r10504: - seperate implementation specific stuff, from the generic composite
[gd/samba-autobuild/.git] / source4 / torture / raw / context.c
1 /* 
2    Unix SMB/CIFS implementation.
3    test suite for session setup operations
4    Copyright (C) Andrew Tridgell 2003
5    
6    This program is free software; you can redistribute it and/or modify
7    it under the terms of the GNU General Public License as published by
8    the Free Software Foundation; either version 2 of the License, or
9    (at your option) any later version.
10    
11    This program is distributed in the hope that it will be useful,
12    but WITHOUT ANY WARRANTY; without even the implied warranty of
13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14    GNU General Public License for more details.
15    
16    You should have received a copy of the GNU General Public License
17    along with this program; if not, write to the Free Software
18    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
19 */
20
21 #include "includes.h"
22 #include "libcli/raw/libcliraw.h"
23 #include "librpc/gen_ndr/ndr_security.h"
24 #include "libcli/composite/composite.h"
25 #include "libcli/smb_composite/smb_composite.h"
26 #include "lib/cmdline/popt_common.h"
27 #include "lib/events/events.h"
28
29 #define BASEDIR "\\rawcontext"
30
31 #define CHECK_STATUS(status, correct) do { \
32         if (!NT_STATUS_EQUAL(status, correct)) { \
33                 printf("(%s) Incorrect status %s - should be %s\n", \
34                        __location__, nt_errstr(status), nt_errstr(correct)); \
35                 ret = False; \
36                 goto done; \
37         }} while (0)
38
39 #define CHECK_VALUE(v, correct) do { \
40         if ((v) != (correct)) { \
41                 printf("(%s) Incorrect value %s=%d - should be %d\n", \
42                        __location__, #v, v, correct); \
43                 ret = False; \
44                 goto done; \
45         }} while (0)
46
47 #define CHECK_NOT_VALUE(v, correct) do { \
48         if ((v) == (correct)) { \
49                 printf("(%s) Incorrect value %s=%d - should not be %d\n", \
50                        __location__, #v, v, correct); \
51                 ret = False; \
52                 goto done; \
53         }} while (0)
54
55
56 /*
57   test session ops
58 */
59 static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
60 {
61         NTSTATUS status;
62         BOOL ret = True;
63         struct smbcli_session *session;
64         struct smbcli_session *session2;
65         struct smbcli_session *session3;
66         struct smbcli_session *session4;
67         struct cli_credentials *anon_creds;
68         struct smbcli_session *sessions[15];
69         struct composite_context *composite_contexts[15];
70         struct smbcli_tree *tree;
71         struct smb_composite_sesssetup setup;
72         struct smb_composite_sesssetup setups[15];
73         union smb_open io;
74         union smb_write wr;
75         union smb_close cl;
76         int fnum;
77         const char *fname = BASEDIR "\\test.txt";
78         uint8_t c = 1;
79         int i;
80
81         printf("TESTING SESSION HANDLING\n");
82
83         if (!torture_setup_dir(cli, BASEDIR)) {
84                 return False;
85         }
86
87         printf("create a second security context on the same transport\n");
88         session = smbcli_session_init(cli->transport, mem_ctx, False);
89
90         setup.in.sesskey = cli->transport->negotiate.sesskey;
91         setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
92         setup.in.workgroup = lp_workgroup();
93
94         setup.in.credentials = cmdline_credentials;
95
96         status = smb_composite_sesssetup(session, &setup);
97         CHECK_STATUS(status, NT_STATUS_OK);
98         
99         session->vuid = setup.out.vuid;
100
101         printf("create a third security context on the same transport, with vuid set\n");
102         session2 = smbcli_session_init(cli->transport, mem_ctx, False);
103
104         session2->vuid = session->vuid;
105         setup.in.sesskey = cli->transport->negotiate.sesskey;
106         setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
107         setup.in.workgroup = lp_workgroup();
108
109         setup.in.credentials = cmdline_credentials;
110
111         status = smb_composite_sesssetup(session2, &setup);
112         CHECK_STATUS(status, NT_STATUS_OK);
113
114         session2->vuid = setup.out.vuid;
115         printf("vuid1=%d vuid2=%d vuid3=%d\n", cli->session->vuid, session->vuid, session2->vuid);
116         
117         if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
118                 /* Samba4 currently fails this - we need to determine if this insane behaviour is important */
119                 if (session2->vuid == session->vuid) {
120                         printf("server allows the user to re-use an existing vuid in session setup \n");
121                 }
