summaryrefslogtreecommitdiff
path: root/source4/torture
diff options
context:
space:
mode:
Diffstat (limited to 'source4/torture')
-rw-r--r--source4/torture/auth/pac.c97
-rw-r--r--source4/torture/nbt/winsreplication.c12
-rw-r--r--source4/torture/raw/open.c44
-rw-r--r--source4/torture/smb2/create.c101
4 files changed, 187 insertions, 67 deletions
diff --git a/source4/torture/auth/pac.c b/source4/torture/auth/pac.c
index 7fdd7e58bf..4e51c66950 100644
--- a/source4/torture/auth/pac.c
+++ b/source4/torture/auth/pac.c
@@ -279,7 +279,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
struct auth_serversupplied_info *server_info_out;
krb5_keyblock server_keyblock;
- krb5_keyblock krbtgt_keyblock;
+ krb5_keyblock krbtgt_keyblock, *krbtgt_keyblock_p;
struct samr_Password *krbtgt_bytes, *krbsrv_bytes;
krb5_error_code ret;
@@ -309,9 +309,13 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
/* The krbtgt key in use when the above PAC was generated.
* This is an arcfour-hmac-md5 key, extracted with our 'net
* samdump' tool. */
- krbtgt_bytes = smbpasswd_gethexpwd(mem_ctx, pac_kdc_key);
- if (!krbtgt_bytes) {
- torture_fail(tctx, "(saved test) Could not interpret krbtgt key");
+ if (*pac_kdc_key == 0) {
+ krbtgt_bytes = NULL;
+ } else {
+ krbtgt_bytes = smbpasswd_gethexpwd(mem_ctx, pac_kdc_key);
+ if (!krbtgt_bytes) {
+ torture_fail(tctx, "(saved test) Could not interpret krbtgt key");
+ }
}
krbsrv_bytes = smbpasswd_gethexpwd(mem_ctx, pac_member_key);
@@ -329,18 +333,23 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
smb_get_krb5_error_message(smb_krb5_context->krb5_context,
ret, mem_ctx)));
- ret = krb5_keyblock_init(smb_krb5_context->krb5_context,
- ENCTYPE_ARCFOUR_HMAC,
- krbtgt_bytes->hash, sizeof(krbtgt_bytes->hash),
- &krbtgt_keyblock);
- if (ret) {
- krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &server_keyblock);
- torture_fail(tctx,
- talloc_asprintf(tctx,
- "(saved test) Server Keyblock encoding failed: %s",
- smb_get_krb5_error_message(smb_krb5_context->krb5_context,
- ret, mem_ctx)));
+ if (krbtgt_bytes) {
+ ret = krb5_keyblock_init(smb_krb5_context->krb5_context,
+ ENCTYPE_ARCFOUR_HMAC,
+ krbtgt_bytes->hash, sizeof(krbtgt_bytes->hash),
+ &krbtgt_keyblock);
+ if (ret) {
+ krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
+ &server_keyblock);
+ torture_fail(tctx,
+ talloc_asprintf(tctx,
+ "(saved test) Server Keyblock encoding failed: %s",
+ smb_get_krb5_error_message(smb_krb5_context->krb5_context,
+ ret, mem_ctx)));
+ }
+ krbtgt_keyblock_p = &krbtgt_keyblock;
+ } else {
+ krbtgt_keyblock_p = NULL;
}
pac_file = torture_setting_string(tctx, "pac_file", NULL);
@@ -363,7 +372,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
&client_principal);
if (ret) {
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
torture_fail(tctx,
@@ -379,12 +388,12 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
&pac_data,
tmp_blob,
smb_krb5_context->krb5_context,
- &krbtgt_keyblock,
+ krbtgt_keyblock_p,
&server_keyblock,
client_principal, authtime, NULL);
if (!NT_STATUS_IS_OK(nt_status)) {
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
@@ -400,13 +409,13 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
&logon_info,
tmp_blob,
smb_krb5_context->krb5_context,
- &krbtgt_keyblock,
+ krbtgt_keyblock_p,
&server_keyblock,
client_principal, authtime, NULL);
if (!NT_STATUS_IS_OK(nt_status)) {
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
@@ -424,7 +433,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
&server_info_out);
if (!NT_STATUS_IS_OK(nt_status)) {
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
@@ -440,7 +449,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
"S-1-5-21-3048156945-3961193616-3706469200-1005"),
server_info_out->account_sid)) {
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
@@ -452,17 +461,25 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
dom_sid_string(mem_ctx, server_info_out->account_sid)));
}
+ if (krbtgt_bytes == NULL) {
+ torture_comment(tctx, "skipping PAC encoding tests as non kdc key\n");
+ krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
