static struct smbcli_state *connect_to_server(struct torture_context *tctx)
{
NTSTATUS status;
struct smbcli_state *cli;
const char *host = torture_setting_string(tctx, "host", NULL);
const char *share = torture_setting_string(tctx, "share", NULL);
struct smbcli_options options;
struct smbcli_session_options session_options;
lpcfg_smbcli_options(tctx->lp_ctx, &options);
lpcfg_smbcli_session_options(tctx->lp_ctx, &session_options);
status = smbcli_full_connection(tctx, &cli, host,
lpcfg_smb_ports(tctx->lp_ctx),
share, NULL, lpcfg_socket_options(tctx->lp_ctx),
cmdline_credentials,
lpcfg_resolve_context(tctx->lp_ctx),
tctx->ev, &options, &session_options,
lpcfg_gensec_settings(tctx, tctx->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
torture_comment(tctx, "failed to connect to //%s/%s: %s\n",
host, share, nt_errstr(status));
torture_fail(tctx, "Failed to connect to server");
return NULL;
}
return cli;
}
static NTSTATUS gp_cli_connect(struct gp_context *gp_ctx)
{
struct smbcli_options options;
struct smbcli_session_options session_options;
if (gp_ctx->cli != NULL)
return NT_STATUS_OK;
gp_ctx->cli = smbcli_state_init(gp_ctx);
lpcfg_smbcli_options(gp_ctx->lp_ctx, &options);
lpcfg_smbcli_session_options(gp_ctx->lp_ctx, &session_options);
return smbcli_full_connection(gp_ctx,
&gp_ctx->cli,
gp_ctx->active_dc.name,
lpcfg_smb_ports(gp_ctx->lp_ctx),
"sysvol",
NULL,
lpcfg_socket_options(gp_ctx->lp_ctx),
gp_ctx->credentials,
lpcfg_resolve_context(gp_ctx->lp_ctx),
gp_ctx->ev_ctx,
&options,
&session_options,
lpcfg_gensec_settings(gp_ctx, gp_ctx->lp_ctx));
}
static bool try_failed_login(struct torture_context *tctx, struct smbcli_state *cli)
{
NTSTATUS status;
struct smb_composite_sesssetup setup;
struct smbcli_session *session;
struct smbcli_session_options options;
lpcfg_smbcli_session_options(tctx->lp_ctx, &options);
session = smbcli_session_init(cli->transport, cli, false, options);
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities;
setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
setup.in.credentials = cli_credentials_init(session);
setup.in.gensec_settings = lpcfg_gensec_settings(tctx, tctx->lp_ctx);
cli_credentials_set_conf(setup.in.credentials, tctx->lp_ctx);
cli_credentials_set_domain(setup.in.credentials, "INVALID-DOMAIN", CRED_SPECIFIED);
cli_credentials_set_username(setup.in.credentials, "INVALID-USERNAME", CRED_SPECIFIED);
cli_credentials_set_password(setup.in.credentials, "INVALID-PASSWORD", CRED_SPECIFIED);
status = smb_composite_sesssetup(session, &setup);
talloc_free(session);
if (NT_STATUS_IS_OK(status)) {
printf("Allowed session setup with invalid credentials?!\n");
return false;
}
return true;
}
static NTSTATUS svc_UploadService(struct tevent_context *ev_ctx,
const char *hostname,
const char *service_filename,
unsigned char *svc32_exe, unsigned int svc32_exe_len,
unsigned char *svc64_exe, unsigned int svc64_exe_len,
struct cli_credentials *credentials,
struct loadparm_context *cllp_ctx,
int flags)
{
struct smb_composite_savefile *io;
struct smbcli_state *cli;
NTSTATUS status;
struct smbcli_options options;
struct smbcli_session_options session_options;
lpcfg_smbcli_options(cllp_ctx, &options);
lpcfg_smbcli_session_options(cllp_ctx, &session_options);
status =
smbcli_full_connection(NULL, &cli, hostname, lpcfg_smb_ports(cllp_ctx), "ADMIN$", NULL,
lpcfg_socket_options(cllp_ctx), credentials, lpcfg_resolve_context(cllp_ctx), ev_ctx, &options, &session_options, lpcfg_gensec_settings(NULL, cllp_ctx));
NT_ERR(status, 1, "Failed to open ADMIN$ share");
if (flags & SVC_FORCE_UPLOAD) {
smbcli_unlink(cli->tree, service_filename);
} else {
int fd = smbcli_open(cli->tree, service_filename, O_RDONLY, DENY_NONE);
if (fd >= 0) {
smbcli_close(cli->tree, fd);
return status;
}
}
io = talloc_zero(cli->tree, struct smb_composite_savefile);
io->in.fname = service_filename;
if (flags & SVC_OSCHOOSE) {
status = smbcli_chkpath(cli->tree, "SysWoW64");
}
if (((flags & SVC_OSCHOOSE) && NT_STATUS_IS_OK(status)) || (flags & SVC_OS64BIT)) {
DEBUG(1, ("svc_UploadService: Installing 64bit %s\n", service_filename));
io->in.data = svc64_exe;
io->in.size = svc64_exe_len;
} else {
DEBUG(1, ("svc_UploadService: Installing 32bit %s\n", service_filename));
io->in.data = svc32_exe;
io->in.size = svc32_exe_len;
}
status = smb_composite_savefile(cli->tree, io);
NT_ERR(status, 1, "Failed to save ADMIN$/%s", io->in.fname);
talloc_free(io);
smbcli_tdis(cli);
return status;
}
/*
reopen a connection
*/
static void reopen_connection(struct tevent_context *ev, struct tevent_timer *te,
struct timeval t, void *private_data)
{
struct benchopen_state *state = (struct benchopen_state *)private_data;
