/*
close a file
*/
static NTSTATUS cvfs_close(struct ntvfs_module_context *ntvfs,
struct ntvfs_request *req, union smb_close *io)
{
struct cvfs_private *p = ntvfs->private_data;
struct smbcli_request *c_req;
struct cvfs_file *f;
union smb_close io2;
SETUP_PID;
if (io->generic.level != RAW_CLOSE_GENERIC &&
p->map_generic) {
return ntvfs_map_close(ntvfs, req, io);
}
if (io->generic.level == RAW_CLOSE_GENERIC) {
ZERO_STRUCT(io2);
io2.close.level = RAW_CLOSE_CLOSE;
io2.close.in.file = io->generic.in.file;
io2.close.in.write_time = io->generic.in.write_time;
io = &io2;
}
SETUP_FILE_HERE(f);
/* Note, we aren't free-ing f, or it's h here. Should we?
even if file-close fails, we'll remove it from the list,
what else would we do? Maybe we should not remove until
after the proxied call completes? */
DLIST_REMOVE(p->files, f);
if (!(req->async_states->state & NTVFS_ASYNC_STATE_MAY_ASYNC)) {
return smb_raw_close(p->tree, io);
}
c_req = smb_raw_close_send(p->tree, io);
SIMPLE_ASYNC_TAIL;
}
/*
test pid ops with 2 sessions
*/
static BOOL test_pid_2sess(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
{
NTSTATUS status;
BOOL ret = True;
struct smbcli_session *session;
struct smb_composite_sesssetup setup;
union smb_open io;
union smb_write wr;
union smb_close cl;
int fnum;
const char *fname = BASEDIR "\\test.txt";
uint8_t c = 1;
uint16_t vuid1, vuid2;
printf("TESTING PID HANDLING WITH 2 SESSIONS\n");
if (!torture_setup_dir(cli, BASEDIR)) {
return False;
}
printf("create a second security context on the same transport\n");
session = smbcli_session_init(cli->transport, mem_ctx, False);
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
setup.in.workgroup = lp_workgroup();
setup.in.credentials = cmdline_credentials;
status = smb_composite_sesssetup(session, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
session->vuid = setup.out.vuid;
vuid1 = cli->session->vuid;
vuid2 = session->vuid;
printf("vuid1=%d vuid2=%d\n", vuid1, vuid2);
printf("create a file using the vuid1\n");
cli->session->vuid = vuid1;
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname;
status = smb_raw_open(cli->tree, mem_ctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
fnum = io.ntcreatex.out.file.fnum;
printf("write using the vuid1 (fnum=%d)\n", fnum);
cli->session->vuid = vuid1;
wr.generic.level = RAW_WRITE_WRITEX;
wr.writex.in.file.fnum = fnum;
wr.writex.in.offset = 0;
wr.writex.in.wmode = 0;
wr.writex.in.remaining = 0;
wr.writex.in.count = 1;
wr.writex.in.data = &c;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("exit the pid with vuid2\n");
cli->session->vuid = vuid2;
status = smb_raw_exit(cli->session);
CHECK_STATUS(status, NT_STATUS_OK);
printf("the fnum should still be accessible\n");
cli->session->vuid = vuid1;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("exit the pid with vuid1\n");
cli->session->vuid = vuid1;
status = smb_raw_exit(cli->session);
CHECK_STATUS(status, NT_STATUS_OK);
printf("the fnum should not now be accessible\n");
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("the fnum should have been auto-closed\n");
cl.close.level = RAW_CLOSE_CLOSE;
cl.close.in.file.fnum = fnum;
cl.close.in.write_time = 0;
status = smb_raw_close(cli->tree, &cl);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
done:
return ret;
}
/*
test pid ops with 2 tcons
*/
static BOOL test_pid_2tcon(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
{
NTSTATUS status;
BOOL ret = True;
const char *share, *host;
struct smbcli_tree *tree;
union smb_tcon tcon;
union smb_open io;
union smb_write wr;
union smb_close cl;
int fnum1, fnum2;
const char *fname1 = BASEDIR "\\test1.txt";
const char *fname2 = BASEDIR "\\test2.txt";
uint8_t c = 1;
uint16_t tid1, tid2;
printf("TESTING PID HANDLING WITH 2 TCONS\n");
if (!torture_setup_dir(cli, BASEDIR)) {
return False;
}
share = lp_parm_string(-1, "torture", "share");
