search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4-torture: ran minimal_includes.pl over source4/torture
[Samba/ekacnet.git] / source4 / torture / raw / samba3hide.c
blob4f9e2ecf8fd1afc95a03ca7bcbf673e532665f9a
1 /*
2 Unix SMB/CIFS implementation.
3 Test samba3 hide unreadable/unwriteable
4 Copyright (C) Volker Lendecke 2006
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "system/time.h"
22 #include "system/filesys.h"
23 #include "libcli/libcli.h"
24 #include "torture/util.h"
25
26 static void init_unixinfo_nochange(union smb_setfileinfo *info)
27 {
28 ZERO_STRUCTP(info);
29 info->unix_basic.level = RAW_SFILEINFO_UNIX_BASIC;
30 info->unix_basic.in.mode = SMB_MODE_NO_CHANGE;
31
32 info->unix_basic.in.end_of_file = SMB_SIZE_NO_CHANGE_HI;
33 info->unix_basic.in.end_of_file <<= 32;
34 info->unix_basic.in.end_of_file |= SMB_SIZE_NO_CHANGE_LO;
35
36 info->unix_basic.in.num_bytes = SMB_SIZE_NO_CHANGE_HI;
37 info->unix_basic.in.num_bytes <<= 32;
38 info->unix_basic.in.num_bytes |= SMB_SIZE_NO_CHANGE_LO;
39
40 info->unix_basic.in.status_change_time = SMB_TIME_NO_CHANGE_HI;
41 info->unix_basic.in.status_change_time <<= 32;
42 info->unix_basic.in.status_change_time |= SMB_TIME_NO_CHANGE_LO;
43
44 info->unix_basic.in.access_time = SMB_TIME_NO_CHANGE_HI;
45 info->unix_basic.in.access_time <<= 32;
46 info->unix_basic.in.access_time |= SMB_TIME_NO_CHANGE_LO;
47
48 info->unix_basic.in.change_time = SMB_TIME_NO_CHANGE_HI;
49 info->unix_basic.in.change_time <<= 32;
50 info->unix_basic.in.change_time |= SMB_TIME_NO_CHANGE_LO;
51
52 info->unix_basic.in.uid = SMB_UID_NO_CHANGE;
53 info->unix_basic.in.gid = SMB_GID_NO_CHANGE;
54 }
55
56 struct list_state {
57 const char *fname;
58 bool visible;
59 };
60
61 static void set_visible(struct clilist_file_info *i, const char *mask,
62 void *priv)
63 {
64 struct list_state *state = (struct list_state *)priv;
65
66 if (strcasecmp_m(state->fname, i->name) == 0)
67 state->visible = true;
68 }
69
70 static bool is_visible(struct smbcli_tree *tree, const char *fname)
71 {
72 struct list_state state;
73
74 state.visible = false;
75 state.fname = fname;
76
77 if (smbcli_list(tree, "*.*", 0, set_visible, &state) < 0) {
78 return false;
79 }
80 return state.visible;
81 }
82
83 static bool is_readable(struct smbcli_tree *tree, const char *fname)
84 {
85 int fnum;
86 fnum = smbcli_open(tree, fname, O_RDONLY, DENY_NONE);
87 if (fnum < 0) {
88 return false;
89 }
90 smbcli_close(tree, fnum);
91 return true;
92 }
93
94 static bool is_writeable(TALLOC_CTX *mem_ctx, struct smbcli_tree *tree,
95 const char *fname)
96 {
97 int fnum;
98 fnum = smbcli_open(tree, fname, O_WRONLY, DENY_NONE);
99 if (fnum < 0) {
100 return false;
101 }
102 smbcli_close(tree, fnum);
103 return true;
104 }
105
106 /*
107 * This is not an exact method because there's a ton of reasons why a getatr
108 * might fail. But for our purposes it's sufficient.
