public void TreeConnectRequest(SigningFlagType signingFlagType)
{
uint treeId;
SigningModelSessionId modelSessionId = SigningModelSessionId.ZeroSessionId;
SigningFlagType responseSigningFlagType = SigningFlagType.SignedFlagNotSet;
string sharePath = Smb2Utility.GetUncPath(testConfig.SutComputerName, testConfig.BasicFileShare);
Packet_Header_Flags_Values headerFlags = (signingFlagType == SigningFlagType.SignedFlagSet) ? Packet_Header_Flags_Values.FLAGS_SIGNED : Packet_Header_Flags_Values.NONE;
// Inform SDK to disable/enable signing according to SigningFlagType.
bool isEnableSigning = !(signingFlagType == SigningFlagType.SignedFlagNotSet);
testClient.EnableSessionSigningAndEncryption(enableSigning: isEnableSigning, enableEncryption: false);
uint status = testClient.TreeConnect(
headerFlags,
sharePath,
out treeId,
checker: (header, response) =>
{
modelSessionId = GetModelSessionId(header.SessionId);
responseSigningFlagType = GetSigningFlagType(header.Flags);
});
TreeConnectResponse((ModelSmb2Status)status, modelSessionId, responseSigningFlagType);
}
private void Compound_RelatedRequests(string fileName, bool isEncrypted)
{
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Initialize the test client.");
Smb2FunctionalClient client = new Smb2FunctionalClient(TestConfig.Timeout, TestConfig, BaseTestSite);
uint treeId;
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Connect to the SMB2 basic share by sending the following requests: NEGOTIATE; SESSION_SETUP; TREE_CONNECT.");
ConnectToShare(client, out treeId);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Construct Create packet.");
Smb2CreateRequestPacket createPacket = ConstructCreatePacket(client.SessionId, treeId, fileName);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Construct Write packet, flag FLAGS_RELATED_OPERATIONS is set.");
Smb2WriteRequestPacket writePacket = ConstructRelatedWritePacket();
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Construct Close packet, flag FLAGS_RELATED_OPERATIONS is set.");
Smb2CloseRequestPacket closePacket = ConstructRelatedClosePacket();
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Send {0}compounded Create, Write and Close requests to SUT.", isEncrypted ? "encrypted " : "");
List <Smb2SinglePacket> requestPackets = new List <Smb2SinglePacket>();
requestPackets.Add(createPacket);
requestPackets.Add(writePacket);
requestPackets.Add(closePacket);
if (isEncrypted)
{
// Enable encryption
client.EnableSessionSigningAndEncryption(enableSigning: testConfig.SendSignedRequest, enableEncryption: true);
}
List <Smb2SinglePacket> responsePackets = client.SendAndReceiveCompoundPacket(requestPackets);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Verify responses to the compounded request.");
foreach (var responsePacket in responsePackets)
{
if (TestConfig.Platform == Platform.WindowsServer2016 && responsePacket.Header.Status != Smb2Status.STATUS_SUCCESS)
{
}
else
{
BaseTestSite.Assert.AreEqual(
Smb2Status.STATUS_SUCCESS,
responsePacket.Header.Status,
"{0} should succeed, actual status is {1}", responsePacket.Header.Command, Smb2Status.GetStatusCode(responsePacket.Header.Status));
}
}
client.TreeDisconnect(treeId);
client.LogOff();
client.Disconnect();
}
public void TreeConnectRequest(ConnectToShareType connectToShareType, ModelRequestType modelRequestType)
{
string sharePath = (connectToShareType == ConnectToShareType.ConnectToEncryptedShare) ?
