public static void TreeConnectResponse( ModelSmb2Status status, ShareEncryptDataType shareEncryptDataType, ModelResponseType modelResponseType, EncryptionConfig c) { Condition.IsTrue(state == ModelState.Connected); Condition.IsTrue(config.IsGlobalRejectUnencryptedAccessEnabled == c.IsGlobalRejectUnencryptedAccessEnabled); Condition.IsTrue(Session_IsExisted); ModelTreeConnectRequest treeConnectRequest = ModelHelper.RetrieveOutstandingRequest <ModelTreeConnectRequest>(ref request); if (!VerifySession(status, treeConnectRequest.modelRequestType, c)) { return; } if (ModelUtility.IsSmb3xFamily(config.MaxSmbVersionSupported) && (config.IsGlobalEncryptDataEnabled || treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare) && config.IsGlobalRejectUnencryptedAccessEnabled && !Connection_ServerCapabilities_SMB2_GLOBAL_CAP_ENCRYPTION) { ModelHelper.Log(LogType.Requirement, "3.3.5.7: If the server implements the SMB 3.x dialect family, EncryptData or Share.EncryptData is TRUE, " + "RejectUnencryptedAccess is TRUE, and Connection.ServerCapabilities does not include SMB2_GLOBAL_CAP_ENCRYPTION, " + "the server MUST fail the request with STATUS_ACCESS_DENIED."); Condition.IsTrue(config.Platform == c.Platform); ModelHelper.Log(LogType.TestInfo, "The server implements {0}, EncryptData is {1}, Share.EncryptData is {2}, RejectUnencryptedAccess is TRUE, " + "Connection.ServerCapabilities does not include SMB2_GLOBAL_CAP_ENCRYPTION.", config.MaxSmbVersionSupported, config.IsGlobalEncryptDataEnabled, treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare ? "TRUE" : "FALSE"); ModelHelper.Log(LogType.TestInfo, "The SUT platform is {0}.", config.Platform); ModelHelper.Log(LogType.TestTag, TestTag.Compatibility); Condition.IsTrue(status == ModelSmb2Status.STATUS_ACCESS_DENIED); return; } if (Smb2Utility.IsSmb3xFamily(negotiateDialect) && treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare && config.IsGlobalRejectUnencryptedAccessEnabled && !Connection_ServerCapabilities_SMB2_GLOBAL_CAP_ENCRYPTION) { ModelHelper.Log(LogType.Requirement, "3.3.5.7: If Connection.Dialect belongs to the SMB 3.x dialect family, " + "Share.EncryptData is TRUE, RejectUnencryptedAccess is TRUE, " + "and Connection.ServerCapabilities does not include SMB2_GLOBAL_CAP_ENCRYPTION, " + "the server MUST fail the request with STATUS_ACCESS_DENIED."); ModelHelper.Log(LogType.Requirement, "\tSet the SMB2_SHAREFLAG_ENCRYPT_DATA bit."); ModelHelper.Log(LogType.TestInfo, "Connection.Dialect is {0}, and Share.EncryptData is TRUE.", negotiateDialect); Condition.IsTrue(shareEncryptDataType == ShareEncryptDataType.ShareEncryptDataSet); } //TODO: To be implemented after TRANSFORM_HEADER added into Smb2FunctionalClient if (treeConnectRequest.modelRequestType == ModelRequestType.EncryptedRequest) { Condition.IsTrue(modelResponseType == ModelResponseType.EncryptedResponse); } else { Condition.IsTrue(modelResponseType == ModelResponseType.UnEncryptedResponse); } Condition.IsTrue(status == ModelSmb2Status.STATUS_SUCCESS); Encryption_TreeId = (treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare) ? EncryptionTreeId.TreeIdToEncryptShare : EncryptionTreeId.TreeIdToUnEncryptShare; }
public static void TreeConnectResponse( ModelSmb2Status status, ShareEncryptDataType shareEncryptDataType, ModelResponseType modelResponseType, EncryptionConfig c) { Condition.IsTrue(state == ModelState.Connected); Condition.IsTrue(config.IsGlobalRejectUnencryptedAccessEnabled == c.IsGlobalRejectUnencryptedAccessEnabled); ModelTreeConnectRequest treeConnectRequest = ModelHelper.RetrieveOutstandingRequest<ModelTreeConnectRequest>(ref request); if (!VerifySession(status, treeConnectRequest.modelRequestType)) { return; } if (ModelUtility.IsSmb3xFamily(config.MaxSmbVersionSupported) && (config.IsGlobalEncryptDataEnabled || treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare) && config.IsGlobalRejectUnencryptedAccessEnabled && !Connection_ServerCapabilities_SMB2_GLOBAL_CAP_ENCRYPTION) { ModelHelper.Log(LogType.Requirement, "3.3.5.7: If the server implements the SMB 3.x dialect family, EncryptData or Share.EncryptData is TRUE, " + "RejectUnencryptedAccess is TRUE, and Connection.ServerCapabilities does not include SMB2_GLOBAL_CAP_ENCRYPTION, " + "the server SHOULD fail the request with STATUS_ACCESS_DENIED."); Condition.IsTrue(config.Platform == c.Platform); ModelHelper.Log(LogType.TestInfo, "The server implements {0}, EncryptData is {1}, Share.EncryptData is {2}, RejectUnencryptedAccess is TRUE, " + "Connection.ServerCapabilities does not include SMB2_GLOBAL_CAP_ENCRYPTION.", config.MaxSmbVersionSupported, config.IsGlobalEncryptDataEnabled, treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare ? "TRUE" : "FALSE"); ModelHelper.Log(LogType.TestInfo, "The SUT platform is {0}.", config.Platform); ModelHelper.Log(LogType.TestTag, TestTag.Compatibility); if (config.Platform == Platform.NonWindows) { Condition.IsTrue(status != ModelSmb2Status.STATUS_SUCCESS); } else { Condition.IsTrue(status == ModelSmb2Status.STATUS_ACCESS_DENIED); } return; } if (Smb2Utility.IsSmb3xFamily(negotiateDialect) && treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare) { ModelHelper.Log(LogType.Requirement, "3.3.5.7: If Connection.Dialect belongs to the SMB 3.x dialect family, " + "and Share.EncryptData is TRUE, the server MUST do the following:"); ModelHelper.Log(LogType.Requirement, "\tSet the SMB2_SHAREFLAG_ENCRYPT_DATA bit."); ModelHelper.Log(LogType.TestInfo, "Connection.Dialect is {0}, and Share.EncryptData is TRUE.", negotiateDialect); Condition.IsTrue(shareEncryptDataType== ShareEncryptDataType.ShareEncryptDataSet); } //TODO: To be implemented after TRANSFORM_HEADER added into Smb2FunctionalClient if (treeConnectRequest.modelRequestType == ModelRequestType.EncryptedRequest) { Condition.IsTrue(modelResponseType == ModelResponseType.EncryptedResponse); } else { Condition.IsTrue(modelResponseType == ModelResponseType.UnEncryptedResponse); } Condition.IsTrue(status == ModelSmb2Status.STATUS_SUCCESS); Encryption_TreeId = (treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare) ? EncryptionTreeId.TreeIdToEncryptShare : EncryptionTreeId.TreeIdToUnEncryptShare; }