LCOV - code coverage report
Current view: top level - source4/torture/smb2 - session.c (source / functions) Hit Total Coverage
Test: coverage report for master 98b443d9 Lines: 3023 3235 93.4 %
Date: 2024-05-31 13:13:24 Functions: 80 80 100.0 %

          Line data    Source code
       1             : /*
       2             :    Unix SMB/CIFS implementation.
       3             : 
       4             :    test suite for SMB2 session setups
       5             : 
       6             :    Copyright (C) Michael Adam 2012
       7             : 
       8             :    This program is free software; you can redistribute it and/or modify
       9             :    it under the terms of the GNU General Public License as published by
      10             :    the Free Software Foundation; either version 3 of the License, or
      11             :    (at your option) any later version.
      12             : 
      13             :    This program is distributed in the hope that it will be useful,
      14             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      15             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      16             :    GNU General Public License for more details.
      17             : 
      18             :    You should have received a copy of the GNU General Public License
      19             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      20             : */
      21             : 
      22             : #include "includes.h"
      23             : #include "libcli/smb2/smb2.h"
      24             : #include "libcli/smb2/smb2_calls.h"
      25             : #include "torture/torture.h"
      26             : #include "torture/util.h"
      27             : #include "torture/smb2/proto.h"
      28             : #include "../libcli/smb/smbXcli_base.h"
      29             : #include "lib/cmdline/cmdline.h"
      30             : #include "auth/credentials/credentials.h"
      31             : #include "auth/credentials/credentials_krb5.h"
      32             : #include "libcli/security/security.h"
      33             : #include "libcli/resolve/resolve.h"
      34             : #include "lib/param/param.h"
      35             : #include "lib/util/tevent_ntstatus.h"
      36             : 
      37             : /* Ticket lifetime we want to request in seconds */
      38             : #define KRB5_TICKET_LIFETIME 5
      39             : /* Allowed clock skew in seconds */
      40             : #define KRB5_CLOCKSKEW 5
      41             : /* Time till ticket fully expired in seconds */
      42             : #define KRB5_TICKET_EXPIRETIME KRB5_TICKET_LIFETIME + KRB5_CLOCKSKEW
      43             : 
      44             : #define texpand(x) #x
      45             : #define GENSEC_GSSAPI_REQUESTED_LIFETIME(x) \
      46             :         "gensec_gssapi:requested_life_time=" texpand(x)
      47             : 
      48             : #define CHECK_CREATED(tctx, __io, __created, __attribute)                       \
      49             :         do {                                                                    \
      50             :                 torture_assert_int_equal(tctx, (__io)->out.create_action,    \
      51             :                                                 NTCREATEX_ACTION_ ## __created, \
      52             :                                                 "out.create_action incorrect");       \
      53             :                 torture_assert_int_equal(tctx, (__io)->out.size, 0,          \
      54             :                                                 "out.size incorrect");                \
      55             :                 torture_assert_int_equal(tctx, (__io)->out.file_attr,                \
      56             :                                                 (__attribute),                  \
      57             :                                                 "out.file_attr incorrect");   \
      58             :                 torture_assert_int_equal(tctx, (__io)->out.reserved2, 0,     \
      59             :                                 "out.reserverd2 incorrect");                  \
      60             :         } while(0)
      61             : 
      62             : #define WAIT_FOR_ASYNC_RESPONSE(req) \
      63             :         while (!req->cancel.can_cancel && req->state <= SMB2_REQUEST_RECV) { \
      64             :                 if (tevent_loop_once(tctx->ev) != 0) { \
      65             :                         break; \
      66             :                 } \
      67             :         }
      68             : 
      69          45 : static void sleep_remaining(struct torture_context *tctx,
      70             :                             const struct timeval *endtime)
      71             : {
      72          45 :         struct timeval current = tevent_timeval_current();
      73          45 :         double remaining_secs = timeval_elapsed2(&current, endtime);
      74             : 
      75          45 :         remaining_secs = remaining_secs < 1.0 ? 1.0 : remaining_secs;
      76          45 :         torture_comment(
      77             :                 tctx,
      78             :                 "sleep for %2.f second(s) that the krb5 ticket expires",
      79             :                 remaining_secs);
      80          45 :         smb_msleep((int)(remaining_secs * 1000));
      81          45 : }
      82             : 
      83             : /**
      84             :  * basic test for doing a session reconnect
      85             :  */
      86          12 : bool test_session_reconnect1(struct torture_context *tctx, struct smb2_tree *tree)
      87             : {
      88           2 :         NTSTATUS status;
      89          12 :         TALLOC_CTX *mem_ctx = talloc_new(tctx);
      90           2 :         char fname[256];
      91           2 :         struct smb2_handle _h1;
      92          12 :         struct smb2_handle *h1 = NULL;
      93           2 :         struct smb2_handle _h2;
      94          12 :         struct smb2_handle *h2 = NULL;
      95           2 :         struct smb2_create io1, io2;
      96           2 :         uint64_t previous_session_id;
      97          12 :         bool ret = true;
      98          12 :         struct smb2_tree *tree2 = NULL;
      99           2 :         union smb_fileinfo qfinfo;
     100             : 
     101             :         /* Add some random component to the file name. */
     102          12 :         snprintf(fname, sizeof(fname), "session_reconnect_%s.dat",
     103             :                  generate_random_str(tctx, 8));
     104             : 
     105          12 :         smb2_util_unlink(tree, fname);
     106             : 
     107          12 :         smb2_oplock_create_share(&io1, fname,
     108             :                                  smb2_util_share_access(""),
     109          12 :                                  smb2_util_oplock_level("b"));
     110             : 
     111          12 :         status = smb2_create(tree, mem_ctx, &io1);
     112          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     113             :                                         "smb2_create failed");
     114          12 :         _h1 = io1.out.file.handle;
     115          12 :         h1 = &_h1;
     116          12 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
     117          12 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
     118             :                                         smb2_util_oplock_level("b"),
     119             :                                         "oplock_level incorrect");
     120             : 
     121             :         /* disconnect, reconnect and then do durable reopen */
     122          12 :         previous_session_id = smb2cli_session_current_id(tree->session->smbXcli);
     123             : 
     124          12 :         torture_assert_goto(tctx, torture_smb2_connection_ext(tctx, previous_session_id,
     125             :                             &tree->session->transport->options, &tree2),
     126             :                             ret, done,
     127             :                             "session reconnect failed\n");
     128             : 
     129             :         /* try to access the file via the old handle */
     130             : 
     131          12 :         ZERO_STRUCT(qfinfo);
     132          12 :         qfinfo.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
     133          12 :         qfinfo.generic.in.file.handle = _h1;
     134          12 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     135          12 :         torture_assert_ntstatus_equal_goto(tctx, status,
     136             :                                            NT_STATUS_USER_SESSION_DELETED,
     137             :                                            ret, done, "smb2_getinfo_file "
     138             :                                            "returned unexpected status");
     139          10 :         h1 = NULL;
     140             : 
     141          10 :         smb2_oplock_create_share(&io2, fname,
     142             :                                  smb2_util_share_access(""),
     143          10 :                                  smb2_util_oplock_level("b"));
     144             : 
     145          10 :         status = smb2_create(tree2, mem_ctx, &io2);
     146          10 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     147             :                                         "smb2_create failed");
     148             : 
     149          10 :         CHECK_CREATED(tctx, &io2, EXISTED, FILE_ATTRIBUTE_ARCHIVE);
     150          10 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
     151             :                                         smb2_util_oplock_level("b"),
     152             :                                         "oplock_level incorrect");
     153          10 :         _h2 = io2.out.file.handle;
     154          10 :         h2 = &_h2;
     155             : 
     156          12 : done:
     157          12 :         if (h1 != NULL) {
     158           2 :                 smb2_util_close(tree, *h1);
     159             :         }
     160          12 :         if (h2 != NULL) {
     161          10 :                 smb2_util_close(tree2, *h2);
     162             :         }
     163             : 
     164          12 :         if (tree2 != NULL) {
     165          12 :                 smb2_util_unlink(tree2, fname);
     166             :         }
     167          12 :         smb2_util_unlink(tree, fname);
     168             : 
     169          12 :         talloc_free(tree);
     170          12 :         talloc_free(tree2);
     171             : 
     172          12 :         talloc_free(mem_ctx);
     173             : 
     174          12 :         return ret;
     175             : }
     176             : 
     177             : /**
     178             :  * basic test for doing a session reconnect on one connection
     179             :  */
     180          12 : bool test_session_reconnect2(struct torture_context *tctx, struct smb2_tree *tree)
     181             : {
     182           2 :         NTSTATUS status;
     183          12 :         TALLOC_CTX *mem_ctx = talloc_new(tctx);
     184           2 :         char fname[256];
     185           2 :         struct smb2_handle _h1;
     186          12 :         struct smb2_handle *h1 = NULL;
     187           2 :         struct smb2_create io1;
     188           2 :         uint64_t previous_session_id;
     189          12 :         bool ret = true;
     190          12 :         struct smb2_session *session2 = NULL;
     191           2 :         union smb_fileinfo qfinfo;
     192             : 
     193             :         /* Add some random component to the file name. */
     194          12 :         snprintf(fname, sizeof(fname), "session_reconnect_%s.dat",
     195             :                  generate_random_str(tctx, 8));
     196             : 
     197          12 :         smb2_util_unlink(tree, fname);
     198             : 
     199          12 :         smb2_oplock_create_share(&io1, fname,
     200             :                                  smb2_util_share_access(""),
     201          12 :                                  smb2_util_oplock_level("b"));
     202          12 :         io1.in.create_options |= NTCREATEX_OPTIONS_DELETE_ON_CLOSE;
     203             : 
     204          12 :         status = smb2_create(tree, mem_ctx, &io1);
     205          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     206             :                                         "smb2_create failed");
     207          12 :         _h1 = io1.out.file.handle;
     208          12 :         h1 = &_h1;
     209          12 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
     210          12 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
     211             :                                         smb2_util_oplock_level("b"),
     212             :                                         "oplock_level incorrect");
     213             : 
     214             :         /* disconnect, reconnect and then do durable reopen */
     215          12 :         previous_session_id = smb2cli_session_current_id(tree->session->smbXcli);
     216             : 
     217          12 :         torture_assert(tctx, torture_smb2_session_setup(tctx, tree->session->transport,
     218             :                                 previous_session_id, tctx, &session2),
     219             :                                 "session reconnect (on the same connection) failed");
     220             : 
     221             :         /* try to access the file via the old handle */
     222             : 
     223          12 :         ZERO_STRUCT(qfinfo);
     224          12 :         qfinfo.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
     225          12 :         qfinfo.generic.in.file.handle = _h1;
     226          12 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     227          12 :         torture_assert_ntstatus_equal_goto(tctx, status,
     228             :                                            NT_STATUS_USER_SESSION_DELETED,
     229             :                                            ret, done, "smb2_getinfo_file "
     230             :                                            "returned unexpected status");
     231           8 :         h1 = NULL;
     232             : 
     233          10 : done:
     234          10 :         if (h1 != NULL) {
     235           2 :                 smb2_util_close(tree, *h1);
     236             :         }
     237             : 
     238          12 :         talloc_free(tree);
     239          12 :         talloc_free(session2);
     240             : 
     241          12 :         talloc_free(mem_ctx);
     242             : 
     243          12 :         return ret;
     244             : }
     245             : 
     246          12 : bool test_session_reauth1(struct torture_context *tctx, struct smb2_tree *tree)
     247             : {
     248           2 :         NTSTATUS status;
     249          12 :         TALLOC_CTX *mem_ctx = talloc_new(tctx);
     250           2 :         char fname[256];
     251           2 :         struct smb2_handle _h1;
     252          12 :         struct smb2_handle *h1 = NULL;
     253           2 :         struct smb2_create io1;
     254          12 :         bool ret = true;
     255           2 :         union smb_fileinfo qfinfo;
     256             : 
     257             :         /* Add some random component to the file name. */
     258          12 :         snprintf(fname, sizeof(fname), "session_reauth1_%s.dat",
     259             :                  generate_random_str(tctx, 8));
     260             : 
     261          12 :         smb2_util_unlink(tree, fname);
     262             : 
     263          12 :         smb2_oplock_create_share(&io1, fname,
     264             :                                  smb2_util_share_access(""),
     265          12 :                                  smb2_util_oplock_level("b"));
     266             : 
     267          12 :         status = smb2_create(tree, mem_ctx, &io1);
     268          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     269             :                                         "smb2_create failed");
     270          12 :         _h1 = io1.out.file.handle;
     271          12 :         h1 = &_h1;
     272          12 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
     273          12 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
     274             :                                         smb2_util_oplock_level("b"),
     275             :                                         "oplock_level incorrect");
     276             : 
     277          12 :         status = smb2_session_setup_spnego(tree->session,
     278             :                                            samba_cmdline_get_creds(),
     279             :                                            0 /* previous_session_id */);
     280          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     281             :                                         "smb2_session_setup_spnego failed");
     282             : 
     283             :         /* try to access the file via the old handle */
     284             : 
     285          12 :         ZERO_STRUCT(qfinfo);
     286          12 :         qfinfo.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
     287          12 :         qfinfo.generic.in.file.handle = _h1;
     288          12 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     289          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     290             :                                         "smb2_getinfo_file failed");
     291             : 
     292          12 :         status = smb2_session_setup_spnego(tree->session,
     293             :                                            samba_cmdline_get_creds(),
     294             :                                            0 /* previous_session_id */);
     295          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     296             :                                         "smb2_session_setup_spnego failed");
     297             : 
     298             :         /* try to access the file via the old handle */
     299             : 
     300          12 :         ZERO_STRUCT(qfinfo);
     301          12 :         qfinfo.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
     302          12 :         qfinfo.generic.in.file.handle = _h1;
     303          12 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     304          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     305             :                                         "smb2_getinfo_file failed");
     306             : 
     307          12 : done:
     308          10 :         if (h1 != NULL) {
     309          12 :                 smb2_util_close(tree, *h1);
     310             :         }
     311             : 
     312          12 :         smb2_util_unlink(tree, fname);
     313             : 
     314          12 :         talloc_free(tree);
     315             : 
     316          12 :         talloc_free(mem_ctx);
     317             : 
     318          12 :         return ret;
     319             : }
     320             : 
     321          12 : bool test_session_reauth2(struct torture_context *tctx, struct smb2_tree *tree)
     322             : {
     323           2 :         NTSTATUS status;
     324          12 :         TALLOC_CTX *mem_ctx = talloc_new(tctx);
     325           2 :         char fname[256];
     326           2 :         struct smb2_handle _h1;
     327          12 :         struct smb2_handle *h1 = NULL;
     328           2 :         struct smb2_create io1;
     329          12 :         bool ret = true;
     330           2 :         union smb_fileinfo qfinfo;
     331          12 :         struct cli_credentials *anon_creds = NULL;
     332             : 
     333             :         /* Add some random component to the file name. */
     334          12 :         snprintf(fname, sizeof(fname), "session_reauth2_%s.dat",
     335             :                  generate_random_str(tctx, 8));
     336             : 
     337          12 :         smb2_util_unlink(tree, fname);
     338             : 
     339          12 :         smb2_oplock_create_share(&io1, fname,
     340             :                                  smb2_util_share_access(""),
     341          12 :                                  smb2_util_oplock_level("b"));
     342             : 
     343          12 :         status = smb2_create(tree, mem_ctx, &io1);
     344          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     345             :                                         "smb2_create failed");
     346          12 :         _h1 = io1.out.file.handle;
     347          12 :         h1 = &_h1;
     348          12 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
     349          12 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
     350             :                                         smb2_util_oplock_level("b"),
     351             :                                         "oplock_level incorrect");
     352             : 
     353             :         /* re-authenticate as anonymous */
     354             : 
     355          12 :         anon_creds = cli_credentials_init_anon(mem_ctx);
     356          12 :         torture_assert(tctx, (anon_creds != NULL), "talloc error");
     357             : 
     358          12 :         status = smb2_session_setup_spnego(tree->session,
     359             :                                            anon_creds,
     360             :                                            0 /* previous_session_id */);
     361          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     362             :                                         "smb2_session_setup_spnego failed");
     363             : 
     364             :         /* try to access the file via the old handle */
     365             : 
     366          12 :         ZERO_STRUCT(qfinfo);
     367          12 :         qfinfo.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
     368          12 :         qfinfo.generic.in.file.handle = _h1;
     369          12 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     370          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     371             :                                         "smb2_getinfo_file failed");
     372             : 
     373             :         /* re-authenticate as original user again */
     374             : 
     375          12 :         status = smb2_session_setup_spnego(tree->session,
     376             :                                            samba_cmdline_get_creds(),
     377             :                                            0 /* previous_session_id */);
     378          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     379             :                                         "smb2_session_setup_spnego failed");
     380             : 
     381             :         /* try to access the file via the old handle */
     382             : 
     383          12 :         ZERO_STRUCT(qfinfo);
     384          12 :         qfinfo.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
     385          12 :         qfinfo.generic.in.file.handle = _h1;
     386          12 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     387          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     388             :                                         "smb2_getinfo_file failed");
     389             : 
     390          12 : done:
     391          10 :         if (h1 != NULL) {
     392          12 :                 smb2_util_close(tree, *h1);
     393             :         }
     394             : 
     395          12 :         smb2_util_unlink(tree, fname);
     396             : 
     397          12 :         talloc_free(tree);
     398             : 
     399          12 :         talloc_free(mem_ctx);
     400             : 
     401          12 :         return ret;
     402             : }
     403             : 
     404             : /**
     405             :  * test getting security descriptor after reauth
     406             :  */
     407          12 : bool test_session_reauth3(struct torture_context *tctx, struct smb2_tree *tree)
     408             : {
     409           2 :         NTSTATUS status;
     410          12 :         TALLOC_CTX *mem_ctx = talloc_new(tctx);
     411           2 :         char fname[256];
     412           2 :         struct smb2_handle _h1;
     413          12 :         struct smb2_handle *h1 = NULL;
     414           2 :         struct smb2_create io1;
     415          12 :         bool ret = true;
     416           2 :         union smb_fileinfo qfinfo;
     417          12 :         struct cli_credentials *anon_creds = NULL;
     418          12 :         uint32_t secinfo_flags = SECINFO_OWNER
     419             :                                 | SECINFO_GROUP
     420             :                                 | SECINFO_DACL
     421             :                                 | SECINFO_PROTECTED_DACL
     422             :                                 | SECINFO_UNPROTECTED_DACL;
     423             : 
     424             :         /* Add some random component to the file name. */
     425          12 :         snprintf(fname, sizeof(fname), "session_reauth3_%s.dat",
     426             :                  generate_random_str(tctx, 8));
     427             : 
     428          12 :         smb2_util_unlink(tree, fname);
     429             : 
     430          12 :         smb2_oplock_create_share(&io1, fname,
     431             :                                  smb2_util_share_access(""),
     432          12 :                                  smb2_util_oplock_level("b"));
     433             : 
     434          12 :         status = smb2_create(tree, mem_ctx, &io1);
     435          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     436             :                                         "smb2_create failed");
     437          12 :         _h1 = io1.out.file.handle;
     438          12 :         h1 = &_h1;
     439          12 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
     440          12 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
     441             :                                         smb2_util_oplock_level("b"),
     442             :                                         "oplock_level incorrect");
     443             : 
     444             :         /* get the security descriptor */
     445             : 
     446          12 :         ZERO_STRUCT(qfinfo);
     447             : 
     448          12 :         qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     449          12 :         qfinfo.query_secdesc.in.file.handle = _h1;
     450          12 :         qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
     451             : 
     452          12 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     453          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     454             :                                         "smb2_getinfo_file failed");
     455             : 
     456             :         /* re-authenticate as anonymous */
     457             : 
     458          12 :         anon_creds = cli_credentials_init_anon(mem_ctx);
     459          12 :         torture_assert(tctx, (anon_creds != NULL), "talloc error");
     460             : 
     461          12 :         status = smb2_session_setup_spnego(tree->session,
     462             :                                            anon_creds,
     463             :                                            0 /* previous_session_id */);
     464          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     465             :                                         "smb2_session_setup_spnego failed");
     466             : 
     467             :         /* try to access the file via the old handle */
     468             : 
     469          12 :         ZERO_STRUCT(qfinfo);
     470             : 
     471          12 :         qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     472          12 :         qfinfo.query_secdesc.in.file.handle = _h1;
     473          12 :         qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
     474             : 
     475          12 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     476          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     477             :                                         "smb2_getinfo_file failed");
     478             : 
     479             :         /* re-authenticate as original user again */
     480             : 
     481          12 :         status = smb2_session_setup_spnego(tree->session,
     482             :                                            samba_cmdline_get_creds(),
     483             :                                            0 /* previous_session_id */);
     484          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     485             :                                         "smb2_session_setup_spnego failed");
     486             : 
     487             :         /* try to access the file via the old handle */
     488             : 
     489          12 :         ZERO_STRUCT(qfinfo);
     490             : 
     491          12 :         qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     492          12 :         qfinfo.query_secdesc.in.file.handle = _h1;
     493          12 :         qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
     494             : 
     495          12 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     496          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     497             :                                         "smb2_getinfo_file failed");
     498             : 
     499          12 : done:
     500          10 :         if (h1 != NULL) {
     501          12 :                 smb2_util_close(tree, *h1);
     502             :         }
     503             : 
     504          12 :         smb2_util_unlink(tree, fname);
     505             : 
     506          12 :         talloc_free(tree);
     507             : 
     508          12 :         talloc_free(mem_ctx);
     509             : 
     510          12 :         return ret;
     511             : }
     512             : 
     513             : /**
     514             :  * test setting security descriptor after reauth.
     515             :  */
     516          12 : bool test_session_reauth4(struct torture_context *tctx, struct smb2_tree *tree)
     517             : {
     518           2 :         NTSTATUS status;
     519          12 :         TALLOC_CTX *mem_ctx = talloc_new(tctx);
     520           2 :         char fname[256];
     521           2 :         struct smb2_handle _h1;
     522          12 :         struct smb2_handle *h1 = NULL;
     523           2 :         struct smb2_create io1;
     524          12 :         bool ret = true;
     525           2 :         union smb_fileinfo qfinfo;
     526           2 :         union smb_setfileinfo sfinfo;
     527          12 :         struct cli_credentials *anon_creds = NULL;
     528          12 :         uint32_t secinfo_flags = SECINFO_OWNER
     529             :                                 | SECINFO_GROUP
     530             :                                 | SECINFO_DACL
     531             :                                 | SECINFO_PROTECTED_DACL
     532             :                                 | SECINFO_UNPROTECTED_DACL;
     533           2 :         struct security_descriptor *sd1;
     534           2 :         struct security_ace ace;
     535           2 :         struct dom_sid *extra_sid;
     536             : 
     537             :         /* Add some random component to the file name. */
     538          12 :         snprintf(fname, sizeof(fname), "session_reauth4_%s.dat",
     539             :                  generate_random_str(tctx, 8));
     540             : 
     541          12 :         smb2_util_unlink(tree, fname);
     542             : 
     543          12 :         smb2_oplock_create_share(&io1, fname,
     544             :                                  smb2_util_share_access(""),
     545          12 :                                  smb2_util_oplock_level("b"));
     546             : 
     547          12 :         status = smb2_create(tree, mem_ctx, &io1);
     548          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     549             :                                         "smb2_create failed");
     550          12 :         _h1 = io1.out.file.handle;
     551          12 :         h1 = &_h1;
     552          12 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
     553          12 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
     554             :                                         smb2_util_oplock_level("b"),
     555             :                                         "oplock_level incorrect");
     556             : 
     557             :         /* get the security descriptor */
     558             : 
     559          12 :         ZERO_STRUCT(qfinfo);
     560             : 
     561          12 :         qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     562          12 :         qfinfo.query_secdesc.in.file.handle = _h1;
     563          12 :         qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
     564             : 
     565          12 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     566          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     567             :                                         "smb2_getinfo_file failed");
     568             : 
     569          12 :         sd1 = qfinfo.query_secdesc.out.sd;
     570             : 
     571             :         /* re-authenticate as anonymous */
     572             : 
     573          12 :         anon_creds = cli_credentials_init_anon(mem_ctx);
     574          12 :         torture_assert(tctx, (anon_creds != NULL), "talloc error");
     575             : 
     576          12 :         status = smb2_session_setup_spnego(tree->session,
     577             :                                            anon_creds,
     578             :                                            0 /* previous_session_id */);
     579          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     580             :                                         "smb2_session_setup_spnego failed");
     581             : 
     582             :         /* give full access on the file to anonymous */
     583             : 
     584          12 :         extra_sid = dom_sid_parse_talloc(tctx, SID_NT_ANONYMOUS);
     585             : 
     586          12 :         ZERO_STRUCT(ace);
     587          12 :         ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
     588          12 :         ace.flags = 0;
     589          12 :         ace.access_mask = SEC_STD_ALL | SEC_FILE_ALL;
     590          12 :         ace.trustee = *extra_sid;
     591             : 
     592          12 :         status = security_descriptor_dacl_add(sd1, &ace);
     593          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     594             :                                         "security_descriptor_dacl_add failed");
     595             : 
     596          12 :         ZERO_STRUCT(sfinfo);
     597          12 :         sfinfo.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
     598          12 :         sfinfo.set_secdesc.in.file.handle = _h1;
     599          12 :         sfinfo.set_secdesc.in.secinfo_flags = SECINFO_DACL;
     600          12 :         sfinfo.set_secdesc.in.sd = sd1;
     601             : 
     602          12 :         status = smb2_setinfo_file(tree, &sfinfo);
     603          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     604             :                                         "smb2_setinfo_file failed");
     605             : 
     606             :         /* re-authenticate as original user again */
     607             : 
     608          12 :         status = smb2_session_setup_spnego(tree->session,
     609             :                                            samba_cmdline_get_creds(),
     610             :                                            0 /* previous_session_id */);
     611          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     612             :                                         "smb2_session_setup_spnego failed");
     613             : 
     614             :         /* re-get the security descriptor */
     615             : 
     616          12 :         ZERO_STRUCT(qfinfo);
     617             : 
     618          12 :         qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     619          12 :         qfinfo.query_secdesc.in.file.handle = _h1;
     620          12 :         qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
     621             : 
     622          12 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     623          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     624             :                                         "smb2_getinfo_file failed");
     625             : 
     626          10 :         ret = true;
     627             : 
     628          12 : done:
     629          10 :         if (h1 != NULL) {
     630          12 :                 smb2_util_close(tree, *h1);
     631             :         }
     632             : 
     633          12 :         smb2_util_unlink(tree, fname);
     634             : 
     635          12 :         talloc_free(tree);
     636             : 
     637          12 :         talloc_free(mem_ctx);
     638             : 
     639          12 :         return ret;
     640             : }
     641             : 
     642             : /**
     643             :  * test renaming after reauth.
     644             :  * compare security descriptors before and after rename/reauth
     645             :  */
     646          12 : bool test_session_reauth5(struct torture_context *tctx, struct smb2_tree *tree)
     647             : {
     648           2 :         NTSTATUS status;
     649          12 :         TALLOC_CTX *mem_ctx = talloc_new(tctx);
     650           2 :         char dname[128];
     651           2 :         char fname[256];
     652           2 :         char fname2[256];
     653           2 :         struct smb2_handle _dh1;
     654          12 :         struct smb2_handle *dh1 = NULL;
     655           2 :         struct smb2_handle _h1;
     656          12 :         struct smb2_handle *h1 = NULL;
     657           2 :         struct smb2_create io1;
     658          12 :         bool ret = true;
     659           2 :         bool ok;
     660           2 :         union smb_fileinfo qfinfo;
     661           2 :         union smb_setfileinfo sfinfo;
     662          12 :         struct cli_credentials *anon_creds = NULL;
     663          12 :         uint32_t secinfo_flags = SECINFO_OWNER
     664             :                                 | SECINFO_GROUP
     665             :                                 | SECINFO_DACL
     666             :                                 | SECINFO_PROTECTED_DACL
     667             :                                 | SECINFO_UNPROTECTED_DACL;
     668           2 :         struct security_descriptor *f_sd1;
     669          12 :         struct security_descriptor *d_sd1 = NULL;
     670           2 :         struct security_ace ace;
     671           2 :         struct dom_sid *extra_sid;
     672             : 
     673             :         /* Add some random component to the file name. */
     674          12 :         snprintf(dname, sizeof(dname), "session_reauth5_%s.d",
     675             :                  generate_random_str(tctx, 8));
     676          12 :         snprintf(fname, sizeof(fname), "%s\\file.dat", dname);
     677             : 
     678          12 :         ok = smb2_util_setup_dir(tctx, tree, dname);
     679          12 :         torture_assert(tctx, ok, "smb2_util_setup_dir not ok");
     680             : 
     681          12 :         status = torture_smb2_testdir(tree, dname, &_dh1);
     682          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     683             :                                         "torture_smb2_testdir failed");
     684          12 :         dh1 = &_dh1;
     685             : 
     686          12 :         smb2_oplock_create_share(&io1, fname,
     687             :                                  smb2_util_share_access(""),
     688          12 :                                  smb2_util_oplock_level("b"));
     689             : 
     690          12 :         status = smb2_create(tree, mem_ctx, &io1);
     691          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     692             :                                         "smb2_create failed");
     693          12 :         _h1 = io1.out.file.handle;
     694          12 :         h1 = &_h1;
     695          12 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
     696          12 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
     697             :                                         smb2_util_oplock_level("b"),
     698             :                                         "oplock_level incorrect");
     699             : 
     700             :         /* get the security descriptor */
     701             : 
     702          12 :         ZERO_STRUCT(qfinfo);
     703             : 
     704          12 :         qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     705          12 :         qfinfo.query_secdesc.in.file.handle = _h1;
     706          12 :         qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
     707             : 
     708          12 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     709          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     710             :                                         "smb2_getinfo_file failed");
     711             : 
     712          12 :         f_sd1 = qfinfo.query_secdesc.out.sd;
     713             : 
     714             :         /* re-authenticate as anonymous */
     715             : 
     716          12 :         anon_creds = cli_credentials_init_anon(mem_ctx);
     717          12 :         torture_assert(tctx, (anon_creds != NULL), "talloc error");
     718             : 
     719          12 :         status = smb2_session_setup_spnego(tree->session,
     720             :                                            anon_creds,
     721             :                                            0 /* previous_session_id */);
     722          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     723             :                                         "smb2_session_setup_spnego failed");
     724             : 
     725             :         /* try to rename the file: fails */
     726             : 
     727          12 :         snprintf(fname2, sizeof(fname2), "%s\\file2.dat", dname);
     728             : 
     729          12 :         status = smb2_util_unlink(tree, fname2);
     730          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     731             :                                         "smb2_util_unlink failed");
     732             : 
     733             : 
     734           0 :         ZERO_STRUCT(sfinfo);
     735           0 :         sfinfo.rename_information.level = RAW_SFILEINFO_RENAME_INFORMATION;
     736           0 :         sfinfo.rename_information.in.file.handle = _h1;
     737           0 :         sfinfo.rename_information.in.overwrite = true;
     738           0 :         sfinfo.rename_information.in.new_name = fname2;
     739             : 
     740           0 :         status = smb2_setinfo_file(tree, &sfinfo);
     741           0 :         torture_assert_ntstatus_equal_goto(tctx, status,
     742             :                                            NT_STATUS_ACCESS_DENIED,
     743             :                                            ret, done, "smb2_setinfo_file "
     744             :                                            "returned unexpected status");
     745             : 
     746             :         /* re-authenticate as original user again */
     747             : 
     748           0 :         status = smb2_session_setup_spnego(tree->session,
     749             :                                            samba_cmdline_get_creds(),
     750             :                                            0 /* previous_session_id */);
     751           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     752             :                                         "smb2_session_setup_spnego failed");
     753             : 
     754             :         /* give full access on the file to anonymous */
     755             : 
     756           0 :         extra_sid = dom_sid_parse_talloc(tctx, SID_NT_ANONYMOUS);
     757             : 
     758           0 :         ZERO_STRUCT(ace);
     759           0 :         ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
     760           0 :         ace.flags = 0;
     761           0 :         ace.access_mask = SEC_RIGHTS_FILE_ALL;
     762           0 :         ace.trustee = *extra_sid;
     763             : 
     764           0 :         status = security_descriptor_dacl_add(f_sd1, &ace);
     765           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     766             :                                         "security_descriptor_dacl_add failed");
     767             : 
     768           0 :         ZERO_STRUCT(sfinfo);
     769           0 :         sfinfo.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
     770           0 :         sfinfo.set_secdesc.in.file.handle = _h1;
     771           0 :         sfinfo.set_secdesc.in.secinfo_flags = secinfo_flags;
     772           0 :         sfinfo.set_secdesc.in.sd = f_sd1;
     773             : 
     774           0 :         status = smb2_setinfo_file(tree, &sfinfo);
     775           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     776             :                                         "smb2_setinfo_file failed");
     777             : 
     778             :         /* re-get the security descriptor */
     779             : 
     780           0 :         ZERO_STRUCT(qfinfo);
     781             : 
     782           0 :         qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     783           0 :         qfinfo.query_secdesc.in.file.handle = _h1;
     784           0 :         qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
     785             : 
     786           0 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     787           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     788             :                                         "smb2_getinfo_file failed");
     789             : 
     790             :         /* re-authenticate as anonymous - again */
     791             : 
     792           0 :         anon_creds = cli_credentials_init_anon(mem_ctx);
     793           0 :         torture_assert(tctx, (anon_creds != NULL), "talloc error");
     794             : 
     795           0 :         status = smb2_session_setup_spnego(tree->session,
     796             :                                            anon_creds,
     797             :                                            0 /* previous_session_id */);
     798           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     799             :                                         "smb2_session_setup_spnego failed");
     800             : 
     801             :         /* try to rename the file: fails */
     802             : 
     803           0 :         ZERO_STRUCT(sfinfo);
     804           0 :         sfinfo.rename_information.level = RAW_SFILEINFO_RENAME_INFORMATION;
     805           0 :         sfinfo.rename_information.in.file.handle = _h1;
     806           0 :         sfinfo.rename_information.in.overwrite = true;
     807           0 :         sfinfo.rename_information.in.new_name = fname2;
     808             : 
     809           0 :         status = smb2_setinfo_file(tree, &sfinfo);
     810           0 :         torture_assert_ntstatus_equal_goto(tctx, status,
     811             :                                            NT_STATUS_ACCESS_DENIED,
     812             :                                            ret, done, "smb2_setinfo_file "
     813             :                                            "returned unexpected status");
     814             : 
     815             :         /* give full access on the parent dir to anonymous */
     816             : 
     817           0 :         ZERO_STRUCT(qfinfo);
     818             : 
     819           0 :         qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     820           0 :         qfinfo.query_secdesc.in.file.handle = _dh1;
     821           0 :         qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
     822             : 
     823           0 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     824           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     825             :                                         "smb2_getinfo_file failed");
     826             : 
     827           0 :         d_sd1 = qfinfo.query_secdesc.out.sd;
     828             : 
     829           0 :         ZERO_STRUCT(ace);
     830           0 :         ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
     831           0 :         ace.flags = 0;
     832           0 :         ace.access_mask = SEC_RIGHTS_FILE_ALL;
     833           0 :         ace.trustee = *extra_sid;
     834             : 
     835           0 :         status = security_descriptor_dacl_add(d_sd1, &ace);
     836           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     837             :                                         "security_descriptor_dacl_add failed");
     838             : 
     839           0 :         ZERO_STRUCT(sfinfo);
     840           0 :         sfinfo.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
     841           0 :         sfinfo.set_secdesc.in.file.handle = _dh1;
     842           0 :         sfinfo.set_secdesc.in.secinfo_flags = secinfo_flags;
     843           0 :         sfinfo.set_secdesc.in.secinfo_flags = SECINFO_DACL;
     844           0 :         sfinfo.set_secdesc.in.sd = d_sd1;
     845             : 
     846           0 :         status = smb2_setinfo_file(tree, &sfinfo);
     847           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     848             :                                         "smb2_setinfo_file failed");
     849             : 
     850           0 :         ZERO_STRUCT(qfinfo);
     851             : 
     852           0 :         qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     853           0 :         qfinfo.query_secdesc.in.file.handle = _dh1;
     854           0 :         qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
     855             : 
     856           0 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     857           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     858             :                                         "smb2_getinfo_file failed");
     859             : 
     860           0 :         status = smb2_util_close(tree, _dh1);
     861           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     862             :                                         "smb2_util_close failed");
     863           0 :         dh1 = NULL;
     864             : 
     865             :         /* try to rename the file: still fails */
     866             : 
     867           0 :         ZERO_STRUCT(sfinfo);
     868           0 :         sfinfo.rename_information.level = RAW_SFILEINFO_RENAME_INFORMATION;
     869           0 :         sfinfo.rename_information.in.file.handle = _h1;
     870           0 :         sfinfo.rename_information.in.overwrite = true;
     871           0 :         sfinfo.rename_information.in.new_name = fname2;
     872             : 
     873           0 :         status = smb2_setinfo_file(tree, &sfinfo);
     874           0 :         torture_assert_ntstatus_equal_goto(tctx, status,
     875             :                                         NT_STATUS_ACCESS_DENIED,
     876             :                                         ret, done, "smb2_setinfo_file "
     877             :                                         "returned unexpected status");
     878             : 
     879             :         /* re-authenticate as original user - again */
     880             : 
     881           0 :         status = smb2_session_setup_spnego(tree->session,
     882             :                                            samba_cmdline_get_creds(),
     883             :                                            0 /* previous_session_id */);
     884           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     885             :                                         "smb2_session_setup_spnego failed");
     886             : 
     887             :         /* rename the file - for verification that it works */
     888             : 
     889           0 :         ZERO_STRUCT(sfinfo);
     890           0 :         sfinfo.rename_information.level = RAW_SFILEINFO_RENAME_INFORMATION;
     891           0 :         sfinfo.rename_information.in.file.handle = _h1;
     892           0 :         sfinfo.rename_information.in.overwrite = true;
     893           0 :         sfinfo.rename_information.in.new_name = fname2;
     894             : 
     895           0 :         status = smb2_setinfo_file(tree, &sfinfo);
     896           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     897             :                                         "smb2_setinfo_file failed");
     898             : 
     899             :         /* closs the file, check it is gone and reopen under the new name */
     900             : 
     901           0 :         status = smb2_util_close(tree, _h1);
     902           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     903             :                                         "smb2_util_close failed");
     904           0 :         ZERO_STRUCT(io1);
     905             : 
     906           0 :         smb2_generic_create_share(&io1,
     907             :                                   NULL /* lease */, false /* dir */,
     908             :                                   fname,
     909             :                                   NTCREATEX_DISP_OPEN,
     910             :                                   smb2_util_share_access(""),
     911           0 :                                   smb2_util_oplock_level("b"),
     912             :                                   0 /* leasekey */, 0 /* leasestate */);
     913             : 
     914           0 :         status = smb2_create(tree, mem_ctx, &io1);
     915           0 :         torture_assert_ntstatus_equal_goto(tctx, status,
     916             :                                         NT_STATUS_OBJECT_NAME_NOT_FOUND,
     917             :                                         ret, done, "smb2_create "
     918             :                                         "returned unexpected status");
     919             : 
     920           0 :         ZERO_STRUCT(io1);
     921             : 
     922           0 :         smb2_generic_create_share(&io1,
     923             :                                   NULL /* lease */, false /* dir */,
     924             :                                   fname2,
     925             :                                   NTCREATEX_DISP_OPEN,
     926             :                                   smb2_util_share_access(""),
     927           0 :                                   smb2_util_oplock_level("b"),
     928             :                                   0 /* leasekey */, 0 /* leasestate */);
     929             : 
     930           0 :         status = smb2_create(tree, mem_ctx, &io1);
     931           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     932             :                                         "smb2_create failed");
     933           0 :         _h1 = io1.out.file.handle;
     934           0 :         h1 = &_h1;
     935           0 :         CHECK_CREATED(tctx, &io1, EXISTED, FILE_ATTRIBUTE_ARCHIVE);
     936           0 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
     937             :                                         smb2_util_oplock_level("b"),
     938             :                                         "oplock_level incorrect");
     939             : 
     940             :         /* try to access the file via the old handle */
     941             : 
     942           0 :         ZERO_STRUCT(qfinfo);
     943             : 
     944           0 :         qfinfo.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     945           0 :         qfinfo.query_secdesc.in.file.handle = _h1;
     946           0 :         qfinfo.query_secdesc.in.secinfo_flags = secinfo_flags;
     947             : 
     948           0 :         status = smb2_getinfo_file(tree, mem_ctx, &qfinfo);
     949           0 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
     950             :                                         "smb2_getinfo_file failed");
     951             : 
     952          12 : done:
     953          12 :         if (dh1 != NULL) {
     954          12 :                 smb2_util_close(tree, *dh1);
     955             :         }
     956          12 :         if (h1 != NULL) {
     957          12 :                 smb2_util_close(tree, *h1);
     958             :         }
     959             : 
     960          12 :         smb2_deltree(tree, dname);
     961             : 
     962          12 :         talloc_free(tree);
     963             : 
     964          12 :         talloc_free(mem_ctx);
     965             : 
     966          12 :         return ret;
     967             : }
     968             : 
     969             : /**
     970             :  * do reauth with wrong credentials,
     971             :  * hence triggering the error path in reauth.