struct composite_context *ctx;
struct smb_composite_connect *io = &state->reconnect;
char *host, *share;
state->te = NULL;
if (!torture_get_conn_index(state->client_num, state->mem_ctx, state->tctx, &host, &share)) {
DEBUG(0,("Can't find host/share for reconnect?!\n"));
exit(1);
}
io->in.dest_host = state->dest_host;
io->in.dest_ports = state->dest_ports;
io->in.socket_options = lpcfg_socket_options(state->tctx->lp_ctx);
io->in.called_name = state->called_name;
io->in.service = share;
io->in.service_type = state->service_type;
io->in.credentials = cmdline_credentials;
io->in.fallback_to_anonymous = false;
io->in.workgroup = lpcfg_workgroup(state->tctx->lp_ctx);
io->in.gensec_settings = lpcfg_gensec_settings(state->mem_ctx, state->tctx->lp_ctx);
lpcfg_smbcli_options(state->tctx->lp_ctx, &io->in.options);
lpcfg_smbcli_session_options(state->tctx->lp_ctx, &io->in.session_options);
/* kill off the remnants of the old connection */
talloc_free(state->tree);
state->tree = NULL;
state->open_fnum = -1;
state->close_fnum = -1;
ctx = smb_composite_connect_send(io, state->mem_ctx,
lpcfg_resolve_context(state->tctx->lp_ctx),
state->ev);
if (ctx == NULL) {
DEBUG(0,("Failed to setup async reconnect\n"));
exit(1);
}
ctx->async.fn = reopen_connection_complete;
ctx->async.private_data = state;
}
static int fork_tcon_client(struct torture_context *tctx,
int *tcon_count, unsigned tcon_timelimit,
const char *host, const char *share)
{
pid_t child;
struct smbcli_state *cli;
struct timeval end;
struct timeval now;
struct smbcli_options options;
struct smbcli_session_options session_options;
lpcfg_smbcli_options(tctx->lp_ctx, &options);
lpcfg_smbcli_session_options(tctx->lp_ctx, &session_options);
child = fork();
if (child == -1) {
printf("failed to fork child: %s\n,", strerror(errno));
return -1;
} else if (child != 0) {
/* Parent, just return. */
return 0;
}
/* Child. Just make as many connections as possible within the
* time limit. Don't bother synchronising the child start times
* because it's probably not work the effort, and a bit of startup
* jitter is probably a more realistic test.
*/
end = timeval_current();
now = timeval_current();
end.tv_sec += tcon_timelimit;
*tcon_count = 0;
while (timeval_compare(&now, &end) == -1) {
NTSTATUS status;
status = smbcli_full_connection(NULL, &cli,
host, lpcfg_smb_ports(tctx->lp_ctx), share,
NULL, lpcfg_socket_options(tctx->lp_ctx), cmdline_credentials,
lpcfg_resolve_context(tctx->lp_ctx),
tctx->ev, &options, &session_options,
lpcfg_gensec_settings(tctx, tctx->lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
printf("failed to connect to //%s/%s: %s\n",
host, share, nt_errstr(status));
goto done;
}
smbcli_tdis(cli);
talloc_free(cli);
*tcon_count = *tcon_count + 1;
now = timeval_current();
}
done:
exit(0);
}
static int copy_files(struct tevent_context *ev, struct loadparm_context *lp_ctx)
{
uint8_t * iobuf; /* IO buffer. */
uint64_t iomax; /* Size of the IO buffer. */
uint64_t data_size; /* Amount of data in the IO buffer. */
uint64_t ibs;
uint64_t obs;
uint64_t count;
struct dd_iohandle * ifile;
struct dd_iohandle * ofile;
struct smbcli_options options;
struct smbcli_session_options session_options;
ibs = check_arg_numeric("ibs");
obs = check_arg_numeric("obs");
count = check_arg_numeric("count");
lpcfg_smbcli_options(lp_ctx, &options);
lpcfg_smbcli_session_options(lp_ctx, &session_options);
/* Allocate IO buffer. We need more than the max IO size because we
* could accumulate a remainder if ibs and obs don't match.
*/
iomax = 2 * MAX(ibs, obs);
if ((iobuf = malloc_array_p(uint8_t, iomax)) == NULL) {
fprintf(stderr,
"%s: failed to allocate IO buffer of %llu bytes\n",
PROGNAME, (unsigned long long)iomax);
return(EOM_EXIT_CODE);
}
options.max_xmit = MAX(ibs, obs);
DEBUG(4, ("IO buffer size is %llu, max xmit is %d\n",
(unsigned long long)iomax, options.max_xmit));
if (!(ifile = open_file(lpcfg_resolve_context(lp_ctx), ev, "if",
lpcfg_smb_ports(lp_ctx), &options,
lpcfg_socket_options(lp_ctx),
&session_options,
lpcfg_gensec_settings(lp_ctx, lp_ctx)))) {
return(FILESYS_EXIT_CODE);
}
if (!(ofile = open_file(lpcfg_resolve_context(lp_ctx), ev, "of",
lpcfg_smb_ports(lp_ctx), &options,
lpcfg_socket_options(lp_ctx),
&session_options,
lpcfg_gensec_settings(lp_ctx, lp_ctx)))) {
return(FILESYS_EXIT_CODE);
}
/* Seek the files to their respective starting points. */
ifile->io_seek(ifile, check_arg_numeric("skip") * ibs);
ofile->io_seek(ofile, check_arg_numeric("seek") * obs);
DEBUG(4, ("max xmit was negotiated to be %d\n", options.max_xmit));
for (data_size = 0;;) {
/* Handle signals. We are somewhat compatible with GNU dd.