Smb2Utility.GetUncPath(testConfig.SutComputerName, testConfig.EncryptedFileShare) : Smb2Utility.GetUncPath(testConfig.SutComputerName, testConfig.BasicFileShare);
if (modelRequestType == ModelRequestType.EncryptedRequest)
{
testClient.EnableSessionSigningAndEncryption(enableSigning: false, enableEncryption: true);
}
else
{
testClient.EnableSessionSigningAndEncryption(enableSigning: testConfig.SendSignedRequest, enableEncryption: false);
}
try
{
uint status = 0;
TREE_CONNECT_Response?treeConnectResponse = null;
status = testClient.TreeConnect(
sharePath,
out treeId,
checker: (header, response) =>
{
treeConnectResponse = response;
});
ShareEncryptDataType shareEncryptDataType = treeConnectResponse.Value.ShareFlags.HasFlag(ShareFlags_Values.SHAREFLAG_ENCRYPT_DATA) ? ShareEncryptDataType.ShareEncryptDataSet : ShareEncryptDataType.ShareEncryptDataNotSet;
//TODO: To be implemented after TRANSFORM_HEADER added into Smb2FunctionalClient
ModelResponseType modelResponseType = (modelRequestType == ModelRequestType.EncryptedRequest) ? ModelResponseType.EncryptedResponse : ModelResponseType.UnEncryptedResponse;
TreeConnectResponse((ModelSmb2Status)status, shareEncryptDataType, modelResponseType, encryptionConfig);
}
catch
{
}
}
public void Send_Multiple_Requests()
{
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Initialize the test client.");
Smb2FunctionalClient client = new Smb2FunctionalClient(TestConfig.Timeout, TestConfig, BaseTestSite);
uint treeId;
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Connect to the SMB2 basic share by sending the following requests: NEGOTIATE; SESSION_SETUP; TREE_CONNECT.");
ConnectToShare(client, out treeId);
List <Smb2SinglePacket> requestPackets = new List <Smb2SinglePacket>();
for (int i = 1; i <= 10; i++)
{
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Construct the {0} Create packet.", i);
string fileName = string.Format("FileNew_{0}_{1}.txt", i, Guid.NewGuid());
Task <Smb2CreateRequestPacket> t1 = Task <Smb2CreateRequestPacket> .Factory.StartNew(() =>
ConstructCreatePacket(client.SessionId, treeId, fileName));
requestPackets.Add(t1.Result);
}
client.EnableSessionSigningAndEncryption(enableSigning: testConfig.SendSignedRequest, enableEncryption: false);
Task <List <ulong> > sendRequest = Task <List <ulong> > .Factory.StartNew(() => client.SendCompoundPacket(requestPackets));
List <Smb2SinglePacket> responsePackets = client.ReceiveCompoundPacket(sendRequest.Result);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Verify responses to the compounded request.");
foreach (var responsePacket in responsePackets)
{
if (TestConfig.Platform == Platform.WindowsServer2016 && responsePacket.Header.Status != Smb2Status.STATUS_SUCCESS)
{
}
else
{
BaseTestSite.Assert.AreEqual(
Smb2Status.STATUS_SUCCESS,
responsePacket.Header.Status,
"{0} should succeed, actual status is {1}", responsePacket.Header.Command, Smb2Status.GetStatusCode(responsePacket.Header.Status));
}
}
client.TreeDisconnect(treeId);
client.LogOff();
client.Disconnect();
}
private void Compound_UnrelatedRequests(string firstFileName, string secondFileName, bool isEncrypted)
{
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Initialize the test client.");
Smb2FunctionalClient client = new Smb2FunctionalClient(TestConfig.Timeout, TestConfig, BaseTestSite);
uint treeId;
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Connect to the SMB2 basic share by sending the following requests: NEGOTIATE; SESSION_SETUP; TREE_CONNECT.");
ConnectToShare(client, out treeId);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Construct the first Create packet.");
Smb2CreateRequestPacket firstCreatePacket = ConstructCreatePacket(client.SessionId, treeId, firstFileName);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Construct the second Create packet.");
