2 Unix SMB/CIFS implementation.
4 helper functions for SMB2 test suite
6 Copyright (C) Andrew Tridgell 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "libcli/security/security_descriptor.h"
24 #include "libcli/smb2/smb2.h"
25 #include "libcli/smb2/smb2_calls.h"
26 #include "lib/cmdline/popt_common.h"
27 #include "system/time.h"
28 #include "librpc/gen_ndr/ndr_security.h"
29 #include "param/param.h"
30 #include "libcli/resolve/resolve.h"
32 #include "torture/torture.h"
33 #include "torture/smb2/proto.h"
37 write to a file on SMB2
39 NTSTATUS
smb2_util_write(struct smb2_tree
*tree
,
40 struct smb2_handle handle
,
41 const void *buf
, off_t offset
, size_t size
)
46 w
.in
.file
.handle
= handle
;
48 w
.in
.data
= data_blob_const(buf
, size
);
50 return smb2_write(tree
, &w
);
54 create a complex file/dir using the SMB2 protocol
56 static NTSTATUS
smb2_create_complex(struct smb2_tree
*tree
, const char *fname
,
57 struct smb2_handle
*handle
, bool dir
)
59 TALLOC_CTX
*tmp_ctx
= talloc_new(tree
);
61 struct smb2_create io
;
62 union smb_setfileinfo setfile
;
63 union smb_fileinfo fileinfo
;
64 time_t t
= (time(NULL
) & ~1);
67 smb2_util_unlink(tree
, fname
);
69 io
.in
.desired_access
= SEC_FLAG_MAXIMUM_ALLOWED
;
70 io
.in
.file_attributes
= FILE_ATTRIBUTE_NORMAL
;
71 io
.in
.create_disposition
= NTCREATEX_DISP_OVERWRITE_IF
;
73 NTCREATEX_SHARE_ACCESS_DELETE
|
74 NTCREATEX_SHARE_ACCESS_READ
|
75 NTCREATEX_SHARE_ACCESS_WRITE
;
76 io
.in
.create_options
= 0;
79 io
.in
.create_options
= NTCREATEX_OPTIONS_DIRECTORY
;
80 io
.in
.share_access
&= ~NTCREATEX_SHARE_ACCESS_DELETE
;
81 io
.in
.file_attributes
= FILE_ATTRIBUTE_DIRECTORY
;
82 io
.in
.create_disposition
= NTCREATEX_DISP_CREATE
;
85 /* it seems vista is now fussier about alignment? */
86 if (strchr(fname
, ':') == NULL
) {
88 io
.in
.eas
.num_eas
= 2;
89 io
.in
.eas
.eas
= talloc_array(tmp_ctx
, struct ea_struct
, 2);
90 io
.in
.eas
.eas
[0].flags
= 0;
91 io
.in
.eas
.eas
[0].name
.s
= "EAONE";
92 io
.in
.eas
.eas
[0].value
= data_blob_talloc(tmp_ctx
, "VALUE1", 6);
93 io
.in
.eas
.eas
[1].flags
= 0;
94 io
.in
.eas
.eas
[1].name
.s
= "SECONDEA";
95 io
.in
.eas
.eas
[1].value
= data_blob_talloc(tmp_ctx
, "ValueTwo", 8);
98 status
= smb2_create(tree
, tmp_ctx
, &io
);
100 NT_STATUS_NOT_OK_RETURN(status
);
102 *handle
= io
.out
.file
.handle
;
105 status
= smb2_util_write(tree
, *handle
, buf
, 0, sizeof(buf
));
106 NT_STATUS_NOT_OK_RETURN(status
);
109 /* make sure all the timestamps aren't the same, and are also
110 in different DST zones*/
111 setfile
.generic
.level
= RAW_SFILEINFO_BASIC_INFORMATION
;
112 setfile
.generic
.in
.file
.handle
= *handle
;
114 unix_to_nt_time(&setfile
.basic_info
.in
.create_time
, t
+ 9*30*24*60*60);
115 unix_to_nt_time(&setfile
.basic_info
.in
.access_time
, t
+ 6*30*24*60*60);
116 unix_to_nt_time(&setfile
.basic_info
.in
.write_time
, t
+ 3*30*24*60*60);
