sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-03 04:22:09 +03:00
Code Activity

r3400: - allow callers to control the flags2 field in raw packets

Browse Source 
- added testing of the FLAGS2_READ_PERMIT_EXECUTE bit in the ntdeny tests
(This used to be commit adf4a68270)
This commit is contained in:
Andrew Tridgell
2004-10-31 03:26:30 +00:00
committed by Gerald (Jerry) Carter
parent 50c5059ab0
commit b24fcfc1aa
4 changed files with 41 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
source4/include/cli_context.h
View File

@ -189,6 +189,10 @@ struct smbcli_session {
/* default pid for this session */
uint32_t pid;
/* the flags2 for each packet - this allows
the user to control these for torture testing */
uint16_t flags2;
DATA_BLOB user_session_key;
/* the spnego context if we use extented security */

22
source4/libcli/raw/clisession.c
View File

@ -33,6 +33,8 @@
struct smbcli_session *smbcli_session_init(struct smbcli_transport *transport)
{
struct smbcli_session *session;
uint16_t flags2;
uint32_t capabilities;
session = talloc_p(transport, struct smbcli_session);
if (!session) {
@ -44,6 +46,26 @@ struct smbcli_session *smbcli_session_init(struct smbcli_transport *transport)
session->pid = (uint16_t)getpid();
session->vuid = UID_FIELD_INVALID;
capabilities = transport->negotiate.capabilities;
flags2 = FLAGS2_LONG_PATH_COMPONENTS;
if (capabilities & CAP_UNICODE) {
flags2 |= FLAGS2_UNICODE_STRINGS;
}
if (capabilities & CAP_STATUS32) {
flags2 |= FLAGS2_32_BIT_ERROR_CODES;
}
if (capabilities & CAP_EXTENDED_SECURITY) {
flags2 |= FLAGS2_EXTENDED_SECURITY;
}
if (session->transport->negotiate.sign_info.doing_signing) {
flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
}
session->flags2 = flags2;
return session;
}

22
source4/libcli/raw/rawrequest.c
View File

@ -139,35 +139,17 @@ struct smbcli_request *smbcli_request_setup_transport(struct smbcli_transport *t
way. This interface is used before a session is setup.
*/
struct smbcli_request *smbcli_request_setup_session(struct smbcli_session *session,
uint8_t command, uint_t wct, uint_t buflen)
uint8_t command, uint_t wct, uint_t buflen)
{
struct smbcli_request *req;
uint16_t flags2;
uint32_t capabilities;
req = smbcli_request_setup_transport(session->transport, command, wct, buflen);
if (!req) return NULL;
req->session = session;
flags2 = FLAGS2_LONG_PATH_COMPONENTS;
capabilities = session->transport->negotiate.capabilities;
if (capabilities & CAP_UNICODE) {
flags2 |= FLAGS2_UNICODE_STRINGS;
}
if (capabilities & CAP_STATUS32) {
flags2 |= FLAGS2_32_BIT_ERROR_CODES;
}
if (capabilities & CAP_EXTENDED_SECURITY) {
flags2 |= FLAGS2_EXTENDED_SECURITY;
}
if (session->transport->negotiate.sign_info.doing_signing) {
flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
}
SSVAL(req->out.hdr, HDR_FLG2, flags2);
SSVAL(req->out.hdr, HDR_FLG2, session->flags2);
SSVAL(req->out.hdr, HDR_PID, session->pid & 0xFFFF);
SSVAL(req->out.hdr, HDR_PIDHIGH, session->pid >> 16);
SSVAL(req->out.hdr, HDR_UID, session->vuid);

15
source4/torture/basic/denytest.c
View File

@ -1689,7 +1689,7 @@ static const char *bit_string(TALLOC_CTX *mem_ctx, const struct bit_value *bv, i
determine if two opens conflict
*/
static NTSTATUS predict_share_conflict(uint32_t sa1, uint32_t am1, uint32_t sa2, uint32_t am2,
enum deny_result *res)
uint16_t flags2, enum deny_result *res)
{
#define CHECK_MASK(am, sa, right, share) do { \
if (((am) & (right)) && !((sa) & (share))) { \
@ -1703,6 +1703,9 @@ static NTSTATUS predict_share_conflict(uint32_t sa1, uint32_t am1, uint32_t sa2,
}
if (am2 & SA_RIGHT_FILE_READ_DATA) {
*res += A_R;
} else if ((am2 & SA_RIGHT_FILE_EXECUTE) &&
(flags2 & FLAGS2_READ_PERMIT_EXECUTE)) {
*res += A_R;
}
/* if either open involves no read.write or delete access then
@ -1820,6 +1823,12 @@ static BOOL torture_ntdenytest(struct smbcli_state *cli1, struct smbcli_state *c
status1 = smb_raw_open(cli1->tree, mem_ctx, &io1);
status2 = smb_raw_open(cli2->tree, mem_ctx, &io2);
if (random() % 2 == 0) {
cli2->tree->session->flags2 |= FLAGS2_READ_PERMIT_EXECUTE;
} else {
cli2->tree->session->flags2 &= ~FLAGS2_READ_PERMIT_EXECUTE;
}
if (!NT_STATUS_IS_OK(status1)) {
res = A_X;
@ -1847,7 +1856,9 @@ static BOOL torture_ntdenytest(struct smbcli_state *cli1, struct smbcli_state *c
status2_p = predict_share_conflict(io1.ntcreatex.in.share_access,
io1.ntcreatex.in.access_mask,
io2.ntcreatex.in.share_access,
io2.ntcreatex.in.access_mask, &res2);
io2.ntcreatex.in.access_mask,
cli2->tree->session->flags2,
&res2);
GetTimeOfDay(&tv);
tdif = usec_time_diff(&tv, &tv_start);