109 */
110
111 static bool smbcli_file_exists(struct smbcli_tree *tree, const char *fname)
112 {
113 return NT_STATUS_IS_OK(smbcli_getatr(tree, fname, NULL, NULL, NULL));
114 }
115
116 static NTSTATUS smbcli_chmod(struct smbcli_tree *tree, const char *fname,
117 uint64_t permissions)
118 {
119 union smb_setfileinfo sfinfo;
120 init_unixinfo_nochange(&sfinfo);
121 sfinfo.unix_basic.in.file.path = fname;
122 sfinfo.unix_basic.in.permissions = permissions;
123 return smb_raw_setpathinfo(tree, &sfinfo);
124 }
125
126 bool torture_samba3_hide(struct torture_context *torture)
127 {
128 struct smbcli_state *cli;
129 const char *fname = "test.txt";
130 int fnum;
131 NTSTATUS status;
132 struct smbcli_tree *hideunread;
133 struct smbcli_tree *hideunwrite;
134
135 if (!torture_open_connection_share(
136 torture, &cli, torture, torture_setting_string(torture, "host", NULL),
137 torture_setting_string(torture, "share", NULL), torture->ev)) {
138 d_printf("torture_open_connection_share failed\n");
139 return false;
140 }
141
142 status = torture_second_tcon(torture, cli->session, "hideunread",
143 &hideunread);
144 if (!NT_STATUS_IS_OK(status)) {
145 d_printf("second_tcon(hideunread) failed: %s\n",
146 nt_errstr(status));
147 return false;
148 }
149
150 status = torture_second_tcon(torture, cli->session, "hideunwrite",
151 &hideunwrite);
152 if (!NT_STATUS_IS_OK(status)) {
153 d_printf("second_tcon(hideunwrite) failed: %s\n",
154 nt_errstr(status));
155 return false;
156 }
157
158 status = smbcli_unlink(cli->tree, fname);
159 if (NT_STATUS_EQUAL(status, NT_STATUS_CANNOT_DELETE)) {
160 smbcli_setatr(cli->tree, fname, 0, -1);
161 smbcli_unlink(cli->tree, fname);
162 }
163
164 fnum = smbcli_open(cli->tree, fname, O_RDWR|O_CREAT, DENY_NONE);
165 if (fnum == -1) {
166 d_printf("Failed to create %s - %s\n", fname,
167 smbcli_errstr(cli->tree));
168 return false;
169 }
170
171 smbcli_close(cli->tree, fnum);
172
173 if (!smbcli_file_exists(cli->tree, fname)) {
174 d_printf("%s does not exist\n", fname);
175 return false;
176 }
177
178 /* R/W file should be visible everywhere */
179
180 status = smbcli_chmod(cli->tree, fname, UNIX_R_USR|UNIX_W_USR);
181 if (!NT_STATUS_IS_OK(status)) {
182 d_printf("smbcli_chmod failed: %s\n", nt_errstr(status));
183 return false;
184 }
185 if (!is_writeable(torture, cli->tree, fname)) {
186 d_printf("File not writable\n");
187 return false;
188 }
189 if (!is_readable(cli->tree, fname)) {
190 d_printf("File not readable\n");
191 return false;
192 }
193 if (!is_visible(cli->tree, fname)) {
194 d_printf("r/w file not visible via normal share\n");
195 return false;
196 }
197 if (!is_visible(hideunread, fname)) {
198 d_printf("r/w file not visible via hide unreadable\n");
199 return false;
200 }
201 if (!is_visible(hideunwrite, fname)) {
202 d_printf("r/w file not visible via hide unwriteable\n");
203 return false;
204 }
205
206 /* R/O file should not be visible via hide unwriteable files */
207
208 status = smbcli_chmod(cli->tree, fname, UNIX_R_USR);
209
210 if (!NT_STATUS_IS_OK(status)) {
211 d_printf("smbcli_chmod failed: %s\n", nt_errstr(status));
212 return false;
213 }
214 if (is_writeable(torture, cli->tree, fname)) {
215 d_printf("r/o is writable\n");
216 return false;
217 }
218 if (!is_readable(cli->tree, fname)) {
219 d_printf("r/o not readable\n");
220 return false;
221 }