     972             :  * The invalid reauth deletes the session.
     973             :  */
     974          12 : bool test_session_reauth6(struct torture_context *tctx, struct smb2_tree *tree)
     975             : {
     976           2 :         NTSTATUS status;
     977          12 :         TALLOC_CTX *mem_ctx = talloc_new(tctx);
     978           2 :         char fname[256];
     979           2 :         struct smb2_handle _h1;
     980          12 :         struct smb2_handle *h1 = NULL;
     981           2 :         struct smb2_create io1;
     982          12 :         bool ret = true;
     983           2 :         char *corrupted_password;
     984           2 :         struct cli_credentials *broken_creds;
     985           2 :         bool ok;
     986           2 :         bool encrypted;
     987           2 :         NTSTATUS expected;
     988           2 :         enum credentials_use_kerberos krb_state;
     989             : 
     990          12 :         krb_state = cli_credentials_get_kerberos_state(
     991             :                         samba_cmdline_get_creds());
     992          12 :         if (krb_state == CRED_USE_KERBEROS_REQUIRED) {
     993           5 :                 torture_skip(tctx,
     994             :                              "Can't test failing session setup with kerberos.");
     995             :         }
     996             : 
     997           7 :         encrypted = smb2cli_tcon_is_encryption_on(tree->smbXcli);
     998             : 
     999             :         /* Add some random component to the file name. */
    1000           7 :         snprintf(fname, sizeof(fname), "session_reauth1_%s.dat",
    1001             :                  generate_random_str(tctx, 8));
    1002             : 
    1003           7 :         smb2_util_unlink(tree, fname);
    1004             : 
    1005           7 :         smb2_oplock_create_share(&io1, fname,
    1006             :                                  smb2_util_share_access(""),
    1007           7 :                                  smb2_util_oplock_level("b"));
    1008           7 :         io1.in.create_options |= NTCREATEX_OPTIONS_DELETE_ON_CLOSE;
    1009             : 
    1010           7 :         status = smb2_create(tree, mem_ctx, &io1);
    1011           7 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1012             :                                         "smb2_create failed");
    1013           7 :         _h1 = io1.out.file.handle;
    1014           7 :         h1 = &_h1;
    1015           7 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
    1016           7 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
    1017             :                                         smb2_util_oplock_level("b"),
    1018             :                                         "oplock_level incorrect");
    1019             : 
    1020             :         /*
    1021             :          * reauthentication with invalid credentials:
    1022             :          */
    1023             : 
    1024           7 :         broken_creds = cli_credentials_shallow_copy(mem_ctx,
    1025             :                                             samba_cmdline_get_creds());
    1026           7 :         torture_assert(tctx, (broken_creds != NULL), "talloc error");
    1027             : 
    1028           7 :         corrupted_password = talloc_asprintf(mem_ctx, "%s%s",
    1029             :                                 cli_credentials_get_password(broken_creds),
    1030             :                                 "corrupt");
    1031           7 :         torture_assert(tctx, (corrupted_password != NULL), "talloc error");
    1032             : 
    1033           7 :         ok = cli_credentials_set_password(broken_creds, corrupted_password,
    1034             :                                           CRED_SPECIFIED);
    1035           7 :         torture_assert(tctx, ok, "cli_credentials_set_password not ok");
    1036             : 
    1037           7 :         status = smb2_session_setup_spnego(tree->session,
    1038             :                                            broken_creds,
    1039             :                                            0 /* previous_session_id */);
    1040           7 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1041             :                                         NT_STATUS_LOGON_FAILURE, ret, done,
    1042             :                                         "smb2_session_setup_spnego "
    1043             :                                         "returned unexpected status");
    1044             : 
    1045           7 :         torture_comment(tctx, "did failed reauth\n");
    1046             :         /*
    1047             :          * now verify that the invalid session reauth has closed our session
    1048             :          */
    1049             : 
    1050           7 :         if (encrypted) {
    1051           2 :                 expected = NT_STATUS_CONNECTION_DISCONNECTED;
    1052             :         } else {
    1053           5 :                 expected = NT_STATUS_USER_SESSION_DELETED;
    1054             :         }
    1055             : 
    1056           7 :         smb2_oplock_create_share(&io1, fname,
    1057             :                                  smb2_util_share_access(""),
    1058           7 :                                  smb2_util_oplock_level("b"));
    1059             : 
    1060           7 :         status = smb2_create(tree, mem_ctx, &io1);
    1061           7 :         torture_assert_ntstatus_equal_goto(tctx, status, expected,
    1062             :                                         ret, done, "smb2_create "
    1063             :                                         "returned unexpected status");
    1064             : 
    1065           7 : done:
    1066           6 :         if (h1 != NULL) {
    1067           7 :                 smb2_util_close(tree, *h1);
    1068             :         }
    1069             : 
    1070           7 :         smb2_util_unlink(tree, fname);
    1071             : 
    1072           7 :         talloc_free(tree);
    1073             : 
    1074           7 :         talloc_free(mem_ctx);
    1075             : 
    1076           7 :         return ret;
    1077             : }
    1078             : 
    1079             : 
    1080          36 : static bool test_session_expire1i(struct torture_context *tctx,
    1081             :                                   bool force_signing,
    1082             :                                   bool force_encryption)
    1083             : {
    1084           6 :         NTSTATUS status;
    1085          36 :         bool ret = false;
    1086           6 :         struct smbcli_options options;
    1087          36 :         const char *host = torture_setting_string(tctx, "host", NULL);
    1088          36 :         const char *share = torture_setting_string(tctx, "share", NULL);
    1089          36 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    1090          36 :         struct smb2_tree *tree = NULL;
    1091           6 :         enum credentials_use_kerberos use_kerberos;
    1092           6 :         char fname[256];
    1093           6 :         struct smb2_handle _h1;
    1094          36 :         struct smb2_handle *h1 = NULL;
    1095           6 :         struct smb2_create io1;
    1096           6 :         union smb_fileinfo qfinfo;
    1097           6 :         size_t i;
    1098           6 :         struct timeval endtime;
    1099          36 :         bool ticket_expired = false;
    1100             : 
    1101          36 :         use_kerberos = cli_credentials_get_kerberos_state(credentials);
    1102          36 :         if (use_kerberos != CRED_USE_KERBEROS_REQUIRED) {
    1103          21 :                 torture_warning(tctx,
    1104             :                                 "smb2.session.expire1 requires "
    1105             :                                 "--use-kerberos=required!");
    1106          21 :                 torture_skip(tctx,
    1107             :                              "smb2.session.expire1 requires "
    1108             :                              "--use-kerberos=required!");
    1109             :         }
    1110             : 
    1111          15 :         torture_assert_int_equal(tctx,
    1112             :                                  use_kerberos,
    1113             :                                  CRED_USE_KERBEROS_REQUIRED,
    1114             :                                  "please use --use-kerberos=required");
    1115             : 
    1116          15 :         cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED);
    1117             : 
    1118          15 :         lpcfg_set_option(
    1119             :                 tctx->lp_ctx,
    1120             :                 GENSEC_GSSAPI_REQUESTED_LIFETIME(KRB5_TICKET_LIFETIME));
    1121             : 
    1122          15 :         lpcfg_smbcli_options(tctx->lp_ctx, &options);
    1123          15 :         if (force_signing) {
    1124          10 :                 options.signing = SMB_SIGNING_REQUIRED;
    1125             :         }
    1126             : 
    1127          15 :         status = smb2_connect(tctx,
    1128             :                               host,
    1129             :                               lpcfg_smb_ports(tctx->lp_ctx),
    1130             :                               share,
    1131             :                               lpcfg_resolve_context(tctx->lp_ctx),
    1132             :                               credentials,
    1133             :                               &tree,
    1134             :                               tctx->ev,
    1135             :                               &options,
    1136             :                               lpcfg_socket_options(tctx->lp_ctx),
    1137             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx)
    1138             :                               );
    1139             :         /*
    1140             :          * We request a ticket lifetime of KRB5_TICKET_LIFETIME seconds.
    1141             :          * Give the server at least KRB5_TICKET_LIFETIME + KRB5_CLOCKSKEW + a
    1142             :          * few more milliseconds for this to kick in.
    1143             :          */
    1144          15 :         endtime = timeval_current_ofs(KRB5_TICKET_EXPIRETIME, 500 * 1000);
    1145          15 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1146             :                                         "smb2_connect failed");
    1147             : 
    1148          15 :         if (force_encryption) {
    1149           5 :                 status = smb2cli_session_encryption_on(tree->session->smbXcli);
    1150           5 :                 torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1151             :                                         "smb2cli_session_encryption_on failed");
    1152             :         }
    1153             : 
    1154             :         /* Add some random component to the file name. */
    1155          15 :         snprintf(fname, sizeof(fname), "session_expire1_%s.dat",
    1156             :                  generate_random_str(tctx, 8));
    1157             : 
    1158          15 :         smb2_util_unlink(tree, fname);
    1159             : 
    1160          15 :         smb2_oplock_create_share(&io1, fname,
    1161             :                                  smb2_util_share_access(""),
    1162          15 :                                  smb2_util_oplock_level("b"));
    1163          15 :         io1.in.create_options |= NTCREATEX_OPTIONS_DELETE_ON_CLOSE;
    1164             : 
    1165          15 :         status = smb2_create(tree, tctx, &io1);
    1166          15 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1167             :                                         "smb2_create failed");
    1168          15 :         _h1 = io1.out.file.handle;
    1169          15 :         h1 = &_h1;
    1170          15 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
    1171          15 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
    1172             :                                         smb2_util_oplock_level("b"),
    1173             :                                         "oplock_level incorrect");
    1174             : 
    1175             :         /* get the security descriptor */
    1176             : 
    1177          15 :         ZERO_STRUCT(qfinfo);
    1178             : 
    1179          15 :         qfinfo.access_information.level = RAW_FILEINFO_ACCESS_INFORMATION;
    1180          15 :         qfinfo.access_information.in.file.handle = _h1;
    1181             : 
    1182          45 :         for (i=0; i < 2; i++) {
    1183          30 :                 torture_comment(tctx, "%s: query info => OK\n",
    1184             :                                 current_timestring(tctx, true));
    1185             : 
    1186          30 :                 ZERO_STRUCT(qfinfo.access_information.out);
    1187          30 :                 status = smb2_getinfo_file(tree, tctx, &qfinfo);
    1188          30 :                 torture_comment(tctx, "%s: %s:%s: after smb2_getinfo_file() => %s\n",
    1189             :                         current_timestring(tctx, true),
    1190             :                         __location__, __func__,
    1191             :                         nt_errstr(status));
    1192          30 :                 torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1193             :                                                 "smb2_getinfo_file failed");
    1194             : 
    1195          30 :                 sleep_remaining(tctx, &endtime);
    1196             : 
    1197          30 :                 torture_comment(tctx, "%s: query info => EXPIRED\n",
    1198             :                                 current_timestring(tctx, true));
    1199          30 :                 ZERO_STRUCT(qfinfo.access_information.out);
    1200          30 :                 status = smb2_getinfo_file(tree, tctx, &qfinfo);
    1201          30 :                 torture_comment(tctx, "%s: %s:%s: after smb2_getinfo_file() => %s\n",
    1202             :                         current_timestring(tctx, true),
    1203             :                         __location__, __func__,
    1204             :                         nt_errstr(status));
    1205          30 :                 torture_assert_ntstatus_equal_goto(tctx, status,
    1206             :                                         NT_STATUS_NETWORK_SESSION_EXPIRED,
    1207             :                                         ret, done, "smb2_getinfo_file "
    1208             :                                         "returned unexpected status");
    1209             : 
    1210             :                 /*
    1211             :                  * the krb5 library may not handle expired creds
    1212             :                  * well, lets start with an empty ccache.
    1213             :                  */
    1214          30 :                 cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED);
    1215             : 
    1216          30 :                 if (!force_encryption) {
    1217          20 :                         smb2cli_session_require_signed_response(
    1218          20 :                                 tree->session->smbXcli, true);
    1219             :                 }
    1220             : 
    1221          30 :                 torture_comment(tctx, "%s: reauth => OK\n",
    1222             :                                 current_timestring(tctx, true));
    1223          30 :                 status = smb2_session_setup_spnego(tree->session,
    1224             :                                                    credentials,
    1225             :                                                    0 /* previous_session_id */);
    1226             :                 /*
    1227             :                  * We request a ticket lifetime of KRB5_TICKET_LIFETIME seconds.
    1228             :                  * Give the server at least KRB5_TICKET_LIFETIME +
    1229             :                  * KRB5_CLOCKSKEW + a few more milliseconds for this to kick in.
    1230             :                  */
    1231          30 :                 endtime = timeval_current_ofs(KRB5_TICKET_EXPIRETIME,
    1232             :                                               500 * 1000);
    1233          30 :                 torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1234             :                                         "smb2_session_setup_spnego failed");
    1235             : 
    1236          30 :                 smb2cli_session_require_signed_response(
    1237          30 :                         tree->session->smbXcli, false);
    1238             :         }
    1239             : 
    1240          15 :         ticket_expired = timeval_expired(&endtime);
    1241          15 :         if (ticket_expired) {
    1242           0 :                 struct timeval current = timeval_current();
    1243           0 :                 double remaining_secs = timeval_elapsed2(&current, &endtime);
    1244           0 :                 remaining_secs = remaining_secs < 0.0 ? remaining_secs * -1.0
    1245           0 :                                                       : remaining_secs;
    1246           0 :                 torture_warning(
    1247             :                         tctx,
    1248             :                         "The ticket already expired %.2f seconds ago. "
    1249             :                         "You might want to increase KRB5_TICKET_LIFETIME.",
    1250             :                         remaining_secs);
    1251             :         }
    1252          15 :         torture_assert(tctx,
    1253             :                        ticket_expired == false,
    1254             :                        "The kerberos ticket already expired");
    1255          15 :         ZERO_STRUCT(qfinfo.access_information.out);
    1256          15 :         torture_comment(tctx, "%s: %s:%s: before smb2_getinfo_file()\n",
    1257             :                         current_timestring(tctx, true),
    1258             :                         __location__, __func__);
    1259          15 :         status = smb2_getinfo_file(tree, tctx, &qfinfo);
    1260          15 :         torture_comment(tctx, "%s: %s:%s: after smb2_getinfo_file() => %s\n",
    1261             :                         current_timestring(tctx, true),
    1262             :                         __location__, __func__,
    1263             :                         nt_errstr(status));
    1264          15 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1265             :                                         "smb2_getinfo_file failed");
    1266             : 
    1267          12 :         ret = true;
    1268          15 : done:
    1269          15 :         cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED);
    1270             : 
    1271          15 :         if (h1 != NULL) {
    1272          15 :                 smb2_util_close(tree, *h1);
    1273             :         }
    1274             : 
    1275          15 :         talloc_free(tree);
    1276          15 :         lpcfg_set_option(tctx->lp_ctx, GENSEC_GSSAPI_REQUESTED_LIFETIME(0));
    1277          15 :         return ret;
    1278             : }
    1279             : 
    1280          12 : static bool test_session_expire1n(struct torture_context *tctx)
    1281             : {
    1282          12 :         return test_session_expire1i(tctx,
    1283             :                                      false,   /* force_signing */
    1284             :                                      false); /* force_encryption */
    1285             : }
    1286             : 
    1287          12 : static bool test_session_expire1s(struct torture_context *tctx)
    1288             : {
    1289          12 :         return test_session_expire1i(tctx,
    1290             :                                      true,   /* force_signing */
    1291             :                                      false); /* force_encryption */
    1292             : }
    1293             : 
    1294          12 : static bool test_session_expire1e(struct torture_context *tctx)
    1295             : {
    1296          12 :         return test_session_expire1i(tctx,
    1297             :                                      true,   /* force_signing */
    1298             :                                      true); /* force_encryption */
    1299             : }
    1300             : 
    1301          24 : static bool test_session_expire2i(struct torture_context *tctx,
    1302             :                                   bool force_encryption)
    1303             : {
    1304           4 :         NTSTATUS status;
    1305          24 :         bool ret = false;
    1306           4 :         struct smbcli_options options;
    1307          24 :         const char *host = torture_setting_string(tctx, "host", NULL);
    1308          24 :         const char *share = torture_setting_string(tctx, "share", NULL);
    1309          24 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    1310          24 :         struct smb2_tree *tree = NULL;
    1311          24 :         const char *unc = NULL;
    1312          24 :         struct smb2_tree *tree2 = NULL;
    1313          24 :         struct tevent_req *subreq = NULL;
    1314           4 :         uint32_t timeout_msec;
    1315           4 :         enum credentials_use_kerberos use_kerberos;
    1316           4 :         uint32_t caps;
    1317           4 :         char fname[256];
    1318           4 :         struct smb2_handle dh;
    1319           4 :         struct smb2_handle dh2;
    1320           4 :         struct smb2_handle _h1;
    1321          24 :         struct smb2_handle *h1 = NULL;
    1322           4 :         struct smb2_create io1;
    1323           4 :         union smb_fileinfo qfinfo;
    1324           4 :         union smb_setfileinfo sfinfo;
    1325           4 :         struct smb2_flush flsh;
    1326           4 :         struct smb2_read rd;
    1327          24 :         const uint8_t wd = 0;
    1328           4 :         struct smb2_lock lck;
    1329           4 :         struct smb2_lock_element el;
    1330           4 :         struct smb2_ioctl ctl;
    1331           4 :         struct smb2_break oack;
    1332           4 :         struct smb2_lease_break_ack lack;
    1333           4 :         struct smb2_find fnd;
    1334          24 :         union smb_search_data *d = NULL;
    1335           4 :         unsigned int count;
    1336          24 :         struct smb2_request *req = NULL;
    1337           4 :         struct smb2_notify ntf1;
    1338           4 :         struct smb2_notify ntf2;
    1339           4 :         struct timeval endtime;
    1340             : 
    1341          24 :         use_kerberos = cli_credentials_get_kerberos_state(credentials);
    1342          24 :         if (use_kerberos != CRED_USE_KERBEROS_REQUIRED) {
    1343          14 :                 torture_warning(tctx,
    1344             :                                 "smb2.session.expire1 requires "
    1345             :                                 "--use-kerberos=required!");
    1346          14 :                 torture_skip(tctx,
    1347             :                              "smb2.session.expire1 requires "
    1348             :                              "--use-kerberos=required!");
    1349             :         }
    1350             : 
    1351          10 :         torture_assert_int_equal(tctx,
    1352             :                                  use_kerberos,
    1353             :                                  CRED_USE_KERBEROS_REQUIRED,
    1354             :                                  "please use --use-kerberos=required");
    1355             : 
    1356          10 :         cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED);
    1357             : 
    1358          10 :         lpcfg_set_option(
    1359             :                 tctx->lp_ctx,
    1360             :                 GENSEC_GSSAPI_REQUESTED_LIFETIME(KRB5_TICKET_LIFETIME));
    1361             : 
    1362          10 :         lpcfg_smbcli_options(tctx->lp_ctx, &options);
    1363          10 :         options.signing = SMB_SIGNING_REQUIRED;
    1364             : 
    1365          10 :         unc = talloc_asprintf(tctx, "\\\\%s\\%s", host, share);
    1366          10 :         torture_assert(tctx, unc != NULL, "talloc_asprintf");
    1367             : 
    1368          10 :         status = smb2_connect(tctx,
    1369             :                               host,
    1370             :                               lpcfg_smb_ports(tctx->lp_ctx),
    1371             :                               share,
    1372             :                               lpcfg_resolve_context(tctx->lp_ctx),
    1373             :                               credentials,
    1374             :                               &tree,
    1375             :                               tctx->ev,
    1376             :                               &options,
    1377             :                               lpcfg_socket_options(tctx->lp_ctx),
    1378             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx)
    1379             :                               );
    1380             :         /*
    1381             :          * We request a ticket lifetime of KRB5_TICKET_LIFETIME seconds.
    1382             :          * Give the server at least KRB5_TICKET_LIFETIME + KRB5_CLOCKSKEW + a
    1383             :          * few more milliseconds for this to kick in.
