summaryrefslogtreecommitdiffstats
path: root/source4/torture/raw/samba3hide.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 17:47:29 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 17:47:29 +0000
commit4f5791ebd03eaec1c7da0865a383175b05102712 (patch)
tree8ce7b00f7a76baa386372422adebbe64510812d4 /source4/torture/raw/samba3hide.c
parentInitial commit. (diff)
downloadsamba-4f5791ebd03eaec1c7da0865a383175b05102712.tar.xz
samba-4f5791ebd03eaec1c7da0865a383175b05102712.zip
Adding upstream version 2:4.17.12+dfsg.upstream/2%4.17.12+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'source4/torture/raw/samba3hide.c')
-rw-r--r--source4/torture/raw/samba3hide.c326
1 files changed, 326 insertions, 0 deletions
diff --git a/source4/torture/raw/samba3hide.c b/source4/torture/raw/samba3hide.c
new file mode 100644
index 0000000..d28f91e
--- /dev/null
+++ b/source4/torture/raw/samba3hide.c
@@ -0,0 +1,326 @@
+/*
+ Unix SMB/CIFS implementation.
+ Test samba3 hide unreadable/unwriteable
+ Copyright (C) Volker Lendecke 2006
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "system/time.h"
+#include "system/filesys.h"
+#include "libcli/libcli.h"
+#include "torture/util.h"
+#include "torture/raw/proto.h"
+
+static void init_unixinfo_nochange(union smb_setfileinfo *info)
+{
+ ZERO_STRUCTP(info);
+ info->unix_basic.level = RAW_SFILEINFO_UNIX_BASIC;
+ info->unix_basic.in.mode = SMB_MODE_NO_CHANGE;
+
+ info->unix_basic.in.end_of_file = SMB_SIZE_NO_CHANGE_HI;
+ info->unix_basic.in.end_of_file <<= 32;
+ info->unix_basic.in.end_of_file |= SMB_SIZE_NO_CHANGE_LO;
+
+ info->unix_basic.in.num_bytes = SMB_SIZE_NO_CHANGE_HI;
+ info->unix_basic.in.num_bytes <<= 32;
+ info->unix_basic.in.num_bytes |= SMB_SIZE_NO_CHANGE_LO;
+
+ info->unix_basic.in.status_change_time = SMB_TIME_NO_CHANGE_HI;
+ info->unix_basic.in.status_change_time <<= 32;
+ info->unix_basic.in.status_change_time |= SMB_TIME_NO_CHANGE_LO;
+
+ info->unix_basic.in.access_time = SMB_TIME_NO_CHANGE_HI;
+ info->unix_basic.in.access_time <<= 32;
+ info->unix_basic.in.access_time |= SMB_TIME_NO_CHANGE_LO;
+
+ info->unix_basic.in.change_time = SMB_TIME_NO_CHANGE_HI;
+ info->unix_basic.in.change_time <<= 32;
+ info->unix_basic.in.change_time |= SMB_TIME_NO_CHANGE_LO;
+
+ info->unix_basic.in.uid = SMB_UID_NO_CHANGE;
+ info->unix_basic.in.gid = SMB_GID_NO_CHANGE;
+}
+
+struct list_state {
+ const char *fname;
+ bool visible;
+};
+
+static void set_visible(struct clilist_file_info *i, const char *mask,
+ void *priv)
+{
+ struct list_state *state = (struct list_state *)priv;
+
+ if (strcasecmp_m(state->fname, i->name) == 0)
+ state->visible = true;
+}
+
+static bool is_visible(struct smbcli_tree *tree, const char *fname)
+{
+ struct list_state state;
+
+ state.visible = false;
+ state.fname = fname;
+
+ if (smbcli_list(tree, "*.*", 0, set_visible, &state) < 0) {
+ return false;
+ }
+ return state.visible;
+}
+
+static bool is_readable(struct smbcli_tree *tree, const char *fname)
+{
+ int fnum;
+ fnum = smbcli_open(tree, fname, O_RDONLY, DENY_NONE);
+ if (fnum < 0) {
+ return false;
+ }
+ smbcli_close(tree, fnum);
+ return true;
+}
+
+static bool is_writeable(TALLOC_CTX *mem_ctx, struct smbcli_tree *tree,
+ const char *fname)
+{
+ int fnum;
+ fnum = smbcli_open(tree, fname, O_WRONLY, DENY_NONE);
+ if (fnum < 0) {
+ return false;
+ }
+ smbcli_close(tree, fnum);
+ return true;
+}
+
+/*
+ * This is not an exact method because there's a ton of reasons why a getatr
+ * might fail. But for our purposes it's sufficient.
