#include "libsmb/smb2cli.h"
#include "libcli/security/security.h"
#include "libsmb/proto.h"
+#include "../auth/ntlmssp/ntlmssp.h"
extern fstring host, workgroup, share, password, username, myname;
return true;
}
+
+bool run_smb2_session_reconnect(int dummy)
+{
+ struct cli_state *cli1;
+ struct cli_state *cli2;
+ NTSTATUS status;
+ bool ok;
+ uint64_t fid_persistent, fid_volatile;
+ struct tevent_context *ev;
+ struct tevent_req *subreq;
+ DATA_BLOB in_blob = data_blob_null;
+ DATA_BLOB out_blob;
+ struct ntlmssp_state *ntlmssp;
+ struct iovec *recv_iov;
+ const char *hello = "Hello, world\n";
+ uint8_t *result;
+ uint32_t nread;
+
+ printf("Starting SMB2-SESSION-RECONNECT\n");
+
+ if (!torture_init_connection(&cli1)) {
+ return false;
+ }
+ cli1->smb2.pid = 0xFEFF;
+
+ status = smbXcli_negprot(cli1->conn, cli1->timeout,
+ PROTOCOL_SMB2_02, PROTOCOL_SMB2_22);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smbXcli_negprot returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = cli_session_setup(cli1, username,
+ password, strlen(password),
+ password, strlen(password),
+ workgroup);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_session_setup returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = cli_tree_connect(cli1, share, "?????", "", 0);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_tree_connect returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_create(cli1, "session-reconnect.txt",
+ SMB2_OPLOCK_LEVEL_NONE, /* oplock_level, */
+ SMB2_IMPERSONATION_IMPERSONATION, /* impersonation_level, */
+ SEC_STD_ALL | SEC_FILE_ALL, /* desired_access, */
+ FILE_ATTRIBUTE_NORMAL, /* file_attributes, */
+ FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, /* share_access, */
+ FILE_CREATE, /* create_disposition, */
+ FILE_DELETE_ON_CLOSE, /* create_options, */
+ NULL, /* smb2_create_blobs *blobs */
+ &fid_persistent,
+ &fid_volatile);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smb2cli_create on cli1 %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_write(cli1, strlen(hello), 0, fid_persistent,
+ fid_volatile, 0, 0, (const uint8_t *)hello);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smb2cli_write returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_flush(cli1, fid_persistent, fid_volatile);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smb2cli_flush returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_read(cli1, 0x10000, 0, fid_persistent,
+ fid_volatile, 2, 0,
+ talloc_tos(), &result, &nread);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smb2cli_read returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ if (nread != strlen(hello)) {
+ printf("smb2cli_read returned %d bytes, expected %d\n",
+ (int)nread, (int)strlen(hello));
+ return false;
+ }
+
+ if (memcmp(hello, result, nread) != 0) {
+ printf("smb2cli_read returned '%s', expected '%s'\n",
+ result, hello);
+ return false;
+ }
+
+ /* prepare second session */
+
+ if (!torture_init_connection(&cli2)) {
+ return false;
+ }
+ cli2->smb2.pid = 0xFEFF;
+
+ status = smbXcli_negprot(cli2->conn, cli2->timeout,
+ PROTOCOL_SMB2_02, PROTOCOL_SMB2_22);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smbXcli_negprot returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = ntlmssp_client_start(talloc_tos(),
+ lp_netbios_name(),
+ lp_workgroup(),
+ lp_client_ntlmv2_auth(),
