source4/torture/rpc/spoolss_access.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    test suite for spoolss rpc operations
   4
   5    Copyright (C) Guenther Deschner 2010
   6
   7    This program is free software; you can redistribute it and/or modify
   8    it under the terms of the GNU General Public License as published by
   9    the Free Software Foundation; either version 3 of the License, or
  10    (at your option) any later version.
  11
  12    This program is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15    GNU General Public License for more details.
  16
  17    You should have received a copy of the GNU General Public License
  18    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  19 */
  20
  21 #include "includes.h"
  22 #include "torture/torture.h"
  23 #include "librpc/gen_ndr/ndr_misc.h"
  24 #include "librpc/gen_ndr/ndr_spoolss.h"
  25 #include "librpc/gen_ndr/ndr_spoolss_c.h"
  26 #include "librpc/gen_ndr/ndr_samr_c.h"
  27 #include "librpc/gen_ndr/ndr_lsa_c.h"
  28 #include "librpc/gen_ndr/ndr_security.h"
  29 #include "libcli/security/security.h"
  30 #include "torture/rpc/torture_rpc.h"
  31 #include "param/param.h"
  32 #include "lib/cmdline/popt_common.h"
  33
  34 #define TORTURE_USER                    "torture_user"
  35 #define TORTURE_USER_ADMINGROUP         "torture_user_544"
  36 #define TORTURE_USER_PRINTOPGROUP       "torture_user_550"
  37 #define TORTURE_USER_PRINTOPPRIV        "torture_user_priv"
  38 #define TORTURE_USER_SD                 "torture_user_sd"
  39
  40 struct torture_user {
  41         const char *username;
  42         void *testuser;
  43         uint32_t *builtin_memberships;
  44         uint32_t num_builtin_memberships;
  45         const char **privs;
  46         uint32_t num_privs;
  47         bool privs_present;
  48         bool sd;
  49 };
  50
  51 struct torture_access_context {
  52         struct dcerpc_pipe *spoolss_pipe;
  53         const char *printername;
  54         struct security_descriptor *sd_orig;
  55         struct torture_user user;
  56 };
  57
  58 static bool test_openprinter_handle(struct torture_context *tctx,
  59                                     struct dcerpc_pipe *p,
  60                                     const char *printername,
  61                                     const char *username,
  62                                     uint32_t access_mask,
  63                                     struct policy_handle *handle)
  64 {
  65         struct spoolss_OpenPrinterEx r;
  66         struct spoolss_UserLevel1 level1;
  67         struct dcerpc_binding_handle *b = p->binding_handle;
  68
  69         level1.size     = 28;
  70         level1.client   = talloc_asprintf(tctx, "\\\\%s", "smbtorture");
  71         level1.user     = username;
  72         level1.build    = 1381;
  73         level1.major    = 3;
  74         level1.minor    = 0;
  75         level1.processor= 0;
  76
  77         r.in.printername        = printername;
  78         r.in.datatype           = NULL;
  79         r.in.devmode_ctr.devmode= NULL;
  80         r.in.access_mask        = access_mask;
  81         r.in.level              = 1;
  82         r.in.userlevel.level1   = &level1;
  83         r.out.handle            = handle;
  84
  85         torture_comment(tctx, "Testing OpenPrinterEx(%s) with access_mask 0x%08x\n",
  86                 r.in.printername, r.in.access_mask);
  87
  88         torture_assert_ntstatus_ok(tctx,
  89                 dcerpc_spoolss_OpenPrinterEx_r(b, tctx, &r),
  90                 "OpenPrinterEx failed");
  91         torture_assert_werr_ok(tctx, r.out.result,
  92                 talloc_asprintf(tctx, "OpenPrinterEx(%s) as '%s' with access_mask: 0x%08x failed",
  93                         r.in.printername, username, r.in.access_mask));
  94
  95         return true;
  96 }
  97
  98 static bool test_openprinter_access(struct torture_context *tctx,
  99                                     struct dcerpc_pipe *p,