    1384             :          */
    1385          10 :         endtime = timeval_current_ofs(KRB5_TICKET_EXPIRETIME, 500 * 1000);
    1386          10 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1387             :                                         "smb2_connect failed");
    1388             : 
    1389          10 :         if (force_encryption) {
    1390           5 :                 status = smb2cli_session_encryption_on(tree->session->smbXcli);
    1391           5 :                 torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1392             :                                         "smb2cli_session_encryption_on failed");
    1393             :         }
    1394             : 
    1395          10 :         caps = smb2cli_conn_server_capabilities(tree->session->transport->conn);
    1396             : 
    1397             :         /* Add some random component to the file name. */
    1398          10 :         snprintf(fname, sizeof(fname), "session_expire2_%s.dat",
    1399             :                  generate_random_str(tctx, 8));
    1400             : 
    1401          10 :         smb2_util_unlink(tree, fname);
    1402             : 
    1403          10 :         status = smb2_util_roothandle(tree, &dh);
    1404          10 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1405             :                                         "smb2_util_roothandle failed");
    1406             : 
    1407          10 :         smb2_oplock_create_share(&io1, fname,
    1408             :                                  smb2_util_share_access(""),
    1409          10 :                                  smb2_util_oplock_level("b"));
    1410          10 :         io1.in.create_options |= NTCREATEX_OPTIONS_DELETE_ON_CLOSE;
    1411             : 
    1412          10 :         status = smb2_create(tree, tctx, &io1);
    1413          10 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1414             :                                         "smb2_create failed");
    1415          10 :         _h1 = io1.out.file.handle;
    1416          10 :         h1 = &_h1;
    1417          10 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
    1418          10 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
    1419             :                                         smb2_util_oplock_level("b"),
    1420             :                                         "oplock_level incorrect");
    1421             : 
    1422             :         /* get the security descriptor */
    1423             : 
    1424          10 :         ZERO_STRUCT(qfinfo);
    1425             : 
    1426          10 :         qfinfo.access_information.level = RAW_FILEINFO_ACCESS_INFORMATION;
    1427          10 :         qfinfo.access_information.in.file.handle = _h1;
    1428             : 
    1429          10 :         torture_comment(tctx, "query info => OK\n");
    1430             : 
    1431          10 :         ZERO_STRUCT(qfinfo.access_information.out);
    1432          10 :         status = smb2_getinfo_file(tree, tctx, &qfinfo);
    1433          10 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1434             :                                         "smb2_getinfo_file failed");
    1435             : 
    1436          10 :         torture_comment(tctx, "lock => OK\n");
    1437          10 :         ZERO_STRUCT(lck);
    1438          10 :         lck.in.locks            = &el;
    1439          10 :         lck.in.lock_count       = 0x0001;
    1440          10 :         lck.in.lock_sequence    = 0x00000000;
    1441          10 :         lck.in.file.handle      = *h1;
    1442          10 :         ZERO_STRUCT(el);
    1443          10 :         el.flags                = SMB2_LOCK_FLAG_EXCLUSIVE |
    1444             :                                   SMB2_LOCK_FLAG_FAIL_IMMEDIATELY;
    1445          10 :         el.offset               = 0x0000000000000000;
    1446          10 :         el.length               = 0x0000000000000001;
    1447          10 :         status = smb2_lock(tree, &lck);
    1448          10 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1449             :                                         "smb2_lock lock failed");
    1450             : 
    1451          10 :         torture_comment(tctx, "1st notify => PENDING\n");
    1452          10 :         ZERO_STRUCT(ntf1);
    1453          10 :         ntf1.in.file.handle     = dh;
    1454          10 :         ntf1.in.recursive       = 0x0000;
    1455          10 :         ntf1.in.buffer_size     = 128;
    1456          10 :         ntf1.in.completion_filter= FILE_NOTIFY_CHANGE_ATTRIBUTES;
    1457          10 :         ntf1.in.unknown         = 0x00000000;
    1458          10 :         req = smb2_notify_send(tree, &ntf1);
    1459             : 
    1460          50 :         while (!req->cancel.can_cancel && req->state <= SMB2_REQUEST_RECV) {
    1461          40 :                 if (tevent_loop_once(tctx->ev) != 0) {
    1462           0 :                         break;
    1463             :                 }
    1464             :         }
    1465             : 
    1466          10 :         torture_assert_goto(tctx, req->state <= SMB2_REQUEST_RECV, ret, done,
    1467             :                             "smb2_notify finished");
    1468             : 
    1469          10 :         sleep_remaining(tctx, &endtime);
    1470             : 
    1471          10 :         torture_comment(tctx, "query info => EXPIRED\n");
    1472          10 :         ZERO_STRUCT(qfinfo.access_information.out);
    1473          10 :         status = smb2_getinfo_file(tree, tctx, &qfinfo);
    1474          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1475             :                                 NT_STATUS_NETWORK_SESSION_EXPIRED,
    1476             :                                 ret, done, "smb2_getinfo_file "
    1477             :                                 "returned unexpected status");
    1478             : 
    1479             : 
    1480          10 :         torture_comment(tctx, "set info => EXPIRED\n");
    1481          10 :         ZERO_STRUCT(sfinfo);
    1482          10 :         sfinfo.end_of_file_info.level = RAW_SFILEINFO_END_OF_FILE_INFORMATION;
    1483          10 :         sfinfo.end_of_file_info.in.file.handle = *h1;
    1484          10 :         sfinfo.end_of_file_info.in.size = 1;
    1485          10 :         status = smb2_setinfo_file(tree, &sfinfo);
    1486          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1487             :                                 NT_STATUS_NETWORK_SESSION_EXPIRED,
    1488             :                                 ret, done, "smb2_setinfo_file "
    1489             :                                 "returned unexpected status");
    1490             : 
    1491          10 :         torture_comment(tctx, "flush => EXPIRED\n");
    1492          10 :         ZERO_STRUCT(flsh);
    1493          10 :         flsh.in.file.handle = *h1;
    1494          10 :         status = smb2_flush(tree, &flsh);
    1495          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1496             :                                 NT_STATUS_NETWORK_SESSION_EXPIRED,
    1497             :                                 ret, done, "smb2_flush "
    1498             :                                 "returned unexpected status");
    1499             : 
    1500          10 :         torture_comment(tctx, "read => EXPIRED\n");
    1501          10 :         ZERO_STRUCT(rd);
    1502          10 :         rd.in.file.handle = *h1;
    1503          10 :         rd.in.length      = 5;
    1504          10 :         rd.in.offset      = 0;
    1505          10 :         status = smb2_read(tree, tctx, &rd);
    1506          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1507             :                                 NT_STATUS_NETWORK_SESSION_EXPIRED,
    1508             :                                 ret, done, "smb2_read "
    1509             :                                 "returned unexpected status");
    1510             : 
    1511          10 :         torture_comment(tctx, "write => EXPIRED\n");
    1512          10 :         status = smb2_util_write(tree, *h1, &wd, 0, 1);
    1513          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1514             :                                 NT_STATUS_NETWORK_SESSION_EXPIRED,
    1515             :                                 ret, done, "smb2_util_write "
    1516             :                                 "returned unexpected status");
    1517             : 
    1518          10 :         torture_comment(tctx, "ioctl => EXPIRED\n");
    1519          10 :         ZERO_STRUCT(ctl);
    1520          10 :         ctl.in.file.handle = *h1;
    1521          10 :         ctl.in.function = FSCTL_SRV_ENUM_SNAPS;
    1522          10 :         ctl.in.max_output_response = 16;
    1523          10 :         ctl.in.flags = SMB2_IOCTL_FLAG_IS_FSCTL;
    1524          10 :         status = smb2_ioctl(tree, tctx, &ctl);
    1525          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1526             :                                 NT_STATUS_NETWORK_SESSION_EXPIRED,
    1527             :                                 ret, done, "smb2_ioctl "
    1528             :                                 "returned unexpected status");
    1529             : 
    1530          10 :         torture_comment(tctx, "oplock ack => EXPIRED\n");
    1531          10 :         ZERO_STRUCT(oack);
    1532          10 :         oack.in.file.handle = *h1;
    1533          10 :         status = smb2_break(tree, &oack);
    1534          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1535             :                                 NT_STATUS_NETWORK_SESSION_EXPIRED,
    1536             :                                 ret, done, "smb2_break "
    1537             :                                 "returned unexpected status");
    1538             : 
    1539          10 :         if (caps & SMB2_CAP_LEASING) {
    1540           4 :                 torture_comment(tctx, "lease ack => EXPIRED\n");
    1541           4 :                 ZERO_STRUCT(lack);
    1542           4 :                 lack.in.lease.lease_version = 1;
    1543           4 :                 lack.in.lease.lease_key.data[0] = 1;
    1544           4 :                 lack.in.lease.lease_key.data[1] = 2;
    1545           4 :                 status = smb2_lease_break_ack(tree, &lack);
    1546           4 :                 torture_assert_ntstatus_equal_goto(tctx, status,
    1547             :                                         NT_STATUS_NETWORK_SESSION_EXPIRED,
    1548             :                                         ret, done, "smb2_break "
    1549             :                                         "returned unexpected status");
    1550             :         }
    1551             : 
    1552          10 :         torture_comment(tctx, "query directory => EXPIRED\n");
    1553          10 :         ZERO_STRUCT(fnd);
    1554          10 :         fnd.in.file.handle      = dh;
    1555          10 :         fnd.in.pattern          = "*";
    1556          10 :         fnd.in.continue_flags   = SMB2_CONTINUE_FLAG_SINGLE;
    1557          10 :         fnd.in.max_response_size= 0x100;
    1558          10 :         fnd.in.level            = SMB2_FIND_BOTH_DIRECTORY_INFO;
    1559          10 :         status = smb2_find_level(tree, tree, &fnd, &count, &d);
    1560          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1561             :                                 NT_STATUS_NETWORK_SESSION_EXPIRED,
    1562             :                                 ret, done, "smb2_find_level "
    1563             :                                 "returned unexpected status");
    1564             : 
    1565          10 :         torture_comment(tctx, "1st notify => CANCEL\n");
    1566          10 :         smb2_cancel(req);
    1567             : 
    1568          10 :         torture_comment(tctx, "2nd notify => EXPIRED\n");
    1569          10 :         ZERO_STRUCT(ntf2);
    1570          10 :         ntf2.in.file.handle     = dh;
    1571          10 :         ntf2.in.recursive       = 0x0000;
    1572          10 :         ntf2.in.buffer_size     = 128;
    1573          10 :         ntf2.in.completion_filter= FILE_NOTIFY_CHANGE_ATTRIBUTES;
    1574          10 :         ntf2.in.unknown         = 0x00000000;
    1575          10 :         status = smb2_notify(tree, tctx, &ntf2);
    1576          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1577             :                                 NT_STATUS_NETWORK_SESSION_EXPIRED,
    1578             :                                 ret, done, "smb2_notify "
    1579             :                                 "returned unexpected status");
    1580             : 
    1581          10 :         torture_assert_goto(tctx, req->state > SMB2_REQUEST_RECV, ret, done,
    1582             :                             "smb2_notify (1st) not finished");
    1583             : 
    1584          10 :         status = smb2_notify_recv(req, tctx, &ntf1);
    1585          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1586             :                                 NT_STATUS_CANCELLED,
    1587             :                                 ret, done, "smb2_notify cancelled"
    1588             :                                 "returned unexpected status");
    1589             : 
    1590          10 :         torture_comment(tctx, "tcon => EXPIRED\n");
    1591          10 :         tree2 = smb2_tree_init(tree->session, tctx, false);
    1592          10 :         torture_assert(tctx, tree2 != NULL, "smb2_tree_init");
    1593          10 :         timeout_msec = tree->session->transport->options.request_timeout * 1000;
    1594          12 :         subreq = smb2cli_tcon_send(tree2, tctx->ev,
    1595          10 :                                    tree2->session->transport->conn,
    1596             :                                    timeout_msec,
    1597          10 :                                    tree2->session->smbXcli,
    1598             :                                    tree2->smbXcli,
    1599             :                                    0, /* flags */
    1600             :                                    unc);
    1601          10 :         torture_assert(tctx, subreq != NULL, "smb2cli_tcon_send");
    1602          10 :         torture_assert(tctx,
    1603             :                        tevent_req_poll_ntstatus(subreq, tctx->ev, &status),
    1604             :                        "tevent_req_poll_ntstatus");
    1605          10 :         status = smb2cli_tcon_recv(subreq);
    1606          10 :         TALLOC_FREE(subreq);
    1607          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1608             :                                 NT_STATUS_NETWORK_SESSION_EXPIRED,
    1609             :                                 ret, done, "smb2cli_tcon"
    1610             :                                 "returned unexpected status");
    1611             : 
    1612          10 :         torture_comment(tctx, "create => EXPIRED\n");
    1613          10 :         status = smb2_util_roothandle(tree, &dh2);
    1614          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1615             :                                 NT_STATUS_NETWORK_SESSION_EXPIRED,
    1616             :                                 ret, done, "smb2_util_roothandle"
    1617             :                                 "returned unexpected status");
    1618             : 
    1619          10 :         torture_comment(tctx, "tdis => EXPIRED\n");
    1620          10 :         status = smb2_tdis(tree);
    1621          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1622             :                                 NT_STATUS_NETWORK_SESSION_EXPIRED,
    1623             :                                 ret, done, "smb2cli_tdis"
    1624             :                                 "returned unexpected status");
    1625             : 
    1626             :         /*
    1627             :          * (Un)Lock, Close and Logoff are still possible
    1628             :          */
    1629             : 
    1630          10 :         torture_comment(tctx, "1st unlock => OK\n");
    1631          10 :         el.flags                = SMB2_LOCK_FLAG_UNLOCK;
    1632          10 :         status = smb2_lock(tree, &lck);
    1633          10 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1634             :                                         "smb2_lock unlock failed");
    1635             : 
    1636          10 :         torture_comment(tctx, "2nd unlock => RANGE_NOT_LOCKED\n");
    1637          10 :         status = smb2_lock(tree, &lck);
    1638          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1639             :                                 NT_STATUS_RANGE_NOT_LOCKED,
    1640             :                                 ret, done, "smb2_lock 2nd unlock"
    1641             :                                 "returned unexpected status");
    1642             : 
    1643          10 :         torture_comment(tctx, "lock => EXPIRED\n");
    1644          10 :         el.flags                = SMB2_LOCK_FLAG_EXCLUSIVE |
    1645             :                                   SMB2_LOCK_FLAG_FAIL_IMMEDIATELY;
    1646          10 :         status = smb2_lock(tree, &lck);
    1647          10 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1648             :                                 NT_STATUS_NETWORK_SESSION_EXPIRED,
    1649             :                                 ret, done, "smb2_util_roothandle"
    1650             :                                 "returned unexpected status");
    1651             : 
    1652          10 :         torture_comment(tctx, "close => OK\n");
    1653          10 :         status = smb2_util_close(tree, *h1);
    1654          10 :         h1 = NULL;
    1655          10 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1656             :                                         "smb2_close failed");
    1657             : 
    1658          10 :         torture_comment(tctx, "echo without session => OK\n");
    1659          10 :         status = smb2_keepalive(tree->session->transport);
    1660          10 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1661             :                                         "smb2_keepalive without session failed");
    1662             : 
    1663          10 :         torture_comment(tctx, "echo with session => OK\n");
    1664          10 :         req = smb2_keepalive_send(tree->session->transport, tree->session);
    1665          10 :         status = smb2_keepalive_recv(req);
    1666          10 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1667             :                                         "smb2_keepalive with session failed");
    1668             : 
    1669          10 :         torture_comment(tctx, "logoff => OK\n");
    1670          10 :         status = smb2_logoff(tree->session);
    1671          10 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1672             :                                         "smb2_logoff failed");
    1673             : 
    1674           8 :         ret = true;
    1675          10 : done:
    1676          10 :         cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED);
    1677             : 
    1678          10 :         if (h1 != NULL) {
    1679           0 :                 smb2_util_close(tree, *h1);
    1680             :         }
    1681             : 
    1682          10 :         talloc_free(tree);
    1683          10 :         lpcfg_set_option(tctx->lp_ctx, GENSEC_GSSAPI_REQUESTED_LIFETIME(0));
    1684          10 :         return ret;
    1685             : }
    1686             : 
    1687          12 : static bool test_session_expire2s(struct torture_context *tctx)
    1688             : {
    1689          12 :         return test_session_expire2i(tctx,
    1690             :                                      false); /* force_encryption */
    1691             : }
    1692             : 
    1693          12 : static bool test_session_expire2e(struct torture_context *tctx)
    1694             : {
    1695          12 :         return test_session_expire2i(tctx,
    1696             :                                      true); /* force_encryption */
    1697             : }
    1698             : 
    1699          12 : static bool test_session_expire_disconnect(struct torture_context *tctx)
    1700             : {
    1701           2 :         NTSTATUS status;
    1702          12 :         bool ret = false;
    1703           2 :         struct smbcli_options options;
    1704          12 :         const char *host = torture_setting_string(tctx, "host", NULL);
    1705          12 :         const char *share = torture_setting_string(tctx, "share", NULL);
    1706          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    1707          12 :         struct smb2_tree *tree = NULL;
    1708           2 :         enum credentials_use_kerberos use_kerberos;
    1709           2 :         char fname[256];
    1710           2 :         struct smb2_handle _h1;
    1711          12 :         struct smb2_handle *h1 = NULL;
    1712           2 :         struct smb2_create io1;
    1713           2 :         union smb_fileinfo qfinfo;
    1714           2 :         bool connected;
    1715           2 :         struct timeval endtime;
    1716             : 
    1717          12 :         use_kerberos = cli_credentials_get_kerberos_state(credentials);
    1718          12 :         if (use_kerberos != CRED_USE_KERBEROS_REQUIRED) {
    1719           7 :                 torture_warning(tctx,
    1720             :                                 "smb2.session.expire1 requires "
    1721             :                                 "--use-kerberos=required!");
    1722           7 :                 torture_skip(tctx,
    1723             :                              "smb2.session.expire1 requires "
    1724             :                              "--use-kerberos=required!");
    1725             :         }
    1726             : 
    1727           5 :         cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED);
    1728             : 
    1729           5 :         lpcfg_set_option(
    1730             :                 tctx->lp_ctx,
    1731             :                 GENSEC_GSSAPI_REQUESTED_LIFETIME(KRB5_TICKET_LIFETIME));
    1732           5 :         lpcfg_smbcli_options(tctx->lp_ctx, &options);
    1733           5 :         options.signing = SMB_SIGNING_REQUIRED;
    1734             : 
    1735           5 :         status = smb2_connect(tctx,
    1736             :                               host,
    1737             :                               lpcfg_smb_ports(tctx->lp_ctx),
    1738             :                               share,
    1739             :                               lpcfg_resolve_context(tctx->lp_ctx),
    1740             :                               credentials,
    1741             :                               &tree,
    1742             :                               tctx->ev,
    1743             :                               &options,
    1744             :                               lpcfg_socket_options(tctx->lp_ctx),
    1745             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx)
    1746             :                               );
    1747             :         /*
    1748             :          * We request a ticket lifetime of KRB5_TICKET_LIFETIME seconds.
    1749             :          * Give the server at least KRB5_TICKET_LIFETIME + KRB5_CLOCKSKEW + a
    1750             :          * few more milliseconds for this to kick in.
    1751             :          */
    1752           5 :         endtime = timeval_current_ofs(KRB5_TICKET_EXPIRETIME, 500 * 1000);
    1753           5 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1754             :                                         "smb2_connect failed");
    1755             : 
    1756           5 :         smbXcli_session_set_disconnect_expired(tree->session->smbXcli);
    1757             : 
    1758             :         /* Add some random component to the file name. */
    1759           5 :         snprintf(fname, sizeof(fname), "session_expire1_%s.dat",
    1760             :                  generate_random_str(tctx, 8));
    1761             : 
    1762           5 :         smb2_util_unlink(tree, fname);
    1763             : 
    1764           5 :         smb2_oplock_create_share(&io1, fname,
    1765             :                                  smb2_util_share_access(""),
    1766           5 :                                  smb2_util_oplock_level("b"));
    1767           5 :         io1.in.create_options |= NTCREATEX_OPTIONS_DELETE_ON_CLOSE;
    1768             : 
    1769           5 :         status = smb2_create(tree, tctx, &io1);
    1770           5 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1771             :                                         "smb2_create failed");
    1772           5 :         _h1 = io1.out.file.handle;
    1773           5 :         h1 = &_h1;
    1774           5 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
    1775           5 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
    1776             :                                         smb2_util_oplock_level("b"),
    1777             :                                         "oplock_level incorrect");
    1778             : 
    1779             :         /* get the security descriptor */
    1780             : 
    1781           5 :         ZERO_STRUCT(qfinfo);
    1782             : 
    1783           5 :         qfinfo.access_information.level = RAW_FILEINFO_ACCESS_INFORMATION;
    1784           5 :         qfinfo.access_information.in.file.handle = _h1;
    1785             : 
    1786           5 :         torture_comment(tctx, "query info => OK\n");
    1787             : 
    1788           5 :         ZERO_STRUCT(qfinfo.access_information.out);
    1789           5 :         status = smb2_getinfo_file(tree, tctx, &qfinfo);
    1790           5 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1791             :                                         "smb2_getinfo_file failed");
    1792             : 
    1793           5 :         sleep_remaining(tctx, &endtime);
    1794             : 
    1795           5 :         torture_comment(tctx, "query info => EXPIRED\n");
    1796           5 :         ZERO_STRUCT(qfinfo.access_information.out);
    1797           5 :         status = smb2_getinfo_file(tree, tctx, &qfinfo);
    1798           5 :         torture_assert_ntstatus_equal_goto(tctx, status,
    1799             :                                            NT_STATUS_NETWORK_SESSION_EXPIRED,
    1800             :                                            ret, done, "smb2_getinfo_file "
    1801             :                                            "returned unexpected status");
    1802             : 
    1803           5 :         connected = smbXcli_conn_is_connected(tree->session->transport->conn);
    1804           5 :         torture_assert_goto(tctx, !connected, ret, done, "connected\n");
    1805             : 
    1806           4 :         ret = true;
    1807           5 : done:
    1808           5 :         cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED);
    1809             : 
    1810           5 :         if (h1 != NULL) {
    1811           5 :                 smb2_util_close(tree, *h1);
    1812             :         }
    1813             : 
    1814           5 :         talloc_free(tree);
    1815           5 :         lpcfg_set_option(tctx->lp_ctx, GENSEC_GSSAPI_REQUESTED_LIFETIME(0));
    1816           5 :         return ret;
    1817             : }
    1818             : 
    1819          12 : bool test_session_bind1(struct torture_context *tctx, struct smb2_tree *tree1)
    1820             : {
    1821          12 :         const char *host = torture_setting_string(tctx, "host", NULL);
    1822          12 :         const char *share = torture_setting_string(tctx, "share", NULL);
    1823          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    1824           2 :         NTSTATUS status;
    1825          12 :         TALLOC_CTX *mem_ctx = talloc_new(tctx);
    1826           2 :         char fname[256];
    1827           2 :         struct smb2_handle _h1;
    1828          12 :         struct smb2_handle *h1 = NULL;
    1829           2 :         struct smb2_create io1;
    1830           2 :         union smb_fileinfo qfinfo;
    1831          12 :         bool ret = false;
    1832          12 :         struct smb2_tree *tree2 = NULL;
    1833          12 :         struct smb2_transport *transport1 = tree1->session->transport;
    1834           2 :         struct smbcli_options options2;
    1835          12 :         struct smb2_transport *transport2 = NULL;
    1836          12 :         struct smb2_session *session1_1 = tree1->session;
    1837          12 :         struct smb2_session *session1_2 = NULL;
    1838          12 :         struct smb2_session *session2_1 = NULL;
    1839          12 :         struct smb2_session *session2_2 = NULL;
    1840           2 :         uint32_t caps;
    1841             : 
    1842          12 :         caps = smb2cli_conn_server_capabilities(transport1->conn);
    1843          12 :         if (!(caps & SMB2_CAP_MULTI_CHANNEL)) {
    1844           0 :                 torture_skip(tctx, "server doesn't support SMB2_CAP_MULTI_CHANNEL\n");
    1845             :         }
    1846             : 
    1847             :         /*
    1848             :          * We always want signing for this test!
    1849             :          */
    1850          12 :         smb2cli_tcon_should_sign(tree1->smbXcli, true);
    1851          12 :         options2 = transport1->options;
    1852          12 :         options2.signing = SMB_SIGNING_REQUIRED;
    1853             : 
    1854             :         /* Add some random component to the file name. */
    1855          12 :         snprintf(fname, sizeof(fname), "session_bind1_%s.dat",
    1856             :                  generate_random_str(tctx, 8));
    1857             : 
    1858          12 :         smb2_util_unlink(tree1, fname);
    1859             : 
    1860          12 :         smb2_oplock_create_share(&io1, fname,
    1861             :                                  smb2_util_share_access(""),
    1862          12 :                                  smb2_util_oplock_level("b"));
    1863             : 
    1864          12 :         status = smb2_create(tree1, mem_ctx, &io1);
    1865          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1866             :                                         "smb2_create failed");
    1867          12 :         _h1 = io1.out.file.handle;
    1868          12 :         h1 = &_h1;
    1869          12 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
    1870          12 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
    1871             :                                         smb2_util_oplock_level("b"),
    1872             :                                         "oplock_level incorrect");
    1873             : 
    1874          12 :         status = smb2_connect(tctx,
    1875             :                               host,
    1876             :                               lpcfg_smb_ports(tctx->lp_ctx),
    1877             :                               share,
    1878             :                               lpcfg_resolve_context(tctx->lp_ctx),
    1879             :                               credentials,
    1880             :                               &tree2,
    1881             :                               tctx->ev,
    1882             :                               &options2,
    1883             :                               lpcfg_socket_options(tctx->lp_ctx),
    1884             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx)
    1885             :                               );
    1886          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1887             :                                         "smb2_connect failed");
    1888          12 :         session2_2 = tree2->session;
    1889          12 :         transport2 = tree2->session->transport;
    1890             : 
    1891             :         /*
    1892             :          * Now bind the 2nd transport connection to the 1st session
    1893             :          */
    1894          12 :         session1_2 = smb2_session_channel(transport2,
    1895             :                                           lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    1896             :                                           tree2,
    1897             :                                           session1_1);
    1898          12 :         torture_assert(tctx, session1_2 != NULL, "smb2_session_channel failed");
    1899             : 
    1900          12 :         status = smb2_session_setup_spnego(session1_2,
    1901             :                                            samba_cmdline_get_creds(),
    1902             :                                            0 /* previous_session_id */);
    1903          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1904             :                                         "smb2_session_setup_spnego failed");
    1905             : 
    1906             :         /* use the 1st connection, 1st session */
    1907          12 :         ZERO_STRUCT(qfinfo);
    1908          12 :         qfinfo.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
    1909          12 :         qfinfo.generic.in.file.handle = _h1;
    1910          12 :         tree1->session = session1_1;
    1911          12 :         status = smb2_getinfo_file(tree1, mem_ctx, &qfinfo);
    1912          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1913             :                                         "smb2_getinfo_file failed");
    1914             : 
    1915             :         /* use the 2nd connection, 1st session */
    1916          12 :         ZERO_STRUCT(qfinfo);
    1917          12 :         qfinfo.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
    1918          12 :         qfinfo.generic.in.file.handle = _h1;
    1919          12 :         tree1->session = session1_2;
    1920          12 :         status = smb2_getinfo_file(tree1, mem_ctx, &qfinfo);
    1921          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1922             :                                         "smb2_getinfo_file failed");
    1923             : 
    1924          12 :         tree1->session = session1_1;
    1925          12 :         status = smb2_util_close(tree1, *h1);
    1926          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1927             :                                         "smb2_util_close failed");
    1928          12 :         h1 = NULL;
    1929             : 
    1930             :         /*
    1931             :          * Now bind the 1st transport connection to the 2nd session
    1932             :          */
    1933          12 :         session2_1 = smb2_session_channel(transport1,
    1934             :                                           lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    1935             :                                           tree1,
    1936             :                                           session2_2);
    1937          12 :         torture_assert(tctx, session2_1 != NULL, "smb2_session_channel failed");
    1938             : 
    1939          12 :         status = smb2_session_setup_spnego(session2_1,
    1940             :                                            samba_cmdline_get_creds(),
    1941             :                                            0 /* previous_session_id */);
    1942          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1943             :                                         "smb2_session_setup_spnego failed");
    1944             : 
    1945          12 :         tree2->session = session2_1;
    1946          12 :         status = smb2_util_unlink(tree2, fname);
    1947          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    1948             :                                         "smb2_util_unlink failed");
    1949          10 :         ret = true;
    1950          12 : done:
    1951          12 :         talloc_free(tree2);
    1952          12 :         tree1->session = session1_1;
    1953             : 
    1954          12 :         if (h1 != NULL) {
    1955           0 :                 smb2_util_close(tree1, *h1);
    1956             :         }
    1957             : 
    1958          12 :         smb2_util_unlink(tree1, fname);
    1959             : 
    1960          12 :         talloc_free(tree1);
    1961             : 
    1962          12 :         talloc_free(mem_ctx);
    1963             : 
    1964          12 :         return ret;
    1965             : }
    1966             : 
    1967          12 : static bool test_session_bind2(struct torture_context *tctx, struct smb2_tree *tree1)
    1968             : {
    1969          12 :         const char *host = torture_setting_string(tctx, "host", NULL);
    1970          12 :         const char *share = torture_setting_string(tctx, "share", NULL);
    1971          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    1972           2 :         NTSTATUS status;
    1973          12 :         TALLOC_CTX *mem_ctx = talloc_new(tctx);
    1974           2 :         char fname1[256];
    1975           2 :         char fname2[256];
    1976           2 :         struct smb2_handle _h1f1;
    1977          12 :         struct smb2_handle *h1f1 = NULL;
    1978           2 :         struct smb2_handle _h1f2;
    1979          12 :         struct smb2_handle *h1f2 = NULL;
    1980           2 :         struct smb2_handle _h2f2;
    1981          12 :         struct smb2_handle *h2f2 = NULL;
    1982           2 :         struct smb2_create io1f1;
    1983           2 :         struct smb2_create io1f2;
    1984           2 :         struct smb2_create io2f1;
    1985           2 :         struct smb2_create io2f2;
    1986           2 :         union smb_fileinfo qfinfo;
    1987          12 :         bool ret = false;
    1988          12 :         struct smb2_transport *transport1 = tree1->session->transport;
    1989           2 :         struct smbcli_options options2;
    1990          12 :         struct smb2_tree *tree2 = NULL;
    1991          12 :         struct smb2_transport *transport2 = NULL;
    1992           2 :         struct smbcli_options options3;
    1993          12 :         struct smb2_tree *tree3 = NULL;
    1994          12 :         struct smb2_transport *transport3 = NULL;
    1995          12 :         struct smb2_session *session1_1 = tree1->session;
    1996          12 :         struct smb2_session *session1_2 = NULL;
    1997          12 :         struct smb2_session *session1_3 = NULL;
    1998          12 :         struct smb2_session *session2_1 = NULL;
    1999          12 :         struct smb2_session *session2_2 = NULL;
    2000          12 :         struct smb2_session *session2_3 = NULL;
    2001           2 :         uint32_t caps;
    2002             : 
    2003          12 :         caps = smb2cli_conn_server_capabilities(transport1->conn);
    2004          12 :         if (!(caps & SMB2_CAP_MULTI_CHANNEL)) {
    2005           0 :                 torture_skip(tctx, "server doesn't support SMB2_CAP_MULTI_CHANNEL\n");
    2006             :         }
    2007             : 
    2008             :         /*
    2009             :          * We always want signing for this test!
    2010             :          */
    2011          12 :         smb2cli_tcon_should_sign(tree1->smbXcli, true);
    2012          12 :         options2 = transport1->options;
    2013          12 :         options2.signing = SMB_SIGNING_REQUIRED;
    2014             : 
    2015             :         /* Add some random component to the file name. */
    2016          12 :         snprintf(fname1, sizeof(fname1), "session_bind2_1_%s.dat",
    2017             :                  generate_random_str(tctx, 8));
    2018          12 :         snprintf(fname2, sizeof(fname2), "session_bind2_2_%s.dat",
    2019             :                  generate_random_str(tctx, 8));
    2020             : 
    2021          12 :         smb2_util_unlink(tree1, fname1);
    2022          12 :         smb2_util_unlink(tree1, fname2);
    2023             : 
    2024          12 :         smb2_oplock_create_share(&io1f1, fname1,
    2025             :                                  smb2_util_share_access(""),
    2026          12 :                                  smb2_util_oplock_level(""));
    2027          12 :         smb2_oplock_create_share(&io1f2, fname2,
    2028             :                                  smb2_util_share_access(""),
    2029          12 :                                  smb2_util_oplock_level(""));
    2030             : 
    2031          12 :         status = smb2_create(tree1, mem_ctx, &io1f1);
    2032          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2033             :                                         "smb2_create failed");
    2034          12 :         _h1f1 = io1f1.out.file.handle;
    2035          12 :         h1f1 = &_h1f1;
    2036          12 :         CHECK_CREATED(tctx, &io1f1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
    2037          12 :         torture_assert_int_equal(tctx, io1f1.out.oplock_level,
    2038             :                                         smb2_util_oplock_level(""),
    2039             :                                         "oplock_level incorrect");
    2040             : 
    2041          12 :         status = smb2_connect(tctx,
    2042             :                               host,
    2043             :                               lpcfg_smb_ports(tctx->lp_ctx),
    2044             :                               share,
    2045             :                               lpcfg_resolve_context(tctx->lp_ctx),
    2046             :                               credentials,
    2047             :                               &tree2,
    2048             :                               tctx->ev,
    2049             :                               &options2,
    2050             :                               lpcfg_socket_options(tctx->lp_ctx),
    2051             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx)
    2052             :                               );
    2053          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2054             :                                         "smb2_connect failed");
    2055          12 :         session2_2 = tree2->session;
    2056          12 :         transport2 = tree2->session->transport;
    2057          12 :         smb2cli_tcon_should_sign(tree2->smbXcli, true);
    2058             : 
    2059          12 :         smb2_oplock_create_share(&io2f1, fname1,
    2060             :                                  smb2_util_share_access(""),
    2061          12 :                                  smb2_util_oplock_level(""));
    2062          12 :         smb2_oplock_create_share(&io2f2, fname2,
    2063             :                                  smb2_util_share_access(""),
    2064          12 :                                  smb2_util_oplock_level(""));
    2065             : 
    2066          12 :         status = smb2_create(tree2, mem_ctx, &io2f2);
    2067          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2068             :                                         "smb2_create failed");
    2069          12 :         _h2f2 = io2f2.out.file.handle;
    2070          12 :         h2f2 = &_h2f2;
    2071          12 :         CHECK_CREATED(tctx, &io2f2, CREATED, FILE_ATTRIBUTE_ARCHIVE);
    2072          12 :         torture_assert_int_equal(tctx, io2f2.out.oplock_level,
    2073             :                                         smb2_util_oplock_level(""),
    2074             :                                         "oplock_level incorrect");
    2075             : 
    2076          12 :         options3 = transport1->options;
    2077          12 :         options3.signing = SMB_SIGNING_REQUIRED;
    2078          12 :         options3.only_negprot = true;
    2079             : 
    2080          12 :         status = smb2_connect(tctx,
    2081             :                               host,
    2082             :                               lpcfg_smb_ports(tctx->lp_ctx),
    2083             :                               share,
    2084             :                               lpcfg_resolve_context(tctx->lp_ctx),
    2085             :                               credentials,
    2086             :                               &tree3,
    2087             :                               tctx->ev,
    2088             :                               &options3,
    2089             :                               lpcfg_socket_options(tctx->lp_ctx),
    2090             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx)
    2091             :                               );
    2092          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2093             :                                         "smb2_connect failed");
    2094          12 :         transport3 = tree3->session->transport;
    2095             : 
    2096             :         /*
    2097             :          * Create a fake session for the 2nd transport connection to the 1st session
    2098             :          */
    2099          12 :         session1_2 = smb2_session_channel(transport2,
    2100             :                                           lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    2101             :                                           tree1,
    2102             :                                           session1_1);
    2103          12 :         torture_assert(tctx, session1_2 != NULL, "smb2_session_channel failed");
    2104             : 
    2105             :         /*
    2106             :          * Now bind the 3rd transport connection to the 1st session
    2107             :          */
    2108          12 :         session1_3 = smb2_session_channel(transport3,
    2109             :                                           lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    2110             :                                           tree1,
    2111             :                                           session1_1);
    2112          12 :         torture_assert(tctx, session1_3 != NULL, "smb2_session_channel failed");
    2113             : 
    2114          12 :         status = smb2_session_setup_spnego(session1_3,
    2115             :                                            credentials,
    2116             :                                            0 /* previous_session_id */);
    2117          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2118             :                                         "smb2_session_setup_spnego failed");
    2119             : 
    2120             :         /*
    2121             :          * Create a fake session for the 1st transport connection to the 2nd session
    2122             :          */
    2123          12 :         session2_1 = smb2_session_channel(transport1,
    2124             :                                           lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    2125             :                                           tree2,
    2126             :                                           session2_2);
    2127          12 :         torture_assert(tctx, session2_1 != NULL, "smb2_session_channel failed");
    2128             : 
    2129             :         /*
    2130             :          * Now bind the 3rd transport connection to the 2nd session
    2131             :          */
    2132          12 :         session2_3 = smb2_session_channel(transport3,
    2133             :                                           lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    2134             :                                           tree2,
    2135             :                                           session2_2);
    2136          12 :         torture_assert(tctx, session2_3 != NULL, "smb2_session_channel failed");
    2137             : 
    2138          12 :         status = smb2_session_setup_spnego(session2_3,
    2139             :                                            credentials,
    2140             :                                            0 /* previous_session_id */);
    2141          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2142             :                                         "smb2_session_setup_spnego failed");
    2143             : 
    2144          12 :         ZERO_STRUCT(qfinfo);
    2145          12 :         qfinfo.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
    2146          12 :         qfinfo.generic.in.file.handle = _h1f1;
    2147          12 :         tree1->session = session1_1;
    2148          12 :         status = smb2_getinfo_file(tree1, mem_ctx, &qfinfo);
    2149          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2150             :                                         "smb2_getinfo_file failed");
    2151          12 :         tree1->session = session1_2;
    2152          12 :         status = smb2_getinfo_file(tree1, mem_ctx, &qfinfo);
    2153          12 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_USER_SESSION_DELETED, ret, done,
    2154             :                                         "smb2_getinfo_file failed");
    2155          12 :         tree1->session = session1_3;
    2156          12 :         status = smb2_getinfo_file(tree1, mem_ctx, &qfinfo);
    2157          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2158             :                                         "smb2_getinfo_file failed");
    2159             : 
    2160          12 :         ZERO_STRUCT(qfinfo);
    2161          12 :         qfinfo.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
    2162          12 :         qfinfo.generic.in.file.handle = _h2f2;
    2163          12 :         tree2->session = session2_1;
    2164          12 :         status = smb2_getinfo_file(tree2, mem_ctx, &qfinfo);
    2165          12 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_USER_SESSION_DELETED, ret, done,
    2166             :                                         "smb2_getinfo_file failed");
    2167          12 :         tree2->session = session2_2;
    2168          12 :         status = smb2_getinfo_file(tree2, mem_ctx, &qfinfo);
    2169          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2170             :                                         "smb2_getinfo_file failed");
    2171          12 :         tree2->session = session2_3;
    2172          12 :         status = smb2_getinfo_file(tree2, mem_ctx, &qfinfo);
    2173          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2174             :                                         "smb2_getinfo_file failed");
    2175             : 
    2176          12 :         tree1->session = session1_1;
    2177          12 :         status = smb2_create(tree1, mem_ctx, &io1f2);
    2178          12 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_SHARING_VIOLATION, ret, done,
    2179             :                                         "smb2_create failed");
    2180          12 :         tree1->session = session1_2;
    2181          12 :         status = smb2_create(tree1, mem_ctx, &io1f2);
    2182          12 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_USER_SESSION_DELETED, ret, done,
    2183             :                                         "smb2_create failed");
    2184          12 :         tree1->session = session1_3;
    2185          12 :         status = smb2_create(tree1, mem_ctx, &io1f2);
    2186          12 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_SHARING_VIOLATION, ret, done,
    2187             :                                         "smb2_create failed");
    2188             : 
    2189          12 :         tree2->session = session2_1;
    2190          12 :         status = smb2_create(tree2, mem_ctx, &io2f1);
    2191          12 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_USER_SESSION_DELETED, ret, done,
    2192             :                                         "smb2_create failed");
    2193          12 :         tree2->session = session2_2;
    2194          12 :         status = smb2_create(tree2, mem_ctx, &io2f1);
    2195          12 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_SHARING_VIOLATION, ret, done,
    2196             :                                         "smb2_create failed");
    2197          12 :         tree2->session = session2_3;
    2198          12 :         status = smb2_create(tree2, mem_ctx, &io2f1);
    2199          12 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_SHARING_VIOLATION, ret, done,
    2200             :                                         "smb2_create failed");
    2201             : 
    2202          12 :         smbXcli_conn_disconnect(transport3->conn, NT_STATUS_LOCAL_DISCONNECT);
    2203          12 :         smb_msleep(500);
    2204             : 
    2205          12 :         tree1->session = session1_1;
    2206          12 :         status = smb2_create(tree1, mem_ctx, &io1f2);
    2207          12 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_SHARING_VIOLATION, ret, done,
    2208             :                                         "smb2_create failed");
    2209          12 :         tree1->session = session1_2;
    2210          12 :         status = smb2_create(tree1, mem_ctx, &io1f2);
    2211          12 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_USER_SESSION_DELETED, ret, done,
    2212             :                                         "smb2_create failed");
    2213             : 
    2214          12 :         tree2->session = session2_1;
    2215          12 :         status = smb2_create(tree2, mem_ctx, &io2f1);
    2216          12 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_USER_SESSION_DELETED, ret, done,
    2217             :                                         "smb2_create failed");
    2218          12 :         tree2->session = session2_2;
    2219          12 :         status = smb2_create(tree2, mem_ctx, &io2f1);
    2220          12 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_SHARING_VIOLATION, ret, done,
    2221             :                                         "smb2_create failed");
    2222             : 
    2223          12 :         smbXcli_conn_disconnect(transport2->conn, NT_STATUS_LOCAL_DISCONNECT);
    2224          12 :         smb_msleep(500);
    2225          12 :         h2f2 = NULL;
    2226             : 
    2227          12 :         tree1->session = session1_1;
    2228          12 :         status = smb2_create(tree1, mem_ctx, &io1f2);
    2229          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2230             :                                         "smb2_create failed");
    2231          12 :         _h1f2 = io1f2.out.file.handle;
    2232          12 :         h1f2 = &_h1f2;
    2233          12 :         CHECK_CREATED(tctx, &io1f2, EXISTED, FILE_ATTRIBUTE_ARCHIVE);
    2234          12 :         torture_assert_int_equal(tctx, io1f2.out.oplock_level,
    2235             :                                         smb2_util_oplock_level(""),
    2236             :                                         "oplock_level incorrect");
    2237             : 
    2238          12 :         tree1->session = session1_1;
    2239          12 :         status = smb2_util_close(tree1, *h1f1);
    2240          12 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2241             :                                         "smb2_util_close failed");
    2242          10 :         h1f1 = NULL;
    2243             : 
    2244          10 :         ret = true;
    2245          12 : done:
    2246             : 
    2247          12 :         smbXcli_conn_disconnect(transport3->conn, NT_STATUS_LOCAL_DISCONNECT);
    2248          12 :         smbXcli_conn_disconnect(transport2->conn, NT_STATUS_LOCAL_DISCONNECT);
    2249             : 
    2250          12 :         tree1->session = session1_1;
    2251          12 :         tree2->session = session2_2;
    2252             : 
    2253          12 :         if (h1f1 != NULL) {
    2254           0 :                 smb2_util_close(tree1, *h1f1);
    2255             :         }
    2256          12 :         if (h1f2 != NULL) {
    2257          12 :                 smb2_util_close(tree1, *h1f2);
    2258             :         }
    2259          12 :         if (h2f2 != NULL) {
    2260           0 :                 smb2_util_close(tree2, *h2f2);
    2261             :         }
    2262             : 
    2263          12 :         smb2_util_unlink(tree1, fname1);
    2264          12 :         smb2_util_unlink(tree1, fname2);
    2265             : 
    2266          12 :         talloc_free(tree1);
    2267             : 
    2268          12 :         talloc_free(mem_ctx);
    2269             : 
    2270          12 :         return ret;
    2271             : }
    2272             : 
    2273          18 : static bool test_session_bind_auth_mismatch(struct torture_context *tctx,
    2274             :                                             struct smb2_tree *tree1,
    2275             :                                             const char *testname,
    2276             :                                             struct cli_credentials *creds1,
    2277             :                                             struct cli_credentials *creds2,
    2278             :                                             bool creds2_require_ok)
    2279             : {
    2280          18 :         const char *host = torture_setting_string(tctx, "host", NULL);
    2281          18 :         const char *share = torture_setting_string(tctx, "share", NULL);
    2282           4 :         NTSTATUS status;
    2283          18 :         TALLOC_CTX *mem_ctx = talloc_new(tctx);
    2284           4 :         char fname[256];
    2285           4 :         struct smb2_handle _h1;
    2286          18 :         struct smb2_handle *h1 = NULL;
    2287           4 :         struct smb2_create io1;
    2288           4 :         union smb_fileinfo qfinfo;
    2289          18 :         bool ret = false;
    2290          18 :         struct smb2_tree *tree2 = NULL;
    2291          18 :         struct smb2_transport *transport1 = tree1->session->transport;
    2292           4 :         struct smbcli_options options2;
    2293          18 :         struct smb2_transport *transport2 = NULL;
    2294          18 :         struct smb2_session *session1_1 = tree1->session;
    2295          18 :         struct smb2_session *session1_2 = NULL;
    2296          18 :         struct smb2_session *session2_1 = NULL;
    2297          18 :         struct smb2_session *session2_2 = NULL;
    2298          18 :         struct smb2_session *session3_1 = NULL;
    2299           4 :         uint32_t caps;
    2300           4 :         bool encrypted;
    2301          18 :         bool creds2_got_ok = false;
    2302             : 
    2303          18 :         encrypted = smb2cli_tcon_is_encryption_on(tree1->smbXcli);
    2304             : 
    2305          18 :         caps = smb2cli_conn_server_capabilities(transport1->conn);
    2306          18 :         if (!(caps & SMB2_CAP_MULTI_CHANNEL)) {
    2307           0 :                 torture_skip(tctx, "server doesn't support SMB2_CAP_MULTI_CHANNEL\n");
    2308             :         }
    2309             : 
    2310             :         /*
    2311             :          * We always want signing for this test!
