2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2003
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "libcli/libcli.h"
24 #include "torture/util.h"
25 #include "system/filesys.h"
26 #include "libcli/security/security_descriptor.h"
27 #include "torture/basic/proto.h"
29 extern int torture_failures;
31 #define CHECK_MAX_FAILURES(label) do { if (++failures >= torture_failures) goto label; } while (0)
34 static const uint32_t open_attrs_table[] = {
35 FILE_ATTRIBUTE_NORMAL,
36 FILE_ATTRIBUTE_ARCHIVE,
37 FILE_ATTRIBUTE_READONLY,
38 FILE_ATTRIBUTE_HIDDEN,
39 FILE_ATTRIBUTE_SYSTEM,
41 FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY,
42 FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN,
43 FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM,
44 FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN,
45 FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM,
46 FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM,
48 FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN,
49 FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM,
50 FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM,
51 FILE_ATTRIBUTE_HIDDEN,FILE_ATTRIBUTE_SYSTEM,
54 struct trunc_open_results {
61 static const struct trunc_open_results attr_results[] = {
62 { 0, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_ARCHIVE },
63 { 1, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_ARCHIVE },
64 { 2, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_READONLY, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY },
65 { 16, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_ARCHIVE },
66 { 17, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_ARCHIVE },
67 { 18, FILE_ATTRIBUTE_ARCHIVE, FILE_ATTRIBUTE_READONLY, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY },
68 { 51, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
69 { 54, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
70 { 56, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN },
71 { 68, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
72 { 71, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
73 { 73, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM },
74 { 99, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_HIDDEN,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
75 { 102, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
76 { 104, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN },
77 { 116, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
78 { 119, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
79 { 121, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM },
80 { 170, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN },
81 { 173, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM },
82 { 227, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
83 { 230, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN },
84 { 232, FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN },
85 { 244, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
86 { 247, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_SYSTEM },
87 { 249, FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM, FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_SYSTEM }
91 bool torture_openattrtest(struct torture_context *tctx,
92 struct smbcli_state *cli1)