host = lp_parm_string(-1, "torture", "host");
printf("create a second tree context on the same session\n");
tree = smbcli_tree_init(cli->session, mem_ctx, False);
tcon.generic.level = RAW_TCON_TCONX;
tcon.tconx.in.flags = 0;
tcon.tconx.in.password = data_blob(NULL, 0);
tcon.tconx.in.path = talloc_asprintf(mem_ctx, "\\\\%s\\%s", host, share);
tcon.tconx.in.device = "A:";
status = smb_raw_tcon(tree, mem_ctx, &tcon);
CHECK_STATUS(status, NT_STATUS_OK);
tree->tid = tcon.tconx.out.tid;
tid1 = cli->tree->tid;
tid2 = tree->tid;
printf("tid1=%d tid2=%d\n", tid1, tid2);
printf("create a file using the tid1\n");
cli->tree->tid = tid1;
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname1;
status = smb_raw_open(cli->tree, mem_ctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
fnum1 = io.ntcreatex.out.file.fnum;
printf("write using the tid1\n");
wr.generic.level = RAW_WRITE_WRITEX;
wr.writex.in.file.fnum = fnum1;
wr.writex.in.offset = 0;
wr.writex.in.wmode = 0;
wr.writex.in.remaining = 0;
wr.writex.in.count = 1;
wr.writex.in.data = &c;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("create a file using the tid2\n");
cli->tree->tid = tid2;
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname2;
status = smb_raw_open(cli->tree, mem_ctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
fnum2 = io.ntcreatex.out.file.fnum;
printf("write using the tid2\n");
wr.generic.level = RAW_WRITE_WRITEX;
wr.writex.in.file.fnum = fnum2;
wr.writex.in.offset = 0;
wr.writex.in.wmode = 0;
wr.writex.in.remaining = 0;
wr.writex.in.count = 1;
wr.writex.in.data = &c;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("exit the pid\n");
status = smb_raw_exit(cli->session);
CHECK_STATUS(status, NT_STATUS_OK);
printf("the fnum1 on tid1 should not be accessible\n");
cli->tree->tid = tid1;
wr.writex.in.file.fnum = fnum1;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("the fnum1 on tid1 should have been auto-closed\n");
cl.close.level = RAW_CLOSE_CLOSE;
cl.close.in.file.fnum = fnum1;
cl.close.in.write_time = 0;
status = smb_raw_close(cli->tree, &cl);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("the fnum2 on tid2 should not be accessible\n");
cli->tree->tid = tid2;
wr.writex.in.file.fnum = fnum2;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("the fnum2 on tid2 should have been auto-closed\n");
cl.close.level = RAW_CLOSE_CLOSE;
cl.close.in.file.fnum = fnum2;
cl.close.in.write_time = 0;
status = smb_raw_close(cli->tree, &cl);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
done:
return ret;
}
/*
test session ops
*/
static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
{
NTSTATUS status;
BOOL ret = True;
struct smbcli_session *session;
struct smbcli_session *session2;
struct smbcli_session *session3;
struct smbcli_session *session4;
struct cli_credentials *anon_creds;
struct smbcli_session *sessions[15];
struct composite_context *composite_contexts[15];
struct smbcli_tree *tree;
struct smb_composite_sesssetup setup;
struct smb_composite_sesssetup setups[15];
union smb_open io;
union smb_write wr;
union smb_close cl;
int fnum;
const char *fname = BASEDIR "\\test.txt";
uint8_t c = 1;
int i;
printf("TESTING SESSION HANDLING\n");
if (!torture_setup_dir(cli, BASEDIR)) {
return False;
}
printf("create a second security context on the same transport\n");
session = smbcli_session_init(cli->transport, mem_ctx, False);
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
setup.in.workgroup = lp_workgroup();
setup.in.credentials = cmdline_credentials;
status = smb_composite_sesssetup(session, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
session->vuid = setup.out.vuid;
printf("create a third security context on the same transport, with vuid set\n");
session2 = smbcli_session_init(cli->transport, mem_ctx, False);
session2->vuid = session->vuid;
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