    2312             :          */
    2313          18 :         smb2cli_tcon_should_sign(tree1->smbXcli, true);
    2314          18 :         options2 = transport1->options;
    2315          18 :         options2.signing = SMB_SIGNING_REQUIRED;
    2316             : 
    2317             :         /* Add some random component to the file name. */
    2318          18 :         snprintf(fname, sizeof(fname), "%s_%s.dat", testname,
    2319             :                  generate_random_str(tctx, 8));
    2320             : 
    2321          18 :         smb2_util_unlink(tree1, fname);
    2322             : 
    2323          18 :         smb2_oplock_create_share(&io1, fname,
    2324             :                                  smb2_util_share_access(""),
    2325          18 :                                  smb2_util_oplock_level("b"));
    2326             : 
    2327          18 :         status = smb2_create(tree1, mem_ctx, &io1);
    2328          18 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2329             :                                         "smb2_create failed");
    2330          18 :         _h1 = io1.out.file.handle;
    2331          18 :         h1 = &_h1;
    2332          18 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
    2333          18 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
    2334             :                                         smb2_util_oplock_level("b"),
    2335             :                                         "oplock_level incorrect");
    2336             : 
    2337          18 :         status = smb2_connect(tctx,
    2338             :                               host,
    2339             :                               lpcfg_smb_ports(tctx->lp_ctx),
    2340             :                               share,
    2341             :                               lpcfg_resolve_context(tctx->lp_ctx),
    2342             :                               creds1,
    2343             :                               &tree2,
    2344             :                               tctx->ev,
    2345             :                               &options2,
    2346             :                               lpcfg_socket_options(tctx->lp_ctx),
    2347             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx)
    2348             :                               );
    2349          18 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2350             :                                         "smb2_connect failed");
    2351          18 :         session2_2 = tree2->session;
    2352          18 :         transport2 = tree2->session->transport;
    2353             : 
    2354             :         /*
    2355             :          * Now bind the 2nd transport connection to the 1st session
    2356             :          */
    2357          18 :         session1_2 = smb2_session_channel(transport2,
    2358             :                                           lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    2359             :                                           tree2,
    2360             :                                           session1_1);
    2361          18 :         torture_assert(tctx, session1_2 != NULL, "smb2_session_channel failed");
    2362             : 
    2363          18 :         status = smb2_session_setup_spnego(session1_2,
    2364             :                                            creds1,
    2365             :                                            0 /* previous_session_id */);
    2366          18 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2367             :                                         "smb2_session_setup_spnego failed");
    2368             : 
    2369             :         /* use the 1st connection, 1st session */
    2370          18 :         ZERO_STRUCT(qfinfo);
    2371          18 :         qfinfo.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
    2372          18 :         qfinfo.generic.in.file.handle = _h1;
    2373          18 :         tree1->session = session1_1;
    2374          18 :         status = smb2_getinfo_file(tree1, mem_ctx, &qfinfo);
    2375          18 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2376             :                                         "smb2_getinfo_file failed");
    2377             : 
    2378             :         /* use the 2nd connection, 1st session */
    2379          18 :         ZERO_STRUCT(qfinfo);
    2380          18 :         qfinfo.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
    2381          18 :         qfinfo.generic.in.file.handle = _h1;
    2382          18 :         tree1->session = session1_2;
    2383          18 :         status = smb2_getinfo_file(tree1, mem_ctx, &qfinfo);
    2384          18 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2385             :                                         "smb2_getinfo_file failed");
    2386             : 
    2387          18 :         tree1->session = session1_1;
    2388          18 :         status = smb2_util_close(tree1, *h1);
    2389          18 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2390             :                                         "smb2_util_close failed");
    2391          18 :         h1 = NULL;
    2392             : 
    2393             :         /*
    2394             :          * Create a 3rd session in order to check if the invalid (creds2)
    2395             :          * are mapped to guest.
    2396             :          */
    2397          18 :         session3_1 = smb2_session_init(transport1,
    2398             :                                        lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    2399             :                                        tctx);
    2400          18 :         torture_assert(tctx, session3_1 != NULL, "smb2_session_channel failed");
    2401             : 
    2402          18 :         status = smb2_session_setup_spnego(session3_1,
    2403             :                                            creds2,
    2404             :                                            0 /* previous_session_id */);
    2405          18 :         if (creds2_require_ok) {
    2406           6 :                 torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2407             :                                         "smb2_session_setup_spnego worked");
    2408           4 :                 creds2_got_ok = true;
    2409          12 :         } else if (NT_STATUS_IS_OK(status)) {
    2410           2 :                 bool authentiated = smbXcli_session_is_authenticated(session3_1->smbXcli);
    2411           2 :                 torture_assert(tctx, !authentiated, "Invalid credentials allowed!");
    2412           2 :                 creds2_got_ok = true;
    2413             :         } else {
    2414          10 :                 torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_LOGON_FAILURE, ret, done,
    2415             :                                         "smb2_session_setup_spnego worked");
    2416             :         }
    2417             : 
    2418             :         /*
    2419             :          * Now bind the 1st transport connection to the 2nd session
    2420             :          */
    2421          18 :         session2_1 = smb2_session_channel(transport1,
    2422             :                                           lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    2423             :                                           tree1,
    2424             :                                           session2_2);
    2425          18 :         torture_assert(tctx, session2_1 != NULL, "smb2_session_channel failed");
    2426             : 
    2427          18 :         tree2->session = session2_1;
    2428          18 :         status = smb2_util_unlink(tree2, fname);
    2429          18 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_USER_SESSION_DELETED, ret, done,
    2430             :                                         "smb2_util_unlink worked on invalid channel");
    2431             : 
    2432          18 :         status = smb2_session_setup_spnego(session2_1,
    2433             :                                            creds2,
    2434             :                                            0 /* previous_session_id */);
    2435          18 :         if (creds2_got_ok) {
    2436             :                 /*
    2437             :                  * attaching with a different user (guest or anonymous) results
    2438             :                  * in ACCESS_DENIED.
    2439             :                  */
    2440           8 :                 torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_ACCESS_DENIED, ret, done,
    2441             :                                         "smb2_session_setup_spnego worked");
    2442             :         } else {
    2443          10 :                 torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_LOGON_FAILURE, ret, done,
    2444             :                                         "smb2_session_setup_spnego worked");
    2445             :         }
    2446             : 
    2447          18 :         tree2->session = session2_1;
    2448          18 :         status = smb2_util_unlink(tree2, fname);
    2449          18 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_USER_SESSION_DELETED, ret, done,
    2450             :                                         "smb2_util_unlink worked on invalid channel");
    2451             : 
    2452          18 :         tree2->session = session2_2;
    2453          18 :         status = smb2_util_unlink(tree2, fname);
    2454          18 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2455             :                                         "smb2_util_unlink failed");
    2456          18 :         status = smb2_util_unlink(tree2, fname);
    2457          18 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_OBJECT_NAME_NOT_FOUND, ret, done,
    2458             :                                         "smb2_util_unlink worked");
    2459          18 :         if (creds2_got_ok) {
    2460             :                 /*
    2461             :                  * We got ACCESS_DENIED on the session bind
    2462             :                  * with a different user, now check that
    2463             :                  * the correct user can actually bind on
    2464             :                  * the same connection.
    2465             :                  */
    2466           8 :                 TALLOC_FREE(session2_1);
    2467           8 :                 session2_1 = smb2_session_channel(transport1,
    2468             :                                                   lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    2469             :                                                   tree1,
    2470             :                                                   session2_2);
    2471           8 :                 torture_assert(tctx, session2_1 != NULL, "smb2_session_channel failed");
    2472             : 
    2473           8 :                 status = smb2_session_setup_spnego(session2_1,
    2474             :                                                    creds1,
    2475             :                                                    0 /* previous_session_id */);
    2476           8 :                 torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2477             :                                         "smb2_session_setup_spnego failed");
    2478           8 :                 tree2->session = session2_1;
    2479           8 :                 status = smb2_util_unlink(tree2, fname);
    2480           8 :                 torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_OBJECT_NAME_NOT_FOUND, ret, done,
    2481             :                                                 "smb2_util_unlink worked");
    2482           8 :                 tree2->session = session2_2;
    2483             :         }
    2484             : 
    2485          18 :         tree1->session = session1_1;
    2486          18 :         status = smb2_util_unlink(tree1, fname);
    2487          18 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_OBJECT_NAME_NOT_FOUND, ret, done,
    2488             :                                         "smb2_util_unlink worked");
    2489             : 
    2490          18 :         tree1->session = session1_2;
    2491          18 :         status = smb2_util_unlink(tree1, fname);
    2492          18 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_OBJECT_NAME_NOT_FOUND, ret, done,
    2493             :                                         "smb2_util_unlink worked");
    2494             : 
    2495          18 :         if (creds2_got_ok) {
    2496             :                 /*
    2497             :                  * With valid credentials, there's no point to test a failing
    2498             :                  * reauth.
    2499             :                  */
    2500           8 :                 ret = true;
    2501           8 :                 goto done;
    2502             :         }
    2503             : 
    2504             :         /*
    2505             :          * Do a failing reauth the 2nd channel
    2506             :          */
    2507          10 :         status = smb2_session_setup_spnego(session1_2,
    2508             :                                            creds2,
    2509             :                                            0 /* previous_session_id */);
    2510          10 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_LOGON_FAILURE, ret, done,
    2511             :                                         "smb2_session_setup_spnego worked");
    2512             : 
    2513          10 :         tree1->session = session1_1;
    2514          10 :         status = smb2_util_unlink(tree1, fname);
    2515          10 :         if (encrypted) {
    2516           2 :                 torture_assert_goto(tctx, !smbXcli_conn_is_connected(transport1->conn), ret, done,
    2517             :                                                 "smb2_util_unlink worked");
    2518             :         } else {
    2519           8 :                 torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_USER_SESSION_DELETED, ret, done,
    2520             :                                                 "smb2_util_unlink worked");
    2521             :         }
    2522             : 
    2523          10 :         tree1->session = session1_2;
    2524          10 :         status = smb2_util_unlink(tree1, fname);
    2525          10 :         if (encrypted) {
    2526           2 :                 torture_assert_goto(tctx, !smbXcli_conn_is_connected(transport2->conn), ret, done,
    2527             :                                                 "smb2_util_unlink worked");
    2528             :         } else {
    2529           8 :                 torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_USER_SESSION_DELETED, ret, done,
    2530             :                                                 "smb2_util_unlink worked");
    2531             :         }
    2532             : 
    2533          10 :         status = smb2_util_unlink(tree2, fname);
    2534          10 :         if (encrypted) {
    2535           2 :                 torture_assert_goto(tctx, !smbXcli_conn_is_connected(transport1->conn), ret, done,
    2536             :                                                 "smb2_util_unlink worked");
    2537           2 :                 torture_assert_goto(tctx, !smbXcli_conn_is_connected(transport2->conn), ret, done,
    2538             :                                                 "smb2_util_unlink worked");
    2539             :         } else {
    2540           8 :                 torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_OBJECT_NAME_NOT_FOUND, ret, done,
    2541             :                                                 "smb2_util_unlink worked");
    2542             :         }
    2543             : 
    2544           8 :         ret = true;
    2545          18 : done:
    2546          18 :         talloc_free(tree2);
    2547          18 :         tree1->session = session1_1;
    2548             : 
    2549          18 :         if (h1 != NULL) {
    2550           0 :                 smb2_util_close(tree1, *h1);
    2551             :         }
    2552             : 
    2553          18 :         smb2_util_unlink(tree1, fname);
    2554             : 
    2555          18 :         talloc_free(tree1);
    2556             : 
    2557          18 :         talloc_free(mem_ctx);
    2558             : 
    2559          18 :         return ret;
    2560             : }
    2561             : 
    2562          12 : static bool test_session_bind_invalid_auth(struct torture_context *tctx, struct smb2_tree *tree1)
    2563             : {
    2564          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    2565          12 :         struct cli_credentials *invalid_credentials = NULL;
    2566          12 :         bool ret = false;
    2567             : 
    2568          12 :         invalid_credentials = cli_credentials_init(tctx);
    2569          12 :         torture_assert(tctx, (invalid_credentials != NULL), "talloc error");
    2570          12 :         cli_credentials_set_username(invalid_credentials, "__none__invalid__none__", CRED_SPECIFIED);
    2571          12 :         cli_credentials_set_domain(invalid_credentials, "__none__invalid__none__", CRED_SPECIFIED);
    2572          12 :         cli_credentials_set_password(invalid_credentials, "__none__invalid__none__", CRED_SPECIFIED);
    2573          12 :         cli_credentials_set_realm(invalid_credentials, NULL, CRED_SPECIFIED);
    2574          12 :         cli_credentials_set_workstation(invalid_credentials, "", CRED_UNINITIALISED);
    2575             : 
    2576          12 :         ret = test_session_bind_auth_mismatch(tctx, tree1, __func__,
    2577             :                                               credentials,
    2578             :                                               invalid_credentials,
    2579             :                                               false);
    2580          12 :         return ret;
    2581             : }
    2582             : 
    2583          12 : static bool test_session_bind_different_user(struct torture_context *tctx, struct smb2_tree *tree1)
    2584             : {
    2585          12 :         struct cli_credentials *credentials1 = samba_cmdline_get_creds();
    2586          12 :         struct cli_credentials *credentials2 = torture_user2_credentials(tctx, tctx);
    2587          12 :         char *u1 = cli_credentials_get_unparsed_name(credentials1, tctx);
    2588          12 :         char *u2 = cli_credentials_get_unparsed_name(credentials2, tctx);
    2589          12 :         bool ret = false;
    2590           2 :         bool bval;
    2591             : 
    2592          12 :         torture_assert(tctx, (credentials2 != NULL), "talloc error");
    2593          12 :         bval = cli_credentials_is_anonymous(credentials2);
    2594          12 :         if (bval) {
    2595           6 :                 torture_skip(tctx, "valid user2 credentials are required");
    2596             :         }
    2597           6 :         bval = strequal(u1, u2);
    2598           6 :         if (bval) {
    2599           0 :                 torture_skip(tctx, "different user2 credentials are required");
    2600             :         }
    2601             : 
    2602           6 :         ret = test_session_bind_auth_mismatch(tctx, tree1, __func__,
    2603             :                                               credentials1,
    2604             :                                               credentials2,
    2605             :                                               true);
    2606           6 :         return ret;
    2607             : }
    2608             : 
    2609         446 : static bool test_session_bind_negative_smbXtoX(struct torture_context *tctx,
    2610             :                                                const char *testname,
    2611             :                                                struct cli_credentials *credentials,
    2612             :                                                const struct smbcli_options *options1,
    2613             :                                                const struct smbcli_options *options2,
    2614             :                                                NTSTATUS bind_reject_status)
    2615             : {
    2616         446 :         const char *host = torture_setting_string(tctx, "host", NULL);
    2617         446 :         const char *share = torture_setting_string(tctx, "share", NULL);
    2618          78 :         NTSTATUS status;
    2619         446 :         bool ret = false;
    2620         446 :         struct smb2_tree *tree1 = NULL;
    2621         446 :         struct smb2_session *session1_1 = NULL;
    2622          78 :         char fname[256];
    2623          78 :         struct smb2_handle _h1;
    2624         446 :         struct smb2_handle *h1 = NULL;
    2625          78 :         struct smb2_create io1;
    2626          78 :         union smb_fileinfo qfinfo1;
    2627         446 :         struct smb2_tree *tree2_0 = NULL;
    2628         446 :         struct smb2_transport *transport2 = NULL;
    2629         446 :         struct smb2_session *session1_2 = NULL;
    2630         446 :         uint64_t session1_id = 0;
    2631         446 :         uint16_t session1_flags = 0;
    2632         446 :         NTSTATUS deleted_status = NT_STATUS_USER_SESSION_DELETED;
    2633             : 
    2634         446 :         status = smb2_connect(tctx,
    2635             :                               host,
    2636             :                               lpcfg_smb_ports(tctx->lp_ctx),
    2637             :                               share,
    2638             :                               lpcfg_resolve_context(tctx->lp_ctx),
    2639             :                               credentials,
    2640             :                               &tree1,
    2641             :                               tctx->ev,
    2642             :                               options1,
    2643             :                               lpcfg_socket_options(tctx->lp_ctx),
    2644             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx)
    2645             :                               );
    2646         446 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2647             :                                         "smb2_connect options1 failed");
    2648         446 :         session1_1 = tree1->session;
    2649         446 :         session1_id = smb2cli_session_current_id(session1_1->smbXcli);
    2650         446 :         session1_flags = smb2cli_session_get_flags(session1_1->smbXcli);
    2651             : 
    2652             :         /* Add some random component to the file name. */
    2653         446 :         snprintf(fname, sizeof(fname), "%s_%s.dat",
    2654             :                  testname, generate_random_str(tctx, 8));
    2655             : 
    2656         446 :         smb2_util_unlink(tree1, fname);
    2657             : 
    2658         446 :         smb2_oplock_create_share(&io1, fname,
    2659             :                                  smb2_util_share_access(""),
    2660         446 :                                  smb2_util_oplock_level("b"));
    2661             : 
    2662         446 :         io1.in.create_options |= NTCREATEX_OPTIONS_DELETE_ON_CLOSE;
    2663         446 :         status = smb2_create(tree1, tctx, &io1);
    2664         446 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2665             :                                         "smb2_create failed");
    2666         446 :         _h1 = io1.out.file.handle;
    2667         446 :         h1 = &_h1;
    2668         446 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
    2669         446 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
    2670             :                                         smb2_util_oplock_level("b"),
    2671             :                                         "oplock_level incorrect");
    2672             : 
    2673         446 :         status = smb2_connect(tctx,
    2674             :                               host,
    2675             :                               lpcfg_smb_ports(tctx->lp_ctx),
    2676             :                               share,
    2677             :                               lpcfg_resolve_context(tctx->lp_ctx),
    2678             :                               credentials,
    2679             :                               &tree2_0,
    2680             :                               tctx->ev,
    2681             :                               options2,
    2682             :                               lpcfg_socket_options(tctx->lp_ctx),
    2683             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx)
    2684             :                               );
    2685         446 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2686             :                                         "smb2_connect options2 failed");
    2687         446 :         transport2 = tree2_0->session->transport;
    2688             : 
    2689             :         /*
    2690             :          * Now bind the 2nd transport connection to the 1st session
    2691             :          */
    2692         446 :         session1_2 = smb2_session_channel(transport2,
    2693             :                                           lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    2694             :                                           tree2_0,
    2695             :                                           session1_1);
    2696         446 :         torture_assert(tctx, session1_2 != NULL, "smb2_session_channel failed");
    2697             : 
    2698         446 :         status = smb2_session_setup_spnego(session1_2,
    2699             :                                            credentials,
    2700             :                                            0 /* previous_session_id */);
    2701         446 :         torture_assert_ntstatus_equal_goto(tctx, status, bind_reject_status, ret, done,
    2702             :                                            "smb2_session_setup_spnego failed");
    2703         422 :         if (NT_STATUS_IS_OK(bind_reject_status)) {
    2704          24 :                 ZERO_STRUCT(qfinfo1);
    2705          24 :                 qfinfo1.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
    2706          24 :                 qfinfo1.generic.in.file.handle = _h1;
    2707          24 :                 tree1->session = session1_2;
    2708          24 :                 status = smb2_getinfo_file(tree1, tctx, &qfinfo1);
    2709          24 :                 tree1->session = session1_1;
    2710          24 :                 torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2711             :                                         "smb2_getinfo_file failed");
    2712             :         }
    2713         422 :         TALLOC_FREE(session1_2);
    2714             : 
    2715             :         /* Check the initial session is still alive */
    2716         422 :         ZERO_STRUCT(qfinfo1);
    2717         422 :         qfinfo1.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
    2718         422 :         qfinfo1.generic.in.file.handle = _h1;
    2719         422 :         status = smb2_getinfo_file(tree1, tctx, &qfinfo1);
    2720         422 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2721             :                                         "smb2_getinfo_file failed");
    2722             : 
    2723         422 :         if (NT_STATUS_IS_OK(bind_reject_status)) {
    2724          24 :                 deleted_status = NT_STATUS_ACCESS_DENIED;
    2725          24 :                 bind_reject_status = NT_STATUS_ACCESS_DENIED;
    2726             :         }
    2727             : 
    2728             :         /*
    2729             :          * I guess this is not part of MultipleChannel_Negative_SMB2002,
    2730             :          * but we should also check the status without
    2731             :          * SMB2_SESSION_FLAG_BINDING.
    2732             :          */
    2733         422 :         session1_2 = smb2_session_channel(transport2,
    2734             :                                           lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    2735             :                                           tree2_0,
    2736             :                                           session1_1);
    2737         422 :         torture_assert(tctx, session1_2 != NULL, "smb2_session_channel failed");
    2738         422 :         session1_2->needs_bind = false;
    2739             : 
    2740         422 :         status = smb2_session_setup_spnego(session1_2,
    2741             :                                            credentials,
    2742             :                                            0 /* previous_session_id */);
    2743         422 :         torture_assert_ntstatus_equal_goto(tctx, status, deleted_status, ret, done,
    2744             :                                            "smb2_session_setup_spnego failed");
    2745         422 :         TALLOC_FREE(session1_2);
    2746             : 
    2747             :         /*
    2748             :          * ... and we should also check the status without any existing
    2749             :          * session keys.
    2750             :          */
    2751         422 :         session1_2 = smb2_session_init(transport2,
    2752             :                                        lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    2753             :                                        tree2_0);
    2754         422 :         torture_assert(tctx, session1_2 != NULL, "smb2_session_channel failed");
    2755         422 :         talloc_steal(tree2_0->session, transport2);
    2756         422 :         smb2cli_session_set_id_and_flags(session1_2->smbXcli,
    2757             :                                          session1_id, session1_flags);
    2758             : 
    2759         422 :         status = smb2_session_setup_spnego(session1_2,
    2760             :                                            credentials,
    2761             :                                            0 /* previous_session_id */);
    2762         422 :         torture_assert_ntstatus_equal_goto(tctx, status, deleted_status, ret, done,
    2763             :                                            "smb2_session_setup_spnego failed");
    2764         422 :         TALLOC_FREE(session1_2);
    2765             : 
    2766             :         /* Check the initial session is still alive */
    2767         422 :         ZERO_STRUCT(qfinfo1);
    2768         422 :         qfinfo1.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
    2769         422 :         qfinfo1.generic.in.file.handle = _h1;
    2770         422 :         status = smb2_getinfo_file(tree1, tctx, &qfinfo1);
    2771         422 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2772             :                                         "smb2_getinfo_file failed");
    2773             : 
    2774             :         /*
    2775             :          * Now bind the 2nd transport connection to the 1st session (again)
    2776             :          */
    2777         422 :         session1_2 = smb2_session_channel(transport2,
    2778             :                                           lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    2779             :                                           tree2_0,
    2780             :                                           session1_1);
    2781         422 :         torture_assert(tctx, session1_2 != NULL, "smb2_session_channel failed");
    2782             : 
    2783         422 :         status = smb2_session_setup_spnego(session1_2,
    2784             :                                            credentials,
    2785             :                                            0 /* previous_session_id */);
    2786         422 :         torture_assert_ntstatus_equal_goto(tctx, status, bind_reject_status, ret, done,
    2787             :                                            "smb2_session_setup_spnego failed");
    2788         422 :         TALLOC_FREE(session1_2);
    2789             : 
    2790             :         /* Check the initial session is still alive */
    2791         422 :         ZERO_STRUCT(qfinfo1);
    2792         422 :         qfinfo1.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
    2793         422 :         qfinfo1.generic.in.file.handle = _h1;
    2794         422 :         status = smb2_getinfo_file(tree1, tctx, &qfinfo1);
    2795         422 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    2796             :                                         "smb2_getinfo_file failed");
    2797             : 
    2798         348 :         ret = true;
    2799         446 : done:
    2800         446 :         talloc_free(tree2_0);
    2801         446 :         if (h1 != NULL) {
    2802         446 :                 smb2_util_close(tree1, *h1);
    2803             :         }
    2804         446 :         talloc_free(tree1);
    2805             : 
    2806         446 :         return ret;
    2807             : }
    2808             : 
    2809             : /*
    2810             :  * This is similar to the MultipleChannel_Negative_SMB2002 test
    2811             :  * from the Windows Protocol Test Suite.
    2812             :  *
    2813             :  * It demonstrates that the server needs to do lookup
    2814             :  * in the global session table in order to get the signing
    2815             :  * and error code of invalid session setups correct.
    2816             :  *
    2817             :  * See: https://bugzilla.samba.org/show_bug.cgi?id=14512
    2818             :  *
    2819             :  * Note you can ignore tree0...
