sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-12 20:58:37 +03:00
Code

smbtorture: check required access for SMB2-GETINFO

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15153

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 9b2d28157107602fcbe659664cf9ca25f08bb30b)
This commit is contained in:
Ralph Boehme 2022-08-19 17:29:55 +02:00 committed by Jule Anger
parent 41131daece
commit 3e4d6d2721
3 changed files with 150 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
selftest/knownfail
View File

@ -175,6 +175,7 @@
^samba4.smb2.oplock.stream1 # samba 4 oplocks are a mess
^samba4.smb2.oplock.statopen1\(ad_dc_ntvfs\)$ # fails with ACCESS_DENIED on a SYNCHRONIZE_ACCESS open
^samba4.smb2.getinfo.complex # streams on directories does not work
^samba4.smb2.getinfo.getinfo_access\(ad_dc_ntvfs\) # Access checks not implemented
^samba4.smb2.getinfo.qfs_buffercheck # S4 does not do the INFO_LENGTH_MISMATCH/BUFFER_OVERFLOW thingy
^samba4.smb2.getinfo.qfile_buffercheck # S4 does not do the INFO_LENGTH_MISMATCH/BUFFER_OVERFLOW thingy
^samba4.smb2.getinfo.qsec_buffercheck # S4 does not do the BUFFER_TOO_SMALL thingy

2
selftest/knownfail.d/samba3.smb2.getinfo Normal file
View File

@ -0,0 +1,2 @@
^samba3.smb2.getinfo.getinfo_access\(nt4_dc\)
^samba3.smb2.getinfo.getinfo_access\(ad_dc\)

