public void TreeConnectRequest(ConnectToShareType connectToShareType, ModelRequestType modelRequestType)
{
string sharePath = (connectToShareType == ConnectToShareType.ConnectToEncryptedShare) ?
Smb2Utility.GetUncPath(testConfig.SutComputerName, testConfig.EncryptedFileShare) : Smb2Utility.GetUncPath(testConfig.SutComputerName, testConfig.BasicFileShare);
if (modelRequestType == ModelRequestType.EncryptedRequest)
{
testClient.EnableSessionSigningAndEncryption(enableSigning: false, enableEncryption: true);
}
else
{
testClient.EnableSessionSigningAndEncryption(enableSigning: testConfig.SendSignedRequest, enableEncryption: false);
}
try
{
uint status = 0;
TREE_CONNECT_Response?treeConnectResponse = null;
status = testClient.TreeConnect(
sharePath,
out treeId,
checker: (header, response) =>
{
treeConnectResponse = response;
});
ShareEncryptDataType shareEncryptDataType = treeConnectResponse.Value.ShareFlags.HasFlag(ShareFlags_Values.SHAREFLAG_ENCRYPT_DATA) ? ShareEncryptDataType.ShareEncryptDataSet : ShareEncryptDataType.ShareEncryptDataNotSet;
//TODO: To be implemented after TRANSFORM_HEADER added into Smb2FunctionalClient
ModelResponseType modelResponseType = (modelRequestType == ModelRequestType.EncryptedRequest) ? ModelResponseType.EncryptedResponse : ModelResponseType.UnEncryptedResponse;
TreeConnectResponse((ModelSmb2Status)status, shareEncryptDataType, modelResponseType, encryptionConfig);
}
catch
{
}
}
public static void TreeConnectResponse(
ModelSmb2Status status,
ShareEncryptDataType shareEncryptDataType,
ModelResponseType modelResponseType,
EncryptionConfig c)
{
Condition.IsTrue(state == ModelState.Connected);
Condition.IsTrue(config.IsGlobalRejectUnencryptedAccessEnabled == c.IsGlobalRejectUnencryptedAccessEnabled);
Condition.IsTrue(Session_IsExisted);
ModelTreeConnectRequest treeConnectRequest = ModelHelper.RetrieveOutstandingRequest <ModelTreeConnectRequest>(ref request);
if (!VerifySession(status, treeConnectRequest.modelRequestType, c))
{
return;
}
if (ModelUtility.IsSmb3xFamily(config.MaxSmbVersionSupported) &&
(config.IsGlobalEncryptDataEnabled ||
treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare) &&
config.IsGlobalRejectUnencryptedAccessEnabled &&
!Connection_ServerCapabilities_SMB2_GLOBAL_CAP_ENCRYPTION)
{
ModelHelper.Log(LogType.Requirement,
"3.3.5.7: If the server implements the SMB 3.x dialect family, EncryptData or Share.EncryptData is TRUE, " +
"RejectUnencryptedAccess is TRUE, and Connection.ServerCapabilities does not include SMB2_GLOBAL_CAP_ENCRYPTION, " +
"the server MUST fail the request with STATUS_ACCESS_DENIED.");
Condition.IsTrue(config.Platform == c.Platform);
ModelHelper.Log(LogType.TestInfo,
"The server implements {0}, EncryptData is {1}, Share.EncryptData is {2}, RejectUnencryptedAccess is TRUE, " +
"Connection.ServerCapabilities does not include SMB2_GLOBAL_CAP_ENCRYPTION.",
config.MaxSmbVersionSupported,
config.IsGlobalEncryptDataEnabled,
treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare ? "TRUE" : "FALSE");
ModelHelper.Log(LogType.TestInfo, "The SUT platform is {0}.", config.Platform);
ModelHelper.Log(LogType.TestTag, TestTag.Compatibility);
Condition.IsTrue(status == ModelSmb2Status.STATUS_ACCESS_DENIED);
return;
}
if (Smb2Utility.IsSmb3xFamily(negotiateDialect) &&
treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare &&
config.IsGlobalRejectUnencryptedAccessEnabled &&
!Connection_ServerCapabilities_SMB2_GLOBAL_CAP_ENCRYPTION)
{
ModelHelper.Log(LogType.Requirement,
"3.3.5.7: If Connection.Dialect belongs to the SMB 3.x dialect family, " +
"Share.EncryptData is TRUE, RejectUnencryptedAccess is TRUE, " +
"and Connection.ServerCapabilities does not include SMB2_GLOBAL_CAP_ENCRYPTION, " +
"the server MUST fail the request with STATUS_ACCESS_DENIED.");
ModelHelper.Log(LogType.Requirement,