    2820             :  */
    2821          12 : static bool test_session_bind_negative_smb202(struct torture_context *tctx, struct smb2_tree *tree0)
    2822             : {
    2823          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    2824          12 :         bool ret = false;
    2825          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    2826           2 :         struct smbcli_options options1;
    2827           2 :         struct smbcli_options options2;
    2828           2 :         bool encrypted;
    2829             : 
    2830          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    2831          12 :         if (encrypted) {
    2832           2 :                 torture_skip(tctx,
    2833             :                              "Can't test SMB 2.02 if encryption is required");
    2834             :         }
    2835             : 
    2836          10 :         options1 = transport0->options;
    2837          10 :         options1.client_guid = GUID_zero();
    2838          10 :         options1.max_protocol = PROTOCOL_SMB2_02;
    2839             : 
    2840          10 :         options2 = options1;
    2841          10 :         options2.only_negprot = true;
    2842             : 
    2843          12 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    2844             :                                                  credentials,
    2845             :                                                  &options1, &options2,
    2846          10 :                                                  NT_STATUS_REQUEST_NOT_ACCEPTED);
    2847          10 :         talloc_free(tree0);
    2848          10 :         return ret;
    2849             : }
    2850             : 
    2851          12 : static bool test_session_bind_negative_smb210s(struct torture_context *tctx, struct smb2_tree *tree0)
    2852             : {
    2853          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    2854          12 :         bool ret = false;
    2855          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    2856           2 :         struct smbcli_options options1;
    2857           2 :         struct smbcli_options options2;
    2858           2 :         bool encrypted;
    2859             : 
    2860          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    2861          12 :         if (encrypted) {
    2862           2 :                 torture_skip(tctx,
    2863             :                              "Can't test SMB 2.10 if encryption is required");
    2864             :         }
    2865             : 
    2866          10 :         options1 = transport0->options;
    2867          10 :         options1.client_guid = GUID_random();
    2868          10 :         options1.max_protocol = PROTOCOL_SMB2_10;
    2869             : 
    2870             :         /* same client guid */
    2871          10 :         options2 = options1;
    2872          10 :         options2.only_negprot = true;
    2873             : 
    2874          12 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    2875             :                                                  credentials,
    2876             :                                                  &options1, &options2,
    2877          10 :                                                  NT_STATUS_REQUEST_NOT_ACCEPTED);
    2878          10 :         talloc_free(tree0);
    2879          10 :         return ret;
    2880             : }
    2881             : 
    2882          12 : static bool test_session_bind_negative_smb210d(struct torture_context *tctx, struct smb2_tree *tree0)
    2883             : {
    2884          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    2885          12 :         bool ret = false;
    2886          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    2887           2 :         struct smbcli_options options1;
    2888           2 :         struct smbcli_options options2;
    2889           2 :         bool encrypted;
    2890             : 
    2891          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    2892          12 :         if (encrypted) {
    2893           2 :                 torture_skip(tctx,
    2894             :                              "Can't test SMB 2.10 if encryption is required");
    2895             :         }
    2896             : 
    2897          10 :         options1 = transport0->options;
    2898          10 :         options1.client_guid = GUID_random();
    2899          10 :         options1.max_protocol = PROTOCOL_SMB2_10;
    2900             : 
    2901             :         /* different client guid */
    2902          10 :         options2 = options1;
    2903          10 :         options2.client_guid = GUID_random();
    2904          10 :         options2.only_negprot = true;
    2905             : 
    2906          12 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    2907             :                                                  credentials,
    2908             :                                                  &options1, &options2,
    2909          10 :                                                  NT_STATUS_REQUEST_NOT_ACCEPTED);
    2910          10 :         talloc_free(tree0);
    2911          10 :         return ret;
    2912             : }
    2913             : 
    2914          12 : static bool test_session_bind_negative_smb2to3s(struct torture_context *tctx, struct smb2_tree *tree0)
    2915             : {
    2916          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    2917          12 :         bool ret = false;
    2918          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    2919           2 :         struct smbcli_options options1;
    2920           2 :         struct smbcli_options options2;
    2921           2 :         bool encrypted;
    2922             : 
    2923          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    2924          12 :         if (encrypted) {
    2925           2 :                 torture_skip(tctx,
    2926             :                              "Can't test SMB 2.10 if encryption is required");
    2927             :         }
    2928             : 
    2929          10 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_00) {
    2930           0 :                 torture_skip(tctx,
    2931             :                              "Can't test without SMB3 support");
    2932             :         }
    2933             : 
    2934          10 :         options1 = transport0->options;
    2935          10 :         options1.client_guid = GUID_random();
    2936          10 :         options1.min_protocol = PROTOCOL_SMB2_02;
    2937          10 :         options1.max_protocol = PROTOCOL_SMB2_10;
    2938             : 
    2939             :         /* same client guid */
    2940          10 :         options2 = options1;
    2941          10 :         options2.only_negprot = true;
    2942          10 :         options2.min_protocol = PROTOCOL_SMB3_00;
    2943          10 :         options2.max_protocol = PROTOCOL_SMB3_11;
    2944          10 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    2945             :                 .num_algos = 1,
    2946             :                 .algos = {
    2947             :                         SMB2_SIGNING_AES128_CMAC,
    2948             :                 },
    2949             :         };
    2950             : 
    2951          12 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    2952             :                                                  credentials,
    2953             :                                                  &options1, &options2,
    2954          10 :                                                  NT_STATUS_INVALID_PARAMETER);
    2955          10 :         talloc_free(tree0);
    2956          10 :         return ret;
    2957             : }
    2958             : 
    2959          12 : static bool test_session_bind_negative_smb2to3d(struct torture_context *tctx, struct smb2_tree *tree0)
    2960             : {
    2961          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    2962          12 :         bool ret = false;
    2963          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    2964           2 :         struct smbcli_options options1;
    2965           2 :         struct smbcli_options options2;
    2966           2 :         bool encrypted;
    2967             : 
    2968          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    2969          12 :         if (encrypted) {
    2970           2 :                 torture_skip(tctx,
    2971             :                              "Can't test SMB 2.10 if encryption is required");
    2972             :         }
    2973             : 
    2974          10 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_00) {
    2975           0 :                 torture_skip(tctx,
    2976             :                              "Can't test without SMB3 support");
    2977             :         }
    2978             : 
    2979          10 :         options1 = transport0->options;
    2980          10 :         options1.client_guid = GUID_random();
    2981          10 :         options1.min_protocol = PROTOCOL_SMB2_02;
    2982          10 :         options1.max_protocol = PROTOCOL_SMB2_10;
    2983             : 
    2984             :         /* different client guid */
    2985          10 :         options2 = options1;
    2986          10 :         options2.client_guid = GUID_random();
    2987          10 :         options2.only_negprot = true;
    2988          10 :         options2.min_protocol = PROTOCOL_SMB3_00;
    2989          10 :         options2.max_protocol = PROTOCOL_SMB3_11;
    2990          10 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    2991             :                 .num_algos = 1,
    2992             :                 .algos = {
    2993             :                         SMB2_SIGNING_AES128_CMAC,
    2994             :                 },
    2995             :         };
    2996             : 
    2997          12 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    2998             :                                                  credentials,
    2999             :                                                  &options1, &options2,
    3000          10 :                                                  NT_STATUS_INVALID_PARAMETER);
    3001          10 :         talloc_free(tree0);
    3002          10 :         return ret;
    3003             : }
    3004             : 
    3005          12 : static bool test_session_bind_negative_smb3to2s(struct torture_context *tctx, struct smb2_tree *tree0)
    3006             : {
    3007          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    3008          12 :         bool ret = false;
    3009          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3010           2 :         struct smbcli_options options1;
    3011           2 :         struct smbcli_options options2;
    3012           2 :         bool encrypted;
    3013             : 
    3014          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    3015          12 :         if (encrypted) {
    3016           2 :                 torture_skip(tctx,
    3017             :                              "Can't test SMB 2.10 if encryption is required");
    3018             :         }
    3019             : 
    3020          10 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_00) {
    3021           0 :                 torture_skip(tctx,
    3022             :                              "Can't test without SMB3 support");
    3023             :         }
    3024             : 
    3025          10 :         options1 = transport0->options;
    3026          10 :         options1.client_guid = GUID_random();
    3027          10 :         options1.min_protocol = PROTOCOL_SMB3_00;
    3028          10 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3029          10 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3030             :                 .num_algos = 1,
    3031             :                 .algos = {
    3032             :                         SMB2_SIGNING_AES128_CMAC,
    3033             :                 },
    3034             :         };
    3035             : 
    3036             :         /* same client guid */
    3037          10 :         options2 = options1;
    3038          10 :         options2.only_negprot = true;
    3039          10 :         options2.min_protocol = PROTOCOL_SMB2_02;
    3040          10 :         options2.max_protocol = PROTOCOL_SMB2_10;
    3041          10 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3042             :                 .num_algos = 1,
    3043             :                 .algos = {
    3044             :                         SMB2_SIGNING_HMAC_SHA256,
    3045             :                 },
    3046             :         };
    3047             : 
    3048          12 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3049             :                                                  credentials,
    3050             :                                                  &options1, &options2,
    3051          10 :                                                  NT_STATUS_REQUEST_NOT_ACCEPTED);
    3052          10 :         talloc_free(tree0);
    3053          10 :         return ret;
    3054             : }
    3055             : 
    3056          12 : static bool test_session_bind_negative_smb3to2d(struct torture_context *tctx, struct smb2_tree *tree0)
    3057             : {
    3058          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    3059          12 :         bool ret = false;
    3060          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3061           2 :         struct smbcli_options options1;
    3062           2 :         struct smbcli_options options2;
    3063           2 :         bool encrypted;
    3064             : 
    3065          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    3066          12 :         if (encrypted) {
    3067           2 :                 torture_skip(tctx,
    3068             :                              "Can't test SMB 2.10 if encryption is required");
    3069             :         }
    3070             : 
    3071          10 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_00) {
    3072           0 :                 torture_skip(tctx,
    3073             :                              "Can't test without SMB3 support");
    3074             :         }
    3075             : 
    3076          10 :         options1 = transport0->options;
    3077          10 :         options1.client_guid = GUID_random();
    3078          10 :         options1.min_protocol = PROTOCOL_SMB3_00;
    3079          10 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3080          10 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3081             :                 .num_algos = 1,
    3082             :                 .algos = {
    3083             :                         SMB2_SIGNING_AES128_CMAC,
    3084             :                 },
    3085             :         };
    3086             : 
    3087             :         /* different client guid */
    3088          10 :         options2 = options1;
    3089          10 :         options2.client_guid = GUID_random();
    3090          10 :         options2.only_negprot = true;
    3091          10 :         options2.min_protocol = PROTOCOL_SMB2_02;
    3092          10 :         options2.max_protocol = PROTOCOL_SMB2_10;
    3093          10 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3094             :                 .num_algos = 1,
    3095             :                 .algos = {
    3096             :                         SMB2_SIGNING_HMAC_SHA256,
    3097             :                 },
    3098             :         };
    3099             : 
    3100          12 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3101             :                                                  credentials,
    3102             :                                                  &options1, &options2,
    3103          10 :                                                  NT_STATUS_REQUEST_NOT_ACCEPTED);
    3104          10 :         talloc_free(tree0);
    3105          10 :         return ret;
    3106             : }
    3107             : 
    3108          12 : static bool test_session_bind_negative_smb3to3s(struct torture_context *tctx, struct smb2_tree *tree0)
    3109             : {
    3110          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    3111          12 :         bool ret = false;
    3112          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3113           2 :         struct smbcli_options options1;
    3114           2 :         struct smbcli_options options2;
    3115             : 
    3116          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3117           0 :                 torture_skip(tctx,
    3118             :                              "Can't test without SMB 3.1.1 support");
    3119             :         }
    3120             : 
    3121          12 :         options1 = transport0->options;
    3122          12 :         options1.client_guid = GUID_random();
    3123          12 :         options1.min_protocol = PROTOCOL_SMB3_02;
    3124          12 :         options1.max_protocol = PROTOCOL_SMB3_02;
    3125             : 
    3126             :         /* same client guid */
    3127          12 :         options2 = options1;
    3128          12 :         options2.only_negprot = true;
    3129          12 :         options2.min_protocol = PROTOCOL_SMB3_11;
    3130          12 :         options2.max_protocol = PROTOCOL_SMB3_11;
    3131          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3132             :                 .num_algos = 1,
    3133             :                 .algos = {
    3134             :                         SMB2_SIGNING_AES128_CMAC,
    3135             :                 },
    3136             :         };
    3137             : 
    3138          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3139             :                                                  credentials,
    3140             :                                                  &options1, &options2,
    3141          12 :                                                  NT_STATUS_INVALID_PARAMETER);
    3142          12 :         talloc_free(tree0);
    3143          12 :         return ret;
    3144             : }
    3145             : 
    3146          12 : static bool test_session_bind_negative_smb3to3d(struct torture_context *tctx, struct smb2_tree *tree0)
    3147             : {
    3148          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    3149          12 :         bool ret = false;
    3150          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3151           2 :         struct smbcli_options options1;
    3152           2 :         struct smbcli_options options2;
    3153             : 
    3154          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3155           0 :                 torture_skip(tctx,
    3156             :                              "Can't test without SMB 3.1.1 support");
    3157             :         }
    3158             : 
    3159          12 :         options1 = transport0->options;
    3160          12 :         options1.client_guid = GUID_random();
    3161          12 :         options1.min_protocol = PROTOCOL_SMB3_02;
    3162          12 :         options1.max_protocol = PROTOCOL_SMB3_02;
    3163             : 
    3164             :         /* different client guid */
    3165          12 :         options2 = options1;
    3166          12 :         options2.client_guid = GUID_random();
    3167          12 :         options2.only_negprot = true;
    3168          12 :         options2.min_protocol = PROTOCOL_SMB3_11;
    3169          12 :         options2.max_protocol = PROTOCOL_SMB3_11;
    3170          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3171             :                 .num_algos = 1,
    3172             :                 .algos = {
    3173             :                         SMB2_SIGNING_AES128_CMAC,
    3174             :                 },
    3175             :         };
    3176             : 
    3177          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3178             :                                                  credentials,
    3179             :                                                  &options1, &options2,
    3180          12 :                                                  NT_STATUS_INVALID_PARAMETER);
    3181          12 :         talloc_free(tree0);
    3182          12 :         return ret;
    3183             : }
    3184             : 
    3185          12 : static bool test_session_bind_negative_smb3encGtoCs(struct torture_context *tctx, struct smb2_tree *tree0)
    3186             : {
    3187          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3188          12 :         struct cli_credentials *credentials = NULL;
    3189          12 :         bool ret = false;
    3190          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3191           2 :         struct smbcli_options options1;
    3192           2 :         struct smbcli_options options2;
    3193           2 :         bool ok;
    3194             : 
    3195          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3196           0 :                 torture_skip(tctx,
    3197             :                              "Can't test without SMB 3.1.1 support");
    3198             :         }
    3199             : 
    3200          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3201          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3202          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3203             :                                                 SMB_ENCRYPTION_REQUIRED,
    3204             :                                                 CRED_SPECIFIED);
    3205          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3206             : 
    3207          12 :         options1 = transport0->options;
    3208          12 :         options1.client_guid = GUID_random();
    3209          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3210          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3211          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3212          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    3213             :                 .num_algos = 1,
    3214             :                 .algos = {
    3215             :                         SMB2_ENCRYPTION_AES128_GCM,
    3216             :                 },
    3217             :         };
    3218             : 
    3219             :         /* same client guid */
    3220          12 :         options2 = options1;
    3221          12 :         options2.only_negprot = true;
    3222          12 :         options2.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    3223             :                 .num_algos = 1,
    3224             :                 .algos = {
    3225             :                         SMB2_ENCRYPTION_AES128_CCM,
    3226             :                 },
    3227             :         };
    3228             : 
    3229          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3230             :                                                  credentials,
    3231             :                                                  &options1, &options2,
    3232          12 :                                                  NT_STATUS_INVALID_PARAMETER);
    3233          12 :         talloc_free(tree0);
    3234          12 :         return ret;
    3235             : }
    3236             : 
    3237          12 : static bool test_session_bind_negative_smb3encGtoCd(struct torture_context *tctx, struct smb2_tree *tree0)
    3238             : {
    3239          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3240          12 :         struct cli_credentials *credentials = NULL;
    3241          12 :         bool ret = false;
    3242          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3243           2 :         struct smbcli_options options1;
    3244           2 :         struct smbcli_options options2;
    3245           2 :         bool ok;
    3246             : 
    3247          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3248           0 :                 torture_skip(tctx,
    3249             :                              "Can't test without SMB 3.1.1 support");
    3250             :         }
    3251             : 
    3252          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3253          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3254          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3255             :                                                 SMB_ENCRYPTION_REQUIRED,
    3256             :                                                 CRED_SPECIFIED);
    3257          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3258             : 
    3259          12 :         options1 = transport0->options;
    3260          12 :         options1.client_guid = GUID_random();
    3261          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3262          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3263          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3264          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    3265             :                 .num_algos = 1,
    3266             :                 .algos = {
    3267             :                         SMB2_ENCRYPTION_AES128_GCM,
    3268             :                 },
    3269             :         };
    3270             : 
    3271             :         /* different client guid */
    3272          12 :         options2 = options1;
    3273          12 :         options2.client_guid = GUID_random();
    3274          12 :         options2.only_negprot = true;
    3275          12 :         options2.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    3276             :                 .num_algos = 1,
    3277             :                 .algos = {
    3278             :                         SMB2_ENCRYPTION_AES128_CCM,
    3279             :                 },
    3280             :         };
    3281             : 
    3282          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3283             :                                                  credentials,
    3284             :                                                  &options1, &options2,
    3285          12 :                                                  NT_STATUS_INVALID_PARAMETER);
    3286          12 :         talloc_free(tree0);
    3287          12 :         return ret;
    3288             : }
    3289             : 
    3290          12 : static bool test_session_bind_negative_smb3signCtoHs(struct torture_context *tctx, struct smb2_tree *tree0)
    3291             : {
    3292          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3293          12 :         struct cli_credentials *credentials = NULL;
    3294          12 :         bool ret = false;
    3295          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3296           2 :         struct smbcli_options options1;
    3297           2 :         struct smbcli_options options2;
    3298           2 :         bool ok;
    3299             : 
    3300          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3301           0 :                 torture_skip(tctx,
    3302             :                              "Can't test without SMB 3.1.1 support");
    3303             :         }
    3304             : 
    3305          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    3306           0 :                 torture_skip(tctx,
    3307             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    3308             :         }
    3309             : 
    3310          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3311          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3312          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3313             :                                                 SMB_ENCRYPTION_REQUIRED,
    3314             :                                                 CRED_SPECIFIED);
    3315          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3316             : 
    3317          12 :         options1 = transport0->options;
    3318          12 :         options1.client_guid = GUID_random();
    3319          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3320          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3321          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3322          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3323             :                 .num_algos = 1,
    3324             :                 .algos = {
    3325             :                         SMB2_SIGNING_AES128_CMAC,
    3326             :                 },
    3327             :         };
    3328             : 
    3329             :         /* same client guid */
    3330          12 :         options2 = options1;
    3331          12 :         options2.only_negprot = true;
    3332          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3333             :                 .num_algos = 1,
    3334             :                 .algos = {
    3335             :                         SMB2_SIGNING_HMAC_SHA256,
    3336             :                 },
    3337             :         };
    3338             : 
    3339          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3340             :                                                  credentials,
    3341             :                                                  &options1, &options2,
    3342          12 :                                                  NT_STATUS_OK);
    3343          12 :         talloc_free(tree0);
    3344          12 :         return ret;
    3345             : }
    3346             : 
    3347          12 : static bool test_session_bind_negative_smb3signCtoHd(struct torture_context *tctx, struct smb2_tree *tree0)
    3348             : {
    3349          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3350          12 :         struct cli_credentials *credentials = NULL;
    3351          12 :         bool ret = false;
    3352          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3353           2 :         struct smbcli_options options1;
    3354           2 :         struct smbcli_options options2;
    3355           2 :         bool ok;
    3356             : 
    3357          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3358           0 :                 torture_skip(tctx,
    3359             :                              "Can't test without SMB 3.1.1 support");
    3360             :         }
    3361             : 
    3362          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    3363           0 :                 torture_skip(tctx,
    3364             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    3365             :         }
    3366             : 
    3367          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3368          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3369          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3370             :                                                 SMB_ENCRYPTION_REQUIRED,
    3371             :                                                 CRED_SPECIFIED);
    3372          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3373             : 
    3374          12 :         options1 = transport0->options;
    3375          12 :         options1.client_guid = GUID_random();
    3376          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3377          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3378          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3379          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3380             :                 .num_algos = 1,
    3381             :                 .algos = {
    3382             :                         SMB2_SIGNING_AES128_CMAC,
    3383             :                 },
    3384             :         };
    3385             : 
    3386             :         /* different client guid */
    3387          12 :         options2 = options1;
    3388          12 :         options2.client_guid = GUID_random();
    3389          12 :         options2.only_negprot = true;
    3390          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3391             :                 .num_algos = 1,
    3392             :                 .algos = {
    3393             :                         SMB2_SIGNING_HMAC_SHA256,
    3394             :                 },
    3395             :         };
    3396             : 
    3397          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3398             :                                                  credentials,
    3399             :                                                  &options1, &options2,
    3400          12 :                                                  NT_STATUS_OK);
    3401          12 :         talloc_free(tree0);
    3402          12 :         return ret;
    3403             : }
    3404             : 
    3405          12 : static bool test_session_bind_negative_smb3signHtoCs(struct torture_context *tctx, struct smb2_tree *tree0)
    3406             : {
    3407          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3408          12 :         struct cli_credentials *credentials = NULL;
    3409          12 :         bool ret = false;
    3410          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3411           2 :         struct smbcli_options options1;
    3412           2 :         struct smbcli_options options2;
    3413           2 :         bool ok;
    3414             : 
    3415          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3416           0 :                 torture_skip(tctx,
    3417             :                              "Can't test without SMB 3.1.1 support");
    3418             :         }
    3419             : 
    3420          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    3421           0 :                 torture_skip(tctx,
    3422             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    3423             :         }
    3424             : 
    3425          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3426          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3427          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3428             :                                                 SMB_ENCRYPTION_REQUIRED,
    3429             :                                                 CRED_SPECIFIED);
    3430          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3431             : 
    3432          12 :         options1 = transport0->options;
    3433          12 :         options1.client_guid = GUID_random();
    3434          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3435          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3436          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3437          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3438             :                 .num_algos = 1,
    3439             :                 .algos = {
    3440             :                         SMB2_SIGNING_HMAC_SHA256,
    3441             :                 },
    3442             :         };
    3443             : 
    3444             :         /* same client guid */
    3445          12 :         options2 = options1;
    3446          12 :         options2.only_negprot = true;
    3447          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3448             :                 .num_algos = 1,
    3449             :                 .algos = {
    3450             :                         SMB2_SIGNING_AES128_CMAC,
    3451             :                 },
    3452             :         };
    3453             : 
    3454          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3455             :                                                  credentials,
    3456             :                                                  &options1, &options2,
    3457          12 :                                                  NT_STATUS_OK);
    3458          12 :         talloc_free(tree0);
    3459          12 :         return ret;
    3460             : }
    3461             : 
    3462          12 : static bool test_session_bind_negative_smb3signHtoCd(struct torture_context *tctx, struct smb2_tree *tree0)
    3463             : {
    3464          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3465          12 :         struct cli_credentials *credentials = NULL;
    3466          12 :         bool ret = false;
    3467          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3468           2 :         struct smbcli_options options1;
    3469           2 :         struct smbcli_options options2;
    3470           2 :         bool ok;
    3471             : 
    3472          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3473           0 :                 torture_skip(tctx,
    3474             :                              "Can't test without SMB 3.1.1 support");
    3475             :         }
    3476             : 
    3477          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    3478           0 :                 torture_skip(tctx,
    3479             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    3480             :         }
    3481             : 
    3482          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3483          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3484          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3485             :                                                 SMB_ENCRYPTION_REQUIRED,
    3486             :                                                 CRED_SPECIFIED);
    3487          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3488             : 
    3489          12 :         options1 = transport0->options;
    3490          12 :         options1.client_guid = GUID_random();
    3491          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3492          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3493          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3494          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3495             :                 .num_algos = 1,
    3496             :                 .algos = {
    3497             :                         SMB2_SIGNING_HMAC_SHA256,
    3498             :                 },
    3499             :         };
    3500             : 
    3501             :         /* different client guid */
    3502          12 :         options2 = options1;
    3503          12 :         options2.client_guid = GUID_random();
    3504          12 :         options2.only_negprot = true;
    3505          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3506             :                 .num_algos = 1,
    3507             :                 .algos = {
    3508             :                         SMB2_SIGNING_AES128_CMAC,
    3509             :                 },
    3510             :         };
    3511             : 
    3512          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3513             :                                                  credentials,
    3514             :                                                  &options1, &options2,
    3515          12 :                                                  NT_STATUS_OK);
    3516          12 :         talloc_free(tree0);
    3517          12 :         return ret;
    3518             : }
    3519             : 
    3520          12 : static bool test_session_bind_negative_smb3signHtoGs(struct torture_context *tctx, struct smb2_tree *tree0)
    3521             : {
    3522          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3523          12 :         struct cli_credentials *credentials = NULL;
    3524          12 :         bool ret = false;
    3525          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3526           2 :         struct smbcli_options options1;
    3527           2 :         struct smbcli_options options2;
    3528           2 :         bool ok;
    3529             : 
    3530          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3531           0 :                 torture_skip(tctx,
    3532             :                              "Can't test without SMB 3.1.1 support");
    3533             :         }
    3534             : 
    3535          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    3536           0 :                 torture_skip(tctx,
    3537             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    3538             :         }
    3539             : 
    3540          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3541          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3542          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3543             :                                                 SMB_ENCRYPTION_REQUIRED,
    3544             :                                                 CRED_SPECIFIED);
    3545          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3546             : 
    3547          12 :         options1 = transport0->options;
    3548          12 :         options1.client_guid = GUID_random();
    3549          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3550          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3551          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3552          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3553             :                 .num_algos = 1,
    3554             :                 .algos = {
    3555             :                         SMB2_SIGNING_HMAC_SHA256,
    3556             :                 },
    3557             :         };
    3558             : 
    3559             :         /* same client guid */
    3560          12 :         options2 = options1;
    3561          12 :         options2.only_negprot = true;
    3562          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3563             :                 .num_algos = 1,
    3564             :                 .algos = {
    3565             :                         SMB2_SIGNING_AES128_GMAC,
    3566             :                 },
    3567             :         };
    3568             : 
    3569          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3570             :                                                  credentials,
    3571             :                                                  &options1, &options2,
    3572          12 :                                                  NT_STATUS_NOT_SUPPORTED);
    3573          12 :         talloc_free(tree0);
    3574          12 :         return ret;
    3575             : }
    3576             : 
    3577          12 : static bool test_session_bind_negative_smb3signHtoGd(struct torture_context *tctx, struct smb2_tree *tree0)
    3578             : {
    3579          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3580          12 :         struct cli_credentials *credentials = NULL;
    3581          12 :         bool ret = false;
    3582          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3583           2 :         struct smbcli_options options1;
    3584           2 :         struct smbcli_options options2;
    3585           2 :         bool ok;
    3586             : 
    3587          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3588           0 :                 torture_skip(tctx,
    3589             :                              "Can't test without SMB 3.1.1 support");
    3590             :         }
    3591             : 
    3592          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    3593           0 :                 torture_skip(tctx,
    3594             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    3595             :         }
    3596             : 
    3597          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3598          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3599          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3600             :                                                 SMB_ENCRYPTION_REQUIRED,
    3601             :                                                 CRED_SPECIFIED);
    3602          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3603             : 
    3604          12 :         options1 = transport0->options;
    3605          12 :         options1.client_guid = GUID_random();
    3606          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3607          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3608          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3609          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3610             :                 .num_algos = 1,
    3611             :                 .algos = {
    3612             :                         SMB2_SIGNING_HMAC_SHA256,
    3613             :                 },
    3614             :         };
    3615             : 
    3616             :         /* different client guid */
    3617          12 :         options2 = options1;
    3618          12 :         options2.client_guid = GUID_random();
    3619          12 :         options2.only_negprot = true;
    3620          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3621             :                 .num_algos = 1,
    3622             :                 .algos = {
    3623             :                         SMB2_SIGNING_AES128_GMAC,
    3624             :                 },
    3625             :         };
    3626             : 
    3627          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3628             :                                                  credentials,
    3629             :                                                  &options1, &options2,
    3630          12 :                                                  NT_STATUS_NOT_SUPPORTED);
    3631          12 :         talloc_free(tree0);
    3632          12 :         return ret;
    3633             : }
    3634             : 
    3635          12 : static bool test_session_bind_negative_smb3signCtoGs(struct torture_context *tctx, struct smb2_tree *tree0)
    3636             : {
    3637          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3638          12 :         struct cli_credentials *credentials = NULL;
    3639          12 :         bool ret = false;
    3640          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3641           2 :         struct smbcli_options options1;
    3642           2 :         struct smbcli_options options2;
    3643           2 :         bool ok;
    3644             : 
    3645          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3646           0 :                 torture_skip(tctx,
    3647             :                              "Can't test without SMB 3.1.1 support");
    3648             :         }
    3649             : 
    3650          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    3651           0 :                 torture_skip(tctx,
    3652             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    3653             :         }
    3654             : 
    3655          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3656          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3657          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3658             :                                                 SMB_ENCRYPTION_REQUIRED,
    3659             :                                                 CRED_SPECIFIED);
    3660          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3661             : 
    3662          12 :         options1 = transport0->options;
    3663          12 :         options1.client_guid = GUID_random();
    3664          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3665          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3666          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3667          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3668             :                 .num_algos = 1,
    3669             :                 .algos = {
    3670             :                         SMB2_SIGNING_AES128_CMAC,
    3671             :                 },
    3672             :         };
    3673             : 
    3674             :         /* same client guid */
    3675          12 :         options2 = options1;
    3676          12 :         options2.only_negprot = true;
    3677          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3678             :                 .num_algos = 1,
    3679             :                 .algos = {
    3680             :                         SMB2_SIGNING_AES128_GMAC,
    3681             :                 },
    3682             :         };
    3683             : 
    3684          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3685             :                                                  credentials,
    3686             :                                                  &options1, &options2,
    3687          12 :                                                  NT_STATUS_NOT_SUPPORTED);
    3688          12 :         talloc_free(tree0);
    3689          12 :         return ret;
    3690             : }
    3691             : 
    3692          12 : static bool test_session_bind_negative_smb3signCtoGd(struct torture_context *tctx, struct smb2_tree *tree0)
    3693             : {
    3694          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3695          12 :         struct cli_credentials *credentials = NULL;
    3696          12 :         bool ret = false;
    3697          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3698           2 :         struct smbcli_options options1;
    3699           2 :         struct smbcli_options options2;
    3700           2 :         bool ok;
    3701             : 
    3702          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3703           0 :                 torture_skip(tctx,
    3704             :                              "Can't test without SMB 3.1.1 support");
    3705             :         }
    3706             : 
    3707          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    3708           0 :                 torture_skip(tctx,
    3709             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    3710             :         }
    3711             : 
    3712          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3713          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3714          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3715             :                                                 SMB_ENCRYPTION_REQUIRED,
    3716             :                                                 CRED_SPECIFIED);
    3717          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3718             : 
    3719          12 :         options1 = transport0->options;
    3720          12 :         options1.client_guid = GUID_random();
    3721          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3722          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3723          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3724          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3725             :                 .num_algos = 1,
    3726             :                 .algos = {
    3727             :                         SMB2_SIGNING_AES128_CMAC,
    3728             :                 },
    3729             :         };
    3730             : 
    3731             :         /* different client guid */
    3732          12 :         options2 = options1;
    3733          12 :         options2.client_guid = GUID_random();
    3734          12 :         options2.only_negprot = true;
    3735          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3736             :                 .num_algos = 1,
    3737             :                 .algos = {
    3738             :                         SMB2_SIGNING_AES128_GMAC,
    3739             :                 },
    3740             :         };
    3741             : 
    3742          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3743             :                                                  credentials,
    3744             :                                                  &options1, &options2,
    3745          12 :                                                  NT_STATUS_NOT_SUPPORTED);
    3746          12 :         talloc_free(tree0);
    3747          12 :         return ret;
    3748             : }
    3749             : 
    3750          12 : static bool test_session_bind_negative_smb3signGtoCs(struct torture_context *tctx, struct smb2_tree *tree0)
    3751             : {
    3752          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3753          12 :         struct cli_credentials *credentials = NULL;
    3754          12 :         bool ret = false;
    3755          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3756           2 :         struct smbcli_options options1;
    3757           2 :         struct smbcli_options options2;
    3758           2 :         bool ok;
    3759             : 
