summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2010-06-04 19:03:11 +0200
committerGünther Deschner <gd@samba.org>2010-06-05 00:35:09 +0200
commite89502e0f5a79c960cbecf50f49af3aa4bba8e35 (patch)
tree1b4aa6ca465541545e6d67671f1d95668a90bb02 /source4
parent29c0c103afed7238698cc83ff3ab017fc1510dcd (diff)
downloadsamba-e89502e0f5a79c960cbecf50f49af3aa4bba8e35.tar.gz
samba-e89502e0f5a79c960cbecf50f49af3aa4bba8e35.tar.bz2
samba-e89502e0f5a79c960cbecf50f49af3aa4bba8e35.zip
s4-smbtorture: add RPC-SPOOLSS-ACCESS.
This test creates - a user - a user with BUILTIN\Administrators membership - a user with BUILTIN\Print Operators membership - a user with SePrintOperatorPrivilege (if available) - a user with full access in security descriptor and checks what access rights are granted in spoolss_OpenPrinterEx. Guenther
Diffstat (limited to 'source4')
-rw-r--r--source4/torture/config.mk2
-rw-r--r--source4/torture/rpc/rpc.c1
-rw-r--r--source4/torture/rpc/spoolss_access.c751
-rw-r--r--source4/torture/wscript_build2
4 files changed, 754 insertions, 2 deletions
diff --git a/source4/torture/config.mk b/source4/torture/config.mk
index 4d65256a3d..25e9b5377b 100644
--- a/source4/torture/config.mk
+++ b/source4/torture/config.mk
@@ -124,7 +124,7 @@ PRIVATE_DEPENDENCIES = \
torture_rpc_OBJ_FILES = $(addprefix $(torturesrcdir)/rpc/, \
join.o lsa.o lsa_lookup.o session_key.o echo.o dfs.o drsuapi.o \
- drsuapi_cracknames.o dssync.o dsgetinfo.o spoolss.o spoolss_notify.o spoolss_win.o \
+ drsuapi_cracknames.o dssync.o dsgetinfo.o spoolss.o spoolss_notify.o spoolss_win.o spoolss_access.o \
unixinfo.o samr.o samr_accessmask.o wkssvc.o srvsvc.o svcctl.o atsvc.o \
eventlog.o epmapper.o winreg.o initshutdown.o oxidresolve.o remact.o mgmt.o \
scanner.o autoidl.o countcalls.o testjoin.o schannel.o netlogon.o remote_pac.o samlogon.o \
diff --git a/source4/torture/rpc/rpc.c b/source4/torture/rpc/rpc.c
index 746698ec37..a860bdad72 100644
--- a/source4/torture/rpc/rpc.c
+++ b/source4/torture/rpc/rpc.c
@@ -445,6 +445,7 @@ NTSTATUS torture_rpc_init(void)
torture_suite_add_suite(suite, torture_rpc_spoolss_notify(suite));
torture_suite_add_suite(suite, torture_rpc_spoolss_win(suite));
torture_suite_add_suite(suite, torture_rpc_spoolss_driver(suite));
+ torture_suite_add_suite(suite, torture_rpc_spoolss_access(suite));
torture_suite_add_simple_test(suite, "SAMR", torture_rpc_samr);
torture_suite_add_simple_test(suite, "SAMR-USERS", torture_rpc_samr_users);
torture_suite_add_simple_test(suite, "SAMR-PASSWORDS", torture_rpc_samr_passwords);
diff --git a/source4/torture/rpc/spoolss_access.c b/source4/torture/rpc/spoolss_access.c
new file mode 100644
index 0000000000..f86c2e3dcb
--- /dev/null
+++ b/source4/torture/rpc/spoolss_access.c
@@ -0,0 +1,751 @@
+/*
+ Unix SMB/CIFS implementation.
