diff options
author | Andrew Tridgell <tridge@samba.org> | 2008-05-28 20:06:22 +1000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2008-05-28 20:06:22 +1000 |
commit | e814586bddd081d85a216533bf47a1ac9d8b025f (patch) | |
tree | 9e25e17be683d2fd8e6c42a2fa96566cd4db71e2 /source4/torture | |
parent | fa0bc441e35bf0451f3ea471c4c144206a80febd (diff) | |
download | samba-e814586bddd081d85a216533bf47a1ac9d8b025f.tar.gz samba-e814586bddd081d85a216533bf47a1ac9d8b025f.tar.bz2 samba-e814586bddd081d85a216533bf47a1ac9d8b025f.zip |
generate security descriptors in gentest_smb2
(This used to be commit 5ca7e9590e792dc409c6677321cd14362255964e)
Diffstat (limited to 'source4/torture')
-rw-r--r-- | source4/torture/gentest_smb2.c | 38 |
1 files changed, 35 insertions, 3 deletions
diff --git a/source4/torture/gentest_smb2.c b/source4/torture/gentest_smb2.c index a3a794d3ea..84178ed9a5 100644 --- a/source4/torture/gentest_smb2.c +++ b/source4/torture/gentest_smb2.c @@ -30,11 +30,13 @@ #include "libcli/smb2/smb2.h" #include "libcli/smb2/smb2_calls.h" #include "librpc/gen_ndr/security.h" +#include "librpc/gen_ndr/ndr_security.h" #include "auth/credentials/credentials.h" #include "libcli/resolve/resolve.h" #include "auth/gensec/gensec.h" #include "param/param.h" #include "dynconfig/dynconfig.h" +#include "libcli/security/security.h" #define NSERVERS 2 #define NINSTANCES 2 @@ -725,6 +727,26 @@ static struct smb_ea_list gen_ea_list(void) return eas; } +/* generate a security descriptor */ +static struct security_descriptor *gen_sec_desc(void) +{ + struct security_descriptor *sd; + if (gen_chance(90)) return NULL; + + sd = security_descriptor_dacl_create(current_op.mem_ctx, + 0, NULL, NULL, + NULL, + SEC_ACE_TYPE_ACCESS_ALLOWED, + SEC_FILE_WRITE_DATA | SEC_STD_WRITE_DAC, + SEC_ACE_FLAG_OBJECT_INHERIT, + SID_WORLD, + SEC_ACE_TYPE_ACCESS_ALLOWED, + SEC_FILE_ALL | SEC_STD_ALL, + 0, + NULL); + return sd; +} + static void oplock_handler_close_recv(struct smb2_request *req) { NTSTATUS status; @@ -1066,6 +1088,13 @@ again: } \ } while(0) +#define CHECK_SECDESC(field) do { \ + if (!security_acl_equal(parm[0].field->dacl, parm[1].field->dacl) && !ignore_pattern(#field)) { \ + printf("Mismatch in %s\n", #field); \ + return false; \ + } \ +} while(0) + #define CHECK_ATTRIB(field) do { \ if (!options.mask_indexing) { \ CHECK_EQUAL(field); \ @@ -1134,6 +1163,7 @@ static bool handler_create(int instance) parm[0].in.query_maximal_access = gen_bool(); parm[0].in.timewarp = gen_timewarp(); parm[0].in.query_on_disk_id = gen_bool(); + parm[0].in.sec_desc = gen_sec_desc(); if (!options.use_oplocks) { /* mask out oplocks */ @@ -1340,7 +1370,7 @@ static void gen_fileinfo(int instance, union smb_fileinfo *info) LVL(MODE_INFORMATION), LVL(ALIGNMENT_INFORMATION), LVL(SMB2_ALL_INFORMATION), LVL(ALT_NAME_INFORMATION), LVL(STREAM_INFORMATION), LVL(COMPRESSION_INFORMATION), LVL(NETWORK_OPEN_INFORMATION), LVL(ATTRIBUTE_TAG_INFORMATION), - LVL(SMB2_ALL_EAS), LVL(SMB2_ALL_INFORMATION), + LVL(SMB2_ALL_EAS), LVL(SMB2_ALL_INFORMATION), LVL(SEC_DESC), }; do { i = gen_int_range(0, ARRAY_SIZE(levels)-1); @@ -1490,9 +1520,11 @@ static bool cmp_fileinfo(int instance, } break; - /* Unhandled levels */ - case RAW_FILEINFO_SEC_DESC: + CHECK_SECDESC(query_secdesc.out.sd); + break; + + /* Unhandled levels */ case RAW_FILEINFO_EA_LIST: case RAW_FILEINFO_UNIX_BASIC: case RAW_FILEINFO_UNIX_LINK: |