summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/selftest/skip1
-rw-r--r--source4/torture/basic/attr.c247
-rw-r--r--source4/torture/basic/base.c1
3 files changed, 249 insertions, 0 deletions
diff --git a/source4/selftest/skip b/source4/selftest/skip
index 0b1019d357..e43fefebda 100644
--- a/source4/selftest/skip
+++ b/source4/selftest/skip
@@ -78,6 +78,7 @@ base.scan.pipe_number # bad idea in make test
base.secleak # no point on build farm
base.delaywrite # This is randomly failing, depending on timing and filesystem features
base.winattr
+base.birthtime
smb2.acls # new test which doesn't pass yet
# ktutil might not be installed or from mit...
# we should build a samba4ktutil and use that instead
diff --git a/source4/torture/basic/attr.c b/source4/torture/basic/attr.c
index 66d17b439c..784ed37b5f 100644
--- a/source4/torture/basic/attr.c
+++ b/source4/torture/basic/attr.c
@@ -22,6 +22,8 @@
#include "includes.h"
#include "libcli/libcli.h"
#include "torture/util.h"
+#include "system/filesys.h"
+#include "libcli/security/secace.h"
extern int torture_failures;
@@ -182,3 +184,248 @@ error_exit:
return true;
}
+bool torture_winattrtest(struct torture_context *tctx,
+ struct smbcli_state *cli1)
+{
+ const char *fname = "\\winattr1.file";
+ const char *dname = "\\winattr1.dir";
+ int fnum1;
+ uint16_t attr;
+ uint16_t j;
+ uint32_t aceno;
+ int failures = 0;
+ union smb_fileinfo query, query_org;
+ NTSTATUS status;
+ struct security_descriptor *sd1, *sd2;
+
+
+ /* Test winattrs for file */
+ smbcli_unlink(cli1->tree, fname);
+
+ /* Open a file*/
+ fnum1 = smbcli_open(cli1->tree, fname, O_RDWR | O_CREAT | O_TRUNC,
+ DENY_NONE);
+ torture_assert(tctx, fnum1 != -1,
+ talloc_asprintf(tctx, "open(1) of %s failed (%s)\n",
+ fname, smbcli_errstr(cli1->tree)));
+
+
+ /* Get security descriptor and store it*/
+ query_org.generic.level = RAW_FILEINFO_SEC_DESC;
+ query_org.generic.in.file.fnum = fnum1;
+ status = smb_raw_fileinfo(cli1->tree, tctx, &query_org);
+ if(!NT_STATUS_IS_OK(status)){
+ torture_comment(tctx, "smb_raw_fileinfo(1) of %s failed (%s)\n",
+ fname, nt_errstr(status));
+ torture_assert_ntstatus_ok(tctx,
+ smbcli_close(cli1->tree, fnum1),
+ talloc_asprintf(tctx,
+ "close(1) of %s failed (%s)\n",
+ fname, smbcli_errstr(cli1->tree)));
+ CHECK_MAX_FAILURES(error_exit_file);
+ }
+ sd1 = query_org.query_secdesc.out.sd;
+
+ torture_assert_ntstatus_ok(tctx, smbcli_close(cli1->tree, fnum1),
+ talloc_asprintf(tctx, "close(1) of %s failed (%s)\n",
+ fname, smbcli_errstr(cli1->tree)));
+
+ /*Set and get attributes*/
+ for (j = 0; j < ARRAY_SIZE(open_attrs_table); j++) {
+ torture_assert_ntstatus_ok(tctx,
+ smbcli_setatr(cli1->tree, fname, open_attrs_table[j],0),
+ talloc_asprintf(tctx, "setatr(2) failed (%s)",
+ smbcli_errstr(cli1->tree)));
+
+ torture_assert_ntstatus_ok(tctx,
+ smbcli_getatr(cli1->tree, fname, &attr, NULL, NULL),
+ talloc_asprintf(tctx, "getatr(2) failed (%s)",
+ smbcli_errstr(cli1->tree)));
+
+ /* Check the result */
+ if((j == 0)&&(attr != FILE_ATTRIBUTE_ARCHIVE)){
+ torture_comment(tctx, "getatr check failed. \
+ Attr applied [0x%x], got attr [0x%x], \