122         } else {
123                 CHECK_NOT_VALUE(session2->vuid, session->vuid);
124         }
125         talloc_free(session2);
126
127         if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
128                 printf("create a fourth security context on the same transport, without extended security\n");
129                 session3 = smbcli_session_init(cli->transport, mem_ctx, False);
130
131                 session3->vuid = session->vuid;
132                 setup.in.sesskey = cli->transport->negotiate.sesskey;
133                 setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non extended security login (should fail) */
134                 setup.in.workgroup = lp_workgroup();
135         
136                 setup.in.credentials = cmdline_credentials;
137         
138
139                 status = smb_composite_sesssetup(session3, &setup);
140                 CHECK_STATUS(status, NT_STATUS_LOGON_FAILURE);
141
142                 printf("create a fouth anonymous security context on the same transport, without extended security\n");
143                 session4 = smbcli_session_init(cli->transport, mem_ctx, False);
144
145                 session4->vuid = session->vuid;
146                 setup.in.sesskey = cli->transport->negotiate.sesskey;
147                 setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non extended security login (should fail) */
148                 setup.in.workgroup = lp_workgroup();
149                 
150                 anon_creds = cli_credentials_init(mem_ctx);
151                 cli_credentials_set_conf(anon_creds);
152                 cli_credentials_set_anonymous(anon_creds);
153
154                 setup.in.credentials = anon_creds;
155         
156                 status = smb_composite_sesssetup(session3, &setup);
157                 CHECK_STATUS(status, NT_STATUS_OK);
158
159                 talloc_free(session4);
160         }
161                 
162         printf("use the same tree as the existing connection\n");
163         tree = smbcli_tree_init(session, mem_ctx, False);
164         tree->tid = cli->tree->tid;
165
166         printf("create a file using the new vuid\n");
167         io.generic.level = RAW_OPEN_NTCREATEX;
168         io.ntcreatex.in.root_fid = 0;
169         io.ntcreatex.in.flags = 0;
170         io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
171         io.ntcreatex.in.create_options = 0;
172         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
173         io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
174         io.ntcreatex.in.alloc_size = 0;
175         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
176         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
177         io.ntcreatex.in.security_flags = 0;
178         io.ntcreatex.in.fname = fname;
179         status = smb_raw_open(tree, mem_ctx, &io);
180         CHECK_STATUS(status, NT_STATUS_OK);
181         fnum = io.ntcreatex.out.fnum;
182
183         printf("write using the old vuid\n");
184         wr.generic.level = RAW_WRITE_WRITEX;
185         wr.writex.in.fnum = fnum;
186         wr.writex.in.offset = 0;
187         wr.writex.in.wmode = 0;
188         wr.writex.in.remaining = 0;
189         wr.writex.in.count = 1;
190         wr.writex.in.data = &c;
191
192         status = smb_raw_write(cli->tree, &wr);
193         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
194
195         printf("write with the new vuid\n");
196         status = smb_raw_write(tree, &wr);
197         CHECK_STATUS(status, NT_STATUS_OK);
198         CHECK_VALUE(wr.writex.out.nwritten, 1);
199
200         printf("logoff the new vuid\n");
201         status = smb_raw_ulogoff(session);
202         CHECK_STATUS(status, NT_STATUS_OK);
203
204         printf("the new vuid should not now be accessible\n");
205         status = smb_raw_write(tree, &wr);
206         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
207
208         printf("second logoff for the new vuid should fail\n");
209         status = smb_raw_ulogoff(session);
210         CHECK_STATUS(status, NT_STATUS_DOS(ERRSRV, ERRbaduid));
211         talloc_free(session);
212
213         printf("the fnum should have been auto-closed\n");
214         cl.close.level = RAW_CLOSE_CLOSE;
215         cl.close.in.fnum = fnum;
216         cl.close.in.write_time = 0;
217         status = smb_raw_close(cli->tree, &cl);
218         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
219
220         printf("create %d secondary security contexts on the same transport\n", 
221                (int)ARRAY_SIZE(sessions));
222         for (i=0; i <ARRAY_SIZE(sessions); i++) {
223                 setups[i].in.sesskey = cli->transport->negotiate.sesskey;
224                 setups[i].in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
225                 setups[i].in.workgroup = lp_workgroup();
226                 