+ test suite for spoolss rpc operations
+
+ Copyright (C) Guenther Deschner 2010
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "torture/torture.h"
+#include "librpc/gen_ndr/ndr_misc.h"
+#include "librpc/gen_ndr/ndr_spoolss.h"
+#include "librpc/gen_ndr/ndr_spoolss_c.h"
+#include "librpc/gen_ndr/ndr_samr_c.h"
+#include "librpc/gen_ndr/ndr_lsa_c.h"
+#include "librpc/gen_ndr/ndr_security.h"
+#include "libcli/security/security.h"
+#include "torture/rpc/torture_rpc.h"
+#include "param/param.h"
+#include "lib/cmdline/popt_common.h"
+
+#define TORTURE_USER "torture_user"
+#define TORTURE_USER_ADMINGROUP "torture_user_544"
+#define TORTURE_USER_PRINTOPGROUP "torture_user_550"
+#define TORTURE_USER_PRINTOPPRIV "torture_user_priv"
+#define TORTURE_USER_SD "torture_user_sd"
+
+struct torture_user {
+ const char *username;
+ void *testuser;
+ uint32_t *builtin_memberships;
+ uint32_t num_builtin_memberships;
+ const char **privs;
+ uint32_t num_privs;
+ bool privs_present;
+ bool sd;
+};
+
+struct torture_access_context {
+ struct dcerpc_pipe *spoolss_pipe;
+ const char *printername;
+ struct security_descriptor *sd_orig;
+ struct torture_user user;
+};
+
+static bool test_openprinter_handle(struct torture_context *tctx,
+ struct dcerpc_pipe *p,
+ const char *printername,
+ const char *username,
+ uint32_t access_mask,
+ struct policy_handle *handle)
+{
+ struct spoolss_OpenPrinterEx r;
+ struct spoolss_UserLevel1 level1;
+ struct dcerpc_binding_handle *b = p->binding_handle;
+
+ level1.size = 28;
+ level1.client = talloc_asprintf(tctx, "\\\\%s", "smbtorture");
+ level1.user = username;
+ level1.build = 1381;
+ level1.major = 3;
+ level1.minor = 0;
+ level1.processor= 0;
+
+ r.in.printername = printername;
+ r.in.datatype = NULL;
+ r.in.devmode_ctr.devmode= NULL;
+ r.in.access_mask = access_mask;
+ r.in.level = 1;
+ r.in.userlevel.level1 = &level1;
+ r.out.handle = handle;
+
+ torture_comment(tctx, "Testing OpenPrinterEx(%s) with access_mask 0x%08x\n",
+ r.in.printername, r.in.access_mask);
+
+ torture_assert_ntstatus_ok(tctx,
+ dcerpc_spoolss_OpenPrinterEx_r(b, tctx, &r),
+ "OpenPrinterEx failed");
+ torture_assert_werr_ok(tctx, r.out.result,
+ talloc_asprintf(tctx, "OpenPrinterEx(%s) as '%s' with access_mask: 0x%08x failed",
+ r.in.printername, username, r.in.access_mask));
+
+ return true;
+}
+
+static bool test_openprinter_access(struct torture_context *tctx,
+ struct dcerpc_pipe *p,
+ const char *printername,
+ const char *username,
+ uint32_t access_mask)
+{
+ struct policy_handle handle;
+ struct dcerpc_binding_handle *b = p->binding_handle;
+
+ if (test_openprinter_handle(tctx, p, printername, username, access_mask, &handle)) {
+ test_ClosePrinter(tctx, b, &handle);
+ return true;
+ }
+
+ return false;
+}
+
+static bool spoolss_access_setup_membership(struct torture_context *tctx,
+ struct dcerpc_pipe *p,
+ uint32_t num_members,
+ uint32_t *members,
+ struct dom_sid *user_sid)
+{
+ struct dcerpc_binding_handle *b = p->binding_handle;
+ struct policy_handle connect_handle, domain_handle;
+ int i;
+
+ {
+ struct samr_Connect2 r;
+ r.in.system_name = "";
+ r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+ r.out.connect_handle = &connect_handle;
+
+ torture_assert_ntstatus_ok(tctx,
+ dcerpc_samr_Connect2_r(b, tctx, &r),
+ "samr_Connect2 failed");
