");
306         io.generic.level = RAW_OPEN_NTCREATEX;
307         io.ntcreatex.in.root_fid = 0;
308         io.ntcreatex.in.flags = 0;
309         io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
310         io.ntcreatex.in.create_options = 0;
311         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
312         io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
313         io.ntcreatex.in.alloc_size = 0;
314         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
315         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
316         io.ntcreatex.in.security_flags = 0;
317         io.ntcreatex.in.fname = fname;
318         status = smb_raw_open(tree, mem_ctx, &io);
319         CHECK_STATUS(status, NT_STATUS_OK);
320         fnum = io.ntcreatex.out.fnum;
321
322         printf("write using the old tid\n");
323         wr.generic.level = RAW_WRITE_WRITEX;
324         wr.writex.in.fnum = fnum;
325         wr.writex.in.offset = 0;
326         wr.writex.in.wmode = 0;
327         wr.writex.in.remaining = 0;
328         wr.writex.in.count = 1;
329         wr.writex.in.data = &c;
330
331         status = smb_raw_write(cli->tree, &wr);
332         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
333
334         printf("write with the new tid\n");
335         status = smb_raw_write(tree, &wr);
336         CHECK_STATUS(status, NT_STATUS_OK);
337         CHECK_VALUE(wr.writex.out.nwritten, 1);
338
339         printf("disconnect the new tid\n");
340         status = smb_tree_disconnect(tree);
341         CHECK_STATUS(status, NT_STATUS_OK);
342
343         printf("the new tid should not now be accessible\n");
344         status = smb_raw_write(tree, &wr);
345         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
346
347         printf("the fnum should have been auto-closed\n");
348         cl.close.level = RAW_CLOSE_CLOSE;
349         cl.close.in.fnum = fnum;
350         cl.close.in.write_time = 0;
351         status = smb_raw_close(cli->tree, &cl);
352         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
353
354         /* close down the new tree */
355         talloc_free(tree);
356         
357 done:
358         return ret;
359 }
360
361
362 /*
363   test pid ops
364 */
365 static BOOL test_pid(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
366 {
367         NTSTATUS status;
368         BOOL ret = True;
369         union smb_open io;
370         union smb_write wr;
371         union smb_close cl;
372         int fnum;
373         const char *fname = BASEDIR "\\test.txt";
374         uint8_t c = 1;
375         uint16_t pid1, pid2;
376
377         printf("TESTING PID HANDLING\n");
378
379         if (!torture_setup_dir(cli, BASEDIR)) {
380                 return False;
381         }
382
383         printf("create a second pid\n");
384         pid1 = cli->session->pid;
385         pid2 = pid1+1;
386
387         printf("pid1=%d pid2=%d\n", pid1, pid2);
388
389         printf("create a file using the new pid\n");
390         cli->session->pid = pid2;
391         io.generic.level = RAW_OPEN_NTCREATEX;
392         io.ntcreatex.in.root_fid = 0;
393         io.ntcreatex.in.flags = 0;
394         io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
395         io.ntcreatex.in.create_options = 0;
396         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
397         io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
398         io.ntcreatex.in.alloc_size = 0;
399         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
400         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
401         io.ntcreatex.in.security_flags = 0;
402         io.ntcreatex.in.fname = fname;
403         status = smb_raw_open(cli->tree, mem_ctx, &io);
404         CHECK_STATUS(status, NT_STATUS_OK);
405         fnum = io.ntcreatex.out.fnum;
406
407         printf("write using the old pid\n");
408         cli->session->pid = pid1;
409         wr.generic.level = RAW_WRITE_WRITEX;
410         wr.writex.in.fnum = fnum;
411         wr.writex.in.offset = 0;
412         wr.writex.in.wmode = 0;
413         wr.writex.in.remaining = 0;
414         wr.writex.in.count = 1;
415         wr.writex.in.data = &c;
416
417         status = smb_raw_write(cli->tree, &wr);
418         CHECK_STATUS(status, NT_STATUS_OK);
419         CHECK_VALUE(wr.writex.out.nwritten, 1);
420
421         printf("write with the new pid\n");
422         cli->session->pid = pid2;
423         status = smb_raw_write(cli->tree, &wr);
424         CHECK_STATUS(status, NT_STATUS_OK);
425         CHECK_VALUE(wr.writex.out.nwritten, 1);
426
427         printf("exit the old pid\n");
428         cli->session->pid = pid1;
429         status = smb_raw_exit(cli->session);
430         CHECK_STATUS(status, NT_STATUS_OK);
431
432         printf("the fnum should still be accessible\n");
433         cli->session->pid = pid1;
434         status = smb_raw_write(cli->tree, &wr);
435         CHECK_STATUS(status, NT_STATUS_OK);
436         CHECK_VALUE(wr.writex.out.nwritten, 1);
437
438         printf("exit the new pid\n");
439         cli->session->pid = pid2;
440         status = smb_raw_exit(cli->session);
441         CHECK_STATUS(status, NT_STATUS_OK);
442
443         printf("the fnum should not now be accessible\n");
444         cli->session->pid = pid1;
445         status = smb_raw_write(cli->tree, &wr);
446         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
447
448         printf("the fnum should have been auto-closed\n");
449         cl.close.level = RAW_CLOSE_CLOSE;
450         cl.close.in.fnum = fnum;
451         cl.close.in.write_time = 0;
452         status = smb_raw_close(cli->tree, &cl);
453         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
454
455 done:
456         return ret;
457 }
458
459
460 /* 
461    basic testing of session/tree context calls
462 */
463 static BOOL torture_raw_context_int(void)
464 {
465         struct smbcli_state *cli;
466         BOOL ret = True;
467         TALLOC_CTX *mem_ctx;
468
469         if (!torture_open_connection(&cli)) {
470                 return False;
471         }
472
473         mem_ctx = talloc_init("torture_raw_context");
474
475         if (!test_session(cli, mem_ctx)) {
476                 ret = False;
477         }
478
479         if (!test_tree(cli, mem_ctx)) {
480                 ret = False;
481         }
482
483         if (!test_pid(cli, mem_ctx)) {
484                 ret = False;
485         }
486
487         smb_raw_exit(cli->session);
488         smbcli_deltree(cli->tree, BASEDIR);
489
490         torture_close_connection(cli);
491         talloc_free(mem_ctx);
492
493         return ret;
494 }
495 /* 
496    basic testing of session/tree context calls
497 */
498 BOOL torture_raw_context(void)
499 {
500         BOOL ret = True;
501         if (lp_use_spnego()) {
502                 ret &= torture_raw_context_int();
503                 lp_set_cmdline("use spnego", "False");
504         }
505
506         ret &= torture_raw_context_int();
507
508         return ret;
509 }