* SIGINT makes us stop, but still print transfer statistics.
* SIGUSR1 makes us print transfer statistics but we continue
* copying.
*/
if (dd_sigint) {
break;
}
if (dd_sigusr1) {
print_transfer_stats();
dd_sigusr1 = 0;
}
if (ifile->io_flags & DD_END_OF_FILE) {
DEBUG(4, ("flushing %llu bytes at EOF\n",
(unsigned long long)data_size));
while (data_size > 0) {
if (!dd_flush_block(ofile, iobuf,
&data_size, obs)) {
return(IOERROR_EXIT_CODE);
}
}
goto done;
}
/* Try and read enough blocks of ibs bytes to be able write
* out one of obs bytes.
*/
if (!dd_fill_block(ifile, iobuf, &data_size, obs, ibs)) {
return(IOERROR_EXIT_CODE);
}
if (data_size == 0) {
/* Done. */
SMB_ASSERT(ifile->io_flags & DD_END_OF_FILE);
}
/* Stop reading when we hit the block count. */
if (dd_stats.in.bytes >= (ibs * count)) {
ifile->io_flags |= DD_END_OF_FILE;
}
/* If we wanted to be a legitimate dd, we would do character
* conversions and other shenanigans here.
*/
/* Flush what we read in units of obs bytes. We want to have
* at least obs bytes in the IO buffer but might not if the
* file is too small.
*/
if (data_size &&
!dd_flush_block(ofile, iobuf, &data_size, obs)) {
return(IOERROR_EXIT_CODE);
}
}
done:
print_transfer_stats();
return(0);
}
/*
connect to a share - used when a tree_connect operation comes in.
*/
static NTSTATUS cvfs_connect(struct ntvfs_module_context *ntvfs,
struct ntvfs_request *req,
union smb_tcon *tcon)
{
NTSTATUS status;
struct cvfs_private *p;
const char *host, *user, *pass, *domain, *remote_share;
struct smb_composite_connect io;
struct composite_context *creq;
struct share_config *scfg = ntvfs->ctx->config;
struct cli_credentials *credentials;
bool machine_account;
bool s4u2proxy;
const char* sharename;
switch (tcon->generic.level) {
case RAW_TCON_TCON:
sharename = tcon->tcon.in.service;
break;
case RAW_TCON_TCONX:
sharename = tcon->tconx.in.path;
break;
case RAW_TCON_SMB2:
sharename = tcon->smb2.in.path;
break;
default:
return NT_STATUS_INVALID_LEVEL;
}
if (strncmp(sharename, "\\\\", 2) == 0) {
char *str = strchr(sharename+2, '\\');
if (str) {
sharename = str + 1;
}
}
/* Here we need to determine which server to connect to.
* For now we use parametric options, type cifs.
* Later we will use security=server and auth_server.c.
*/
host = share_string_option(scfg, CIFS_SERVER, NULL);
user = share_string_option(scfg, CIFS_USER, NULL);
pass = share_string_option(scfg, CIFS_PASSWORD, NULL);
domain = share_string_option(scfg, CIFS_DOMAIN, NULL);
remote_share = share_string_option(scfg, CIFS_SHARE, NULL);
if (!remote_share) {
remote_share = sharename;
}
machine_account = share_bool_option(scfg, CIFS_USE_MACHINE_ACCT, CIFS_USE_MACHINE_ACCT_DEFAULT);
s4u2proxy = share_bool_option(scfg, CIFS_USE_S4U2PROXY, CIFS_USE_S4U2PROXY_DEFAULT);
p = talloc_zero(ntvfs, struct cvfs_private);
if (!p) {
return NT_STATUS_NO_MEMORY;
}
ntvfs->private_data = p;
if (!host) {
DEBUG(1,("CIFS backend: You must supply server\n"));
return NT_STATUS_INVALID_PARAMETER;
}
if (user && pass) {
DEBUG(5, ("CIFS backend: Using specified password\n"));
credentials = cli_credentials_init(p);
if (!credentials) {
return NT_STATUS_NO_MEMORY;
}
cli_credentials_set_conf(credentials, ntvfs->ctx->lp_ctx);
cli_credentials_set_username(credentials, user, CRED_SPECIFIED);
if (domain) {
cli_credentials_set_domain(credentials, domain, CRED_SPECIFIED);
}
cli_credentials_set_password(credentials, pass, CRED_SPECIFIED);
} else if (machine_account) {
DEBUG(5, ("CIFS backend: Using machine account\n"));
credentials = cli_credentials_init(p);
cli_credentials_set_conf(credentials, ntvfs->ctx->lp_ctx);
if (domain) {
cli_credentials_set_domain(credentials, domain, CRED_SPECIFIED);
}
status = cli_credentials_set_machine_account(credentials, ntvfs->ctx->lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
} else if (req->session_info->credentials) {
DEBUG(5, ("CIFS backend: Using delegated credentials\n"));
credentials = req->session_info->credentials;
} else if (s4u2proxy) {
struct ccache_container *ccc = NULL;
const char *err_str = NULL;
int ret;
char *impersonate_principal;
char *self_service;
char *target_service;
impersonate_principal = talloc_asprintf(req, "%s@%s",
req->session_info->info->account_name,
req->session_info->info->domain_name);
self_service = talloc_asprintf(req, "cifs/%s",
lpcfg_netbios_name(ntvfs->ctx->lp_ctx));
target_service = talloc_asprintf(req, "cifs/%s", host);
DEBUG(5, ("CIFS backend: Using S4U2Proxy credentials\n"));
credentials = cli_credentials_init(p);
cli_credentials_set_conf(credentials, ntvfs->ctx->lp_ctx);
if (domain) {
cli_credentials_set_domain(credentials, domain, CRED_SPECIFIED);
}
status = cli_credentials_set_machine_account(credentials, ntvfs->ctx->lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED);
cli_credentials_set_impersonate_principal(credentials,
impersonate_principal,
self_service);
cli_credentials_set_target_service(credentials, target_service);