117 unix_to_nt_time(&setfile
.basic_info
.in
.change_time
, t
+ 1*30*24*60*60);
118 setfile
.basic_info
.in
.attrib
= FILE_ATTRIBUTE_NORMAL
;
120 status
= smb2_setinfo_file(tree
, &setfile
);
121 if (!NT_STATUS_IS_OK(status
)) {
122 printf("Failed to setup file times - %s\n", nt_errstr(status
));
126 /* make sure all the timestamps aren't the same */
127 fileinfo
.generic
.level
= RAW_FILEINFO_SMB2_ALL_INFORMATION
;
128 fileinfo
.generic
.in
.file
.handle
= *handle
;
130 status
= smb2_getinfo_file(tree
, tree
, &fileinfo
);
131 if (!NT_STATUS_IS_OK(status
)) {
132 printf("Failed to query file times - %s\n", nt_errstr(status
));
137 #define CHECK_TIME(field) do {\
138 if (setfile.basic_info.in.field != fileinfo.all_info2.out.field) { \
139 printf("(%s) " #field " not setup correctly: %s(%llu) => %s(%llu)\n", \
141 nt_time_string(tree, setfile.basic_info.in.field), \
142 (unsigned long long)setfile.basic_info.in.field, \
143 nt_time_string(tree, fileinfo.basic_info.out.field), \
144 (unsigned long long)fileinfo.basic_info.out.field); \
145 status = NT_STATUS_INVALID_PARAMETER; \
149 CHECK_TIME(create_time
);
150 CHECK_TIME(access_time
);
151 CHECK_TIME(write_time
);
152 CHECK_TIME(change_time
);
158 create a complex file using the SMB2 protocol
160 NTSTATUS
smb2_create_complex_file(struct smb2_tree
*tree
, const char *fname
,
161 struct smb2_handle
*handle
)
163 return smb2_create_complex(tree
, fname
, handle
, false);
167 create a complex dir using the SMB2 protocol
169 NTSTATUS
smb2_create_complex_dir(struct smb2_tree
*tree
, const char *fname
,
170 struct smb2_handle
*handle
)
172 return smb2_create_complex(tree
, fname
, handle
, true);
176 show lots of information about a file
178 void torture_smb2_all_info(struct smb2_tree
*tree
, struct smb2_handle handle
)
181 TALLOC_CTX
*tmp_ctx
= talloc_new(tree
);
182 union smb_fileinfo io
;
184 io
.generic
.level
= RAW_FILEINFO_SMB2_ALL_INFORMATION
;
185 io
.generic
.in
.file
.handle
= handle
;
187 status
= smb2_getinfo_file(tree
, tmp_ctx
, &io
);
188 if (!NT_STATUS_IS_OK(status
)) {
189 DEBUG(0,("getinfo failed - %s\n", nt_errstr(status
)));
190 talloc_free(tmp_ctx
);
194 d_printf("all_info for '%s'\n", io
.all_info2
.out
.fname
.s
);
195 d_printf("\tcreate_time: %s\n", nt_time_string(tmp_ctx
, io
.all_info2
.out
.create_time
));
196 d_printf("\taccess_time: %s\n", nt_time_string(tmp_ctx
, io
.all_info2
.out
.access_time
));
197 d_printf("\twrite_time: %s\n", nt_time_string(tmp_ctx
, io
.all_info2
.out
.write_time
));
198 d_printf("\tchange_time: %s\n", nt_time_string(tmp_ctx
, io
.all_info2
.out
.change_time
));
199 d_printf("\tattrib: 0x%x\n", io
.all_info2
.out
.attrib
);
200 d_printf("\tunknown1: 0x%x\n", io
.all_info2
.out
.unknown1
);
201 d_printf("\talloc_size: %llu\n", (long long)io
.all_info2
.out
.alloc_size
);
202 d_printf("\tsize: %llu\n", (long long)io
.all_info2
.out
.size
