The branch, master has been updated via 08573c2 s4: add SMB2_FSCTL opcodes via dbcd59f s3-smb2_server: fix ioctl InputOffset checking via 1848295 s3-smb2_server: SMB2_OP_IOCTL doesn't require at least 1 dyn byte via 392fd0d s4-torture: add smb2 ioctl test suite via bd5e975 s4-torture: remove unchecked read from smb2 create from 27195b3 socket_wrapper: correctly handle dup()/dup2() ref counting
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 08573c2b923d565ed85027376ff88f91a9ee0c77 Author: David Disseldorp <dd...@suse.de> Date: Mon Sep 26 13:38:16 2011 +0200 s4: add SMB2_FSCTL opcodes Also, skip samba4.smb2.ioctl for now. Snapshots are not supported by default. Autobuild-User: David Disseldorp <dd...@samba.org> Autobuild-Date: Thu Sep 29 14:47:05 CEST 2011 on sn-devel-104 commit dbcd59f46b0d2125dfb6eb82b3d92be228c6ae4b Author: David Disseldorp <dd...@suse.de> Date: Wed Sep 28 14:45:42 2011 +0200 s3-smb2_server: fix ioctl InputOffset checking Currently the InputOffset is always check to point to the input data buffer, regardless of whether input data is present. Signed-off-by: Stefan Metzmacher <me...@samba.org> commit 18482957daa2e2122ef39426a8fff167df3c9377 Author: David Disseldorp <dd...@suse.de> Date: Sun Sep 25 23:39:07 2011 +0200 s3-smb2_server: SMB2_OP_IOCTL doesn't require at least 1 dyn byte Signed-off-by: Stefan Metzmacher <me...@samba.org> commit 392fd0db38a2382b5f96d1a5882ea4e4fcda9d01 Author: David Disseldorp <dd...@suse.de> Date: Thu Sep 22 22:23:08 2011 +0200 s4-torture: add smb2 ioctl test suite Currently only covers FSCTL_GET_SHADOW_COPY_DATA. Signed-off-by: Stefan Metzmacher <me...@samba.org> commit bd5e9758f8350b5137dccf0d5ebf24aefb970997 Author: David Disseldorp <dd...@suse.de> Date: Wed Sep 21 21:50:29 2011 +0200 s4-torture: remove unchecked read from smb2 create Add a corresponding test case to smb2.read. Signed-off-by: Stefan Metzmacher <me...@samba.org> ----------------------------------------------------------------------- Summary of changes: source3/smbd/smb2_ioctl.c | 11 ++++- source3/smbd/smb2_server.c | 1 + source4/libcli/raw/interfaces.h | 14 ++++++ source4/selftest/skip | 1 + source4/torture/smb2/ioctl.c | 87 ++++++++++++++++++++++++++++++++++++ source4/torture/smb2/read.c | 9 ++++ source4/torture/smb2/smb2.c | 1 + source4/torture/smb2/util.c | 9 ---- source4/torture/smb2/wscript_build | 2 +- 9 files changed, 124 insertions(+), 11 deletions(-) create mode 100644 source4/torture/smb2/ioctl.c Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_ioctl.c b/source3/smbd/smb2_ioctl.c index 491c3fd..5a766e1 100644 --- a/source3/smbd/smb2_ioctl.c +++ b/source3/smbd/smb2_ioctl.c @@ -68,7 +68,16 @@ NTSTATUS smbd_smb2_request_process_ioctl(struct smbd_smb2_request *req) in_max_output_length = IVAL(inbody, 0x2C); in_flags = IVAL(inbody, 0x30); - if (in_input_offset != (SMB2_HDR_BODY + req->in.vector[i+1].iov_len)) { + /* + * InputOffset (4 bytes): The offset, in bytes, from the beginning of + * the SMB2 header to the input data buffer. If no input data is + * required for the FSCTL/IOCTL command being issued, the client SHOULD + * set this value to 0.