mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
smbtorture: test creating stream doesn't crash when using "inherit permissions = yes"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 0983560830
)
This commit is contained in:
parent
60052ea77a
commit
a60419838b
1
selftest/knownfail.d/samba3.smb2.stream-inherit-perms
Normal file
1
selftest/knownfail.d/samba3.smb2.stream-inherit-perms
Normal file
@ -0,0 +1 @@
|
|||||||
|
^samba3.smb2.stream-inherit-perms.stream-inherit-perms\(fileserver\)
|
@ -2054,6 +2054,11 @@ sub setup_fileserver
|
|||||||
comment = Home directories
|
comment = Home directories
|
||||||
browseable = No
|
browseable = No
|
||||||
read only = No
|
read only = No
|
||||||
|
|
||||||
|
[inherit_perms]
|
||||||
|
path = $share_dir
|
||||||
|
vfs objects = streams_depot
|
||||||
|
inherit permissions = yes
|
||||||
";
|
";
|
||||||
|
|
||||||
if (defined($more_conf)) {
|
if (defined($more_conf)) {
|
||||||
|
@ -1334,6 +1334,8 @@ for t in tests:
|
|||||||
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
|
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
|
||||||
plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD')
|
plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD')
|
||||||
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/streams_xattr -U$USERNAME%$PASSWORD', 'streams_xattr')
|
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/streams_xattr -U$USERNAME%$PASSWORD', 'streams_xattr')
|
||||||
|
elif t == "smb2.stream-inherit-perms":
|
||||||
|
plansmbtorture4testsuite(t, "fileserver", '//$SERVER/inherit_perms -U$USERNAME%$PASSWORD')
|
||||||
elif t == "smb2.aio_delay":
|
elif t == "smb2.aio_delay":
|
||||||
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/aio_delay_inject -U$USERNAME%$PASSWORD')
|
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/aio_delay_inject -U$USERNAME%$PASSWORD')
|
||||||
elif t == "smb2.delete-on-close-perms":
|
elif t == "smb2.delete-on-close-perms":
|
||||||
|
@ -178,6 +178,8 @@ NTSTATUS torture_smb2_init(TALLOC_CTX *ctx)
|
|||||||
torture_suite_add_suite(suite, torture_smb2_oplocks_init(suite));
|
torture_suite_add_suite(suite, torture_smb2_oplocks_init(suite));
|
||||||
torture_suite_add_suite(suite, torture_smb2_kernel_oplocks_init(suite));
|
torture_suite_add_suite(suite, torture_smb2_kernel_oplocks_init(suite));
|
||||||
torture_suite_add_suite(suite, torture_smb2_streams_init(suite));
|
torture_suite_add_suite(suite, torture_smb2_streams_init(suite));
|
||||||
|
torture_suite_add_1smb2_test(suite, "stream-inherit-perms",
|
||||||
|
test_stream_inherit_perms);
|
||||||
torture_suite_add_suite(suite, torture_smb2_ioctl_init(suite));
|
torture_suite_add_suite(suite, torture_smb2_ioctl_init(suite));
|
||||||
torture_suite_add_simple_test(suite, "set-sparse-ioctl",
|
torture_suite_add_simple_test(suite, "set-sparse-ioctl",
|
||||||
test_ioctl_set_sparse);
|
test_ioctl_set_sparse);
|
||||||
|
@ -30,6 +30,7 @@
|
|||||||
#include "system/filesys.h"
|
#include "system/filesys.h"
|
||||||
#include "system/locale.h"
|
#include "system/locale.h"
|
||||||
#include "lib/util/tsort.h"
|
#include "lib/util/tsort.h"
|
||||||
|
#include "libcli/security/security_descriptor.h"
|
||||||
|
|
||||||
#define DNAME "teststreams"
|
#define DNAME "teststreams"
|
||||||
|
|
||||||
@ -2395,6 +2396,78 @@ done:
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Simple test creating a stream on a share with "inherit permissions"
|
||||||
|
* enabled. This tests specifically bug 15695.
|
||||||
|
*/
|
||||||
|
bool test_stream_inherit_perms(struct torture_context *tctx,
|
||||||
|
struct smb2_tree *tree)
|
||||||
|
{
|
||||||
|
NTSTATUS status;
|
||||||
|
struct smb2_handle h = {};
|
||||||
|
union smb_fileinfo q = {};
|
||||||
|
union smb_setfileinfo setinfo = {};
|
||||||
|
struct security_descriptor *sd = NULL;
|
||||||
|
struct security_ace ace = {};
|
||||||
|
const char *fname = DNAME "\\test_stream_inherit_perms:stream";
|
||||||
|
bool ret = true;
|
||||||
|
|
||||||
|
smb2_deltree(tree, DNAME);
|
||||||
|
|
||||||
|
status = torture_smb2_testdir(tree, DNAME, &h);
|
||||||
|
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
|
||||||
|
"torture_smb2_testdir failed\n");
|
||||||
|
|
||||||
|
torture_comment(tctx, "getting original sd\n");
|
||||||
|
|
||||||
|
q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
|
||||||
|
q.query_secdesc.in.file.handle = h;
|
||||||
|
q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
|
||||||
|
|
||||||
|
status = smb2_getinfo_file(tree, tctx, &q);
|
||||||
|
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
|
||||||
|
"smb2_getinfo_file failed\n");
|
||||||
|
|
||||||
|
sd = q.query_secdesc.out.sd;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Add one explicit non-inheriting ACE which will be stored
|
||||||
|
* as a non-inheriting POSIX ACE. These are the ACEs that
|
||||||
|
* "inherit permissions" will want to inherit.
|
||||||
|
*/
|
||||||
|
ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
|
||||||
|
ace.access_mask = SEC_STD_ALL;
|
||||||
|
ace.trustee = *(sd->owner_sid);
|
||||||
|
|
||||||
|
status = security_descriptor_dacl_add(sd, &ace);
|
||||||
|
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
|
||||||
|
"security_descriptor_dacl_add failed\n");
|
||||||
|
|
||||||
|
setinfo.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
|
||||||
|
setinfo.set_secdesc.in.file.handle = h;
|
||||||
|
setinfo.set_secdesc.in.secinfo_flags = SECINFO_DACL;
|
||||||
|
setinfo.set_secdesc.in.sd = sd;
|
||||||
|
|
||||||
|
status = smb2_setinfo_file(tree, &setinfo);
|
||||||
|
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
|
||||||
|
"smb2_setinfo_file failed");
|
||||||
|
|
||||||
|
smb2_util_close(tree, h);
|
||||||
|
ZERO_STRUCT(h);
|
||||||
|
|
||||||
|
/* This triggers the crash */
|
||||||
|
status = torture_smb2_testfile(tree, fname, &h);
|
||||||
|
torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
|
||||||
|
"torture_smb2_testfile failed");
|
||||||
|
|
||||||
|
done:
|
||||||
|
if (!smb2_util_handle_empty(h)) {
|
||||||
|
smb2_util_close(tree, h);
|
||||||
|
}
|
||||||
|
smb2_deltree(tree, DNAME);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
basic testing of streams calls SMB2
|
basic testing of streams calls SMB2
|
||||||
*/
|
*/
|
||||||
|
Loading…
Reference in New Issue
Block a user