summaryrefslogtreecommitdiff
path: root/source3/torture
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2011-06-18 09:56:12 +0200
committerVolker Lendecke <vl@samba.org>2011-06-19 11:30:02 +0200
commit763941f2456f6c50581a1fa54aaba810a2b9efd1 (patch)
treec2dbb2e476d0807a7b803de937ccf37df322727a /source3/torture
parent8e02b70767be0d1e86059b0ecb9bd555896b48fd (diff)
downloadsamba-763941f2456f6c50581a1fa54aaba810a2b9efd1.tar.gz
s3: Test nttrans_create
This is a test for the share security descriptor exception for nttrans_create
Diffstat (limited to 'source3/torture')
-rw-r--r--source3/torture/proto.h1
-rw-r--r--source3/torture/test_nttrans_create.c108
-rw-r--r--source3/torture/torture.c1
3 files changed, 110 insertions, 0 deletions
diff --git a/source3/torture/proto.h b/source3/torture/proto.h
index ebaf6cf1ebf..6a47a18cd7c 100644
--- a/source3/torture/proto.h
+++ b/source3/torture/proto.h
@@ -90,5 +90,6 @@ bool run_async_echo(int dummy);
bool run_smb_any_connect(int dummy);
bool run_addrchange(int dummy);
bool run_notify_online(int dummy);
+bool run_nttrans_create(int dummy);
#endif /* __TORTURE_H__ */
diff --git a/source3/torture/test_nttrans_create.c b/source3/torture/test_nttrans_create.c
new file mode 100644
index 00000000000..9869f020e9b
--- /dev/null
+++ b/source3/torture/test_nttrans_create.c
@@ -0,0 +1,108 @@
+/*
+ Unix SMB/CIFS implementation.
+ Basic test for share secdescs vs nttrans_create
+ Copyright (C) Volker Lendecke 2011
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "torture/proto.h"
+#include "libsmb/libsmb.h"
+#include "libcli/security/dom_sid.h"
+#include "libcli/security/secdesc.h"
+#include "libcli/security/security.h"
+
+bool run_nttrans_create(int dummy)
+{
+ struct cli_state *cli = NULL;
+ NTSTATUS status, status2;
+ bool ret = false;
+ struct security_ace ace;
+ struct security_acl acl;
+ struct security_descriptor *sd;
+ const char *fname = "transtest";
+ uint16_t fnum, fnum2;
+ struct dom_sid owner;
+
+ printf("Starting NTTRANS_CREATE\n");
+
+ if (!torture_open_connection(&cli, 0)) {
+ printf("torture_open_connection failed\n");
+ goto fail;
+ }
+
+ ZERO_STRUCT(ace);
+ ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
+ ace.access_mask = SEC_RIGHTS_FILE_ALL & ~SEC_STD_WRITE_DAC;
+ sid_copy(&ace.trustee, &global_sid_World);
+
+ acl.revision = SECURITY_ACL_REVISION_NT4;
+ acl.size = 0;
+ acl.num_aces = 1;
+ acl.aces = &ace;
+
+ dom_sid_parse("S-1-22-1-1000", &owner);
+
+ sd = make_sec_desc(talloc_tos(),
+ SECURITY_DESCRIPTOR_REVISION_1,
+ SEC_DESC_SELF_RELATIVE|
+ SEC_DESC_DACL_PRESENT|SEC_DESC_OWNER_DEFAULTED|
+ SEC_DESC_GROUP_DEFAULTED,
+ NULL, NULL, NULL, &acl, NULL);
+ if (sd == NULL) {
+ d_fprintf(stderr, "make_sec_desc failed\n");
+ goto fail;
+ }
+
+ status = cli_nttrans_create(
+ cli, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS|
+ READ_CONTROL_ACCESS,
+ FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE| FILE_SHARE_DELETE,
+ FILE_CREATE, 0, 0, sd, NULL, 0, &fnum);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "cli_nttrans_create returned %s\n",
+ nt_errstr(status));
+ goto fail;
+ }
+
+ cli_query_secdesc(cli, fnum, talloc_tos());
+
+ status2 = cli_ntcreate(cli, fname, 0, WRITE_DAC_ACCESS,
+ FILE_ATTRIBUTE_NORMAL,
+ FILE_SHARE_READ|FILE_SHARE_WRITE|
+ FILE_SHARE_DELETE,
+ FILE_OPEN, 0, 0, &fnum2);
+
+ status = cli_nt_delete_on_close(cli, fnum, true);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "cli_nt_delete_on_close returned %s\n",
+ nt_errstr(status));
+ goto fail;
+ }
+
+ if (!NT_STATUS_EQUAL(status2, NT_STATUS_ACCESS_DENIED)) {
+ d_fprintf(stderr, "cli_ntcreate returned %s\n",
+ nt_errstr(status));
+ goto fail;
+ }
+
+ ret = true;
+fail:
+ if (cli != NULL) {
+ torture_close_connection(cli);
+ }
+ return ret;
+}
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 8512a0e47b4..0731326cf94 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -8636,6 +8636,7 @@ static struct {
{ "CHAIN1", run_chain1, 0},
{ "CHAIN2", run_chain2, 0},
{ "WINDOWS-WRITE", run_windows_write, 0},
+ { "NTTRANS-CREATE", run_nttrans_create, 0},
{ "CLI_ECHO", run_cli_echo, 0},
{ "GETADDRINFO", run_getaddrinfo_send, 0},
{ "TLDAP", run_tldap },