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "samr_Connect2 failed");
+ }
+
+ {
+ struct samr_OpenDomain r;
+ r.in.connect_handle = &connect_handle;
+ r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+ r.in.sid = dom_sid_parse_talloc(tctx, "S-1-5-32");
+ r.out.domain_handle = &domain_handle;
+
+ torture_assert_ntstatus_ok(tctx,
+ dcerpc_samr_OpenDomain_r(b, tctx, &r),
+ "samr_OpenDomain failed");
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "samr_OpenDomain failed");
+ }
+
+ for (i=0; i < num_members; i++) {
+
+ struct policy_handle alias_handle;
+
+ {
+ struct samr_OpenAlias r;
+ r.in.domain_handle = &domain_handle;
+ r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+ r.in.rid = members[i];
+ r.out.alias_handle = &alias_handle;
+
+ torture_assert_ntstatus_ok(tctx,
+ dcerpc_samr_OpenAlias_r(b, tctx, &r),
+ "samr_OpenAlias failed");
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "samr_OpenAlias failed");
+ }
+
+ {
+ struct samr_AddAliasMember r;
+ r.in.alias_handle = &alias_handle;
+ r.in.sid = user_sid;
+
+ torture_assert_ntstatus_ok(tctx,
+ dcerpc_samr_AddAliasMember_r(b, tctx, &r),
+ "samr_AddAliasMember failed");
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "samr_AddAliasMember failed");
+ }
+
+ test_samr_handle_Close(b, tctx, &alias_handle);
+ }
+
+ test_samr_handle_Close(b, tctx, &domain_handle);
+ test_samr_handle_Close(b, tctx, &connect_handle);
+
+ return true;
+}
+
+static void init_lsa_StringLarge(struct lsa_StringLarge *name, const char *s)
+{
+ name->string = s;
+}
+static void init_lsa_String(struct lsa_String *name, const char *s)
+{
+ name->string = s;
+}
+
+static bool spoolss_access_setup_privs(struct torture_context *tctx,
+ struct dcerpc_pipe *p,
+ uint32_t num_privs,
+ const char **privs,
+ struct dom_sid *user_sid,
+ bool *privs_present)
+{
+ struct dcerpc_binding_handle *b = p->binding_handle;
+ struct policy_handle *handle;
+ int i;
+
+ torture_assert(tctx,
+ test_lsa_OpenPolicy2(b, tctx, &handle),
+ "failed to open policy");
+
+ for (i=0; i < num_privs; i++) {
+ struct lsa_LookupPrivValue r;
+ struct lsa_LUID luid;
+ struct lsa_String name;
+
+ init_lsa_String(&name, privs[i]);
+
+ r.in.handle = handle;
+ r.in.name = &name;
+ r.out.luid = &luid;
+
+ torture_assert_ntstatus_ok(tctx,
+ dcerpc_lsa_LookupPrivValue_r(b, tctx, &r),
+ "lsa_LookupPrivValue failed");
+ if (!NT_STATUS_IS_OK(r.out.result)) {
+ torture_comment(tctx, "lsa_LookupPrivValue failed for '%s' with %s\n",
+ privs[i], nt_errstr(r.out.result));
+ *privs_present = false;
+ return true;
+ }
+ }
+
+ *privs_present = true;
+
+ {
+ struct lsa_AddAccountRights r;
+ struct lsa_RightSet rights;
+
+ rights.count = num_privs;
+ rights.names = talloc_zero_array(tctx, struct lsa_StringLarge, rights.count);
+
+ for (i=0; i < rights.count; i++) {
+ init_lsa_StringLarge(&rights.names[i], privs[i]);
+ }
+
+ r.in.handle = handle;
+ r.in.sid = user_sid;
+ r.in.rights = &rights;
+
+ torture_assert_ntstatus_ok(tctx,
+ dcerpc_lsa_AddAccountRights_r(b, tctx, &r),
+ "lsa_AddAccountRights failed");
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "lsa_AddAccountRights failed");
+ }
+
+ test_lsa_Close(b, tctx, handle);
+
+ return true;
+}
+
+static bool test_SetPrinter(struct torture_context *tctx,
+ struct dcerpc_binding_handle *b,
+ struct policy_handle *handle,
+ struct spoolss_SetPrinterInfoCtr *info_ctr,
