source/torture/smb2/scan.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    SMB2 opcode scanner
   5
   6    Copyright (C) Andrew Tridgell 2005
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 3 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  20 */
  21
  22 #include "includes.h"
  23 #include "libcli/smb2/smb2.h"
  24 #include "libcli/smb2/smb2_calls.h"
  25 #include "lib/cmdline/popt_common.h"
  26 #include "lib/events/events.h"
  27 #include "torture/torture.h"
  28
  29 #include "torture/smb2/proto.h"
  30
  31 #define FNAME "scan-getinfo.dat"
  32 #define DNAME "scan-getinfo.dir"
  33
  34
  35 /*
  36    scan for valid SMB2 getinfo levels
  37 */
  38 bool torture_smb2_getinfo_scan(struct torture_context *torture)
  39 {
  40         struct smb2_tree *tree;
  41         NTSTATUS status;
  42         struct smb2_getinfo io;
  43         struct smb2_handle fhandle, dhandle;
  44         int c, i;
  45
  46         if (!torture_smb2_connection(torture, &tree)) {
  47                 return false;
  48         }
  49
  50         status = torture_setup_complex_file(tree, FNAME);
  51         if (!NT_STATUS_IS_OK(status)) {
  52                 printf("Failed to setup complex file '%s'\n", FNAME);
  53                 return false;
  54         }
  55         torture_setup_complex_file(tree, FNAME ":2ndstream");
  56
  57         status = torture_setup_complex_dir(tree, DNAME);
  58         if (!NT_STATUS_IS_OK(status)) {
  59                 printf("Failed to setup complex dir  '%s'\n", DNAME);
  60                 return false;
  61         }
  62         torture_setup_complex_file(tree, DNAME ":2ndstream");
  63
  64         torture_smb2_testfile(tree, FNAME, &fhandle);
  65         torture_smb2_testdir(tree, DNAME, &dhandle);
  66
  67
  68         ZERO_STRUCT(io);
  69         io.in.max_response_size = 0xFFFF;
  70
  71         for (c=1;c<5;c++) {
  72                 for (i=0;i<0x100;i++) {
  73                         io.in.level = (i<<8) | c;
  74
  75                         io.in.file.handle = fhandle;
  76                         status = smb2_getinfo(tree, torture, &io);
  77                         if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS) &&
  78                             !NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER) &&
  79                             !NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
  80                                 printf("file level 0x%04x is %ld bytes - %s\n",
  81                                        io.in.level, (long)io.out.blob.length, nt_errstr(status));
  82                                 dump_data(1, io.out.blob.data, io.out.blob.length);
  83                         }
  84
  85                         io.in.file.handle = dhandle;
  86                         status = smb2_getinfo(tree, torture, &io);
  87                         if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS) &&
  88                             !NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER) &&
  89                             !NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
  90                                 printf("dir  level 0x%04x is %ld bytes - %s\n",
  91                                        io.in.level, (long)io.out.blob.length, nt_errstr(status));
  92                                 dump_data(1, io.out.blob.data, io.out.blob.length);
  93                         }
  94                 }
  95         }
  96
  97         return true;
  98 }
  99
 100 /*
 101    scan for valid SMB2 setinfo levels
 102 */
 103 bool torture_smb2_setinfo_scan(struct torture_context *torture)
 104 {
 105         struct smb2_tree *tree;
 106         NTSTATUS status;
 107         struct smb2_setinfo io;
 108         struct smb2_handle handle;
 109         int c, i;
 110
 111         if (!torture_smb2_connection(torture, &tree)) {
 112                 return false;
 113         }
 114
 115         status = torture_setup_complex_file(tree, FNAME);
 116         if (!NT_STATUS_IS_OK(status)) {
 117                 printf("Failed to setup complex file '%s'\n", FNAME);
 118                 return false;
 119         }
 120         torture_setup_complex_file(tree, FNAME ":2ndstream");
 121
 122         torture_smb2_testfile(tree, FNAME, &handle);
 123
 124         ZERO_STRUCT(io);
 125         io.in.blob = data_blob_talloc_zero(torture, 1024);
 126