setup.in.workgroup = lp_workgroup();
setup.in.credentials = cmdline_credentials;
status = smb_composite_sesssetup(session2, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
session2->vuid = setup.out.vuid;
printf("vuid1=%d vuid2=%d vuid3=%d\n", cli->session->vuid, session->vuid, session2->vuid);
if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
/* Samba4 currently fails this - we need to determine if this insane behaviour is important */
if (session2->vuid == session->vuid) {
printf("server allows the user to re-use an existing vuid in session setup \n");
}
} else {
CHECK_NOT_VALUE(session2->vuid, session->vuid);
}
talloc_free(session2);
if (cli->transport->negotiate.capabilities & CAP_EXTENDED_SECURITY) {
printf("create a fourth security context on the same transport, without extended security\n");
session3 = smbcli_session_init(cli->transport, mem_ctx, False);
session3->vuid = session->vuid;
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non extended security login (should fail) */
setup.in.workgroup = lp_workgroup();
setup.in.credentials = cmdline_credentials;
status = smb_composite_sesssetup(session3, &setup);
CHECK_STATUS(status, NT_STATUS_LOGON_FAILURE);
printf("create a fouth anonymous security context on the same transport, without extended security\n");
session4 = smbcli_session_init(cli->transport, mem_ctx, False);
session4->vuid = session->vuid;
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities &= ~CAP_EXTENDED_SECURITY; /* force a non extended security login (should fail) */
setup.in.workgroup = lp_workgroup();
anon_creds = cli_credentials_init(mem_ctx);
cli_credentials_set_conf(anon_creds);
cli_credentials_set_anonymous(anon_creds);
setup.in.credentials = anon_creds;
status = smb_composite_sesssetup(session3, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
talloc_free(session4);
}
printf("use the same tree as the existing connection\n");
tree = smbcli_tree_init(session, mem_ctx, False);
tree->tid = cli->tree->tid;
printf("create a file using the new vuid\n");
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname;
status = smb_raw_open(tree, mem_ctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
fnum = io.ntcreatex.out.file.fnum;
printf("write using the old vuid\n");
wr.generic.level = RAW_WRITE_WRITEX;
wr.writex.in.file.fnum = fnum;
wr.writex.in.offset = 0;
wr.writex.in.wmode = 0;
wr.writex.in.remaining = 0;
wr.writex.in.count = 1;
wr.writex.in.data = &c;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("write with the new vuid\n");
status = smb_raw_write(tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("logoff the new vuid\n");
status = smb_raw_ulogoff(session);
CHECK_STATUS(status, NT_STATUS_OK);
printf("the new vuid should not now be accessible\n");
status = smb_raw_write(tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("second logoff for the new vuid should fail\n");
status = smb_raw_ulogoff(session);
CHECK_STATUS(status, NT_STATUS_DOS(ERRSRV, ERRbaduid));
talloc_free(session);
printf("the fnum should have been auto-closed\n");
cl.close.level = RAW_CLOSE_CLOSE;
cl.close.in.file.fnum = fnum;
cl.close.in.write_time = 0;
status = smb_raw_close(cli->tree, &cl);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("create %d secondary security contexts on the same transport\n",
(int)ARRAY_SIZE(sessions));
for (i=0; i <ARRAY_SIZE(sessions); i++) {
setups[i].in.sesskey = cli->transport->negotiate.sesskey;
setups[i].in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
setups[i].in.workgroup = lp_workgroup();
setups[i].in.credentials = cmdline_credentials;
sessions[i] = smbcli_session_init(cli->transport, mem_ctx, False);
composite_contexts[i] = smb_composite_sesssetup_send(sessions[i], &setups[i]);
}
/* flush the queue */
for (i=0; i < ARRAY_SIZE(sessions); i++) {
event_loop_once(composite_contexts[0]->event_ctx);
