From 35009eb3a964b3728c11c93fed8eaee9a0adc97f Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 8 May 2012 16:44:06 +0200 Subject: s4:torture: add a new smb2.session.reauth4 test: setting security descriptor after reauth to anon - works --- source4/torture/smb2/session.c | 122 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 122 insertions(+) (limited to 'source4/torture/smb2') diff --git a/source4/torture/smb2/session.c b/source4/torture/smb2/session.c index 8386241694..85fbdfd81f 100644 --- a/source4/torture/smb2/session.c +++ b/source4/torture/smb2/session.c @@ -27,6 +27,7 @@ #include "../libcli/smb/smbXcli_base.h" #include "lib/cmdline/popt_common.h" #include "auth/credentials/credentials.h" +#include "libcli/security/security.h" #define CHECK_VAL(v, correct) do { \ @@ -380,6 +381,126 @@ done: return ret; } +/** + * test setting security descriptor after reauth. + */ +bool test_session_reauth4(struct torture_context *tctx, struct smb2_tree *tree) +{ + NTSTATUS status; + TALLOC_CTX *mem_ctx = talloc_new(tctx); + char fname[256]; + struct smb2_handle _h1; + struct smb2_handle *h1 = NULL; + struct smb2_create io1; + bool ret = true; + union smb_fileinfo qfinfo; + union smb_setfileinfo sfinfo; + struct cli_credentials *anon_creds = NULL; + uint32_t secinfo_flags = SECINFO_OWNER + | SECINFO_GROUP + | SECINFO_DACL + | SECINFO_PROTECTED_DACL + | SECINFO_UNPROTECTED_DACL; + struct security_descriptor *sd1, *sd2, sd3; + struct security_ace ace; + struct dom_sid *extra_sid; + + /* Add some random component to the file name. */ + snprintf(fname, 256, "session_reauth4_%s.dat", + generate_random_str(tctx, 8)); + + smb2_util_unlink(tree, fname); + + smb2_oplock_create_share(&io1, fname, + smb2_util_share_access(""), + smb2_util_oplock_level("b")); + + status = smb2_create(tree, mem_ctx, &io1); + CHECK_STATUS(status, NT_STATUS_OK); + _h1 = io1.out.file.handle; + h1 = &_h1; + CHECK_CREATED(&io1, CREATED, FILE_ATTRIBUTE_ARCHIVE); + CHECK_VAL(io1.out.oplock_level, smb2_util_oplock_level("b")); + + /* get the security descriptor */ + + ZERO_STRUCT(qfinfo); + + qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC; + qfinfo.query_secdesc.in.file.handle = _h1; + qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags; + + status = smb2_getinfo_file(tree, mem_ctx, &qfinfo); + CHECK_STATUS(status, NT_STATUS_OK); + + sd1 = qfinfo.query_secdesc.out.sd; + + /* re-authenticate as anonymous */ + + anon_creds = cli_credentials_init_anon(mem_ctx); + torture_assert(tctx, (anon_creds != NULL), "talloc error"); + + status = smb2_session_setup_spnego(tree->session, + anon_creds, + 0 /* previous_session_id */); + CHECK_STATUS(status, NT_STATUS_OK); + + /* give full access on the file to anonymous */ + + extra_sid = dom_sid_parse_talloc(tctx, SID_NT_ANONYMOUS); + + ZERO_STRUCT(ace); + ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED; + ace.flags = 0; + ace.access_mask = SEC_STD_ALL | SEC_FILE_ALL; + ace.trustee = *extra_sid; + + status = security_descriptor_dacl_add(sd1, &ace); + CHECK_STATUS(status, NT_STATUS_OK); + + ZERO_STRUCT(sfinfo); + sfinfo.set_secdesc.level = RAW_SFILEINFO_SEC_DESC; + sfinfo.set_secdesc.in.file.handle = _h1; + sfinfo.set_secdesc.in.secinfo_flags = SECINFO_DACL; + sfinfo.set_secdesc.in.sd = sd1; + + status = smb2_setinfo_file(tree, &sfinfo); + CHECK_STATUS(status, NT_STATUS_OK); + + /* re-authenticate as original user again */ + + status = smb2_session_setup_spnego(tree->session, + cmdline_credentials, + 0 /* previous_session_id */); + CHECK_STATUS(status, NT_STATUS_OK); + + /* re-get the security descriptor */ + + ZERO_STRUCT(qfinfo); + + qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC; + qfinfo.query_secdesc.in.file.handle = _h1; + qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags; + + status = smb2_getinfo_file(tree, mem_ctx, &qfinfo); + CHECK_STATUS(status, NT_STATUS_OK); + + ret = true; + +done: + if (h1 != NULL) { + smb2_util_close(tree, *h1); + } + + smb2_util_unlink(tree, fname); + + talloc_free(tree); + + talloc_free(mem_ctx); + + return ret; +} + struct torture_suite *torture_smb2_session_init(void) { struct torture_suite *suite = @@ -389,6 +510,7 @@ struct torture_suite *torture_smb2_session_init(void) torture_suite_add_1smb2_test(suite, "reauth1", test_session_reauth1); torture_suite_add_1smb2_test(suite, "reauth2", test_session_reauth2); torture_suite_add_1smb2_test(suite, "reauth3", test_session_reauth3); + torture_suite_add_1smb2_test(suite, "reauth4", test_session_reauth4); suite->description = talloc_strdup(suite, "SMB2-SESSION tests"); -- cgit