static bool test_compound_invalid2(struct torture_context *tctx,
struct smb2_tree *tree)
{
struct smb2_handle hd;
struct smb2_create cr;
NTSTATUS status;
const char *fname = "compound_invalid2.dat";
struct smb2_close cl;
bool ret = true;
struct smb2_request *req[5];
struct smbXcli_tcon *saved_tcon = tree->smbXcli;
struct smbXcli_session *saved_session = tree->session->smbXcli;
smb2_transport_credits_ask_num(tree->session->transport, 5);
smb2_util_unlink(tree, fname);
smb2_transport_credits_ask_num(tree->session->transport, 1);
ZERO_STRUCT(cr);
cr.in.security_flags = 0x00;
cr.in.oplock_level = 0;
cr.in.impersonation_level = NTCREATEX_IMPERSONATION_IMPERSONATION;
cr.in.create_flags = 0x00000000;
cr.in.reserved = 0x00000000;
cr.in.desired_access = SEC_RIGHTS_FILE_ALL;
cr.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
cr.in.share_access = NTCREATEX_SHARE_ACCESS_READ |
NTCREATEX_SHARE_ACCESS_WRITE |
NTCREATEX_SHARE_ACCESS_DELETE;
cr.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
cr.in.create_options = NTCREATEX_OPTIONS_SEQUENTIAL_ONLY |
NTCREATEX_OPTIONS_ASYNC_ALERT |
NTCREATEX_OPTIONS_NON_DIRECTORY_FILE |
0x00200000;
cr.in.fname = fname;
smb2_transport_compound_start(tree->session->transport, 5);
req[0] = smb2_create_send(tree, &cr);
hd.data[0] = UINT64_MAX;
hd.data[1] = UINT64_MAX;
smb2_transport_compound_set_related(tree->session->transport, true);
ZERO_STRUCT(cl);
cl.in.file.handle = hd;
tree->smbXcli = smbXcli_tcon_create(tree);
smb2cli_tcon_set_values(tree->smbXcli,
NULL, /* session */
0xFFFFFFFF, /* tcon_id */
0, /* type */
0, /* flags */
0, /* capabilities */
0 /* maximal_access */);
tree->session->smbXcli = smbXcli_session_copy(tree->session,
tree->session->smbXcli);
smb2cli_session_set_id_and_flags(tree->session->smbXcli, UINT64_MAX, 0);
req[1] = smb2_close_send(tree, &cl);
/* strange that this is not generating invalid parameter */
smb2_transport_compound_set_related(tree->session->transport, false);
req[2] = smb2_close_send(tree, &cl);
req[3] = smb2_close_send(tree, &cl);
smb2_transport_compound_set_related(tree->session->transport, true);
req[4] = smb2_close_send(tree, &cl);
status = smb2_create_recv(req[0], tree, &cr);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_close_recv(req[1], &cl);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_close_recv(req[2], &cl);
CHECK_STATUS(status, NT_STATUS_USER_SESSION_DELETED);
status = smb2_close_recv(req[3], &cl);
CHECK_STATUS(status, NT_STATUS_USER_SESSION_DELETED);
status = smb2_close_recv(req[4], &cl);
CHECK_STATUS(status, NT_STATUS_INVALID_PARAMETER);
TALLOC_FREE(tree->smbXcli);
tree->smbXcli = saved_tcon;
TALLOC_FREE(tree->session->smbXcli);
tree->session->smbXcli = saved_session;
smb2_util_unlink(tree, fname);
done:
return ret;
}
struct cli_state *cli_state_create(TALLOC_CTX *mem_ctx,
int fd,
const char *remote_name,
const char *remote_realm,
int signing_state, int flags)
{
struct cli_state *cli = NULL;
bool use_spnego = lp_client_use_spnego();
bool force_dos_errors = false;
bool force_ascii = false;
bool use_level_II_oplocks = false;
uint32_t smb1_capabilities = 0;
uint32_t smb2_capabilities = 0;
struct GUID client_guid = GUID_random();