147
source4/torture/smb2/getinfo.c
View File

@ -783,6 +783,151 @@ static bool torture_smb2_getinfo(struct torture_context *tctx)
return ret;
}
#undef LEVEL
#define LEVEL(l, u, ua, ra) \
.name = #l, \
.level = l, \
.unrestricted = u, \
.unrestricted_access = ua, \
.required_access = ra
static struct {
const char *name;
uint16_t level;
bool unrestricted;
uint32_t unrestricted_access;
uint32_t required_access;
} file_levels_access[] = {
/*
* The following info levels are not checked:
* - FileFullEaInformation and FileIdInformation:
* not implemented by the s4/libcli/raw
* - all pipe infolevels: that should be tested elsewhere by RPC tests
*/
/*
* The following allow unrestricted access, so requesting
* SEC_FILE_READ_ATTRIBUTE works, SEC_FILE_READ_ATTRIBUTE or
* SEC_FILE_READ_EA as well of course.
*/
{ LEVEL(RAW_FILEINFO_STANDARD_INFORMATION, true, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_INTERNAL_INFORMATION, true, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_ACCESS_INFORMATION, true, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_POSITION_INFORMATION, true, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_MODE_INFORMATION, true, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_ALIGNMENT_INFORMATION, true, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_ALT_NAME_INFORMATION, true, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_STREAM_INFORMATION, true, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_COMPRESSION_INFORMATION, true, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_NORMALIZED_NAME_INFORMATION, true, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_EA_INFORMATION, true, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_EA) },
/*
* The following require either SEC_FILE_READ_ATTRIBUTE or
* SEC_FILE_READ_EA.
*/
{ LEVEL(RAW_FILEINFO_BASIC_INFORMATION, false, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_ALL_INFORMATION, false, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_NETWORK_OPEN_INFORMATION, false, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_ATTRIBUTE_TAG_INFORMATION, false, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_SMB2_ALL_INFORMATION, false, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_ATTRIBUTE) },
{ LEVEL(RAW_FILEINFO_SMB2_ALL_EAS, false, SEC_STD_SYNCHRONIZE, SEC_FILE_READ_EA) },
/* Also try SEC_FILE_READ_ATTRIBUTE to show that it is the wrong one */
{ LEVEL(RAW_FILEINFO_SMB2_ALL_EAS, false, SEC_FILE_READ_ATTRIBUTE, SEC_FILE_READ_EA) },
{ LEVEL(RAW_FILEINFO_SEC_DESC, false, SEC_STD_SYNCHRONIZE, SEC_STD_READ_CONTROL) },
/* Also try SEC_FILE_READ_ATTRIBUTE to show that it is the wrong one */
{ LEVEL(RAW_FILEINFO_SEC_DESC, false, SEC_FILE_READ_ATTRIBUTE, SEC_STD_READ_CONTROL) }
};
/*
test fileinfo levels
*/
static bool torture_smb2_getfinfo_access(struct torture_context *tctx,
struct smb2_tree *tree)
{
const char *fname = "torture_smb2_getfinfo_access";
struct smb2_handle hfile;
NTSTATUS status;
bool ret = true;
int i;
smb2_deltree(tree, fname);
torture_setup_complex_file(tctx, tree, fname);
for (i = 0; i < ARRAY_SIZE(file_levels_access); i++) {
union smb_fileinfo finfo;
NTSTATUS expected_status;
/*
* First open with unrestricted_access, SEC_STD_SYNCHRONIZE for
* most tests, info levels with unrestricted=true should allow
* this.
*/
status = torture_smb2_testfile_access(
tree, fname, &hfile, file_levels_access[i].unrestricted_access);
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
"Unable to open test file\n");
if (file_levels_access[i].level == RAW_FILEINFO_SEC_DESC) {
finfo.query_secdesc.in.secinfo_flags = 0x7;
}
if (file_levels_access[i].level == RAW_FILEINFO_SMB2_ALL_EAS) {
finfo.all_eas.in.continue_flags =
SMB2_CONTINUE_FLAG_RESTART;
}
finfo.generic.level = file_levels_access[i].level;
finfo.generic.in.file.handle = hfile;
if (file_levels_access[i].unrestricted) {
expected_status = NT_STATUS_OK;
} else {
expected_status = NT_STATUS_ACCESS_DENIED;
}
status = smb2_getinfo_file(tree, tree, &finfo);
torture_assert_ntstatus_equal_goto(
tctx, status, expected_status, ret, done,
talloc_asprintf(tctx, "Level %s failed\n",
file_levels_access[i].name));
smb2_util_close(tree, hfile);
/*
* Now open with expected access, getinfo should work.
*/
status = torture_smb2_testfile_access(
tree, fname, &hfile, file_levels_access[i].required_access);
torture_assert_ntstatus_ok_goto(
tctx, status, ret, done,
"Unable to open test file\n");
if (file_levels_access[i].level == RAW_FILEINFO_SEC_DESC) {
finfo.query_secdesc.in.secinfo_flags = 0x7;
}
if (file_levels_access[i].level == RAW_FILEINFO_SMB2_ALL_EAS) {
finfo.all_eas.in.continue_flags =
SMB2_CONTINUE_FLAG_RESTART;
}
finfo.generic.level = file_levels_access[i].level;
finfo.generic.in.file.handle = hfile;
status = smb2_getinfo_file(tree, tree, &finfo);
torture_assert_ntstatus_ok_goto(
tctx, status, ret, done,
talloc_asprintf(tctx, "%s on file",
file_levels_access[i].name));
smb2_util_close(tree, hfile);
}
done:
smb2_deltree(tree, fname);
return ret;
}
struct torture_suite *torture_smb2_getinfo_init(TALLOC_CTX *ctx)
{
struct torture_suite *suite = torture_suite_create(
@ -800,5 +945,7 @@ struct torture_suite *torture_smb2_getinfo_init(TALLOC_CTX *ctx)
torture_smb2_fileinfo_grant_read);
torture_suite_add_simple_test(suite, "normalized",
torture_smb2_fileinfo_normalized);
torture_suite_add_1smb2_test(suite, "getinfo_access",
torture_smb2_getfinfo_access);
return suite;
}