ret = cli_credentials_get_ccache(credentials,
ntvfs->ctx->event_ctx,
ntvfs->ctx->lp_ctx,
&ccc,
&err_str);
if (ret != 0) {
status = NT_STATUS_CROSSREALM_DELEGATION_FAILURE;
DEBUG(1,("S4U2Proxy: cli_credentials_get_ccache() gave: ret[%d] str[%s] - %s\n",
ret, err_str, nt_errstr(status)));
return status;
}
} else {
DEBUG(1,("CIFS backend: NO delegated credentials found: You must supply server, user and password or the client must supply delegated credentials\n"));
return NT_STATUS_INTERNAL_ERROR;
}
/* connect to the server, using the smbd event context */
io.in.dest_host = host;
io.in.dest_ports = lpcfg_smb_ports(ntvfs->ctx->lp_ctx);
io.in.socket_options = lpcfg_socket_options(ntvfs->ctx->lp_ctx);
io.in.called_name = host;
io.in.credentials = credentials;
io.in.fallback_to_anonymous = false;
io.in.workgroup = lpcfg_workgroup(ntvfs->ctx->lp_ctx);
io.in.service = remote_share;
io.in.service_type = "?????";
io.in.gensec_settings = lpcfg_gensec_settings(p, ntvfs->ctx->lp_ctx);
lpcfg_smbcli_options(ntvfs->ctx->lp_ctx, &io.in.options);
lpcfg_smbcli_session_options(ntvfs->ctx->lp_ctx, &io.in.session_options);
if (!(ntvfs->ctx->client_caps & NTVFS_CLIENT_CAP_LEVEL_II_OPLOCKS)) {
io.in.options.use_level2_oplocks = false;
}
creq = smb_composite_connect_send(&io, p,
lpcfg_resolve_context(ntvfs->ctx->lp_ctx),
ntvfs->ctx->event_ctx);
status = smb_composite_connect_recv(creq, p);
NT_STATUS_NOT_OK_RETURN(status);
p->tree = io.out.tree;
p->transport = p->tree->session->transport;
SETUP_PID;
p->ntvfs = ntvfs;
ntvfs->ctx->fs_type = talloc_strdup(ntvfs->ctx, "NTFS");
NT_STATUS_HAVE_NO_MEMORY(ntvfs->ctx->fs_type);
ntvfs->ctx->dev_type = talloc_strdup(ntvfs->ctx, "A:");
NT_STATUS_HAVE_NO_MEMORY(ntvfs->ctx->dev_type);
if (tcon->generic.level == RAW_TCON_TCONX) {
tcon->tconx.out.fs_type = ntvfs->ctx->fs_type;
tcon->tconx.out.dev_type = ntvfs->ctx->dev_type;
}
/* we need to receive oplock break requests from the server */
smbcli_oplock_handler(p->transport, oplock_handler, p);
p->map_generic = share_bool_option(scfg, CIFS_MAP_GENERIC, CIFS_MAP_GENERIC_DEFAULT);
p->map_trans2 = share_bool_option(scfg, CIFS_MAP_TRANS2, CIFS_MAP_TRANS2_DEFAULT);
return NT_STATUS_OK;
}
/*
test pid ops with 2 sessions
*/
static bool test_pid_2sess(struct smbcli_state *cli, struct torture_context *tctx)
{
NTSTATUS status;
bool ret = true;
struct smbcli_session *session;
struct smb_composite_sesssetup setup;
union smb_open io;
union smb_write wr;
union smb_close cl;
int fnum;
const char *fname = BASEDIR "\\test.txt";
uint8_t c = 1;
uint16_t vuid1, vuid2;
struct smbcli_session_options options;
printf("TESTING PID HANDLING WITH 2 SESSIONS\n");
if (!torture_setup_dir(cli, BASEDIR)) {
return false;
}
lpcfg_smbcli_session_options(tctx->lp_ctx, &options);
printf("create a second security context on the same transport\n");
session = smbcli_session_init(cli->transport, tctx, false, options);
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
setup.in.credentials = cmdline_credentials;
setup.in.gensec_settings = lpcfg_gensec_settings(tctx, tctx->lp_ctx);
status = smb_composite_sesssetup(session, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
session->vuid = setup.out.vuid;
vuid1 = cli->session->vuid;
vuid2 = session->vuid;
printf("vuid1=%d vuid2=%d\n", vuid1, vuid2);
printf("create a file using the vuid1\n");
cli->session->vuid = vuid1;
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid.fnum = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname;
status = smb_raw_open(cli->tree, tctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
fnum = io.ntcreatex.out.file.fnum;
printf("write using the vuid1 (fnum=%d)\n", fnum);
cli->session->vuid = vuid1;
wr.generic.level = RAW_WRITE_WRITEX;
wr.writex.in.file.fnum = fnum;
wr.writex.in.offset = 0;
wr.writex.in.wmode = 0;
wr.writex.in.remaining = 0;
wr.writex.in.count = 1;
wr.writex.in.data = &c;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("exit the pid with vuid2\n");
cli->session->vuid = vuid2;
status = smb_raw_exit(cli->session);
CHECK_STATUS(status, NT_STATUS_OK);
printf("the fnum should still be accessible\n");
cli->session->vuid = vuid1;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("exit the pid with vuid1\n");
cli->session->vuid = vuid1;
status = smb_raw_exit(cli->session);
CHECK_STATUS(status, NT_STATUS_OK);
printf("the fnum should not now be accessible\n");
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("the fnum should have been auto-closed\n");
cl.close.level = RAW_CLOSE_CLOSE;
cl.close.in.file.fnum = fnum;
cl.close.in.write_time = 0;
status = smb_raw_close(cli->tree, &cl);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
done:
return ret;
}
/*
test session ops
*/
static bool test_session(struct smbcli_state *cli, struct torture_context *tctx)
{
NTSTATUS status;
bool ret = true;
struct smbcli_session *session;
struct smbcli_session *session2;
struct smbcli_session *session3;
struct smbcli_session *session4;