<49> + * <49> If no input data is required for the FSCTL/IOCTL command being + * issued, Windows-based clients set this field to any value. + */ + if ((in_input_length > 0) + && (in_input_offset != (SMB2_HDR_BODY + req->in.vector[i+1].iov_len))) { return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER); } diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index abb60e4..84b55cc 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -1283,6 +1283,7 @@ NTSTATUS smbd_smb2_request_verify_sizes(struct smbd_smb2_request *req, opcode = SVAL(inhdr, SMB2_HDR_OPCODE); switch (opcode) { + case SMB2_OP_IOCTL: case SMB2_OP_GETINFO: min_dyn_size = 0; break; diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h index 13586c3..7f42926 100644 --- a/source4/libcli/raw/interfaces.h +++ b/source4/libcli/raw/interfaces.h @@ -2191,6 +2191,20 @@ enum smb_ioctl_level { RAW_IOCTL_SMB2_NO_HANDLE }; +/* 2.2.31 SMB2 IOCTL Request */ +#define SMB2_IOCTL_FLAG_IS_FSCTL 0x00000001 + +#define SMB2_FSCTL_DFS_GET_REFERRALS 0x00060194 +#define SMB2_FSCTL_PIPE_PEEK 0x0011400C +#define SMB2_FSCTL_PIPE_WAIT 0x00110018 +#define SMB2_FSCTL_PIPE_TRANSCEIVE 0x0011C017 +#define SMB2_FSCTL_SRV_COPYCHUNK 0x001440F2 +#define SMB2_FSCTL_SRV_ENUM_SNAPS 0x00144064 +#define SMB2_FSCTL_SRV_REQUEST_RESUME_KEY 0x00140078 +#define SMB2_FSCTL_SRV_READ_HASH 0x001441bb +#define SMB2_FSCTL_SRV_COPYCHUNK_WRITE 0x001480F2 +#define SMB2_FSCTL_LMR_REQ_RESILIENCY 0x001401D4 + /* union for ioctl() backend */ diff --git a/source4/selftest/skip b/source4/selftest/skip index 5400be1..acaa44f 100644 --- a/source4/selftest/skip +++ b/source4/selftest/skip @@ -78,3 +78,4 @@ bench # don't run benchmarks in our selftest ^samba4.blackbox.ktpass # this test isn't portable ... ^samba4.drs.repl_schema.python # flakey test ^samba4.nbt.winsreplication # flakey test +^samba4.smb2.ioctl # snapshots not supported by default diff --git a/source4/torture/smb2/ioctl.c b/source4/torture/smb2/ioctl.c new file mode 100644 index 0000000..f96893a --- /dev/null +++ b/source4/torture/smb2/ioctl.c @@ -0,0 +1,87 @@ +/* + Unix SMB/CIFS implementation. + + test suite for SMB2 ioctl operations + + Copyright (C) David Disseldorp 2011 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "librpc/gen_ndr/security.h" +#include "libcli/smb2/smb2.h" +#include "libcli/smb2/smb2_calls.h" +#include "torture/torture.h" +#include "torture/smb2/proto.h" + +#define FNAME "testfsctl.dat" + +/* + basic testing of SMB2 shadow copy calls +*/ +static bool test_ioctl_get_shadow_copy(struct torture_context *torture, + struct smb2_tree *tree) +{ + struct smb2_handle h; + uint8_t buf[100]; + NTSTATUS status; + union smb_ioctl ioctl; + TALLOC_CTX *tmp_ctx = talloc_new(tree); + + smb2_util_unlink(tree, FNAME); + + status = torture_smb2_testfile(tree, FNAME, &h); + if (!NT_STATUS_IS_OK(status)) { + printf("create write\n"); + return false; + } + + ZERO_ARRAY(buf); + status = smb2_util_write(tree, h, buf, 0, ARRAY_SIZE(buf)); + if (!NT_STATUS_IS_OK(status)) { + printf("failed write\n"); + return false; + } + + ZERO_STRUCT(ioctl); + ioctl.smb2.level = RAW_IOCTL_SMB2; + ioctl.smb2.in.file.handle = h; + ioctl.smb2.in.function = SMB2_FSCTL_SRV_ENUM_SNAPS; + ioctl.smb2.in.max_response_size = 16; + ioctl.smb2.in.flags = SMB2_IOCTL_FLAG_IS_FSCTL; + + status = smb2_ioctl(tree, tmp_ctx, &ioctl.smb2); + if (!NT_STATUS_IS_OK(status)) { + printf("SMB2_FSCTL_SRV_ENUM_SNAPS failed\n"); + return false; + } + + return true; +} + +/* + basic testing of SMB2 ioctls +*/ +struct torture_suite *torture_smb2_ioctl_init(void) +{ + struct torture_suite *suite = torture_suite_create(talloc_autofree_context(), "ioctl"); + + torture_suite_add_1smb2_test(suite, "shadow_copy", test_ioctl_get_shadow_copy); + + suite->description = talloc_strdup(suite, "SMB2-IOCTL tests"); + + return suite; +} + diff --git a/source4/torture/smb2/read.c b/source4/torture/smb2/read.c index f27ce24..92b3ce0 100644 --- a/source4/torture/smb2/read.c +++ b/source4/torture/smb2/read.c @@ -57,9 +57,18 @@ static bool test_read_eof(struct torture_context *torture, struct smb2_tree *tre ZERO_STRUCT(buf); + smb2_util_unlink(tree, FNAME); + status = torture_smb2_testfile(tree, FNAME, &h); CHECK_STATUS(status, NT_STATUS_OK); + ZERO_STRUCT(rd); + rd.in.file.handle = h; + rd.in.length = 5; + rd.in.offset = 0; + status = smb2_read(tree, tree, &rd); + CHECK_STATUS(status, NT_STATUS_END_OF_FILE); + status = smb2_util_write(tree, h, buf, 0, ARRAY_SIZE(buf)); CHECK_STATUS(status, NT_STATUS_OK); diff --git a/source4/torture/smb2/smb2.c b/source4/torture/smb2/smb2.c index 0126cf1..de8d400 100644 --- a/source4/torture/smb2/smb2.c +++ b/source4/torture/smb2/smb2.c @@ -144,6 +144,7 @@ NTSTATUS torture_smb2_init(void) torture_suite_add_suite(suite, torture_smb2_compound_init()); torture_suite_add_suite(suite, torture_smb2_oplocks_init()); torture_suite_add_suite(suite, torture_smb2_streams_init()); + torture_suite_add_suite(suite, torture_smb2_ioctl_init()); torture_suite_add_1smb2_test(suite, "bench-oplock", test_smb2_bench_oplock); torture_suite_add_1smb2_test(suite, "hold-oplock", test_smb2_hold_oplock); diff --git a/source4/torture/smb2/util.c b/source4/torture/smb2/util.c index 54aea81..a94b0d7 100644 --- a/source4/torture/smb2/util.c +++ b/source4/torture/smb2/util.c @@ -298,7 +298,6 @@ NTSTATUS torture_smb2_testfile(struct smb2_tree *tree, const char *fname, struct smb2_handle *handle) { struct smb2_create io; - struct smb2_read r; NTSTATUS status; ZERO_STRUCT(io); @@ -318,14 +317,6 @@ NTSTATUS torture_smb2_testfile(struct smb2_tree *tree, const char *fname, *handle = io.out.file.handle; - ZERO_STRUCT(r); - r.in.file.handle = *handle; - r.in.length = 5; - r.in.offset = 0; - - // What is the purpose of this? Server returns EOF. - smb2_read(tree, tree, &r); - return NT_STATUS_OK; } diff --git a/source4/torture/smb2/wscript_build b/source4/torture/smb2/wscript_build index eb8a295..458a27b 100644 --- a/source4/torture/smb2/wscript_build +++ b/source4/torture/smb2/wscript_build @@ -1,7 +1,7 @@ #!/usr/bin/env python bld.SAMBA_MODULE('TORTURE_SMB2', - source='connect.c scan.c util.c getinfo.c setinfo.c lock.c notify.c smb2.c durable_open.c oplock.c dir.c lease.c create.c acls.c read.c compound.c streams.c', + source='connect.c scan.c util.c getinfo.c setinfo.c lock.c notify.c smb2.c durable_open.c oplock.c dir.c lease.c create.c acls.c read.c compound.c streams.c ioctl.c', subsystem='smbtorture', deps='LIBCLI_SMB2 POPT_CREDENTIALS torture', internal_module=True, -- Samba Shared Repository