+ struct spoolss_DevmodeContainer *devmode_ctr,
+ struct sec_desc_buf *secdesc_ctr,
+ enum spoolss_PrinterControl command)
+{
+ struct spoolss_SetPrinter r;
+
+ r.in.handle = handle;
+ r.in.info_ctr = info_ctr;
+ r.in.devmode_ctr = devmode_ctr;
+ r.in.secdesc_ctr = secdesc_ctr;
+ r.in.command = command;
+
+ torture_comment(tctx, "Testing SetPrinter level %d\n", r.in.info_ctr->level);
+
+ torture_assert_ntstatus_ok(tctx, dcerpc_spoolss_SetPrinter_r(b, tctx, &r),
+ "failed to call SetPrinter");
+ torture_assert_werr_ok(tctx, r.out.result,
+ "failed to call SetPrinter");
+
+ return true;
+}
+
+static bool spoolss_access_setup_sd(struct torture_context *tctx,
+ struct dcerpc_pipe *p,
+ const char *printername,
+ struct dom_sid *user_sid,
+ struct security_descriptor **sd_orig)
+{
+ struct dcerpc_binding_handle *b = p->binding_handle;
+ struct policy_handle handle;
+ union spoolss_PrinterInfo info;
+ struct spoolss_SetPrinterInfoCtr info_ctr;
+ struct spoolss_SetPrinterInfo3 info3;
+ struct spoolss_DevmodeContainer devmode_ctr;
+ struct sec_desc_buf secdesc_ctr;
+ struct security_ace *ace;
+ struct security_descriptor *sd;
+
+ torture_assert(tctx,
+ test_openprinter_handle(tctx, p, printername, "", SEC_FLAG_MAXIMUM_ALLOWED, &handle),
+ "failed to open printer");
+
+ torture_assert(tctx,
+ test_GetPrinter_level(tctx, b, &handle, 3, &info),
+ "failed to get sd");
+
+ sd = security_descriptor_copy(tctx, info.info3.secdesc);
+ *sd_orig = security_descriptor_copy(tctx, info.info3.secdesc);
+
+ ace = talloc_zero(tctx, struct security_ace);
+
+ ace->type = SEC_ACE_TYPE_ACCESS_ALLOWED;
+ ace->flags = 0;
+ ace->access_mask = PRINTER_ALL_ACCESS;
+ ace->trustee = *user_sid;
+
+ torture_assert_ntstatus_ok(tctx,
+ security_descriptor_dacl_add(sd, ace),
+ "failed to add new ace");
+
+ ace = talloc_zero(tctx, struct security_ace);
+
+ ace->type = SEC_ACE_TYPE_ACCESS_ALLOWED;
+ ace->flags = SEC_ACE_FLAG_OBJECT_INHERIT |
+ SEC_ACE_FLAG_CONTAINER_INHERIT |
+ SEC_ACE_FLAG_INHERIT_ONLY;
+ ace->access_mask = SEC_GENERIC_ALL;
+ ace->trustee = *user_sid;
+
+ torture_assert_ntstatus_ok(tctx,
+ security_descriptor_dacl_add(sd, ace),
+ "failed to add new ace");
+
+ ZERO_STRUCT(info3);
+ ZERO_STRUCT(info_ctr);
+ ZERO_STRUCT(devmode_ctr);
+ ZERO_STRUCT(secdesc_ctr);
+
+ info_ctr.level = 3;
+ info_ctr.info.info3 = &info3;
+ secdesc_ctr.sd = sd;
+
+ torture_assert(tctx,
+ test_SetPrinter(tctx, b, &handle, &info_ctr, &devmode_ctr, &secdesc_ctr, 0),
+ "failed to set sd");
+
+ return true;
+}
+
+static bool test_EnumPrinters_findone(struct torture_context *tctx,
+ struct dcerpc_binding_handle *b,
+ const char **printername)
+{
+ struct spoolss_EnumPrinters r;
+ uint32_t count;
+ union spoolss_PrinterInfo *info;
+ uint32_t needed;
+ int i;
+
+ *printername = NULL;
+
+ r.in.flags = PRINTER_ENUM_LOCAL;
+ r.in.server = NULL;
+ r.in.level = 1;
+ r.in.buffer = NULL;
+ r.in.offered = 0;
+ r.out.count = &count;
+ r.out.info = &info;
+ r.out.needed = &needed;
+
+ torture_assert_ntstatus_ok(tctx,
+ dcerpc_spoolss_EnumPrinters_r(b, tctx, &r),
+ "failed to enum printers");
+
+ if (W_ERROR_EQUAL(r.out.result, WERR_INSUFFICIENT_BUFFER)) {
+ DATA_BLOB blob = data_blob_talloc_zero(tctx, needed);
+ r.in.buffer = &blob;
+ r.in.offered = needed;
+
+ torture_assert_ntstatus_ok(tctx,
+ dcerpc_spoolss_EnumPrinters_r(b, tctx, &r),
+ "failed to enum printers");