 100                                     const char *printername,
 101                                     const char *username,
 102                                     uint32_t access_mask)
 103 {
 104         struct policy_handle handle;
 105         struct dcerpc_binding_handle *b = p->binding_handle;
 106
 107         if (test_openprinter_handle(tctx, p, printername, username, access_mask, &handle)) {
 108                 test_ClosePrinter(tctx, b, &handle);
 109                 return true;
 110         }
 111
 112         return false;
 113 }
 114
 115 static bool spoolss_access_setup_membership(struct torture_context *tctx,
 116                                             struct dcerpc_pipe *p,
 117                                             uint32_t num_members,
 118                                             uint32_t *members,
 119                                             struct dom_sid *user_sid)
 120 {
 121         struct dcerpc_binding_handle *b = p->binding_handle;
 122         struct policy_handle connect_handle, domain_handle;
 123         int i;
 124
 125         {
 126                 struct samr_Connect2 r;
 127                 r.in.system_name = "";
 128                 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 129                 r.out.connect_handle = &connect_handle;
 130
 131                 torture_assert_ntstatus_ok(tctx,
 132                         dcerpc_samr_Connect2_r(b, tctx, &r),
 133                         "samr_Connect2 failed");
 134                 torture_assert_ntstatus_ok(tctx, r.out.result,
 135                         "samr_Connect2 failed");
 136         }
 137
 138         {
 139                 struct samr_OpenDomain r;
 140                 r.in.connect_handle = &connect_handle;
 141                 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 142                 r.in.sid = dom_sid_parse_talloc(tctx, "S-1-5-32");
 143                 r.out.domain_handle = &domain_handle;
 144
 145                 torture_assert_ntstatus_ok(tctx,
 146                         dcerpc_samr_OpenDomain_r(b, tctx, &r),
 147                         "samr_OpenDomain failed");
 148                 torture_assert_ntstatus_ok(tctx, r.out.result,
 149                         "samr_OpenDomain failed");
 150         }
 151
 152         for (i=0; i < num_members; i++) {
 153
 154                 struct policy_handle alias_handle;
 155
 156                 {
 157                 struct samr_OpenAlias r;
 158                 r.in.domain_handle = &domain_handle;
 159                 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 160                 r.in.rid = members[i];
 161                 r.out.alias_handle = &alias_handle;
 162
 163                 torture_assert_ntstatus_ok(tctx,
 164                         dcerpc_samr_OpenAlias_r(b, tctx, &r),
 165                         "samr_OpenAlias failed");
 166                 torture_assert_ntstatus_ok(tctx, r.out.result,
 167                         "samr_OpenAlias failed");
 168                 }
 169
 170                 {
 171                 struct samr_AddAliasMember r;
 172                 r.in.alias_handle = &alias_handle;
 173                 r.in.sid = user_sid;
 174
 175                 torture_assert_ntstatus_ok(tctx,
 176                         dcerpc_samr_AddAliasMember_r(b, tctx, &r),
 177                         "samr_AddAliasMember failed");
 178                 torture_assert_ntstatus_ok(tctx, r.out.result,
 179                         "samr_AddAliasMember failed");
 180                 }
 181
 182                 test_samr_handle_Close(b, tctx, &alias_handle);
 183         }
 184
 185         test_samr_handle_Close(b, tctx, &domain_handle);
 186         test_samr_handle_Close(b, tctx, &connect_handle);
 187
 188         return true;
 189 }
 190
 191 static void init_lsa_StringLarge(struct lsa_StringLarge *name, const char *s)
 192 {
 193         name->string = s;
 194 }
 195 static void init_lsa_String(struct lsa_String *name, const char *s)
 196 {
 197         name->string = s;