94 const char *fname = "\\openattr.file";
97 unsigned int i, j, k, l;
100 for (k = 0, i = 0; i < sizeof(open_attrs_table)/sizeof(uint32_t); i++) {
101 smbcli_setatr(cli1->tree, fname, 0, 0);
102 smbcli_unlink(cli1->tree, fname);
103 fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0,
106 NTCREATEX_SHARE_ACCESS_NONE, NTCREATEX_DISP_OVERWRITE_IF, 0, 0);
108 torture_assert(tctx, fnum1 != -1, talloc_asprintf(tctx, "open %d (1) of %s failed (%s)", i,
109 fname, smbcli_errstr(cli1->tree)));
111 torture_assert_ntstatus_ok(tctx,
112 smbcli_close(cli1->tree, fnum1),
113 talloc_asprintf(tctx, "close %d (1) of %s failed (%s)", i, fname,
114 smbcli_errstr(cli1->tree)));
116 for (j = 0; j < ARRAY_SIZE(open_attrs_table); j++) {
117 fnum1 = smbcli_nt_create_full(cli1->tree, fname, 0,
121 NTCREATEX_SHARE_ACCESS_NONE,
122 NTCREATEX_DISP_OVERWRITE, 0, 0);
125 for (l = 0; l < ARRAY_SIZE(attr_results); l++) {
126 if (attr_results[l].num == k) {
127 torture_result(tctx, TORTURE_FAIL,
128 "[%d] trunc open 0x%x -> 0x%x of %s failed - should have succeeded !(%s)",
129 k, open_attrs_table[i],
131 fname, smbcli_errstr(cli1->tree));
132 CHECK_MAX_FAILURES(error_exit);
135 torture_assert_ntstatus_equal(tctx,
136 smbcli_nt_error(cli1->tree), NT_STATUS_ACCESS_DENIED,
137 talloc_asprintf(tctx, "[%d] trunc open 0x%x -> 0x%x failed with wrong error code %s",
138 k, open_attrs_table[i], open_attrs_table[j],
139 smbcli_errstr(cli1->tree)));
140 CHECK_MAX_FAILURES(error_exit);
142 torture_comment(tctx, "[%d] trunc open 0x%x -> 0x%x failed\n", k, open_attrs_table[i], open_attrs_table[j]);
148 torture_assert_ntstatus_ok(tctx,
149 smbcli_close(cli1->tree, fnum1),
150 talloc_asprintf(tctx, "close %d (2) of %s failed (%s)", j,
151 fname, smbcli_errstr(cli1->tree)));
153 torture_assert_ntstatus_ok(tctx,
154 smbcli_getatr(cli1->tree, fname, &attr, NULL, NULL),
155 talloc_asprintf(tctx, "getatr(2) failed (%s)", smbcli_errstr(cli1->tree)));
158 torture_comment(tctx, "[%d] getatr check [0x%x] trunc [0x%x] got attr 0x%x\n",
159 k, open_attrs_table[i], open_attrs_table[j], attr );
162 for (l = 0; l < ARRAY_SIZE(attr_results); l++) {
163 if (attr_results[l].num == k) {
164 if (attr != attr_results[l].result_attr ||
165 open_attrs_table[i] != attr_results[l].init_attr ||
166 open_attrs_table[j] != attr_results[l].trunc_attr) {
167 torture_result(tctx, TORTURE_FAIL,
168 "[%d] getatr check failed. [0x%x] trunc [0x%x] got attr 0x%x, should be 0x%x",
169 k, open_attrs_table[i],
172 attr_results[l].result_attr);
173 CHECK_MAX_FAILURES(error_exit);
182 smbcli_setatr(cli1->tree, fname, 0, 0);
183 smbcli_unlink(cli1->tree, fname);
188 bool torture_winattrtest(struct torture_context *tctx,
189 struct smbcli_state *cli1)
191 const char *fname = "\\winattr1.file";
192 const char *dname = "\\winattr1.dir";
198 union smb_fileinfo query, query_org;
200 struct security_descriptor *sd1, *sd2;
202 ZERO_STRUCT(query_org);
204 /* Test winattrs for file */
205 smbcli_unlink(cli1->tree, fname);
208 fnum1 = smbcli_open(cli1->tree, fname, O_RDWR | O_CREAT | O_TRUNC,
210 torture_assert(tctx, fnum1 != -1,
211 talloc_asprintf(tctx, "open(1) of %s failed (%s)\n",
212 fname, smbcli_errstr(cli1->tree)));
215 /* Get security descriptor and store it*/
216 query_org.generic.level = RAW_FILEINFO_SEC_DESC;
217 query_org.generic.in.file.fnum = fnum1;