+ }
+
+ torture_assert_werr_ok(tctx, r.out.result,
+ "failed to enum printers");
+
+ for (i=0; i < count; i++) {
+
+ *printername = talloc_strdup(tctx, info[i].info1.name);
+
+ break;
+ }
+
+ return true;
+}
+
+static bool torture_rpc_spoolss_access_setup_common(struct torture_context *tctx, struct torture_access_context *t)
+{
+ void *testuser;
+ const char *testuser_passwd;
+ struct cli_credentials *test_credentials;
+ struct dom_sid *test_sid;
+ struct dcerpc_pipe *p;
+ const char *printername;
+ const char *binding = torture_setting_string(tctx, "binding", NULL);
+
+ testuser = torture_create_testuser(tctx, t->user.username,
+ torture_setting_string(tctx, "workgroup", NULL),
+ ACB_NORMAL, &testuser_passwd);
+ if (!testuser) {
+ torture_fail(tctx, "Failed to create test user");
+ }
+
+ test_credentials = cli_credentials_init(tctx);
+ cli_credentials_set_workstation(test_credentials, "localhost", CRED_SPECIFIED);
+ cli_credentials_set_domain(test_credentials, lp_workgroup(tctx->lp_ctx),
+ CRED_SPECIFIED);
+ cli_credentials_set_username(test_credentials, t->user.username, CRED_SPECIFIED);
+ cli_credentials_set_password(test_credentials, testuser_passwd, CRED_SPECIFIED);
+ test_sid = torture_join_user_sid(testuser);
+
+ if (t->user.num_builtin_memberships) {
+ struct dcerpc_pipe *samr_pipe = torture_join_samr_pipe(testuser);
+
+ torture_assert(tctx,
+ spoolss_access_setup_membership(tctx, samr_pipe,
+ t->user.num_builtin_memberships,
+ t->user.builtin_memberships,
+ test_sid),
+ "failed to setup membership");
+ }
+
+ if (t->user.num_privs) {
+ struct dcerpc_pipe *lsa_pipe;
+
+ torture_assert_ntstatus_ok(tctx,
+ torture_rpc_connection(tctx, &lsa_pipe, &ndr_table_lsarpc),
+ "Error connecting to server");
+
+ torture_assert(tctx,
+ spoolss_access_setup_privs(tctx, lsa_pipe,
+ t->user.num_privs,
+ t->user.privs,
+ test_sid,
+ &t->user.privs_present),
+ "failed to setup privs");
+ talloc_free(lsa_pipe);
+ }
+
+ struct dcerpc_pipe *spoolss_pipe;
+
+ torture_assert_ntstatus_ok(tctx,
+ torture_rpc_connection(tctx, &spoolss_pipe, &ndr_table_spoolss),
+ "Error connecting to server");
+
+ torture_assert(tctx,
+ test_EnumPrinters_findone(tctx, spoolss_pipe->binding_handle, &printername),
+ "failed to enumerate printers");
+
+ if (t->user.sd) {
+ torture_assert(tctx,
+ spoolss_access_setup_sd(tctx, spoolss_pipe,
+ printername,
+ test_sid,
+ &t->sd_orig),
+ "failed to setup sd");
+ }
+
+ talloc_free(spoolss_pipe);
+
+ torture_assert_ntstatus_ok(tctx,
+ dcerpc_pipe_connect(tctx, &p, binding, &ndr_table_spoolss,
+ test_credentials, tctx->ev, tctx->lp_ctx),
+ "Error connecting to server");
+
+ t->spoolss_pipe = p;
+ t->printername = printername;
+ t->user.testuser = testuser;
+
+ return true;
+}
+
+static bool torture_rpc_spoolss_access_setup(struct torture_context *tctx, void **data)
+{
+ struct torture_access_context *t;
+
+ *data = t = talloc_zero(tctx, struct torture_access_context);
+
+ t->user.username = talloc_strdup(t, TORTURE_USER);
+
+ return torture_rpc_spoolss_access_setup_common(tctx, t);
+}
+
+static bool torture_rpc_spoolss_access_admin_setup(struct torture_context *tctx, void **data)
+{
+ struct torture_access_context *t;
+
+ *data = t = talloc_zero(tctx, struct torture_access_context);
+
+ t->user.num_builtin_memberships = 1;
+ t->user.builtin_memberships = talloc_zero_array(t, uint32_t, t->user.num_builtin_memberships);