+ should be [0x%x]",
+ open_attrs_table[j],
+ (uint16_t)attr,open_attrs_table[j +1]);
+ CHECK_MAX_FAILURES(error_exit_file);
+ }else{
+
+ if((j != 0) &&(attr != open_attrs_table[j])){
+ torture_comment(tctx, "getatr check failed. \
+ Attr applied [0x%x],got attr 0x%x, \
+ should be 0x%x ",
+ open_attrs_table[j], (uint16_t)attr,
+ open_attrs_table[j]);
+ CHECK_MAX_FAILURES(error_exit_file);
+ }
+
+ }
+
+ fnum1 = smbcli_open(cli1->tree, fname, O_RDONLY | O_CREAT,
+ DENY_NONE);
+ torture_assert(tctx, fnum1 != -1,
+ talloc_asprintf(tctx, "open(2) of %s failed (%s)\n",
+ fname, smbcli_errstr(cli1->tree)));
+ /*Get security descriptor */
+ query.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
+ query.query_secdesc.in.file.fnum = fnum1;
+ status = smb_raw_fileinfo(cli1->tree, tctx, &query);
+ if(!NT_STATUS_IS_OK(status)){
+ torture_comment(tctx,
+ "smb_raw_fileinfo(2) of %s failed (%s)\n",
+ fname, nt_errstr(status));
+ torture_assert_ntstatus_ok(tctx,
+ smbcli_close(cli1->tree, fnum1),
+ talloc_asprintf(tctx,
+ "close(2) of %s failed (%s)\n",
+ fname, smbcli_errstr(cli1->tree)));
+ CHECK_MAX_FAILURES(error_exit_file);
+ }
+ sd2 = query.query_secdesc.out.sd;
+
+ torture_assert_ntstatus_ok(tctx,smbcli_close(cli1->tree,fnum1),
+ talloc_asprintf(tctx, "close(2) of %s failed (%s)\n",
+ fname, smbcli_errstr(cli1->tree)));
+
+ /*Compare security descriptors -- Must be same*/
+ for (aceno=0;(sd1->dacl&&aceno < sd1->dacl->num_aces);aceno++){
+ struct security_ace *ace1 = &sd1->dacl->aces[aceno];
+ struct security_ace *ace2 = &sd2->dacl->aces[aceno];
+
+ if(!sec_ace_equal(ace1,ace2)){
+ torture_comment(tctx,
+ "ACLs changed! Not expected!\n");
+ CHECK_MAX_FAILURES(error_exit_file);
+ }
+ }
+
+ torture_comment(tctx, "[%d] setattr = [0x%x] got attr 0x%x\n",
+ j, open_attrs_table[j], attr );
+
+ }
+
+error_exit_file:
+ smbcli_setatr(cli1->tree, fname, 0, 0);
+ smbcli_unlink(cli1->tree, fname);
+
+/* Check for Directory. */
+
+ smbcli_deltree(cli1->tree, dname);
+ smbcli_rmdir(cli1->tree,dname);
+
+ /* Open a directory */
+ fnum1 = smbcli_nt_create_full(cli1->tree, dname, 0,
+ SEC_RIGHTS_DIR_ALL,
+ FILE_ATTRIBUTE_DIRECTORY,
+ NTCREATEX_SHARE_ACCESS_NONE,
+ NTCREATEX_DISP_OPEN_IF,
+ NTCREATEX_OPTIONS_DIRECTORY, 0);
+ /*smbcli_mkdir(cli1->tree,dname);*/
+
+ torture_assert(tctx, fnum1 != -1, talloc_asprintf(tctx,
+ "open (1) of %s failed (%s)",
+ dname, smbcli_errstr(cli1->tree)));
+
+
+ /* Get Security Descriptor */
+ query_org.generic.level = RAW_FILEINFO_SEC_DESC;
+ query_org.generic.in.file.fnum = fnum1;
+ status = smb_raw_fileinfo(cli1->tree, tctx, &query_org);
+ if(!NT_STATUS_IS_OK(status)){
+ torture_comment(tctx, "smb_raw_fileinfo(1) of %s failed (%s)\n",
+ dname, nt_errstr(status));
+ torture_assert_ntstatus_ok(tctx,
+ smbcli_close(cli1->tree, fnum1),
+ talloc_asprintf(tctx,
+ "close(1) of %s failed (%s)\n",
+ dname, smbcli_errstr(cli1->tree)));
+ CHECK_MAX_FAILURES(error_exit_dir);
+ }
+ sd1 = query_org.query_secdesc.out.sd;
+
+ torture_assert_ntstatus_ok(tctx,
+ smbcli_close(cli1->tree, fnum1),
+ talloc_asprintf(tctx,
+ "close (1) of %s failed (%s)", dname,
