1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

704 Commits

Author SHA1 Message Date
Jeremy Allison
a8ed244148 s3: torture: Add a comprehensive SMB1 DFS path torture tester.
smbtorture3 test is: SMB1-DFS-PATHS

Tests open, and then all 4 methods of renaming/hardlinking
files:

1). SMBmv
2). SMBtrans2 SETPATHINFO
3). SMBtrans2 SETFILEINFO
4). SMBntrename

Also added a test for SMB1findfirst.

smbtorture3 test is: SMB1-DFS-SEARCH-PATHS.

What this shows is that Windows strips off the
SMB1findfirst mask *before* calling the DFS path
parser (smbd currently does not).

Added so we know how to fix the server code to match Windows
behavior in parsing DFS paths in different calls going forward.

Passes fully against Windows. Adds knownfails for smbd.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
2022-09-02 16:42:34 +00:00
Ralph Boehme
3dcdab86f1 smbtorture: add a test trying to create a stream on share without streams support
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15161

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2022-09-02 15:00:36 +00:00
Volker Lendecke
887facd373 tests: Add smb3 posix negotiate tests
Make sure we do and don't announce posix depending on "smb3 unix
extensions" parameter

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-09-02 13:31:38 +00:00
Jeremy Allison
e492986661 s3: torture: Add a comprehensive SMB2 DFS path torture tester.
Passes fully against Windows.

This shows that DFS paths on Windows on SMB2 must
be of the form:

SERVER\SHARE\PATH

but the actual contents of the strings SERVER and
SHARE don't need to match the given server or share.

The algorithm the Windows server uses is the following:

Look for a '\\' character, and assign anything before
that to the SERVER component. The characters in this
component are not checked for validity.

Look for a second '\\' character and assign anything
between the first and second '\\' characters to the
SHARE component. The characters in the share component
are checked for validity, but only ':' is flagged as
an illegal sharename character despite what:

[MS-FSCC] https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-fscc/dc9978d7-6299-4c5a-a22d-a039cdc716ea

says.

Anything after the second '\\' character is assigned
to the PATH component and becomes the share-relative
path.

If there aren't two '\\' characters it removes
everything and ends up with the empty string as
the share relative path.

To give some examples, the following pathnames all map
to the directory at the root of the DFS share:

SERVER\SHARE
SERVER
""
ANY\NAME
ANY
::::\NAME

the name:

SERVER\:

is illegal (sharename contains ':') and the name:

ANY\NAME\file

maps to a share-relative pathname of "file",
despite "ANY" not being the server name, and
"NAME" not being the DFS share name we are
connected to.

Adds a knownfail for smbd as our current code
in parse_dfs_path() is completely incorrect
here and tries to map "incorrect" DFS names
into local paths. I will work on fixing this
later, but we should be able to remove parse_dfs_path()
entirely and move the DFS pathname logic before
the call to filename_convert_dirfsp() in the
same way Volker suggested and was able to achieve
for extract_snapshot_token() and the @GMT pathname
processing.

Also proves the "target" paths for SMB2_SETINFO
rename and hardlink must *not* be DFS-paths.

Next I will work on a torture tester for SMB1
DFS paths.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reivewed-by: Noel Power <npower@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 30 17:10:33 UTC 2022 on sn-devel-184
2022-08-30 17:10:33 +00:00
Jeremy Allison
c693367322 s3: tests: Add samba3.blackbox.test_veto_files.
Shows we currently don't look at smb.conf veto files parameter
when opening a file or directory. Checks multi-component paths.
Also checks veto files that might be hidden behind a mangled
name.

Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15143

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-08-16 07:33:36 +00:00
Ralph Boehme
23bc760ec5 CI: add a test trying to delete a stream on a pathref ("stat open") handle
When using vfs_streams_xattr, for a pathref handle of a stream the system fd
will be a fake fd created by pipe() in vfs_fake_fd().

For the following callchain we wrongly pass a stream fsp to
SMB_VFS_FGET_NT_ACL():

SMB_VFS_CREATE_FILE(..., "file:stream", ...)
=> open_file():
   if (open_fd):
   -> taking the else branch:
   -> smbd_check_access_rights_fsp(stream_fsp)
      -> SMB_VFS_FGET_NT_ACL(stream_fsp)

This is obviously wrong and can lead to strange permission errors when using
vfs_acl_xattr:

in vfs_acl_xattr we will try to read the stored ACL by calling
fgetxattr(fake-fd) which of course faild with EBADF. Now unfortunately the
vfs_acl_xattr code ignores the specific error and handles this as if there was
no ACL stored and subsequently runs the code to synthesize a default ACL
according to the setting of "acl:default acl style".