+ */
+
+static bool smbcli_file_exists(struct smbcli_tree *tree, const char *fname)
+{
+ return NT_STATUS_IS_OK(smbcli_getatr(tree, fname, NULL, NULL, NULL));
+}
+
+static NTSTATUS smbcli_setup_unix(struct smbcli_tree *tree)
+{
+ union smb_fsinfo fsinfo;
+ union smb_setfsinfo set_fsinfo;
+ NTSTATUS status;
+
+ ZERO_STRUCT(fsinfo);
+ ZERO_STRUCT(set_fsinfo);
+
+ fsinfo.generic.level = RAW_QFS_UNIX_INFO;
+ status = smb_raw_fsinfo(tree, NULL, &fsinfo);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smb_raw_fsinfo failed %s\n",
+ nt_errstr(status));
+ return status;
+ }
+
+ set_fsinfo.generic.level = RAW_SETFS_UNIX_INFO;
+ set_fsinfo.unix_info.in.major_version = fsinfo.unix_info.out.major_version;
+ set_fsinfo.unix_info.in.minor_version = fsinfo.unix_info.out.minor_version;
+ set_fsinfo.unix_info.in.capability = fsinfo.unix_info.out.capability;
+
+ status = smb_raw_setfsinfo(tree, NULL, &set_fsinfo);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("smb_raw_setfsinfo failed %s\n",
+ nt_errstr(status));
+ }
+ return status;
+}
+
+static NTSTATUS smbcli_chmod(struct smbcli_tree *tree, const char *fname,
+ uint64_t permissions)
+{
+ union smb_setfileinfo sfinfo;
+ init_unixinfo_nochange(&sfinfo);
+ sfinfo.unix_basic.in.file.path = fname;
+ sfinfo.unix_basic.in.permissions = permissions;
+ return smb_raw_setpathinfo(tree, &sfinfo);
+}
+
+bool torture_samba3_hide(struct torture_context *torture, struct smbcli_state *cli)
+{
+ const char *fname = "torture_samba3_hide.txt";
+ int fnum;
+ NTSTATUS status;
+ struct smbcli_tree *hideunread;
+ struct smbcli_tree *hideunwrite;
+
+ status = smbcli_setup_unix(cli->tree);
+ if (!NT_STATUS_IS_OK(status)) {
+ torture_fail(torture,
+ talloc_asprintf(torture, "smbcli_setup_unix failed %s\n",
+ nt_errstr(status)));
+ }
+
+ status = torture_second_tcon(torture, cli->session, "hideunread",
+ &hideunread);
+ torture_assert_ntstatus_ok(torture, status, "second_tcon(hideunread) failed\n");
+
+ status = torture_second_tcon(torture, cli->session, "hideunwrite",
+ &hideunwrite);
+ torture_assert_ntstatus_ok(torture, status, "second_tcon(hideunwrite) failed\n");
+
+ status = smbcli_unlink(cli->tree, fname);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_CANNOT_DELETE)) {
+ smbcli_setatr(cli->tree, fname, 0, -1);
+ smbcli_unlink(cli->tree, fname);
+ }
+
+ fnum = smbcli_open(cli->tree, fname, O_RDWR|O_CREAT, DENY_NONE);
+ if (fnum == -1) {
+ torture_fail(torture,
+ talloc_asprintf(torture, "Failed to create %s - %s\n", fname, smbcli_errstr(cli->tree)));
+ }
+
+ smbcli_close(cli->tree, fnum);
+
+ if (!smbcli_file_exists(cli->tree, fname)) {
+ torture_fail(torture, talloc_asprintf(torture, "%s does not exist\n", fname));
+ }
+
+ /* R/W file should be visible everywhere */
+
+ status = smbcli_chmod(cli->tree, fname, UNIX_R_USR|UNIX_W_USR);
+ torture_assert_ntstatus_ok(torture, status, "smbcli_chmod failed\n");
+
+ if (!is_writeable(torture, cli->tree, fname)) {
+ torture_fail(torture, "File not writable\n");
+ }
+ if (!is_readable(cli->tree, fname)) {
+ torture_fail(torture, "File not readable\n");
+ }
+ if (!is_visible(cli->tree, fname)) {
+ torture_fail(torture, "r/w file not visible via normal share\n");
+ }
+ if (!is_visible(hideunread, fname)) {
+ torture_fail(torture, "r/w file not visible via hide unreadable\n");
+ }
+ if (!is_visible(hideunwrite, fname)) {