}
printf("finishing %d secondary security contexts on the same transport\n",
(int)ARRAY_SIZE(sessions));
for (i=0; i< ARRAY_SIZE(sessions); i++) {
status = smb_composite_sesssetup_recv(composite_contexts[i]);
CHECK_STATUS(status, NT_STATUS_OK);
sessions[i]->vuid = setups[i].out.vuid;
printf("VUID: %d\n", sessions[i]->vuid);
status = smb_raw_ulogoff(sessions[i]);
CHECK_STATUS(status, NT_STATUS_OK);
}
talloc_free(tree);
done:
return ret;
}
/*
test pid ops
this test demonstrates that exit() only sees the PID
used for the open() calls
*/
static BOOL test_pid_exit_only_sees_open(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
{
NTSTATUS status;
BOOL ret = True;
union smb_open io;
union smb_write wr;
union smb_close cl;
int fnum;
const char *fname = BASEDIR "\\test.txt";
uint8_t c = 1;
uint16_t pid1, pid2;
printf("TESTING PID HANDLING exit() only cares about open() PID\n");
if (!torture_setup_dir(cli, BASEDIR)) {
return False;
}
pid1 = cli->session->pid;
pid2 = pid1 + 1;
printf("pid1=%d pid2=%d\n", pid1, pid2);
printf("create a file using pid1\n");
cli->session->pid = pid1;
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname;
status = smb_raw_open(cli->tree, mem_ctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
fnum = io.ntcreatex.out.file.fnum;
printf("write using pid2\n");
cli->session->pid = pid2;
wr.generic.level = RAW_WRITE_WRITEX;
wr.writex.in.file.fnum = fnum;
wr.writex.in.offset = 0;
wr.writex.in.wmode = 0;
wr.writex.in.remaining = 0;
wr.writex.in.count = 1;
wr.writex.in.data = &c;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("exit pid2\n");
cli->session->pid = pid2;
status = smb_raw_exit(cli->session);
CHECK_STATUS(status, NT_STATUS_OK);
printf("the fnum should still be accessible via pid2\n");
cli->session->pid = pid2;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("exit pid2\n");
cli->session->pid = pid2;
status = smb_raw_exit(cli->session);
CHECK_STATUS(status, NT_STATUS_OK);
printf("the fnum should still be accessible via pid1 and pid2\n");
cli->session->pid = pid1;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
cli->session->pid = pid2;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("exit pid1\n");
cli->session->pid = pid1;
status = smb_raw_exit(cli->session);
CHECK_STATUS(status, NT_STATUS_OK);
printf("the fnum should not now be accessible via pid1 or pid2\n");
cli->session->pid = pid1;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
cli->session->pid = pid2;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("the fnum should have been auto-closed\n");
cli->session->pid = pid1;
cl.close.level = RAW_CLOSE_CLOSE;
cl.close.in.file.fnum = fnum;
cl.close.in.write_time = 0;
status = smb_raw_close(cli->tree, &cl);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
done:
return ret;
}
/*
test tree ops
*/
static bool test_tree(struct smbcli_state *cli, struct torture_context *tctx)
{
NTSTATUS status;
bool ret = true;
const char *share, *host;
struct smbcli_tree *tree;
union smb_tcon tcon;
union smb_open io;
union smb_write wr;
union smb_close cl;
int fnum;
const char *fname = BASEDIR "\\test.txt";
uint8_t c = 1;
printf("TESTING TREE HANDLING\n");
if (!torture_setup_dir(cli, BASEDIR)) {
return false;
}
share = torture_setting_string(tctx, "share", NULL);
host = torture_setting_string(tctx, "host", NULL);
printf("create a second tree context on the same session\n");
tree = smbcli_tree_init(cli->session, tctx, false);
tcon.generic.level = RAW_TCON_TCONX;
tcon.tconx.in.flags = 0;
tcon.tconx.in.password = data_blob(NULL, 0);
tcon.tconx.in.path = talloc_asprintf(tctx, "\\\\%s\\%s", host, share);
tcon.tconx.in.device = "A:";
status = smb_raw_tcon(tree, tctx, &tcon);
CHECK_STATUS(status, NT_STATUS_OK);
tree->tid = tcon.tconx.out.tid;
printf("tid1=%d tid2=%d\n", cli->tree->tid, tree->tid);
printf("try a tconx with a bad device type\n");
