The branch, master has been updated via d41b8c3... s4-smbtorture: skip security descriptor tests against Samba in RPC-WINREG. via 3db9729... s4-smbtorture: re-arrange tests in RPC-WINREG. via 75a4dff... s4-smbtorture: add test to check different keytypes. via 89eaa9e... s4-smbtorture: add test_DeleteKey_opts to RPC-WINREG. via 80ba129... s4-smbtorture: add test_OpenKey_opts() to RPC-WINREG. via c33a7ca... s4-smbtorture: add test_CreateKey_opts() to RPC-WINREG test. via f075720... s4-smbtorture: put HKLM current_version test into an own function. via 8fd4375... s4-smbtorture: use binding handle for simple SetValue winreg test. from 50cc29b... s4:torture/rpc/lsa*: make use of dcerpc_binding_handle stubs
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit d41b8c305342de0795dd49dac588b5c0b8f00bfe Author: Günther Deschner <g...@samba.org> Date: Wed Mar 17 11:31:43 2010 +0100 s4-smbtorture: skip security descriptor tests against Samba in RPC-WINREG. Guenther commit 3db9729240dedd74cdf3d404b68ac45ef0fe0bca Author: Günther Deschner <g...@samba.org> Date: Wed Mar 17 01:25:42 2010 +0100 s4-smbtorture: re-arrange tests in RPC-WINREG. Mostly choping test_Open() into smaller parts. Guenther commit 75a4dffac1e25293e67fc1b471fb8d74c2f40e61 Author: Günther Deschner <g...@samba.org> Date: Wed Mar 17 00:57:22 2010 +0100 s4-smbtorture: add test to check different keytypes. This test will be skipped for samba. Guenther commit 89eaa9ed8e52ff9447285974d2acd586257e4319 Author: Günther Deschner <g...@samba.org> Date: Wed Mar 17 11:36:09 2010 +0100 s4-smbtorture: add test_DeleteKey_opts to RPC-WINREG. Guenther commit 80ba1295ec39692821b0f2af1c53124f80ae8866 Author: Günther Deschner <g...@samba.org> Date: Wed Mar 17 00:55:41 2010 +0100 s4-smbtorture: add test_OpenKey_opts() to RPC-WINREG. Guenther commit c33a7ca84cc313299af746b60a7cf94c4589c44b Author: Günther Deschner <g...@samba.org> Date: Wed Mar 17 00:53:21 2010 +0100 s4-smbtorture: add test_CreateKey_opts() to RPC-WINREG test. Guenther commit f07572063dcc84d0f91284ecbf03b4319fe37a60 Author: Günther Deschner <g...@samba.org> Date: Wed Mar 17 00:05:52 2010 +0100 s4-smbtorture: put HKLM current_version test into an own function. Guenther commit 8fd4375803c4cdebd7e68053c8b62e78b887eec8 Author: Günther Deschner <g...@samba.org> Date: Wed Mar 17 00:05:02 2010 +0100 s4-smbtorture: use binding handle for simple SetValue winreg test. Guenther ----------------------------------------------------------------------- Summary of changes: source4/torture/rpc/winreg.c | 656 +++++++++++++++++++++++++++--------------- 1 files changed, 431 insertions(+), 225 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/torture/rpc/winreg.c b/source4/torture/rpc/winreg.c index a5a3812..14abd51 100644 --- a/source4/torture/rpc/winreg.c +++ b/source4/torture/rpc/winreg.c @@ -37,6 +37,9 @@ #define TEST_SUBKEY_SD TEST_KEY4 "\\subkey_sd" #define TEST_SUBSUBKEY_SD TEST_KEY4 "\\subkey_sd\\subsubkey_sd" #define TEST_VALUE "torture_value_name" +#define TEST_KEY_VOLATILE "torture_volatile_key" +#define TEST_SUBKEY_VOLATILE "torture_volatile_subkey" +#define TEST_KEY_SYMLINK "torture_symlink_key" #define TEST_SID "S-1-5-21-1234567890-1234567890-1234567890-500" @@ -64,6 +67,8 @@ static bool test_GetVersion(struct dcerpc_binding_handle *b, struct winreg_GetVersion r; uint32_t v; + torture_comment(tctx, "Testing GetVersion\n"); + ZERO_STRUCT(r); r.in.handle = handle; r.out.version = &v; @@ -104,33 +109,63 @@ static bool test_NotifyChangeKeyValue(struct