    3760          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3761           0 :                 torture_skip(tctx,
    3762             :                              "Can't test without SMB 3.1.1 support");
    3763             :         }
    3764             : 
    3765          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    3766           0 :                 torture_skip(tctx,
    3767             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    3768             :         }
    3769             : 
    3770          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3771          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3772          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3773             :                                                 SMB_ENCRYPTION_REQUIRED,
    3774             :                                                 CRED_SPECIFIED);
    3775          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3776             : 
    3777          12 :         options1 = transport0->options;
    3778          12 :         options1.client_guid = GUID_random();
    3779          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3780          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3781          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3782          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3783             :                 .num_algos = 1,
    3784             :                 .algos = {
    3785             :                         SMB2_SIGNING_AES128_GMAC,
    3786             :                 },
    3787             :         };
    3788             : 
    3789             :         /* same client guid */
    3790          12 :         options2 = options1;
    3791          12 :         options2.only_negprot = true;
    3792          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3793             :                 .num_algos = 1,
    3794             :                 .algos = {
    3795             :                         SMB2_SIGNING_AES128_CMAC,
    3796             :                 },
    3797             :         };
    3798             : 
    3799          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3800             :                                                  credentials,
    3801             :                                                  &options1, &options2,
    3802          12 :                                                  NT_STATUS_REQUEST_OUT_OF_SEQUENCE);
    3803          12 :         talloc_free(tree0);
    3804          12 :         return ret;
    3805             : }
    3806             : 
    3807          12 : static bool test_session_bind_negative_smb3signGtoCd(struct torture_context *tctx, struct smb2_tree *tree0)
    3808             : {
    3809          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3810          12 :         struct cli_credentials *credentials = NULL;
    3811          12 :         bool ret = false;
    3812          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3813           2 :         struct smbcli_options options1;
    3814           2 :         struct smbcli_options options2;
    3815           2 :         bool ok;
    3816             : 
    3817          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3818           0 :                 torture_skip(tctx,
    3819             :                              "Can't test without SMB 3.1.1 support");
    3820             :         }
    3821             : 
    3822          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    3823           0 :                 torture_skip(tctx,
    3824             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    3825             :         }
    3826             : 
    3827          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3828          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3829          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3830             :                                                 SMB_ENCRYPTION_REQUIRED,
    3831             :                                                 CRED_SPECIFIED);
    3832          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3833             : 
    3834          12 :         options1 = transport0->options;
    3835          12 :         options1.client_guid = GUID_random();
    3836          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3837          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3838          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3839          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3840             :                 .num_algos = 1,
    3841             :                 .algos = {
    3842             :                         SMB2_SIGNING_AES128_GMAC,
    3843             :                 },
    3844             :         };
    3845             : 
    3846             :         /* different client guid */
    3847          12 :         options2 = options1;
    3848          12 :         options2.client_guid = GUID_random();
    3849          12 :         options2.only_negprot = true;
    3850          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3851             :                 .num_algos = 1,
    3852             :                 .algos = {
    3853             :                         SMB2_SIGNING_AES128_CMAC,
    3854             :                 },
    3855             :         };
    3856             : 
    3857          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3858             :                                                  credentials,
    3859             :                                                  &options1, &options2,
    3860          12 :                                                  NT_STATUS_REQUEST_OUT_OF_SEQUENCE);
    3861          12 :         talloc_free(tree0);
    3862          12 :         return ret;
    3863             : }
    3864             : 
    3865          12 : static bool test_session_bind_negative_smb3signGtoHs(struct torture_context *tctx, struct smb2_tree *tree0)
    3866             : {
    3867          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3868          12 :         struct cli_credentials *credentials = NULL;
    3869          12 :         bool ret = false;
    3870          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3871           2 :         struct smbcli_options options1;
    3872           2 :         struct smbcli_options options2;
    3873           2 :         bool ok;
    3874             : 
    3875          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3876           0 :                 torture_skip(tctx,
    3877             :                              "Can't test without SMB 3.1.1 support");
    3878             :         }
    3879             : 
    3880          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    3881           0 :                 torture_skip(tctx,
    3882             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    3883             :         }
    3884             : 
    3885          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3886          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3887          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3888             :                                                 SMB_ENCRYPTION_REQUIRED,
    3889             :                                                 CRED_SPECIFIED);
    3890          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3891             : 
    3892          12 :         options1 = transport0->options;
    3893          12 :         options1.client_guid = GUID_random();
    3894          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3895          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3896          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3897          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3898             :                 .num_algos = 1,
    3899             :                 .algos = {
    3900             :                         SMB2_SIGNING_AES128_GMAC,
    3901             :                 },
    3902             :         };
    3903             : 
    3904             :         /* same client guid */
    3905          12 :         options2 = options1;
    3906          12 :         options2.only_negprot = true;
    3907          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3908             :                 .num_algos = 1,
    3909             :                 .algos = {
    3910             :                         SMB2_SIGNING_HMAC_SHA256,
    3911             :                 },
    3912             :         };
    3913             : 
    3914          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3915             :                                                  credentials,
    3916             :                                                  &options1, &options2,
    3917          12 :                                                  NT_STATUS_REQUEST_OUT_OF_SEQUENCE);
    3918          12 :         talloc_free(tree0);
    3919          12 :         return ret;
    3920             : }
    3921             : 
    3922          12 : static bool test_session_bind_negative_smb3signGtoHd(struct torture_context *tctx, struct smb2_tree *tree0)
    3923             : {
    3924          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3925          12 :         struct cli_credentials *credentials = NULL;
    3926          12 :         bool ret = false;
    3927          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3928           2 :         struct smbcli_options options1;
    3929           2 :         struct smbcli_options options2;
    3930           2 :         bool ok;
    3931             : 
    3932          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3933           0 :                 torture_skip(tctx,
    3934             :                              "Can't test without SMB 3.1.1 support");
    3935             :         }
    3936             : 
    3937          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    3938           0 :                 torture_skip(tctx,
    3939             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    3940             :         }
    3941             : 
    3942          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    3943          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    3944          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    3945             :                                                 SMB_ENCRYPTION_REQUIRED,
    3946             :                                                 CRED_SPECIFIED);
    3947          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    3948             : 
    3949          12 :         options1 = transport0->options;
    3950          12 :         options1.client_guid = GUID_random();
    3951          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    3952          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    3953          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    3954          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3955             :                 .num_algos = 1,
    3956             :                 .algos = {
    3957             :                         SMB2_SIGNING_AES128_GMAC,
    3958             :                 },
    3959             :         };
    3960             : 
    3961             :         /* different client guid */
    3962          12 :         options2 = options1;
    3963          12 :         options2.client_guid = GUID_random();
    3964          12 :         options2.only_negprot = true;
    3965          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    3966             :                 .num_algos = 1,
    3967             :                 .algos = {
    3968             :                         SMB2_SIGNING_HMAC_SHA256,
    3969             :                 },
    3970             :         };
    3971             : 
    3972          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    3973             :                                                  credentials,
    3974             :                                                  &options1, &options2,
    3975          12 :                                                  NT_STATUS_REQUEST_OUT_OF_SEQUENCE);
    3976          12 :         talloc_free(tree0);
    3977          12 :         return ret;
    3978             : }
    3979             : 
    3980          12 : static bool test_session_bind_negative_smb3sneGtoCs(struct torture_context *tctx, struct smb2_tree *tree0)
    3981             : {
    3982          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    3983          12 :         struct cli_credentials *credentials = NULL;
    3984          12 :         bool ret = false;
    3985          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    3986           2 :         struct smbcli_options options1;
    3987           2 :         struct smbcli_options options2;
    3988           2 :         bool ok;
    3989             : 
    3990          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    3991           0 :                 torture_skip(tctx,
    3992             :                              "Can't test without SMB 3.1.1 support");
    3993             :         }
    3994             : 
    3995          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    3996           0 :                 torture_skip(tctx,
    3997             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    3998             :         }
    3999             : 
    4000          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4001          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4002          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    4003             :                                                 SMB_ENCRYPTION_REQUIRED,
    4004             :                                                 CRED_SPECIFIED);
    4005          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4006             : 
    4007          12 :         options1 = transport0->options;
    4008          12 :         options1.client_guid = GUID_random();
    4009          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    4010          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    4011          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    4012          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4013             :                 .num_algos = 1,
    4014             :                 .algos = {
    4015             :                         SMB2_SIGNING_AES128_GMAC,
    4016             :                 },
    4017             :         };
    4018          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4019             :                 .num_algos = 1,
    4020             :                 .algos = {
    4021             :                         SMB2_ENCRYPTION_AES128_GCM,
    4022             :                 },
    4023             :         };
    4024             : 
    4025             :         /* same client guid */
    4026          12 :         options2 = options1;
    4027          12 :         options2.only_negprot = true;
    4028          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4029             :                 .num_algos = 1,
    4030             :                 .algos = {
    4031             :                         SMB2_SIGNING_AES128_CMAC,
    4032             :                 },
    4033             :         };
    4034          12 :         options2.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4035             :                 .num_algos = 1,
    4036             :                 .algos = {
    4037             :                         SMB2_ENCRYPTION_AES128_CCM,
    4038             :                 },
    4039             :         };
    4040             : 
    4041          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4042             :                                                  credentials,
    4043             :                                                  &options1, &options2,
    4044          12 :                                                  NT_STATUS_REQUEST_OUT_OF_SEQUENCE);
    4045          12 :         talloc_free(tree0);
    4046          12 :         return ret;
    4047             : }
    4048             : 
    4049          12 : static bool test_session_bind_negative_smb3sneGtoCd(struct torture_context *tctx, struct smb2_tree *tree0)
    4050             : {
    4051          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4052          12 :         struct cli_credentials *credentials = NULL;
    4053          12 :         bool ret = false;
    4054          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4055           2 :         struct smbcli_options options1;
    4056           2 :         struct smbcli_options options2;
    4057           2 :         bool ok;
    4058             : 
    4059          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4060           0 :                 torture_skip(tctx,
    4061             :                              "Can't test without SMB 3.1.1 support");
    4062             :         }
    4063             : 
    4064          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4065           0 :                 torture_skip(tctx,
    4066             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4067             :         }
    4068             : 
    4069          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4070          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4071          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    4072             :                                                 SMB_ENCRYPTION_REQUIRED,
    4073             :                                                 CRED_SPECIFIED);
    4074          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4075             : 
    4076          12 :         options1 = transport0->options;
    4077          12 :         options1.client_guid = GUID_random();
    4078          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    4079          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    4080          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    4081          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4082             :                 .num_algos = 1,
    4083             :                 .algos = {
    4084             :                         SMB2_SIGNING_AES128_GMAC,
    4085             :                 },
    4086             :         };
    4087          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4088             :                 .num_algos = 1,
    4089             :                 .algos = {
    4090             :                         SMB2_ENCRYPTION_AES128_GCM,
    4091             :                 },
    4092             :         };
    4093             : 
    4094             :         /* different client guid */
    4095          12 :         options2 = options1;
    4096          12 :         options2.client_guid = GUID_random();
    4097          12 :         options2.only_negprot = true;
    4098          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4099             :                 .num_algos = 1,
    4100             :                 .algos = {
    4101             :                         SMB2_SIGNING_AES128_CMAC,
    4102             :                 },
    4103             :         };
    4104          12 :         options2.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4105             :                 .num_algos = 1,
    4106             :                 .algos = {
    4107             :                         SMB2_ENCRYPTION_AES128_CCM,
    4108             :                 },
    4109             :         };
    4110             : 
    4111          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4112             :                                                  credentials,
    4113             :                                                  &options1, &options2,
    4114          12 :                                                  NT_STATUS_REQUEST_OUT_OF_SEQUENCE);
    4115          12 :         talloc_free(tree0);
    4116          12 :         return ret;
    4117             : }
    4118             : 
    4119          12 : static bool test_session_bind_negative_smb3sneGtoHs(struct torture_context *tctx, struct smb2_tree *tree0)
    4120             : {
    4121          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4122          12 :         struct cli_credentials *credentials = NULL;
    4123          12 :         bool ret = false;
    4124          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4125           2 :         struct smbcli_options options1;
    4126           2 :         struct smbcli_options options2;
    4127           2 :         bool ok;
    4128             : 
    4129          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4130           0 :                 torture_skip(tctx,
    4131             :                              "Can't test without SMB 3.1.1 support");
    4132             :         }
    4133             : 
    4134          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4135           0 :                 torture_skip(tctx,
    4136             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4137             :         }
    4138             : 
    4139          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4140          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4141          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    4142             :                                                 SMB_ENCRYPTION_REQUIRED,
    4143             :                                                 CRED_SPECIFIED);
    4144          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4145             : 
    4146          12 :         options1 = transport0->options;
    4147          12 :         options1.client_guid = GUID_random();
    4148          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    4149          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    4150          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    4151          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4152             :                 .num_algos = 1,
    4153             :                 .algos = {
    4154             :                         SMB2_SIGNING_AES128_GMAC,
    4155             :                 },
    4156             :         };
    4157          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4158             :                 .num_algos = 1,
    4159             :                 .algos = {
    4160             :                         SMB2_ENCRYPTION_AES128_GCM,
    4161             :                 },
    4162             :         };
    4163             : 
    4164             :         /* same client guid */
    4165          12 :         options2 = options1;
    4166          12 :         options2.only_negprot = true;
    4167          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4168             :                 .num_algos = 1,
    4169             :                 .algos = {
    4170             :                         SMB2_SIGNING_HMAC_SHA256,
    4171             :                 },
    4172             :         };
    4173          12 :         options2.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4174             :                 .num_algos = 1,
    4175             :                 .algos = {
    4176             :                         SMB2_ENCRYPTION_AES128_CCM,
    4177             :                 },
    4178             :         };
    4179             : 
    4180          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4181             :                                                  credentials,
    4182             :                                                  &options1, &options2,
    4183          12 :                                                  NT_STATUS_REQUEST_OUT_OF_SEQUENCE);
    4184          12 :         talloc_free(tree0);
    4185          12 :         return ret;
    4186             : }
    4187             : 
    4188          12 : static bool test_session_bind_negative_smb3sneGtoHd(struct torture_context *tctx, struct smb2_tree *tree0)
    4189             : {
    4190          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4191          12 :         struct cli_credentials *credentials = NULL;
    4192          12 :         bool ret = false;
    4193          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4194           2 :         struct smbcli_options options1;
    4195           2 :         struct smbcli_options options2;
    4196           2 :         bool ok;
    4197             : 
    4198          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4199           0 :                 torture_skip(tctx,
    4200             :                              "Can't test without SMB 3.1.1 support");
    4201             :         }
    4202             : 
    4203          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4204           0 :                 torture_skip(tctx,
    4205             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4206             :         }
    4207             : 
    4208          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4209          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4210          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    4211             :                                                 SMB_ENCRYPTION_REQUIRED,
    4212             :                                                 CRED_SPECIFIED);
    4213          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4214             : 
    4215          12 :         options1 = transport0->options;
    4216          12 :         options1.client_guid = GUID_random();
    4217          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    4218          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    4219          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    4220          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4221             :                 .num_algos = 1,
    4222             :                 .algos = {
    4223             :                         SMB2_SIGNING_AES128_GMAC,
    4224             :                 },
    4225             :         };
    4226          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4227             :                 .num_algos = 1,
    4228             :                 .algos = {
    4229             :                         SMB2_ENCRYPTION_AES128_GCM,
    4230             :                 },
    4231             :         };
    4232             : 
    4233             :         /* different client guid */
    4234          12 :         options2 = options1;
    4235          12 :         options2.client_guid = GUID_random();
    4236          12 :         options2.only_negprot = true;
    4237          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4238             :                 .num_algos = 1,
    4239             :                 .algos = {
    4240             :                         SMB2_SIGNING_HMAC_SHA256,
    4241             :                 },
    4242             :         };
    4243          12 :         options2.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4244             :                 .num_algos = 1,
    4245             :                 .algos = {
    4246             :                         SMB2_ENCRYPTION_AES128_CCM,
    4247             :                 },
    4248             :         };
    4249             : 
    4250          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4251             :                                                  credentials,
    4252             :                                                  &options1, &options2,
    4253          12 :                                                  NT_STATUS_REQUEST_OUT_OF_SEQUENCE);
    4254          12 :         talloc_free(tree0);
    4255          12 :         return ret;
    4256             : }
    4257             : 
    4258          12 : static bool test_session_bind_negative_smb3sneCtoGs(struct torture_context *tctx, struct smb2_tree *tree0)
    4259             : {
    4260          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4261          12 :         struct cli_credentials *credentials = NULL;
    4262          12 :         bool ret = false;
    4263          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4264           2 :         struct smbcli_options options1;
    4265           2 :         struct smbcli_options options2;
    4266           2 :         bool ok;
    4267             : 
    4268          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4269           0 :                 torture_skip(tctx,
    4270             :                              "Can't test without SMB 3.1.1 support");
    4271             :         }
    4272             : 
    4273          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4274           0 :                 torture_skip(tctx,
    4275             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4276             :         }
    4277             : 
    4278          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4279          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4280          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    4281             :                                                 SMB_ENCRYPTION_REQUIRED,
    4282             :                                                 CRED_SPECIFIED);
    4283          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4284             : 
    4285          12 :         options1 = transport0->options;
    4286          12 :         options1.client_guid = GUID_random();
    4287          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    4288          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    4289          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    4290          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4291             :                 .num_algos = 1,
    4292             :                 .algos = {
    4293             :                         SMB2_SIGNING_AES128_CMAC,
    4294             :                 },
    4295             :         };
    4296          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4297             :                 .num_algos = 1,
    4298             :                 .algos = {
    4299             :                         SMB2_ENCRYPTION_AES128_CCM,
    4300             :                 },
    4301             :         };
    4302             : 
    4303             :         /* same client guid */
    4304          12 :         options2 = options1;
    4305          12 :         options2.only_negprot = true;
    4306          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4307             :                 .num_algos = 1,
    4308             :                 .algos = {
    4309             :                         SMB2_SIGNING_AES128_GMAC,
    4310             :                 },
    4311             :         };
    4312          12 :         options2.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4313             :                 .num_algos = 1,
    4314             :                 .algos = {
    4315             :                         SMB2_ENCRYPTION_AES128_GCM,
    4316             :                 },
    4317             :         };
    4318             : 
    4319          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4320             :                                                  credentials,
    4321             :                                                  &options1, &options2,
    4322          12 :                                                  NT_STATUS_NOT_SUPPORTED);
    4323          12 :         talloc_free(tree0);
    4324          12 :         return ret;
    4325             : }
    4326             : 
    4327          12 : static bool test_session_bind_negative_smb3sneCtoGd(struct torture_context *tctx, struct smb2_tree *tree0)
    4328             : {
    4329          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4330          12 :         struct cli_credentials *credentials = NULL;
    4331          12 :         bool ret = false;
    4332          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4333           2 :         struct smbcli_options options1;
    4334           2 :         struct smbcli_options options2;
    4335           2 :         bool ok;
    4336             : 
    4337          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4338           0 :                 torture_skip(tctx,
    4339             :                              "Can't test without SMB 3.1.1 support");
    4340             :         }
    4341             : 
    4342          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4343           0 :                 torture_skip(tctx,
    4344             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4345             :         }
    4346             : 
    4347          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4348          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4349          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    4350             :                                                 SMB_ENCRYPTION_REQUIRED,
    4351             :                                                 CRED_SPECIFIED);
    4352          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4353             : 
    4354          12 :         options1 = transport0->options;
    4355          12 :         options1.client_guid = GUID_random();
    4356          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    4357          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    4358          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    4359          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4360             :                 .num_algos = 1,
    4361             :                 .algos = {
    4362             :                         SMB2_SIGNING_AES128_CMAC,
    4363             :                 },
    4364             :         };
    4365          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4366             :                 .num_algos = 1,
    4367             :                 .algos = {
    4368             :                         SMB2_ENCRYPTION_AES128_CCM,
    4369             :                 },
    4370             :         };
    4371             : 
    4372             :         /* different client guid */
    4373          12 :         options2 = options1;
    4374          12 :         options2.client_guid = GUID_random();
    4375          12 :         options2.only_negprot = true;
    4376          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4377             :                 .num_algos = 1,
    4378             :                 .algos = {
    4379             :                         SMB2_SIGNING_AES128_GMAC,
    4380             :                 },
    4381             :         };
    4382          12 :         options2.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4383             :                 .num_algos = 1,
    4384             :                 .algos = {
    4385             :                         SMB2_ENCRYPTION_AES128_GCM,
    4386             :                 },
    4387             :         };
    4388             : 
    4389          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4390             :                                                  credentials,
    4391             :                                                  &options1, &options2,
    4392          12 :                                                  NT_STATUS_NOT_SUPPORTED);
    4393          12 :         talloc_free(tree0);
    4394          12 :         return ret;
    4395             : }
    4396             : 
    4397          12 : static bool test_session_bind_negative_smb3sneHtoGs(struct torture_context *tctx, struct smb2_tree *tree0)
    4398             : {
    4399          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4400          12 :         struct cli_credentials *credentials = NULL;
    4401          12 :         bool ret = false;
    4402          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4403           2 :         struct smbcli_options options1;
    4404           2 :         struct smbcli_options options2;
    4405           2 :         bool ok;
    4406             : 
    4407          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4408           0 :                 torture_skip(tctx,
    4409             :                              "Can't test without SMB 3.1.1 support");
    4410             :         }
    4411             : 
    4412          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4413           0 :                 torture_skip(tctx,
    4414             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4415             :         }
    4416             : 
    4417          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4418          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4419          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    4420             :                                                 SMB_ENCRYPTION_REQUIRED,
    4421             :                                                 CRED_SPECIFIED);
    4422          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4423             : 
    4424          12 :         options1 = transport0->options;
    4425          12 :         options1.client_guid = GUID_random();
    4426          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    4427          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    4428          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    4429          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4430             :                 .num_algos = 1,
    4431             :                 .algos = {
    4432             :                         SMB2_SIGNING_HMAC_SHA256,
    4433             :                 },
    4434             :         };
    4435          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4436             :                 .num_algos = 1,
    4437             :                 .algos = {
    4438             :                         SMB2_ENCRYPTION_AES128_CCM,
    4439             :                 },
    4440             :         };
    4441             : 
    4442             :         /* same client guid */
    4443          12 :         options2 = options1;
    4444          12 :         options2.only_negprot = true;
    4445          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4446             :                 .num_algos = 1,
    4447             :                 .algos = {
    4448             :                         SMB2_SIGNING_AES128_GMAC,
    4449             :                 },
    4450             :         };
    4451          12 :         options2.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4452             :                 .num_algos = 1,
    4453             :                 .algos = {
    4454             :                         SMB2_ENCRYPTION_AES128_GCM,
    4455             :                 },
    4456             :         };
    4457             : 
    4458          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4459             :                                                  credentials,
    4460             :                                                  &options1, &options2,
    4461          12 :                                                  NT_STATUS_NOT_SUPPORTED);
    4462          12 :         talloc_free(tree0);
    4463          12 :         return ret;
    4464             : }
    4465             : 
    4466          12 : static bool test_session_bind_negative_smb3sneHtoGd(struct torture_context *tctx, struct smb2_tree *tree0)
    4467             : {
    4468          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4469          12 :         struct cli_credentials *credentials = NULL;
    4470          12 :         bool ret = false;
    4471          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4472           2 :         struct smbcli_options options1;
    4473           2 :         struct smbcli_options options2;
    4474           2 :         bool ok;
    4475             : 
    4476          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4477           0 :                 torture_skip(tctx,
    4478             :                              "Can't test without SMB 3.1.1 support");
    4479             :         }
    4480             : 
    4481          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4482           0 :                 torture_skip(tctx,
    4483             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4484             :         }
    4485             : 
    4486          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4487          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4488          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    4489             :                                                 SMB_ENCRYPTION_REQUIRED,
    4490             :                                                 CRED_SPECIFIED);
    4491          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4492             : 
    4493          12 :         options1 = transport0->options;
    4494          12 :         options1.client_guid = GUID_random();
    4495          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    4496          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    4497          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    4498          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4499             :                 .num_algos = 1,
    4500             :                 .algos = {
    4501             :                         SMB2_SIGNING_HMAC_SHA256,
    4502             :                 },
    4503             :         };
    4504          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4505             :                 .num_algos = 1,
    4506             :                 .algos = {
    4507             :                         SMB2_ENCRYPTION_AES128_CCM,
    4508             :                 },
    4509             :         };
    4510             : 
    4511             :         /* different client guid */
    4512          12 :         options2 = options1;
    4513          12 :         options2.client_guid = GUID_random();
    4514          12 :         options2.only_negprot = true;
    4515          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4516             :                 .num_algos = 1,
    4517             :                 .algos = {
    4518             :                         SMB2_SIGNING_AES128_GMAC,
    4519             :                 },
    4520             :         };
    4521          12 :         options2.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    4522             :                 .num_algos = 1,
    4523             :                 .algos = {
    4524             :                         SMB2_ENCRYPTION_AES128_GCM,
    4525             :                 },
    4526             :         };
    4527             : 
    4528          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4529             :                                                  credentials,
    4530             :                                                  &options1, &options2,
    4531          12 :                                                  NT_STATUS_NOT_SUPPORTED);
    4532          12 :         talloc_free(tree0);
    4533          12 :         return ret;
    4534             : }
    4535             : 
    4536          12 : static bool test_session_bind_negative_smb3signC30toGs(struct torture_context *tctx, struct smb2_tree *tree0)
    4537             : {
    4538          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4539          12 :         struct cli_credentials *credentials = NULL;
    4540          12 :         bool ret = false;
    4541          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4542           2 :         struct smbcli_options options1;
    4543           2 :         struct smbcli_options options2;
    4544           2 :         bool ok;
    4545             : 
    4546          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4547           0 :                 torture_skip(tctx,
    4548             :                              "Can't test without SMB 3.1.1 support");
    4549             :         }
    4550             : 
    4551          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4552           0 :                 torture_skip(tctx,
    4553             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4554             :         }
    4555             : 
    4556          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4557          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4558          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    4559             :                                                 SMB_ENCRYPTION_REQUIRED,
    4560             :                                                 CRED_SPECIFIED);
    4561          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4562             : 
    4563          12 :         options1 = transport0->options;
    4564          12 :         options1.client_guid = GUID_random();
    4565          12 :         options1.min_protocol = PROTOCOL_SMB3_00;
    4566          12 :         options1.max_protocol = PROTOCOL_SMB3_02;
    4567          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    4568             : 
    4569             :         /* same client guid */
    4570          12 :         options2 = options1;
    4571          12 :         options2.only_negprot = true;
    4572          12 :         options2.min_protocol = PROTOCOL_SMB3_11;
    4573          12 :         options2.max_protocol = PROTOCOL_SMB3_11;
    4574          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4575             :                 .num_algos = 1,
    4576             :                 .algos = {
    4577             :                         SMB2_SIGNING_AES128_GMAC,
    4578             :                 },
    4579             :         };
    4580             : 
    4581          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4582             :                                                  credentials,
    4583             :                                                  &options1, &options2,
    4584          12 :                                                  NT_STATUS_NOT_SUPPORTED);
    4585          12 :         talloc_free(tree0);
    4586          12 :         return ret;
    4587             : }
    4588             : 
    4589          12 : static bool test_session_bind_negative_smb3signC30toGd(struct torture_context *tctx, struct smb2_tree *tree0)
    4590             : {
    4591          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4592          12 :         struct cli_credentials *credentials = NULL;
    4593          12 :         bool ret = false;
    4594          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4595           2 :         struct smbcli_options options1;
    4596           2 :         struct smbcli_options options2;
    4597           2 :         bool ok;
    4598             : 
    4599          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4600           0 :                 torture_skip(tctx,
    4601             :                              "Can't test without SMB 3.1.1 support");
    4602             :         }
    4603             : 
    4604          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4605           0 :                 torture_skip(tctx,
    4606             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4607             :         }
    4608             : 
    4609          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4610          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4611          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    4612             :                                                 SMB_ENCRYPTION_REQUIRED,
    4613             :                                                 CRED_SPECIFIED);
    4614          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4615             : 
    4616          12 :         options1 = transport0->options;
    4617          12 :         options1.client_guid = GUID_random();
    4618          12 :         options1.min_protocol = PROTOCOL_SMB3_00;
    4619          12 :         options1.max_protocol = PROTOCOL_SMB3_02;
    4620          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    4621             : 
    4622             :         /* different client guid */
    4623          12 :         options2 = options1;
    4624          12 :         options2.client_guid = GUID_random();
    4625          12 :         options2.only_negprot = true;
    4626          12 :         options2.min_protocol = PROTOCOL_SMB3_11;
    4627          12 :         options2.max_protocol = PROTOCOL_SMB3_11;
    4628          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4629             :                 .num_algos = 1,
    4630             :                 .algos = {
    4631             :                         SMB2_SIGNING_AES128_GMAC,
    4632             :                 },
    4633             :         };
    4634             : 
    4635          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4636             :                                                  credentials,
    4637             :                                                  &options1, &options2,
    4638          12 :                                                  NT_STATUS_NOT_SUPPORTED);
    4639          12 :         talloc_free(tree0);
    4640          12 :         return ret;
    4641             : }
    4642             : 
    4643          12 : static bool test_session_bind_negative_smb3signH2XtoGs(struct torture_context *tctx, struct smb2_tree *tree0)
    4644             : {
    4645          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4646          12 :         struct cli_credentials *credentials = NULL;
    4647          12 :         bool ret = false;
    4648          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4649           2 :         struct smbcli_options options1;
    4650           2 :         struct smbcli_options options2;
    4651           2 :         bool ok;
    4652           2 :         bool encrypted;
    4653             : 
    4654          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    4655          12 :         if (encrypted) {
    4656           2 :                 torture_skip(tctx,
    4657             :                              "Can't test SMB 2.10 if encryption is required");
    4658             :         }
    4659             : 
    4660          10 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4661           0 :                 torture_skip(tctx,
    4662             :                              "Can't test without SMB 3.1.1 support");
    4663             :         }
    4664             : 
    4665          10 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4666           0 :                 torture_skip(tctx,
    4667             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4668             :         }
    4669             : 
    4670          10 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4671          10 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4672          10 :         ok = cli_credentials_set_smb_encryption(credentials,
    4673             :                                                 SMB_ENCRYPTION_OFF,
    4674             :                                                 CRED_SPECIFIED);
    4675          10 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4676             : 
    4677          10 :         options1 = transport0->options;
    4678          10 :         options1.client_guid = GUID_random();
    4679          10 :         options1.min_protocol = PROTOCOL_SMB2_02;
    4680          10 :         options1.max_protocol = PROTOCOL_SMB2_10;
    4681          10 :         options1.signing = SMB_SIGNING_REQUIRED;
    4682             : 
    4683             :         /* same client guid */
    4684          10 :         options2 = options1;
    4685          10 :         options2.only_negprot = true;
    4686          10 :         options2.min_protocol = PROTOCOL_SMB3_11;
    4687          10 :         options2.max_protocol = PROTOCOL_SMB3_11;
    4688          10 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4689             :                 .num_algos = 1,
    4690             :                 .algos = {
    4691             :                         SMB2_SIGNING_AES128_GMAC,
    4692             :                 },
    4693             :         };
    4694             : 
    4695          12 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4696             :                                                  credentials,
    4697             :                                                  &options1, &options2,
    4698          10 :                                                  NT_STATUS_NOT_SUPPORTED);