"\tSet the SMB2_SHAREFLAG_ENCRYPT_DATA bit.");
ModelHelper.Log(LogType.TestInfo, "Connection.Dialect is {0}, and Share.EncryptData is TRUE.", negotiateDialect);
Condition.IsTrue(shareEncryptDataType == ShareEncryptDataType.ShareEncryptDataSet);
}
//TODO: To be implemented after TRANSFORM_HEADER added into Smb2FunctionalClient
if (treeConnectRequest.modelRequestType == ModelRequestType.EncryptedRequest)
{
Condition.IsTrue(modelResponseType == ModelResponseType.EncryptedResponse);
}
else
{
Condition.IsTrue(modelResponseType == ModelResponseType.UnEncryptedResponse);
}
Condition.IsTrue(status == ModelSmb2Status.STATUS_SUCCESS);
Encryption_TreeId = (treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare) ? EncryptionTreeId.TreeIdToEncryptShare : EncryptionTreeId.TreeIdToUnEncryptShare;
}
public static void TreeConnectResponse(
ModelSmb2Status status,
ShareEncryptDataType shareEncryptDataType,
ModelResponseType modelResponseType,
EncryptionConfig c)
{
Condition.IsTrue(state == ModelState.Connected);
Condition.IsTrue(config.IsGlobalRejectUnencryptedAccessEnabled == c.IsGlobalRejectUnencryptedAccessEnabled);
ModelTreeConnectRequest treeConnectRequest = ModelHelper.RetrieveOutstandingRequest<ModelTreeConnectRequest>(ref request);
if (!VerifySession(status, treeConnectRequest.modelRequestType))
{
return;
}
if (ModelUtility.IsSmb3xFamily(config.MaxSmbVersionSupported)
&& (config.IsGlobalEncryptDataEnabled
|| treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare)
&& config.IsGlobalRejectUnencryptedAccessEnabled
&& !Connection_ServerCapabilities_SMB2_GLOBAL_CAP_ENCRYPTION)
{
ModelHelper.Log(LogType.Requirement,
"3.3.5.7: If the server implements the SMB 3.x dialect family, EncryptData or Share.EncryptData is TRUE, " +
"RejectUnencryptedAccess is TRUE, and Connection.ServerCapabilities does not include SMB2_GLOBAL_CAP_ENCRYPTION, " +
"the server SHOULD fail the request with STATUS_ACCESS_DENIED.");
Condition.IsTrue(config.Platform == c.Platform);
ModelHelper.Log(LogType.TestInfo,
"The server implements {0}, EncryptData is {1}, Share.EncryptData is {2}, RejectUnencryptedAccess is TRUE, " +
"Connection.ServerCapabilities does not include SMB2_GLOBAL_CAP_ENCRYPTION.",
config.MaxSmbVersionSupported,
config.IsGlobalEncryptDataEnabled,
treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare ? "TRUE" : "FALSE");
ModelHelper.Log(LogType.TestInfo, "The SUT platform is {0}.", config.Platform);
ModelHelper.Log(LogType.TestTag, TestTag.Compatibility);
if (config.Platform == Platform.NonWindows)
{
Condition.IsTrue(status != ModelSmb2Status.STATUS_SUCCESS);
}
else
{
Condition.IsTrue(status == ModelSmb2Status.STATUS_ACCESS_DENIED);
}
return;
}
if (Smb2Utility.IsSmb3xFamily(negotiateDialect)
&& treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare)
{
ModelHelper.Log(LogType.Requirement,
"3.3.5.7: If Connection.Dialect belongs to the SMB 3.x dialect family, " +
"and Share.EncryptData is TRUE, the server MUST do the following:");
ModelHelper.Log(LogType.Requirement,
"\tSet the SMB2_SHAREFLAG_ENCRYPT_DATA bit.");
ModelHelper.Log(LogType.TestInfo, "Connection.Dialect is {0}, and Share.EncryptData is TRUE.", negotiateDialect);
Condition.IsTrue(shareEncryptDataType== ShareEncryptDataType.ShareEncryptDataSet);
}
//TODO: To be implemented after TRANSFORM_HEADER added into Smb2FunctionalClient
if (treeConnectRequest.modelRequestType == ModelRequestType.EncryptedRequest)
{
Condition.IsTrue(modelResponseType == ModelResponseType.EncryptedResponse);
}
else
{
Condition.IsTrue(modelResponseType == ModelResponseType.UnEncryptedResponse);
}
Condition.IsTrue(status == ModelSmb2Status.STATUS_SUCCESS);
Encryption_TreeId = (treeConnectRequest.connectToShareType == ConnectToShareType.ConnectToEncryptedShare) ? EncryptionTreeId.TreeIdToEncryptShare : EncryptionTreeId.TreeIdToUnEncryptShare;
}