2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2003
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "libcli/libcli.h"
24 #include "torture/util.h"
25 #include "system/filesys.h"
26 #include "libcli/security/secace.h"
27 #include "torture/basic/proto.h"
29 extern int torture_failures;
31 #define CHECK_MAX_FAILURES(label) do { if (++failures >= torture_failures) goto label; } while (0)
34 static const uint32_t open_attrs_table[] = {
35 FILE_ATTRIBUTE_NORMAL,
36 FILE_ATTRIBUTE_ARCHIVE,
37 FILE_ATTRIBUTE_READONLY,
38 FILE_ATTRIBUTE_HIDDEN,
39 FILE_ATTRIBUTE_SYSTEM,
41 FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY,
42 FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN,
43 FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM,
44 FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN,
45 FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM,
46 FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM,
48 FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN,
49 FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM,
50 FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM,
51 FILE_ATTRIBUTE_HIDDEN,FILE_ATTRIBUTE_SYSTEM,
54 struct trunc_open_results {
61 static const struct trunc_open_results attr_results[] = {
62 { 0, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_ARCHIVE },
63 { 1, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_ARCHIVE },
64 { 2, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_READONLY, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY },
65 { 16, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_ARCHIVE },
66 { 17, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_ARCHIVE },
67 { 18, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_READONLY, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY },
68 { 51, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
69 { 54, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
70 { 56, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN },
71 { 68, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
72 { 71, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
73 { 73, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM },
74 { 99, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_HIDDEN,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
75 { 102, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
76 { 104, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN },
77 { 116, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
78 { 119, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
79 { 121, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM },
80 { 170, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN },
81 { 173, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM },
82 { 227, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
83 { 230, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
84 { 232, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN },
85 { 244, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
86 { 247, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
87 { 249, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM }
91 bool torture_openattrtest(struct torture_context *tctx,
92 struct smbcli_state *cli1)
94 const char *fname = "\\openattr.file";
97 unsigned int i, j, k, l;