As the correct access check for streams has already been carried out by calling
check_base_file_access() from create_file_unixpath(), the above problem is not
a security issue: it can only lead to "decreased" permissions resulting in
unexpected ACCESS_DENIED errors.

The fix is obviously going to be calling
smbd_check_access_rights_fsp(stream_fsp->base_fsp).

This test verifies that deleting a file works when the stored NT ACL grants
DELETE_FILE while the basic POSIX permissions (used in the acl_xattr fallback
code) do not.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2022-08-10 15:32:35 +00:00
Andreas Schneider
9923d50574 s4:torture: Rename rpc.samr.passwords tests
This way it is easier to select them with 'make test'.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2022-07-15 13:28:37 +00:00
Andreas Schneider
d692c5a6a3 s3:selftest: Reformat rpc array
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
2022-07-15 13:28:37 +00:00
Ralph Boehme
8e997bd6e9 CI: fix check for correct mdsvc resonse when connecting to a share with Spotlight disabled
A Mac SMB server returns an all zero handle and an empty path if Spotlight is
disabled on a share. We must return the exact same error return in order to
trigger client-side searching.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15086
pcap: https://www.samba.org/~slow/pcaps/mac-bigsur-smbserver-spotlight-disabled.pcapng.gz

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2022-07-12 14:45:36 +00:00
Ralph Boehme
f2b6258b68 vfs_acl_xattr: add acl_xattr:security_acl_name option
Pair-Programmed-With: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
2022-06-27 15:50:29 +00:00
Jeremy Allison
238b2cbb8f s3: tests: Add test that shows smbd crashes using vfs_fruit with fruit:resource = stream on deleting a file.
Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15099

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2022-06-20 13:25:31 +00:00
Jeremy Allison
fe78d3c014 s3: test: Add tests to show we still connect to a full_audit share with a bad success or fail VFS names.
Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15098

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-06-17 01:28:29 +00:00
Christian Ambach
7ba732bac1 s3:smbd implement volume serial number parameter
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14765
RN: add new smb.conf parameter "volume serial number" to allow overriding
the generated default value

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed=by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jun  6 17:42:37 UTC 2022 on sn-devel-184
2022-06-06 17:42:37 +00:00
Volker Lendecke
3145131809 selftest: Test for bug 15062 -- list "username" in netshareenum
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15062

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-05-18 16:50:34 +00:00
Ralph Boehme
eb3c47ac33 CI: use native Python functions to detect system and release
This ensures we detect the runtime system and release, not the ones
when Samba was build. It's necessary to detect the correct kernel
version we're running on because for kernels before 5.3.1 O_PATH opens
unnecessarily broke kernel oplocks, which breaks our tests. And in
gitlab it can happen that we build on kernels after 5.3.1 and later
run on older kernels. In this situation we can't run kernel oplock
tests.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-04-28 13:12:33 +00:00
Pavel Filipenský
af8747a28b s3:tests Test "username map" for UNIX groups
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15041

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2022-04-07 08:55:37 +00:00
Ralph Boehme
643da37fd1 smbd: remove itime and file_id logic and code
This bases File-Ids on the inode numbers again. The whole stuff was
added because at that time Apple clients

1. would be upset by inode number reusage and

2. had a client side bug in their fallback implemetentation that
assigns File-Ids on the client side in case the server provides
File-Ids of 0.

After discussion with folks at Apple it should be safe these days to
rely on the Mac to generate its own File-Ids and let Samba return 0
File-Ids.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-31 23:01:37 +00:00
Ralph Boehme
8532d7b38c CI: consolidate SMB2-FILEID and SMB2-FILEID-UNIQUE torture test suites
We don't need seperate test suites here, all tests are related to
File-Ids.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-31 23:01:37 +00:00
Ralph Boehme
f734e960eb CI: avoid smb2.twrp being run by plansmbtorture4testsuite() directly
This should only be run by a blackbox test.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15035

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-03-31 17:53:29 +00:00
Jeremy Allison
e01c5992b0 s3: tests.py: Only run smb2.rename against fileserver.
No need to run this against nt4_dc or ad_dc.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15038

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2022-03-30 14:16:29 +00:00
Jeremy Allison
5fe341d2d6 s3: torture: Add 2 new tests SMB2-DEL-ON-CLOSE-NONWRITE-DELETE-NO, SMB2-DEL-ON-CLOSE-NONWRITE-DELETE-YES.
We currently allow setting the delete on close bit for
a directory containing only explicitly hidden/vetoed files
in the case where "delete veto files = yes" *and*
"delete veto files = no". For the "delete veto files = no"
case we should be denying setting the delete on close bit
when the client tries to set it (that's the only time Windows
looks at the bit and returns an error to the user). We
already do the in the dangling symlink case, we just
missed it in the !is_visible_fsp() case.