+ &server_keyblock);
+ krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
+ return true;
+ }
+
ret = kerberos_encode_pac(mem_ctx,
lp_iconv_convenience(tctx->lp_ctx),
pac_data,
smb_krb5_context->krb5_context,
- &krbtgt_keyblock,
+ krbtgt_keyblock_p,
&server_keyblock,
&validate_blob);
if (ret != 0) {
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
@@ -478,7 +495,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
*/
if (tmp_blob.length != validate_blob.length) {
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
@@ -491,7 +508,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
if (memcmp(tmp_blob.data, validate_blob.data, tmp_blob.length) != 0) {
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
@@ -508,14 +525,14 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
lp_iconv_convenience(tctx->lp_ctx),
server_info_out,
smb_krb5_context->krb5_context,
- &krbtgt_keyblock,
+ krbtgt_keyblock_p,
&server_keyblock,
client_principal, authtime,
&validate_blob);
if (ret != 0) {
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
@@ -541,7 +558,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
NDR_PRINT_DEBUG(PAC_DATA, &pac_data2);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
@@ -563,7 +580,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
NDR_PRINT_DEBUG(PAC_DATA, &pac_data2);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
@@ -583,14 +600,14 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
&pac_data,
tmp_blob,
smb_krb5_context->krb5_context,
- &krbtgt_keyblock,
+ krbtgt_keyblock_p,
&server_keyblock,
client_principal,
authtime + 1, NULL);
if (NT_STATUS_IS_OK(nt_status)) {
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
krb5_free_principal(smb_krb5_context->krb5_context, client_principal);
@@ -608,7 +625,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
if (ret) {
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
torture_fail(tctx, talloc_asprintf(tctx,
@@ -621,13 +638,13 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
&pac_data,
tmp_blob,
smb_krb5_context->krb5_context,
- &krbtgt_keyblock,
+ krbtgt_keyblock_p,
&server_keyblock,
client_principal,
authtime, NULL);
if (NT_STATUS_IS_OK(nt_status)) {
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
torture_fail(tctx, "(saved test) PAC decoding DID NOT fail on modified principal");
@@ -641,20 +658,20 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
&pac_data,
tmp_blob,
smb_krb5_context->krb5_context,
- &krbtgt_keyblock,
+ krbtgt_keyblock_p,
&server_keyblock,
client_principal,
authtime, NULL);
if (NT_STATUS_IS_OK(nt_status)) {
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
torture_fail(tctx, "(saved test) PAC decoding DID NOT fail on broken checksum");
}
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
- &krbtgt_keyblock);
+ krbtgt_keyblock_p);
krb5_free_keyblock_contents(smb_krb5_context->krb5_context,
&server_keyblock);
return true;
@@ -666,9 +683,7 @@ struct torture_suite *torture_pac(TALLOC_CTX *mem_ctx)
torture_suite_add_simple_test(suite, "self check",
torture_pac_self_check);
-
torture_suite_add_simple_test(suite, "saved check",
torture_pac_saved_check);
-
return suite;
}
diff --git a/source4/torture/nbt/winsreplication.c b/source4/torture/nbt/winsreplication.c
index ee7a1510d5..6b600bd7cd 100644
--- a/source4/torture/nbt/winsreplication.c
+++ b/source4/torture/nbt/winsreplication.c
@@ -6701,7 +6701,6 @@ static bool test_conflict_owned_active_vs_replica(struct torture_context *tctx,
/*
* unique vs. unique section
*/
-#if METZE_NEEDS_TO_LOOK_AT_THIS_ONE
/*
* unique,active vs. unique,active with same ip(s), unchecked
*/
@@ -6728,7 +6727,6 @@ static bool test_conflict_owned_active_vs_replica(struct torture_context *tctx,
.apply_expected = true
},
},
-#endif
/*
* unique,active vs. unique,active with different ip(s), positive response
*/
@@ -8967,7 +8965,6 @@ static bool test_conflict_owned_active_vs_replica(struct torture_context *tctx,
.sgroup_merge = true
},
},
-#if 0
/*
* sgroup,active vs. sgroup,active with same ip(s)
*/
@@ -9157,7 +9154,6 @@ static bool test_conflict_owned_active_vs_replica(struct torture_context *tctx,