+ torture_fail(torture, "r/w file not visible via hide unwriteable\n");
+ }
+
+ /* R/O file should not be visible via hide unwriteable files */
+
+ status = smbcli_chmod(cli->tree, fname, UNIX_R_USR);
+ torture_assert_ntstatus_ok(torture, status, "smbcli_chmod failed\n");
+
+ if (is_writeable(torture, cli->tree, fname)) {
+ torture_fail(torture, "r/o is writable\n");
+ }
+ if (!is_readable(cli->tree, fname)) {
+ torture_fail(torture, "r/o not readable\n");
+ }
+ if (!is_visible(cli->tree, fname)) {
+ torture_fail(torture, "r/o file not visible via normal share\n");
+ }
+ if (!is_visible(hideunread, fname)) {
+ torture_fail(torture, "r/o file not visible via hide unreadable\n");
+ }
+ if (is_visible(hideunwrite, fname)) {
+ torture_fail(torture, "r/o file visible via hide unwriteable\n");
+ }
+
+ /* inaccessible file should be only visible on normal share */
+
+ status = smbcli_chmod(cli->tree, fname, 0);
+ torture_assert_ntstatus_ok(torture, status, "smbcli_chmod failed\n");
+
+ if (is_writeable(torture, cli->tree, fname)) {
+ torture_fail(torture, "inaccessible file is writable\n");
+ }
+ if (is_readable(cli->tree, fname)) {
+ torture_fail(torture, "inaccessible file is readable\n");
+ }
+ if (!is_visible(cli->tree, fname)) {
+ torture_fail(torture, "inaccessible file not visible via normal share\n");
+ }
+ if (is_visible(hideunread, fname)) {
+ torture_fail(torture, "inaccessible file visible via hide unreadable\n");
+ }
+ if (is_visible(hideunwrite, fname)) {
+ torture_fail(torture, "inaccessible file visible via hide unwriteable\n");
+ }
+
+ smbcli_chmod(cli->tree, fname, UNIX_R_USR|UNIX_W_USR);
+ smbcli_unlink(cli->tree, fname);
+
+ return true;
+}
+
+/*
+ * Try to force smb_close to return an error. The only way I can think of is
+ * to open a file with delete on close, chmod the parent dir to 000 and then
+ * close. smb_close should return NT_STATUS_ACCESS_DENIED.
+ */
+
+bool torture_samba3_closeerr(struct torture_context *tctx, struct smbcli_state *cli)
+{
+ bool result = false;
+ NTSTATUS status;
+ const char *dname = "closeerr.dir";
+ const char *fname = "closeerr.dir\\closerr.txt";
+ int fnum;
+
+ smbcli_deltree(cli->tree, dname);
+
+ torture_assert_ntstatus_ok(
+ tctx, smbcli_mkdir(cli->tree, dname),
+ talloc_asprintf(tctx, "smbcli_mdir failed: (%s)\n",
+ smbcli_errstr(cli->tree)));
+
+ fnum = smbcli_open(cli->tree, fname, O_CREAT|O_RDWR,
+ DENY_NONE);
+ torture_assert(tctx, fnum != -1,
+ talloc_asprintf(tctx, "smbcli_open failed: %s\n",
+ smbcli_errstr(cli->tree)));
+ smbcli_close(cli->tree, fnum);
+
+ fnum = smbcli_nt_create_full(cli->tree, fname, 0,
+ SEC_RIGHTS_FILE_ALL,
+ FILE_ATTRIBUTE_NORMAL,
+ NTCREATEX_SHARE_ACCESS_DELETE,
+ NTCREATEX_DISP_OPEN, 0, 0);
+
+ torture_assert(tctx, fnum != -1,
+ talloc_asprintf(tctx, "smbcli_open failed: %s\n",
+ smbcli_errstr(cli->tree)));
+
+ status = smbcli_nt_delete_on_close(cli->tree, fnum, true);
+
+ torture_assert_ntstatus_ok(tctx, status,
+ "setting delete_on_close on file failed !");
+
+ status = smbcli_chmod(cli->tree, dname, 0);
+
+ torture_assert_ntstatus_ok(tctx, status,
+ "smbcli_chmod on file failed !");
+
+ status = smbcli_close(cli->tree, fnum);
+
+ smbcli_chmod(cli->tree, dname, UNIX_R_USR|UNIX_W_USR|UNIX_X_USR);
+ smbcli_deltree(cli->tree, dname);
+
+ torture_assert_ntstatus_equal(tctx, status, NT_STATUS_ACCESS_DENIED,
+ "smbcli_close");
+
+ result = true;
+
+ return result;
+}