100 for (k = 0, i = 0; i < sizeof(open_attrs_table)/sizeof(uint32_t); i++) {
101 smbcli_setatr(cli1->tree, fname, 0, 0);
102 smbcli_unlink(cli1->tree, fname);
103 fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0,
106 NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0);
108 torture_assert(tctx, fnum1 != -1, talloc_asprintf(tctx, "open %d (1) of %s failed (%s)", i,
109 fname, smbcli_errstr(cli1->tree)));
111 torture_assert_ntstatus_ok(tctx,
112 smbcli_close(cli1->tree, fnum1),
113 talloc_asprintf(tctx, "close %d (1) of %s failed (%s)", i, fname,
114 smbcli_errstr(cli1->tree)));
116 for (j = 0; j < ARRAY_SIZE(open_attrs_table); j++) {
117 fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0,
121 NTCREATEX_SHARE_ACCESS_NONE,
122 NTCREATEX_DISP_OVERWRITE, 0, 0);
125 for (l = 0; l < ARRAY_SIZE(attr_results); l++) {
126 if (attr_results[l].num == k) {
127 torture_result(tctx, TORTURE_FAIL,
128 "[%d] trunc open 0x%x -> 0x%x of %s failed - should have succeeded !(%s)",
129 k, open_attrs_table[i],
131 fname, smbcli_errstr(cli1->tree));
132 CHECK_MAX_FAILURES(error_exit);
135 torture_assert_ntstatus_equal(tctx,
136 smbcli_nt_error(cli1->tree), NT_STATUS_ACCESS_DENIED,
137 talloc_asprintf(tctx, "[%d] trunc open 0x%x -> 0x%x failed with wrong error code %s",
138 k, open_attrs_table[i], open_attrs_table[j],
139 smbcli_errstr(cli1->tree)));
140 CHECK_MAX_FAILURES(error_exit);
142 torture_comment(tctx, "[%d] trunc open 0x%x -> 0x%x failed\n", k, open_attrs_table[i], open_attrs_table[j]);
148 torture_assert_ntstatus_ok(tctx,
149 smbcli_close(cli1->tree, fnum1),
150 talloc_asprintf(tctx, "close %d (2) of %s failed (%s)", j,
151 fname, smbcli_errstr(cli1->tree)));
153 torture_assert_ntstatus_ok(tctx,
154 smbcli_getatr(cli1->tree, fname, &attr, NULL, NULL),
155 talloc_asprintf(tctx, "getatr(2) failed (%s)", smbcli_errstr(cli1->tree)));
158 torture_comment(tctx, "[%d] getatr check [0x%x] trunc [0x%x] got attr 0x%x\n",
159 k, open_attrs_table[i], open_attrs_table[j], attr );
162 for (l = 0; l < ARRAY_SIZE(attr_results); l++) {
163 if (attr_results[l].num == k) {
164 if (attr != attr_results[l].result_attr ||
165 open_attrs_table[i] != attr_results[l].init_attr ||
166 open_attrs_table[j] != attr_results[l].trunc_attr) {
167 torture_result(tctx, TORTURE_FAIL,
168 "[%d] getatr check failed. [0x%x] trunc [0x%x] got attr 0x%x, should be 0x%x",
169 k, open_attrs_table[i],
172 attr_results[l].result_attr);
173 CHECK_MAX_FAILURES(error_exit);
182 smbcli_setatr(cli1->tree, fname, 0, 0);
183 smbcli_unlink(cli1->tree, fname);
188 bool torture_winattrtest(struct torture_context *tctx,
189 struct smbcli_state *cli1)
191 const char *fname = "\\winattr1.file";
192 const char *dname = "\\winattr1.dir";
198 union smb_fileinfo query, query_org;
200 struct security_descriptor *sd1, *sd2;
203 /* Test winattrs for file */
204 smbcli_unlink(cli1->tree, fname);
207 fnum1 = smbcli_open(cli1->tree, fname, O_RDWR | O_CREAT | O_TRUNC,
209 torture_assert(tctx, fnum1 != -1,
210 talloc_asprintf(tctx, "open(1) of %s failed (%s)\n",
211 fname, smbcli_errstr(cli1->tree)));
214 /* Get security descriptor and store it*/
215 query_org.generic.level = RAW_FILEINFO_SEC_DESC;
216 query_org.generic.in.file.fnum = fnum1;
217 status = smb_raw_fileinfo(cli1->tree, tctx, &query_org);