struct cli_credentials *anon_creds;
struct smbcli_session *sessions[15];
struct composite_context *composite_contexts[15];
struct smbcli_tree *tree;
struct smb_composite_sesssetup setup;
struct smb_composite_sesssetup setups[15];
struct gensec_settings *gensec_settings;
union smb_open io;
union smb_write wr;
union smb_close cl;
int fnum;
const char *fname = BASEDIR "\\test.txt";
uint8_t c = 1;
int i;
struct smbcli_session_options options;
printf("TESTING SESSION HANDLING\n");
if (!torture_setup_dir(cli, BASEDIR)) {
return false;
}
printf("create a second security context on the same transport\n");
lpcfg_smbcli_session_options(tctx->lp_ctx, &options);
gensec_settings = lpcfg_gensec_settings(tctx, tctx->lp_ctx);
session = smbcli_session_init(cli->transport, tctx, false, options);
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
setup.in.credentials = cmdline_credentials;
setup.in.gensec_settings = gensec_settings;
status = smb_composite_sesssetup(session, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
session->vuid = setup.out.vuid;
printf("create a third security context on the same transport, with vuid set\n");
session2 = smbcli_session_init(cli->transport, tctx, false, options);
session2->vuid = session->vuid;
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
setup.in.credentials = cmdline_credentials;
status = smb_composite_sesssetup(session2, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
session2->vuid = setup.out.vuid;
printf("vuid1=%d vuid2=%d vuid3=%d\n", cli->session->vuid, session->vuid, session2->vuid);
if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
/* Samba4 currently fails this - we need to determine if this insane behaviour is important */
if (session2->vuid == session->vuid) {
printf("server allows the user to re-use an existing vuid in session setup \n");
}
} else {
CHECK_NOT_VALUE(session2->vuid, session->vuid);
}
talloc_free(session2);
if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
printf("create a fourth security context on the same transport, without extended security\n");
session3 = smbcli_session_init(cli->transport, tctx, false, options);
session3->vuid = session->vuid;
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non extended security login (should fail) */
setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
setup.in.credentials = cmdline_credentials;
status = smb_composite_sesssetup(session3, &setup);
CHECK_STATUS(status, NT_STATUS_LOGON_FAILURE);
printf("create a fouth anonymous security context on the same transport, without extended security\n");
session4 = smbcli_session_init(cli->transport, tctx, false, options);
session4->vuid = session->vuid;
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non extended security login (should fail) */
setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
anon_creds = cli_credentials_init(tctx);
cli_credentials_set_conf(anon_creds, tctx->lp_ctx);
cli_credentials_set_anonymous(anon_creds);
setup.in.credentials = anon_creds;
status = smb_composite_sesssetup(session3, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
talloc_free(session4);
}
printf("use the same tree as the existing connection\n");
tree = smbcli_tree_init(session, tctx, false);
tree->tid = cli->tree->tid;
printf("create a file using the new vuid\n");
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid.fnum = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname;
status = smb_raw_open(tree, tctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
fnum = io.ntcreatex.out.file.fnum;
printf("write using the old vuid\n");
wr.generic.level = RAW_WRITE_WRITEX;
wr.writex.in.file.fnum = fnum;
wr.writex.in.offset = 0;
wr.writex.in.wmode = 0;
wr.writex.in.remaining = 0;
wr.writex.in.count = 1;
wr.writex.in.data = &c;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("write with the new vuid\n");
status = smb_raw_write(tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("logoff the new vuid\n");
status = smb_raw_ulogoff(session);
CHECK_STATUS(status, NT_STATUS_OK);
printf("the new vuid should not now be accessible\n");
status = smb_raw_write(tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("second logoff for the new vuid should fail\n");
status = smb_raw_ulogoff(session);
CHECK_STATUS(status, NT_STATUS_DOS(ERRSRV, ERRbaduid));
talloc_free(session);
printf("the fnum should have been auto-closed\n");
cl.close.level = RAW_CLOSE_CLOSE;
cl.close.in.file.fnum = fnum;
cl.close.in.write_time = 0;
status = smb_raw_close(cli->tree, &cl);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("create %d secondary security contexts on the same transport\n",
(int)ARRAY_SIZE(sessions));
for (i=0; i <ARRAY_SIZE(sessions); i++) {
setups[i].in.sesskey = cli->transport->negotiate.sesskey;
setups[i].in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
setups[i].in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
setups[i].in.credentials = cmdline_credentials;
