The branch, master has been updated via 0604df5... s3-lsa: Fix static list of luids in our privileges implementation. via 5def19e... s4-smbtorture: test workstation auth as well in RPC-SPOOLSS-ACCESS. from e206109... s4:ldb python bindings - implement comparison on Python LDB Message objects
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 0604df52e3b161e010ad4f1aba1a4bc7973c64c1 Author: Günther Deschner <g...@samba.org> Date: Mon Jun 7 12:55:43 2010 +0200 s3-lsa: Fix static list of luids in our privileges implementation. The high/low order changed while moving to LSA defines. Found by torture test. Guenther commit 5def19e4dc0b9f15fa30f7895a2b016c4e59abb0 Author: Günther Deschner <g...@samba.org> Date: Mon Jun 7 12:41:39 2010 +0200 s4-smbtorture: test workstation auth as well in RPC-SPOOLSS-ACCESS. Guenther ----------------------------------------------------------------------- Summary of changes: source3/lib/privileges_basic.c | 18 ++++++++-------- source4/torture/rpc/spoolss_access.c | 36 ++++++++++++++++++++++++++++++++- 2 files changed, 43 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/privileges_basic.c b/source3/lib/privileges_basic.c index d174c70..c970478 100644 --- a/source3/lib/privileges_basic.c +++ b/source3/lib/privileges_basic.c @@ -97,15 +97,15 @@ PRIVS privs[] = { {SE_BATCH_LOGON, "SeBatchLogonRight", "Log on as a batch job", { 0x0, 0x0 }}, {SE_SERVICE_LOGON, "SeServiceLogonRight", "Log on as a service", { 0x0, 0x0 }}, #endif - {SE_MACHINE_ACCOUNT, "SeMachineAccountPrivilege", "Add machines to domain", { 0x0, 0x0006 }}, - {SE_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege", "Take ownership of files or other objects",{ 0x0, 0x0009 }}, - {SE_BACKUP, "SeBackupPrivilege", "Back up files and directories", { 0x0, 0x0011 }}, - {SE_RESTORE, "SeRestorePrivilege", "Restore files and directories", { 0x0, 0x0012 }}, - {SE_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege", "Force shutdown from a remote system", { 0x0, 0x0018 }}, - - {SE_PRINT_OPERATOR, "SePrintOperatorPrivilege", "Manage printers", { 0x0, 0x1001 }}, - {SE_ADD_USERS, "SeAddUsersPrivilege", "Add users and groups to the domain", { 0x0, 0x1002 }}, - {SE_DISK_OPERATOR, "SeDiskOperatorPrivilege", "Manage disk shares", { 0x0, 0x1003 }}, + {SE_MACHINE_ACCOUNT, "SeMachineAccountPrivilege", "Add machines to domain", { 0x0006, 0x0 }}, + {SE_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege", "Take ownership of files or other objects",{ 0x0009, 0x0 }}, + {SE_BACKUP, "SeBackupPrivilege", "Back up files and directories", { 0x0011, 0x0 }}, + {SE_RESTORE, "SeRestorePrivilege", "Restore files and directories", { 0x0012, 0x0 }}, + {SE_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege", "Force shutdown from a remote system", { 0x0018, 0x0 }}, + + {SE_PRINT_OPERATOR, "SePrintOperatorPrivilege", "Manage printers", { 0x1001, 0x0 }}, + {SE_ADD_USERS, "SeAddUsersPrivilege", "Add users and groups to the domain", { 0x1002, 0x0 }}, + {SE_DISK_OPERATOR, "SeDiskOperatorPrivilege", "Manage disk shares", { 0x1003, 0x0 }}, {SE_END, "", "", { 0x0, 0x0 }} }; diff --git a/source4/torture/rpc/spoolss_access.c b/source4/torture/rpc/spoolss_access.c index 2bf0331..4123664 100644 --- a/source4/torture/rpc/spoolss_access.c +++ b/source4/torture/rpc/spoolss_access.c @@ -36,6 +36,7 @@ #define TORTURE_USER_PRINTOPGROUP "torture_user_550" #define TORTURE_USER_PRINTOPPRIV "torture_user_priv" #define TORTURE_USER_SD "torture_user_sd" +#define TORTURE_WORKSTATION "torture_workstation" struct torture_user { const char *username; @@ -414,6 +415,7 @@ static bool torture_rpc_spoolss_access_setup_common(struct torture_context *tctx struct dcerpc_pipe *p; const char *printername; const char *binding = torture_setting_string(tctx, "binding", NULL); + struct dcerpc_pipe *spoolss_pipe; testuser = torture_create_testuser_max_pwlen(tctx, t->user.username, torture_setting_string(tctx, "workgroup", NULL), @@ -460,8 +462,6 @@ static bool torture_rpc_spoolss_access_setup_common(struct torture_context *tctx talloc_free(lsa_pipe); } - struct dcerpc_pipe *spoolss_pipe; - torture_assert_ntstatus_ok(tctx, torture_rpc_connection(tctx, &spoolss_pipe, &ndr_table_spoolss), "Error connecting to server"); @@ -701,10 +701,36 @@ static bool test_openprinter_admin(struct torture_context *tctx, return ret; } +static bool test_openprinter_wrap(struct torture_context *tctx, + struct dcerpc_pipe *p) +{ + struct torture_access_context *t; + const char *printername; + bool ret = true; + + t = talloc_zero(tctx, struct torture_access_context); + + t->user.username = talloc_strdup(tctx, "dummy"); + t->spoolss_pipe = p; + + torture_assert(tctx, + test_EnumPrinters_findone(tctx, p, &printername), + "failed to enumerate printers"); + + t->printername = printername; + + ret = test_openprinter(tctx, (void *)t); + + talloc_free(t); + + return true; +} + struct torture_suite *torture_rpc_spoolss_access(TALLOC_CTX *mem_ctx) { struct torture_suite *suite = torture_suite_create(mem_ctx, "SPOOLSS-ACCESS"); struct torture_tcase *tcase; + struct torture_rpc_tcase *rpc_tcase; tcase = torture_suite_add_tcase(suite, "normaluser"); @@ -750,5 +776,11 @@ struct torture_suite *torture_rpc_spoolss_access(TALLOC_CTX *mem_ctx) torture_tcase_add_simple_test(tcase, "openprinter", test_openprinter); torture_tcase_add_simple_test(tcase, "openprinter_admin", test_openprinter_admin); + rpc_tcase = torture_suite_add_machine_workstation_rpc_iface_tcase(suite, "workstation", + &ndr_table_spoolss, + TORTURE_WORKSTATION); + + torture_rpc_tcase_add_test(rpc_tcase, "openprinter", test_openprinter_wrap); + return suite; } -- Samba Shared Repository