218 if(!NT_STATUS_IS_OK(status)){
219 torture_comment(tctx, "smb_raw_fileinfo(1) of %s failed (%s)\n",
220 fname, nt_errstr(status));
221 torture_assert_ntstatus_ok(tctx,
222 smbcli_close(cli1->tree, fnum1),
223 talloc_asprintf(tctx,
224 "close(1) of %s failed (%s)\n",
225 fname, smbcli_errstr(cli1->tree)));
226 CHECK_MAX_FAILURES(error_exit_file);
228 sd1 = query_org.query_secdesc.out.sd;
230 torture_assert_ntstatus_ok(tctx, smbcli_close(cli1->tree, fnum1),
231 talloc_asprintf(tctx, "close(1) of %s failed (%s)\n",
232 fname, smbcli_errstr(cli1->tree)));
234 /*Set and get attributes*/
235 for (j = 0; j < ARRAY_SIZE(open_attrs_table); j++) {
236 torture_assert_ntstatus_ok(tctx,
237 smbcli_setatr(cli1->tree, fname, open_attrs_table[j],0),
238 talloc_asprintf(tctx, "setatr(2) failed (%s)",
239 smbcli_errstr(cli1->tree)));
241 torture_assert_ntstatus_ok(tctx,
242 smbcli_getatr(cli1->tree, fname, &attr, NULL, NULL),
243 talloc_asprintf(tctx, "getatr(2) failed (%s)",
244 smbcli_errstr(cli1->tree)));
246 /* Check the result */
247 if((j == 0)&&(attr != FILE_ATTRIBUTE_ARCHIVE)){
248 torture_comment(tctx, "getatr check failed. \
249 Attr applied [0x%x], got attr [0x%x], \
252 (uint16_t)attr,open_attrs_table[j +1]);
253 CHECK_MAX_FAILURES(error_exit_file);
256 if((j != 0) &&(attr != open_attrs_table[j])){
257 torture_comment(tctx, "getatr check failed. \
258 Attr applied [0x%x],got attr 0x%x, \
260 open_attrs_table[j], (uint16_t)attr,
261 open_attrs_table[j]);
262 CHECK_MAX_FAILURES(error_exit_file);
267 fnum1 = smbcli_open(cli1->tree, fname, O_RDONLY | O_CREAT,
269 torture_assert(tctx, fnum1 != -1,
270 talloc_asprintf(tctx, "open(2) of %s failed (%s)\n",
271 fname, smbcli_errstr(cli1->tree)));
272 /*Get security descriptor */
273 query.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
274 query.query_secdesc.in.file.fnum = fnum1;
275 status = smb_raw_fileinfo(cli1->tree, tctx, &query);
276 if(!NT_STATUS_IS_OK(status)){
277 torture_comment(tctx,
278 "smb_raw_fileinfo(2) of %s failed (%s)\n",
279 fname, nt_errstr(status));
280 torture_assert_ntstatus_ok(tctx,
281 smbcli_close(cli1->tree, fnum1),
282 talloc_asprintf(tctx,
283 "close(2) of %s failed (%s)\n",
284 fname, smbcli_errstr(cli1->tree)));
285 CHECK_MAX_FAILURES(error_exit_file);
287 sd2 = query.query_secdesc.out.sd;
289 torture_assert_ntstatus_ok(tctx,smbcli_close(cli1->tree,fnum1),
290 talloc_asprintf(tctx, "close(2) of %s failed (%s)\n",
291 fname, smbcli_errstr(cli1->tree)));
293 /*Compare security descriptors -- Must be same*/
294 for (aceno=0;(sd1->dacl&&aceno < sd1->dacl->num_aces);aceno++){
295 struct security_ace *ace1 = &sd1->dacl->aces[aceno];
296 struct security_ace *ace2 = &sd2->dacl->aces[aceno];
298 if(!sec_ace_equal(ace1,ace2)){
299 torture_comment(tctx,
300 "ACLs changed! Not expected!\n");
301 CHECK_MAX_FAILURES(error_exit_file);
305 torture_comment(tctx, "[%d] setattr = [0x%x] got attr 0x%x\n",
306 j, open_attrs_table[j], attr );
311 smbcli_setatr(cli1->tree, fname, 0, 0);
312 smbcli_unlink(cli1->tree, fname);
314 /* Check for Directory. */
316 smbcli_deltree(cli1->tree, dname);
317 smbcli_rmdir(cli1->tree,dname);
319 /* Open a directory */
320 fnum1 = smbcli_nt_create_full(cli1->tree, dname, 0,
322 FILE_ATTRIBUTE_DIRECTORY,
323 NTCREATEX_SHARE_ACCESS_NONE,