+ t->user.builtin_memberships[0] = BUILTIN_RID_ADMINISTRATORS;
+ t->user.username = talloc_strdup(t, TORTURE_USER_ADMINGROUP);
+
+ return torture_rpc_spoolss_access_setup_common(tctx, t);
+}
+
+static bool torture_rpc_spoolss_access_printop_setup(struct torture_context *tctx, void **data)
+{
+ struct torture_access_context *t;
+
+ *data = t = talloc_zero(tctx, struct torture_access_context);
+
+ t->user.num_builtin_memberships = 1;
+ t->user.builtin_memberships = talloc_zero_array(t, uint32_t, t->user.num_builtin_memberships);
+ t->user.builtin_memberships[0] = BUILTIN_RID_PRINT_OPERATORS;
+ t->user.username = talloc_strdup(t, TORTURE_USER_PRINTOPGROUP);
+
+ return torture_rpc_spoolss_access_setup_common(tctx, t);
+}
+
+static bool torture_rpc_spoolss_access_priv_setup(struct torture_context *tctx, void **data)
+{
+ struct torture_access_context *t;
+
+ *data = t = talloc_zero(tctx, struct torture_access_context);
+
+ t->user.username = talloc_strdup(t, TORTURE_USER_PRINTOPPRIV);
+ t->user.num_privs = 1;
+ t->user.privs = talloc_zero_array(t, const char *, t->user.num_privs);
+ t->user.privs[0] = talloc_strdup(t, "SePrintOperatorPrivilege");
+
+ return torture_rpc_spoolss_access_setup_common(tctx, t);
+}
+
+static bool torture_rpc_spoolss_access_sd_setup(struct torture_context *tctx, void **data)
+{
+ struct torture_access_context *t;
+
+ *data = t = talloc_zero(tctx, struct torture_access_context);
+
+ t->user.username = talloc_strdup(t, TORTURE_USER_SD);
+ t->user.sd = true;
+
+ return torture_rpc_spoolss_access_setup_common(tctx, t);
+}
+
+static bool torture_rpc_spoolss_access_teardown_common(struct torture_context *tctx, struct torture_access_context *t)
+{
+ if (t->user.testuser) {
+ torture_leave_domain(tctx, t->user.testuser);
+ }
+
+ /* remove membership ? */
+ if (t->user.num_builtin_memberships) {
+ }
+
+ /* remove privs ? */
+ if (t->user.num_privs) {
+ }
+
+ /* restore sd */
+ if (t->user.sd) {
+ struct policy_handle handle;
+ struct spoolss_SetPrinterInfoCtr info_ctr;
+ struct spoolss_SetPrinterInfo3 info3;
+ struct spoolss_DevmodeContainer devmode_ctr;
+ struct sec_desc_buf secdesc_ctr;
+ struct dcerpc_pipe *spoolss_pipe;
+ struct dcerpc_binding_handle *b;
+
+ torture_assert_ntstatus_ok(tctx,
+ torture_rpc_connection(tctx, &spoolss_pipe, &ndr_table_spoolss),
+ "Error connecting to server");
+
+ b = spoolss_pipe->binding_handle;
+
+ ZERO_STRUCT(info_ctr);
+ ZERO_STRUCT(info3);
+ ZERO_STRUCT(devmode_ctr);
+ ZERO_STRUCT(secdesc_ctr);
+
+ info_ctr.level = 3;
+ info_ctr.info.info3 = &info3;
+ secdesc_ctr.sd = t->sd_orig;
+
+ torture_assert(tctx,
+ test_openprinter_handle(tctx, spoolss_pipe, t->printername, "", SEC_FLAG_MAXIMUM_ALLOWED, &handle),
+ "failed to open printer");
+
+ torture_assert(tctx,
+ test_SetPrinter(tctx, b, &handle, &info_ctr, &devmode_ctr, &secdesc_ctr, 0),
+ "failed to set sd");
+
+ talloc_free(spoolss_pipe);
+ }
+
+ return true;
+}
+
+static bool torture_rpc_spoolss_access_teardown(struct torture_context *tctx, void *data)
+{
+ struct torture_access_context *t = talloc_get_type(data, struct torture_access_context);
+ bool ret;
+
+ ret = torture_rpc_spoolss_access_teardown_common(tctx, t);
+ talloc_free(t);
+
+ return ret;
+}
+
+static bool test_openprinter(struct torture_context *tctx,
+ void *private_data)
+{