 198 }
 199
 200 static bool spoolss_access_setup_privs(struct torture_context *tctx,
 201                                        struct dcerpc_pipe *p,
 202                                        uint32_t num_privs,
 203                                        const char **privs,
 204                                        struct dom_sid *user_sid,
 205                                        bool *privs_present)
 206 {
 207         struct dcerpc_binding_handle *b = p->binding_handle;
 208         struct policy_handle *handle;
 209         int i;
 210
 211         torture_assert(tctx,
 212                 test_lsa_OpenPolicy2(b, tctx, &handle),
 213                 "failed to open policy");
 214
 215         for (i=0; i < num_privs; i++) {
 216                 struct lsa_LookupPrivValue r;
 217                 struct lsa_LUID luid;
 218                 struct lsa_String name;
 219
 220                 init_lsa_String(&name, privs[i]);
 221
 222                 r.in.handle = handle;
 223                 r.in.name = &name;
 224                 r.out.luid = &luid;
 225
 226                 torture_assert_ntstatus_ok(tctx,
 227                         dcerpc_lsa_LookupPrivValue_r(b, tctx, &r),
 228                         "lsa_LookupPrivValue failed");
 229                 if (!NT_STATUS_IS_OK(r.out.result)) {
 230                         torture_comment(tctx, "lsa_LookupPrivValue failed for '%s' with %s\n",
 231                                         privs[i], nt_errstr(r.out.result));
 232                         *privs_present = false;
 233                         return true;
 234                 }
 235         }
 236
 237         *privs_present = true;
 238
 239         {
 240                 struct lsa_AddAccountRights r;
 241                 struct lsa_RightSet rights;
 242
 243                 rights.count = num_privs;
 244                 rights.names = talloc_zero_array(tctx, struct lsa_StringLarge, rights.count);
 245
 246                 for (i=0; i < rights.count; i++) {
 247                         init_lsa_StringLarge(&rights.names[i], privs[i]);
 248                 }
 249
 250                 r.in.handle = handle;
 251                 r.in.sid = user_sid;
 252                 r.in.rights = &rights;
 253
 254                 torture_assert_ntstatus_ok(tctx,
 255                         dcerpc_lsa_AddAccountRights_r(b, tctx, &r),
 256                         "lsa_AddAccountRights failed");
 257                 torture_assert_ntstatus_ok(tctx, r.out.result,
 258                         "lsa_AddAccountRights failed");
 259         }
 260
 261         test_lsa_Close(b, tctx, handle);
 262
 263         return true;
 264 }
 265
 266 static bool test_SetPrinter(struct torture_context *tctx,
 267                             struct dcerpc_binding_handle *b,
 268                             struct policy_handle *handle,
 269                             struct spoolss_SetPrinterInfoCtr *info_ctr,
 270                             struct spoolss_DevmodeContainer *devmode_ctr,
 271                             struct sec_desc_buf *secdesc_ctr,
 272                             enum spoolss_PrinterControl command)
 273 {
 274         struct spoolss_SetPrinter r;
 275
 276         r.in.handle = handle;
 277         r.in.info_ctr = info_ctr;
 278         r.in.devmode_ctr = devmode_ctr;
 279         r.in.secdesc_ctr = secdesc_ctr;
 280         r.in.command = command;
 281
 282         torture_comment(tctx, "Testing SetPrinter level %d\n", r.in.info_ctr->level);
 283
 284         torture_assert_ntstatus_ok(tctx, dcerpc_spoolss_SetPrinter_r(b, tctx, &r),
 285                 "failed to call SetPrinter");
 286         torture_assert_werr_ok(tctx, r.out.result,
 287                 "failed to call SetPrinter");
 288
 289         return true;
 290 }
 291
 292 static bool spoolss_access_setup_sd(struct torture_context *tctx,
 293                                     struct dcerpc_pipe *p,
 294                                     const char *printername,