    4699          10 :         talloc_free(tree0);
    4700          10 :         return ret;
    4701             : }
    4702             : 
    4703          12 : static bool test_session_bind_negative_smb3signH2XtoGd(struct torture_context *tctx, struct smb2_tree *tree0)
    4704             : {
    4705          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4706          12 :         struct cli_credentials *credentials = NULL;
    4707          12 :         bool ret = false;
    4708          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4709           2 :         struct smbcli_options options1;
    4710           2 :         struct smbcli_options options2;
    4711           2 :         bool ok;
    4712           2 :         bool encrypted;
    4713             : 
    4714          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    4715          12 :         if (encrypted) {
    4716           2 :                 torture_skip(tctx,
    4717             :                              "Can't test SMB 2.10 if encryption is required");
    4718             :         }
    4719             : 
    4720          10 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4721           0 :                 torture_skip(tctx,
    4722             :                              "Can't test without SMB 3.1.1 support");
    4723             :         }
    4724             : 
    4725          10 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4726           0 :                 torture_skip(tctx,
    4727             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4728             :         }
    4729             : 
    4730          10 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4731          10 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4732          10 :         ok = cli_credentials_set_smb_encryption(credentials,
    4733             :                                                 SMB_ENCRYPTION_OFF,
    4734             :                                                 CRED_SPECIFIED);
    4735          10 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4736             : 
    4737          10 :         options1 = transport0->options;
    4738          10 :         options1.client_guid = GUID_random();
    4739          10 :         options1.min_protocol = PROTOCOL_SMB2_02;
    4740          10 :         options1.max_protocol = PROTOCOL_SMB2_10;
    4741          10 :         options1.signing = SMB_SIGNING_REQUIRED;
    4742             : 
    4743             :         /* different client guid */
    4744          10 :         options2 = options1;
    4745          10 :         options2.client_guid = GUID_random();
    4746          10 :         options2.only_negprot = true;
    4747          10 :         options2.min_protocol = PROTOCOL_SMB3_11;
    4748          10 :         options2.max_protocol = PROTOCOL_SMB3_11;
    4749          10 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4750             :                 .num_algos = 1,
    4751             :                 .algos = {
    4752             :                         SMB2_SIGNING_AES128_GMAC,
    4753             :                 },
    4754             :         };
    4755             : 
    4756          12 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4757             :                                                  credentials,
    4758             :                                                  &options1, &options2,
    4759          10 :                                                  NT_STATUS_NOT_SUPPORTED);
    4760          10 :         talloc_free(tree0);
    4761          10 :         return ret;
    4762             : }
    4763             : 
    4764          12 : static bool test_session_bind_negative_smb3signGtoC30s(struct torture_context *tctx, struct smb2_tree *tree0)
    4765             : {
    4766          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4767          12 :         struct cli_credentials *credentials = NULL;
    4768          12 :         bool ret = false;
    4769          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4770           2 :         struct smbcli_options options1;
    4771           2 :         struct smbcli_options options2;
    4772           2 :         bool ok;
    4773             : 
    4774          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4775           0 :                 torture_skip(tctx,
    4776             :                              "Can't test without SMB 3.1.1 support");
    4777             :         }
    4778             : 
    4779          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4780           0 :                 torture_skip(tctx,
    4781             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4782             :         }
    4783             : 
    4784          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4785          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4786          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    4787             :                                                 SMB_ENCRYPTION_REQUIRED,
    4788             :                                                 CRED_SPECIFIED);
    4789          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4790             : 
    4791          12 :         options1 = transport0->options;
    4792          12 :         options1.client_guid = GUID_random();
    4793          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    4794          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    4795          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    4796          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4797             :                 .num_algos = 1,
    4798             :                 .algos = {
    4799             :                         SMB2_SIGNING_AES128_GMAC,
    4800             :                 },
    4801             :         };
    4802             : 
    4803             :         /* same client guid */
    4804          12 :         options2 = options1;
    4805          12 :         options2.only_negprot = true;
    4806          12 :         options2.min_protocol = PROTOCOL_SMB3_00;
    4807          12 :         options2.max_protocol = PROTOCOL_SMB3_02;
    4808          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4809             :                 .num_algos = 1,
    4810             :                 .algos = {
    4811             :                         SMB2_SIGNING_AES128_CMAC,
    4812             :                 },
    4813             :         };
    4814             : 
    4815          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4816             :                                                  credentials,
    4817             :                                                  &options1, &options2,
    4818          12 :                                                  NT_STATUS_REQUEST_OUT_OF_SEQUENCE);
    4819          12 :         talloc_free(tree0);
    4820          12 :         return ret;
    4821             : }
    4822             : 
    4823          12 : static bool test_session_bind_negative_smb3signGtoC30d(struct torture_context *tctx, struct smb2_tree *tree0)
    4824             : {
    4825          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4826          12 :         struct cli_credentials *credentials = NULL;
    4827          12 :         bool ret = false;
    4828          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4829           2 :         struct smbcli_options options1;
    4830           2 :         struct smbcli_options options2;
    4831           2 :         bool ok;
    4832             : 
    4833          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4834           0 :                 torture_skip(tctx,
    4835             :                              "Can't test without SMB 3.1.1 support");
    4836             :         }
    4837             : 
    4838          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4839           0 :                 torture_skip(tctx,
    4840             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4841             :         }
    4842             : 
    4843          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4844          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4845          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    4846             :                                                 SMB_ENCRYPTION_REQUIRED,
    4847             :                                                 CRED_SPECIFIED);
    4848          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4849             : 
    4850          12 :         options1 = transport0->options;
    4851          12 :         options1.client_guid = GUID_random();
    4852          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    4853          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    4854          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    4855          12 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4856             :                 .num_algos = 1,
    4857             :                 .algos = {
    4858             :                         SMB2_SIGNING_AES128_GMAC,
    4859             :                 },
    4860             :         };
    4861             : 
    4862             :         /* different client guid */
    4863          12 :         options2 = options1;
    4864          12 :         options2.client_guid = GUID_random();
    4865          12 :         options2.only_negprot = true;
    4866          12 :         options2.min_protocol = PROTOCOL_SMB3_00;
    4867          12 :         options2.max_protocol = PROTOCOL_SMB3_02;
    4868          12 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4869             :                 .num_algos = 1,
    4870             :                 .algos = {
    4871             :                         SMB2_SIGNING_AES128_CMAC,
    4872             :                 },
    4873             :         };
    4874             : 
    4875          14 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4876             :                                                  credentials,
    4877             :                                                  &options1, &options2,
    4878          12 :                                                  NT_STATUS_REQUEST_OUT_OF_SEQUENCE);
    4879          12 :         talloc_free(tree0);
    4880          12 :         return ret;
    4881             : }
    4882             : 
    4883          12 : static bool test_session_bind_negative_smb3signGtoH2Xs(struct torture_context *tctx, struct smb2_tree *tree0)
    4884             : {
    4885          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4886          12 :         struct cli_credentials *credentials = NULL;
    4887          12 :         bool ret = false;
    4888          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4889           2 :         struct smbcli_options options1;
    4890           2 :         struct smbcli_options options2;
    4891           2 :         bool ok;
    4892           2 :         bool encrypted;
    4893             : 
    4894          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    4895          12 :         if (encrypted) {
    4896           2 :                 torture_skip(tctx,
    4897             :                              "Can't test SMB 2.10 if encryption is required");
    4898             :         }
    4899             : 
    4900          10 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4901           0 :                 torture_skip(tctx,
    4902             :                              "Can't test without SMB 3.1.1 support");
    4903             :         }
    4904             : 
    4905          10 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4906           0 :                 torture_skip(tctx,
    4907             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4908             :         }
    4909             : 
    4910          10 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4911          10 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4912          10 :         ok = cli_credentials_set_smb_encryption(credentials,
    4913             :                                                 SMB_ENCRYPTION_REQUIRED,
    4914             :                                                 CRED_SPECIFIED);
    4915          10 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4916             : 
    4917          10 :         options1 = transport0->options;
    4918          10 :         options1.client_guid = GUID_random();
    4919          10 :         options1.min_protocol = PROTOCOL_SMB3_11;
    4920          10 :         options1.max_protocol = PROTOCOL_SMB3_11;
    4921          10 :         options1.signing = SMB_SIGNING_REQUIRED;
    4922          10 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4923             :                 .num_algos = 1,
    4924             :                 .algos = {
    4925             :                         SMB2_SIGNING_AES128_GMAC,
    4926             :                 },
    4927             :         };
    4928             : 
    4929             :         /* same client guid */
    4930          10 :         options2 = options1;
    4931          10 :         options2.only_negprot = true;
    4932          10 :         options2.min_protocol = PROTOCOL_SMB2_02;
    4933          10 :         options2.max_protocol = PROTOCOL_SMB2_10;
    4934          10 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4935             :                 .num_algos = 1,
    4936             :                 .algos = {
    4937             :                         SMB2_SIGNING_HMAC_SHA256,
    4938             :                 },
    4939             :         };
    4940             : 
    4941          12 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    4942             :                                                  credentials,
    4943             :                                                  &options1, &options2,
    4944          10 :                                                  NT_STATUS_REQUEST_OUT_OF_SEQUENCE);
    4945          10 :         talloc_free(tree0);
    4946          10 :         return ret;
    4947             : }
    4948             : 
    4949          12 : static bool test_session_bind_negative_smb3signGtoH2Xd(struct torture_context *tctx, struct smb2_tree *tree0)
    4950             : {
    4951          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    4952          12 :         struct cli_credentials *credentials = NULL;
    4953          12 :         bool ret = false;
    4954          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    4955           2 :         struct smbcli_options options1;
    4956           2 :         struct smbcli_options options2;
    4957           2 :         bool ok;
    4958           2 :         bool encrypted;
    4959             : 
    4960          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    4961          12 :         if (encrypted) {
    4962           2 :                 torture_skip(tctx,
    4963             :                              "Can't test SMB 2.10 if encryption is required");
    4964             :         }
    4965             : 
    4966          10 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    4967           0 :                 torture_skip(tctx,
    4968             :                              "Can't test without SMB 3.1.1 support");
    4969             :         }
    4970             : 
    4971          10 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    4972           0 :                 torture_skip(tctx,
    4973             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    4974             :         }
    4975             : 
    4976          10 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    4977          10 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    4978          10 :         ok = cli_credentials_set_smb_encryption(credentials,
    4979             :                                                 SMB_ENCRYPTION_REQUIRED,
    4980             :                                                 CRED_SPECIFIED);
    4981          10 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    4982             : 
    4983          10 :         options1 = transport0->options;
    4984          10 :         options1.client_guid = GUID_random();
    4985          10 :         options1.min_protocol = PROTOCOL_SMB3_11;
    4986          10 :         options1.max_protocol = PROTOCOL_SMB3_11;
    4987          10 :         options1.signing = SMB_SIGNING_REQUIRED;
    4988          10 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    4989             :                 .num_algos = 1,
    4990             :                 .algos = {
    4991             :                         SMB2_SIGNING_AES128_GMAC,
    4992             :                 },
    4993             :         };
    4994             : 
    4995             :         /* different client guid */
    4996          10 :         options2 = options1;
    4997          10 :         options2.client_guid = GUID_random();
    4998          10 :         options2.only_negprot = true;
    4999          10 :         options2.min_protocol = PROTOCOL_SMB2_02;
    5000          10 :         options2.max_protocol = PROTOCOL_SMB2_10;
    5001          10 :         options2.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    5002             :                 .num_algos = 1,
    5003             :                 .algos = {
    5004             :                         SMB2_SIGNING_HMAC_SHA256,
    5005             :                 },
    5006             :         };
    5007             : 
    5008          12 :         ret = test_session_bind_negative_smbXtoX(tctx, __func__,
    5009             :                                                  credentials,
    5010             :                                                  &options1, &options2,
    5011          10 :                                                  NT_STATUS_REQUEST_OUT_OF_SEQUENCE);
    5012          10 :         talloc_free(tree0);
    5013          10 :         return ret;
    5014             : }
    5015             : 
    5016          12 : static bool test_session_two_logoff(struct torture_context *tctx,
    5017             :                                     struct smb2_tree *tree1)
    5018             : {
    5019           2 :         NTSTATUS status;
    5020          12 :         bool ret = true;
    5021           2 :         struct smbcli_options transport2_options;
    5022          12 :         struct smb2_tree *tree2 = NULL;
    5023          12 :         struct smb2_session *session2 = NULL;
    5024          12 :         struct smb2_session *session1 = tree1->session;
    5025          12 :         struct smb2_transport *transport1 = tree1->session->transport;
    5026           2 :         struct smb2_transport *transport2;
    5027           2 :         bool ok;
    5028             : 
    5029             :         /* Connect 2nd connection */
    5030          12 :         torture_comment(tctx, "connect tree2 with the same client_guid\n");
    5031          12 :         transport2_options = transport1->options;
    5032          12 :         ok = torture_smb2_connection_ext(tctx, 0, &transport2_options, &tree2);
    5033          12 :         torture_assert(tctx, ok, "couldn't connect tree2\n");
    5034          12 :         transport2 = tree2->session->transport;
    5035          12 :         session2 = tree2->session;
    5036             : 
    5037          12 :         torture_comment(tctx, "session2: logoff\n");
    5038          12 :         status = smb2_logoff(session2);
    5039          12 :         torture_assert_ntstatus_ok(tctx, status, "session2: logoff");
    5040          12 :         torture_comment(tctx, "transport2: keepalive\n");
    5041          12 :         status = smb2_keepalive(transport2);
    5042          12 :         torture_assert_ntstatus_ok(tctx, status, "transport2: keepalive");
    5043          12 :         torture_comment(tctx, "transport2: disconnect\n");
    5044          12 :         TALLOC_FREE(tree2);
    5045             : 
    5046          12 :         torture_comment(tctx, "session1: logoff\n");
    5047          12 :         status = smb2_logoff(session1);
    5048          12 :         torture_assert_ntstatus_ok(tctx, status, "session1: logoff");
    5049          12 :         torture_comment(tctx, "transport1: keepalive\n");
    5050          12 :         status = smb2_keepalive(transport1);
    5051          12 :         torture_assert_ntstatus_ok(tctx, status, "transport1: keepalive");
    5052          12 :         torture_comment(tctx, "transport1: disconnect\n");
    5053          12 :         TALLOC_FREE(tree1);
    5054             : 
    5055          12 :         return ret;
    5056             : }
    5057             : 
    5058          78 : static bool test_session_sign_enc(struct torture_context *tctx,
    5059             :                                   const char *testname,
    5060             :                                   struct cli_credentials *credentials1,
    5061             :                                   const struct smbcli_options *options1)
    5062             : {
    5063          78 :         const char *host = torture_setting_string(tctx, "host", NULL);
    5064          78 :         const char *share = torture_setting_string(tctx, "share", NULL);
    5065          14 :         NTSTATUS status;
    5066          78 :         bool ret = false;
    5067          78 :         struct smb2_tree *tree1 = NULL;
    5068          14 :         char fname[256];
    5069          78 :         struct smb2_handle rh = {{0}};
    5070          14 :         struct smb2_handle _h1;
    5071          78 :         struct smb2_handle *h1 = NULL;
    5072          14 :         struct smb2_create io1;
    5073          14 :         union smb_fileinfo qfinfo1;
    5074          14 :         union smb_notify notify;
    5075          78 :         struct smb2_request *req = NULL;
    5076             : 
    5077          78 :         status = smb2_connect(tctx,
    5078             :                               host,
    5079             :                               lpcfg_smb_ports(tctx->lp_ctx),
    5080             :                               share,
    5081             :                               lpcfg_resolve_context(tctx->lp_ctx),
    5082             :                               credentials1,
    5083             :                               &tree1,
    5084             :                               tctx->ev,
    5085             :                               options1,
    5086             :                               lpcfg_socket_options(tctx->lp_ctx),
    5087             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx)
    5088             :                               );
    5089          78 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    5090             :                                         "smb2_connect options1 failed");
    5091             : 
    5092          78 :         status = smb2_util_roothandle(tree1, &rh);
    5093          78 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    5094             :                                         "smb2_util_roothandle failed");
    5095             : 
    5096             :         /* Add some random component to the file name. */
    5097          78 :         snprintf(fname, sizeof(fname), "%s_%s.dat",
    5098             :                  testname, generate_random_str(tctx, 8));
    5099             : 
    5100          78 :         smb2_util_unlink(tree1, fname);
    5101             : 
    5102          78 :         smb2_oplock_create_share(&io1, fname,
    5103             :                                  smb2_util_share_access(""),
    5104          78 :                                  smb2_util_oplock_level("b"));
    5105             : 
    5106          78 :         io1.in.create_options |= NTCREATEX_OPTIONS_DELETE_ON_CLOSE;
    5107          78 :         status = smb2_create(tree1, tctx, &io1);
    5108          78 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    5109             :                                         "smb2_create failed");
    5110          78 :         _h1 = io1.out.file.handle;
    5111          78 :         h1 = &_h1;
    5112          78 :         CHECK_CREATED(tctx, &io1, CREATED, FILE_ATTRIBUTE_ARCHIVE);
    5113          78 :         torture_assert_int_equal(tctx, io1.out.oplock_level,
    5114             :                                         smb2_util_oplock_level("b"),
    5115             :                                         "oplock_level incorrect");
    5116             : 
    5117             :         /* Check the initial session is still alive */
    5118          78 :         ZERO_STRUCT(qfinfo1);
    5119          78 :         qfinfo1.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
    5120          78 :         qfinfo1.generic.in.file.handle = _h1;
    5121          78 :         status = smb2_getinfo_file(tree1, tctx, &qfinfo1);
    5122          78 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    5123             :                                         "smb2_getinfo_file failed");
    5124             : 
    5125             :         /* ask for a change notify,
    5126             :            on file or directory name changes */
    5127          78 :         ZERO_STRUCT(notify);
    5128          78 :         notify.smb2.level = RAW_NOTIFY_SMB2;
    5129          78 :         notify.smb2.in.buffer_size = 1000;
    5130          78 :         notify.smb2.in.completion_filter = FILE_NOTIFY_CHANGE_NAME;
    5131          78 :         notify.smb2.in.file.handle = rh;
    5132          78 :         notify.smb2.in.recursive = true;
    5133             : 
    5134          78 :         req = smb2_notify_send(tree1, &(notify.smb2));
    5135         390 :         WAIT_FOR_ASYNC_RESPONSE(req);
    5136             : 
    5137          78 :         status = smb2_cancel(req);
    5138          78 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    5139             :                                         "smb2_cancel failed");
    5140             : 
    5141          78 :         status = smb2_notify_recv(req, tctx, &(notify.smb2));
    5142          78 :         torture_assert_ntstatus_equal_goto(tctx, status, NT_STATUS_CANCELLED,
    5143             :                                            ret, done,
    5144             :                                            "smb2_notify_recv failed");
    5145             : 
    5146             :         /* Check the initial session is still alive */
    5147          78 :         ZERO_STRUCT(qfinfo1);
    5148          78 :         qfinfo1.generic.level = RAW_FILEINFO_POSITION_INFORMATION;
    5149          78 :         qfinfo1.generic.in.file.handle = _h1;
    5150          78 :         status = smb2_getinfo_file(tree1, tctx, &qfinfo1);
    5151          78 :         torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
    5152             :                                         "smb2_getinfo_file failed");
    5153             : 
    5154          64 :         ret = true;
    5155          78 : done:
    5156          64 :         if (h1 != NULL) {
    5157          78 :                 smb2_util_close(tree1, *h1);
    5158             :         }
    5159          78 :         TALLOC_FREE(tree1);
    5160             : 
    5161          64 :         return ret;
    5162             : }
    5163             : 
    5164          12 : static bool test_session_signing_hmac_sha_256(struct torture_context *tctx, struct smb2_tree *tree0)
    5165             : {
    5166          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    5167          12 :         bool ret = false;
    5168          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    5169           2 :         struct smbcli_options options1;
    5170           2 :         bool encrypted;
    5171             : 
    5172          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    5173          12 :         if (encrypted) {
    5174           2 :                 torture_skip(tctx,
    5175             :                              "Can't test signing only if encryption is required");
    5176             :         }
    5177             : 
    5178          10 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    5179           0 :                 torture_skip(tctx,
    5180             :                              "Can't test without SMB 3.1.1 support");
    5181             :         }
    5182             : 
    5183          10 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    5184           0 :                 torture_skip(tctx,
    5185             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    5186             :         }
    5187             : 
    5188          10 :         options1 = transport0->options;
    5189          10 :         options1.client_guid = GUID_random();
    5190          10 :         options1.min_protocol = PROTOCOL_SMB3_11;
    5191          10 :         options1.max_protocol = PROTOCOL_SMB3_11;
    5192          10 :         options1.signing = SMB_SIGNING_REQUIRED;
    5193          10 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    5194             :                 .num_algos = 1,
    5195             :                 .algos = {
    5196             :                         SMB2_SIGNING_HMAC_SHA256,
    5197             :                 },
    5198             :         };
    5199             : 
    5200          10 :         ret = test_session_sign_enc(tctx,
    5201             :                                     __func__,
    5202             :                                     credentials,
    5203             :                                     &options1);
    5204          10 :         TALLOC_FREE(tree0);
    5205          10 :         return ret;
    5206             : }
    5207             : 
    5208          12 : static bool test_session_signing_aes_128_cmac(struct torture_context *tctx, struct smb2_tree *tree0)
    5209             : {
    5210          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    5211          12 :         bool ret = false;
    5212          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    5213           2 :         struct smbcli_options options1;
    5214           2 :         bool encrypted;
    5215             : 
    5216          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    5217          12 :         if (encrypted) {
    5218           2 :                 torture_skip(tctx,
    5219             :                              "Can't test signing only if encryption is required");
    5220             :         }
    5221             : 
    5222          10 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    5223           0 :                 torture_skip(tctx,
    5224             :                              "Can't test without SMB 3.1.1 support");
    5225             :         }
    5226             : 
    5227          10 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    5228           0 :                 torture_skip(tctx,
    5229             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    5230             :         }
    5231             : 
    5232          10 :         options1 = transport0->options;
    5233          10 :         options1.client_guid = GUID_random();
    5234          10 :         options1.min_protocol = PROTOCOL_SMB3_11;
    5235          10 :         options1.max_protocol = PROTOCOL_SMB3_11;
    5236          10 :         options1.signing = SMB_SIGNING_REQUIRED;
    5237          10 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    5238             :                 .num_algos = 1,
    5239             :                 .algos = {
    5240             :                         SMB2_SIGNING_AES128_CMAC,
    5241             :                 },
    5242             :         };
    5243             : 
    5244          10 :         ret = test_session_sign_enc(tctx,
    5245             :                                     __func__,
    5246             :                                     credentials,
    5247             :                                     &options1);
    5248          10 :         TALLOC_FREE(tree0);
    5249          10 :         return ret;
    5250             : }
    5251             : 
    5252          12 : static bool test_session_signing_aes_128_gmac(struct torture_context *tctx, struct smb2_tree *tree0)
    5253             : {
    5254          12 :         struct cli_credentials *credentials = samba_cmdline_get_creds();
    5255          12 :         bool ret = false;
    5256          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    5257           2 :         struct smbcli_options options1;
    5258           2 :         bool encrypted;
    5259             : 
    5260          12 :         encrypted = smb2cli_tcon_is_encryption_on(tree0->smbXcli);
    5261          12 :         if (encrypted) {
    5262           2 :                 torture_skip(tctx,
    5263             :                              "Can't test signing only if encryption is required");
    5264             :         }
    5265             : 
    5266          10 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    5267           0 :                 torture_skip(tctx,
    5268             :                              "Can't test without SMB 3.1.1 support");
    5269             :         }
    5270             : 
    5271          10 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    5272           0 :                 torture_skip(tctx,
    5273             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    5274             :         }
    5275             : 
    5276          10 :         options1 = transport0->options;
    5277          10 :         options1.client_guid = GUID_random();
    5278          10 :         options1.min_protocol = PROTOCOL_SMB3_11;
    5279          10 :         options1.max_protocol = PROTOCOL_SMB3_11;
    5280          10 :         options1.signing = SMB_SIGNING_REQUIRED;
    5281          10 :         options1.smb3_capabilities.signing = (struct smb3_signing_capabilities) {
    5282             :                 .num_algos = 1,
    5283             :                 .algos = {
    5284             :                         SMB2_SIGNING_AES128_GMAC,
    5285             :                 },
    5286             :         };
    5287             : 
    5288          10 :         ret = test_session_sign_enc(tctx,
    5289             :                                     __func__,
    5290             :                                     credentials,
    5291             :                                     &options1);
    5292          10 :         TALLOC_FREE(tree0);
    5293          10 :         return ret;
    5294             : }
    5295             : 
    5296          12 : static bool test_session_encryption_aes_128_ccm(struct torture_context *tctx, struct smb2_tree *tree0)
    5297             : {
    5298          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    5299          12 :         struct cli_credentials *credentials = NULL;
    5300          12 :         bool ret = false;
    5301          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    5302           2 :         struct smbcli_options options1;
    5303           2 :         bool ok;
    5304             : 
    5305          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    5306           0 :                 torture_skip(tctx,
    5307             :                              "Can't test without SMB 3.1.1 support");
    5308             :         }
    5309             : 
    5310          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    5311           0 :                 torture_skip(tctx,
    5312             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    5313             :         }
    5314             : 
    5315          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    5316          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    5317          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    5318             :                                                 SMB_ENCRYPTION_REQUIRED,
    5319             :                                                 CRED_SPECIFIED);
    5320          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    5321             : 
    5322          12 :         options1 = transport0->options;
    5323          12 :         options1.client_guid = GUID_random();
    5324          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    5325          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    5326          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    5327          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    5328             :                 .num_algos = 1,
    5329             :                 .algos = {
    5330             :                         SMB2_ENCRYPTION_AES128_CCM,
    5331             :                 },
    5332             :         };
    5333             : 
    5334          12 :         ret = test_session_sign_enc(tctx,
    5335             :                                     __func__,
    5336             :                                     credentials,
    5337             :                                     &options1);
    5338          12 :         TALLOC_FREE(tree0);
    5339          12 :         return ret;
    5340             : }
    5341             : 
    5342          12 : static bool test_session_encryption_aes_128_gcm(struct torture_context *tctx, struct smb2_tree *tree0)
    5343             : {
    5344          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    5345          12 :         struct cli_credentials *credentials = NULL;
    5346          12 :         bool ret = false;
    5347          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    5348           2 :         struct smbcli_options options1;
    5349           2 :         bool ok;
    5350             : 
    5351          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    5352           0 :                 torture_skip(tctx,
    5353             :                              "Can't test without SMB 3.1.1 support");
    5354             :         }
    5355             : 
    5356          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    5357           0 :                 torture_skip(tctx,
    5358             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    5359             :         }
    5360             : 
    5361          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    5362          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    5363          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    5364             :                                                 SMB_ENCRYPTION_REQUIRED,
    5365             :                                                 CRED_SPECIFIED);
    5366          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    5367             : 
    5368          12 :         options1 = transport0->options;
    5369          12 :         options1.client_guid = GUID_random();
    5370          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    5371          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    5372          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    5373          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    5374             :                 .num_algos = 1,
    5375             :                 .algos = {
    5376             :                         SMB2_ENCRYPTION_AES128_GCM,
    5377             :                 },
    5378             :         };
    5379             : 
    5380          12 :         ret = test_session_sign_enc(tctx,
    5381             :                                     __func__,
    5382             :                                     credentials,
    5383             :                                     &options1);
    5384          12 :         TALLOC_FREE(tree0);
    5385          12 :         return ret;
    5386             : }
    5387             : 
    5388          12 : static bool test_session_encryption_aes_256_ccm(struct torture_context *tctx, struct smb2_tree *tree0)
    5389             : {
    5390          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    5391          12 :         struct cli_credentials *credentials = NULL;
    5392          12 :         bool ret = false;
    5393          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    5394           2 :         struct smbcli_options options1;
    5395           2 :         bool ok;
    5396             : 
    5397          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    5398           0 :                 torture_skip(tctx,
    5399             :                              "Can't test without SMB 3.1.1 support");
    5400             :         }
    5401             : 
    5402          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    5403           0 :                 torture_skip(tctx,
    5404             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    5405             :         }
    5406             : 
    5407          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    5408          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    5409          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    5410             :                                                 SMB_ENCRYPTION_REQUIRED,
    5411             :                                                 CRED_SPECIFIED);
    5412          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    5413             : 
    5414          12 :         options1 = transport0->options;
    5415          12 :         options1.client_guid = GUID_random();
    5416          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    5417          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    5418          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    5419          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    5420             :                 .num_algos = 1,
    5421             :                 .algos = {
    5422             :                         SMB2_ENCRYPTION_AES256_CCM,
    5423             :                 },
    5424             :         };
    5425             : 
    5426          12 :         ret = test_session_sign_enc(tctx,
    5427             :                                     __func__,
    5428             :                                     credentials,
    5429             :                                     &options1);
    5430          12 :         TALLOC_FREE(tree0);
    5431          12 :         return ret;
    5432             : }
    5433             : 
    5434          12 : static bool test_session_encryption_aes_256_gcm(struct torture_context *tctx, struct smb2_tree *tree0)
    5435             : {
    5436          12 :         struct cli_credentials *credentials0 = samba_cmdline_get_creds();
    5437          12 :         struct cli_credentials *credentials = NULL;
    5438          12 :         bool ret = false;
    5439          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    5440           2 :         struct smbcli_options options1;
    5441           2 :         bool ok;
    5442             : 
    5443          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_11) {
    5444           0 :                 torture_skip(tctx,
    5445             :                              "Can't test without SMB 3.1.1 support");
    5446             :         }
    5447             : 
    5448          12 :         if (smb2cli_conn_server_signing_algo(transport0->conn) < SMB2_SIGNING_AES128_GMAC) {
    5449           0 :                 torture_skip(tctx,
    5450             :                              "Can't test without SMB 3.1.1 signing negotiation support");
    5451             :         }
    5452             : 
    5453          12 :         credentials = cli_credentials_shallow_copy(tctx, credentials0);
    5454          12 :         torture_assert(tctx, credentials != NULL, "cli_credentials_shallow_copy");
    5455          12 :         ok = cli_credentials_set_smb_encryption(credentials,
    5456             :                                                 SMB_ENCRYPTION_REQUIRED,
    5457             :                                                 CRED_SPECIFIED);
    5458          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    5459             : 
    5460          12 :         options1 = transport0->options;
    5461          12 :         options1.client_guid = GUID_random();
    5462          12 :         options1.min_protocol = PROTOCOL_SMB3_11;
    5463          12 :         options1.max_protocol = PROTOCOL_SMB3_11;
    5464          12 :         options1.signing = SMB_SIGNING_REQUIRED;
    5465          12 :         options1.smb3_capabilities.encryption = (struct smb3_encryption_capabilities) {
    5466             :                 .num_algos = 1,
    5467             :                 .algos = {
    5468             :                         SMB2_ENCRYPTION_AES256_GCM,
    5469             :                 },
    5470             :         };
    5471             : 
    5472          12 :         ret = test_session_sign_enc(tctx,
    5473             :                                     __func__,
    5474             :                                     credentials,
    5475             :                                     &options1);
    5476          12 :         TALLOC_FREE(tree0);
    5477          12 :         return ret;
    5478             : }
    5479             : 
    5480          12 : static bool test_session_ntlmssp_bug14932(struct torture_context *tctx, struct smb2_tree *tree)
    5481             : {
    5482           2 :         struct cli_credentials *ntlm_creds =
    5483          12 :                 cli_credentials_shallow_copy(tctx, samba_cmdline_get_creds());
    5484           2 :         NTSTATUS status;
    5485          12 :         bool ret = true;
    5486             :         /*
    5487             :          * This is a NTLMv2_RESPONSE with the strange
    5488             :          * NTLMv2_CLIENT_CHALLENGE used by the net diag
    5489             :          * tool.
    5490             :          *
    5491             :          * As we expect an error anyway we fill the
    5492             :          * Response part with 0xab...
    5493             :          */
    5494           2 :         static const char *netapp_magic =
    5495             :                 "\xab\xab\xab\xab\xab\xab\xab\xab"
    5496             :                 "\xab\xab\xab\xab\xab\xab\xab\xab"
    5497             :                 "\x01\x01\x00\x00\x00\x00\x00\x00"
    5498             :                 "\x3f\x3f\x3f\x3f\x3f\x3f\x3f\x3f"
    5499             :                 "\xb8\x82\x3a\xf1\xb3\xdd\x08\x15"
    5500             :                 "\x00\x00\x00\x00\x11\xa2\x08\x81"
    5501             :                 "\x50\x38\x22\x78\x2b\x94\x47\xfe"
    5502             :                 "\x54\x94\x7b\xff\x17\x27\x5a\xb4"
    5503             :                 "\xf4\x18\xba\xdc\x2c\x38\xfd\x5b"
    5504             :                 "\xfb\x0e\xc1\x85\x1e\xcc\x92\xbb"
    5505             :                 "\x9b\xb1\xc4\xd5\x53\x14\xff\x8c"
    5506             :                 "\x76\x49\xf5\x45\x90\x19\xa2";
    5507          12 :         DATA_BLOB lm_response = data_blob_talloc_zero(tctx, 24);
    5508          12 :         DATA_BLOB lm_session_key = data_blob_talloc_zero(tctx, 16);
    5509          12 :         DATA_BLOB nt_response = data_blob_const(netapp_magic, 95);
    5510          12 :         DATA_BLOB nt_session_key = data_blob_talloc_zero(tctx, 16);
    5511             : 
    5512          12 :         cli_credentials_set_kerberos_state(ntlm_creds,
    5513             :                                            CRED_USE_KERBEROS_DISABLED,
    5514             :                                            CRED_SPECIFIED);
    5515          12 :         cli_credentials_set_ntlm_response(ntlm_creds,
    5516             :                                           &lm_response,
    5517             :                                           &lm_session_key,
    5518             :                                           &nt_response,
    5519             :                                           &nt_session_key,
    5520             :                                           CRED_SPECIFIED);
    5521          12 :         status = smb2_session_setup_spnego(tree->session,
    5522             :                                            ntlm_creds,
    5523             :                                            0 /* previous_session_id */);
    5524          12 :         torture_assert_ntstatus_equal(tctx, status, NT_STATUS_INVALID_PARAMETER,
    5525             :                                       "smb2_session_setup_spnego failed");
    5526             : 
    5527          10 :         return ret;
    5528             : }
    5529             : 
    5530          12 : static bool test_session_anon_encryption1(struct torture_context *tctx,
    5531             :                                           struct smb2_tree *tree0)
    5532             : {
    5533          12 :         const char *host = torture_setting_string(tctx, "host", NULL);
    5534          12 :         const char *share = "IPC$";
    5535          12 :         char *unc = NULL;
    5536          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    5537          12 :         struct cli_credentials *anon_creds = NULL;
    5538           2 :         struct smbcli_options options;
    5539          12 :         struct smb2_transport *transport = NULL;
    5540          12 :         struct smb2_session *anon_session = NULL;
    5541          12 :         struct smb2_tree *anon_tree = NULL;
    5542           2 :         NTSTATUS status;
    5543          12 :         bool ok = true;
    5544          12 :         struct tevent_req *subreq = NULL;
    5545           2 :         uint32_t timeout_msec;
    5546             : 
    5547          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_00) {
    5548           0 :                 torture_skip(tctx,
    5549             :                              "Can't test without SMB3 support");
    5550             :         }
    5551             : 
    5552          12 :         unc = talloc_asprintf(tctx, "\\\\%s\\%s", host, share);
    5553          12 :         torture_assert(tctx, unc != NULL, "talloc_asprintf");
    5554             : 
    5555          12 :         anon_creds = cli_credentials_init_anon(tctx);
    5556          12 :         torture_assert(tctx, anon_creds != NULL, "cli_credentials_init_anon");
    5557          12 :         ok = cli_credentials_set_smb_encryption(anon_creds,
    5558             :                                                 SMB_ENCRYPTION_REQUIRED,
    5559             :                                                 CRED_SPECIFIED);
    5560          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    5561             : 
    5562          12 :         options = transport0->options;
    5563          12 :         options.client_guid = GUID_random();
    5564          12 :         options.only_negprot = true;
    5565             : 
    5566          12 :         status = smb2_connect(tctx,
    5567             :                               host,
    5568             :                               lpcfg_smb_ports(tctx->lp_ctx),
    5569             :                               share,
    5570             :                               lpcfg_resolve_context(tctx->lp_ctx),
    5571             :                               anon_creds,
    5572             :                               &anon_tree,
    5573             :                               tctx->ev,
    5574             :                               &options,
    5575             :                               lpcfg_socket_options(tctx->lp_ctx),
    5576             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx));
    5577          12 :         torture_assert_ntstatus_ok(tctx, status, "smb2_connect failed");
    5578          12 :         anon_session = anon_tree->session;
    5579          12 :         transport = anon_session->transport;
    5580             : 
    5581          12 :         anon_session->anonymous_session_key = true;
    5582          12 :         smb2cli_session_torture_anonymous_encryption(anon_session->smbXcli, true);
    5583             : 
    5584          12 :         status = smb2_session_setup_spnego(anon_session,
    5585             :                                            anon_creds,
    5586             :                                            0 /* previous_session_id */);
    5587          12 :         torture_assert_ntstatus_ok(tctx, status,
    5588             :                                    "smb2_session_setup_spnego failed");
    5589             : 
    5590          12 :         ok = smbXcli_session_is_authenticated(anon_session->smbXcli);
    5591          12 :         torture_assert(tctx, !ok, "smbXcli_session_is_authenticated(anon) wrong");
    5592             : 
    5593             :         /*
    5594             :          * The connection is still in ConstrainedConnection state...