.apply_expected = false
},
},
-#endif
};
if (!ctx->nbtsock_srv) {
@@ -9543,7 +9539,9 @@ static void test_conflict_owned_active_vs_replica_handler_query(struct nbt_name_
talloc_free(rep_packet);
/* make sure we push the reply to the wire */
- event_loop_once(nbtsock->event_ctx);
+ while (nbtsock->send_queue) {
+ event_loop_once(nbtsock->event_ctx);
+ }
msleep(1000);
rec->defend.timeout = 0;
@@ -9598,7 +9596,9 @@ static void test_conflict_owned_active_vs_replica_handler_release(
talloc_free(rep_packet);
/* make sure we push the reply to the wire */
- event_loop_once(nbtsock->event_ctx);
+ while (nbtsock->send_queue) {
+ event_loop_once(nbtsock->event_ctx);
+ }
msleep(1000);
rec->defend.timeout = 0;
diff --git a/source4/torture/raw/open.c b/source4/torture/raw/open.c
index b6979fa0d9..f3494ea3d0 100644
--- a/source4/torture/raw/open.c
+++ b/source4/torture/raw/open.c
@@ -844,6 +844,8 @@ static bool test_nttrans_create(struct smbcli_state *cli, struct torture_context
int fnum = -1;
bool ret = true;
int i;
+ uint32_t ok_mask, not_supported_mask, invalid_parameter_mask;
+ uint32_t not_a_directory_mask, unexpected_mask;
struct {
uint32_t open_disp;
bool with_file;
@@ -982,6 +984,10 @@ static bool test_nttrans_create(struct smbcli_state *cli, struct torture_context
}
io.ntcreatex.in.create_options = create_option;
status = smb_raw_open(cli->tree, tctx, &io);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("ntcreatex create option 0x%08x gave %s - should give NT_STATUS_OK\n",
+ create_option, nt_errstr(status));
+ }
CHECK_STATUS(status, NT_STATUS_OK);
fnum = io.ntcreatex.out.file.fnum;
@@ -999,6 +1005,44 @@ static bool test_nttrans_create(struct smbcli_state *cli, struct torture_context
smbcli_close(cli->tree, fnum);
}
+ io.ntcreatex.in.file_attr = 0;
+ io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF;
+ io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+
+ /* Check for options that should return NOT_SUPPORTED, OK or INVALID_PARAMETER */
+ ok_mask = 0;
+ not_supported_mask = 0;
+ invalid_parameter_mask = 0;
+ not_a_directory_mask = 0;
+ unexpected_mask = 0;
+ for (i=0; i < 32; i++) {
+ uint32_t create_option = 1<<i;
+ if (create_option & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) {
+ continue;
+ }
+ io.ntcreatex.in.create_options = create_option;
+ status = smb_raw_open(cli->tree, tctx, &io);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
+ not_supported_mask |= create_option;
+ } else if (NT_STATUS_EQUAL(status, NT_STATUS_OK)) {
+ ok_mask |= create_option;
+ smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
+ } else if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
+ invalid_parameter_mask |= create_option;
+ } else if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_A_DIRECTORY)) {
+ not_a_directory_mask |= 1<<i;
+ } else {
+ unexpected_mask |= 1<<i;
+ printf("create option 0x%08x returned %s\n", create_option, nt_errstr(status));
+ }
+ }
+
+ CHECK_VAL(ok_mask, 0x00efcfce);
+ CHECK_VAL(not_a_directory_mask, 0x00000001);
+ CHECK_VAL(not_supported_mask, 0x00002000);
+ CHECK_VAL(invalid_parameter_mask, 0xff100030);
+ CHECK_VAL(unexpected_mask, 0x00000000);
+
smbcli_unlink(cli->tree, fname);
diff --git a/source4/torture/smb2/create.c b/source4/torture/smb2/create.c
index c23ff8b8ce..4d1b4a7ed0 100644
--- a/source4/torture/smb2/create.c
+++ b/source4/torture/smb2/create.c
@@ -52,7 +52,9 @@ static bool test_create_gentest(struct torture_context *torture, struct smb2_tre
struct smb2_create io;
NTSTATUS status;
TALLOC_CTX *tmp_ctx = talloc_new(tree);
- uint32_t access_mask, file_attributes, file_attributes_set, denied_mask;
+ uint32_t access_mask, file_attributes_set;
+ uint32_t ok_mask, not_supported_mask, invalid_parameter_mask;
+ uint32_t not_a_directory_mask, unexpected_mask;
union smb_fileinfo q;
ZERO_STRUCT(io);
@@ -76,14 +78,6 @@ static bool test_create_gentest(struct torture_context *torture, struct smb2_tre
status = smb2_create(tree, tmp_ctx, &io);
CHECK_STATUS(status, NT_STATUS_INVALID_PARAMETER);
- io.in.create_options = 0x00100000;
