2 Unix SMB/CIFS implementation.
3 test suite for winreg rpc operations
5 Copyright (C) Tim Potter 2003
6 Copyright (C) Jelmer Vernooij 2004
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "torture/torture.h"
25 #include "librpc/gen_ndr/ndr_winreg_c.h"
26 #include "librpc/gen_ndr/ndr_security.h"
27 #include "libcli/security/proto.h"
28 #include "torture/rpc/rpc.h"
30 #define TEST_KEY_BASE "smbtorture test"
31 #define TEST_KEY1 TEST_KEY_BASE "\\spottyfoot"
32 #define TEST_KEY2 TEST_KEY_BASE "\\with a SD (#1)"
34 static void init_initshutdown_String(TALLOC_CTX *mem_ctx, struct initshutdown_String *name, const char *s)
36 name->name = talloc(mem_ctx, struct initshutdown_String_sub);
40 static void init_winreg_String(struct winreg_String *name, const char *s)
44 name->name_len = 2 * (strlen_m(s) + 1);
45 name->name_size = name->name_len;
52 static BOOL test_GetVersion(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
53 struct policy_handle *handle)
56 struct winreg_GetVersion r;
58 printf("\ntesting GetVersion\n");
62 status = dcerpc_winreg_GetVersion(p, mem_ctx, &r);
64 if (!NT_STATUS_IS_OK(status)) {
65 printf("GetVersion failed - %s\n", nt_errstr(status));
69 if (!W_ERROR_IS_OK(r.out.result)) {
70 printf("GetVersion failed - %s\n", win_errstr(r.out.result));
77 static BOOL test_NotifyChangeKeyValue(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
78 struct policy_handle *handle)
80 struct winreg_NotifyChangeKeyValue r;
83 printf("\ntesting NotifyChangeKeyValue\n");
86 r.in.watch_subtree = 1;
87 r.in.notify_filter = 0;
88 r.in.unknown = r.in.unknown2 = 0;
89 init_winreg_String(&r.in.string1, NULL);
90 init_winreg_String(&r.in.string2, NULL);
92 status = dcerpc_winreg_NotifyChangeKeyValue(p, mem_ctx, &r);
94 if (!NT_STATUS_IS_OK(status)) {
95 printf("NotifyChangeKeyValue failed - %s\n", nt_errstr(status));
99 if (!W_ERROR_IS_OK(r.out.result)) {
100 printf("NotifyChangeKeyValue failed - %s - not considering\n", win_errstr(r.out.result));
107 static BOOL test_CreateKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
108 struct policy_handle *handle, const char *name,
111 struct winreg_CreateKey r;
112 struct policy_handle newhandle;
114 uint32_t action_taken = 0;
116 printf("\ntesting CreateKey\n");
118 r.in.handle = handle;
119 r.out.new_handle = &newhandle;
120 init_winreg_String(&r.in.name, name);
121 init_winreg_String(&r.in.class, class);
123 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
124 r.in.action_taken = r.out.action_taken = &action_taken;
127 status = dcerpc_winreg_CreateKey(p, mem_ctx, &r);
129 if (!NT_STATUS_IS_OK(status)) {
130 printf("CreateKey failed - %s\n", nt_errstr(status));
134 if (!W_ERROR_IS_OK(r.out.result)) {
135 printf("CreateKey failed - %s\n", win_errstr(r.out.result));
144 createkey testing with a SD
146 static BOOL test_CreateKey_sd(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
147 struct policy_handle *handle, const char *name,
148 const char *class, struct policy_handle *newhandle)
150 struct winreg_CreateKey r;
152 uint32_t action_taken = 0;
153 struct security_descriptor *sd;
155 struct winreg_SecBuf secbuf;
157 sd = security_descriptor_create(mem_ctx,
159 SID_NT_AUTHENTICATED_USERS,
160 SEC_ACE_TYPE_ACCESS_ALLOWED,
162 SEC_ACE_FLAG_OBJECT_INHERIT,
165 status = ndr_push_struct_blob(&sdblob, mem_ctx, sd,
166 (ndr_push_flags_fn_t)ndr_push_security_descriptor);
167 if (!NT_STATUS_IS_OK(status)) {
168 printf("Failed to push security_descriptor ?!\n");