 295                                     struct dom_sid *user_sid,
 296                                     struct security_descriptor **sd_orig)
 297 {
 298         struct dcerpc_binding_handle *b = p->binding_handle;
 299         struct policy_handle handle;
 300         union spoolss_PrinterInfo info;
 301         struct spoolss_SetPrinterInfoCtr info_ctr;
 302         struct spoolss_SetPrinterInfo3 info3;
 303         struct spoolss_DevmodeContainer devmode_ctr;
 304         struct sec_desc_buf secdesc_ctr;
 305         struct security_ace *ace;
 306         struct security_descriptor *sd;
 307
 308         torture_assert(tctx,
 309                 test_openprinter_handle(tctx, p, printername, "", SEC_FLAG_MAXIMUM_ALLOWED, &handle),
 310                 "failed to open printer");
 311
 312         torture_assert(tctx,
 313                 test_GetPrinter_level(tctx, b, &handle, 3, &info),
 314                 "failed to get sd");
 315
 316         sd = security_descriptor_copy(tctx, info.info3.secdesc);
 317         *sd_orig = security_descriptor_copy(tctx, info.info3.secdesc);
 318
 319         ace = talloc_zero(tctx, struct security_ace);
 320
 321         ace->type               = SEC_ACE_TYPE_ACCESS_ALLOWED;
 322         ace->flags              = 0;
 323         ace->access_mask        = PRINTER_ALL_ACCESS;
 324         ace->trustee            = *user_sid;
 325
 326         torture_assert_ntstatus_ok(tctx,
 327                 security_descriptor_dacl_add(sd, ace),
 328                 "failed to add new ace");
 329
 330         ace = talloc_zero(tctx, struct security_ace);
 331
 332         ace->type               = SEC_ACE_TYPE_ACCESS_ALLOWED;
 333         ace->flags              = SEC_ACE_FLAG_OBJECT_INHERIT |
 334                                   SEC_ACE_FLAG_CONTAINER_INHERIT |
 335                                   SEC_ACE_FLAG_INHERIT_ONLY;
 336         ace->access_mask        = SEC_GENERIC_ALL;
 337         ace->trustee            = *user_sid;
 338
 339         torture_assert_ntstatus_ok(tctx,
 340                 security_descriptor_dacl_add(sd, ace),
 341                 "failed to add new ace");
 342
 343         ZERO_STRUCT(info3);
 344         ZERO_STRUCT(info_ctr);
 345         ZERO_STRUCT(devmode_ctr);
 346         ZERO_STRUCT(secdesc_ctr);
 347
 348         info_ctr.level = 3;
 349         info_ctr.info.info3 = &info3;
 350         secdesc_ctr.sd = sd;
 351
 352         torture_assert(tctx,
 353                 test_SetPrinter(tctx, b, &handle, &info_ctr, &devmode_ctr, &secdesc_ctr, 0),
 354                 "failed to set sd");
 355
 356         return true;
 357 }
 358
 359 static bool test_EnumPrinters_findone(struct torture_context *tctx,
 360                                       struct dcerpc_pipe *p,
 361                                       const char **printername)
 362 {
 363         struct spoolss_EnumPrinters r;
 364         uint32_t count;
 365         union spoolss_PrinterInfo *info;
 366         uint32_t needed;
 367         int i;
 368         struct dcerpc_binding_handle *b = p->binding_handle;
 369
 370         *printername = NULL;
 371
 372         r.in.flags = PRINTER_ENUM_LOCAL;
 373         r.in.server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
 374         r.in.level = 1;
 375         r.in.buffer = NULL;
 376         r.in.offered = 0;
 377         r.out.count = &count;
 378         r.out.info = &info;
 379         r.out.needed = &needed;
 380
 381         torture_assert_ntstatus_ok(tctx,
 382                 dcerpc_spoolss_EnumPrinters_r(b, tctx, &r),
 383                 "failed to enum printers");
 384
 385         if (W_ERROR_EQUAL(r.out.result, WERR_INSUFFICIENT_BUFFER)) {
 386                 DATA_BLOB blob = data_blob_talloc_zero(tctx, needed);
 387                 r.in.buffer = &blob;
 388                 r.in.offered = needed;
 389
 390                 torture_assert_ntstatus_ok(tctx,
 391                         dcerpc_spoolss_EnumPrinters_r(b, tctx, &r),
 392                         "failed to enum printers");