tcon.tconx.in.device = "FOO";
status = smb_raw_tcon(tree, tctx, &tcon);
CHECK_STATUS(status, NT_STATUS_BAD_DEVICE_TYPE);
printf("create a file using the new tid\n");
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid.fnum = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = fname;
status = smb_raw_open(tree, tctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
fnum = io.ntcreatex.out.file.fnum;
printf("write using the old tid\n");
wr.generic.level = RAW_WRITE_WRITEX;
wr.writex.in.file.fnum = fnum;
wr.writex.in.offset = 0;
wr.writex.in.wmode = 0;
wr.writex.in.remaining = 0;
wr.writex.in.count = 1;
wr.writex.in.data = &c;
status = smb_raw_write(cli->tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("write with the new tid\n");
status = smb_raw_write(tree, &wr);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VALUE(wr.writex.out.nwritten, 1);
printf("disconnect the new tid\n");
status = smb_tree_disconnect(tree);
CHECK_STATUS(status, NT_STATUS_OK);
printf("the new tid should not now be accessible\n");
status = smb_raw_write(tree, &wr);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("the fnum should have been auto-closed\n");
cl.close.level = RAW_CLOSE_CLOSE;
cl.close.in.file.fnum = fnum;
cl.close.in.write_time = 0;
status = smb_raw_close(cli->tree, &cl);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
/* close down the new tree */
talloc_free(tree);
done:
return ret;
}
/* basic testing of all RAW_CLOSE_* calls
*/
BOOL torture_raw_close(struct torture_context *torture)
{
struct smbcli_state *cli;
BOOL ret = True;
TALLOC_CTX *mem_ctx;
union smb_close io;
union smb_flush io_flush;
int fnum;
const char *fname = "\\torture_close.txt";
time_t basetime = (time(NULL) + 3*86400) & ~1;
union smb_fileinfo finfo, finfo2;
NTSTATUS status;
if (!torture_open_connection(&cli, 0)) {
return False;
}
mem_ctx = talloc_init("torture_raw_close");
#define REOPEN do { \
fnum = create_complex_file(cli, mem_ctx, fname); \
if (fnum == -1) { \
printf("(%d) Failed to create %s\n", __LINE__, fname); \
ret = False; \
goto done; \
}} while (0)
#define CHECK_STATUS(status, correct) do { \
if (!NT_STATUS_EQUAL(status, correct)) { \
printf("(%d) Incorrect status %s - should be %s\n", \
__LINE__, nt_errstr(status), nt_errstr(correct)); \
ret = False; \
goto done; \
}} while (0)
REOPEN;
io.close.level = RAW_CLOSE_CLOSE;
io.close.in.file.fnum = fnum;
io.close.in.write_time = basetime;
status = smb_raw_close(cli->tree, &io);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb_raw_close(cli->tree, &io);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
printf("testing close.in.write_time\n");
/* the file should have the write time set */
finfo.generic.level = RAW_FILEINFO_ALL_INFO;
finfo.generic.in.file.path = fname;
status = smb_raw_pathinfo(cli->tree, mem_ctx, &finfo);
CHECK_STATUS(status, NT_STATUS_OK);
if (basetime != nt_time_to_unix(finfo.all_info.out.write_time)) {
printf("Incorrect write time on file - %s - %s\n",
timestring(mem_ctx, basetime),
nt_time_string(mem_ctx, finfo.all_info.out.write_time));
dump_all_info(mem_ctx, &finfo);
ret = False;
}
printf("testing other times\n");
/* none of the other times should be set to that time */
if (nt_time_equal(&finfo.all_info.out.write_time,
&finfo.all_info.out.access_time) ||
nt_time_equal(&finfo.all_info.out.write_time,
&finfo.all_info.out.create_time) ||
nt_time_equal(&finfo.all_info.out.write_time,
&finfo.all_info.out.change_time)) {
printf("Incorrect times after close - only write time should be set\n");
dump_all_info(mem_ctx, &finfo);
ret = False;
}
smbcli_unlink(cli->tree, fname);
REOPEN;
finfo2.generic.level = RAW_FILEINFO_ALL_INFO;
finfo2.generic.in.file.path = fname;
status = smb_raw_pathinfo(cli->tree, mem_ctx, &finfo2);
CHECK_STATUS(status, NT_STATUS_OK);
io.close.level = RAW_CLOSE_CLOSE;
io.close.in.file.fnum = fnum;