172 secbuf.sd.data = sdblob.data;
173 secbuf.sd.len = sdblob.length;
174 secbuf.sd.size = sdblob.length;
175 secbuf.length = sdblob.length-10;
178 printf("\ntesting CreateKey with sd\n");
180 r.in.handle = handle;
181 r.out.new_handle = newhandle;
182 init_winreg_String(&r.in.name, name);
183 init_winreg_String(&r.in.class, class);
185 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
186 r.in.action_taken = r.out.action_taken = &action_taken;
187 r.in.secdesc = &secbuf;
189 status = dcerpc_winreg_CreateKey(p, mem_ctx, &r);
191 if (!NT_STATUS_IS_OK(status)) {
192 printf("CreateKey with sd failed - %s\n", nt_errstr(status));
196 if (!W_ERROR_IS_OK(r.out.result)) {
197 printf("CreateKey with sd failed - %s\n", win_errstr(r.out.result));
204 static BOOL test_GetKeySecurity(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
205 struct policy_handle *handle)
208 struct winreg_GetKeySecurity r;
209 struct security_descriptor sd;
212 printf("\ntesting GetKeySecurity\n");
216 r.in.handle = handle;
217 r.in.sd = r.out.sd = talloc_zero(mem_ctx, struct KeySecurityData);
218 r.in.sd->size = 0x1000;
219 r.in.sec_info = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL;
221 status = dcerpc_winreg_GetKeySecurity(p, mem_ctx, &r);
223 if (!NT_STATUS_IS_OK(status)) {
224 printf("GetKeySecurity failed - %s\n", nt_errstr(status));
228 if (!W_ERROR_IS_OK(r.out.result)) {
229 printf("GetKeySecurity failed - %s\n", win_errstr(r.out.result));
233 sdblob.data = r.out.sd->data;
234 sdblob.length = r.out.sd->len;
236 status = ndr_pull_struct_blob(&sdblob, mem_ctx, &sd,
237 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
238 if (!NT_STATUS_IS_OK(status)) {
239 printf("pull_security_descriptor failed - %s\n", nt_errstr(status));
242 if (p->conn->flags & DCERPC_DEBUG_PRINT_OUT) {
243 NDR_PRINT_DEBUG(security_descriptor, &sd);
249 static BOOL test_CloseKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
250 struct policy_handle *handle)
253 struct winreg_CloseKey r;
255 printf("\ntesting CloseKey\n");
257 r.in.handle = r.out.handle = handle;
259 status = dcerpc_winreg_CloseKey(p, mem_ctx, &r);
261 if (!NT_STATUS_IS_OK(status)) {
262 printf("CloseKey failed - %s\n", nt_errstr(status));
266 if (!W_ERROR_IS_OK(r.out.result)) {
267 printf("CloseKey failed - %s\n", win_errstr(r.out.result));
274 static BOOL test_FlushKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
275 struct policy_handle *handle)
278 struct winreg_FlushKey r;
280 printf("\ntesting FlushKey\n");
282 r.in.handle = handle;
284 status = dcerpc_winreg_FlushKey(p, mem_ctx, &r);
286 if (!NT_STATUS_IS_OK(status)) {
287 printf("FlushKey failed - %s\n", nt_errstr(status));
291 if (!W_ERROR_IS_OK(r.out.result)) {
292 printf("FlushKey failed - %s\n", win_errstr(r.out.result));
299 static BOOL test_OpenKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
300 struct policy_handle *hive_handle,
301 const char *keyname, struct policy_handle *key_handle)
304 struct winreg_OpenKey r;
306 printf("\ntesting OpenKey\n");
308 r.in.handle = hive_handle;
309 init_winreg_String(&r.in.keyname, keyname);
310 r.in.unknown = 0x00000000;
311 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
312 r.out.handle = key_handle;
314 status = dcerpc_winreg_OpenKey(p, mem_ctx, &r);
316 if (!NT_STATUS_IS_OK(status)) {
317 printf("OpenKey failed - %s\n", nt_errstr(status));
321 if (!W_ERROR_IS_OK(r.out.result)) {
322 printf("OpenKey failed - %s\n", win_errstr(r.out.result));