setups[i].in.gensec_settings = gensec_settings;
sessions[i] = smbcli_session_init(cli->transport, tctx, false, options);
composite_contexts[i] = smb_composite_sesssetup_send(sessions[i], &setups[i]);
}
printf("finishing %d secondary security contexts on the same transport\n",
(int)ARRAY_SIZE(sessions));
for (i=0; i< ARRAY_SIZE(sessions); i++) {
status = smb_composite_sesssetup_recv(composite_contexts[i]);
CHECK_STATUS(status, NT_STATUS_OK);
sessions[i]->vuid = setups[i].out.vuid;
printf("VUID: %d\n", sessions[i]->vuid);
status = smb_raw_ulogoff(sessions[i]);
CHECK_STATUS(status, NT_STATUS_OK);
}
talloc_free(tree);
done:
return ret;
}
/*
test tree with ulogoff
this demonstrates that a tcon isn't autoclosed by a ulogoff
the tcon can be reused using any other valid session later
*/
static bool test_tree_ulogoff(struct smbcli_state *cli, struct torture_context *tctx)
{
NTSTATUS status;
bool ret = true;
const char *share, *host;
struct smbcli_session *session1;
struct smbcli_session *session2;
struct smb_composite_sesssetup setup;
struct smbcli_tree *tree;
union smb_tcon tcon;
union smb_open io;
union smb_write wr;
int fnum1, fnum2;
const char *fname1 = BASEDIR "\\test1.txt";
const char *fname2 = BASEDIR "\\test2.txt";
uint8_t c = 1;
struct smbcli_session_options options;
printf("TESTING TREE with ulogoff\n");
if (!torture_setup_dir(cli, BASEDIR)) {
return false;
}
share = torture_setting_string(tctx, "share", NULL);
host = torture_setting_string(tctx, "host", NULL);
lpcfg_smbcli_session_options(tctx->lp_ctx, &options);
printf("create the first new sessions\n");
session1 = smbcli_session_init(cli->transport, tctx, false, options);
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities;
setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
setup.in.credentials = cmdline_credentials;
setup.in.gensec_settings = lpcfg_gensec_settings(tctx, tctx->lp_ctx);
status = smb_composite_sesssetup(session1, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
session1->vuid = setup.out.vuid;
printf("vuid1=%d\n", session1->vuid);
printf("create a tree context on the with vuid1\n");
tree = smbcli_tree_init(session1, tctx, false);
tcon.generic.level = RAW_TCON_TCONX;
tcon.tconx.in.flags = 0;
tcon.tconx.in.password = data_blob(NULL, 0);
tcon.tconx.in.path = talloc_asprintf(tctx, "\\\\%s\\%s", host, share);
tcon.tconx.in.device = "A:";
status = smb_raw_tcon(tree, tctx, &tcon);
CHECK_STATUS(status, NT_STATUS_OK);
tree->tid = tcon.tconx.out.tid;
printf("tid=%d\n", tree->tid);
printf("create a file using vuid1\n");
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid.fnum = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname1;
status = smb_raw_open(tree, tctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
fnum1 = io.ntcreatex.out.file.fnum;
printf("write using vuid1\n");
wr.generic.level = RAW_WRITE_WRITEX;
wr.writex.in.file.fnum = fnum1;
wr.writex.in.offset = 0;
wr.writex.in.wmode = 0;
wr.writex.in.remaining = 0;
wr.writex.in.count = 1;
wr.writex.in.data = &c;
status = smb_raw_write(tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("ulogoff the vuid1\n");
status = smb_raw_ulogoff(session1);
CHECK_STATUS(status, NT_STATUS_OK);
printf("create the second new sessions\n");
session2 = smbcli_session_init(cli->transport, tctx, false, options);
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities;
setup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
setup.in.credentials = cmdline_credentials;
setup.in.gensec_settings = lpcfg_gensec_settings(tctx, tctx->lp_ctx);
status = smb_composite_sesssetup(session2, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
session2->vuid = setup.out.vuid;
printf("vuid2=%d\n", session2->vuid);
printf("use the existing tree with vuid2\n");
tree->session = session2;
printf("create a file using vuid2\n");
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid.fnum = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname2;
status = smb_raw_open(tree, tctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
fnum2 = io.ntcreatex.out.file.fnum;
printf("write using vuid2\n");
wr.generic.level = RAW_WRITE_WRITEX;
wr.writex.in.file.fnum = fnum2;
wr.writex.in.offset = 0;
wr.writex.in.wmode = 0;
wr.writex.in.remaining = 0;
wr.writex.in.count = 1;
wr.writex.in.data = &c;
status = smb_raw_write(tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("ulogoff the vuid2\n");
status = smb_raw_ulogoff(session2);
CHECK_STATUS(status, NT_STATUS_OK);
/* this also demonstrates that SMBtdis doesn't need a valid vuid */
printf("disconnect the existing tree connection\n");
status = smb_tree_disconnect(tree);
CHECK_STATUS(status, NT_STATUS_OK);
printf("disconnect the existing tree connection\n");
status = smb_tree_disconnect(tree);
CHECK_STATUS(status, NT_STATUS_DOS(ERRSRV,ERRinvnid));
/* close down the new tree */
talloc_free(tree);
done:
return ret;
}
NTSTATUS svc_uninstall(struct tevent_context *ev_ctx,
const char *hostname,
const char *service_name, const char *service_filename,