Smb2CreateRequestPacket secondCreatePacket = ConstructCreatePacket(client.SessionId, treeId, secondFileName);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Send the two {0}compounded Create packets to SUT.", isEncrypted ? "encrypted " : "");
List <Smb2SinglePacket> requestPackets = new List <Smb2SinglePacket>();
requestPackets.Add(firstCreatePacket);
requestPackets.Add(secondCreatePacket);
if (isEncrypted)
{
// Enable encryption
client.EnableSessionSigningAndEncryption(enableSigning: testConfig.SendSignedRequest, enableEncryption: true);
}
List <Smb2SinglePacket> responsePackets = client.SendAndReceiveCompoundPacket(false, requestPackets);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Verify responses to the compounded request.");
foreach (var responsePacket in responsePackets)
{
BaseTestSite.Assert.AreEqual(
Smb2Status.STATUS_SUCCESS,
responsePacket.Header.Status,
"{0} should succeed, actual status is {1}", responsePacket.Header.Command, Smb2Status.GetStatusCode(responsePacket.Header.Status));
}
client.TreeDisconnect(treeId);
client.LogOff();
client.Disconnect();
}
public void BVT_TreeMgmt_SMB311_Disconnect_NoSignedNoEncryptedTreeConnect()
{
#region Check Applicability
TestConfig.CheckDialect(DialectRevision.Smb311);
if (TestConfig.IsServerSigningRequired)
{
BaseTestSite.Assert.Inconclusive("Test case is only applicable when security signature is not required by the server " +
"because if signing or encryption is required in server, the server will fail the TreeConnect with STATUS_ACCESS_DENIED, which is not the purpose of this case.");
}
if (TestConfig.IsGlobalEncryptDataEnabled && TestConfig.IsGlobalRejectUnencryptedAccessEnabled)
{
BaseTestSite.Assert.Inconclusive("Test case is only applicable when encryption is not required by the server " +
"because if signing or encryption is required in server, the server will fail the TreeConnect with STATUS_ACCESS_DENIED, which is not the purpose of this case.");
}
#endregion
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Client sends NEGOTIATE request without NEGOTIATE_SIGNING_REQUIRED and GLOBAL_CAP_ENCRYPTION set.");
client.Negotiate(
TestConfig.RequestDialects,
TestConfig.IsSMB1NegotiateEnabled,
SecurityMode_Values.NONE,
Capabilities_Values.NONE);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Client sends SESSION_SETUP request without NEGOTIATE_SIGNING_REQUIRED flag set.");
client.SessionSetup(
TestConfig.DefaultSecurityPackage,
TestConfig.SutComputerName,
TestConfig.AccountCredential,
TestConfig.UseServerGssToken,
SESSION_SETUP_Request_SecurityMode_Values.NONE);
string uncSharepath = Smb2Utility.GetUncPath(TestConfig.SutComputerName, TestConfig.BasicFileShare);
uint treeId;
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Client sends TREE_CONNECT request which is not signed or not encrypted and expects server disconnects the connection.");
try
{
client.EnableSessionSigningAndEncryption(enableSigning: false, enableEncryption: false);
// Trigger Server Disconnect event
client.TreeConnect(
Packet_Header_Flags_Values.NONE,
uncSharepath,
out treeId,
checker: (Packet_Header header, TREE_CONNECT_Response response) =>
{
BaseTestSite.Assert.AreNotEqual(
Smb2Status.STATUS_SUCCESS,
header.Status,
"TREE_CONNECT should NOT succeed.");
});
// Check if server is still responding
client.Echo(treeId);
}
catch
{
}
// Check if server is disconnected
BaseTestSite.Assert.IsTrue(client.Smb2Client.IsServerDisconnected,
"[MS-SMB2] 3.3.5.7 If Connection.Dialect is \"3.1.1\" and Session.IsAnonymous and Session.IsGuest are set to FALSE" +
" and the request is not signed or not encrypted, then the server MUST disconnect the connection. " +
"Server did {0}disconnect the connection.", client.Smb2Client.IsServerDisconnected ? "" : "not ");
}
/// <summary>
/// Operations after Negotiate, from Session Setup to Log off.