- status = smb2_create(tree, tmp_ctx, &io);
- CHECK_STATUS(status, NT_STATUS_NOT_SUPPORTED);
-
- io.in.create_options = 0xF0100000;
- status = smb2_create(tree, tmp_ctx, &io);
- CHECK_STATUS(status, NT_STATUS_NOT_SUPPORTED);
-
io.in.create_options = 0;
io.in.file_attributes = FILE_ATTRIBUTE_DEVICE;
@@ -108,6 +102,46 @@ static bool test_create_gentest(struct torture_context *torture, struct smb2_tre
status = smb2_create(tree, tmp_ctx, &io);
CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ io.in.file_attributes = 0;
+ io.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
+ io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
+ ok_mask = 0;
+ not_supported_mask = 0;
+ invalid_parameter_mask = 0;
+ not_a_directory_mask = 0;
+ unexpected_mask = 0;
+ {
+ int i;
+ for (i=0;i<32;i++) {
+ io.in.create_options = 1<<i;
+ if (io.in.create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) {
+ continue;
+ }
+ status = smb2_create(tree, tmp_ctx, &io);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
+ not_supported_mask |= 1<<i;
+ } else if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
+ invalid_parameter_mask |= 1<<i;
+ } else if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_A_DIRECTORY)) {
+ not_a_directory_mask |= 1<<i;
+ } else if (NT_STATUS_EQUAL(status, NT_STATUS_OK)) {
+ ok_mask |= 1<<i;
+ status = smb2_util_close(tree, io.out.file.handle);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ } else {
+ unexpected_mask |= 1<<i;
+ printf("create option 0x%08x returned %s\n", 1<<i, nt_errstr(status));
+ }
+ }
+ }
+ io.in.create_options = 0;
+
+ CHECK_EQUAL(ok_mask, 0x00efcf7e);
+ CHECK_EQUAL(not_a_directory_mask, 0x00000001);
+ CHECK_EQUAL(not_supported_mask, 0x00102080);
+ CHECK_EQUAL(invalid_parameter_mask, 0xff000000);
+ CHECK_EQUAL(unexpected_mask, 0x00000000);
+
io.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
io.in.file_attributes = 0;
access_mask = 0;
@@ -132,31 +166,58 @@ static bool test_create_gentest(struct torture_context *torture, struct smb2_tre
io.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
io.in.file_attributes = 0;
- file_attributes = 0;
+ ok_mask = 0;
+ invalid_parameter_mask = 0;
+ unexpected_mask = 0;
file_attributes_set = 0;
- denied_mask = 0;
{
int i;
for (i=0;i<32;i++) {
io.in.file_attributes = 1<<i;
+ if (io.in.file_attributes & FILE_ATTRIBUTE_ENCRYPTED) {
+ continue;
+ }
smb2_deltree(tree, FNAME);
status = smb2_create(tree, tmp_ctx, &io);
if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
- file_attributes |= io.in.file_attributes;
- } else if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
- denied_mask |= io.in.file_attributes;
- } else {
- CHECK_STATUS(status, NT_STATUS_OK);
+ invalid_parameter_mask |= 1<<i;
+ } else if (NT_STATUS_IS_OK(status)) {
+ uint32_t expected;
+ ok_mask |= 1<<i;
+
+ expected = (io.in.file_attributes | FILE_ATTRIBUTE_ARCHIVE) & 0x00005127;
+ CHECK_EQUAL(io.out.file_attr, expected);
+ file_attributes_set |= io.out.file_attr;
+
status = smb2_util_close(tree, io.out.file.handle);
CHECK_STATUS(status, NT_STATUS_OK);
- file_attributes_set |= io.out.file_attr;
+ } else {
+ unexpected_mask |= 1<<i;
+ printf("file attribute 0x%08x returned %s\n", 1<<i, nt_errstr(status));
}
}
}
- CHECK_EQUAL(file_attributes, 0xffff8048);
- CHECK_EQUAL(denied_mask, 0x4000);
- CHECK_EQUAL(file_attributes_set, 0x00001127);
+ CHECK_EQUAL(ok_mask, 0x00003fb7);
+ CHECK_EQUAL(invalid_parameter_mask, 0xffff8048);
+ CHECK_EQUAL(unexpected_mask, 0x00000000);
+ CHECK_EQUAL(file_attributes_set, 0x00001127);
+
+ smb2_deltree(tree, FNAME);
+
+ /*
+ * Standalone servers doesn't support encryption
+ */
+ io.in.file_attributes = FILE_ATTRIBUTE_ENCRYPTED;
+ status = smb2_create(tree, tmp_ctx, &io);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ printf("FILE_ATTRIBUTE_ENCRYPTED returned %s\n", nt_errstr(status));
+ } else {
+ CHECK_STATUS(status, NT_STATUS_OK);
+ CHECK_EQUAL(io.out.file_attr, (FILE_ATTRIBUTE_ENCRYPTED | FILE_ATTRIBUTE_ARCHIVE));
+ status = smb2_util_close(tree, io.out.file.handle);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ }
smb2_deltree(tree, FNAME);