io.close.in.write_time = 0;
status = smb_raw_close(cli->tree, &io);
CHECK_STATUS(status, NT_STATUS_OK);
/* the file should have the write time set equal to access time */
finfo.generic.level = RAW_FILEINFO_ALL_INFO;
finfo.generic.in.file.path = fname;
status = smb_raw_pathinfo(cli->tree, mem_ctx, &finfo);
CHECK_STATUS(status, NT_STATUS_OK);
if (!nt_time_equal(&finfo.all_info.out.write_time,
&finfo2.all_info.out.write_time)) {
printf("Incorrect write time on file - 0 time should be ignored\n");
dump_all_info(mem_ctx, &finfo);
ret = False;
}
printf("testing splclose\n");
/* check splclose on a file */
REOPEN;
io.splclose.level = RAW_CLOSE_SPLCLOSE;
io.splclose.in.file.fnum = fnum;
status = smb_raw_close(cli->tree, &io);
CHECK_STATUS(status, NT_STATUS_DOS(ERRSRV, ERRerror));
printf("testing flush\n");
smbcli_close(cli->tree, fnum);
io_flush.flush.level = RAW_FLUSH_FLUSH;
io_flush.flush.in.file.fnum = fnum;
status = smb_raw_flush(cli->tree, &io_flush);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
io_flush.flush_all.level = RAW_FLUSH_ALL;
status = smb_raw_flush(cli->tree, &io_flush);
CHECK_STATUS(status, NT_STATUS_OK);
REOPEN;
io_flush.flush.level = RAW_FLUSH_FLUSH;
io_flush.flush.in.file.fnum = fnum;
status = smb_raw_flush(cli->tree, &io_flush);
CHECK_STATUS(status, NT_STATUS_OK);
printf("Testing SMBexit\n");
smb_raw_exit(cli->session);
io_flush.flush.level = RAW_FLUSH_FLUSH;
io_flush.flush.in.file.fnum = fnum;
status = smb_raw_flush(cli->tree, &io_flush);
CHECK_STATUS(status, NT_STATUS_INVALID_HANDLE);
done:
smbcli_close(cli->tree, fnum);
smbcli_unlink(cli->tree, fname);
torture_close_connection(cli);
talloc_free(mem_ctx);
return ret;
}
NTSTATUS gp_set_gpt_security_descriptor(struct gp_context *gp_ctx,
struct gp_object *gpo,
struct security_descriptor *sd)
{
TALLOC_CTX *mem_ctx;
NTSTATUS status;
union smb_setfileinfo fileinfo;
union smb_open io;
union smb_close io_close;
/* Create a connection to sysvol if it is not already there */
if (gp_ctx->cli == NULL) {
status = gp_cli_connect(gp_ctx);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("Failed to create cli connection to DC\n"));
return status;
}
}
/* Create a forked memory context which can be freed easily */
mem_ctx = talloc_new(gp_ctx);
NT_STATUS_HAVE_NO_MEMORY(mem_ctx);
/* Open the directory with NTCreate AndX call */
io.generic.level = RAW_OPEN_NTCREATEX;
io.ntcreatex.in.root_fid.fnum = 0;
io.ntcreatex.in.flags = 0;
io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.ntcreatex.in.create_options = 0;
io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ |
NTCREATEX_SHARE_ACCESS_WRITE;
io.ntcreatex.in.alloc_size = 0;
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
io.ntcreatex.in.security_flags = 0;
io.ntcreatex.in.fname = gp_get_share_path(mem_ctx, gpo->file_sys_path);
status = smb_raw_open(gp_ctx->cli->tree, mem_ctx, &io);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("Can't open GPT directory\n"));
talloc_free(mem_ctx);
return status;
}
/* Set the security descriptor on the directory */
fileinfo.generic.level = RAW_FILEINFO_SEC_DESC;
fileinfo.set_secdesc.in.file.fnum = io.ntcreatex.out.file.fnum;
fileinfo.set_secdesc.in.secinfo_flags = SECINFO_PROTECTED_DACL |
SECINFO_OWNER |
SECINFO_GROUP |
SECINFO_DACL;
fileinfo.set_secdesc.in.sd = sd;
status = smb_raw_setfileinfo(gp_ctx->cli->tree, &fileinfo);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("Failed to set security descriptor on the GPT\n"));
talloc_free(mem_ctx);
return status;
}
/* Close the directory */
io_close.close.level = RAW_CLOSE_CLOSE;
io_close.close.in.file.fnum = io.ntcreatex.out.file.fnum;
io_close.close.in.write_time = 0;
status = smb_raw_close(gp_ctx->cli->tree, &io_close);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("Failed to close directory\n"));
talloc_free(mem_ctx);
return status;
}
talloc_free(mem_ctx);
return NT_STATUS_OK;
}