/// </summary>
private void PostNegotiateOperations(EnableEncryptionType enableEncryptionType, bool connectEncryptedShare)
{
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Client sends SESSION_SETUP request and expects response.");
client.SessionSetup(
TestConfig.DefaultSecurityPackage,
TestConfig.SutComputerName,
TestConfig.AccountCredential,
TestConfig.UseServerGssToken);
if (enableEncryptionType == EnableEncryptionType.EnableEncryptionPerSession)
{
// After calling this method, client will send encrypted message after session setup
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Client enables global encryption.");
client.EnableSessionSigningAndEncryption(enableSigning: false, enableEncryption: true);
}
string uncSharepath =
Smb2Utility.GetUncPath(TestConfig.SutComputerName, connectEncryptedShare ? TestConfig.EncryptedFileShare : TestConfig.BasicFileShare);
uint treeId;
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Client sends TREE_CONNECT to share: {0}", uncSharepath);
client.TreeConnect(
uncSharepath,
out treeId,
(Packet_Header header, TREE_CONNECT_Response response) =>
{
BaseTestSite.Assert.AreEqual(
Smb2Status.STATUS_SUCCESS,
header.Status,
"TreeConnect should succeed, actually server returns {0}.", Smb2Status.GetStatusCode(header.Status));
if (connectEncryptedShare)
{
BaseTestSite.Assert.AreEqual(
ShareFlags_Values.SHAREFLAG_ENCRYPT_DATA,
ShareFlags_Values.SHAREFLAG_ENCRYPT_DATA & response.ShareFlags,
"Server should set SMB2_SHAREFLAG_ENCRYPT_DATA for ShareFlags field in TREE_CONNECT response");
}
else
{
BaseTestSite.Assert.AreNotEqual(
ShareFlags_Values.SHAREFLAG_ENCRYPT_DATA,
ShareFlags_Values.SHAREFLAG_ENCRYPT_DATA & response.ShareFlags,
"Server should not set SMB2_SHAREFLAG_ENCRYPT_DATA for ShareFlags field in TREE_CONNECT response");
}
});
if (enableEncryptionType == EnableEncryptionType.EnableEncryptionPerShare)
{
// After calling this method, client will send encrypted message after tree connect.
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Client enables per share encryption: TreeId=0x{0:x}", treeId);
client.SetTreeEncryption(treeId, true);
}
FILEID fileId;
Smb2CreateContextResponse[] serverCreateContexts;
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Client sends encrypted CREATE request and expects success.");
client.Create(
treeId,
CurrentTestCaseName + "_" + Guid.NewGuid() + ".txt",
CreateOptions_Values.FILE_NON_DIRECTORY_FILE | CreateOptions_Values.FILE_DELETE_ON_CLOSE,
out fileId,
out serverCreateContexts);
string content = Smb2Utility.CreateRandomString(TestConfig.WriteBufferLengthInKb);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Client sends encrpyted WRITE request and expects success.");
client.Write(treeId, fileId, content);
string actualContent;
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Client sends encrypted READ request and expects success.");
client.Read(treeId, fileId, 0, (uint)content.Length, out actualContent);
BaseTestSite.Assert.IsTrue(
content.Equals(actualContent),
"File content read should be identical to that has been written.");
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Tear down the client by sending the following requests: CLOSE; TREE_DISCONNECT; LOG_OFF");
client.Close(treeId, fileId);
client.TreeDisconnect(treeId);
client.LogOff();
}
private void CreateTestFile(CompressionAlgorithm[] compressionAlgorithms, bool enableEncryption, out uint treeId, out FILEID fileId, bool enableChainedCompression = false)
{
var capabilities = Capabilities_Values.NONE;
if (enableEncryption)
{
capabilities |= Capabilities_Values.GLOBAL_CAP_ENCRYPTION;
}
EncryptionAlgorithm[] encryptionAlgorithms = null;
if (enableEncryption)
{
encryptionAlgorithms = new EncryptionAlgorithm[] { EncryptionAlgorithm.ENCRYPTION_AES128_CCM, EncryptionAlgorithm.ENCRYPTION_AES128_GCM };
}
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Starts a client by sending the following requests: NEGOTIATE; SESSION_SETUP; TREE_CONNECT.");
client = new Smb2FunctionalClient(TestConfig.Timeout, TestConfig, BaseTestSite);
client.ConnectToServer(TestConfig.UnderlyingTransport, TestConfig.SutComputerName, TestConfig.SutIPAddress);
