The branch, master has been updated via df7523c pidl: fix minor typo in s3 server generation. via 33c6a4e s3-spoolss: add more userlevel info validation to _spoolss_OpenPrinterEx. via 025290e s3-spoolss: let set_printer_hnd_name return WERROR. via c8a295a s3-spoolss: convert open_printer_hnd to return WERROR. via fe724c7 s3-spoolss: fix set_printer_hnd_name() to match torture test. via 43d226f s4-smbtorture: add test for openprinter printername pattern. from 6633a7b unit tests: do some cleanup after tests
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit df7523c79208cc374060787f726f9066007d88ea Author: Günther Deschner <g...@samba.org> Date: Mon Oct 11 12:38:05 2010 +0200 pidl: fix minor typo in s3 server generation. Guenther Autobuild-User: Günther Deschner <g...@samba.org> Autobuild-Date: Mon Oct 11 15:12:57 UTC 2010 on sn-devel-104 commit 33c6a4eb8a0017db9d7b3cc337142fd1d08b5da5 Author: Günther Deschner <g...@samba.org> Date: Mon Oct 11 11:33:23 2010 +0200 s3-spoolss: add more userlevel info validation to _spoolss_OpenPrinterEx. Guenther commit 025290e9bf0f7597dc8d849a221fd80f140c1f7a Author: Günther Deschner <g...@samba.org> Date: Mon Oct 4 20:27:20 2010 +0200 s3-spoolss: let set_printer_hnd_name return WERROR. Guenther commit c8a295ab7f1ba96b1a1f44004b581770c0da51ad Author: Günther Deschner <g...@samba.org> Date: Mon Oct 4 11:02:52 2010 +0200 s3-spoolss: convert open_printer_hnd to return WERROR. Guenther commit fe724c70d2b8b916cb7ca77b7370d77e8e5b80de Author: Günther Deschner <g...@samba.org> Date: Sat Oct 2 22:14:37 2010 +0200 s3-spoolss: fix set_printer_hnd_name() to match torture test. Guenther commit 43d226fa25746a99ff598be6f0d663c8c11b7d97 Author: Günther Deschner <g...@samba.org> Date: Sat Oct 2 22:13:44 2010 +0200 s4-smbtorture: add test for openprinter printername pattern. Guenther ----------------------------------------------------------------------- Summary of changes: pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm | 2 +- source3/rpc_server/srv_spoolss_nt.c | 92 +++++++++++++-------- source4/torture/rpc/spoolss.c | 131 ++++++++++++++++++++++++++++++- 3 files changed, 187 insertions(+), 38 deletions(-) Changeset truncated at 500 lines: diff --git a/pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm b/pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm index 1cbf187..0ebccf5 100644 --- a/pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm +++ b/pidl/lib/Parse/Pidl/Samba3/ServerNDR.pm @@ -190,7 +190,7 @@ sub ParseFunction($$) pidl "}"; pidl ""; pidl "if (DEBUGLEVEL >= 10) {"; - pidl "\nNDR_PRINT_FUNCTION_DEBUG($fn->{NAME}, NDR_OUT | NDR_SET_VALUES, r);"; + pidl "\tNDR_PRINT_FUNCTION_DEBUG($fn->{NAME}, NDR_OUT | NDR_SET_VALUES, r);"; pidl "}"; pidl ""; pidl "push = ndr_push_init_ctx(r);"; diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index c05ba66..3783d0f 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -532,11 +532,11 @@ static void prune_printername_cache(void) XcvDataPort() interface. ****************************************************************************/ -static bool set_printer_hnd_name(TALLOC_CTX *mem_ctx, - const struct auth_serversupplied_info *server_info, - struct messaging_context *msg_ctx, - struct printer_handle *Printer, - const char *handlename) +static WERROR set_printer_hnd_name(TALLOC_CTX *mem_ctx, + const struct auth_serversupplied_info *server_info, + struct