227                 setups[i].in.credentials = cmdline_credentials;
228
229                 sessions[i] = smbcli_session_init(cli->transport, mem_ctx, False);
230                 composite_contexts[i] = smb_composite_sesssetup_send(sessions[i], &setups[i]);
231
232         }
233
234
235         /* flush the queue */
236         for (i=0; i < ARRAY_SIZE(sessions); i++) {
237                 event_loop_once(composite_contexts[0]->event_ctx);
238         }
239
240         printf("finishing %d secondary security contexts on the same transport\n", 
241                (int)ARRAY_SIZE(sessions));
242         for (i=0; i< ARRAY_SIZE(sessions); i++) {
243                 status = smb_composite_sesssetup_recv(composite_contexts[i]);
244                 CHECK_STATUS(status, NT_STATUS_OK);
245                 sessions[i]->vuid = setups[i].out.vuid;
246                 printf("VUID: %d\n", sessions[i]->vuid);
247                 status = smb_raw_ulogoff(sessions[i]);
248                 CHECK_STATUS(status, NT_STATUS_OK);
249         }
250
251
252         talloc_free(tree);
253         
254 done:
255         return ret;
256 }
257
258
259 /*
260   test tree ops
261 */
262 static BOOL test_tree(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
263 {
264         NTSTATUS status;
265         BOOL ret = True;
266         const char *share, *host;
267         struct smbcli_tree *tree;
268         union smb_tcon tcon;
269         union smb_open io;
270         union smb_write wr;
271         union smb_close cl;
272         int fnum;
273         const char *fname = BASEDIR "\\test.txt";
274         uint8_t c = 1;
275
276         printf("TESTING TREE HANDLING\n");
277
278         if (!torture_setup_dir(cli, BASEDIR)) {
279                 return False;
280         }
281
282         share = lp_parm_string(-1, "torture", "share");
283         host  = lp_parm_string(-1, "torture", "host");
284         
285         printf("create a second tree context on the same session\n");
286         tree = smbcli_tree_init(cli->session, mem_ctx, False);
287
288         tcon.generic.level = RAW_TCON_TCONX;
289         tcon.tconx.in.flags = 0;
290         tcon.tconx.in.password = data_blob(NULL, 0);
291         tcon.tconx.in.path = talloc_asprintf(mem_ctx, "\\\\%s\\%s", host, share);
292         tcon.tconx.in.device = "A:";    
293         status = smb_raw_tcon(tree, mem_ctx, &tcon);
294         CHECK_STATUS(status, NT_STATUS_OK);
295         
296
297         tree->tid = tcon.tconx.out.tid;
298         printf("tid1=%d tid2=%d\n", cli->tree->tid, tree->tid);
299
300         printf("try a tconx with a bad device type\n");
301         tcon.tconx.in.device = "FOO";   
302         status = smb_raw_tcon(tree, mem_ctx, &tcon);
303         CHECK_STATUS(status, NT_STATUS_BAD_DEVICE_TYPE);
304
305
306         printf("create a file using the new tid\n");
307         io.generic.level = RAW_OPEN_NTCREATEX;
308         io.ntcreatex.in.root_fid = 0;
309         io.ntcreatex.in.flags = 0;
310         io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
311         io.ntcreatex.in.create_options = 0;
312         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
313         io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
314         io.ntcreatex.in.alloc_size = 0;
315         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
316         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
317         io.ntcreatex.in.security_flags = 0;
318         io.ntcreatex.in.fname = fname;
319         status = smb_raw_open(tree, mem_ctx, &io);
320         CHECK_STATUS(status, NT_STATUS_OK);
321         fnum = io.ntcreatex.out.fnum;
322
323         printf("write using the old tid\n");
324         wr.generic.level = RAW_WRITE_WRITEX;
325         wr.writex.in.fnum = fnum;
326         wr.writex.in.offset = 0;
327         wr.writex.in.wmode = 0;
328         wr.writex.in.remaining = 0;
329         wr.writex.in.count = 1;
330         wr.writex.in.data = &c;
331
332         status = smb_raw_write(cli->tree, &wr);
333         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
334
335         printf("write with the new tid\n");
336         status = smb_raw_write(tree, &wr);
337         CHECK_STATUS(status, NT_STATUS_OK);
338         CHECK_VALUE(wr.writex.out.nwritten, 1);
339
340         printf("disconnect the new tid\n");
341         status = smb_tree_disconnect(tree);
342         CHECK_STATUS(status, NT_STATUS_OK);
343
344         printf("the new tid should not now be accessible\n");
345         status = smb_raw_write(tree, &wr);
346         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
347
348         printf("the fnum should have been auto-closed\n");
349         cl.close.level = RAW_CLOSE_CLOSE;
350         cl.close.in.fnum = fnum;
351         cl.close.in.write_time = 0;
352         status = smb_raw_close(cli->tree, &cl);
353         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
354
355         /* close down the new tree */