dcerpc_binding_handle *b, return true; } -static bool test_CreateKey(struct dcerpc_binding_handle *b, - struct torture_context *tctx, - struct policy_handle *handle, const char *name, - const char *kclass) +static bool test_CreateKey_opts(struct torture_context *tctx, + struct dcerpc_binding_handle *b, + struct policy_handle *handle, + const char *name, + const char *kclass, + enum winreg_KeyType options, + uint32_t access_mask, + struct winreg_SecBuf *secdesc, + WERROR expected_result, + enum winreg_CreateAction *action_taken_p, + struct policy_handle *new_handle_p) { struct winreg_CreateKey r; struct policy_handle newhandle; enum winreg_CreateAction action_taken = 0; + torture_comment(tctx, "Testing CreateKey(%s)\n", name); + ZERO_STRUCT(r); r.in.handle = handle; - r.out.new_handle = &newhandle; init_winreg_String(&r.in.name, name); init_winreg_String(&r.in.keyclass, kclass); - r.in.options = 0x0; - r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - r.in.action_taken = r.out.action_taken = &action_taken; - r.in.secdesc = NULL; + r.in.options = options; + r.in.access_mask = access_mask; + r.in.action_taken = &action_taken; + r.in.secdesc = secdesc; + r.out.new_handle = &newhandle; + r.out.action_taken = &action_taken; torture_assert_ntstatus_ok(tctx, dcerpc_winreg_CreateKey_r(b, tctx, &r), "CreateKey failed"); - torture_assert_werr_ok(tctx, r.out.result, "CreateKey failed"); + torture_assert_werr_equal(tctx, r.out.result, expected_result, "CreateKey failed"); + + if (new_handle_p) { + *new_handle_p = newhandle; + } + if (action_taken_p) { + *action_taken_p = *r.out.action_taken; + } return true; } +static bool test_CreateKey(struct dcerpc_binding_handle *b, + struct torture_context *tctx, + struct policy_handle *handle, const char *name, + const char *kclass) +{ + return test_CreateKey_opts(tctx, b, handle, name, kclass, + REG_KEYTYPE_NON_VOLATILE, + SEC_FLAG_MAXIMUM_ALLOWED, + NULL, /* secdesc */ + WERR_OK, + NULL, /* action_taken */ + NULL /* new_handle */); +} /* createkey testing with a SD @@ -354,33 +389,30 @@ static bool test_FlushKey(struct dcerpc_binding_handle *b, return true; } -static bool _test_OpenKey(struct dcerpc_binding_handle *b, - struct torture_context *tctx, - struct policy_handle *hive_handle, - const char *keyname, uint32_t access_mask, - struct policy_handle *key_handle, - WERROR open_werr, - bool *success) +static bool test_OpenKey_opts(struct torture_context *tctx, + struct dcerpc_binding_handle *b, + struct policy_handle *hive_handle, + const char *keyname, + enum winreg_KeyType options, + uint32_t access_mask, + struct policy_handle *key_handle, + WERROR expected_result) { struct winreg_OpenKey r; ZERO_STRUCT(r); r.in.parent_handle = hive_handle; init_winreg_String(&r.in.keyname, keyname); - r.in.options = REG_KEYTYPE_NON_VOLATILE; + r.in.options = options; r.in.access_mask = access_mask; r.out.handle = key_handle; torture_assert_ntstatus_ok(tctx, dcerpc_winreg_OpenKey_r(b, tctx, &r), "OpenKey failed"); - torture_assert_werr_equal(tctx, r.out.result, open_werr, + torture_assert_werr_equal(tctx, r.out.result, expected_result, "OpenKey failed"); - if (success && W_ERROR_EQUAL(r.out.result, WERR_OK)) { - *success = true; - } - return true; } @@ -389,9 +421,11 @@ static bool test_OpenKey(struct dcerpc_binding_handle *b, struct policy_handle *hive_handle, const char *keyname, struct policy_handle *key_handle) { - return _test_OpenKey(b, tctx, hive_handle, keyname, - SEC_FLAG_MAXIMUM_ALLOWED, key_handle, - WERR_OK, NULL); + return test_OpenKey_opts(tctx, b, hive_handle, keyname, + REG_KEYTYPE_NON_VOLATILE, + SEC_FLAG_MAXIMUM_ALLOWED, + key_handle, + WERR_OK); } static bool test_Cleanup(struct dcerpc_binding_handle *b, @@ -466,15 +500,17 @@ static bool _test_SecurityDescriptor(struct dcerpc_pipe *p, { struct policy_handle new_handle; bool ret = true; - bool got_key = false; struct dcerpc_binding_handle *b = p->binding_handle; - if (!