330 static BOOL test_Cleanup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
331 struct policy_handle *handle, const char *key)
333 struct winreg_DeleteKey r;
335 r.in.handle = handle;
337 init_winreg_String(&r.in.key, key);
338 dcerpc_winreg_DeleteKey(p, mem_ctx, &r);
344 static BOOL test_DeleteKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
345 struct policy_handle *handle, const char *key)
348 struct winreg_DeleteKey r;
350 printf("\ntesting DeleteKey\n");
352 r.in.handle = handle;
353 init_winreg_String(&r.in.key, key);
355 status = dcerpc_winreg_DeleteKey(p, mem_ctx, &r);
357 if (!NT_STATUS_IS_OK(status)) {
358 printf("DeleteKey failed - %s\n", nt_errstr(status));
362 if (!W_ERROR_IS_OK(r.out.result)) {
363 printf("DeleteKey failed - %s\n", win_errstr(r.out.result));
370 static BOOL test_QueryInfoKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
371 struct policy_handle *handle, char *class)
374 struct winreg_QueryInfoKey r;
376 printf("\ntesting QueryInfoKey\n");
378 r.in.handle = handle;
379 init_winreg_String(&r.in.class, class);
381 status = dcerpc_winreg_QueryInfoKey(p, mem_ctx, &r);
383 if (!NT_STATUS_IS_OK(status)) {
384 printf("QueryInfoKey failed - %s\n", nt_errstr(status));
388 if (!W_ERROR_IS_OK(r.out.result)) {
389 printf("QueryInfoKey failed - %s\n", win_errstr(r.out.result));
396 static BOOL test_key(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
397 struct policy_handle *handle, int depth);
399 static BOOL test_EnumKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
400 struct policy_handle *handle, int depth)
402 struct winreg_EnumKey r;
403 struct winreg_StringBuf class, name;
407 printf("Testing EnumKey\n\n");
412 r.in.handle = handle;
417 r.in.last_changed_time = &t;
423 status = dcerpc_winreg_EnumKey(p, mem_ctx, &r);
425 if (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(r.out.result)) {
426 struct policy_handle key_handle;
428 printf("EnumKey: %d: %s\n", r.in.enum_index, r.out.name->name);
431 p, mem_ctx, handle, r.out.name->name,
434 test_key(p, mem_ctx, &key_handle, depth + 1);
440 } while (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(r.out.result));
442 if (!NT_STATUS_IS_OK(status)) {
443 printf("EnumKey failed - %s\n", nt_errstr(status));
447 if (!W_ERROR_IS_OK(r.out.result) && !W_ERROR_EQUAL(r.out.result, WERR_NO_MORE_ITEMS)) {
448 printf("EnumKey failed - %s\n", win_errstr(r.out.result));
457 static BOOL test_QueryMultipleValues(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, const char *valuename)
459 struct winreg_QueryMultipleValues r;
463 printf("Testing QueryMultipleValues\n");
465 r.in.key_handle = handle;
466 r.in.values = r.out.values = talloc_array(mem_ctx, struct QueryMultipleValue, 1);
467 r.in.values[0].name = talloc(mem_ctx, struct winreg_String);
468 r.in.values[0].name->name = valuename;
469 r.in.values[0].offset = 0;
470 r.in.values[0].length = 0;
471 r.in.values[0].type = 0;
474 r.in.buffer_size = r.out.buffer_size = talloc(mem_ctx, uint32_t);
475 *r.in.buffer_size = bufsize;
477 *r.in.buffer_size = bufsize;
478 r.in.buffer = r.out.buffer = talloc_zero_array(mem_ctx, uint8_t,
481 status = dcerpc_winreg_QueryMultipleValues(p, mem_ctx, &r);
483 if(NT_STATUS_IS_ERR(status)) {
484 printf("QueryMultipleValues failed - %s\n", nt_errstr(status));
487 talloc_free(r.in.buffer);
489 } while (W_ERROR_EQUAL(r.out.result, WERR_MORE_DATA));
491 if (!W_ERROR_IS_OK(r.out.result)) {
492 printf("QueryMultipleValues failed - %s\n", win_errstr(r.out.result));