+ struct torture_access_context *t =
+ (struct torture_access_context *)talloc_get_type_abort(private_data, struct torture_access_context);
+ struct dcerpc_pipe *p = t->spoolss_pipe;
+ bool ret = true;
+ const char *printername;
+ const char *username = t->user.username;
+
+ printername = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
+
+ ret &= test_openprinter_access(tctx, p, printername, username, 0);
+ ret &= test_openprinter_access(tctx, p, printername, username, SEC_FLAG_MAXIMUM_ALLOWED);
+ ret &= test_openprinter_access(tctx, p, printername, username, SERVER_ACCESS_ENUMERATE);
+ ret &= test_openprinter_access(tctx, p, printername, username, SERVER_READ);
+
+ if (t->printername == NULL) {
+ return ret;
+ }
+
+ printername = t->printername;
+
+ ret &= test_openprinter_access(tctx, p, printername, username, 0);
+ ret &= test_openprinter_access(tctx, p, printername, username, SEC_FLAG_MAXIMUM_ALLOWED);
+ ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_ACCESS_USE);
+ ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_READ);
+
+ return ret;
+}
+
+static bool test_openprinter_admin(struct torture_context *tctx,
+ void *private_data)
+{
+ struct torture_access_context *t =
+ (struct torture_access_context *)talloc_get_type_abort(private_data, struct torture_access_context);
+ struct dcerpc_pipe *p = t->spoolss_pipe;
+ bool ret = true;
+ const char *printername;
+ const char *username = t->user.username;
+
+ if (t->user.num_privs && !t->user.privs_present) {
+ torture_skip(tctx, "skipping test as not all required privileges are present on the server\n");
+ }
+
+ if (t->user.sd) {
+ goto try_printer;
+ }
+
+ printername = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
+
+ ret &= test_openprinter_access(tctx, p, printername, username, 0);
+ ret &= test_openprinter_access(tctx, p, printername, username, SEC_FLAG_MAXIMUM_ALLOWED);
+ ret &= test_openprinter_access(tctx, p, printername, username, SERVER_ACCESS_ENUMERATE);
+ ret &= test_openprinter_access(tctx, p, printername, username, SERVER_ACCESS_ADMINISTER);
+ ret &= test_openprinter_access(tctx, p, printername, username, SERVER_READ);
+ ret &= test_openprinter_access(tctx, p, printername, username, SERVER_WRITE);
+ ret &= test_openprinter_access(tctx, p, printername, username, SERVER_EXECUTE);
+ ret &= test_openprinter_access(tctx, p, printername, username, SERVER_ALL_ACCESS);
+
+ try_printer:
+ if (t->printername == NULL) {
+ return ret;
+ }
+
+ printername = t->printername;
+
+ ret &= test_openprinter_access(tctx, p, printername, username, 0);
+ ret &= test_openprinter_access(tctx, p, printername, username, SEC_FLAG_MAXIMUM_ALLOWED);
+ ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_ACCESS_USE);
+ ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_ACCESS_ADMINISTER);
+ ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_READ);
+ ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_WRITE);
+ ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_EXECUTE);
+ ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_ALL_ACCESS);
+
+ return ret;
+}
+
+struct torture_suite *torture_rpc_spoolss_access(TALLOC_CTX *mem_ctx)
+{
+ struct torture_suite *suite = torture_suite_create(mem_ctx, "SPOOLSS-ACCESS");
+ struct torture_tcase *tcase;
+
+ tcase = torture_suite_add_tcase(suite, "normaluser");
+
+ torture_tcase_set_fixture(tcase,
