From 497b17ac61995f0dd07de7d9d505de5ad3a46618 Mon Sep 17 00:00:00 2001 From: Andrew Kroeger Date: Tue, 19 Feb 2008 09:03:32 -0600 Subject: torture/rpc-winreg: General fixes for a number of tests. Cleaned up issues with tests being run without the correct state being setup. Also corrected an issue with a test expecting the wrong return value to indicate a successful test run. (This used to be commit d015e595ca82f8fd3941753c00a2f3d816300be9) --- source4/torture/rpc/winreg.c | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) (limited to 'source4/torture/rpc') diff --git a/source4/torture/rpc/winreg.c b/source4/torture/rpc/winreg.c index 4695733671..96b1fb2174 100644 --- a/source4/torture/rpc/winreg.c +++ b/source4/torture/rpc/winreg.c @@ -1730,6 +1730,11 @@ static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, test_Cleanup(p, tctx, &handle, TEST_KEY3); test_Cleanup(p, tctx, &handle, TEST_KEY_BASE); + if (!test_CreateKey(p, tctx, &handle, TEST_KEY_BASE, NULL)) { + torture_comment(tctx, + "CreateKey (TEST_KEY_BASE) failed\n"); + } + if (!test_CreateKey(p, tctx, &handle, TEST_KEY1, NULL)) { torture_comment(tctx, "CreateKey failed - not considering a failure\n"); @@ -1763,9 +1768,12 @@ static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, } if (created && deleted && - test_OpenKey(p, tctx, &handle, TEST_KEY1, &newhandle)) { + !_test_OpenKey(p, tctx, &handle, TEST_KEY1, + SEC_FLAG_MAXIMUM_ALLOWED, &newhandle, + WERR_BADFILE, NULL)) { torture_comment(tctx, - "DeleteKey failed (OpenKey after Delete worked)\n"); + "DeleteKey failed (OpenKey after Delete " + "did not return WERR_BADFILE)\n"); ret = false; } @@ -1788,7 +1796,7 @@ static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, created4 = true; } - if (!created4 && !test_CloseKey(p, tctx, &newhandle)) { + if (created4 && !test_CloseKey(p, tctx, &newhandle)) { printf("CloseKey failed\n"); ret = false; } @@ -1803,7 +1811,7 @@ static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, } - if (created && !test_DeleteKey(p, tctx, &handle, TEST_KEY2)) { + if (created2 && !test_DeleteKey(p, tctx, &handle, TEST_KEY2)) { printf("DeleteKey failed\n"); ret = false; } @@ -1841,10 +1849,10 @@ static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, if(!test_key(p, tctx, &handle, MAX_DEPTH - 1)) { ret = false; } - } - - if (!test_key(p, tctx, &handle, 0)) { - ret = false; + } else { + if (!test_key(p, tctx, &handle, 0)) { + ret = false; + } } test_Cleanup(p, tctx, &handle, TEST_KEY_BASE); -- cgit From 1aa3d0649f45c6c13e007ad3e4655cb3c99170e8 Mon Sep 17 00:00:00 2001 From: Andrew Kroeger Date: Tue, 19 Feb 2008 09:13:14 -0600 Subject: torture/rpc-winreg: Modify test cases to work with recursive key deletion. (This used to be commit 3885acdee6fa3ec33cf4824826c2b8a98721382c) --- source4/torture/rpc/winreg.c | 43 ------------------------------------------- 1 file changed, 43 deletions(-) (limited to 'source4/torture/rpc') diff --git a/source4/torture/rpc/winreg.c b/source4/torture/rpc/winreg.c index 96b1fb2174..31b9c2bb56 100644 --- a/source4/torture/rpc/winreg.c +++ b/source4/torture/rpc/winreg.c @@ -848,7 +848,6 @@ static bool test_SecurityDescriptorInheritance(struct dcerpc_pipe *p, out: test_CloseKey(p, tctx, &new_handle); - test_Cleanup(p, tctx, handle, TEST_SUBSUBKEY_SD); test_Cleanup(p, tctx, handle, TEST_SUBKEY_SD); test_RestoreSecurity(p, tctx, handle, key, sd_orig); @@ -971,7 +970,6 @@ static bool test_SecurityDescriptorBlockInheritance(struct dcerpc_pipe *p, out: test_CloseKey(p, tctx, &new_handle); - test_Cleanup(p, tctx, handle, TEST_SUBSUBKEY_SD); test_Cleanup(p, tctx, handle, TEST_SUBKEY_SD); test_RestoreSecurity(p, tctx, handle, key, sd_orig); @@ -1386,27 +1384,6 @@ static bool test_DeleteKey(struct dcerpc_pipe *p, struct torture_context *tctx, return true; } -/* DeleteKey on a key with subkey(s) should - * return WERR_ACCESS_DENIED. */ -static bool test_DeleteKeyWithSubkey(struct dcerpc_pipe *p, - struct torture_context *tctx, - struct policy_handle *handle, - const char *key) -{ - struct winreg_DeleteKey r; - - r.in.handle = handle; - init_winreg_String(&r.in.key, key); - - torture_assert_ntstatus_ok(tctx, dcerpc_winreg_DeleteKey(p, tctx, &r), - "DeleteKeyWithSubkey failed"); - - torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED, - "DeleteKeyWithSubkey failed"); - - return true; -} - static bool test_QueryInfoKey(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *handle, char *class) @@ -1721,13 +1698,6 @@ static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, torture_assert_ntstatus_ok(tctx, open_fn(p, tctx, &r), "open"); - test_Cleanup(p, tctx, &handle, TEST_KEY1); - test_Cleanup(p, tctx, &handle, TEST_SUBSUBKEY_SD); - test_Cleanup(p, tctx, &handle, TEST_SUBKEY_SD); - test_Cleanup(p, tctx, &handle, TEST_KEY4); - test_Cleanup(p, tctx, &handle, TEST_KEY2); - test_Cleanup(p, tctx, &handle, TEST_SUBKEY); - test_Cleanup(p, tctx, &handle, TEST_KEY3); test_Cleanup(p, tctx, &handle, TEST_KEY_BASE); if (!test_CreateKey(p, tctx, &handle, TEST_KEY_BASE, NULL)) { @@ -1826,19 +1796,6 @@ static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, } if (created_subkey && - !test_DeleteKeyWithSubkey(p, tctx, &handle, TEST_KEY3)) { - printf("DeleteKeyWithSubkey failed " - "(DeleteKey didn't return ACCESS_DENIED)\n"); - ret = false; - } - - if (created_subkey && - !test_DeleteKey(p, tctx, &handle, TEST_SUBKEY)) { - printf("DeleteKey failed\n"); - ret = false; - } - - if (created3 && !test_DeleteKey(p, tctx, &handle, TEST_KEY3)) { printf("DeleteKey failed\n"); ret = false; -- cgit From 846c81bccb67427d54e2b84cad08b4b32128e4ab Mon Sep 17 00:00:00 2001 From: Andrew Kroeger Date: Tue, 19 Feb 2008 09:18:10 -0600 Subject: torture/rpc-winreg: Split out the security descriptor tests. The security descriptor functionality has not been implemented yet. Now that the other tests run successfully, the security descriptor tests have been split out so they can be separately marked as knownfail. The tests that test security descriptor functionality are named "*-security", while those that don't are named "*-basic". (This used to be commit 7b7aec9a2f0a684bb27761df71af506cce244b2c) --- source4/torture/rpc/winreg.c | 169 +++++++++++++++++++++++++++++-------------- 1 file changed, 113 insertions(+), 56 deletions(-) (limited to 'source4/torture/rpc') diff --git a/source4/torture/rpc/winreg.c b/source4/torture/rpc/winreg.c index 31b9c2bb56..8b602ef652 100644 --- a/source4/torture/rpc/winreg.c +++ b/source4/torture/rpc/winreg.c @@ -1420,10 +1420,12 @@ static bool test_QueryInfoKey(struct dcerpc_pipe *p, } static bool test_key(struct dcerpc_pipe *p, struct torture_context *tctx, - struct policy_handle *handle, int depth); + struct policy_handle *handle, int depth, + bool test_security); static bool test_EnumKey(struct dcerpc_pipe *p, struct