 127         for (c=1;c<5;c++) {
 128                 for (i=0;i<0x100;i++) {
 129                         io.in.level = (i<<8) | c;
 130                         io.in.file.handle = handle;
 131                         status = smb2_setinfo(tree, &io);
 132                         if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS) &&
 133                             !NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
 134                                 printf("file level 0x%04x - %s\n",
 135                                        io.in.level, nt_errstr(status));
 136                         }
 137                 }
 138         }
 139
 140         return true;
 141 }
 142
 143
 144 /*
 145    scan for valid SMB2 scan levels
 146 */
 147 bool torture_smb2_find_scan(struct torture_context *torture)
 148 {
 149         struct smb2_tree *tree;
 150         NTSTATUS status;
 151         struct smb2_find io;
 152         struct smb2_handle handle;
 153         int i;
 154
 155         if (!torture_smb2_connection(torture, &tree)) {
 156                 return false;
 157         }
 158
 159         status = smb2_util_roothandle(tree, &handle);
 160         if (!NT_STATUS_IS_OK(status)) {
 161                 printf("Failed to open roothandle - %s\n", nt_errstr(status));
 162                 return false;
 163         }
 164
 165         ZERO_STRUCT(io);
 166         io.in.file.handle       = handle;
 167         io.in.pattern           = "*";
 168         io.in.continue_flags    = SMB2_CONTINUE_FLAG_RESTART;
 169         io.in.max_response_size = 0x10000;
 170
 171         for (i=1;i<0x100;i++) {
 172                 io.in.level = i;
 173
 174                 io.in.file.handle = handle;
 175                 status = smb2_find(tree, torture, &io);
 176                 if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS) &&
 177                     !NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER) &&
 178                     !NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
 179                         printf("find level 0x%04x is %ld bytes - %s\n",
 180                                io.in.level, (long)io.out.blob.length, nt_errstr(status));
 181                         dump_data(1, io.out.blob.data, io.out.blob.length);
 182                 }
 183         }
 184
 185         return true;
 186 }
 187
 188 /*
 189    scan for valid SMB2 opcodes
 190 */
 191 bool torture_smb2_scan(struct torture_context *torture)
 192 {
 193         TALLOC_CTX *mem_ctx = talloc_new(NULL);
 194         struct smb2_tree *tree;
 195         const char *host = torture_setting_string(torture, "host", NULL);
 196         const char *share = torture_setting_string(torture, "share", NULL);
 197         struct cli_credentials *credentials = cmdline_credentials;
 198         NTSTATUS status;
 199         int opcode;
 200         struct smb2_request *req;
 201
 202         status = smb2_connect(mem_ctx, host, share, credentials, &tree,
 203                               event_context_find(mem_ctx));
 204         if (!NT_STATUS_IS_OK(status)) {
 205                 printf("Connection failed - %s\n", nt_errstr(status));
 206                 return false;
 207         }
 208
 209         tree->session->transport->options.timeout = 3;
 210
 211         for (opcode=0;opcode<1000;opcode++) {
 212                 req = smb2_request_init_tree(tree, opcode, 2, false, 0);
 213                 SSVAL(req->out.body, 0, 0);
 214                 smb2_transport_send(req);
 215                 if (!smb2_request_receive(req)) {
 216                         talloc_free(tree);
 217                         status = smb2_connect(mem_ctx, host, share, credentials, &tree,
 218                                               event_context_find(mem_ctx));
 219                         if (!NT_STATUS_IS_OK(status)) {
 220                                 printf("Connection failed - %s\n", nt_errstr(status));
 221                                 return false;
 222                         }
 223                         tree->session->transport->options.timeout = 3;
 224                 } else {
 225                         status = smb2_request_destroy(req);
 226                         printf("active opcode %4d gave status %s\n", opcode, nt_errstr(status));
 227                 }
 228         }
 229
 230         talloc_free(mem_ctx);
 231
 232         return true;
 233 }