+ torture_rpc_spoolss_access_setup,
+ torture_rpc_spoolss_access_teardown);
+
+ torture_tcase_add_simple_test(tcase, "openprinter", test_openprinter);
+
+ tcase = torture_suite_add_tcase(suite, "adminuser");
+
+ torture_tcase_set_fixture(tcase,
+ torture_rpc_spoolss_access_admin_setup,
+ torture_rpc_spoolss_access_teardown);
+
+ torture_tcase_add_simple_test(tcase, "openprinter", test_openprinter);
+ torture_tcase_add_simple_test(tcase, "openprinter_admin", test_openprinter_admin);
+
+ tcase = torture_suite_add_tcase(suite, "printopuser");
+
+ torture_tcase_set_fixture(tcase,
+ torture_rpc_spoolss_access_printop_setup,
+ torture_rpc_spoolss_access_teardown);
+
+ torture_tcase_add_simple_test(tcase, "openprinter", test_openprinter);
+ torture_tcase_add_simple_test(tcase, "openprinter_admin", test_openprinter_admin);
+
+ tcase = torture_suite_add_tcase(suite, "printopuserpriv");
+
+ torture_tcase_set_fixture(tcase,
+ torture_rpc_spoolss_access_priv_setup,
+ torture_rpc_spoolss_access_teardown);
+
+ torture_tcase_add_simple_test(tcase, "openprinter", test_openprinter);
+ torture_tcase_add_simple_test(tcase, "openprinter_admin", test_openprinter_admin);
+
+ tcase = torture_suite_add_tcase(suite, "normaluser_sd");
+
+ torture_tcase_set_fixture(tcase,
+ torture_rpc_spoolss_access_sd_setup,
+ torture_rpc_spoolss_access_teardown);
+
+ torture_tcase_add_simple_test(tcase, "openprinter", test_openprinter);
+ torture_tcase_add_simple_test(tcase, "openprinter_admin", test_openprinter_admin);
+
+ return suite;
+}
diff --git a/source4/torture/wscript_build b/source4/torture/wscript_build
index a9183623ff..4474e2b5f6 100644
--- a/source4/torture/wscript_build
+++ b/source4/torture/wscript_build
@@ -40,7 +40,7 @@ bld.SAMBA_SUBSYSTEM('TORTURE_NDR',
bld.SAMBA_MODULE('torture_rpc',
- source='rpc/join.c rpc/lsa.c rpc/lsa_lookup.c rpc/session_key.c rpc/echo.c rpc/dfs.c rpc/drsuapi.c rpc/drsuapi_cracknames.c rpc/dssync.c rpc/dsgetinfo.c rpc/spoolss.c rpc/spoolss_notify.c rpc/spoolss_win.c rpc/unixinfo.c rpc/samr.c rpc/samr_accessmask.c rpc/wkssvc.c rpc/srvsvc.c rpc/svcctl.c rpc/atsvc.c rpc/eventlog.c rpc/epmapper.c rpc/winreg.c rpc/initshutdown.c rpc/oxidresolve.c rpc/remact.c rpc/mgmt.c rpc/scanner.c rpc/autoidl.c rpc/countcalls.c rpc/testjoin.c rpc/schannel.c rpc/netlogon.c rpc/remote_pac.c rpc/samlogon.c rpc/samsync.c rpc/bind.c rpc/dssetup.c rpc/alter_context.c rpc/bench.c rpc/samba3rpc.c rpc/rpc.c rpc/async_bind.c rpc/handles.c rpc/frsapi.c rpc/object_uuid.c rpc/ntsvcs.c rpc/browser.c',
+ source='rpc/join.c rpc/lsa.c rpc/lsa_lookup.c rpc/session_key.c rpc/echo.c rpc/dfs.c rpc/drsuapi.c rpc/drsuapi_cracknames.c rpc/dssync.c rpc/dsgetinfo.c rpc/spoolss.c rpc/spoolss_notify.c rpc/spoolss_win.c rpc/spoolss_access.c rpc/unixinfo.c rpc/samr.c rpc/samr_accessmask.c rpc/wkssvc.c rpc/srvsvc.c rpc/svcctl.c rpc/atsvc.c rpc/eventlog.c rpc/epmapper.c rpc/winreg.c rpc/initshutdown.c rpc/oxidresolve.c rpc/remact.c rpc/mgmt.c rpc/scanner.c rpc/autoidl.c rpc/countcalls.c rpc/testjoin.c rpc/schannel.c rpc/netlogon.c rpc/remote_pac.c rpc/samlogon.c rpc/samsync.c rpc/bind.c rpc/dssetup.c rpc/alter_context.c rpc/bench.c rpc/samba3rpc.c rpc/rpc.c rpc/async_bind.c rpc/handles.c rpc/frsapi.c rpc/object_uuid.c rpc/ntsvcs.c rpc/browser.c',
autoproto='rpc/proto.h',
subsystem='smbtorture',
init_function='torture_rpc_init',