499 static BOOL test_QueryValue(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, const char *valuename)
501 struct winreg_QueryValue r;
504 uint32_t offered = 0xfff;
506 printf("Testing QueryValue\n");
508 r.in.handle = handle;
510 r.in.value_name.name = valuename;
512 r.in.size = &offered;
515 status = dcerpc_winreg_QueryValue(p, mem_ctx, &r);
516 if(NT_STATUS_IS_ERR(status)) {
517 printf("QueryValue failed - %s\n", nt_errstr(status));
521 if (!W_ERROR_IS_OK(r.out.result)) {
522 printf("QueryValue failed - %s\n", win_errstr(r.out.result));
529 static BOOL test_EnumValue(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
530 struct policy_handle *handle, int max_valnamelen, int max_valbufsize)
532 struct winreg_EnumValue r;
534 uint32_t size = max_valbufsize, zero = 0;
537 struct winreg_StringBuf name;
539 printf("testing EnumValue\n");
544 r.in.handle = handle;
554 NTSTATUS status = dcerpc_winreg_EnumValue(p, mem_ctx, &r);
555 if(NT_STATUS_IS_ERR(status)) {
556 printf("EnumValue failed - %s\n", nt_errstr(status));
560 if (W_ERROR_IS_OK(r.out.result)) {
561 ret &= test_QueryValue(p, mem_ctx, handle, r.out.name->name);
562 ret &= test_QueryMultipleValues(p, mem_ctx, handle, r.out.name->name);
566 } while (W_ERROR_IS_OK(r.out.result));
568 if(!W_ERROR_EQUAL(r.out.result, WERR_NO_MORE_ITEMS)) {
569 printf("EnumValue failed - %s\n", win_errstr(r.out.result));
576 static BOOL test_InitiateSystemShutdown(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
577 const char *msg, uint32_t timeout)
579 struct winreg_InitiateSystemShutdown r;
581 uint16_t hostname = 0x0;
583 r.in.hostname = &hostname;
584 r.in.message = talloc(mem_ctx, struct initshutdown_String);
585 init_initshutdown_String(mem_ctx, r.in.message, msg);
587 r.in.timeout = timeout;
590 status = dcerpc_winreg_InitiateSystemShutdown(p, mem_ctx, &r);
592 if (!NT_STATUS_IS_OK(status)) {
593 printf("InitiateSystemShutdown failed - %s\n", nt_errstr(status));
597 if (!W_ERROR_IS_OK(r.out.result)) {
598 printf("InitiateSystemShutdown failed - %s\n", win_errstr(r.out.result));
605 static BOOL test_InitiateSystemShutdownEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
606 const char *msg, uint32_t timeout)
608 struct winreg_InitiateSystemShutdownEx r;
610 uint16_t hostname = 0x0;
612 r.in.hostname = &hostname;
613 r.in.message = talloc(mem_ctx, struct initshutdown_String);
614 init_initshutdown_String(mem_ctx, r.in.message, msg);
616 r.in.timeout = timeout;
620 status = dcerpc_winreg_InitiateSystemShutdownEx(p, mem_ctx, &r);
622 if (!NT_STATUS_IS_OK(status)) {
623 printf("InitiateSystemShutdownEx failed - %s\n", nt_errstr(status));
627 if (!W_ERROR_IS_OK(r.out.result)) {
628 printf("InitiateSystemShutdownEx failed - %s\n", win_errstr(r.out.result));
635 static BOOL test_AbortSystemShutdown(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
637 struct winreg_AbortSystemShutdown r;
639 uint16_t server = 0x0;
641 r.in.server = &server;
643 status = dcerpc_winreg_AbortSystemShutdown(p, mem_ctx, &r);
645 if (!NT_STATUS_IS_OK(status)) {
646 printf("AbortSystemShutdown failed - %s\n", nt_errstr(status));
650 if (!W_ERROR_IS_OK(r.out.result)) {
651 printf("AbortSystemShutdown failed - %s\n", win_errstr(r.out.result));
658 #define MAX_DEPTH 2 /* Only go this far down the tree */
660 static BOOL test_key(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
661 struct policy_handle *handle, int depth)
663 if (depth == MAX_DEPTH)
666 if (!test_QueryInfoKey(p, mem_ctx, handle, NULL)) {