222 if (!is_visible(cli->tree, fname)) {
223 d_printf("r/o file not visible via normal share\n");
224 return false;
225 }
226 if (!is_visible(hideunread, fname)) {
227 d_printf("r/o file not visible via hide unreadable\n");
228 return false;
229 }
230 if (is_visible(hideunwrite, fname)) {
231 d_printf("r/o file visible via hide unwriteable\n");
232 return false;
233 }
234
235 /* inaccessible file should be only visible on normal share */
236
237 status = smbcli_chmod(cli->tree, fname, 0);
238 if (!NT_STATUS_IS_OK(status)) {
239 d_printf("smbcli_chmod failed: %s\n", nt_errstr(status));
240 return false;
241 }
242 if (is_writeable(torture, cli->tree, fname)) {
243 d_printf("inaccessible file is writable\n");
244 return false;
245 }
246 if (is_readable(cli->tree, fname)) {
247 d_printf("inaccessible file is readable\n");
248 return false;
249 }
250 if (!is_visible(cli->tree, fname)) {
251 d_printf("inaccessible file not visible via normal share\n");
252 return false;
253 }
254 if (is_visible(hideunread, fname)) {
255 d_printf("inaccessible file visible via hide unreadable\n");
256 return false;
257 }
258 if (is_visible(hideunwrite, fname)) {
259 d_printf("inaccessible file visible via hide unwriteable\n");
260 return false;
261 }
262
263 smbcli_chmod(cli->tree, fname, UNIX_R_USR|UNIX_W_USR);
264 smbcli_unlink(cli->tree, fname);
265
266 return true;
267 }
268
269 /*
270 * Try to force smb_close to return an error. The only way I can think of is
271 * to open a file with delete on close, chmod the parent dir to 000 and then
272 * close. smb_close should return NT_STATUS_ACCESS_DENIED.
273 */
274
275 bool torture_samba3_closeerr(struct torture_context *tctx)
276 {
277 struct smbcli_state *cli = NULL;
278 bool result = false;
279 NTSTATUS status;
280 const char *dname = "closeerr.dir";
281 const char *fname = "closeerr.dir\\closerr.txt";
282 int fnum;
283
284 if (!torture_open_connection(&cli, tctx, 0)) {
285 goto fail;
286 }
287
288 smbcli_deltree(cli->tree, dname);
289
290 torture_assert_ntstatus_ok(
291 tctx, smbcli_mkdir(cli->tree, dname),
292 talloc_asprintf(tctx, "smbcli_mdir failed: (%s)\n",
293 smbcli_errstr(cli->tree)));
294
295 fnum = smbcli_open(cli->tree, fname, O_CREAT|O_RDWR,
296 DENY_NONE);
297 torture_assert(tctx, fnum != -1,
298 talloc_asprintf(tctx, "smbcli_open failed: %s\n",
299 smbcli_errstr(cli->tree)));
300 smbcli_close(cli->tree, fnum);
301
302 fnum = smbcli_nt_create_full(cli->tree, fname, 0,
303 SEC_RIGHTS_FILE_ALL,
304 FILE_ATTRIBUTE_NORMAL,
305 NTCREATEX_SHARE_ACCESS_DELETE,
306 NTCREATEX_DISP_OPEN, 0, 0);
307
308 torture_assert(tctx, fnum != -1,
309 talloc_asprintf(tctx, "smbcli_open failed: %s\n",
310 smbcli_errstr(cli->tree)));
311
312 status = smbcli_nt_delete_on_close(cli->tree, fnum, true);
313
314 torture_assert_ntstatus_ok(tctx, status,
315 "setting delete_on_close on file failed !");
316
317 status = smbcli_chmod(cli->tree, dname, 0);
318
319 torture_assert_ntstatus_ok(tctx, status,
320 "smbcli_chmod on file failed !");
321
322 status = smbcli_close(cli->tree, fnum);
323
324 smbcli_chmod(cli->tree, dname, UNIX_R_USR|UNIX_W_USR|UNIX_X_USR);
325 smbcli_deltree(cli->tree, dname);
326
327 torture_assert_ntstatus_equal(tctx, status, NT_STATUS_ACCESS_DENIED,
328 "smbcli_close");
329
330 result = true;
331
332 fail:
333 if (cli) {
334 torture_close_connection(cli);
335 }
336 return result;
337 }