Mark SMB2-DEL-ON-CLOSE-NONWRITE-DELETE-NO as knownfail
for now.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15023

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2022-03-22 16:49:34 +00:00
Andrew Bartlett
4e21be7e89 selftest: Remove duplicate run of rpc.lsa tests against ad_dc as "samba3"
Running these tests twice is a waste (sorry, thas was my choice when
merging s3 and s4 to just run all the tests against the AD DC) and
more importantly means that tests are run in "samba3" mode against
the AD DC, making it difficult to change the tests to expect a different
behaivour against the AD DC compared to the NT4 DC.

To assure that we have not lost tests, I ran:
grep command st/subunit | grep ad_dc| cut -f 2 -d\" | cut -f 2- -d. | sort | uniq -c

The two blocks (for rpc.lsa and rpc.lsa.*) are because the rpc.lsa.*
subtests were not previously run under ncacn_ip_tcp: and this is the
minimal change.

The output is:
--- /tmp/3	2022-02-12 14:01:50.435761067 +1300
+++ /tmp/now	2022-02-12 14:01:37.427595351 +1300
@@ -13,9 +13,8 @@
       2 rpc.lsa-getuser on ncalrpc with validate.
       2 rpc.lsa-getuser with bigendian.
       2 rpc.lsa-getuser with seal,padcheck.
       2 rpc.lsa-getuser with validate.
-      2 rpc.lsa.lookupnames.
       2 rpc.lsa.lookupnames with .
       2 rpc.lsa.lookupnames with bigendian.
       2 rpc.lsa.lookupnames with validate.
       2 rpc.lsalookup on ncacn_ip_tcp with bigendian.
@@ -26,9 +25,8 @@
       2 rpc.lsalookup on ncacn_np with validate.
       2 rpc.lsalookup on ncalrpc with bigendian.
       2 rpc.lsalookup on ncalrpc with seal,padcheck.
       2 rpc.lsalookup on ncalrpc with validate.
-      2 rpc.lsa.lookupsids.
       2 rpc.lsa.lookupsids with .
       2 rpc.lsa.lookupsids with bigendian.
       2 rpc.lsa.lookupsids with validate.
       2 rpc.lsalookup with bigendian.
@@ -42,15 +40,11 @@
       2 rpc.lsa on ncacn_np with validate.
       2 rpc.lsa on ncalrpc with bigendian.
       2 rpc.lsa on ncalrpc with seal,padcheck.
       2 rpc.lsa on ncalrpc with validate.
-      2 rpc.lsa over ncacn_ip_tcp .
-      2 rpc.lsa over ncacn_np .
-      2 rpc.lsa.privileges.
       2 rpc.lsa.privileges with .
       2 rpc.lsa.privileges with bigendian.
       2 rpc.lsa.privileges with validate.
-      2 rpc.lsa.secrets.
       2 rpc.lsa.secrets on ncacn_np with with -k no --option=clientusespnego=no.
       2 rpc.lsa.secrets on ncacn_np with with -k no --option=clientusespnego=no --option=clientntlmv2auth=yes.
       2 rpc.lsa.secrets on ncacn_np with with -k no --option=clientusespnego=yes.
       2 rpc.lsa.secrets on ncacn_np with with -k no --option=clientusespnego=yes --option=clientntlmv2auth=yes.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-03-17 01:57:38 +00:00
Andrew Bartlett
5e9cb0ad20 selftest: Remove duplicate run of rpc.samr tests against ad_dc as "samba3"
Running these tests twice is a waste (sorry, thas was my choice when
merging s3 and s4 to just run all the tests against the AD DC) and
more importantly means that tests are run in "samba3" mode against
the AD DC, making it difficult to change the tests to expect a different
behaivour against the AD DC compared to the NT4 DC.