/* Check the effective uid - make sure we are not setuid */
if (is_setuid_root()) {
DEBUG(0,("libsmb based programs must *NOT* be setuid root.\n"));
return NULL;
}
cli = talloc_zero(mem_ctx, struct cli_state);
if (!cli) {
return NULL;
}
cli->server_domain = talloc_strdup(cli, "");
if (!cli->server_domain) {
goto error;
}
cli->server_os = talloc_strdup(cli, "");
if (!cli->server_os) {
goto error;
}
cli->server_type = talloc_strdup(cli, "");
if (!cli->server_type) {
goto error;
}
cli->dfs_mountpoint = talloc_strdup(cli, "");
if (!cli->dfs_mountpoint) {
goto error;
}
cli->raw_status = NT_STATUS_INTERNAL_ERROR;
cli->map_dos_errors = true; /* remove this */
cli->timeout = CLIENT_TIMEOUT;
cli->case_sensitive = false;
/* Set the CLI_FORCE_DOSERR environment variable to test
client routines using DOS errors instead of STATUS32
ones. This intended only as a temporary hack. */
if (getenv("CLI_FORCE_DOSERR")) {
force_dos_errors = true;
}
if (flags & CLI_FULL_CONNECTION_FORCE_DOS_ERRORS) {
force_dos_errors = true;
}
if (getenv("CLI_FORCE_ASCII")) {
force_ascii = true;
}
if (!lp_unicode()) {
force_ascii = true;
}
if (flags & CLI_FULL_CONNECTION_FORCE_ASCII) {
force_ascii = true;
}
if (flags & CLI_FULL_CONNECTION_DONT_SPNEGO) {
use_spnego = false;
} else if (flags & CLI_FULL_CONNECTION_USE_KERBEROS) {
cli->use_kerberos = true;
}
if ((flags & CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS) &&
cli->use_kerberos) {
cli->fallback_after_kerberos = true;
}
if (flags & CLI_FULL_CONNECTION_USE_CCACHE) {
cli->use_ccache = true;
}
if (flags & CLI_FULL_CONNECTION_USE_NT_HASH) {
cli->pw_nt_hash = true;
}
if (flags & CLI_FULL_CONNECTION_OPLOCKS) {
cli->use_oplocks = true;
}
if (flags & CLI_FULL_CONNECTION_LEVEL_II_OPLOCKS) {
use_level_II_oplocks = true;
}
if (signing_state == SMB_SIGNING_DEFAULT) {
signing_state = lp_client_signing();
}
smb1_capabilities = 0;
smb1_capabilities |= CAP_LARGE_FILES;
smb1_capabilities |= CAP_NT_SMBS | CAP_RPC_REMOTE_APIS;
smb1_capabilities |= CAP_LOCK_AND_READ | CAP_NT_FIND;
smb1_capabilities |= CAP_DFS | CAP_W2K_SMBS;
smb1_capabilities |= CAP_LARGE_READX|CAP_LARGE_WRITEX;
smb1_capabilities |= CAP_LWIO;
if (!force_dos_errors) {
smb1_capabilities |= CAP_STATUS32;
}
if (!force_ascii) {
smb1_capabilities |= CAP_UNICODE;
}
if (use_spnego) {
smb1_capabilities |= CAP_EXTENDED_SECURITY;
}
if (use_level_II_oplocks) {
smb1_capabilities |= CAP_LEVEL_II_OPLOCKS;
}
smb2_capabilities = SMB2_CAP_ALL;
if (remote_realm) {
cli->remote_realm = talloc_strdup(cli, remote_realm);
if (cli->remote_realm == NULL) {
goto error;
}
}
cli->conn = smbXcli_conn_create(cli, fd, remote_name,
signing_state,
smb1_capabilities,
&client_guid,
smb2_capabilities);
if (cli->conn == NULL) {
goto error;
}
cli->smb1.pid = (uint16_t)getpid();
cli->smb1.vc_num = cli->smb1.pid;
cli->smb1.tcon = smbXcli_tcon_create(cli);
if (cli->smb1.tcon == NULL) {
goto error;
}
smb1cli_tcon_set_id(cli->smb1.tcon, UINT16_MAX);
cli->smb1.session = smbXcli_session_create(cli, cli->conn);
if (cli->smb1.session == NULL) {
goto error;
}
cli->initialised = 1;
return cli;
/* Clean up after malloc() error */
error:
TALLOC_FREE(cli);
return NULL;
}