218 status = smb_raw_fileinfo(cli1->tree, tctx, &query_org);
219 if(!NT_STATUS_IS_OK(status)){
220 torture_comment(tctx, "smb_raw_fileinfo(1) of %s failed (%s)\n",
221 fname, nt_errstr(status));
222 torture_assert_ntstatus_ok(tctx,
223 smbcli_close(cli1->tree, fnum1),
224 talloc_asprintf(tctx,
225 "close(1) of %s failed (%s)\n",
226 fname, smbcli_errstr(cli1->tree)));
227 CHECK_MAX_FAILURES(error_exit_file);
229 sd1 = query_org.query_secdesc.out.sd;
231 torture_assert_ntstatus_ok(tctx, smbcli_close(cli1->tree, fnum1),
232 talloc_asprintf(tctx, "close(1) of %s failed (%s)\n",
233 fname, smbcli_errstr(cli1->tree)));
235 /*Set and get attributes*/
236 for (j = 0; j < ARRAY_SIZE(open_attrs_table); j++) {
237 torture_assert_ntstatus_ok(tctx,
238 smbcli_setatr(cli1->tree, fname, open_attrs_table[j],0),
239 talloc_asprintf(tctx, "setatr(2) failed (%s)",
240 smbcli_errstr(cli1->tree)));
242 torture_assert_ntstatus_ok(tctx,
243 smbcli_getatr(cli1->tree, fname, &attr, NULL, NULL),
244 talloc_asprintf(tctx, "getatr(2) failed (%s)",
245 smbcli_errstr(cli1->tree)));
247 /* Check the result */
248 if((j == 0)&&(attr != FILE_ATTRIBUTE_ARCHIVE)){
249 torture_comment(tctx, "getatr check failed. \
250 Attr applied [0x%x], got attr [0x%x], \
253 (uint16_t)attr,open_attrs_table[j +1]);
254 CHECK_MAX_FAILURES(error_exit_file);
257 if((j != 0) &&(attr != open_attrs_table[j])){
258 torture_comment(tctx, "getatr check failed. \
259 Attr applied [0x%x],got attr 0x%x, \
261 open_attrs_table[j], (uint16_t)attr,
262 open_attrs_table[j]);
263 CHECK_MAX_FAILURES(error_exit_file);
268 fnum1 = smbcli_open(cli1->tree, fname, O_RDONLY | O_CREAT,
270 torture_assert(tctx, fnum1 != -1,
271 talloc_asprintf(tctx, "open(2) of %s failed (%s)\n",
272 fname, smbcli_errstr(cli1->tree)));
273 /*Get security descriptor */
274 query.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
275 query.query_secdesc.in.file.fnum = fnum1;
276 status = smb_raw_fileinfo(cli1->tree, tctx, &query);
277 if(!NT_STATUS_IS_OK(status)){
278 torture_comment(tctx,
279 "smb_raw_fileinfo(2) of %s failed (%s)\n",
280 fname, nt_errstr(status));
281 torture_assert_ntstatus_ok(tctx,
282 smbcli_close(cli1->tree, fnum1),
283 talloc_asprintf(tctx,
284 "close(2) of %s failed (%s)\n",
285 fname, smbcli_errstr(cli1->tree)));
286 CHECK_MAX_FAILURES(error_exit_file);
288 sd2 = query.query_secdesc.out.sd;
290 torture_assert_ntstatus_ok(tctx,smbcli_close(cli1->tree,fnum1),
291 talloc_asprintf(tctx, "close(2) of %s failed (%s)\n",
292 fname, smbcli_errstr(cli1->tree)));
294 /*Compare security descriptors -- Must be same*/
295 for (aceno=0;(sd1->dacl&&aceno < sd1->dacl->num_aces);aceno++){
296 struct security_ace *ace1 = &sd1->dacl->aces[aceno];
297 struct security_ace *ace2 = &sd2->dacl->aces[aceno];
299 if (!security_ace_equal(ace1, ace2)) {
300 torture_comment(tctx,
301 "ACLs changed! Not expected!\n");
302 CHECK_MAX_FAILURES(error_exit_file);
306 torture_comment(tctx, "[%d] setattr = [0x%x] got attr 0x%x\n",
307 j, open_attrs_table[j], attr );
312 smbcli_setatr(cli1->tree, fname, 0, 0);
313 smbcli_unlink(cli1->tree, fname);
315 /* Check for Directory. */
317 smbcli_deltree(cli1->tree, dname);
318 smbcli_rmdir(cli1->tree,dname);
320 /* Open a directory */
321 fnum1 = smbcli_nt_create_full(cli1->tree, dname, 0,
323 FILE_ATTRIBUTE_DIRECTORY,
