diff options
-rw-r--r-- | source3/torture/proto.h | 1 | ||||
-rw-r--r-- | source3/torture/test_smb2.c | 389 | ||||
-rw-r--r-- | source3/torture/torture.c | 1 |
3 files changed, 391 insertions, 0 deletions
diff --git a/source3/torture/proto.h b/source3/torture/proto.h index adfccd8c20..e68545d98d 100644 --- a/source3/torture/proto.h +++ b/source3/torture/proto.h @@ -95,6 +95,7 @@ bool run_nttrans_create(int dummy); bool run_nttrans_fsctl(int dummy); bool run_smb2_basic(int dummy); bool run_smb2_negprot(int dummy); +bool run_smb2_session_reconnect(int dummy); bool run_local_conv_auth_info(int dummy); bool run_local_sprintf_append(int dummy); diff --git a/source3/torture/test_smb2.c b/source3/torture/test_smb2.c index 5e0f24cb51..04aa072adc 100644 --- a/source3/torture/test_smb2.c +++ b/source3/torture/test_smb2.c @@ -24,6 +24,7 @@ #include "libsmb/smb2cli.h" #include "libcli/security/security.h" #include "libsmb/proto.h" +#include "../auth/ntlmssp/ntlmssp.h" extern fstring host, workgroup, share, password, username, myname; @@ -220,3 +221,391 @@ bool run_smb2_negprot(int dummy) return true; } + +bool run_smb2_session_reconnect(int dummy) +{ + struct cli_state *cli1; + struct cli_state *cli2; + NTSTATUS status; + bool ok; + uint64_t fid_persistent, fid_volatile; + struct tevent_context *ev; + struct tevent_req *subreq; + DATA_BLOB in_blob = data_blob_null; + DATA_BLOB out_blob; + struct ntlmssp_state *ntlmssp; + struct iovec *recv_iov; + const char *hello = "Hello, world\n"; + uint8_t *result; + uint32_t nread; + + printf("Starting SMB2-SESSION-RECONNECT\n"); + + if (!torture_init_connection(&cli1)) { + return false; + } + cli1->smb2.pid = 0xFEFF; + + status = smbXcli_negprot(cli1->conn, cli1->timeout, + PROTOCOL_SMB2_02, PROTOCOL_SMB2_22); + if (!NT_STATUS_IS_OK(status)) { + printf("smbXcli_negprot returned %s\n", nt_errstr(status)); + return false; + } + + status = cli_session_setup(cli1, username, + password, strlen(password), + password, strlen(password), + workgroup); + if (!NT_STATUS_IS_OK(status)) { + printf("cli_session_setup returned %s\n", nt_errstr(status)); + return false; + } + + status = cli_tree_connect(cli1, share, "?????", "", 0); + if (!NT_STATUS_IS_OK(status)) { + printf("cli_tree_connect returned %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_create(cli1, "session-reconnect.txt", + SMB2_OPLOCK_LEVEL_NONE, /* oplock_level, */ + SMB2_IMPERSONATION_IMPERSONATION, /* impersonation_level, */ + SEC_STD_ALL | SEC_FILE_ALL, /* desired_access, */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes, */ + FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, /* share_access, */ + FILE_CREATE, /* create_disposition, */ + FILE_DELETE_ON_CLOSE, /* create_options, */ + NULL, /* smb2_create_blobs *blobs */ + &fid_persistent, + &fid_volatile); + if (!NT_STATUS_IS_OK(status)) { + printf("smb2cli_create on cli1 %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_write(cli1, strlen(hello), 0, fid_persistent, + fid_volatile, 0, 0, (const uint8_t *)hello); + if (!NT_STATUS_IS_OK(status)) { + printf("smb2cli_write returned %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_flush(cli1, fid_persistent, fid_volatile); + if (!NT_STATUS_IS_OK(status)) { + printf("smb2cli_flush returned %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_read(cli1, 0x10000, 0, fid_persistent, + fid_volatile, 2, 0, + talloc_tos(), &result, &nread); + if (!NT_STATUS_IS_OK(status)) { + printf("smb2cli_read returned %s\n", nt_errstr(status)); + return false; + } + + if (nread != strlen(hello)) { + printf("smb2cli_read returned %d bytes, expected %d\n", + (int)nread, (int)strlen(hello)); + return false; + } + + if (memcmp(hello, result, nread) != 0) { + printf("smb2cli_read returned '%s', expected '%s'\n", + result, hello); + return false; + } + + /* prepare second session */ + + if (!torture_init_connection(&cli2)) { + return false; + } + cli2->smb2.pid = 0xFEFF; + + status = smbXcli_negprot(cli2->conn, cli2->timeout, + PROTOCOL_SMB2_02, PROTOCOL_SMB2_22); + if (!NT_STATUS_IS_OK(status)) { + printf("smbXcli_negprot returned %s\n", nt_errstr(status)); + return false; + } + + status = ntlmssp_client_start(talloc_tos(), + lp_netbios_name(), + lp_workgroup(), + lp_client_ntlmv2_auth(), + &ntlmssp); + if (!NT_STATUS_IS_OK(status)) { + printf("ntlmssp_client_start returned %s\n", nt_errstr(status)); + return