    5595             :          *
    5596             :          * This will use encryption and causes a connection reset
    5597             :          */
    5598          12 :         timeout_msec = transport->options.request_timeout * 1000;
    5599          14 :         subreq = smb2cli_tcon_send(tctx,
    5600             :                                    tctx->ev,
    5601             :                                    transport->conn,
    5602             :                                    timeout_msec,
    5603             :                                    anon_session->smbXcli,
    5604          12 :                                    anon_tree->smbXcli,
    5605             :                                    0, /* flags */
    5606             :                                    unc);
    5607          12 :         torture_assert(tctx, subreq != NULL, "smb2cli_tcon_send");
    5608             : 
    5609          12 :         torture_assert(tctx,
    5610             :                        tevent_req_poll_ntstatus(subreq, tctx->ev, &status),
    5611             :                        "tevent_req_poll_ntstatus");
    5612             : 
    5613          12 :         status = smb2cli_tcon_recv(subreq);
    5614          12 :         TALLOC_FREE(subreq);
    5615          12 :         if (NT_STATUS_EQUAL(status, NT_STATUS_CONNECTION_DISCONNECTED)) {
    5616          12 :                 status = NT_STATUS_CONNECTION_RESET;
    5617             :         }
    5618          12 :         torture_assert_ntstatus_equal(tctx, status,
    5619             :                                       NT_STATUS_CONNECTION_RESET,
    5620             :                                       "smb2cli_tcon_recv");
    5621             : 
    5622          12 :         ok = smbXcli_conn_is_connected(transport->conn);
    5623          12 :         torture_assert(tctx, !ok, "smbXcli_conn_is_connected still connected");
    5624             : 
    5625          10 :         return true;
    5626             : }
    5627             : 
    5628          12 : static bool test_session_anon_encryption2(struct torture_context *tctx,
    5629             :                                           struct smb2_tree *tree0)
    5630             : {
    5631          12 :         const char *host = torture_setting_string(tctx, "host", NULL);
    5632          12 :         const char *share = "IPC$";
    5633          12 :         char *unc = NULL;
    5634          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    5635          12 :         struct cli_credentials *_creds = samba_cmdline_get_creds();
    5636          12 :         struct cli_credentials *user_creds = NULL;
    5637          12 :         struct cli_credentials *anon_creds = NULL;
    5638           2 :         struct smbcli_options options;
    5639          12 :         struct smb2_transport *transport = NULL;
    5640          12 :         struct smb2_session *user_session = NULL;
    5641          12 :         struct smb2_tree *user_tree = NULL;
    5642          12 :         struct smb2_session *anon_session = NULL;
    5643          12 :         struct smb2_tree *anon_tree = NULL;
    5644          12 :         struct smb2_ioctl ioctl = {
    5645             :                 .level = RAW_IOCTL_SMB2,
    5646             :                 .in = {
    5647             :                         .file = {
    5648             :                                 .handle = {
    5649             :                                         .data = {
    5650             :                                                 [0] = UINT64_MAX,
    5651             :                                                 [1] = UINT64_MAX,
    5652             :                                         },
    5653             :                                 },
    5654             :                         },
    5655             :                         .function = FSCTL_QUERY_NETWORK_INTERFACE_INFO,
    5656             :                         /* Windows client sets this to 64KiB */
    5657             :                         .max_output_response = 0x10000,
    5658             :                         .flags = SMB2_IOCTL_FLAG_IS_FSCTL,
    5659             :                 },
    5660             :         };
    5661           2 :         NTSTATUS status;
    5662          12 :         bool ok = true;
    5663          12 :         struct tevent_req *subreq = NULL;
    5664           2 :         uint32_t timeout_msec;
    5665          12 :         uint32_t caps = smb2cli_conn_server_capabilities(transport0->conn);
    5666           2 :         NTSTATUS expected_mc_status;
    5667             : 
    5668          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_00) {
    5669           0 :                 torture_skip(tctx,
    5670             :                              "Can't test without SMB3 support");
    5671             :         }
    5672             : 
    5673          12 :         if (caps & SMB2_CAP_MULTI_CHANNEL) {
    5674          10 :                 expected_mc_status = NT_STATUS_OK;
    5675             :         } else {
    5676           0 :                 expected_mc_status = NT_STATUS_FS_DRIVER_REQUIRED;
    5677             :         }
    5678             : 
    5679          12 :         unc = talloc_asprintf(tctx, "\\\\%s\\%s", host, share);
    5680          12 :         torture_assert(tctx, unc != NULL, "talloc_asprintf");
    5681             : 
    5682          12 :         user_creds = cli_credentials_shallow_copy(tctx, _creds);
    5683          12 :         torture_assert(tctx, user_creds != NULL, "cli_credentials_shallow_copy");
    5684          12 :         ok = cli_credentials_set_smb_encryption(user_creds,
    5685             :                                                 SMB_ENCRYPTION_REQUIRED,
    5686             :                                                 CRED_SPECIFIED);
    5687          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    5688             : 
    5689          12 :         anon_creds = cli_credentials_init_anon(tctx);
    5690          12 :         torture_assert(tctx, anon_creds != NULL, "cli_credentials_init_anon");
    5691          12 :         ok = cli_credentials_set_smb_encryption(anon_creds,
    5692             :                                                 SMB_ENCRYPTION_REQUIRED,
    5693             :                                                 CRED_SPECIFIED);
    5694          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    5695             : 
    5696          12 :         options = transport0->options;
    5697          12 :         options.client_guid = GUID_random();
    5698             : 
    5699          12 :         status = smb2_connect(tctx,
    5700             :                               host,
    5701             :                               lpcfg_smb_ports(tctx->lp_ctx),
    5702             :                               share,
    5703             :                               lpcfg_resolve_context(tctx->lp_ctx),
    5704             :                               user_creds,
    5705             :                               &user_tree,
    5706             :                               tctx->ev,
    5707             :                               &options,
    5708             :                               lpcfg_socket_options(tctx->lp_ctx),
    5709             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx));
    5710          12 :         torture_assert_ntstatus_ok(tctx, status, "smb2_connect failed");
    5711          12 :         user_session = user_tree->session;
    5712          12 :         transport = user_session->transport;
    5713          12 :         ok = smb2cli_tcon_is_encryption_on(user_tree->smbXcli);
    5714          12 :         torture_assert(tctx, ok, "smb2cli_tcon_is_encryption_on(user)");
    5715          12 :         ok = smbXcli_session_is_authenticated(user_session->smbXcli);
    5716          12 :         torture_assert(tctx, ok, "smbXcli_session_is_authenticated(user)");
    5717             : 
    5718          12 :         anon_session = smb2_session_init(transport,
    5719             :                                          lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    5720             :                                          tctx);
    5721          12 :         torture_assert(tctx, anon_session != NULL, "smb2_session_init(anon)");
    5722             : 
    5723          12 :         anon_session->anonymous_session_key = true;
    5724          12 :         smb2cli_session_torture_anonymous_encryption(anon_session->smbXcli, true);
    5725             : 
    5726          12 :         status = smb2_session_setup_spnego(anon_session,
    5727             :                                            anon_creds,
    5728             :                                            0 /* previous_session_id */);
    5729          12 :         torture_assert_ntstatus_ok(tctx, status,
    5730             :                                    "smb2_session_setup_spnego failed");
    5731             : 
    5732          12 :         ok = smb2cli_tcon_is_encryption_on(user_tree->smbXcli);
    5733          12 :         torture_assert(tctx, ok, "smb2cli_tcon_is_encryption_on(anon)");
    5734          12 :         ok = smbXcli_session_is_authenticated(anon_session->smbXcli);
    5735          12 :         torture_assert(tctx, !ok, "smbXcli_session_is_authenticated(anon) wrong");
    5736             : 
    5737          12 :         anon_tree = smb2_tree_init(anon_session, tctx, false);
    5738          12 :         torture_assert(tctx, anon_tree != NULL, "smb2_tree_init");
    5739             : 
    5740          12 :         timeout_msec = transport->options.request_timeout * 1000;
    5741          12 :         subreq = smb2cli_tcon_send(tctx,
    5742             :                                    tctx->ev,
    5743             :                                    transport->conn,
    5744             :                                    timeout_msec,
    5745             :                                    anon_session->smbXcli,
    5746             :                                    anon_tree->smbXcli,
    5747             :                                    0, /* flags */
    5748             :                                    unc);
    5749          12 :         torture_assert(tctx, subreq != NULL, "smb2cli_tcon_send");
    5750             : 
    5751          12 :         torture_assert(tctx,
    5752             :                        tevent_req_poll_ntstatus(subreq, tctx->ev, &status),
    5753             :                        "tevent_req_poll_ntstatus");
    5754             : 
    5755          12 :         status = smb2cli_tcon_recv(subreq);
    5756          12 :         TALLOC_FREE(subreq);
    5757          12 :         torture_assert_ntstatus_ok(tctx, status,
    5758             :                                    "smb2cli_tcon_recv(anon)");
    5759             : 
    5760          12 :         ok = smbXcli_conn_is_connected(transport->conn);
    5761          12 :         torture_assert(tctx, ok, "smbXcli_conn_is_connected");
    5762             : 
    5763          12 :         ok = smb2cli_tcon_is_encryption_on(anon_tree->smbXcli);
    5764          12 :         torture_assert(tctx, ok, "smb2cli_tcon_is_encryption_on(anon)");
    5765          12 :         ok = smbXcli_session_is_authenticated(anon_session->smbXcli);
    5766          12 :         torture_assert(tctx, !ok, "smbXcli_session_is_authenticated(anon) wrong");
    5767             : 
    5768          12 :         status = smb2_ioctl(user_tree, tctx, &ioctl);
    5769          12 :         torture_assert_ntstatus_equal(tctx, status, expected_mc_status,
    5770             :                                       "FSCTL_QUERY_NETWORK_INTERFACE_INFO user");
    5771             : 
    5772          12 :         ok = smbXcli_conn_is_connected(transport->conn);
    5773          12 :         torture_assert(tctx, ok, "smbXcli_conn_is_connected");
    5774             : 
    5775          12 :         status = smb2_ioctl(anon_tree, tctx, &ioctl);
    5776          12 :         torture_assert_ntstatus_equal(tctx, status, expected_mc_status,
    5777             :                                       "FSCTL_QUERY_NETWORK_INTERFACE_INFO anonymous");
    5778             : 
    5779          12 :         ok = smbXcli_conn_is_connected(transport->conn);
    5780          12 :         torture_assert(tctx, ok, "smbXcli_conn_is_connected");
    5781             : 
    5782          12 :         status = smb2_ioctl(user_tree, tctx, &ioctl);
    5783          12 :         torture_assert_ntstatus_equal(tctx, status, expected_mc_status,
    5784             :                                       "FSCTL_QUERY_NETWORK_INTERFACE_INFO user");
    5785             : 
    5786          12 :         ok = smbXcli_conn_is_connected(transport->conn);
    5787          12 :         torture_assert(tctx, ok, "smbXcli_conn_is_connected");
    5788             : 
    5789          12 :         status = smb2_ioctl(anon_tree, tctx, &ioctl);
    5790          12 :         torture_assert_ntstatus_equal(tctx, status, expected_mc_status,
    5791             :                                       "FSCTL_QUERY_NETWORK_INTERFACE_INFO anonymous");
    5792             : 
    5793          12 :         ok = smbXcli_conn_is_connected(transport->conn);
    5794          12 :         torture_assert(tctx, ok, "smbXcli_conn_is_connected");
    5795             : 
    5796          10 :         return true;
    5797             : }
    5798             : 
    5799          12 : static bool test_session_anon_encryption3(struct torture_context *tctx,
    5800             :                                           struct smb2_tree *tree0)
    5801             : {
    5802          12 :         const char *host = torture_setting_string(tctx, "host", NULL);
    5803          12 :         const char *share = "IPC$";
    5804          12 :         char *unc = NULL;
    5805          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    5806          12 :         struct cli_credentials *_creds = samba_cmdline_get_creds();
    5807          12 :         struct cli_credentials *user_creds = NULL;
    5808          12 :         struct cli_credentials *anon_creds = NULL;
    5809           2 :         struct smbcli_options options;
    5810          12 :         struct smb2_transport *transport = NULL;
    5811          12 :         struct smb2_session *user_session = NULL;
    5812          12 :         struct smb2_tree *user_tree = NULL;
    5813          12 :         struct smb2_session *anon_session = NULL;
    5814          12 :         struct smb2_tree *anon_tree = NULL;
    5815           2 :         NTSTATUS status;
    5816          12 :         bool ok = true;
    5817          12 :         struct tevent_req *subreq = NULL;
    5818           2 :         uint32_t timeout_msec;
    5819          12 :         uint8_t wrong_session_key[16] = { 0x1f, 0x2f, 0x3f, };
    5820             : 
    5821          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_00) {
    5822           0 :                 torture_skip(tctx,
    5823             :                              "Can't test without SMB3 support");
    5824             :         }
    5825             : 
    5826          12 :         unc = talloc_asprintf(tctx, "\\\\%s\\%s", host, share);
    5827          12 :         torture_assert(tctx, unc != NULL, "talloc_asprintf");
    5828             : 
    5829          12 :         user_creds = cli_credentials_shallow_copy(tctx, _creds);
    5830          12 :         torture_assert(tctx, user_creds != NULL, "cli_credentials_shallow_copy");
    5831          12 :         ok = cli_credentials_set_smb_encryption(user_creds,
    5832             :                                                 SMB_ENCRYPTION_REQUIRED,
    5833             :                                                 CRED_SPECIFIED);
    5834          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    5835             : 
    5836          12 :         anon_creds = cli_credentials_init_anon(tctx);
    5837          12 :         torture_assert(tctx, anon_creds != NULL, "cli_credentials_init_anon");
    5838          12 :         ok = cli_credentials_set_smb_encryption(anon_creds,
    5839             :                                                 SMB_ENCRYPTION_REQUIRED,
    5840             :                                                 CRED_SPECIFIED);
    5841          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    5842             : 
    5843          12 :         options = transport0->options;
    5844          12 :         options.client_guid = GUID_random();
    5845             : 
    5846          12 :         status = smb2_connect(tctx,
    5847             :                               host,
    5848             :                               lpcfg_smb_ports(tctx->lp_ctx),
    5849             :                               share,
    5850             :                               lpcfg_resolve_context(tctx->lp_ctx),
    5851             :                               user_creds,
    5852             :                               &user_tree,
    5853             :                               tctx->ev,
    5854             :                               &options,
    5855             :                               lpcfg_socket_options(tctx->lp_ctx),
    5856             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx));
    5857          12 :         torture_assert_ntstatus_ok(tctx, status, "smb2_connect failed");
    5858          12 :         user_session = user_tree->session;
    5859          12 :         transport = user_session->transport;
    5860          12 :         ok = smb2cli_tcon_is_encryption_on(user_tree->smbXcli);
    5861          12 :         torture_assert(tctx, ok, "smb2cli_tcon_is_encryption_on(user)");
    5862          12 :         ok = smbXcli_session_is_authenticated(user_session->smbXcli);
    5863          12 :         torture_assert(tctx, ok, "smbXcli_session_is_authenticated(user)");
    5864             : 
    5865          12 :         anon_session = smb2_session_init(transport,
    5866             :                                          lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    5867             :                                          tctx);
    5868          12 :         torture_assert(tctx, anon_session != NULL, "smb2_session_init(anon)");
    5869             : 
    5870          12 :         anon_session->anonymous_session_key = true;
    5871          12 :         anon_session->forced_session_key = data_blob_const(wrong_session_key,
    5872             :                                                 ARRAY_SIZE(wrong_session_key));
    5873          12 :         smb2cli_session_torture_anonymous_encryption(anon_session->smbXcli, true);
    5874             : 
    5875          12 :         status = smb2_session_setup_spnego(anon_session,
    5876             :                                            anon_creds,
    5877             :                                            0 /* previous_session_id */);
    5878          12 :         torture_assert_ntstatus_ok(tctx, status,
    5879             :                                    "smb2_session_setup_spnego failed");
    5880             : 
    5881          12 :         ok = smb2cli_tcon_is_encryption_on(user_tree->smbXcli);
    5882          12 :         torture_assert(tctx, ok, "smb2cli_tcon_is_encryption_on(anon)");
    5883          12 :         ok = smbXcli_session_is_authenticated(anon_session->smbXcli);
    5884          12 :         torture_assert(tctx, !ok, "smbXcli_session_is_authenticated(anon) wrong");
    5885             : 
    5886          12 :         anon_tree = smb2_tree_init(anon_session, tctx, false);
    5887          12 :         torture_assert(tctx, anon_tree != NULL, "smb2_tree_init");
    5888             : 
    5889          12 :         timeout_msec = transport->options.request_timeout * 1000;
    5890          12 :         subreq = smb2cli_tcon_send(tctx,
    5891             :                                    tctx->ev,
    5892             :                                    transport->conn,
    5893             :                                    timeout_msec,
    5894             :                                    anon_session->smbXcli,
    5895             :                                    anon_tree->smbXcli,
    5896             :                                    0, /* flags */
    5897             :                                    unc);
    5898          12 :         torture_assert(tctx, subreq != NULL, "smb2cli_tcon_send");
    5899             : 
    5900          12 :         torture_assert(tctx,
    5901             :                        tevent_req_poll_ntstatus(subreq, tctx->ev, &status),
    5902             :                        "tevent_req_poll_ntstatus");
    5903             : 
    5904          12 :         status = smb2cli_tcon_recv(subreq);
    5905          12 :         TALLOC_FREE(subreq);
    5906          12 :         if (NT_STATUS_EQUAL(status, NT_STATUS_CONNECTION_DISCONNECTED)) {
    5907          12 :                 status = NT_STATUS_CONNECTION_RESET;
    5908             :         }
    5909          12 :         torture_assert_ntstatus_equal(tctx, status,
    5910             :                                       NT_STATUS_CONNECTION_RESET,
    5911             :                                       "smb2cli_tcon_recv");
    5912             : 
    5913          12 :         ok = smbXcli_conn_is_connected(transport->conn);
    5914          12 :         torture_assert(tctx, !ok, "smbXcli_conn_is_connected still connected");
    5915             : 
    5916          10 :         return true;
    5917             : }
    5918             : 
    5919          12 : static bool test_session_anon_signing1(struct torture_context *tctx,
    5920             :                                        struct smb2_tree *tree0)
    5921             : {
    5922          12 :         const char *host = torture_setting_string(tctx, "host", NULL);
    5923          12 :         const char *share = "IPC$";
    5924          12 :         char *unc = NULL;
    5925          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    5926          12 :         struct cli_credentials *anon_creds = NULL;
    5927           2 :         struct smbcli_options options;
    5928          12 :         struct smb2_transport *transport = NULL;
    5929          12 :         struct smb2_session *anon_session = NULL;
    5930          12 :         struct smb2_tree *anon_tree = NULL;
    5931           2 :         NTSTATUS status;
    5932          12 :         bool ok = true;
    5933          12 :         struct tevent_req *subreq = NULL;
    5934           2 :         uint32_t timeout_msec;
    5935             : 
    5936          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_00) {
    5937           0 :                 torture_skip(tctx,
    5938             :                              "Can't test without SMB3 support");
    5939             :         }
    5940             : 
    5941          12 :         unc = talloc_asprintf(tctx, "\\\\%s\\%s", host, share);
    5942          12 :         torture_assert(tctx, unc != NULL, "talloc_asprintf");
    5943             : 
    5944          12 :         anon_creds = cli_credentials_init_anon(tctx);
    5945          12 :         torture_assert(tctx, anon_creds != NULL, "cli_credentials_init_anon");
    5946          12 :         ok = cli_credentials_set_smb_signing(anon_creds,
    5947             :                                              SMB_SIGNING_REQUIRED,
    5948             :                                              CRED_SPECIFIED);
    5949          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_signing");
    5950          12 :         ok = cli_credentials_set_smb_ipc_signing(anon_creds,
    5951             :                                                  SMB_SIGNING_REQUIRED,
    5952             :                                                  CRED_SPECIFIED);
    5953          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_ipc_signing");
    5954          12 :         ok = cli_credentials_set_smb_encryption(anon_creds,
    5955             :                                                 SMB_ENCRYPTION_OFF,
    5956             :                                                 CRED_SPECIFIED);
    5957          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    5958             : 
    5959          12 :         options = transport0->options;
    5960          12 :         options.client_guid = GUID_random();
    5961          12 :         options.only_negprot = true;
    5962          12 :         options.signing = SMB_SIGNING_REQUIRED;
    5963             : 
    5964          12 :         status = smb2_connect(tctx,
    5965             :                               host,
    5966             :                               lpcfg_smb_ports(tctx->lp_ctx),
    5967             :                               share,
    5968             :                               lpcfg_resolve_context(tctx->lp_ctx),
    5969             :                               anon_creds,
    5970             :                               &anon_tree,
    5971             :                               tctx->ev,
    5972             :                               &options,
    5973             :                               lpcfg_socket_options(tctx->lp_ctx),
    5974             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx));
    5975          12 :         torture_assert_ntstatus_ok(tctx, status, "smb2_connect failed");
    5976          12 :         anon_session = anon_tree->session;
    5977          12 :         transport = anon_session->transport;
    5978             : 
    5979          12 :         anon_session->anonymous_session_key = true;
    5980          12 :         smb2cli_session_torture_anonymous_signing(anon_session->smbXcli, true);
    5981             : 
    5982          12 :         status = smb2_session_setup_spnego(anon_session,
    5983             :                                            anon_creds,
    5984             :                                            0 /* previous_session_id */);
    5985          12 :         torture_assert_ntstatus_ok(tctx, status,
    5986             :                                    "smb2_session_setup_spnego failed");
    5987             : 
    5988          12 :         ok = smbXcli_session_is_authenticated(anon_session->smbXcli);
    5989          12 :         torture_assert(tctx, !ok, "smbXcli_session_is_authenticated(anon) wrong");
    5990             : 
    5991          12 :         timeout_msec = transport->options.request_timeout * 1000;
    5992          14 :         subreq = smb2cli_tcon_send(tctx,
    5993             :                                    tctx->ev,
    5994             :                                    transport->conn,
    5995             :                                    timeout_msec,
    5996             :                                    anon_session->smbXcli,
    5997          12 :                                    anon_tree->smbXcli,
    5998             :                                    0, /* flags */
    5999             :                                    unc);
    6000          12 :         torture_assert(tctx, subreq != NULL, "smb2cli_tcon_send");
    6001             : 
    6002          12 :         torture_assert(tctx,
    6003             :                        tevent_req_poll_ntstatus(subreq, tctx->ev, &status),
    6004             :                        "tevent_req_poll_ntstatus");
    6005             : 
    6006          12 :         status = smb2cli_tcon_recv(subreq);
    6007          12 :         TALLOC_FREE(subreq);
    6008          12 :         torture_assert_ntstatus_ok(tctx, status, "smb2cli_tcon_recv");
    6009             : 
    6010          12 :         ok = smbXcli_conn_is_connected(transport->conn);
    6011          12 :         torture_assert(tctx, ok, "smbXcli_conn_is_connected");
    6012             : 
    6013          10 :         return true;
    6014             : }
    6015             : 
    6016          12 : static bool test_session_anon_signing2(struct torture_context *tctx,
    6017             :                                        struct smb2_tree *tree0)
    6018             : {
    6019          12 :         const char *host = torture_setting_string(tctx, "host", NULL);
    6020          12 :         const char *share = "IPC$";
    6021          12 :         char *unc = NULL;
    6022          12 :         struct smb2_transport *transport0 = tree0->session->transport;
    6023          12 :         struct cli_credentials *anon_creds = NULL;
    6024           2 :         struct smbcli_options options;
    6025          12 :         struct smb2_transport *transport = NULL;
    6026          12 :         struct smb2_session *anon_session = NULL;
    6027          12 :         struct smb2_session *anon_session_nosign = NULL;
    6028          12 :         struct smb2_tree *anon_tree = NULL;
    6029           2 :         NTSTATUS status;
    6030          12 :         bool ok = true;
    6031          12 :         struct tevent_req *subreq = NULL;
    6032           2 :         uint32_t timeout_msec;
    6033          12 :         uint8_t wrong_session_key[16] = { 0x1f, 0x2f, 0x3f, };
    6034           2 :         uint64_t session_id;
    6035             : 
    6036          12 :         if (smbXcli_conn_protocol(transport0->conn) < PROTOCOL_SMB3_00) {
    6037           0 :                 torture_skip(tctx,
    6038             :                              "Can't test without SMB3 support");
    6039             :         }
    6040             : 
    6041          12 :         unc = talloc_asprintf(tctx, "\\\\%s\\%s", host, share);
    6042          12 :         torture_assert(tctx, unc != NULL, "talloc_asprintf");
    6043             : 
    6044          12 :         anon_creds = cli_credentials_init_anon(tctx);
    6045          12 :         torture_assert(tctx, anon_creds != NULL, "cli_credentials_init_anon");
    6046          12 :         ok = cli_credentials_set_smb_signing(anon_creds,
    6047             :                                              SMB_SIGNING_REQUIRED,
    6048             :                                              CRED_SPECIFIED);
    6049          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_signing");
    6050          12 :         ok = cli_credentials_set_smb_ipc_signing(anon_creds,
    6051             :                                                  SMB_SIGNING_REQUIRED,
    6052             :                                                  CRED_SPECIFIED);
    6053          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_ipc_signing");
    6054          12 :         ok = cli_credentials_set_smb_encryption(anon_creds,
    6055             :                                                 SMB_ENCRYPTION_OFF,
    6056             :                                                 CRED_SPECIFIED);
    6057          12 :         torture_assert(tctx, ok, "cli_credentials_set_smb_encryption");
    6058             : 
    6059          12 :         options = transport0->options;
    6060          12 :         options.client_guid = GUID_random();
    6061          12 :         options.only_negprot = true;
    6062          12 :         options.signing = SMB_SIGNING_REQUIRED;
    6063             : 
    6064          12 :         status = smb2_connect(tctx,
    6065             :                               host,
    6066             :                               lpcfg_smb_ports(tctx->lp_ctx),
    6067             :                               share,
    6068             :                               lpcfg_resolve_context(tctx->lp_ctx),
    6069             :                               anon_creds,
    6070             :                               &anon_tree,
    6071             :                               tctx->ev,
    6072             :                               &options,
    6073             :                               lpcfg_socket_options(tctx->lp_ctx),
    6074             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx));
    6075          12 :         torture_assert_ntstatus_ok(tctx, status, "smb2_connect failed");
    6076          12 :         anon_session = anon_tree->session;
    6077          12 :         transport = anon_session->transport;
    6078             : 
    6079          12 :         anon_session->anonymous_session_key = true;
    6080          12 :         anon_session->forced_session_key = data_blob_const(wrong_session_key,
    6081             :                                                 ARRAY_SIZE(wrong_session_key));
    6082          12 :         smb2cli_session_torture_anonymous_signing(anon_session->smbXcli, true);
    6083          12 :         smb2cli_session_torture_no_signing_disconnect(anon_session->smbXcli);
    6084             : 
    6085          12 :         status = smb2_session_setup_spnego(anon_session,
    6086             :                                            anon_creds,
    6087             :                                            0 /* previous_session_id */);
    6088          12 :         torture_assert_ntstatus_ok(tctx, status,
    6089             :                                    "smb2_session_setup_spnego failed");
    6090             : 
    6091          12 :         ok = smbXcli_session_is_authenticated(anon_session->smbXcli);
    6092          12 :         torture_assert(tctx, !ok, "smbXcli_session_is_authenticated(anon) wrong");
    6093             : 
    6094             :         /*
    6095             :          * create a new structure for the same session id,
    6096             :          * but without smb2.should_sign set.
    6097             :          */
    6098          12 :         session_id = smb2cli_session_current_id(anon_session->smbXcli);
    6099          12 :         anon_session_nosign = smb2_session_init(transport,
    6100             :                                                 lpcfg_gensec_settings(tctx, tctx->lp_ctx),
    6101             :                                                 tctx);
    6102          12 :         torture_assert(tctx, anon_session_nosign != NULL, "smb2_session_init(anon_nosign)");
    6103          12 :         smb2cli_session_set_id_and_flags(anon_session_nosign->smbXcli, session_id, 0);
    6104          12 :         smb2cli_session_torture_no_signing_disconnect(anon_session_nosign->smbXcli);
    6105             : 
    6106          12 :         timeout_msec = transport->options.request_timeout * 1000;
    6107          14 :         subreq = smb2cli_tcon_send(tctx,
    6108             :                                    tctx->ev,
    6109             :                                    transport->conn,
    6110             :                                    timeout_msec,
    6111             :                                    anon_session->smbXcli,
    6112          12 :                                    anon_tree->smbXcli,
    6113             :                                    0, /* flags */
    6114             :                                    unc);
    6115          12 :         torture_assert(tctx, subreq != NULL, "smb2cli_tcon_send");
    6116             : 
    6117          12 :         torture_assert(tctx,
    6118             :                        tevent_req_poll_ntstatus(subreq, tctx->ev, &status),
    6119             :                        "tevent_req_poll_ntstatus");
    6120             : 
    6121          12 :         status = smb2cli_tcon_recv(subreq);
    6122          12 :         TALLOC_FREE(subreq);
    6123          12 :         torture_assert_ntstatus_equal(tctx, status,
    6124             :                                       NT_STATUS_ACCESS_DENIED,
    6125             :                                       "smb2cli_tcon_recv");
    6126             : 
    6127          12 :         ok = smbXcli_conn_is_connected(transport->conn);
    6128          12 :         torture_assert(tctx, ok, "smbXcli_conn_is_connected");
    6129             : 
    6130          14 :         subreq = smb2cli_tcon_send(tctx,
    6131             :                                    tctx->ev,
    6132             :                                    transport->conn,
    6133             :                                    timeout_msec,
    6134             :                                    anon_session_nosign->smbXcli,
    6135          12 :                                    anon_tree->smbXcli,
    6136             :                                    0, /* flags */
    6137             :                                    unc);
    6138          12 :         torture_assert(tctx, subreq != NULL, "smb2cli_tcon_send");
    6139             : 
    6140          12 :         torture_assert(tctx,
    6141             :                        tevent_req_poll_ntstatus(subreq, tctx->ev, &status),
    6142             :                        "tevent_req_poll_ntstatus");
    6143             : 
    6144          12 :         status = smb2cli_tcon_recv(subreq);
    6145          12 :         TALLOC_FREE(subreq);
    6146          12 :         torture_assert_ntstatus_ok(tctx, status, "smb2cli_tcon_recv");
    6147             : 
    6148          12 :         ok = smbXcli_conn_is_connected(transport->conn);
    6149          12 :         torture_assert(tctx, ok, "smbXcli_conn_is_connected");
    6150             : 
    6151          10 :         return true;
    6152             : }
    6153             : 
    6154        2338 : struct torture_suite *torture_smb2_session_init(TALLOC_CTX *ctx)
    6155             : {
    6156         125 :         struct torture_suite *suite =
    6157        2338 :             torture_suite_create(ctx, "session");
    6158             : 
    6159        2338 :         torture_suite_add_1smb2_test(suite, "reconnect1", test_session_reconnect1);
    6160        2338 :         torture_suite_add_1smb2_test(suite, "reconnect2", test_session_reconnect2);
    6161        2338 :         torture_suite_add_1smb2_test(suite, "reauth1", test_session_reauth1);
    6162        2338 :         torture_suite_add_1smb2_test(suite, "reauth2", test_session_reauth2);
    6163        2338 :         torture_suite_add_1smb2_test(suite, "reauth3", test_session_reauth3);
    6164        2338 :         torture_suite_add_1smb2_test(suite, "reauth4", test_session_reauth4);
    6165        2338 :         torture_suite_add_1smb2_test(suite, "reauth5", test_session_reauth5);
    6166        2338 :         torture_suite_add_1smb2_test(suite, "reauth6", test_session_reauth6);
    6167        2338 :         torture_suite_add_simple_test(suite, "expire1n", test_session_expire1n);
    6168        2338 :         torture_suite_add_simple_test(suite, "expire1s", test_session_expire1s);
    6169        2338 :         torture_suite_add_simple_test(suite, "expire1e", test_session_expire1e);
    6170        2338 :         torture_suite_add_simple_test(suite, "expire2s", test_session_expire2s);
    6171        2338 :         torture_suite_add_simple_test(suite, "expire2e", test_session_expire2e);
    6172        2338 :         torture_suite_add_simple_test(suite, "expire_disconnect",
    6173             :                                       test_session_expire_disconnect);
    6174        2338 :         torture_suite_add_1smb2_test(suite, "bind1", test_session_bind1);
    6175        2338 :         torture_suite_add_1smb2_test(suite, "bind2", test_session_bind2);
    6176        2338 :         torture_suite_add_1smb2_test(suite, "bind_invalid_auth", test_session_bind_invalid_auth);
    6177        2338 :         torture_suite_add_1smb2_test(suite, "bind_different_user", test_session_bind_different_user);
    6178        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb202", test_session_bind_negative_smb202);
    6179        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb210s", test_session_bind_negative_smb210s);
    6180        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb210d", test_session_bind_negative_smb210d);
    6181        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb2to3s", test_session_bind_negative_smb2to3s);
    6182        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb2to3d", test_session_bind_negative_smb2to3d);
    6183        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3to2s", test_session_bind_negative_smb3to2s);
    6184        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3to2d", test_session_bind_negative_smb3to2d);
    6185        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3to3s", test_session_bind_negative_smb3to3s);
    6186        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3to3d", test_session_bind_negative_smb3to3d);
    6187        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3encGtoCs", test_session_bind_negative_smb3encGtoCs);
    6188        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3encGtoCd", test_session_bind_negative_smb3encGtoCd);
    6189        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signCtoHs", test_session_bind_negative_smb3signCtoHs);
    6190        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signCtoHd", test_session_bind_negative_smb3signCtoHd);
    6191        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signCtoGs", test_session_bind_negative_smb3signCtoGs);
    6192        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signCtoGd", test_session_bind_negative_smb3signCtoGd);
    6193        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signHtoCs", test_session_bind_negative_smb3signHtoCs);
    6194        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signHtoCd", test_session_bind_negative_smb3signHtoCd);
    6195        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signHtoGs", test_session_bind_negative_smb3signHtoGs);
    6196        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signHtoGd", test_session_bind_negative_smb3signHtoGd);
    6197        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signGtoCs", test_session_bind_negative_smb3signGtoCs);
    6198        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signGtoCd", test_session_bind_negative_smb3signGtoCd);
    6199        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signGtoHs", test_session_bind_negative_smb3signGtoHs);
    6200        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signGtoHd", test_session_bind_negative_smb3signGtoHd);
    6201        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3sneGtoCs", test_session_bind_negative_smb3sneGtoCs);
    6202        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3sneGtoCd", test_session_bind_negative_smb3sneGtoCd);
    6203        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3sneGtoHs", test_session_bind_negative_smb3sneGtoHs);
    6204        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3sneGtoHd", test_session_bind_negative_smb3sneGtoHd);
    6205        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3sneCtoGs", test_session_bind_negative_smb3sneCtoGs);
    6206        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3sneCtoGd", test_session_bind_negative_smb3sneCtoGd);
    6207        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3sneHtoGs", test_session_bind_negative_smb3sneHtoGs);
    6208        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3sneHtoGd", test_session_bind_negative_smb3sneHtoGd);
    6209        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signC30toGs", test_session_bind_negative_smb3signC30toGs);
    6210        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signC30toGd", test_session_bind_negative_smb3signC30toGd);
    6211        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signH2XtoGs", test_session_bind_negative_smb3signH2XtoGs);
    6212        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signH2XtoGd", test_session_bind_negative_smb3signH2XtoGd);
    6213        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signGtoC30s", test_session_bind_negative_smb3signGtoC30s);
    6214        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signGtoC30d", test_session_bind_negative_smb3signGtoC30d);
    6215        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signGtoH2Xs", test_session_bind_negative_smb3signGtoH2Xs);
    6216        2338 :         torture_suite_add_1smb2_test(suite, "bind_negative_smb3signGtoH2Xd", test_session_bind_negative_smb3signGtoH2Xd);
    6217        2338 :         torture_suite_add_1smb2_test(suite, "two_logoff", test_session_two_logoff);
    6218        2338 :         torture_suite_add_1smb2_test(suite, "signing-hmac-sha-256", test_session_signing_hmac_sha_256);
    6219        2338 :         torture_suite_add_1smb2_test(suite, "signing-aes-128-cmac", test_session_signing_aes_128_cmac);
    6220        2338 :         torture_suite_add_1smb2_test(suite, "signing-aes-128-gmac", test_session_signing_aes_128_gmac);
    6221        2338 :         torture_suite_add_1smb2_test(suite, "encryption-aes-128-ccm", test_session_encryption_aes_128_ccm);
    6222        2338 :         torture_suite_add_1smb2_test(suite, "encryption-aes-128-gcm", test_session_encryption_aes_128_gcm);
    6223        2338 :         torture_suite_add_1smb2_test(suite, "encryption-aes-256-ccm", test_session_encryption_aes_256_ccm);
    6224        2338 :         torture_suite_add_1smb2_test(suite, "encryption-aes-256-gcm", test_session_encryption_aes_256_gcm);
    6225        2338 :         torture_suite_add_1smb2_test(suite, "ntlmssp_bug14932", test_session_ntlmssp_bug14932);
    6226        2338 :         torture_suite_add_1smb2_test(suite, "anon-encryption1", test_session_anon_encryption1);
    6227        2338 :         torture_suite_add_1smb2_test(suite, "anon-encryption2", test_session_anon_encryption2);
    6228        2338 :         torture_suite_add_1smb2_test(suite, "anon-encryption3", test_session_anon_encryption3);
    6229        2338 :         torture_suite_add_1smb2_test(suite, "anon-signing1", test_session_anon_signing1);
    6230        2338 :         torture_suite_add_1smb2_test(suite, "anon-signing2", test_session_anon_signing2);
    6231             : 
    6232        2338 :         suite->description = talloc_strdup(suite, "SMB2-SESSION tests");
    6233             : 
    6234        2338 :         return suite;
    6235             : }
    6236             : 
    6237           2 : static bool test_session_require_sign_bug15397(struct torture_context *tctx,
    6238             :                                                struct smb2_tree *_tree)
    6239             : {
    6240           2 :         const char *host = torture_setting_string(tctx, "host", NULL);
    6241           2 :         const char *share = torture_setting_string(tctx, "share", NULL);
    6242           2 :         struct cli_credentials *_creds = samba_cmdline_get_creds();
    6243           2 :         struct cli_credentials *creds = NULL;
    6244           0 :         struct smbcli_options options;
    6245           2 :         struct smb2_tree *tree = NULL;
    6246           0 :         uint8_t security_mode;
    6247           0 :         NTSTATUS status;
    6248           2 :         bool ok = true;
    6249             : 
    6250             :         /*
    6251             :          * Setup our own connection so we can control the signing flags
    6252             :          */
    6253             : 
    6254           2 :         creds = cli_credentials_shallow_copy(tctx, _creds);
    6255           2 :         torture_assert(tctx, creds != NULL, "cli_credentials_shallow_copy");
    6256             : 
    6257           2 :         options = _tree->session->transport->options;
    6258           2 :         options.client_guid = GUID_random();
    6259           2 :         options.signing = SMB_SIGNING_IF_REQUIRED;
    6260             : 
    6261           2 :         status = smb2_connect(tctx,
    6262             :                               host,
    6263             :                               lpcfg_smb_ports(tctx->lp_ctx),
    6264             :                               share,
    6265             :                               lpcfg_resolve_context(tctx->lp_ctx),
    6266             :                               creds,
    6267             :                               &tree,
    6268             :                               tctx->ev,
    6269             :                               &options,
    6270             :                               lpcfg_socket_options(tctx->lp_ctx),
    6271             :                               lpcfg_gensec_settings(tctx, tctx->lp_ctx));
    6272           2 :         torture_assert_ntstatus_ok_goto(tctx, status, ok, done,
    6273             :                                         "smb2_connect failed");
    6274             : 
    6275           2 :         security_mode = smb2cli_session_security_mode(tree->session->smbXcli);
    6276             : 
    6277           2 :         torture_assert_int_equal_goto(
    6278             :                 tctx,
    6279             :                 security_mode,
    6280             :                 SMB2_NEGOTIATE_SIGNING_REQUIRED | SMB2_NEGOTIATE_SIGNING_ENABLED,
    6281             :                 ok,
    6282             :                 done,
    6283             :                 "Signing not required");
    6284             : 
    6285           2 : done:
    6286           2 :         return ok;
    6287             : }
    6288             : 
    6289        2338 : struct torture_suite *torture_smb2_session_req_sign_init(TALLOC_CTX *ctx)
    6290             : {
    6291         125 :         struct torture_suite *suite =
    6292        2338 :             torture_suite_create(ctx, "session-require-signing");
    6293             : 
    6294        2338 :         torture_suite_add_1smb2_test(suite, "bug15397",
    6295             :                                      test_session_require_sign_bug15397);
    6296             : 
    6297        2338 :         suite->description = talloc_strdup(suite, "SMB2-SESSION require signing tests");
    6298        2338 :         return suite;
    6299             : }

Generated by: LCOV version 1.14