_test_OpenKey(b, tctx, handle, key, access_mask, &new_handle, - open_werr, &got_key)) { - return false; - } - - if (!got_key) { + torture_assert(tctx, + test_OpenKey_opts(tctx, b, handle, key, + REG_KEYTYPE_NON_VOLATILE, + access_mask, + &new_handle, + open_werr), + "failed to open key"); + + if (!W_ERROR_IS_OK(open_werr)) { return true; } @@ -572,10 +608,13 @@ static bool _test_sacl_trustee_present(struct dcerpc_pipe *p, bool ret = true; struct dcerpc_binding_handle *b = p->binding_handle; - if (!_test_OpenKey(b, tctx, handle, key, SEC_FLAG_SYSTEM_SECURITY, - &new_handle, WERR_OK, NULL)) { - return false; - } + torture_assert(tctx, + test_OpenKey_opts(tctx, b, handle, key, + REG_KEYTYPE_NON_VOLATILE, + SEC_FLAG_SYSTEM_SECURITY, + &new_handle, + WERR_OK), + "failed to open key"); ret = test_sacl_trustee_present(p, tctx, &new_handle, sid); @@ -1073,26 +1112,19 @@ static bool test_SetSecurityDescriptor_SecInfo(struct dcerpc_pipe *p, const struct dom_sid *sid) { struct policy_handle new_handle; - bool open_success = false; struct dcerpc_binding_handle *b = p->binding_handle; torture_comment(tctx, "SecurityDescriptor (%s) sets for secinfo: " "0x%08x, access_mask: 0x%08x\n", test, sec_info, access_mask); - if (!_test_OpenKey(b, tctx, handle, key, - access_mask, - &new_handle, - WERR_OK, - &open_success)) { - return false; - } - - if (!open_success) { - torture_comment(tctx, "key did not open\n"); - test_CloseKey(b, tctx, &new_handle); - return false; - } + torture_assert(tctx, + test_OpenKey_opts(tctx, b, handle, key, + REG_KEYTYPE_NON_VOLATILE, + access_mask, + &new_handle, + WERR_OK), + "failed to open key"); if (!_test_SetKeySecurity(p, tctx, &new_handle, &sec_info, sd, @@ -1387,24 +1419,34 @@ static bool test_SecurityDescriptors(struct dcerpc_pipe *p, return ret; } -static bool test_DeleteKey(struct dcerpc_binding_handle *b, - struct torture_context *tctx, - struct policy_handle *handle, const char *key) +static bool test_DeleteKey_opts(struct dcerpc_binding_handle *b, + struct torture_context *tctx, + struct policy_handle *handle, + const char *key, + WERROR expected_result) { - NTSTATUS status; struct winreg_DeleteKey r; + torture_comment(tctx, "Testing DeleteKey(%s)\n", key); + r.in.handle = handle; init_winreg_String(&r.in.key, key); - status = dcerpc_winreg_DeleteKey_r(b, tctx, &r); - - torture_assert_ntstatus_ok(tctx, status, "DeleteKey failed"); - torture_assert_werr_ok(tctx, r.out.result, "DeleteKey failed"); + torture_assert_ntstatus_ok(tctx, dcerpc_winreg_DeleteKey_r(b, tctx, &r), + "Delete Key failed"); + torture_assert_werr_equal(tctx, r.out.result, expected_result, + "DeleteKey failed"); return true; } +static bool test_DeleteKey(struct dcerpc_binding_handle *b, + struct torture_context *tctx, + struct policy_handle *handle, const char *key) +{ + return test_DeleteKey_opts(b, tctx, handle, key, WERR_OK); +} + static bool test_QueryInfoKey(struct dcerpc_binding_handle *b, struct torture_context *tctx, struct policy_handle *handle, char *kclass) @@ -1871,7 +1913,7 @@ static bool test_key(struct dcerpc_pipe *p, struct