670 if (!test_NotifyChangeKeyValue(p, mem_ctx, handle)) {
673 if (!test_GetKeySecurity(p, mem_ctx, handle)) {
676 if (!test_EnumKey(p, mem_ctx, handle, depth)) {
679 if (!test_EnumValue(p, mem_ctx, handle, 0xFF, 0xFFFF)) {
683 test_CloseKey(p, mem_ctx, handle);
688 typedef NTSTATUS (*winreg_open_fn)(struct dcerpc_pipe *, TALLOC_CTX *, void *);
690 static BOOL test_Open(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
691 const char *name, winreg_open_fn open_fn)
693 struct policy_handle handle, newhandle;
694 BOOL ret = True, created = False, created2 = False, deleted = False;
695 struct winreg_OpenHKLM r;
698 printf("Testing %s\n", name);
700 r.in.system_name = 0;
701 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
702 r.out.handle = &handle;
704 status = open_fn(p, mem_ctx, &r);
705 if (!NT_STATUS_IS_OK(status)) {
709 test_Cleanup(p, mem_ctx, &handle, TEST_KEY1);
710 test_Cleanup(p, mem_ctx, &handle, TEST_KEY2);
711 test_Cleanup(p, mem_ctx, &handle, TEST_KEY_BASE);
713 if (!test_CreateKey(p, mem_ctx, &handle, TEST_KEY1, NULL)) {
714 printf("CreateKey failed - not considering a failure\n");
719 if (created && !test_FlushKey(p, mem_ctx, &handle)) {
720 printf("FlushKey failed\n");
724 if (created && !test_OpenKey(p, mem_ctx, &handle, TEST_KEY1, &newhandle)) {
725 printf("CreateKey failed (OpenKey after Create didn't work)\n");
729 if (created && !test_DeleteKey(p, mem_ctx, &handle, TEST_KEY1)) {
730 printf("DeleteKey failed\n");
736 if (created && !test_FlushKey(p, mem_ctx, &handle)) {
737 printf("FlushKey failed\n");
741 if (created && deleted &&
742 test_OpenKey(p, mem_ctx, &handle, TEST_KEY1, &newhandle)) {
743 printf("DeleteKey failed (OpenKey after Delete didn't work)\n");
747 if (!test_GetVersion(p, mem_ctx, &handle)) {
748 printf("GetVersion failed\n");
752 if (created && test_CreateKey_sd(p, mem_ctx, &handle, TEST_KEY2,
757 if (created2 && !test_GetKeySecurity(p, mem_ctx, &newhandle)) {
758 printf("GetKeySecurity failed\n");
762 if (created2 && !test_CloseKey(p, mem_ctx, &newhandle)) {
763 printf("CloseKey failed\n");
767 if (created && !test_DeleteKey(p, mem_ctx, &handle, TEST_KEY2)) {
768 printf("DeleteKey failed\n");
772 /* The HKCR hive has a very large fanout */
774 if (open_fn == (void *)dcerpc_winreg_OpenHKCR) {
775 if(!test_key(p, mem_ctx, &handle, MAX_DEPTH - 1)) {
780 if(!test_key(p, mem_ctx, &handle, 0)) {
784 test_Cleanup(p, mem_ctx, &handle, TEST_KEY_BASE);
789 BOOL torture_rpc_winreg(struct torture_context *torture)
792 struct dcerpc_pipe *p;
798 } open_fns[] = {{"OpenHKLM", (winreg_open_fn)dcerpc_winreg_OpenHKLM },
799 {"OpenHKU", (winreg_open_fn)dcerpc_winreg_OpenHKU },
800 {"OpenHKCR", (winreg_open_fn)dcerpc_winreg_OpenHKCR },
801 {"OpenHKCU", (winreg_open_fn)dcerpc_winreg_OpenHKCU }};
803 mem_ctx = talloc_init("torture_rpc_winreg");
805 status = torture_rpc_connection(mem_ctx, &p, &dcerpc_table_winreg);
807 if (!NT_STATUS_IS_OK(status)) {
808 talloc_free(mem_ctx);
812 if (!lp_parm_bool(-1, "torture", "dangerous", False)) {
813 printf("winreg_InitiateShutdown disabled - enable dangerous tests to use\n");
815 ret &= test_InitiateSystemShutdown(p, mem_ctx, "spottyfood", 30);
816 ret &= test_AbortSystemShutdown(p, mem_ctx);
817 ret &= test_InitiateSystemShutdownEx(p, mem_ctx, "spottyfood", 30);
818 ret &= test_AbortSystemShutdown(p, mem_ctx);
821 for (i = 0; i < ARRAY_SIZE(open_fns); i++) {
822 if (!test_Open(p, mem_ctx, open_fns[i].name, open_fns[i].fn))
826 talloc_free(mem_ctx);