false; + } + + ntlmssp_want_feature(ntlmssp, + NTLMSSP_FEATURE_SESSION_KEY); + status = ntlmssp_set_username(ntlmssp, username); + if (!NT_STATUS_IS_OK(status)) { + printf("ntlmssp_set_username returned %s\n", nt_errstr(status)); + return false; + } + + status = ntlmssp_set_domain(ntlmssp, workgroup); + if (!NT_STATUS_IS_OK(status)) { + printf("ntlmssp_set_domain returned %s\n", nt_errstr(status)); + return false; + } + + status = ntlmssp_set_password(ntlmssp, password); + if (!NT_STATUS_IS_OK(status)) { + printf("ntlmssp_set_password returned %s\n", nt_errstr(status)); + return false; + } + + status = ntlmssp_update(ntlmssp, data_blob_null, &in_blob); + if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + printf("ntlmssp_update returned %s\n", nt_errstr(status)); + return false; + } + + cli2->smb2.session = smbXcli_session_create(cli2, cli2->conn); + + ev = event_context_init(talloc_tos()); + if (ev == NULL) { + printf("event_context_init() returned NULL\n"); + return false; + } + + subreq = smb2cli_session_setup_send(talloc_tos(), ev, + cli2->conn, + cli2->timeout, + cli2->smb2.session, + 0x0, /* in_flags */ + SMB2_CAP_DFS, /* in_capabilities */ + 0, /* in_channel */ + cli1->smb2.session, /* in_previous_session */ + &in_blob); /* in_security_buffer */ + if (subreq == NULL) { + printf("smb2cli_session_setup_send() returned NULL\n"); + return false; + } + + ok = tevent_req_poll(subreq, ev); + if (!ok) { + printf("tevent_req_poll() returned false\n"); + return false; + } + + status = smb2cli_session_setup_recv(subreq, talloc_tos(), + NULL, &out_blob); + if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + printf("smb2cli_session_setup_recv returned %s\n", + nt_errstr(status)); + return false; + } + + status = ntlmssp_update(ntlmssp, out_blob, &in_blob); + if (!NT_STATUS_IS_OK(status)) { + printf("ntlmssp_update returned %s\n", nt_errstr(status)); + return false; + } + + subreq = smb2cli_session_setup_send(talloc_tos(), ev, + cli2->conn, + cli2->timeout, + cli2->smb2.session, + 0x0, /* in_flags */ + SMB2_CAP_DFS, /* in_capabilities */ + 0, /* in_channel */ + cli1->smb2.session, /* in_previous_session */ + &in_blob); /* in_security_buffer */ + if (subreq == NULL) { + printf("smb2cli_session_setup_send() returned NULL\n"); + return false; + } + + ok = tevent_req_poll(subreq, ev); + if (!ok) { + printf("tevent_req_poll() returned false\n"); + return false; + } + + status = smb2cli_session_setup_recv(subreq, talloc_tos(), + &recv_iov, &out_blob); + if (!NT_STATUS_IS_OK(status)) { + printf("smb2cli_session_setup_recv returned %s\n", + nt_errstr(status)); + return false; + } + + status = smb2_signing_check_pdu(ntlmssp->session_key, recv_iov, 3); + if (!NT_STATUS_IS_OK(status)) { + printf("check pdu returned %s\n", nt_errstr(status)); + return false; + } + + /* check file operation on the old client */ + + status = smb2cli_flush(cli1, fid_persistent, fid_volatile); + if (!NT_STATUS_EQUAL(status, NT_STATUS_USER_SESSION_DELETED)) { + printf("smb2cli_flush returned %s\n", nt_errstr(status)); + return false; + } + + status = cli_tree_connect(cli1, share, "?????", "", 0); + if (!NT_STATUS_EQUAL(status, NT_STATUS_USER_SESSION_DELETED)) { + printf("cli_tree_connect returned %s\n", nt_errstr(status)); + return false; + } + + /* + * checking file operations without signing. + * on w2k8r2 at least, flush, read and write also work the same way, + * while create gives ACCESS_DENIED without signing + */ + status = smb2cli_flush(cli2, fid_persistent, fid_volatile); + if (!NT_STATUS_EQUAL(status, NT_STATUS_FILE_CLOSED)) { + printf("smb2cli_flush returned %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_write(cli2, strlen(hello), 0, fid_persistent, + fid_volatile, 0, 0, (const uint8_t *)hello); + if (!NT_STATUS_EQUAL(status, NT_STATUS_FILE_CLOSED)) { + printf("smb2cli_write returned %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_read(cli2, 0x10000, 0, fid_persistent, + fid_volatile, 2, 0, + talloc_tos(), &result, &nread); + if (!NT_STATUS_EQUAL(status, NT_STATUS_FILE_CLOSED)) { + printf("smb2cli_read returned %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_create(cli2, "session-reconnect.txt", + SMB2_OPLOCK_LEVEL_NONE, /* oplock_level, */ + SMB2_IMPERSONATION_IMPERSONATION, /* impersonation_level, */ + SEC_STD_ALL | SEC_FILE_ALL, /* desired_access, */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes, */ + FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, /* share_access, */ + FILE_CREATE, /* create_disposition, */ + FILE_DELETE_ON_CLOSE, /* create_options, */ + NULL, /* smb2_create_blobs *blobs */ + &fid_persistent, + &fid_volatile); + if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { + printf("smb2cli_create on cli2 %s\n", nt_errstr(status)); + return false; + } + + /* now grab the session key and try with signing */ + + status = smb2cli_session_update_session_key(cli2->smb2.session, + ntlmssp->session_key, + recv_iov); + if (!NT_STATUS_IS_OK(status)) { + printf("smb2cli_session_update_session_key %s\n", nt_errstr(status)); + return false; + } + + /* the tid seems to be irrelevant at this stage */ + + cli2->smb2.tid = cli1->smb2.tid; + + status = smb2cli_flush(cli2, fid_persistent, fid_volatile); + if (!NT_STATUS_EQUAL(status, NT_STATUS_FILE_CLOSED)) { + printf("smb2cli_flush returned %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_write(cli2, strlen(hello), 0, fid_persistent, + fid_volatile, 0, 0, (const uint8_t *)hello); + if (!NT_STATUS_EQUAL(status, NT_STATUS_FILE_CLOSED)) { + printf("smb2cli_write returned %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_read(cli2, 0x10000, 0, fid_persistent, + fid_volatile, 2, 0, + talloc_tos(), &result, &nread); + if (!NT_STATUS_EQUAL(status, NT_STATUS_FILE_CLOSED)) { + printf("smb2cli_read returned %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_create(cli2, "session-reconnect.txt", + SMB2_OPLOCK_LEVEL_NONE, /* oplock_level, */ + SMB2_IMPERSONATION_IMPERSONATION, /* impersonation_level, */ + SEC_STD_ALL | SEC_FILE_ALL, /* desired_access, */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes, */ + FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, /* share_access, */ + FILE_CREATE, /* create_disposition, */ + FILE_DELETE_ON_CLOSE, /* create_options, */ + NULL, /* smb2_create_blobs *blobs */ + &fid_persistent, + &fid_volatile); + if (!NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_NAME_DELETED)) { + printf("smb2cli_create on cli2 %s\n", nt_errstr(status)); + return false; + } + + /* now do a new tcon and test file calls again */ + + status = cli_tree_connect(cli2, share, "?????", "", 0); + if (!NT_STATUS_IS_OK(status)) { + printf("cli_tree_connect returned %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_create(cli2, "session-reconnect.txt", + SMB2_OPLOCK_LEVEL_NONE, /* oplock_level, */ + SMB2_IMPERSONATION_IMPERSONATION, /* impersonation_level, */ + SEC_STD_ALL | SEC_FILE_ALL, /* desired_access, */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes, */ + FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, /* share_access, */ + FILE_CREATE, /* create_disposition, */ + FILE_DELETE_ON_CLOSE, /* create_options, */ + NULL, /* smb2_create_blobs *blobs */ + &fid_persistent, + &fid_volatile); + if (!NT_STATUS_IS_OK(status)) { + printf("smb2cli_create on cli2 %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_write(cli2, strlen(hello), 0, fid_persistent, + fid_volatile, 0, 0, (const uint8_t *)hello); + if (!NT_STATUS_IS_OK(status)) { + printf("smb2cli_write returned %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_flush(cli2, fid_persistent, fid_volatile); + if (!NT_STATUS_IS_OK(status)) { + printf("smb2cli_flush returned %s\n", nt_errstr(status)); + return false; + } + + status = smb2cli_read(cli2, 0x10000, 0, fid_persistent, + fid_volatile, 2, 0, + talloc_tos(), &result, &nread); + if (!NT_STATUS_IS_OK(status)) { + printf("smb2cli_read returned %s\n", nt_errstr(status)); + return false; + } + + if (nread != strlen(hello)) { + printf("smb2cli_read returned %d bytes, expected %d\n", + (int)nread, (int)strlen(hello)); + return false; + } + + if (memcmp(hello, result, nread) != 0) { + printf("smb2cli_read returned '%s', expected '%s'\n", + result, hello); + return false; + } + + return true; +} diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 64b1e930f4..9dc8925107 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -8875,6 +8875,7 @@ static struct { { "NOTIFY-ONLINE", run_notify_online }, { "SMB2-BASIC", run_smb2_basic }, { "SMB2-NEGPROT", run_smb2_negprot }, + { "SMB2-SESSION-RECONNECT", run_smb2_session_reconnect }, { "LOCAL-SUBSTITUTE", run_local_substitute, 0}, { "LOCAL-GENCACHE", run_local_gencache, 0}, { "LOCAL-TALLOC-DICT", run_local_talloc_dict, 0}, |