 393         }
 394
 395         torture_assert_werr_ok(tctx, r.out.result,
 396                 "failed to enum printers");
 397
 398         for (i=0; i < count; i++) {
 399
 400                 *printername = talloc_strdup(tctx, info[i].info1.name);
 401
 402                 break;
 403         }
 404
 405         return true;
 406 }
 407
 408 static bool torture_rpc_spoolss_access_setup_common(struct torture_context *tctx, struct torture_access_context *t)
 409 {
 410         void *testuser;
 411         const char *testuser_passwd;
 412         struct cli_credentials *test_credentials;
 413         struct dom_sid *test_sid;
 414         struct dcerpc_pipe *p;
 415         const char *printername;
 416         const char *binding = torture_setting_string(tctx, "binding", NULL);
 417
 418         testuser = torture_create_testuser_max_pwlen(tctx, t->user.username,
 419                                                      torture_setting_string(tctx, "workgroup", NULL),
 420                                                      ACB_NORMAL,
 421                                                      &testuser_passwd,
 422                                                      32);
 423         if (!testuser) {
 424                 torture_fail(tctx, "Failed to create test user");
 425         }
 426
 427         test_credentials = cli_credentials_init(tctx);
 428         cli_credentials_set_workstation(test_credentials, "localhost", CRED_SPECIFIED);
 429         cli_credentials_set_domain(test_credentials, lp_workgroup(tctx->lp_ctx),
 430                                    CRED_SPECIFIED);
 431         cli_credentials_set_username(test_credentials, t->user.username, CRED_SPECIFIED);
 432         cli_credentials_set_password(test_credentials, testuser_passwd, CRED_SPECIFIED);
 433         test_sid = torture_join_user_sid(testuser);
 434
 435         if (t->user.num_builtin_memberships) {
 436                 struct dcerpc_pipe *samr_pipe = torture_join_samr_pipe(testuser);
 437
 438                 torture_assert(tctx,
 439                         spoolss_access_setup_membership(tctx, samr_pipe,
 440                                                         t->user.num_builtin_memberships,
 441                                                         t->user.builtin_memberships,
 442                                                         test_sid),
 443                         "failed to setup membership");
 444         }
 445
 446         if (t->user.num_privs) {
 447                 struct dcerpc_pipe *lsa_pipe;
 448
 449                 torture_assert_ntstatus_ok(tctx,
 450                         torture_rpc_connection(tctx, &lsa_pipe, &ndr_table_lsarpc),
 451                         "Error connecting to server");
 452
 453                 torture_assert(tctx,
 454                         spoolss_access_setup_privs(tctx, lsa_pipe,
 455                                                    t->user.num_privs,
 456                                                    t->user.privs,
 457                                                    test_sid,
 458                                                    &t->user.privs_present),
 459                         "failed to setup privs");
 460                 talloc_free(lsa_pipe);
 461         }
 462
 463         struct dcerpc_pipe *spoolss_pipe;
 464
 465         torture_assert_ntstatus_ok(tctx,
 466                 torture_rpc_connection(tctx, &spoolss_pipe, &ndr_table_spoolss),
 467                 "Error connecting to server");
 468
 469         torture_assert(tctx,
 470                 test_EnumPrinters_findone(tctx, spoolss_pipe, &printername),
 471                 "failed to enumerate printers");
 472
 473         if (t->user.sd) {
 474                 torture_assert(tctx,
 475                         spoolss_access_setup_sd(tctx, spoolss_pipe,
 476                                                 printername,
 477                                                 test_sid,
 478                                                 &t->sd_orig),