torture_context *tctx, return true; } -static bool test_SetValue_simple(struct dcerpc_pipe *p, +static bool test_SetValue_simple(struct dcerpc_binding_handle *b, struct torture_context *tctx, struct policy_handle *handle) { @@ -1886,7 +1928,6 @@ static bool test_SetValue_simple(struct dcerpc_pipe *p, REG_MULTI_SZ }; int t; - struct dcerpc_binding_handle *b = p->binding_handle; torture_comment(tctx, "Testing SetValue (standard formats)\n"); @@ -1956,81 +1997,6 @@ static bool test_SetValue_simple(struct dcerpc_pipe *p, typedef NTSTATUS (*winreg_open_fn)(struct dcerpc_binding_handle *, TALLOC_CTX *, void *); -static bool test_Open_Security(struct torture_context *tctx, - struct dcerpc_pipe *p, void *userdata) -{ - struct policy_handle handle, newhandle; - bool ret = true, created2 = false; - bool created4 = false; - struct winreg_OpenHKLM r; - struct dcerpc_binding_handle *b = p->binding_handle; - - winreg_open_fn open_fn = userdata; - - ZERO_STRUCT(r); - r.in.system_name = 0; - r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - r.out.handle = &handle; - - torture_assert_ntstatus_ok(tctx, open_fn(b, tctx, &r), - "open"); - - test_Cleanup(b, tctx, &handle, TEST_KEY_BASE); - - if (!test_CreateKey(b, tctx, &handle, TEST_KEY_BASE, NULL)) { - torture_comment(tctx, - "CreateKey (TEST_KEY_BASE) failed\n"); - } - - if (test_CreateKey_sd(b, tctx, &handle, TEST_KEY2, - NULL, &newhandle)) { - created2 = true; - } - - if (created2 && !test_CloseKey(b, tctx, &newhandle)) { - torture_comment(tctx, "CloseKey failed\n"); - ret = false; - } - - if (test_CreateKey_sd(b, tctx, &handle, TEST_KEY4, NULL, &newhandle)) { - created4 = true; - } - - if (created4 && !test_CloseKey(b, tctx, &newhandle)) { - torture_comment(tctx, "CloseKey failed\n"); - ret = false; - } - - if (created4 && !test_SecurityDescriptors(p, tctx, &handle, TEST_KEY4)) { - ret = false; - } - - if (created4 && !test_DeleteKey(b, tctx, &handle, TEST_KEY4)) { - torture_comment(tctx, "DeleteKey failed\n"); - ret = false; - } - - if (created2 && !test_DeleteKey(b, tctx, &handle, TEST_KEY2)) { - torture_comment(tctx, "DeleteKey failed\n"); - ret = false; - } - - /* The HKCR hive has a very large fanout */ - if (open_fn == (void *)dcerpc_winreg_OpenHKCR_r) { - if(!test_key(p, tctx, &handle, MAX_DEPTH - 1, true)) { - ret = false; - } - } else { - if (!test_key(p, tctx, &handle, 0, true)) { - ret = false; - } - } - - test_Cleanup(b, tctx, &handle, TEST_KEY_BASE); - - return ret; -} - static bool test_SetValue_extended(struct dcerpc_binding_handle *b, struct torture_context *tctx, struct policy_handle *handle) @@ -2108,119 +2074,376 @@ static bool test_SetValue_extended(struct dcerpc_binding_handle *b, #define KEY_CURRENT_VERSION "SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION" #define VALUE_CURRENT_VERSION "CurrentVersion" -static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, - void *userdata) +static bool test_HKLM_wellknown(struct torture_context *tctx, + struct dcerpc_binding_handle *b, + struct policy_handle *handle) { - struct policy_handle handle, newhandle; - bool ret = true, created = false, deleted = false; - bool created3 = false, created_subkey = false; - struct winreg_OpenHKLM r; - struct dcerpc_binding_handle *b = p->binding_handle; + struct policy_handle newhandle; - winreg_open_fn open_fn = userdata; + /* FIXME: s3 does not support SEC_FLAG_MAXIMUM_ALLOWED yet */ + if (torture_setting_bool(tctx, "samba3", false)) { + torture_assert(tctx, test_OpenKey_opts(tctx, b, handle, + KEY_CURRENT_VERSION, + REG_KEYTYPE_NON_VOLATILE, + KEY_QUERY_VALUE, + &newhandle, + WERR_OK), + "failed