/* Perform a ulogoff
session_logoff(session);
*/
static int ejs_cli_session_logoff(MprVarHandle eid, int argc, MprVar **argv)
{
struct smbcli_session *session;
NTSTATUS status;
/* Argument parsing */
if (argc != 1) {
ejsSetErrorMsg(eid, "session_logoff invalid arguments");
return -1;
}
if (!mprVarIsPtr(argv[0]->type)) {
ejsSetErrorMsg(eid, "first arg is not a session handle");
return -1;
}
session = argv[0]->ptr;
status = smb_raw_ulogoff(session);
if (!NT_STATUS_IS_OK(status)) {
ejsSetErrorMsg(eid, "session_logoff: %s", nt_errstr(status));
return -1;
}
talloc_free(session);
return 0;
}
bool torture_samba3_oplock_logoff(struct torture_context *tctx, struct smbcli_state *cli)
{
union smb_open io;
const char *fname = "testfile";
bool ret = false;
struct smbcli_request *req;
struct smb_echo echo_req;
smbcli_unlink(cli->tree, fname);
ZERO_STRUCT(io);
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED;
io.ntcreatex.in.root_fid.fnum = 0;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.access_mask =
SEC_STD_SYNCHRONIZE | SEC_FILE_EXECUTE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_NONE;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.fname = "testfile";
torture_assert_ntstatus_equal_goto(tctx, smb_raw_open(cli->tree, tctx, &io),
NT_STATUS_OK,
ret, done, "first smb_open on the file failed");
/*
* Create a conflicting open, causing the one-second delay
*/
torture_assert_goto(tctx, req = smb_raw_open_send(cli->tree, &io),
ret, done, "smb_raw_open_send on the file failed");
/*
* Pull the VUID from under that request. As of Nov 3, 2008 all Samba3
* versions (3.0, 3.2 and master) would spin sending ERRinvuid errors
* as long as the client is still connected.
*/
torture_assert_ntstatus_equal_goto(tctx, smb_raw_ulogoff(cli->session),
NT_STATUS_OK,
ret, done, "ulogoff failed failed");
echo_req.in.repeat_count = 1;
echo_req.in.size = 1;
echo_req.in.data = discard_const_p(uint8_t, "");
torture_assert_ntstatus_equal_goto(tctx, smb_raw_echo(cli->session->transport, &echo_req),
NT_STATUS_OK,
ret, done, "smb_raw_echo failed");
ret = true;
done:
return ret;
}
/*
test session ops
*/
static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
{
NTSTATUS status;
BOOL ret = True;
struct smbcli_session *session;
struct smbcli_session *session2;
struct smbcli_session *session3;
struct smbcli_session *session4;
struct cli_credentials *anon_creds;
struct smbcli_session *sessions[15];
struct composite_context *composite_contexts[15];
struct smbcli_tree *tree;
struct smb_composite_sesssetup setup;
struct smb_composite_sesssetup setups[15];
union smb_open io;
union smb_write wr;
union smb_close cl;
int fnum;
const char *fname = BASEDIR "\\test.txt";
uint8_t c = 1;
int i;
printf("TESTING SESSION HANDLING\n");
if (!torture_setup_dir(cli, BASEDIR)) {
return False;
}
printf("create a second security context on the same transport\n");
session = smbcli_session_init(cli->transport, mem_ctx, False);
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
setup.in.workgroup = lp_workgroup();
setup.in.credentials = cmdline_credentials;
status = smb_composite_sesssetup(session, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
session->vuid = setup.out.vuid;
printf("create a third security context on the same transport, with vuid set\n");
session2 = smbcli_session_init(cli->transport, mem_ctx, False);
session2->vuid = session->vuid;
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
setup.in.workgroup = lp_workgroup();
setup.in.credentials = cmdline_credentials;
status = smb_composite_sesssetup(session2, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
session2->vuid = setup.out.vuid;
printf("vuid1=%d vuid2=%d vuid3=%d\n", cli->session->vuid, session->vuid, session2->vuid);
if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
/* Samba4 currently fails this - we need to determine if this insane behaviour is important */
if (session2->vuid == session->vuid) {
printf("server allows the user to re-use an existing vuid in session setup \n");
}
} else {
CHECK_NOT_VALUE(session2->vuid, session->vuid);
}
talloc_free(session2);
if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
printf("create a fourth security context on the same transport, without extended security\n");
session3 = smbcli_session_init(cli->transport, mem_ctx, False);
session3->vuid = session->vuid;
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non extended security login (should fail) */
