def default_client(signing=None):
client = model.Client()
min_dialect = Options.min_dialect()
max_dialect = Options.max_dialect()
client.restrict_dialects(min_dialect, max_dialect)
if signing is None:
signing = Options.signing()
if signing:
client.security_mode = (smb2.SMB2_NEGOTIATE_SIGNING_ENABLED |
smb2.SMB2_NEGOTIATE_SIGNING_REQUIRED)
return client
def setup(self):
# determine max capability and apply Required decorators
self.chan, self.tree = self.tree_connect()
self.max_dialect = self.chan.connection.negotiate_response.dialect_revision
self.capabilities = self.chan.connection.negotiate_response.capabilities
self.share_caps = self.tree.tree_connect_response.capabilities
self.chan.logoff()
self.chan.connection.close()
self.conn = model.Client().connect(self.server, self.port)
self.client = self.conn.client
def test_smb_3_0_2_encryption(self):
client = model.Client(dialects=[smb2.DIALECT_SMB3_0_2])
conn = client.connect(self.server)
conn.negotiate()
self.assertEqual(conn.negotiate_response.dialect_revision,
smb2.DIALECT_SMB3_0_2)
self.assertTrue(conn.negotiate_response.capabilities
& smb2.SMB2_GLOBAL_CAP_ENCRYPTION)
chan = conn.session_setup(self.creds)
chan.session.encrypt_data = True
self.assertIsNotNone(chan.session.encryption_context)
self.assertEqual(chan.session.encryption_context.aes_mode,
crypto.AES.MODE_CCM)
tree = chan.tree_connect(self.share)
self.assertIsNotNone(
tree.tree_connect_response.parent.parent.transform)
def test_smb_3_1_1_compound(self):
client = model.Client(
dialects=[smb2.DIALECT_SMB3_0, smb2.DIALECT_SMB3_1_1])
conn = client.connect(self.server)
conn.negotiate(ciphers=[crypto.SMB2_AES_128_GCM])
self.assertEqual(conn.negotiate_response.dialect_revision,
smb2.DIALECT_SMB3_1_1)
self.assertFalse(conn.negotiate_response.capabilities
& smb2.SMB2_GLOBAL_CAP_ENCRYPTION)
chan = conn.session_setup(self.creds)
chan.session.encrypt_data = True
self.assertIsNotNone(chan.session.encryption_context)
self.assertEqual(chan.session.encryption_context.aes_mode,
crypto.AES.MODE_GCM)
chan.session.encrypt_data = True
tree = chan.tree_connect(self.share)
self.assertIsNotNone(
tree.tree_connect_response.parent.parent.transform)
nb_req = chan.frame()
smb_req1 = chan.request(nb_req, obj=tree)
smb_req2 = chan.request(nb_req, obj=tree)
create_req = smb2.CreateRequest(smb_req1)
close_req = smb2.CloseRequest(smb_req2)
create_req.name = "hello.txt"
create_req.desired_access = pike.smb2.GENERIC_READ | pike.smb2.GENERIC_WRITE
create_req.file_attributes = pike.smb2.FILE_ATTRIBUTE_NORMAL
create_req.create_disposition = pike.smb2.FILE_OPEN_IF
max_req = pike.smb2.MaximalAccessRequest(create_req)
close_req.file_id = smb2.RELATED_FID
smb_req2.flags |= smb2.SMB2_FLAGS_RELATED_OPERATIONS
resp = chan.connection.transceive(nb_req)
parent = resp[0].parent
self.assertIsNotNone(parent.transform)
for r in resp:
self.assertEqual(r.parent, parent)
def __init__(self, *args, **kwargs):
unittest.TestCase.__init__(self, *args, **kwargs)
self.init_once()
self.server = self.option('PIKE_SERVER')
self.port = int(self.option('PIKE_PORT', '445'))
self.creds = self.option('PIKE_CREDS')
self.share = self.option('PIKE_SHARE', 'c$')
self.signing = self.booloption('PIKE_SIGN')
self.encryption = self.booloption('PIKE_ENCRYPT')
self.min_dialect = self.smb2constoption('PIKE_MIN_DIALECT')
self.max_dialect = self.smb2constoption('PIKE_MAX_DIALECT')
self._connections = []
self.default_client = model.Client()
if self.min_dialect is not None:
self.default_client.dialects = filter(
lambda d: d >= self.min_dialect, self.default_client.dialects)
if self.max_dialect is not None:
self.default_client.dialects = filter(
lambda d: d <= self.max_dialect, self.default_client.dialects)
if self.signing:
self.default_client.security_mode = (
smb2.SMB2_NEGOTIATE_SIGNING_ENABLED
| smb2.SMB2_NEGOTIATE_SIGNING_REQUIRED)
def setup(self):
self.conn = model.Client().connect(self.server, self.port)
self.client = self.conn.client
def negotiate(self, *args, **kwds):
self.conn = model.Client().connect(self.server, self.port)
self.client = self.conn.client
return self.conn.negotiate(*args, **kwds).negotiate_response