From dc8d9599dcc653f0967c68613705070c8e37d886 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 5 Sep 2024 16:38:43 +0200 Subject: [PATCH] TODO SPLIT extra tests https://bugzilla.samba.org/show_bug.cgi?id=15710 We need tests for every combination... --- source3/smbd/smb2_create.c | 81 +++++++------------------- source4/torture/smb2/durable_open.c | 9 +++ source4/torture/smb2/durable_v2_open.c | 7 +++ 3 files changed, 36 insertions(+), 61 deletions(-) diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index 8fba899a5048..f97e5dd1f457 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -650,72 +650,26 @@ static NTSTATUS smbd_smb2_create_fetch_create_ctx( ((state->dh2c != NULL) && (state->dhnq != NULL)) || ((state->dh2q != NULL) && (state->dh2c != NULL))) { - /* not both are allowed at the same time */ + /* + * not both are allowed at the same time + * + * But dhnc with dhnq, just ignores dhnq + * below. + */ return NT_STATUS_INVALID_PARAMETER; } if (state->dhnc != NULL) { - uint32_t num_blobs_allowed; - if (state->dhnc->data.length != 16) { return NT_STATUS_INVALID_PARAMETER; } - - /* - * According to MS-SMB2: 3.3.5.9.7, "Handling the - * SMB2_CREATE_DURABLE_HANDLE_RECONNECT Create Context", - * we should ignore an additional dhnq blob, but fail - * the request (with status OBJECT_NAME_NOT_FOUND) if - * any other extra create blob has been provided. - * - * (Note that the cases of an additional dh2q or dh2c blob - * which require a different error code, have been treated - * above.) - */ - - if (state->dhnq != NULL) { - num_blobs_allowed = 2; - } else { - num_blobs_allowed = 1; - } - - if (state->rqls != NULL) { - num_blobs_allowed += 1; - } - - if (in_context_blobs->num_blobs != num_blobs_allowed) { - return NT_STATUS_OBJECT_NAME_NOT_FOUND; - } + state->dhnq = NULL; } if (state->dh2c!= NULL) { - uint32_t num_blobs_allowed; - if (state->dh2c->data.length != 36) { return NT_STATUS_INVALID_PARAMETER; } - - /* - * According to MS-SMB2: 3.3.5.9.12, "Handling the - * SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2 Create Context", - * we should fail the request with status - * OBJECT_NAME_NOT_FOUND if any other create blob has been - * provided. - * - * (Note that the cases of an additional dhnq, dhnc or dh2q - * blob which require a different error code, have been - * treated above.) - */ - - num_blobs_allowed = 1; - - if (state->rqls != NULL) { - num_blobs_allowed += 1; - } - - if (in_context_blobs->num_blobs != num_blobs_allowed) { - return NT_STATUS_OBJECT_NAME_NOT_FOUND; - } } state->exta = smb2_create_blob_find(in_context_blobs, @@ -1525,12 +1479,17 @@ static void smbd_smb2_create_after_exec(struct tevent_req *req) uint32_t max_access_granted; DATA_BLOB blob = data_blob_const(p, sizeof(p)); - status = smbd_calculate_access_mask_fsp( - conn->cwd_fsp, - state->result, - false, - SEC_FLAG_MAXIMUM_ALLOWED, - &max_access_granted); + if (state->do_durable_reconnect) { + status = NT_STATUS_NONE_MAPPED; + max_access_granted = 0; + } else { + status = smbd_calculate_access_mask_fsp( + conn->cwd_fsp, + state->result, + false, + SEC_FLAG_MAXIMUM_ALLOWED, + &max_access_granted); + } SIVAL(p, 0, NT_STATUS_V(status)); SIVAL(p, 4, max_access_granted); @@ -1627,7 +1586,7 @@ static void smbd_smb2_create_after_exec(struct tevent_req *req) } } - if (state->qfid != NULL) { + if (state->qfid != NULL && !state->do_durable_reconnect) { uint8_t p[32]; SMB_STRUCT_STAT *base_sp = state->result->base_fsp ? &state->result->base_fsp->fsp_name->st : @@ -1679,7 +1638,7 @@ static void smbd_smb2_create_after_exec(struct tevent_req *req) } } - if (state->posx != NULL) { + if (state->posx != NULL && !state->do_durable_reconnect) { struct stat_ex *psbuf = &state->result->fsp_name->st; struct smb3_posix_cc_info cc = { .nlinks = psbuf->st_ex_nlink, diff --git a/source4/torture/smb2/durable_open.c b/source4/torture/smb2/durable_open.c index b730fab3c29f..cd08902e640c 100644 --- a/source4/torture/smb2/durable_open.c +++ b/source4/torture/smb2/durable_open.c @@ -2597,6 +2597,12 @@ static bool test_durable_open_alloc_size(struct torture_context *tctx, ZERO_STRUCT(io); io.in.fname = fname; + io.in.durable_open = true;//false; + io.in.query_on_disk_id = true; + io.in.query_maximal_access = true; + io.in.alloc_size = 8; + io.in.timewarp = 123456789; + io.in.alloc_size = initial_alloc_size*10; io.in.durable_handle = h; h = NULL; @@ -2605,6 +2611,9 @@ static bool test_durable_open_alloc_size(struct torture_context *tctx, CHECK_CREATED_SIZE(&io, EXISTED, FILE_ATTRIBUTE_ARCHIVE, alloc_size_step, 0); CHECK_VAL(io.out.oplock_level, smb2_util_oplock_level("b")); + CHECK_STATUS(NT_STATUS(io.out.maximal_access_status), NT_STATUS_NONE_MAPPED); + CHECK_VAL(io.out.maximal_access, 0); + CHECK_VAL(io.out.blobs.num_blobs, 1); _h = io.out.file.handle; h = &_h; diff --git a/source4/torture/smb2/durable_v2_open.c b/source4/torture/smb2/durable_v2_open.c index edd4ce4e02a7..9dd15a0c08c0 100644 --- a/source4/torture/smb2/durable_v2_open.c +++ b/source4/torture/smb2/durable_v2_open.c @@ -2163,6 +2163,10 @@ static bool test_durable_v2_open_stat_and_lease(struct torture_context *tctx, io.in.create_guid = create_guid2; io.in.lease_request_v2 = &ls; io.in.oplock_level = SMB2_OPLOCK_LEVEL_LEASE; + io.in.query_on_disk_id = true; + io.in.query_maximal_access = true; + io.in.alloc_size = 8; + io.in.timewarp = 123456789; status = smb2_create(tree1, mem_ctx, &io); CHECK_STATUS(status, NT_STATUS_OK); @@ -2174,6 +2178,9 @@ static bool test_durable_v2_open_stat_and_lease(struct torture_context *tctx, CHECK_VAL(io.out.persistent_open, false); CHECK_LEASE_V2(&io, "RWH", true, lease_key, 0, 0, ls.lease_epoch); + CHECK_STATUS(NT_STATUS(io.out.maximal_access_status), NT_STATUS_NONE_MAPPED); + CHECK_VAL(io.out.maximal_access, 0); + CHECK_VAL(io.out.blobs.num_blobs, 2); status = smb2_util_close(tree1, *h2); CHECK_STATUS(status, NT_STATUS_OK); -- 2.34.1