struct cli_credentials *credentials,
struct loadparm_context *cllp_ctx)
{
NTSTATUS status;
struct dcerpc_binding_handle *binding_handle;
struct dcerpc_pipe *svc_pipe;
struct policy_handle scm_handle;
struct policy_handle svc_handle;
struct SERVICE_STATUS svc_status;
struct smbcli_options options;
struct smbcli_session_options session_options;
lpcfg_smbcli_options(cllp_ctx, &options);
lpcfg_smbcli_session_options(cllp_ctx, &session_options);
status = svc_pipe_connect(ev_ctx, &svc_pipe, hostname, credentials, cllp_ctx);
NT_ERR(status, 1, "Cannot connect to svcctl pipe");
binding_handle = svc_pipe->binding_handle;
status = svc_OpenSCManager(binding_handle, hostname, &scm_handle);
NT_ERR(status, 1, "OpenSCManager failed");
status =
svc_OpenService(binding_handle, &scm_handle, service_name,
&svc_handle);
NT_ERR(status, 1, "OpenService failed");
DEBUG(1, ("OpenService - %s\n", nt_errstr(status)));
if (NT_STATUS_IS_OK(status)) {
status =
svc_ControlService(binding_handle, &svc_handle,
SERVICE_CONTROL_STOP, &svc_status);
{
struct SERVICE_STATUS s;
do {
smb_msleep(100);
status = svc_QueryServiceStatus(binding_handle, &svc_handle, &s);
NT_ERR(status, 1, "QueryServiceStatus failed");
} while (s.state == SVCCTL_STOP_PENDING);
if (s.state != SVCCTL_STOPPED) {
DEBUG(0, ("Service cannot stop, status=0x%08X\n", s.state));
return NT_STATUS_UNSUCCESSFUL;
}
}
DEBUG(1, ("StopService - %s\n", nt_errstr(status)));
status = svc_DeleteService(binding_handle, &svc_handle);
DEBUG(1, ("DeleteService - %s\n", nt_errstr(status)));
status = svc_CloseServiceHandle(binding_handle, &svc_handle);
DEBUG(1, ("CloseServiceHandle - %s\n", nt_errstr(status)));
}
svc_CloseServiceHandle(binding_handle, &scm_handle);
DEBUG(1, ("CloseSCMHandle - %s\n", nt_errstr(status)));
struct smbcli_state *cli;
status =
smbcli_full_connection(NULL, &cli, hostname, lpcfg_smb_ports(cllp_ctx), "ADMIN$", NULL,
lpcfg_socket_options(cllp_ctx), credentials, lpcfg_resolve_context(cllp_ctx), ev_ctx, &options, &session_options, lpcfg_gensec_settings(NULL, cllp_ctx));
NT_ERR(status, 1, "Failed to open ADMIN$ share");
/* Give svc some time to exit */
smb_msleep(300);
status = smbcli_unlink(cli->tree, service_filename);
DEBUG(1, ("Delete %s - %s\n", service_filename, nt_errstr(status)));
status = smbcli_tdis(cli);
DEBUG(1, ("Closing ADMIN$ - %s\n", nt_errstr(status)));
talloc_free(svc_pipe);
return status;
}
static bool test_session_expire1(struct torture_context *tctx)
{
NTSTATUS status;
bool ret = false;
struct smbcli_options options;
struct smbcli_session_options session_options;
const char *host = torture_setting_string(tctx, "host", NULL);
const char *share = torture_setting_string(tctx, "share", NULL);
struct cli_credentials *credentials = cmdline_credentials;
struct smbcli_state *cli = NULL;
enum credentials_use_kerberos use_kerberos;
char fname[256];
union smb_fileinfo qfinfo;
uint16_t vuid;
uint16_t fnum = 0;
struct smb_composite_sesssetup io_sesssetup;
size_t i;
use_kerberos = cli_credentials_get_kerberos_state(credentials);
if (use_kerberos != CRED_MUST_USE_KERBEROS) {
torture_warning(tctx, "smb2.session.expire1 requires -k yes!");
torture_skip(tctx, "smb2.session.expire1 requires -k yes!");
}
torture_assert_int_equal(tctx, use_kerberos, CRED_MUST_USE_KERBEROS,
"please use -k yes");
lpcfg_set_option(tctx->lp_ctx, "gensec_gssapi:requested_life_time=4");
lpcfg_smbcli_options(tctx->lp_ctx, &options);
lpcfg_smbcli_session_options(tctx->lp_ctx, &session_options);
status = smbcli_full_connection(tctx, &cli,
host,
lpcfg_smb_ports(tctx->lp_ctx),
share, NULL,
lpcfg_socket_options(tctx->lp_ctx),
credentials,
lpcfg_resolve_context(tctx->lp_ctx),
tctx->ev, &options, &session_options,
lpcfg_gensec_settings(tctx, tctx->lp_ctx));
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
"smbcli_full_connection failed");
vuid = cli->session->vuid;
/* Add some random component to the file name. */
snprintf(fname, 256, "session_expire1_%s.dat",
generate_random_str(tctx, 8));
smbcli_unlink(cli->tree, fname);
fnum = smbcli_nt_create_full(cli->tree, fname, 0,
SEC_RIGHTS_FILE_ALL,
FILE_ATTRIBUTE_NORMAL,
NTCREATEX_SHARE_ACCESS_NONE,
NTCREATEX_DISP_OPEN_IF,
NTCREATEX_OPTIONS_DELETE_ON_CLOSE,
0);
torture_assert_ntstatus_ok_goto(tctx, smbcli_nt_error(cli->tree), ret,
done, "create file");
torture_assert_goto(tctx, fnum > 0, ret, done, "create file");
/* get the access information */
ZERO_STRUCT(qfinfo);
qfinfo.access_information.level = RAW_FILEINFO_ACCESS_INFORMATION;
qfinfo.access_information.in.file.fnum = fnum;
for (i=0; i < 2; i++) {
torture_comment(tctx, "query info => OK\n");
ZERO_STRUCT(qfinfo.access_information.out);
status = smb_raw_fileinfo(cli->tree, tctx, &qfinfo);
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
"raw_fileinfo failed");
torture_comment(tctx, "sleep 5 seconds\n");
smb_msleep(5*1000);
}
/*
* the krb5 library may not handle expired creds
* well, lets start with an empty ccache.