setup.in.workgroup = lp_workgroup();
setup.in.credentials = cmdline_credentials;
status = smb_composite_sesssetup(session3, &setup);
CHECK_STATUS(status, NT_STATUS_LOGON_FAILURE);
printf("create a fouth anonymous security context on the same transport, without extended security\n");
session4 = smbcli_session_init(cli->transport, mem_ctx, False);
session4->vuid = session->vuid;
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non extended security login (should fail) */
setup.in.workgroup = lp_workgroup();
anon_creds = cli_credentials_init(mem_ctx);
cli_credentials_set_conf(anon_creds);
cli_credentials_set_anonymous(anon_creds);
setup.in.credentials = anon_creds;
status = smb_composite_sesssetup(session3, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
talloc_free(session4);
}
printf("use the same tree as the existing connection\n");
tree = smbcli_tree_init(session, mem_ctx, False);
tree->tid = cli->tree->tid;
printf("create a file using the new vuid\n");
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname;
status = smb_raw_open(tree, mem_ctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
fnum = io.ntcreatex.out.file.fnum;
printf("write using the old vuid\n");
wr.generic.level = RAW_WRITE_WRITEX;
wr.writex.in.file.fnum = fnum;
wr.writex.in.offset = 0;
wr.writex.in.wmode = 0;
wr.writex.in.remaining = 0;
wr.writex.in.count = 1;
wr.writex.in.data = &c;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("write with the new vuid\n");
status = smb_raw_write(tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("logoff the new vuid\n");
status = smb_raw_ulogoff(session);
CHECK_STATUS(status, NT_STATUS_OK);
printf("the new vuid should not now be accessible\n");
status = smb_raw_write(tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("second logoff for the new vuid should fail\n");
status = smb_raw_ulogoff(session);
CHECK_STATUS(status, NT_STATUS_DOS(ERRSRV, ERRbaduid));
talloc_free(session);
printf("the fnum should have been auto-closed\n");
cl.close.level = RAW_CLOSE_CLOSE;
cl.close.in.file.fnum = fnum;
cl.close.in.write_time = 0;
status = smb_raw_close(cli->tree, &cl);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("create %d secondary security contexts on the same transport\n",
(int)ARRAY_SIZE(sessions));
for (i=0; i <ARRAY_SIZE(sessions); i++) {
setups[i].in.sesskey = cli->transport->negotiate.sesskey;
setups[i].in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
setups[i].in.workgroup = lp_workgroup();
setups[i].in.credentials = cmdline_credentials;
sessions[i] = smbcli_session_init(cli->transport, mem_ctx, False);
composite_contexts[i] = smb_composite_sesssetup_send(sessions[i], &setups[i]);
}
/* flush the queue */
for (i=0; i < ARRAY_SIZE(sessions); i++) {
event_loop_once(composite_contexts[0]->event_ctx);
}
printf("finishing %d secondary security contexts on the same transport\n",
(int)ARRAY_SIZE(sessions));
for (i=0; i< ARRAY_SIZE(sessions); i++) {
status = smb_composite_sesssetup_recv(composite_contexts[i]);
CHECK_STATUS(status, NT_STATUS_OK);
sessions[i]->vuid = setups[i].out.vuid;
printf("VUID: %d\n", sessions[i]->vuid);
status = smb_raw_ulogoff(sessions[i]);
CHECK_STATUS(status, NT_STATUS_OK);
}
talloc_free(tree);
done:
return ret;
}
/*
test tree with ulogoff
this demonstrates that a tcon isn't autoclosed by a ulogoff
the tcon can be reused using any other valid session later
*/
static BOOL test_tree_ulogoff(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
{
NTSTATUS status;
BOOL ret = True;
const char *share, *host;
struct smbcli_session *session1;
struct smbcli_session *session2;
struct smb_composite_sesssetup setup;
struct smbcli_tree *tree;
union smb_tcon tcon;
union smb_open io;
union smb_write wr;
int fnum1, fnum2;
const char *fname1 = BASEDIR "\\test1.txt";
const char *fname2 = BASEDIR "\\test2.txt";
uint8_t c = 1;
printf("TESTING TREE with ulogoff\n");
if (!torture_setup_dir(cli, BASEDIR)) {
return False;
}
share = lp_parm_string(-1, "torture", "share");
host = lp_parm_string(-1, "torture", "host");
printf("create the first new sessions\n");
session1 = smbcli_session_init(cli->transport, mem_ctx, False);
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities;
setup.in.workgroup = lp_workgroup();
setup.in.credentials = cmdline_credentials;
status = smb_composite_sesssetup(session1, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