To assure that we have not lost tests, I ran:
grep command st/subunit | grep ad_dc| cut -f 2 -d\" | cut -f 2- -d. | sort | uniq -c

The output is:
--- /tmp/2 2022-02-11 21:00:54.033610748 +1300
+++ /tmp/now 2022-02-11 21:01:13.849823721 +1300
@@ -1,32 +1,21 @@
-      2 rpc.samr.
-      2 rpc.samr.handletype.
       2 rpc.samr.handletype with .
       2 rpc.samr.handletype with bigendian.
       2 rpc.samr.handletype with validate.
-      2 rpc.samr.large-dc.
       2 rpc.samr.large-dc on ncacn_np with .
-      2 rpc.samr.machine.auth.
       2 rpc.samr.machine.auth with .
       2 rpc.samr.machine.auth with bigendian.
       2 rpc.samr.machine.auth with validate.
       2 rpc.samr on ncacn_np with .
-      2 rpc.samr.passwords.
-      2 rpc.samr.passwords.badpwdcount.
       2 rpc.samr.passwords.badpwdcount on ncacn_np with .
       2 rpc.samr.passwords.lockout on ncacn_np with .
       2 rpc.samr.passwords on ncacn_np with .
-      2 rpc.samr.passwords.pwdlastset.
       2 rpc.samr.passwords.pwdlastset on ncacn_np with .
       2 rpc.samr.passwords.validate on ncacn_ip_tcp with bigendian.
       2 rpc.samr.passwords.validate on ncacn_ip_tcp with seal,padcheck.
       2 rpc.samr.passwords.validate on ncacn_ip_tcp with validate.
-      2 rpc.samr.passwords.validate over ncacn_ip_tcp .
-      2 rpc.samr.priv.
       2 rpc.samr.priv with .
       2 rpc.samr.priv with bigendian.
       2 rpc.samr.priv with validate.
-      2 rpc.samr.users.
       2 rpc.samr.users on ncacn_np with .
-      2 rpc.samr.users.privileges.
       2 rpc.samr.users.privileges on ncacn_np with .
       4 tests.dcerpc.samr_change_password.

It is clear that the tests are all still being run at least once against the AD DC.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-03-17 01:57:38 +00:00
Pavel Filipenský
39d85c34d2 s3:script: Blackbox tests for the rpcclient DFS commands
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2022-03-06 23:05:40 +00:00
Ralph Boehme
ffdb1c3e00 CI: add test "smb2.async_dosmode"
Verifies async-dosmode sync fallback works with shadow_copy2 which returns
ENOSYS for SMB_VFS_GET_DOS_ATTRIBUTES_SEND().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14957

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-02-28 20:01:36 +00:00
Ralph Boehme
1e3e22cc45 CI: remove shares referencing removed functionality
The whole "smbd:force sync [user|root] [path|chdir] safe threadpool" stuff was
removed long ago by 29dd6f3e59.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14957

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-02-28 20:01:36 +00:00
Andreas Schneider
14a98f3fa9 s3:tests: Run test_idmap_rid.sh against admem_idmap_autorid
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2022-02-23 10:57:28 +00:00
Pavel Filipenský
a25c714c34 s3:selftest: Add test for virus scanner
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14971

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>

Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2022-02-10 21:14:33 +00:00
Volker Lendecke
5f1ceead70 torture: Add a test to show that full_audit uses a ptr after free
Run vfstest with this vfstest.cmd under valgrind and you'll see what
happens. Exact explanation a few patches further down...

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-02-10 18:16:36 +00:00
Jeremy Allison
a44435c6e7 CVE-2021-44141: s3: torture: Add a test samba3.blackbox.test_symlink_rename.SMB1.posix that shows we still leak target info across a SMB1+POSIX rename.
Add a knownfail.d/posix_sylink_rename

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14911

Signed-off-by: Jeremy Allison <jra@samba.org>
2022-01-31 15:27:37 +00:00
Jeremy Allison
4e75e24baa CVE-2021-44141: s3: torture: Add samba3.blackbox.test_symlink_traversal.SMB1.posix
Add to knownfail.d/symlink_traversal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14911

Signed-off-by: Jeremy Allison <jra@samba.org>
2022-01-31 15:27:37 +00:00
Jeremy Allison
3bc85d615e CVE-2021-44141: s3: torture: Add samba3.blackbox.test_symlink_traversal.SMB1.
Add to knownfail.d/symlink_traversal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14911