to open current version key"); + } else { + torture_assert(tctx, test_OpenKey(b, tctx, handle, KEY_CURRENT_VERSION, &newhandle), + "failed to open current version key"); + } - ZERO_STRUCT(r); - r.in.system_name = 0; - r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - r.out.handle = &handle; + torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, VALUE_CURRENT_VERSION, true), + "failed to query current version"); + torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, "IDoNotExist", false), + "failed to query current version"); + torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, NULL, false), + "test_QueryValue_full for NULL value failed"); + torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, "", false), + "test_QueryValue_full for \"\" value failed"); - torture_assert_ntstatus_ok(tctx, open_fn(b, tctx, &r), - "open"); + torture_assert(tctx, test_CloseKey(b, tctx, &newhandle), + "failed to close current version key"); - if (open_fn == (void *)dcerpc_winreg_OpenHKLM_r) { -#if 0 - torture_assert(tctx, test_OpenKey(p, tctx, &handle, KEY_CURRENT_VERSION, &newhandle), - "failed to open current version key"); -#else - torture_assert(tctx, _test_OpenKey(b, tctx, &handle, KEY_CURRENT_VERSION, KEY_QUERY_VALUE, &newhandle, WERR_OK, NULL), - "failed to open current version key"); -#endif - torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, VALUE_CURRENT_VERSION, true), - "failed to query current version"); - torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, "IDoNotExist", false), - "failed to query current version"); - torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, NULL, false), - "test_QueryValue_full for NULL value failed"); - torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, "", false), - "test_QueryValue_full for \"\" value failed"); + return true; +} + +static bool test_volatile_keys(struct torture_context *tctx, + struct dcerpc_binding_handle *b, + struct policy_handle *handle) +{ + struct policy_handle new_handle; + enum winreg_CreateAction action_taken; + + torture_comment(tctx, "Testing REG_KEYTYPE_VOLATILE key\n"); + + torture_assert(tctx, + test_CreateKey_opts(tctx, b, handle, TEST_KEY_VOLATILE, NULL, + REG_KEYTYPE_VOLATILE, + SEC_FLAG_MAXIMUM_ALLOWED, + NULL, + WERR_OK, + &action_taken, + &new_handle), + "failed to create REG_KEYTYPE_VOLATILE type key"); + + torture_assert_int_equal(tctx, action_taken, REG_CREATED_NEW_KEY, "unexpected action"); + + torture_assert(tctx, + test_CreateKey_opts(tctx, b, &new_handle, TEST_SUBKEY_VOLATILE, NULL, + REG_KEYTYPE_NON_VOLATILE, + SEC_FLAG_MAXIMUM_ALLOWED, + NULL, + WERR_CHILD_MUST_BE_VOLATILE, + NULL, + NULL), + "failed to fail create REG_KEYTYPE_VOLATILE type key"); + + torture_assert(tctx, + test_CloseKey(b, tctx, &new_handle), + "failed to close"); - torture_assert(tctx, test_CloseKey(b, tctx, &newhandle), - "failed to close current version key"); + torture_assert(tctx, + test_OpenKey_opts(tctx, b, handle, TEST_KEY_VOLATILE, + REG_KEYTYPE_NON_VOLATILE, + SEC_FLAG_MAXIMUM_ALLOWED, + &new_handle, + WERR_OK), + "failed to open volatile key"); + + torture_assert(tctx, + test_DeleteKey(b, tctx, handle, TEST_KEY_VOLATILE), + "failed to delete key"); + + torture_assert(tctx, + test_CreateKey_opts(tctx, b, handle, TEST_KEY_VOLATILE, NULL, + REG_KEYTYPE_VOLATILE, + SEC_FLAG_MAXIMUM_ALLOWED, + NULL, + WERR_OK, + &action_taken, -- Samba Shared Repository