messaging_context *msg_ctx, + struct printer_handle *Printer, + const char *handlename) { int snum; int n_services=lp_numservices(); @@ -568,36 +568,42 @@ static bool set_printer_hnd_name(TALLOC_CTX *mem_ctx, aprinter++; } if (!is_myname_or_ipaddr(servername)) { - return false; + return WERR_INVALID_PRINTER_NAME; } Printer->servername = talloc_asprintf(Printer, "\\\\%s", servername); if (Printer->servername == NULL) { - return false; + return WERR_NOMEM; } } if (Printer->printer_type == SPLHND_SERVER) { - return true; + return WERR_OK; } if (Printer->printer_type != SPLHND_PRINTER) { - return false; + return WERR_INVALID_HANDLE; } DEBUGADD(5, ("searching for [%s]\n", aprinter)); - if ((p = strchr(aprinter, ',')) != NULL) { - if (*p == ' ') + p = strchr(aprinter, ','); + if (p != NULL) { + char *p2 = p; + p++; + if (*p == ' ') { p++; - if (strnequal(p+1, "DrvConvert", strlen("DrvConvert")) || - strnequal(p+1, " DrvConvert", strlen(" DrvConvert"))) { - *p = '\0'; - } else if (strnequal(p+1, "LocalOnly", strlen("LocalOnly")) || - strnequal(p+1, " LocalOnly", strlen(" LocalOnly"))) { - *p = '\0'; + } + if (strncmp(p, "DrvConvert", strlen("DrvConvert")) == 0) { + *p2 = '\0'; + } else if (strncmp(p, "LocalOnly", strlen("LocalOnly")) == 0) { + *p2 = '\0'; } } + if (p) { + DEBUGADD(5, ("stripped handlename: [%s]\n", aprinter)); + } + /* check for the Port Monitor Interface */ if ( strequal( aprinter, SPL_XCV_MONITOR_TCPMON ) ) { Printer->printer_type = SPLHND_PORTMON_TCP; @@ -625,7 +631,7 @@ static bool set_printer_hnd_name(TALLOC_CTX *mem_ctx, if (!found) { DEBUG(4, ("Printer %s not found\n", aprinter)); SAFE_FREE(tmp); - return false; + return WERR_INVALID_PRINTER_NAME; } fstrcpy(sname, tmp); SAFE_FREE(tmp); @@ -696,7 +702,7 @@ static bool set_printer_hnd_name(TALLOC_CTX *mem_ctx, TALLOC_FREE(cache_key); } DEBUGADD(4,("Printer not found\n")); - return false; + return WERR_INVALID_PRINTER_NAME; } if (cache_key != NULL) { @@ -708,30 +714,33 @@ static bool set_printer_hnd_name(TALLOC_CTX *mem_ctx, fstrcpy(Printer->sharename, sname); - return true; + return WERR_OK; } /**************************************************************************** Find first available printer slot. creates a printer handle for you. ****************************************************************************/ -static bool open_printer_hnd(struct pipes_struct *p, struct policy_handle *hnd, - const char *name, uint32_t access_granted) +static WERROR open_printer_hnd(struct pipes_struct *p, + struct policy_handle *hnd, + const char *name, + uint32_t access_granted) { struct printer_handle *new_printer; + WERROR result; DEBUG(10,("open_printer_hnd: name [%s]\n", name)); new_printer = talloc_zero(p->mem_ctx, struct printer_handle); if (new_printer == NULL) { - return false; + return WERR_NOMEM; } talloc_set_destructor(new_printer, printer_entry_destructor); /* This also steals the printer_handle on the policy_handle */ if (!create_policy_hnd(p, hnd, new_printer)) { TALLOC_FREE(new_printer); - return false; + return WERR_INVALID_HANDLE; } /* Add to the internal list. */ @@ -741,15 +750,16 @@ static bool open_printer_hnd(struct pipes_struct *p, struct policy_handle *hnd, if (!set_printer_hnd_printertype(new_printer, name)) { close_printer_handle(p, hnd); - return false; + return WERR_INVALID_HANDLE; } - if (!set_printer_hnd_name(p->mem_ctx, - get_server_info_system(), - p->msg_ctx, - new_printer, name)) { + result = set_printer_hnd_name(p->mem_ctx, + get_server_info_system(), + p->msg_ctx, + new_printer, name); + if (!W_ERROR_IS_OK(result)) { close_printer_handle(p, hnd); - return false; + return result; } new_printer->access_granted = access_granted; @@ -757,7 +767,7 @@ static bool open_printer_hnd(struct pipes_struct *p, struct policy_handle *hnd, DEBUG(5, ("%d printer handles active\n", (int)num_pipe_handles(p))); - return true; + return WERR_OK; } /*************************************************************************** @@ -1677,21 +1687,32 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p, { int snum; struct printer_handle *Printer=NULL; + WERROR result; if (!r->in.printername) { return WERR_INVALID_PARAM; } + if (r->in.level < 0 || r->in.level > 3) { + return WERR_INVALID_PARAM; + } + if ((r->in.level == 1 && !r->in.userlevel.level1) || + (r->in.level == 2 && !r->in.userlevel.level2) || + (r->in.level == 3 && !r->in.userlevel.level3)) { + return WERR_INVALID_PARAM; + } + /* some sanity check because you can open a printer or a print server */ /* aka: \\server\printer or \\server */ DEBUGADD(3,("checking name: %s\n", r->in.printername)); - if (!open_printer_hnd(p, r->out.handle, r->in.printername, 0)) { + result = open_printer_hnd(p, r->out.handle, r->in.printername, 0); + if (!W_ERROR_IS_OK(result)) { DEBUG(0,("_spoolss_OpenPrinterEx: Cannot open a printer handle " "for printer %s\n", r->in.printername)); ZERO_STRUCTP(r->out.handle); - return WERR_INVALID_PARAM; + return result; } Printer = find_printer_index_by_hnd(p, r->out.handle); @@ -7847,10 +7868,11 @@ static WERROR spoolss_addprinterex_level_2(struct pipes_struct *p, return err; } - if (!open_printer_hnd(p, handle, info2->printername, PRINTER_ACCESS_ADMINISTER)) { + err = open_printer_hnd(p, handle, info2->printername, PRINTER_ACCESS_ADMINISTER); + if (!W_ERROR_IS_OK(err)) { /* Handle open failed - remove addition. */ ZERO_STRUCTP(handle); - return WERR_ACCESS_DENIED; + return err; } return WERR_OK; diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c index de4ca83..8154cd2 100644 --- a/source4/torture/rpc/spoolss.c +++ b/source4/torture/rpc/spoolss.c @@ -5777,10 +5777,8 @@ static bool call_OpenPrinterEx(struct torture_context *tctx, struct spoolss_DeviceMode *devmode, struct policy_handle *handle) { - struct spoolss_OpenPrinterEx r; union spoolss_UserLevel userlevel; struct spoolss_UserLevel1 userlevel1; - NTSTATUS status; struct dcerpc_binding_handle *b = p->binding_handle; userlevel1.size = 1234; @@ -5896,6 +5894,118 @@ static bool test_printer_rename(struct torture_context *tctx, return ret; } +static bool test_openprinter(struct torture_context *tctx, + struct dcerpc_binding_handle *b, + const char *real_printername) +{ + union spoolss_UserLevel userlevel; + struct policy_handle handle; + struct spoolss_UserLevel1 userlevel1; + const char *printername = NULL; + int i; + + struct { + const char *suffix; + WERROR expected_result; + } tests[] = { + { + .suffix = "rubbish", + .expected_result = WERR_INVALID_PRINTER_NAME + },{ + .suffix = ", LocalOnl", + .expected_result = WERR_INVALID_PRINTER_NAME + },{ + .suffix = ", localOnly", + .expected_result = WERR_INVALID_PRINTER_NAME + },{ + .suffix = ", localonl", + .expected_result = WERR_INVALID_PRINTER_NAME + },{ + .suffix = ",LocalOnl", + .expected_result = WERR_INVALID_PRINTER_NAME + },{ + .suffix = ",localOnl2", + .expected_result = WERR_INVALID_PRINTER_NAME + },{ + .suffix = ", DrvConver2t", + .expected_result = WERR_INVALID_PRINTER_NAME + },{ + .suffix = ", drvconvert", + .expected_result = WERR_INVALID_PRINTER_NAME + },{ + .suffix = ",drvconvert", + .expected_result = WERR_INVALID_PRINTER_NAME + },{ + .suffix = ", DrvConvert", + .expected_result = WERR_OK + },{ + .suffix = " , DrvConvert", + .expected_result = WERR_INVALID_PRINTER_NAME + },{ + .suffix = ",DrvConvert", + .expected_result = WERR_OK + },{ + .suffix = ", DrvConvertsadfasdf", + .expected_result = WERR_OK + },{ + .suffix = ",DrvConvertasdfasd", + .expected_result = WERR_OK + },{ + .suffix = ", LocalOnly", + .expected_result = WERR_OK + },{ + .suffix = " , LocalOnly", + .expected_result = WERR_INVALID_PRINTER_NAME + },{ + .suffix = ",LocalOnly", + .expected_result = WERR_OK + },{ + .suffix = ", LocalOnlysagi4gjfkd", + .expected_result = WERR_OK + },{ + .suffix = ",LocalOnlysagi4gjfkd", + .expected_result = WERR_OK + } + }; + + userlevel1.size = 1234; + userlevel1.client = "hello"; + userlevel1.user = "spottyfoot!"; + userlevel1.build = 1; + userlevel1.major = 2; + userlevel1.minor = 3; + userlevel1.processor = 4; + + userlevel.level1 = &userlevel1; + + torture_comment(tctx, "Testing openprinterex printername pattern\n"); + + torture_assert(tctx, + test_OpenPrinterEx(tctx, b, real_printername, NULL, NULL, 0, 1, + &userlevel, &handle, + WERR_OK), + "OpenPrinterEx failed"); + test_ClosePrinter(tctx, b, &handle); + + for (i=0; i < ARRAY_SIZE(tests); i++) { + + printername = talloc_asprintf(tctx, "%s%s", + real_printername, + tests[i].suffix); + + torture_assert(tctx, + test_OpenPrinterEx(tctx, b, printername, NULL, NULL, 0, 1, + &userlevel, &handle, + tests[i].expected_result), + "OpenPrinterEx failed"); + if (W_ERROR_IS_OK(tests[i].expected_result)) { + test_ClosePrinter(tctx, b, &handle); + } + } + + return true; +} + static bool test_existing_printer_openprinterex(struct torture_context *tctx, struct dcerpc_pipe *p, @@ -5906,6 +6016,10 @@ static bool test_existing_printer_openprinterex(struct torture_context *tctx, bool ret = true; struct dcerpc_binding_handle *b = p->binding_handle; + if (!test_openprinter(tctx, b, name)) { + return false; + } + if (!call_OpenPrinterEx(tctx, p, name, NULL, &handle)) { return false; } @@ -6895,6 +7009,18 @@ bool test_printer_all_keys(struct torture_context *tctx, return true; } +static bool test_openprinter_wrap(struct torture_context *tctx, + void *private_data) +{ + struct torture_printer_context *t = + (struct torture_printer_context *)talloc_get_type_abort(private_data, struct torture_printer_context); + struct dcerpc_pipe *p = t->spoolss_pipe; + struct dcerpc_binding_handle *b = p->binding_handle; + const char *printername = t->info2.printername; + + return test_openprinter(tctx, b, printername); +} + static bool test_csetprinter(struct torture_context *tctx, void *private_data) { @@ -7636,6 +7762,7 @@ static bool test_driver_info_winreg(struct torture_context *tctx, void torture_tcase_printer(struct torture_tcase *tcase) { + torture_tcase_add_simple_test(tcase, "openprinter", test_openprinter_wrap); torture_tcase_add_simple_test(tcase, "csetprinter", test_csetprinter); torture_tcase_add_simple_test(tcase, "print_test", test_print_test); torture_tcase_add_simple_test(tcase, "print_test_extended", test_print_test_extended); -- Samba Shared Repository