);
203 d_printf("\tnlink: %u\n", io
.all_info2
.out
.nlink
);
204 d_printf("\tdelete_pending: %u\n", io
.all_info2
.out
.delete_pending
);
205 d_printf("\tdirectory: %u\n", io
.all_info2
.out
.directory
);
206 d_printf("\tfile_id: %llu\n", (long long)io
.all_info2
.out
.file_id
);
207 d_printf("\tea_size: %u\n", io
.all_info2
.out
.ea_size
);
208 d_printf("\taccess_mask: 0x%08x\n", io
.all_info2
.out
.access_mask
);
209 d_printf("\tposition: 0x%llx\n", (long long)io
.all_info2
.out
.position
);
210 d_printf("\tmode: 0x%llx\n", (long long)io
.all_info2
.out
.mode
);
212 /* short name, if any */
213 io
.generic
.level
= RAW_FILEINFO_ALT_NAME_INFORMATION
;
214 status
= smb2_getinfo_file(tree
, tmp_ctx
, &io
);
215 if (NT_STATUS_IS_OK(status
)) {
216 d_printf("\tshort name: '%s'\n", io
.alt_name_info
.out
.fname
.s
);
219 /* the EAs, if any */
220 io
.generic
.level
= RAW_FILEINFO_SMB2_ALL_EAS
;
221 status
= smb2_getinfo_file(tree
, tmp_ctx
, &io
);
222 if (NT_STATUS_IS_OK(status
)) {
224 for (i
=0;i
<io
.all_eas
.out
.num_eas
;i
++) {
225 d_printf("\tEA[%d] flags=%d len=%d '%s'\n", i
,
226 io
.all_eas
.out
.eas
[i
].flags
,
227 (int)io
.all_eas
.out
.eas
[i
].value
.length
,
228 io
.all_eas
.out
.eas
[i
].name
.s
);
232 /* streams, if available */
233 io
.generic
.level
= RAW_FILEINFO_STREAM_INFORMATION
;
234 status
= smb2_getinfo_file(tree
, tmp_ctx
, &io
);
235 if (NT_STATUS_IS_OK(status
)) {
237 for (i
=0;i
<io
.stream_info
.out
.num_streams
;i
++) {
238 d_printf("\tstream %d:\n", i
);
239 d_printf("\t\tsize %ld\n",
240 (long)io
.stream_info
.out
.streams
[i
].size
);
241 d_printf("\t\talloc size %ld\n",
242 (long)io
.stream_info
.out
.streams
[i
].alloc_size
);
243 d_printf("\t\tname %s\n", io
.stream_info
.out
.streams
[i
].stream_name
.s
);
248 /* the security descriptor */
249 io
.query_secdesc
.level
= RAW_FILEINFO_SEC_DESC
;
250 io
.query_secdesc
.in
.secinfo_flags
=
251 SECINFO_OWNER
|SECINFO_GROUP
|
253 status
= smb2_getinfo_file(tree
, tmp_ctx
, &io
);
254 if (NT_STATUS_IS_OK(status
)) {
255 NDR_PRINT_DEBUG(security_descriptor
, io
.query_secdesc
.out
.sd
);
259 talloc_free(tmp_ctx
);
264 open a smb2 connection
266 bool torture_smb2_connection(struct torture_context
*tctx
, struct smb2_tree
**tree
)
269 const char *host
= torture_setting_string(tctx
, "host", NULL
);
270 const char *share
= torture_setting_string(tctx
, "share", NULL
);
271 struct cli_credentials
*credentials
= cmdline_credentials
;
272 struct smbcli_options options
;
274 lpcfg_smbcli_options(tctx
->lp_ctx
, &options
);
276 status
= smb2_connect(tctx
, host
,
277 lpcfg_smb_ports(tctx
->lp_ctx
),
279 lpcfg_resolve_context(tctx
->lp_ctx
),
282 lpcfg_socket_options(tctx
->lp_ctx
),
283 lpcfg_gensec_settings(tctx
, tctx
->lp_ctx
)
285 if (!NT_STATUS_IS_OK(status
)) {
286 printf("Failed to connect to SMB2 share \\\\%s\\%s - %s\n",
287 host
, share
, nt_errstr(status