+ &ntlmssp);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("ntlmssp_client_start returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ ntlmssp_want_feature(ntlmssp,
+ NTLMSSP_FEATURE_SESSION_KEY);
+ status = ntlmssp_set_username(ntlmssp, username);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("ntlmssp_set_username returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = ntlmssp_set_domain(ntlmssp, workgroup);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("ntlmssp_set_domain returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = ntlmssp_set_password(ntlmssp, password);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("ntlmssp_set_password returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = ntlmssp_update(ntlmssp, data_blob_null, &in_blob);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+ printf("ntlmssp_update returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ cli2->smb2.session = smbXcli_session_create(cli2, cli2->conn);
+
+ ev = event_context_init(talloc_tos());
+ if (ev == NULL) {
+ printf("event_context_init() returned NULL\n");
+ return false;
+ }
+
+ subreq = smb2cli_session_setup_send(talloc_tos(), ev,
+ cli2->conn,
+ cli2->timeout,
+ cli2->smb2.session,
+ 0x0, /* in_flags */
+ SMB2_CAP_DFS, /* in_capabilities */
+ 0, /* in_channel */
+ cli1->smb2.session, /* in_previous_session */
+ &in_blob); /* in_security_buffer */
+ if (subreq == NULL) {
+ printf("smb2cli_session_setup_send() returned NULL\n");
+ return false;
+ }
+
+ ok = tevent_req_poll(subreq, ev);
+ if (!ok) {
+ printf("tevent_req_poll() returned false\n");
+ return false;
+ }
+
+ status = smb2cli_session_setup_recv(subreq, talloc_tos(),
+ NULL, &out_blob);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+ printf("smb2cli_session_setup_recv returned %s\n",
+ nt_errstr(status));
+ return false;
+ }
+
+ status = ntlmssp_update(ntlmssp, out_blob, &in_blob);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("ntlmssp_update returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ subreq = smb2cli_session_setup_send(talloc_tos(), ev,
+ cli2->conn,
+ cli2->timeout,
+ cli2->smb2.session,
+ 0x0, /* in_flags */
+ SMB2_CAP_DFS, /* in_capabilities */
+ 0, /* in_channel */
+ cli1->smb2.session, /* in_previous_session */
+ &in_blob); /* in_security_buffer */
+ if (subreq == NULL) {
+ printf("smb2cli_session_setup_send() returned NULL\n");
+ return false;
+ }
+
+ ok = tevent_req_poll(subreq, ev);
+ if (!ok) {
+ printf("tevent_req_poll() returned false\n");
+ return false;
+ }
+
+ status = smb2cli_session_setup_recv(subreq, talloc_tos(),
+ &recv_iov, &out_blob);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smb2cli_session_setup_recv returned %s\n",
+ nt_errstr(status));
+ return false;
+ }
+
+ status = smb2_signing_check_pdu(ntlmssp->session_key, recv_iov, 3);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("check pdu returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ /* check file operation on the old client */
+
+ status = smb2cli_flush(cli1, fid_persistent, fid_volatile);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_USER_SESSION_DELETED)) {
+ printf("smb2cli_flush returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = cli_tree_connect(cli1, share, "?????", "", 0);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_USER_SESSION_DELETED)) {
+ printf("cli_tree_connect returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ /*
+ * checking file operations without signing.