Signed-off-by: Jeremy Allison <jra@samba.org>
2022-01-31 15:27:37 +00:00
Jeremy Allison
1f7e870dda CVE-2021-44141: s3: torture: Add samba3.blackbox.test_symlink_traversal.SMB2.
Add to knownfail.d/symlink_traversal

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14911

Signed-off-by: Jeremy Allison <jra@samba.org>
2022-01-31 15:27:37 +00:00
Stefan Metzmacher
9110a8854a blackbox.ndrdump: adjust example files to changed dump_data() output.
The cleanup using dump_data_block16() fixed the space handling.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2022-01-24 15:25:36 +00:00
Volker Lendecke
03734be1d6 test: Test rpcclient ncacn_ip_tcp:<ip-address>
Right now connecting to an IP address is broken.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2022-01-10 10:59:36 +00:00
Jeremy Allison
30fea0d311 tests: Add 2 tests for unique fileid's with top bit set (generated from itime) for files and directories.
smb2.fileid_unique.fileid_unique
smb2.fileid_unique.fileid_unique-dir

Create 100 files or directories as fast as we can
against a "normal" share, then read info on them
and ensure (a) top bit is set (generated from itime)
and (b) uniqueness across all generated objects
(checks poor timestamp resolution doesn't create
duplicate fileids).

This shows that even on ext4, this is enough to
cause duplicate fileids to be returned.

Add knownfail.d/fileid-unique

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14928

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2022-01-08 05:43:32 +00:00
Jeremy Allison
0d9d1546a7 s3: selftest: Add two tests that show we try and send an SMB1 request over an SMB2 connection to list servers if "-mSMB3" is selected.
Add knownfail: knownfail.d/list_servers

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14939

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2022-01-06 10:57:30 +00:00
Jeremy Allison
d2aae105c6 s3: torture: Remove the wildcard unlink test code.
This is pre WindowXP SMB1 functionality, and we
need to remove this from the server in order to
move towards SMB2-only, so the test must go.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2021-12-09 18:06:35 +00:00
Volker Lendecke
9faa317319 selftest: Add reproducer for bug 14908
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14908
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2021-11-17 17:41:30 +00:00
Ralph Boehme
1fa006f1f7 CI: add a test for bug 14882
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14882

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-11-04 19:04:31 +00:00
Jeremy Allison
adfad63909 s3: smbtorture3: Add test for setting delete on close on a directory, then creating a file within to see if delete succeeds.
Exposes an existing problem where "ret" is overwritten
in the directory scan.

Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14892

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2021-11-04 08:22:34 +00:00
Jeremy Allison
942123b959 s3: smbd: Add two tests showing the ability to delete a directory containing a dangling symlink over SMB2 depends on "delete veto files" setting.
Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14879

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2021-10-29 14:02:34 +00:00
Jeremy Allison
ad0082d79a s3: smbd: Add two tests showing recursive directory delete of a directory containing veto file and msdfs links over SMB2.
Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14878

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2021-10-29 14:02:34 +00:00
Jeremy Allison
954e637ddc s3: selftest: Add regression test to show the $cwd cache is misbehaving when we connect as a different user on a share.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14682

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2021-10-08 20:38:34 +00:00
Jeremy Allison
a54d9ffc87 s3: smbd: Add fifo test for the DISABLE_OPATH case.
Currently we hang when trying to list a directory
containing a fifo when configured with DISABLE_OPATH.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14816

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2021-09-06 08:30:31 +00:00
Jeremy Allison
5fdf4219c6 s3: selftest: Add a test for vfs_streams_depot with the target path outside of the share.
Mark as knownfail.d/simpleserver_streams

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14760

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
2021-08-19 16:14:30 +00:00
Ralph Boehme
39db53a139 selftest: add a test for the "deadtime" parameter
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14783

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-08-10 17:50:32 +00:00
Andreas Schneider
eabf9803ec s3:selftests: Pass env variables to fips tests
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-07-28 06:23:37 +00:00
Andreas Schneider
84b9f58616 s3:tests: Add smbclient kerberos tests for ad_dc and ad_dc_fips
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jul 21 07:19:00 UTC 2021 on sn-devel-184
2021-07-21 07:19:00 +00:00
Jeremy Allison
8f8d0eaad6 s3: tests: Add "SMB2-LIST-DIR-ASYNC" test.
Add as knownfail.

Shows our "smbd async dosmode" code wasn't working.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14758

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2021-07-15 05:02:30 +00:00