*/
cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED);
/*
* now with CAP_DYNAMIC_REAUTH
*
* This should trigger NT_STATUS_NETWORK_SESSION_EXPIRED
*/
ZERO_STRUCT(io_sesssetup);
io_sesssetup.in.sesskey = cli->transport->negotiate.sesskey;
io_sesssetup.in.capabilities = cli->transport->negotiate.capabilities;
io_sesssetup.in.capabilities |= CAP_DYNAMIC_REAUTH;
io_sesssetup.in.credentials = credentials;
io_sesssetup.in.workgroup = lpcfg_workgroup(tctx->lp_ctx);
io_sesssetup.in.gensec_settings = lpcfg_gensec_settings(tctx,
tctx->lp_ctx);
torture_comment(tctx, "reauth with CAP_DYNAMIC_REAUTH => OK\n");
ZERO_STRUCT(io_sesssetup.out);
status = smb_composite_sesssetup(cli->session, &io_sesssetup);
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
"reauth failed");
torture_assert_int_equal_goto(tctx, io_sesssetup.out.vuid, vuid,
ret, done, "reauth");
for (i=0; i < 2; i++) {
torture_comment(tctx, "query info => OK\n");
ZERO_STRUCT(qfinfo.access_information.out);
status = smb_raw_fileinfo(cli->tree, tctx, &qfinfo);
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
"raw_fileinfo failed");
torture_comment(tctx, "sleep 5 seconds\n");
smb_msleep(5*1000);
torture_comment(tctx, "query info => EXPIRED\n");
ZERO_STRUCT(qfinfo.access_information.out);
status = smb_raw_fileinfo(cli->tree, tctx, &qfinfo);
torture_assert_ntstatus_equal_goto(tctx, status,
NT_STATUS_NETWORK_SESSION_EXPIRED,
ret, done, "raw_fileinfo expired");
/*
* the krb5 library may not handle expired creds
* well, lets start with an empty ccache.
*/
cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED);
torture_comment(tctx, "reauth with CAP_DYNAMIC_REAUTH => OK\n");
ZERO_STRUCT(io_sesssetup.out);
status = smb_composite_sesssetup(cli->session, &io_sesssetup);
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
"reauth failed");
torture_assert_int_equal_goto(tctx, io_sesssetup.out.vuid, vuid,
ret, done, "reauth");
}
torture_comment(tctx, "query info => OK\n");
ZERO_STRUCT(qfinfo.access_information.out);
status = smb_raw_fileinfo(cli->tree, tctx, &qfinfo);
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
"raw_fileinfo failed");
/*
* the krb5 library may not handle expired creds
* well, lets start with an empty ccache.
*/
cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED);
/*
* now without CAP_DYNAMIC_REAUTH
*
* This should not trigger NT_STATUS_NETWORK_SESSION_EXPIRED
*/
torture_comment(tctx, "reauth without CAP_DYNAMIC_REAUTH => OK\n");
io_sesssetup.in.capabilities &= ~CAP_DYNAMIC_REAUTH;
ZERO_STRUCT(io_sesssetup.out);
status = smb_composite_sesssetup(cli->session, &io_sesssetup);
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
"reauth failed");
torture_assert_int_equal_goto(tctx, io_sesssetup.out.vuid, vuid,
ret, done, "reauth");
for (i=0; i < 2; i++) {
torture_comment(tctx, "query info => OK\n");
ZERO_STRUCT(qfinfo.access_information.out);
status = smb_raw_fileinfo(cli->tree, tctx, &qfinfo);
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
"raw_fileinfo failed");
torture_comment(tctx, "sleep 5 seconds\n");
smb_msleep(5*1000);
}
torture_comment(tctx, "query info => OK\n");
ZERO_STRUCT(qfinfo.access_information.out);
status = smb_raw_fileinfo(cli->tree, tctx, &qfinfo);
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
"raw_fileinfo failed");
ret = true;
done:
if (fnum > 0) {
smbcli_close(cli->tree, fnum);
}
talloc_free(cli);
lpcfg_set_option(tctx->lp_ctx, "gensec_gssapi:requested_life_time=0");
return ret;
}