torture_context *tctx, - struct policy_handle *handle, int depth) + struct policy_handle *handle, int depth, + bool test_security) { struct winreg_EnumKey r; struct winreg_StringBuf class, name; @@ -1456,7 +1458,8 @@ static bool test_EnumKey(struct dcerpc_pipe *p, struct torture_context *tctx, if (!test_OpenKey(p, tctx, handle, r.out.name->name, &key_handle)) { } else { - test_key(p, tctx, &key_handle, depth + 1); + test_key(p, tctx, &key_handle, + depth + 1, test_security); } } @@ -1653,7 +1656,8 @@ static bool test_InitiateSystemShutdownEx(struct torture_context *tctx, #define MAX_DEPTH 2 /* Only go this far down the tree */ static bool test_key(struct dcerpc_pipe *p, struct torture_context *tctx, - struct policy_handle *handle, int depth) + struct policy_handle *handle, int depth, + bool test_security) { if (depth == MAX_DEPTH) return true; @@ -1664,10 +1668,10 @@ static bool test_key(struct dcerpc_pipe *p, struct torture_context *tctx, if (!test_NotifyChangeKeyValue(p, tctx, handle)) { } - if (!test_GetKeySecurity(p, tctx, handle, NULL)) { + if (test_security && !test_GetKeySecurity(p, tctx, handle, NULL)) { } - if (!test_EnumKey(p, tctx, handle, depth)) { + if (!test_EnumKey(p, tctx, handle, depth, test_security)) { } if (!test_EnumValue(p, tctx, handle, 0xFF, 0xFFFF)) { @@ -1680,13 +1684,85 @@ static bool test_key(struct dcerpc_pipe *p, struct torture_context *tctx, typedef NTSTATUS (*winreg_open_fn)(struct dcerpc_pipe *, TALLOC_CTX *, void *); +static bool test_Open_Security(struct torture_context *tctx, + struct dcerpc_pipe *p, void *userdata) +{ + struct policy_handle handle, newhandle; + bool ret = true, created2 = false; + bool created4 = false; + struct winreg_OpenHKLM r; + + winreg_open_fn open_fn = userdata; + + r.in.system_name = 0; + r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; + r.out.handle = &handle; + + torture_assert_ntstatus_ok(tctx, open_fn(p, tctx, &r), + "open"); + + test_Cleanup(p, tctx, &handle, TEST_KEY_BASE); + + if (!test_CreateKey(p, tctx, &handle, TEST_KEY_BASE, NULL)) { + torture_comment(tctx, + "CreateKey (TEST_KEY_BASE) failed\n"); + } + + if (test_CreateKey_sd(p, tctx, &handle, TEST_KEY2, + NULL, &newhandle)) { + created2 = true; + } + + if (created2 && !test_CloseKey(p, tctx, &newhandle)) { + printf("CloseKey failed\n"); + ret = false; + } + + if (test_CreateKey_sd(p, tctx, &handle, TEST_KEY4, NULL, &newhandle)) { + created4 = true; + } + + if (created4 && !test_CloseKey(p, tctx, &newhandle)) { + printf("CloseKey failed\n"); + ret = false; + } + + if (created4 && !test_SecurityDescriptors(p, tctx, &handle, TEST_KEY4)) { + ret = false; + } + + if (created4 && !test_DeleteKey(p, tctx, &handle, TEST_KEY4)) { + printf("DeleteKey failed\n"); + ret = false; + } + + if (created2 && !test_DeleteKey(p, tctx, &handle, TEST_KEY2)) { + printf("DeleteKey failed\n"); + ret = false; + } + + /* The HKCR hive has a very large fanout */ + if (open_fn == (void *)dcerpc_winreg_OpenHKCR) { + if(!test_key(p, tctx, &handle, MAX_DEPTH - 1, true)) { + ret = false; + } + } else { + if (!test_key(p, tctx, &handle, 0, true)) { + ret = false; + } + } + + test_Cleanup(p, tctx, &handle, TEST_KEY_BASE); + + return ret; +} + static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, void *userdata) { struct policy_handle handle, newhandle; - bool ret = true, created = false, created2 = false, deleted = false; + bool ret = true, created = false, deleted = false; bool created3 = false, created_subkey = false; - bool created4 = false; struct winreg_OpenHKLM r; winreg_open_fn open_fn = userdata; @@ -1752,40 +1828,6 @@ static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, ret = false; } - if (created && test_CreateKey_sd(p, tctx, &handle, TEST_KEY2, - NULL, &newhandle)) { - created2 = true; - } - - if (created2 && !test_CloseKey(p, tctx, &newhandle)) { - printf("CloseKey failed\n"); - ret = false; - } - - if (test_CreateKey_sd(p, tctx, &handle, TEST_KEY4, NULL, &newhandle)) { - created4 = true; - } - - if (created4 && !test_CloseKey(p, tctx, &newhandle)) { - printf("CloseKey failed\n"); - ret = false; - } - - if (created4 && !test_SecurityDescriptors(p, tctx, &handle, TEST_KEY4)) { - ret = false; - } - - if (created4 && !test_DeleteKey(p, tctx, &handle, TEST_KEY4)) { - printf("DeleteKey failed\n"); - ret = false; - } - - - if (created2 && !test_DeleteKey(p, tctx, &handle, TEST_KEY2)) { - printf("DeleteKey failed\n"); - ret = false; - } - if (created && test_CreateKey(p, tctx, &handle, TEST_KEY3, NULL)) { created3 = true; } @@ -1803,11 +1845,11 @@ static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, /* The HKCR hive has a very large fanout */ if (open_fn == (void *)dcerpc_winreg_OpenHKCR) { - if(!test_key(p, tctx, &handle, MAX_DEPTH - 1)) { + if(!test_key(p, tctx, &handle, MAX_DEPTH - 1, false)) { ret = false; } } else { - if (!test_key(p, tctx, &handle, 0)) { + if (!test_key(p, tctx, &handle, 0, false)) { ret = false; } } @@ -1819,14 +1861,6 @@ static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, struct torture_suite *torture_rpc_winreg(TALLOC_CTX *mem_ctx) { - struct { - const char *name; - winreg_open_fn fn; - } open_fns[] = {{"OpenHKLM", (winreg_open_fn)dcerpc_winreg_OpenHKLM }, - {"OpenHKU", (winreg_open_fn)dcerpc_winreg_OpenHKU }, - {"OpenHKCR", (winreg_open_fn)dcerpc_winreg_OpenHKCR }, - {"OpenHKCU", (winreg_open_fn)dcerpc_winreg_OpenHKCU }}; - int i; struct torture_rpc_tcase *tcase; struct torture_suite *suite = torture_suite_create(mem_ctx, "WINREG"); struct torture_test *test; @@ -1842,10 +1876,33 @@ struct torture_suite *torture_rpc_winreg(TALLOC_CTX *mem_ctx) test_InitiateSystemShutdownEx); test->dangerous = true; - for (i = 0; i < ARRAY_SIZE(open_fns); i++) { - torture_rpc_tcase_add_test_ex(tcase, open_fns[i].name, - test_Open, open_fns[i].fn); - } + /* Basic tests without security descriptors */ + torture_rpc_tcase_add_test_ex(tcase, "HKLM-basic", + test_Open, + (winreg_open_fn)dcerpc_winreg_OpenHKLM); + torture_rpc_tcase_add_test_ex(tcase, "HKU-basic", + test_Open, + (winreg_open_fn)dcerpc_winreg_OpenHKU); + torture_rpc_tcase_add_test_ex(tcase, "HKCR-basic", + test_Open, + (winreg_open_fn)dcerpc_winreg_OpenHKCR); + torture_rpc_tcase_add_test_ex(tcase, "HKCU-basic", + test_Open, + (winreg_open_fn)dcerpc_winreg_OpenHKCU); + + /* Security descriptor tests */ + torture_rpc_tcase_add_test_ex(tcase, "HKLM-security", + test_Open_Security, + (winreg_open_fn)dcerpc_winreg_OpenHKLM); + torture_rpc_tcase_add_test_ex(tcase, "HKU-security", + test_Open_Security, + (winreg_open_fn)dcerpc_winreg_OpenHKU); + torture_rpc_tcase_add_test_ex(tcase, "HKCR-security", + test_Open_Security, + (winreg_open_fn)dcerpc_winreg_OpenHKCR); + torture_rpc_tcase_add_test_ex(tcase, "HKCU-security", + test_Open_Security, + (winreg_open_fn)dcerpc_winreg_OpenHKCU); return suite; } -- cgit