356         talloc_free(tree);
357         
358 done:
359         return ret;
360 }
361
362
363 /*
364   test pid ops
365 */
366 static BOOL test_pid(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
367 {
368         NTSTATUS status;
369         BOOL ret = True;
370         union smb_open io;
371         union smb_write wr;
372         union smb_close cl;
373         int fnum;
374         const char *fname = BASEDIR "\\test.txt";
375         uint8_t c = 1;
376         uint16_t pid1, pid2;
377
378         printf("TESTING PID HANDLING\n");
379
380         if (!torture_setup_dir(cli, BASEDIR)) {
381                 return False;
382         }
383
384         printf("create a second pid\n");
385         pid1 = cli->session->pid;
386         pid2 = pid1+1;
387
388         printf("pid1=%d pid2=%d\n", pid1, pid2);
389
390         printf("create a file using the new pid\n");
391         cli->session->pid = pid2;
392         io.generic.level = RAW_OPEN_NTCREATEX;
393         io.ntcreatex.in.root_fid = 0;
394         io.ntcreatex.in.flags = 0;
395         io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
396         io.ntcreatex.in.create_options = 0;
397         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
398         io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
399         io.ntcreatex.in.alloc_size = 0;
400         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
401         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
402         io.ntcreatex.in.security_flags = 0;
403         io.ntcreatex.in.fname = fname;
404         status = smb_raw_open(cli->tree, mem_ctx, &io);
405         CHECK_STATUS(status, NT_STATUS_OK);
406         fnum = io.ntcreatex.out.fnum;
407
408         printf("write using the old pid\n");
409         cli->session->pid = pid1;
410         wr.generic.level = RAW_WRITE_WRITEX;
411         wr.writex.in.fnum = fnum;
412         wr.writex.in.offset = 0;
413         wr.writex.in.wmode = 0;
414         wr.writex.in.remaining = 0;
415         wr.writex.in.count = 1;
416         wr.writex.in.data = &c;
417
418         status = smb_raw_write(cli->tree, &wr);
419         CHECK_STATUS(status, NT_STATUS_OK);
420         CHECK_VALUE(wr.writex.out.nwritten, 1);
421
422         printf("write with the new pid\n");
423         cli->session->pid = pid2;
424         status = smb_raw_write(cli->tree, &wr);
425         CHECK_STATUS(status, NT_STATUS_OK);
426         CHECK_VALUE(wr.writex.out.nwritten, 1);
427
428         printf("exit the old pid\n");
429         cli->session->pid = pid1;
430         status = smb_raw_exit(cli->session);
431         CHECK_STATUS(status, NT_STATUS_OK);
432
433         printf("the fnum should still be accessible\n");
434         cli->session->pid = pid1;
435         status = smb_raw_write(cli->tree, &wr);
436         CHECK_STATUS(status, NT_STATUS_OK);
437         CHECK_VALUE(wr.writex.out.nwritten, 1);
438
439         printf("exit the new pid\n");
440         cli->session->pid = pid2;
441         status = smb_raw_exit(cli->session);
442         CHECK_STATUS(status, NT_STATUS_OK);
443
444         printf("the fnum should not now be accessible\n");
445         cli->session->pid = pid1;
446         status = smb_raw_write(cli->tree, &wr);
447         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
448
449         printf("the fnum should have been auto-closed\n");
450         cl.close.level = RAW_CLOSE_CLOSE;
451         cl.close.in.fnum = fnum;
452         cl.close.in.write_time = 0;
453         status = smb_raw_close(cli->tree, &cl);
454         CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
455
456 done:
457         return ret;
458 }
459
460
461 /* 
462    basic testing of session/tree context calls
463 */
464 static BOOL torture_raw_context_int(void)
465 {
466         struct smbcli_state *cli;
467         BOOL ret = True;
468         TALLOC_CTX *mem_ctx;
469
470         if (!torture_open_connection(&cli)) {
471                 return False;
472         }
473
474         mem_ctx = talloc_init("torture_raw_context");
475
476         if (!test_session(cli, mem_ctx)) {
477                 ret = False;
478         }
479
480         if (!test_tree(cli, mem_ctx)) {
481                 ret = False;
482         }
483
484         if (!test_pid(cli, mem_ctx)) {
485                 ret = False;
486         }
487
488         smb_raw_exit(cli->session);
489         smbcli_deltree(cli->tree, BASEDIR);
490
491         torture_close_connection(cli);
492         talloc_free(mem_ctx);
493
494         return ret;
495 }
496 /* 
497    basic testing of session/tree context calls
498 */
499 BOOL torture_raw_context(void)
500 {
501         BOOL ret = True;
502         if (lp_use_spnego()) {
503                 ret &= torture_raw_context_int();
504                 lp_set_cmdline("use spnego", "False");
505         }
506
507         ret &= torture_raw_context_int();
508
509         return ret;
510 }