Author: gd
Date: 2007-11-02 15:06:58 +0000 (Fri, 02 Nov 2007)
New Revision: 25813

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=25813

Log:
Add unfinished SecurityDescriptorsMasks test for winreg.

Guenther

Modified:
   branches/SAMBA_4_0/source/torture/rpc/winreg.c


Changeset:
Modified: branches/SAMBA_4_0/source/torture/rpc/winreg.c
===================================================================
--- branches/SAMBA_4_0/source/torture/rpc/winreg.c      2007-11-02 14:51:49 UTC 
(rev 25812)
+++ branches/SAMBA_4_0/source/torture/rpc/winreg.c      2007-11-02 15:06:58 UTC 
(rev 25813)
@@ -439,6 +439,40 @@
        return ret;
 }
 
+static bool _test_SecurityDescriptor(struct dcerpc_pipe *p,
+                                    struct torture_context *tctx,
+                                    struct policy_handle *handle,
+                                    uint32_t access_mask,
+                                    const char *key,
+                                    WERROR open_werr,
+                                    WERROR get_werr,
+                                    WERROR set_werr)
+{
+       struct policy_handle new_handle;
+       bool ret = true;
+       bool got_key = false;
+
+       if (!_test_OpenKey(p, tctx, handle, key, access_mask, &new_handle,
+                          open_werr, &got_key)) {
+               return false;
+       }
+
+       if (!got_key) {
+               return true;
+       }
+
+       if (!_test_GetSetSecurityDescriptor(p, tctx, &new_handle,
+                                           get_werr, set_werr)) {
+               ret = false;
+       }
+
+       if (!test_CloseKey(p, tctx, &new_handle)) {
+               return false;
+       }
+
+       return ret;
+}
+
 static bool test_dacl_trustee_present(struct dcerpc_pipe *p,
                                      struct torture_context *tctx,
                                      struct policy_handle *handle,
@@ -946,6 +980,60 @@
        return ret;
 }
 
+static bool test_SecurityDescriptorsMasks(struct dcerpc_pipe *p,
+                                         struct torture_context *tctx,
+                                         struct policy_handle *handle,
+                                         const char *key)
+{
+       bool ret = true;
+       int i;
+
+       struct winreg_mask_result_table {
+               uint32_t access_mask;
+               WERROR open_werr;
+               WERROR get_werr;
+               WERROR set_werr;
+       } sd_mask_tests[] = {
+               { 0,
+                       WERR_ACCESS_DENIED, WERR_BADFILE, WERR_FOOBAR },
+               { SEC_FLAG_MAXIMUM_ALLOWED,
+                       WERR_OK, WERR_OK, WERR_OK },
+               { SEC_STD_WRITE_DAC,
+                       WERR_OK, WERR_ACCESS_DENIED, WERR_FOOBAR },
+               { SEC_FLAG_SYSTEM_SECURITY,
+                       WERR_OK, WERR_ACCESS_DENIED, WERR_FOOBAR }
+       };
+
+       /* FIXME: before this test can ever run successfully we need a way to
+        * correctly read a NULL security_descritpor in ndr, get the required
+        * length, requery, etc.
+        */
+
+       return true;
+
+       for (i=0; i < ARRAY_SIZE(sd_mask_tests); i++) {
+
+               torture_comment(tctx,
+                               "SecurityDescriptor get & set with access_mask: 
0x%08x\n",
+                               sd_mask_tests[i].access_mask);
+               torture_comment(tctx,
+                               "expecting: open %s, get: %s, set: %s\n",
+                               win_errstr(sd_mask_tests[i].open_werr),
+                               win_errstr(sd_mask_tests[i].get_werr),
+                               win_errstr(sd_mask_tests[i].set_werr));
+
+               if (_test_SecurityDescriptor(p, tctx, handle,
+                                            sd_mask_tests[i].access_mask, key,
+                                            sd_mask_tests[i].open_werr,
+                                            sd_mask_tests[i].get_werr,
+                                            sd_mask_tests[i].set_werr)) {
+                       ret = false;
+               }
+       }
+
+       return ret;
+}
+
 typedef bool (*secinfo_verify_fn)(struct dcerpc_pipe *,
                                  struct torture_context *,
                                  struct policy_handle *,
@@ -1255,7 +1343,6 @@
 {
        bool ret = true;
 
-
        if (!test_SecurityDescriptor(p, tctx, handle, key)) {
                printf("test_SecurityDescriptor failed\n");
                ret = false;
@@ -1276,6 +1363,11 @@
                ret = false;
        }
 
+       if (!test_SecurityDescriptorsMasks(p, tctx, handle, key)) {
+               printf("test_SecurityDescriptorsMasks failed\n");
+               ret = false;
+       }
+
        return ret;
 }
 

Reply via email to