From 8ae5b50a6e787767bc00d42533ca29d8fb136e2e Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 20 Jan 2004 06:07:09 +0000 Subject: added code to the RPC-SPOOLSS test that demonstrates that policy handles are not shared between open dcerpc connections, even when those connections are on the same SMB socket. I have tested this with w2k3, w2k and NT4. It seems that policy handles have a strict scope of the dcerpc connection on which they were opened. I realise that this goes against existing folk-law in the team, but it seems that the previous testing (I'm not sure who did this?) was wrong. Perhaps clients do send us policy handles from other connections, but if they do then the correct thing to do is to fail the operation with a dcerpc fault. I suspect that failing it with exactly the right dcerpc fault code is important. (This used to be commit 2ed24d29bafd9055d5782acdd595cd0f378a651a) --- source4/torture/rpc/spoolss.c | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) (limited to 'source4/torture') diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c index 14cfbd0d29..5b118bec7b 100644 --- a/source4/torture/rpc/spoolss.c +++ b/source4/torture/rpc/spoolss.c @@ -573,6 +573,39 @@ static BOOL test_SetPrinterData(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return True; } +static BOOL test_SecondaryClosePrinter(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + struct policy_handle *handle) +{ + NTSTATUS status; + struct dcerpc_pipe *p2; + + /* only makes sense on SMB */ + if (p->transport.transport != NCACN_NP) { + return True; + } + + printf("testing close on secondary pipe\n"); + + status = dcerpc_secondary_smb(p, &p2, + DCERPC_SPOOLSS_NAME, + DCERPC_SPOOLSS_UUID, + DCERPC_SPOOLSS_VERSION); + if (!NT_STATUS_IS_OK(status)) { + printf("Failed to create secondary connection\n"); + return False; + } + + if (test_ClosePrinter(p2, mem_ctx, handle)) { + printf("ERROR: Allowed close on secondary connection!\n"); + dcerpc_pipe_close(p2); + return False; + } + + dcerpc_pipe_close(p2); + + return True; +} + static BOOL test_OpenPrinter(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, const char *name) { @@ -605,6 +638,10 @@ static BOOL test_OpenPrinter(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, ret = False; } + if (!test_SecondaryClosePrinter(p, mem_ctx, &handle)) { + ret = False; + } + if (!test_ClosePrinter(p, mem_ctx, &handle)) { ret = False; } @@ -693,6 +730,10 @@ static BOOL test_OpenPrinterEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, ret = False; } + if (!test_SecondaryClosePrinter(p, mem_ctx, &handle)) { + ret = False; + } + if (!test_ClosePrinter(p, mem_ctx, &handle)) { ret = False; } -- cgit