324 NTCREATEX_DISP_OPEN_IF,
325 NTCREATEX_OPTIONS_DIRECTORY, 0);
326 /*smbcli_mkdir(cli1->tree,dname);*/
328 torture_assert(tctx, fnum1 != -1, talloc_asprintf(tctx,
329 "open (1) of %s failed (%s)",
330 dname, smbcli_errstr(cli1->tree)));
333 /* Get Security Descriptor */
334 query_org.generic.level = RAW_FILEINFO_SEC_DESC;
335 query_org.generic.in.file.fnum = fnum1;
336 status = smb_raw_fileinfo(cli1->tree, tctx, &query_org);
337 if(!NT_STATUS_IS_OK(status)){
338 torture_comment(tctx, "smb_raw_fileinfo(1) of %s failed (%s)\n",
339 dname, nt_errstr(status));
340 torture_assert_ntstatus_ok(tctx,
341 smbcli_close(cli1->tree, fnum1),
342 talloc_asprintf(tctx,
343 "close(1) of %s failed (%s)\n",
344 dname, smbcli_errstr(cli1->tree)));
345 CHECK_MAX_FAILURES(error_exit_dir);
347 sd1 = query_org.query_secdesc.out.sd;
349 torture_assert_ntstatus_ok(tctx,
350 smbcli_close(cli1->tree, fnum1),
351 talloc_asprintf(tctx,
352 "close (1) of %s failed (%s)", dname,
353 smbcli_errstr(cli1->tree)));
355 /* Set and get win attributes*/
356 for (j = 1; j < ARRAY_SIZE(open_attrs_table); j++) {
358 torture_assert_ntstatus_ok(tctx,
359 smbcli_setatr(cli1->tree, dname, open_attrs_table[j], 0),
360 talloc_asprintf(tctx, "setatr(2) failed (%s)",
361 smbcli_errstr(cli1->tree)));
363 torture_assert_ntstatus_ok(tctx,
364 smbcli_getatr(cli1->tree, dname, &attr, NULL, NULL),
365 talloc_asprintf(tctx, "getatr(2) failed (%s)",
366 smbcli_errstr(cli1->tree)));
368 torture_comment(tctx, "[%d] setatt = [0x%x] got attr 0x%x\n",
369 j, open_attrs_table[j], attr );
371 /* Check the result */
372 if(attr != (open_attrs_table[j]|FILE_ATTRIBUTE_DIRECTORY)){
373 torture_comment(tctx, "getatr check failed. set attr \
374 [0x%x], got attr 0x%x, should be 0x%x\n",
377 (int)open_attrs_table[j]|FILE_ATTRIBUTE_DIRECTORY);
378 CHECK_MAX_FAILURES(error_exit_dir);
381 fnum1 = smbcli_nt_create_full(cli1->tree, dname, 0,
383 FILE_ATTRIBUTE_DIRECTORY,
384 NTCREATEX_SHARE_ACCESS_NONE,
388 torture_assert(tctx, fnum1 != -1, talloc_asprintf(tctx,
389 "open (2) of %s failed (%s)",
390 dname, smbcli_errstr(cli1->tree)));
391 /* Get security descriptor */
392 query.generic.level = RAW_FILEINFO_SEC_DESC;
393 query.generic.in.file.fnum = fnum1;
394 status = smb_raw_fileinfo(cli1->tree, tctx, &query);
395 if(!NT_STATUS_IS_OK(status)){
396 torture_comment(tctx, "smb_raw_fileinfo(2) of %s failed\
397 (%s)\n", dname, nt_errstr(status));
398 torture_assert_ntstatus_ok(tctx,
399 smbcli_close(cli1->tree, fnum1),
400 talloc_asprintf(tctx,
401 "close (2) of %s failed (%s)", dname,
402 smbcli_errstr(cli1->tree)));
403 CHECK_MAX_FAILURES(error_exit_dir);
405 sd2 = query.query_secdesc.out.sd;
406 torture_assert_ntstatus_ok(tctx,
407 smbcli_close(cli1->tree, fnum1),
408 talloc_asprintf(tctx,
409 "close (2) of %s failed (%s)", dname,
410 smbcli_errstr(cli1->tree)));
412 /* Security descriptor must be same*/
413 for (aceno=0;(sd1->dacl&&aceno < sd1->dacl->num_aces);aceno++){
414 struct security_ace *ace1 = &sd1->dacl->aces[aceno];
415 struct security_ace *ace2 = &sd2->dacl->aces[aceno];
417 if(!sec_ace_equal(ace1,ace2)){
418 torture_comment(tctx,
419 "ACLs changed! Not expected!\n");
420 CHECK_MAX_FAILURES(error_exit_dir);
426 smbcli_deltree(cli1->tree, dname);
427 smbcli_rmdir(cli1->tree,dname);
git.samba.org / samba.git / blob