 479                         "failed to setup sd");
 480         }
 481
 482         talloc_free(spoolss_pipe);
 483
 484         torture_assert_ntstatus_ok(tctx,
 485                 dcerpc_pipe_connect(tctx, &p, binding, &ndr_table_spoolss,
 486                                     test_credentials, tctx->ev, tctx->lp_ctx),
 487                 "Error connecting to server");
 488
 489         t->spoolss_pipe = p;
 490         t->printername = printername;
 491         t->user.testuser = testuser;
 492
 493         return true;
 494 }
 495
 496 static bool torture_rpc_spoolss_access_setup(struct torture_context *tctx, void **data)
 497 {
 498         struct torture_access_context *t;
 499
 500         *data = t = talloc_zero(tctx, struct torture_access_context);
 501
 502         t->user.username = talloc_strdup(t, TORTURE_USER);
 503
 504         return torture_rpc_spoolss_access_setup_common(tctx, t);
 505 }
 506
 507 static bool torture_rpc_spoolss_access_admin_setup(struct torture_context *tctx, void **data)
 508 {
 509         struct torture_access_context *t;
 510
 511         *data = t = talloc_zero(tctx, struct torture_access_context);
 512
 513         t->user.num_builtin_memberships = 1;
 514         t->user.builtin_memberships = talloc_zero_array(t, uint32_t, t->user.num_builtin_memberships);
 515         t->user.builtin_memberships[0] = BUILTIN_RID_ADMINISTRATORS;
 516         t->user.username = talloc_strdup(t, TORTURE_USER_ADMINGROUP);
 517
 518         return torture_rpc_spoolss_access_setup_common(tctx, t);
 519 }
 520
 521 static bool torture_rpc_spoolss_access_printop_setup(struct torture_context *tctx, void **data)
 522 {
 523         struct torture_access_context *t;
 524
 525         *data = t = talloc_zero(tctx, struct torture_access_context);
 526
 527         t->user.num_builtin_memberships = 1;
 528         t->user.builtin_memberships = talloc_zero_array(t, uint32_t, t->user.num_builtin_memberships);
 529         t->user.builtin_memberships[0] = BUILTIN_RID_PRINT_OPERATORS;
 530         t->user.username = talloc_strdup(t, TORTURE_USER_PRINTOPGROUP);
 531
 532         return torture_rpc_spoolss_access_setup_common(tctx, t);
 533 }
 534
 535 static bool torture_rpc_spoolss_access_priv_setup(struct torture_context *tctx, void **data)
 536 {
 537         struct torture_access_context *t;
 538
 539         *data = t = talloc_zero(tctx, struct torture_access_context);
 540
 541         t->user.username = talloc_strdup(t, TORTURE_USER_PRINTOPPRIV);
 542         t->user.num_privs = 1;
 543         t->user.privs = talloc_zero_array(t, const char *, t->user.num_privs);
 544         t->user.privs[0] = talloc_strdup(t, "SePrintOperatorPrivilege");
 545
 546         return torture_rpc_spoolss_access_setup_common(tctx, t);
 547 }
 548
 549 static bool torture_rpc_spoolss_access_sd_setup(struct torture_context *tctx, void **data)
 550 {
 551         struct torture_access_context *t;
 552
 553         *data = t = talloc_zero(tctx, struct torture_access_context);
 554
 555         t->user.username = talloc_strdup(t, TORTURE_USER_SD);
 556         t->user.sd = true;
 557
 558         return torture_rpc_spoolss_access_setup_common(tctx, t);
 559 }
 560
 561 static bool torture_rpc_spoolss_access_teardown_common(struct torture_context *tctx, struct torture_access_context *t)
 562 {
 563         if (t->user.testuser) {
 564                 torture_leave_domain(tctx, t->user.testuser);
 565         }
 566
 567         /* remove membership ? */
 568         if (t->user.num_builtin_memberships) {
 569         }
 570
 571         /* remove privs ? */
 572         if (t->user.num_privs) {
 573         }
 574
 575         /* restore sd */
 576         if (t->user.sd) {
 577                 struct policy_handle handle;
 578                 struct spoolss_SetPrinterInfoCtr info_ctr;
 579                 struct spoolss_SetPrinterInfo3 info3;
 580                 struct spoolss_DevmodeContainer devmode_ctr;
 581                 struct sec_desc_buf secdesc_ctr;