));
295 create and return a handle to a test file
297 NTSTATUS
torture_smb2_testfile(struct smb2_tree
*tree
, const char *fname
,
298 struct smb2_handle
*handle
)
300 struct smb2_create io
;
304 io
.in
.oplock_level
= 0;
305 io
.in
.desired_access
= SEC_RIGHTS_FILE_ALL
;
306 io
.in
.file_attributes
= FILE_ATTRIBUTE_NORMAL
;
307 io
.in
.create_disposition
= NTCREATEX_DISP_OPEN_IF
;
309 NTCREATEX_SHARE_ACCESS_DELETE
|
310 NTCREATEX_SHARE_ACCESS_READ
|
311 NTCREATEX_SHARE_ACCESS_WRITE
;
312 io
.in
.create_options
= 0;
315 status
= smb2_create(tree
, tree
, &io
);
316 NT_STATUS_NOT_OK_RETURN(status
);
318 *handle
= io
.out
.file
.handle
;
324 create and return a handle to a test directory
326 NTSTATUS
torture_smb2_testdir(struct smb2_tree
*tree
, const char *fname
,
327 struct smb2_handle
*handle
)
329 struct smb2_create io
;
333 io
.in
.oplock_level
= 0;
334 io
.in
.desired_access
= SEC_RIGHTS_DIR_ALL
;
335 io
.in
.file_attributes
= FILE_ATTRIBUTE_DIRECTORY
;
336 io
.in
.create_disposition
= NTCREATEX_DISP_OPEN_IF
;
337 io
.in
.share_access
= NTCREATEX_SHARE_ACCESS_READ
|NTCREATEX_SHARE_ACCESS_WRITE
|NTCREATEX_SHARE_ACCESS_DELETE
;
338 io
.in
.create_options
= NTCREATEX_OPTIONS_DIRECTORY
;
341 status
= smb2_create(tree
, tree
, &io
);
342 NT_STATUS_NOT_OK_RETURN(status
);
344 *handle
= io
.out
.file
.handle
;
351 create a complex file using SMB2, to make it easier to
352 find fields in SMB2 getinfo levels
354 NTSTATUS
torture_setup_complex_file(struct smb2_tree
*tree
, const char *fname
)
356 struct smb2_handle handle
;
357 NTSTATUS status
= smb2_create_complex_file(tree
, fname
, &handle
);
358 NT_STATUS_NOT_OK_RETURN(status
);
359 return smb2_util_close(tree
, handle
);
364 create a complex dir using SMB2, to make it easier to
365 find fields in SMB2 getinfo levels
367 NTSTATUS
torture_setup_complex_dir(struct smb2_tree
*tree
, const char *fname
)
369 struct smb2_handle handle
;
370 NTSTATUS status
= smb2_create_complex_dir(tree
, fname
, &handle
);
371 NT_STATUS_NOT_OK_RETURN(status
);
372 return smb2_util_close(tree
, handle
);
377 return a handle to the root of the share
379 NTSTATUS
smb2_util_roothandle(struct smb2_tree
*tree
, struct smb2_handle
*handle
)
381 struct smb2_create io
;
385 io
.in
.oplock_level
= 0;
386 io
.in
.desired_access
= SEC_STD_SYNCHRONIZE
| SEC_DIR_READ_ATTRIBUTE
| SEC_DIR_LIST
;
387 io
.in
.file_attributes
= 0;
388 io
.in
.create_disposition
= NTCREATEX_DISP_OPEN
;
389 io
.in
.share_access
= NTCREATEX_SHARE_ACCESS_READ
|NTCREATEX_SHARE_ACCESS_DELETE
;
390 io
.in
.create_options
= NTCREATEX_OPTIONS_ASYNC_ALERT
;
393 status
= smb2_create(tree
, tree
, &io
);
394 NT_STATUS_NOT_OK_RETURN(status
);
396 *handle
= io
.out
.file
.handle
;
401 /* Comparable to torture_setup_dir, but for SMB2. */
402 bool smb2_util_setup_dir(struct torture_context
*tctx
, struct smb2_tree
*tree
,
407 /* XXX: smb_raw_exit equivalent?