+ smbcli_errstr(cli1->tree)));
+
+ /* Set and get win attributes*/
+ for (j = 1; j < ARRAY_SIZE(open_attrs_table); j++) {
+
+ torture_assert_ntstatus_ok(tctx,
+ smbcli_setatr(cli1->tree, dname, open_attrs_table[j], 0),
+ talloc_asprintf(tctx, "setatr(2) failed (%s)",
+ smbcli_errstr(cli1->tree)));
+
+ torture_assert_ntstatus_ok(tctx,
+ smbcli_getatr(cli1->tree, dname, &attr, NULL, NULL),
+ talloc_asprintf(tctx, "getatr(2) failed (%s)",
+ smbcli_errstr(cli1->tree)));
+
+ torture_comment(tctx, "[%d] setatt = [0x%x] got attr 0x%x\n",
+ j, open_attrs_table[j], attr );
+
+ /* Check the result */
+ if(attr != (open_attrs_table[j]|FILE_ATTRIBUTE_DIRECTORY)){
+ torture_comment(tctx, "getatr check failed. set attr \
+ [0x%x], got attr 0x%x, should be 0x%x\n",
+ open_attrs_table[j],
+ (uint16_t)attr,
+ open_attrs_table[j]|FILE_ATTRIBUTE_DIRECTORY);
+ CHECK_MAX_FAILURES(error_exit_dir);
+ }
+
+ fnum1 = smbcli_nt_create_full(cli1->tree, dname, 0,
+ SEC_RIGHTS_DIR_READ,
+ FILE_ATTRIBUTE_DIRECTORY,
+ NTCREATEX_SHARE_ACCESS_NONE,
+ NTCREATEX_DISP_OPEN,
+ 0,0);
+
+ torture_assert(tctx, fnum1 != -1, talloc_asprintf(tctx,
+ "open (2) of %s failed (%s)",
+ dname, smbcli_errstr(cli1->tree)));
+ /* Get security descriptor */
+ query.generic.level = RAW_FILEINFO_SEC_DESC;
+ query.generic.in.file.fnum = fnum1;
+ status = smb_raw_fileinfo(cli1->tree, tctx, &query);
+ if(!NT_STATUS_IS_OK(status)){
+ torture_comment(tctx, "smb_raw_fileinfo(2) of %s failed\
+ (%s)\n", dname, nt_errstr(status));
+ torture_assert_ntstatus_ok(tctx,
+ smbcli_close(cli1->tree, fnum1),
+ talloc_asprintf(tctx,
+ "close (2) of %s failed (%s)", dname,
+ smbcli_errstr(cli1->tree)));
+ CHECK_MAX_FAILURES(error_exit_dir);
+ }
+ sd2 = query.query_secdesc.out.sd;
+ torture_assert_ntstatus_ok(tctx,
+ smbcli_close(cli1->tree, fnum1),
+ talloc_asprintf(tctx,
+ "close (2) of %s failed (%s)", dname,
+ smbcli_errstr(cli1->tree)));
+
+ /* Security descriptor must be same*/
+ for (aceno=0;(sd1->dacl&&aceno < sd1->dacl->num_aces);aceno++){
+ struct security_ace *ace1 = &sd1->dacl->aces[aceno];
+ struct security_ace *ace2 = &sd2->dacl->aces[aceno];
+
+ if(!sec_ace_equal(ace1,ace2)){
+ torture_comment(tctx,
+ "ACLs changed! Not expected!\n");
+ CHECK_MAX_FAILURES(error_exit_dir);
+ }
+ }
+
+ }
+error_exit_dir:
+ smbcli_deltree(cli1->tree, dname);
+ smbcli_rmdir(cli1->tree,dname);
+
+ if(failures)
+ return false;
+ return true;
+}
diff --git a/source4/torture/basic/base.c b/source4/torture/basic/base.c
index 0f45afd5cc..eeba252dc6 100644
--- a/source4/torture/basic/base.c
+++ b/source4/torture/basic/base.c
@@ -1866,6 +1866,7 @@ NTSTATUS torture_base_init(void)
torture_suite_add_1smb_test(suite, "PROPERTIES", torture_test_properties);
torture_suite_add_1smb_test(suite, "MANGLE", torture_mangle);
torture_suite_add_1smb_test(suite, "OPENATTR", torture_openattrtest);
+ torture_suite_add_1smb_test(suite, "WINATTR", torture_winattrtest);
torture_suite_add_suite(suite, torture_charset(suite));
torture_suite_add_1smb_test(suite, "CHKPATH", torture_chkpath_test);
torture_suite_add_1smb_test(suite, "SECLEAK", torture_sec_leak);