diff options
author | Volker Lendecke <vl@samba.org> | 2011-06-18 09:56:12 +0200 |
---|---|---|
committer | Volker Lendecke <vl@samba.org> | 2011-06-19 11:30:02 +0200 |
commit | 763941f2456f6c50581a1fa54aaba810a2b9efd1 (patch) | |
tree | c2dbb2e476d0807a7b803de937ccf37df322727a /source3/torture | |
parent | 8e02b70767be0d1e86059b0ecb9bd555896b48fd (diff) | |
download | samba-763941f2456f6c50581a1fa54aaba810a2b9efd1.tar.gz |
s3: Test nttrans_create
This is a test for the share security descriptor exception for nttrans_create
Diffstat (limited to 'source3/torture')
-rw-r--r-- | source3/torture/proto.h | 1 | ||||
-rw-r--r-- | source3/torture/test_nttrans_create.c | 108 | ||||
-rw-r--r-- | source3/torture/torture.c | 1 |
3 files changed, 110 insertions, 0 deletions
diff --git a/source3/torture/proto.h b/source3/torture/proto.h index ebaf6cf1ebf..6a47a18cd7c 100644 --- a/source3/torture/proto.h +++ b/source3/torture/proto.h @@ -90,5 +90,6 @@ bool run_async_echo(int dummy); bool run_smb_any_connect(int dummy); bool run_addrchange(int dummy); bool run_notify_online(int dummy); +bool run_nttrans_create(int dummy); #endif /* __TORTURE_H__ */ diff --git a/source3/torture/test_nttrans_create.c b/source3/torture/test_nttrans_create.c new file mode 100644 index 00000000000..9869f020e9b --- /dev/null +++ b/source3/torture/test_nttrans_create.c @@ -0,0 +1,108 @@ +/* + Unix SMB/CIFS implementation. + Basic test for share secdescs vs nttrans_create + Copyright (C) Volker Lendecke 2011 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "torture/proto.h" +#include "libsmb/libsmb.h" +#include "libcli/security/dom_sid.h" +#include "libcli/security/secdesc.h" +#include "libcli/security/security.h" + +bool run_nttrans_create(int dummy) +{ + struct cli_state *cli = NULL; + NTSTATUS status, status2; + bool ret = false; + struct security_ace ace; + struct security_acl acl; + struct security_descriptor *sd; + const char *fname = "transtest"; + uint16_t fnum, fnum2; + struct dom_sid owner; + + printf("Starting NTTRANS_CREATE\n"); + + if (!torture_open_connection(&cli, 0)) { + printf("torture_open_connection failed\n"); + goto fail; + } + + ZERO_STRUCT(ace); + ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED; + ace.access_mask = SEC_RIGHTS_FILE_ALL & ~SEC_STD_WRITE_DAC; + sid_copy(&ace.trustee, &global_sid_World); + + acl.revision = SECURITY_ACL_REVISION_NT4; + acl.size = 0; + acl.num_aces = 1; + acl.aces = &ace; + + dom_sid_parse("S-1-22-1-1000", &owner); + + sd = make_sec_desc(talloc_tos(), + SECURITY_DESCRIPTOR_REVISION_1, + SEC_DESC_SELF_RELATIVE| + SEC_DESC_DACL_PRESENT|SEC_DESC_OWNER_DEFAULTED| + SEC_DESC_GROUP_DEFAULTED, + NULL, NULL, NULL, &acl, NULL); + if (sd == NULL) { + d_fprintf(stderr, "make_sec_desc failed\n"); + goto fail; + } + + status = cli_nttrans_create( + cli, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS| + READ_CONTROL_ACCESS, + FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_READ|FILE_SHARE_WRITE| FILE_SHARE_DELETE, + FILE_CREATE, 0, 0, sd, NULL, 0, &fnum); + if (!NT_STATUS_IS_OK(status)) { + d_fprintf(stderr, "cli_nttrans_create returned %s\n", + nt_errstr(status)); + goto fail; + } + + cli_query_secdesc(cli, fnum, talloc_tos()); + + status2 = cli_ntcreate(cli, fname, 0, WRITE_DAC_ACCESS, + FILE_ATTRIBUTE_NORMAL, + FILE_SHARE_READ|FILE_SHARE_WRITE| + FILE_SHARE_DELETE, + FILE_OPEN, 0, 0, &fnum2); + + status = cli_nt_delete_on_close(cli, fnum, true); + if (!NT_STATUS_IS_OK(status)) { + d_fprintf(stderr, "cli_nt_delete_on_close returned %s\n", + nt_errstr(status)); + goto fail; + } + + if (!NT_STATUS_EQUAL(status2, NT_STATUS_ACCESS_DENIED)) { + d_fprintf(stderr, "cli_ntcreate returned %s\n", + nt_errstr(status)); + goto fail; + } + + ret = true; +fail: + if (cli != NULL) { + torture_close_connection(cli); + } + return ret; +} diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 8512a0e47b4..0731326cf94 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -8636,6 +8636,7 @@ static struct { { "CHAIN1", run_chain1, 0}, { "CHAIN2", run_chain2, 0}, { "WINDOWS-WRITE", run_windows_write, 0}, + { "NTTRANS-CREATE", run_nttrans_create, 0}, { "CLI_ECHO", run_cli_echo, 0}, { "GETADDRINFO", run_getaddrinfo_send, 0}, { "TLDAP", run_tldap }, |