408 smb_raw_exit(cli->session); */
409 if (smb2_deltree(tree
, dname
) == -1) {
410 torture_result(tctx
, TORTURE_ERROR
, "Unable to deltree when setting up %s.\n", dname
);
414 status
= smb2_util_mkdir(tree
, dname
);
415 if (NT_STATUS_IS_ERR(status
)) {
416 torture_result(tctx
, TORTURE_ERROR
, "Unable to mkdir when setting up %s - %s\n", dname
,
424 #define CHECK_STATUS(status, correct) do { \
425 if (!NT_STATUS_EQUAL(status, correct)) { \
426 torture_result(tctx, TORTURE_FAIL, "(%s) Incorrect status %s - should be %s\n", \
427 __location__, nt_errstr(status), nt_errstr(correct)); \
433 * Helper function to verify a security descriptor, by querying
434 * and comparing against the passed in sd.
436 bool smb2_util_verify_sd(TALLOC_CTX
*tctx
, struct smb2_tree
*tree
,
437 struct smb2_handle handle
, struct security_descriptor
*sd
)
441 union smb_fileinfo q
= {};
443 q
.query_secdesc
.level
= RAW_FILEINFO_SEC_DESC
;
444 q
.query_secdesc
.in
.file
.handle
= handle
;
445 q
.query_secdesc
.in
.secinfo_flags
=
449 status
= smb2_getinfo_file(tree
, tctx
, &q
);
450 CHECK_STATUS(status
, NT_STATUS_OK
);
452 if (!security_acl_equal(
453 q
.query_secdesc
.out
.sd
->dacl
, sd
->dacl
)) {
454 torture_warning(tctx
, "%s: security descriptors don't match!\n",
456 torture_warning(tctx
, "got:\n");
457 NDR_PRINT_DEBUG(security_descriptor
,
458 q
.query_secdesc
.out
.sd
);
459 torture_warning(tctx
, "expected:\n");
460 NDR_PRINT_DEBUG(security_descriptor
, sd
);
469 * Helper function to verify attributes, by querying
470 * and comparing against the passed in attrib.
472 bool smb2_util_verify_attrib(TALLOC_CTX
*tctx
, struct smb2_tree
*tree
,
473 struct smb2_handle handle
, uint32_t attrib
)
477 union smb_fileinfo q
= {};
479 q
.standard
.level
= RAW_FILEINFO_SMB2_ALL_INFORMATION
;
480 q
.standard
.in
.file
.handle
= handle
;
481 status
= smb2_getinfo_file(tree
, tctx
, &q
);
482 CHECK_STATUS(status
, NT_STATUS_OK
);
484 q
.all_info2
.out
.attrib
&= ~FILE_ATTRIBUTE_ARCHIVE
;
486 if (q
.all_info2
.out
.attrib
!= attrib
) {
487 torture_warning(tctx
, "%s: attributes don't match! "
488 "got %x, expected %x\n", __location__
,
489 (uint32_t)q
.standard
.out
.attrib
,