diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/torture/smb2/session.c | 100 |
1 files changed, 100 insertions, 0 deletions
diff --git a/source4/torture/smb2/session.c b/source4/torture/smb2/session.c index aaebf054bb..8386241694 100644 --- a/source4/torture/smb2/session.c +++ b/source4/torture/smb2/session.c @@ -280,6 +280,105 @@ done: return ret; } +/** + * test getting security descriptor after reauth + */ +bool test_session_reauth3(struct torture_context *tctx, struct smb2_tree *tree) +{ + NTSTATUS status; + TALLOC_CTX *mem_ctx = talloc_new(tctx); + char fname[256]; + struct smb2_handle _h1; + struct smb2_handle *h1 = NULL; + struct smb2_create io1; + bool ret = true; + union smb_fileinfo qfinfo; + struct cli_credentials *anon_creds = NULL; + uint32_t secinfo_flags = SECINFO_OWNER + | SECINFO_GROUP + | SECINFO_DACL + | SECINFO_PROTECTED_DACL + | SECINFO_UNPROTECTED_DACL; + + /* Add some random component to the file name. */ + snprintf(fname, 256, "session_reauth3_%s.dat", + generate_random_str(tctx, 8)); + + smb2_util_unlink(tree, fname); + + smb2_oplock_create_share(&io1, fname, + smb2_util_share_access(""), + smb2_util_oplock_level("b")); + + status = smb2_create(tree, mem_ctx, &io1); + CHECK_STATUS(status, NT_STATUS_OK); + _h1 = io1.out.file.handle; + h1 = &_h1; + CHECK_CREATED(&io1, CREATED, FILE_ATTRIBUTE_ARCHIVE); + CHECK_VAL(io1.out.oplock_level, smb2_util_oplock_level("b")); + + /* get the security descriptor */ + + ZERO_STRUCT(qfinfo); + + qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC; + qfinfo.query_secdesc.in.file.handle = _h1; + qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags; + + status = smb2_getinfo_file(tree, mem_ctx, &qfinfo); + CHECK_STATUS(status, NT_STATUS_OK); + /* re-authenticate as anonymous */ + + anon_creds = cli_credentials_init_anon(mem_ctx); + torture_assert(tctx, (anon_creds != NULL), "talloc error"); + + status = smb2_session_setup_spnego(tree->session, + anon_creds, + 0 /* previous_session_id */); + CHECK_STATUS(status, NT_STATUS_OK); + + /* try to access the file via the old handle */ + + ZERO_STRUCT(qfinfo); + + qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC; + qfinfo.query_secdesc.in.file.handle = _h1; + qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags; + + status = smb2_getinfo_file(tree, mem_ctx, &qfinfo); + CHECK_STATUS(status, NT_STATUS_OK); + + /* re-authenticate as original user again */ + + status = smb2_session_setup_spnego(tree->session, + cmdline_credentials, + 0 /* previous_session_id */); + CHECK_STATUS(status, NT_STATUS_OK); + + /* try to access the file via the old handle */ + + ZERO_STRUCT(qfinfo); + + qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC; + qfinfo.query_secdesc.in.file.handle = _h1; + qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags; + + status = smb2_getinfo_file(tree, mem_ctx, &qfinfo); + CHECK_STATUS(status, NT_STATUS_OK); + +done: + if (h1 != NULL) { + smb2_util_close(tree, *h1); + } + + smb2_util_unlink(tree, fname); + + talloc_free(tree); + + talloc_free(mem_ctx); + + return ret; +} struct torture_suite *torture_smb2_session_init(void) { @@ -289,6 +388,7 @@ struct torture_suite *torture_smb2_session_init(void) torture_suite_add_1smb2_test(suite, "reconnect", test_session_reconnect); torture_suite_add_1smb2_test(suite, "reauth1", test_session_reauth1); torture_suite_add_1smb2_test(suite, "reauth2", test_session_reauth2); + torture_suite_add_1smb2_test(suite, "reauth3", test_session_reauth3); suite->description = talloc_strdup(suite, "SMB2-SESSION tests"); |