 582                 struct dcerpc_pipe *spoolss_pipe;
 583                 struct dcerpc_binding_handle *b;
 584
 585                 torture_assert_ntstatus_ok(tctx,
 586                         torture_rpc_connection(tctx, &spoolss_pipe, &ndr_table_spoolss),
 587                         "Error connecting to server");
 588
 589                 b = spoolss_pipe->binding_handle;
 590
 591                 ZERO_STRUCT(info_ctr);
 592                 ZERO_STRUCT(info3);
 593                 ZERO_STRUCT(devmode_ctr);
 594                 ZERO_STRUCT(secdesc_ctr);
 595
 596                 info_ctr.level = 3;
 597                 info_ctr.info.info3 = &info3;
 598                 secdesc_ctr.sd = t->sd_orig;
 599
 600                 torture_assert(tctx,
 601                         test_openprinter_handle(tctx, spoolss_pipe, t->printername, "", SEC_FLAG_MAXIMUM_ALLOWED, &handle),
 602                         "failed to open printer");
 603
 604                 torture_assert(tctx,
 605                         test_SetPrinter(tctx, b, &handle, &info_ctr, &devmode_ctr, &secdesc_ctr, 0),
 606                         "failed to set sd");
 607
 608                 talloc_free(spoolss_pipe);
 609         }
 610
 611         return true;
 612 }
 613
 614 static bool torture_rpc_spoolss_access_teardown(struct torture_context *tctx, void *data)
 615 {
 616         struct torture_access_context *t = talloc_get_type(data, struct torture_access_context);
 617         bool ret;
 618
 619         ret = torture_rpc_spoolss_access_teardown_common(tctx, t);
 620         talloc_free(t);
 621
 622         return ret;
 623 }
 624
 625 static bool test_openprinter(struct torture_context *tctx,
 626                              void *private_data)
 627 {
 628         struct torture_access_context *t =
 629                 (struct torture_access_context *)talloc_get_type_abort(private_data, struct torture_access_context);
 630         struct dcerpc_pipe *p = t->spoolss_pipe;
 631         bool ret = true;
 632         const char *printername;
 633         const char *username = t->user.username;
 634
 635         printername = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
 636
 637         ret &= test_openprinter_access(tctx, p, printername, username, 0);
 638         ret &= test_openprinter_access(tctx, p, printername, username, SEC_FLAG_MAXIMUM_ALLOWED);
 639         ret &= test_openprinter_access(tctx, p, printername, username, SERVER_ACCESS_ENUMERATE);
 640         ret &= test_openprinter_access(tctx, p, printername, username, SERVER_READ);
 641
 642         if (t->printername == NULL) {
 643                 return ret;
 644         }
 645
 646         printername = t->printername;
 647
 648         ret &= test_openprinter_access(tctx, p, printername, username, 0);
 649         ret &= test_openprinter_access(tctx, p, printername, username, SEC_FLAG_MAXIMUM_ALLOWED);
 650         ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_ACCESS_USE);
 651         ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_READ);
 652
 653         return ret;
 654 }
 655
 656 static bool test_openprinter_admin(struct torture_context *tctx,
 657                                    void *private_data)
 658 {
 659         struct torture_access_context *t =
 660                 (struct torture_access_context *)talloc_get_type_abort(private_data, struct torture_access_context);
 661         struct dcerpc_pipe *p = t->spoolss_pipe;
 662         bool ret = true;
 663         const char *printername;
 664         const char *username = t->user.username;
 665
 666         if (t->user.num_privs && !t->user.privs_present) {
 667                 torture_skip(tctx, "skipping test as not all required privileges are present on the server\n");
 668         }
 669
 670         if (t->user.sd) {
 671                 goto try_printer;
 672         }
 673
 674         printername = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
 675
 676         ret &= test_openprinter_access(tctx, p, printername, username, 0);
