From 3e06dddc1cbc680602eae056491377c32fce74cf Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Mon, 7 Jun 2021 19:03:05 +0200 Subject: [PATCH 1/3] smbtorture: verify attributes on fake quota file handle The expected DOS attributes are taken from a Windows 2016 server. The expected timestamps are what Samba has returned before commit 572d4e3a56eef00e29f9348: NTTIME(0), ie no value. The upcoming fix will restore this behaviour. Windows of course does return *some* timestamps, but as it's neither documented nor was I able to figure out where they would be coming from, as well as the Windows client apparently doesn't care, I didn't bother with implementing some sophisticated heuristic to return some timestamps. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14731 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison (cherry picked from commit 1e338d51602a7dca6108e5e8704f5cdde4740713) --- selftest/knownfail | 1 + selftest/knownfail.d/samba3.smb2.create | 2 + source4/torture/smb2/create.c | 63 +++++++++++++++++++++++++ 3 files changed, 66 insertions(+) create mode 100644 selftest/knownfail.d/samba3.smb2.create diff --git a/selftest/knownfail b/selftest/knownfail index 4fe503f4cc1..dab0e64c10b 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -144,6 +144,7 @@ ^samba4.raw.acls.*.create_owner_file ^samba4.smb2.create.*.acldir ^samba4.smb2.create.*.impersonation +^samba4.smb2.create.quota-fake-file\(ad_dc_ntvfs\) # not supported by the NTVFS ^samba4.smb2.acls.*.generic ^samba4.smb2.acls.*.inheritflags ^samba4.smb2.acls.*.owner diff --git a/selftest/knownfail.d/samba3.smb2.create b/selftest/knownfail.d/samba3.smb2.create new file mode 100644 index 00000000000..e1ca027872c --- /dev/null +++ b/selftest/knownfail.d/samba3.smb2.create @@ -0,0 +1,2 @@ +^samba3.smb2.create.quota-fake-file\(nt4_dc\) +^samba3.smb2.create.quota-fake-file\(ad_dc\) diff --git a/source4/torture/smb2/create.c b/source4/torture/smb2/create.c index c97dfef16d3..5c559bf2d1d 100644 --- a/source4/torture/smb2/create.c +++ b/source4/torture/smb2/create.c @@ -2707,6 +2707,68 @@ static bool test_fileid_dir(struct torture_context *tctx, return ret; } +/* + test opening quota fakefile handle and returned attributes +*/ +static bool test_smb2_open_quota_fake_file(struct torture_context *tctx, + struct smb2_tree *tree) +{ + const char *fname = "$Extend\\$Quota:$Q:$INDEX_ALLOCATION"; + struct smb2_create create; + struct smb2_handle h = {{0}}; + NTSTATUS status; + bool ret = true; + + create = (struct smb2_create) { + .in.desired_access = SEC_RIGHTS_FILE_READ, + .in.file_attributes = FILE_ATTRIBUTE_NORMAL, + .in.share_access = NTCREATEX_SHARE_ACCESS_MASK, + .in.create_disposition = NTCREATEX_DISP_OPEN, + .in.impersonation_level = SMB2_IMPERSONATION_ANONYMOUS, + .in.fname = fname, + }; + + status = smb2_create(tree, tree, &create); + torture_assert_ntstatus_ok_goto(tctx, status, ret, done, + "smb2_create failed\n"); + h = create.out.file.handle; + + torture_assert_u64_equal_goto(tctx, + create.out.file_attr, + FILE_ATTRIBUTE_HIDDEN + | FILE_ATTRIBUTE_SYSTEM + | FILE_ATTRIBUTE_DIRECTORY + | FILE_ATTRIBUTE_ARCHIVE, + ret, + done, + "Wrong attributes\n"); + + torture_assert_u64_equal_goto(tctx, + create.out.create_time, 0, + ret, + done, + "create_time is not 0\n"); + torture_assert_u64_equal_goto(tctx, + create.out.access_time, 0, + ret, + done, + "access_time is not 0\n"); + torture_assert_u64_equal_goto(tctx, + create.out.write_time, 0, + ret, + done, + "write_time is not 0\n"); + torture_assert_u64_equal_goto(tctx, + create.out.change_time, 0, + ret, + done, + "change_time is not 0\n"); + +done: + smb2_util_close(tree, h); + return ret; +} + /* basic testing of SMB2 read */ @@ -2727,6 +2789,7 @@ struct torture_suite *torture_smb2_create_init(TALLOC_CTX *ctx) torture_suite_add_1smb2_test(suite, "nulldacl", test_create_null_dacl); torture_suite_add_1smb2_test(suite, "mkdir-dup", test_mkdir_dup); torture_suite_add_1smb2_test(suite, "dir-alloc-size", test_dir_alloc_size); + torture_suite_add_1smb2_test(suite, "quota-fake-file", test_smb2_open_quota_fake_file); suite->description = talloc_strdup(suite, "SMB2-CREATE tests"); -- 2.31.1 From 04aad24ee58ee411fdd87185fa213b1bc7abc35d Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Fri, 4 Jun 2021 16:58:20 +0200 Subject: [PATCH 2/3] smbd: handle fake file handles in dos_mode() This ensures SMB requests on the quote fake file "$Extend/$Quota" don't hit the VFS, where specifically in vfs_gpfs we log an error message if we fail to read the DOS attributes for a file with vfs_gpfs_get_dos_attributes: Getting winattrs failed for $Extend/$Quota Signed-off-by: Ralph Boehme --- source3/smbd/dosmode.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c index 4012d6e64c9..a6b8f170192 100644 --- a/source3/smbd/dosmode.c +++ b/source3/smbd/dosmode.c @@ -27,6 +27,7 @@ #include "smbd/smbd.h" #include "lib/param/loadparm.h" #include "lib/util/tevent_ntstatus.h" +#include "fake_file.h" static NTSTATUS get_file_handle_for_metadata(connection_struct *conn, const struct smb_filename *smb_fname, @@ -754,6 +755,7 @@ uint32_t dos_mode(connection_struct *conn, struct smb_filename *smb_fname) { uint32_t result = 0; NTSTATUS status = NT_STATUS_OK; + enum FAKE_FILE_TYPE fake_file_type; DEBUG(8,("dos_mode: %s\n", smb_fname_str_dbg(smb_fname))); @@ -761,6 +763,24 @@ uint32_t dos_mode(connection_struct *conn, struct smb_filename *smb_fname) return 0; } + fake_file_type = is_fake_file(smb_fname); + + switch (fake_file_type) { + case FAKE_FILE_TYPE_NAMED_PIPE_PROXY: + case FAKE_FILE_TYPE_NAMED_PIPE: + return FILE_ATTRIBUTE_NORMAL; + + case FAKE_FILE_TYPE_QUOTA: + /* From Windows 2016 */ + return FILE_ATTRIBUTE_HIDDEN + | FILE_ATTRIBUTE_SYSTEM + | FILE_ATTRIBUTE_DIRECTORY + | FILE_ATTRIBUTE_ARCHIVE; + + case FAKE_FILE_TYPE_NONE: + break; + } + /* Get the DOS attributes via the VFS if we can */ status = SMB_VFS_GET_DOS_ATTRIBUTES(conn, smb_fname, &result); if (!NT_STATUS_IS_OK(status)) { -- 2.31.1 From 2991219c19cf8ade85cb0774dce947ab06d5c0f5 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Mon, 7 Jun 2021 19:02:56 +0200 Subject: [PATCH 3/3] smbd: return correct timestamps for quota fake file Prior to 572d4e3a56eef00e29f93482daa21647af7310d0 it was sufficient to initialize struct timespec to zero to return NTTIME 0 (ie not set) over SMB. This fixes the same problem from bug 14714 where the timestamps in an SMB2 CLOSE response. Windows of course does return *some* timestamps, but as it's neither documented nor was I able to figure out where they would be coming from, as well as the Windows client apparently doesn't care, I didn't bother with implementing some sophisticated heuristic to return some timestamps. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14731 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Jun 9 20:38:02 UTC 2021 on sn-devel-184 (cherry picked from commit 52a421111218d94d2e5cb131648bcdf5411d910b) --- selftest/knownfail.d/samba3.smb2.create | 2 -- source3/smbd/filename.c | 5 +++++ 2 files changed, 5 insertions(+), 2 deletions(-) delete mode 100644 selftest/knownfail.d/samba3.smb2.create diff --git a/selftest/knownfail.d/samba3.smb2.create b/selftest/knownfail.d/samba3.smb2.create deleted file mode 100644 index e1ca027872c..00000000000 --- a/selftest/knownfail.d/samba3.smb2.create +++ /dev/null @@ -1,2 +0,0 @@ -^samba3.smb2.create.quota-fake-file\(nt4_dc\) -^samba3.smb2.create.quota-fake-file\(ad_dc\) diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 73ea63ffd25..db23fe40587 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -1958,6 +1958,11 @@ static NTSTATUS filename_convert_internal(TALLOC_CTX *ctx, return NT_STATUS_NO_MEMORY; } smb_fname->st = (SMB_STRUCT_STAT) { .st_ex_nlink = 1 }; + smb_fname->st.st_ex_btime = (struct timespec){0, SAMBA_UTIME_OMIT}; + smb_fname->st.st_ex_atime = (struct timespec){0, SAMBA_UTIME_OMIT}; + smb_fname->st.st_ex_mtime = (struct timespec){0, SAMBA_UTIME_OMIT}; + smb_fname->st.st_ex_ctime = (struct timespec){0, SAMBA_UTIME_OMIT}; + *_smb_fname = smb_fname; return NT_STATUS_OK; } -- 2.31.1