session1->vuid = setup.out.vuid;
printf("vuid1=%d\n", session1->vuid);
printf("create a tree context on the with vuid1\n");
tree = smbcli_tree_init(session1, mem_ctx, False);
tcon.generic.level = RAW_TCON_TCONX;
tcon.tconx.in.flags = 0;
tcon.tconx.in.password = data_blob(NULL, 0);
tcon.tconx.in.path = talloc_asprintf(mem_ctx, "\\\\%s\\%s", host, share);
tcon.tconx.in.device = "A:";
status = smb_raw_tcon(tree, mem_ctx, &tcon);
CHECK_STATUS(status, NT_STATUS_OK);
tree->tid = tcon.tconx.out.tid;
printf("tid=%d\n", tree->tid);
printf("create a file using vuid1\n");
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname1;
status = smb_raw_open(tree, mem_ctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
fnum1 = io.ntcreatex.out.file.fnum;
printf("write using vuid1\n");
wr.generic.level = RAW_WRITE_WRITEX;
wr.writex.in.file.fnum = fnum1;
wr.writex.in.offset = 0;
wr.writex.in.wmode = 0;
wr.writex.in.remaining = 0;
wr.writex.in.count = 1;
wr.writex.in.data = &c;
status = smb_raw_write(tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("ulogoff the vuid1\n");
status = smb_raw_ulogoff(session1);
CHECK_STATUS(status, NT_STATUS_OK);
printf("create the second new sessions\n");
session2 = smbcli_session_init(cli->transport, mem_ctx, False);
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities;
setup.in.workgroup = lp_workgroup();
setup.in.credentials = cmdline_credentials;
status = smb_composite_sesssetup(session2, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
session2->vuid = setup.out.vuid;
printf("vuid2=%d\n", session2->vuid);
printf("use the existing tree with vuid2\n");
tree->session = session2;
printf("create a file using vuid2\n");
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname2;
status = smb_raw_open(tree, mem_ctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
fnum2 = io.ntcreatex.out.file.fnum;
printf("write using vuid2\n");
wr.generic.level = RAW_WRITE_WRITEX;
wr.writex.in.file.fnum = fnum2;
wr.writex.in.offset = 0;
wr.writex.in.wmode = 0;
wr.writex.in.remaining = 0;
wr.writex.in.count = 1;
wr.writex.in.data = &c;
status = smb_raw_write(tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("ulogoff the vuid2\n");
status = smb_raw_ulogoff(session2);
CHECK_STATUS(status, NT_STATUS_OK);
/* this also demonstrates that SMBtdis doesn't need a valid vuid */
printf("disconnect the existing tree connection\n");
status = smb_tree_disconnect(tree);
CHECK_STATUS(status, NT_STATUS_OK);
printf("disconnect the existing tree connection\n");
status = smb_tree_disconnect(tree);
CHECK_STATUS(status, NT_STATUS_DOS(ERRSRV,ERRinvnid));
/* close down the new tree */
talloc_free(tree);
done:
return ret;
}
bool torture_samba3_oplock_logoff(struct torture_context *tctx)
{
struct smbcli_state *cli;
NTSTATUS status;
uint16_t fnum1;
union smb_open io;
const char *fname = "testfile";
bool ret = false;
struct smbcli_request *req;
struct smb_echo echo_req;
if (!torture_open_connection(&cli, tctx, 0)) {
ret = false;
goto done;
}
smbcli_unlink(cli->tree, fname);
ZERO_STRUCT(io);
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED;
io.ntcreatex.in.root_fid.fnum = 0;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.access_mask =
SEC_STD_SYNCHRONIZE | SEC_FILE_EXECUTE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_NONE;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.fname = "testfile";
status = smb_raw_open(cli->tree, tctx, &io);
if (!NT_STATUS_IS_OK(status)) {
d_printf("first smb_open failed: %s\n", nt_errstr(status));
ret = false;
goto done;
}
fnum1 = io.ntcreatex.out.file.fnum;
/*
* Create a conflicting open, causing the one-second delay
*/
req = smb_raw_open_send(cli->tree, &io);
if (req == NULL) {
d_printf("smb_raw_open_send failed\n");
ret = false;
goto done;
}
/*
* Pull the VUID from under that request. As of Nov 3, 2008 all Samba3
* versions (3.0, 3.2 and master) would spin sending ERRinvuid errors
* as long as the client is still connected.
*/
status = smb_raw_ulogoff(cli->session);
if (!NT_STATUS_IS_OK(status)) {
d_printf("ulogoff failed: %s\n", nt_errstr(status));
ret = false;
goto done;
}
echo_req.in.repeat_count = 1;
echo_req.in.size = 1;
echo_req.in.data = discard_const_p(uint8_t, "");
status = smb_raw_echo(cli->session->transport, &echo_req);
if (!NT_STATUS_IS_OK(status)) {
d_printf("smb_raw_echo returned %s\n",
nt_errstr(status));
ret = false;
goto done;
}
ret = true;
done:
return ret;
}