324 NTCREATEX_SHARE_ACCESS_NONE,
325 NTCREATEX_DISP_OPEN_IF,
326 NTCREATEX_OPTIONS_DIRECTORY, 0);
327 /*smbcli_mkdir(cli1->tree,dname);*/
329 torture_assert(tctx, fnum1 != -1, talloc_asprintf(tctx,
330 "open (1) of %s failed (%s)",
331 dname, smbcli_errstr(cli1->tree)));
334 /* Get Security Descriptor */
335 query_org.generic.level = RAW_FILEINFO_SEC_DESC;
336 query_org.generic.in.file.fnum = fnum1;
337 status = smb_raw_fileinfo(cli1->tree, tctx, &query_org);
338 if(!NT_STATUS_IS_OK(status)){
339 torture_comment(tctx, "smb_raw_fileinfo(1) of %s failed (%s)\n",
340 dname, nt_errstr(status));
341 torture_assert_ntstatus_ok(tctx,
342 smbcli_close(cli1->tree, fnum1),
343 talloc_asprintf(tctx,
344 "close(1) of %s failed (%s)\n",
345 dname, smbcli_errstr(cli1->tree)));
346 CHECK_MAX_FAILURES(error_exit_dir);
348 sd1 = query_org.query_secdesc.out.sd;
350 torture_assert_ntstatus_ok(tctx,
351 smbcli_close(cli1->tree, fnum1),
352 talloc_asprintf(tctx,
353 "close (1) of %s failed (%s)", dname,
354 smbcli_errstr(cli1->tree)));
356 /* Set and get win attributes*/
357 for (j = 1; j < ARRAY_SIZE(open_attrs_table); j++) {
359 torture_assert_ntstatus_ok(tctx,
360 smbcli_setatr(cli1->tree, dname, open_attrs_table[j], 0),
361 talloc_asprintf(tctx, "setatr(2) failed (%s)",
362 smbcli_errstr(cli1->tree)));
364 torture_assert_ntstatus_ok(tctx,
365 smbcli_getatr(cli1->tree, dname, &attr, NULL, NULL),
366 talloc_asprintf(tctx, "getatr(2) failed (%s)",
367 smbcli_errstr(cli1->tree)));
369 torture_comment(tctx, "[%d] setatt = [0x%x] got attr 0x%x\n",
370 j, open_attrs_table[j], attr );
372 /* Check the result */
373 if(attr != (open_attrs_table[j]|FILE_ATTRIBUTE_DIRECTORY)){
374 torture_comment(tctx, "getatr check failed. set attr \
375 [0x%x], got attr 0x%x, should be 0x%x\n",
378 (unsigned int)(open_attrs_table[j]|FILE_ATTRIBUTE_DIRECTORY));
379 CHECK_MAX_FAILURES(error_exit_dir);
382 fnum1 = smbcli_nt_create_full(cli1->tree, dname, 0,
384 FILE_ATTRIBUTE_DIRECTORY,
385 NTCREATEX_SHARE_ACCESS_NONE,
389 torture_assert(tctx, fnum1 != -1, talloc_asprintf(tctx,
390 "open (2) of %s failed (%s)",
391 dname, smbcli_errstr(cli1->tree)));
392 /* Get security descriptor */
393 query.generic.level = RAW_FILEINFO_SEC_DESC;
394 query.generic.in.file.fnum = fnum1;
395 status = smb_raw_fileinfo(cli1->tree, tctx, &query);
396 if(!NT_STATUS_IS_OK(status)){
397 torture_comment(tctx, "smb_raw_fileinfo(2) of %s failed\
398 (%s)\n", dname, nt_errstr(status));
399 torture_assert_ntstatus_ok(tctx,
400 smbcli_close(cli1->tree, fnum1),
401 talloc_asprintf(tctx,
402 "close (2) of %s failed (%s)", dname,
403 smbcli_errstr(cli1->tree)));
404 CHECK_MAX_FAILURES(error_exit_dir);
406 sd2 = query.query_secdesc.out.sd;
407 torture_assert_ntstatus_ok(tctx,
408 smbcli_close(cli1->tree, fnum1),
409 talloc_asprintf(tctx,
410 "close (2) of %s failed (%s)", dname,
411 smbcli_errstr(cli1->tree)));
413 /* Security descriptor must be same*/
414 for (aceno=0;(sd1->dacl&&aceno < sd1->dacl->num_aces);aceno++){
415 struct security_ace *ace1 = &sd1->dacl->aces[aceno];
416 struct security_ace *ace2 = &sd2->dacl->aces[aceno];
418 if (!security_ace_equal(ace1, ace2)) {
419 torture_comment(tctx,
420 "ACLs changed! Not expected!\n");
421 CHECK_MAX_FAILURES(error_exit_dir);
427 smbcli_deltree(cli1->tree, dname);
428 smbcli_rmdir(cli1->tree,dname);