+ * on w2k8r2 at least, flush, read and write also work the same way,
+ * while create gives ACCESS_DENIED without signing
+ */
+ status = smb2cli_flush(cli2, fid_persistent, fid_volatile);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_FILE_CLOSED)) {
+ printf("smb2cli_flush returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_write(cli2, strlen(hello), 0, fid_persistent,
+ fid_volatile, 0, 0, (const uint8_t *)hello);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_FILE_CLOSED)) {
+ printf("smb2cli_write returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_read(cli2, 0x10000, 0, fid_persistent,
+ fid_volatile, 2, 0,
+ talloc_tos(), &result, &nread);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_FILE_CLOSED)) {
+ printf("smb2cli_read returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_create(cli2, "session-reconnect.txt",
+ SMB2_OPLOCK_LEVEL_NONE, /* oplock_level, */
+ SMB2_IMPERSONATION_IMPERSONATION, /* impersonation_level, */
+ SEC_STD_ALL | SEC_FILE_ALL, /* desired_access, */
+ FILE_ATTRIBUTE_NORMAL, /* file_attributes, */
+ FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, /* share_access, */
+ FILE_CREATE, /* create_disposition, */
+ FILE_DELETE_ON_CLOSE, /* create_options, */
+ NULL, /* smb2_create_blobs *blobs */
+ &fid_persistent,
+ &fid_volatile);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ printf("smb2cli_create on cli2 %s\n", nt_errstr(status));
+ return false;
+ }
+
+ /* now grab the session key and try with signing */
+
+ status = smb2cli_session_update_session_key(cli2->smb2.session,
+ ntlmssp->session_key,
+ recv_iov);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smb2cli_session_update_session_key %s\n", nt_errstr(status));
+ return false;
+ }
+
+ /* the tid seems to be irrelevant at this stage */
+
+ cli2->smb2.tid = cli1->smb2.tid;
+
+ status = smb2cli_flush(cli2, fid_persistent, fid_volatile);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_FILE_CLOSED)) {
+ printf("smb2cli_flush returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_write(cli2, strlen(hello), 0, fid_persistent,
+ fid_volatile, 0, 0, (const uint8_t *)hello);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_FILE_CLOSED)) {
+ printf("smb2cli_write returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_read(cli2, 0x10000, 0, fid_persistent,
+ fid_volatile, 2, 0,
+ talloc_tos(), &result, &nread);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_FILE_CLOSED)) {
+ printf("smb2cli_read returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_create(cli2, "session-reconnect.txt",
+ SMB2_OPLOCK_LEVEL_NONE, /* oplock_level, */
+ SMB2_IMPERSONATION_IMPERSONATION, /* impersonation_level, */
+ SEC_STD_ALL | SEC_FILE_ALL, /* desired_access, */
+ FILE_ATTRIBUTE_NORMAL, /* file_attributes, */
+ FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, /* share_access, */
+ FILE_CREATE, /* create_disposition, */
+ FILE_DELETE_ON_CLOSE, /* create_options, */
+ NULL, /* smb2_create_blobs *blobs */
+ &fid_persistent,
+ &fid_volatile);
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_NAME_DELETED)) {
+ printf("smb2cli_create on cli2 %s\n", nt_errstr(status));
+ return false;
+ }
+
+ /* now do a new tcon and test file calls again */
+
+ status = cli_tree_connect(cli2, share, "?????", "", 0);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("cli_tree_connect returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_create(cli2, "session-reconnect.txt",
+ SMB2_OPLOCK_LEVEL_NONE, /* oplock_level, */
+ SMB2_IMPERSONATION_IMPERSONATION, /* impersonation_level, */
+ SEC_STD_ALL | SEC_FILE_ALL, /* desired_access, */
+ FILE_ATTRIBUTE_NORMAL, /* file_attributes, */
+ FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, /* share_access, */
+ FILE_CREATE, /* create_disposition, */
+ FILE_DELETE_ON_CLOSE, /* create_options, */
+ NULL, /* smb2_create_blobs *blobs */
+ &fid_persistent,
+ &fid_volatile);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smb2cli_create on cli2 %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_write(cli2, strlen(hello), 0, fid_persistent,
+ fid_volatile, 0, 0, (const uint8_t *)hello);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smb2cli_write returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_flush(cli2, fid_persistent, fid_volatile);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smb2cli_flush returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ status = smb2cli_read(cli2, 0x10000, 0, fid_persistent,
+ fid_volatile, 2, 0,
+ talloc_tos(), &result, &nread);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smb2cli_read returned %s\n", nt_errstr(status));
+ return false;
+ }
+
+ if (nread != strlen(hello)) {
+ printf("smb2cli_read returned %d bytes, expected %d\n",
+ (int)nread, (int)strlen(hello));
+ return false;
+ }
+
+ if (memcmp(hello, result, nread) != 0) {
+ printf("smb2cli_read returned '%s', expected '%s'\n",
+ result, hello);
+ return false;
+ }
+
+ return true;
+}
git.samba.org / tridge / samba.git / commitdiff