 677         ret &= test_openprinter_access(tctx, p, printername, username, SEC_FLAG_MAXIMUM_ALLOWED);
 678         ret &= test_openprinter_access(tctx, p, printername, username, SERVER_ACCESS_ENUMERATE);
 679         ret &= test_openprinter_access(tctx, p, printername, username, SERVER_ACCESS_ADMINISTER);
 680         ret &= test_openprinter_access(tctx, p, printername, username, SERVER_READ);
 681         ret &= test_openprinter_access(tctx, p, printername, username, SERVER_WRITE);
 682         ret &= test_openprinter_access(tctx, p, printername, username, SERVER_EXECUTE);
 683         ret &= test_openprinter_access(tctx, p, printername, username, SERVER_ALL_ACCESS);
 684
 685  try_printer:
 686         if (t->printername == NULL) {
 687                 return ret;
 688         }
 689
 690         printername = t->printername;
 691
 692         ret &= test_openprinter_access(tctx, p, printername, username, 0);
 693         ret &= test_openprinter_access(tctx, p, printername, username, SEC_FLAG_MAXIMUM_ALLOWED);
 694         ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_ACCESS_USE);
 695         ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_ACCESS_ADMINISTER);
 696         ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_READ);
 697         ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_WRITE);
 698         ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_EXECUTE);
 699         ret &= test_openprinter_access(tctx, p, printername, username, PRINTER_ALL_ACCESS);
 700
 701         return ret;
 702 }
 703
 704 struct torture_suite *torture_rpc_spoolss_access(TALLOC_CTX *mem_ctx)
 705 {
 706         struct torture_suite *suite = torture_suite_create(mem_ctx, "SPOOLSS-ACCESS");
 707         struct torture_tcase *tcase;
 708
 709         tcase = torture_suite_add_tcase(suite, "normaluser");
 710
 711         torture_tcase_set_fixture(tcase,
 712                                   torture_rpc_spoolss_access_setup,
 713                                   torture_rpc_spoolss_access_teardown);
 714
 715         torture_tcase_add_simple_test(tcase, "openprinter", test_openprinter);
 716
 717         tcase = torture_suite_add_tcase(suite, "adminuser");
 718
 719         torture_tcase_set_fixture(tcase,
 720                                   torture_rpc_spoolss_access_admin_setup,
 721                                   torture_rpc_spoolss_access_teardown);
 722
 723         torture_tcase_add_simple_test(tcase, "openprinter", test_openprinter);
 724         torture_tcase_add_simple_test(tcase, "openprinter_admin", test_openprinter_admin);
 725
 726         tcase = torture_suite_add_tcase(suite, "printopuser");
 727
 728         torture_tcase_set_fixture(tcase,
 729                                   torture_rpc_spoolss_access_printop_setup,
 730                                   torture_rpc_spoolss_access_teardown);
 731
 732         torture_tcase_add_simple_test(tcase, "openprinter", test_openprinter);
 733         torture_tcase_add_simple_test(tcase, "openprinter_admin", test_openprinter_admin);
 734
 735         tcase = torture_suite_add_tcase(suite, "printopuserpriv");
 736
 737         torture_tcase_set_fixture(tcase,
 738                                   torture_rpc_spoolss_access_priv_setup,
 739                                   torture_rpc_spoolss_access_teardown);
 740
 741         torture_tcase_add_simple_test(tcase, "openprinter", test_openprinter);
 742         torture_tcase_add_simple_test(tcase, "openprinter_admin", test_openprinter_admin);
 743
 744         tcase = torture_suite_add_tcase(suite, "normaluser_sd");
 745
 746         torture_tcase_set_fixture(tcase,
 747                                   torture_rpc_spoolss_access_sd_setup,
 748                                   torture_rpc_spoolss_access_teardown);
 749
 750         torture_tcase_add_simple_test(tcase, "openprinter", test_openprinter);
 751         torture_tcase_add_simple_test(tcase, "openprinter_admin", test_openprinter_admin);
 752
 753         return suite;
 754 }