client.NegotiateWithContexts(
Packet_Header_Flags_Values.NONE,
TestConfig.RequestDialects,
preauthHashAlgs: new PreauthIntegrityHashID[] { PreauthIntegrityHashID.SHA_512 },
encryptionAlgs: encryptionAlgorithms,
compressionAlgorithms: compressionAlgorithms,
compressionFlags: enableChainedCompression ? SMB2_COMPRESSION_CAPABILITIES_Flags.SMB2_COMPRESSION_CAPABILITIES_FLAG_CHAINED : SMB2_COMPRESSION_CAPABILITIES_Flags.SMB2_COMPRESSION_CAPABILITIES_FLAG_NONE,
capabilityValue: capabilities,
checker: (Packet_Header header, NEGOTIATE_Response response) =>
{
BaseTestSite.Assert.AreEqual(Smb2Status.STATUS_SUCCESS, header.Status, "SUT MUST return STATUS_SUCCESS if the negotiation finished successfully.");
if (TestConfig.IsWindowsPlatform)
{
CheckCompressionAlgorithmsForWindowsImplementation(compressionAlgorithms);
}
else
{
bool isExpectedNonWindowsCompressionContext = Enumerable.SequenceEqual(client.Smb2Client.CompressionInfo.CompressionIds, compressionAlgorithms);
{
BaseTestSite.Assert.IsTrue(isExpectedNonWindowsCompressionContext, "[MS-SMB2] section 3.3.5.4: Non-Windows implementation MUST set CompressionAlgorithms to the CompressionIds in request if they are all supported by SUT.");
}
}
});
client.SessionSetup(
TestConfig.DefaultSecurityPackage,
TestConfig.SutComputerName,
TestConfig.AccountCredential,
TestConfig.UseServerGssToken);
if (enableEncryption)
{
client.EnableSessionSigningAndEncryption(enableSigning: false, enableEncryption: true);
}
client.TreeConnect(uncSharePath, out treeId);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Client sends CREATE request with desired access set to GENERIC_READ and GENERIC_WRITE to create a file.");
Smb2CreateContextResponse[] serverCreateContexts;
string fileName = GetTestFileName(uncSharePath);
client.Create(
treeId,
fileName,
CreateOptions_Values.FILE_NON_DIRECTORY_FILE,
out fileId,
out serverCreateContexts,
accessMask: AccessMask.GENERIC_READ | AccessMask.GENERIC_WRITE
);
}
private void Compound_RelatedRequests(string fileName, bool isEncrypted)
{
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Initialize the test client.");
Smb2FunctionalClient client = new Smb2FunctionalClient(TestConfig.Timeout, TestConfig, BaseTestSite);
uint treeId;
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Connect to the SMB2 basic share by sending the following requests: NEGOTIATE; SESSION_SETUP; TREE_CONNECT.");
ConnectToShare(client, out treeId);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Construct Create packet.");
Smb2CreateRequestPacket createPacket = ConstructCreatePacket(client.SessionId, treeId, fileName);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Construct Write packet, flag FLAGS_RELATED_OPERATIONS is set.");
Smb2WriteRequestPacket writePacket = ConstructRelatedWritePacket();
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Construct Close packet, flag FLAGS_RELATED_OPERATIONS is set.");
Smb2CloseRequestPacket closePacket = ConstructRelatedClosePacket();
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Send {0}compounded Create, Write and Close requests to SUT.", isEncrypted ? "encrypted " : "");
List<Smb2SinglePacket> requestPackets = new List<Smb2SinglePacket>();
requestPackets.Add(createPacket);
requestPackets.Add(writePacket);
requestPackets.Add(closePacket);
if (isEncrypted)
{
// Enable encryption
client.EnableSessionSigningAndEncryption(enableSigning: testConfig.SendSignedRequest, enableEncryption: true);
}
List<Smb2SinglePacket> responsePackets = client.SendAndReceiveCompoundPacket(requestPackets);
BaseTestSite.Log.Add(LogEntryKind.TestStep, "Verify responses to the compounded request.");
foreach (var responsePacket in responsePackets)
{
if (TestConfig.Platform == Platform.WindowsServer2016 && responsePacket.Header.Status != Smb2Status.STATUS_SUCCESS)
{
}
else
{
BaseTestSite.Assert.AreEqual(
Smb2Status.STATUS_SUCCESS,
responsePacket.Header.Status,
"{0} should succeed, actual status is {1}", responsePacket.Header.Command, Smb2Status.GetStatusCode(responsePacket.Header.Status));
}
}
client.TreeDisconnect(treeId);
client.LogOff();
client.Disconnect();
}
