Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into registry
[ira/wip.git] / source4 / lib / registry / tests / hive.c
index 29f7e685c102faadf0e15cdedcfa5b8269d7d540..edc97c2468ebe8ca774b2f6cd7c336af4406a64a 100644 (file)
@@ -26,6 +26,7 @@
 #include "librpc/gen_ndr/winreg.h"
 #include "system/filesys.h"
 #include "param/param.h"
+#include "libcli/security/security.h"
 
 static bool test_del_nonexistant_key(struct torture_context *tctx,
                                     const void *test_data)
@@ -306,6 +307,56 @@ static bool test_list_values(struct torture_context *tctx,
        return true;
 }
 
+static bool test_hive_security(struct torture_context *tctx, const void *_data)
+{
+       struct hive_key *subkey = NULL;
+        const struct hive_key *root = _data;
+       WERROR error;
+       struct security_descriptor *osd, *nsd;
+       
+       osd = security_descriptor_dacl_create(tctx,
+                                        0,
+                                        NULL, NULL,
+                                        SID_NT_AUTHENTICATED_USERS,
+                                        SEC_ACE_TYPE_ACCESS_ALLOWED,
+                                        SEC_GENERIC_ALL,
+                                        SEC_ACE_FLAG_OBJECT_INHERIT,
+                                        NULL);
+
+
+       error = hive_key_add_name(tctx, root, "SecurityKey", NULL,
+                                 osd, &subkey);
+       torture_assert_werr_ok(tctx, error, "hive_key_add_name");
+
+       error = hive_get_sec_desc(tctx, subkey, &nsd);
+       torture_assert_werr_ok (tctx, error, "getting security descriptor");
+
+       torture_assert(tctx, security_descriptor_equal(osd, nsd),
+                      "security descriptor changed!");
+
+       /* Create a fresh security descriptor */        
+       talloc_free(osd);
+       osd = security_descriptor_dacl_create(tctx,
+                                        0,
+                                        NULL, NULL,
+                                        SID_NT_AUTHENTICATED_USERS,
+                                        SEC_ACE_TYPE_ACCESS_ALLOWED,
+                                        SEC_GENERIC_ALL,
+                                        SEC_ACE_FLAG_OBJECT_INHERIT,
+                                        NULL);
+
+       error = hive_set_sec_desc(subkey, osd);
+       torture_assert_werr_ok(tctx, error, "setting security descriptor");
+       
+       error = hive_get_sec_desc(tctx, subkey, &nsd);
+       torture_assert_werr_ok (tctx, error, "getting security descriptor");
+       
+       torture_assert(tctx, security_descriptor_equal(osd, nsd),
+                      "security descriptor changed!");
+
+       return true;
+}
+
 static void tcase_add_tests(struct torture_tcase *tcase)
 {
        torture_tcase_add_simple_test_const(tcase, "del_nonexistant_key",
@@ -333,6 +384,8 @@ static void tcase_add_tests(struct torture_tcase *tcase)
                                                test_del_key);
        torture_tcase_add_simple_test_const(tcase, "del_value",
                                                test_del_value);
+       torture_tcase_add_simple_test_const(tcase, "check hive security",
+                                               test_hive_security);
 }
 
 static bool hive_setup_dir(struct torture_context *tctx, void **data)
@@ -390,7 +443,7 @@ static bool hive_setup_regf(struct torture_context *tctx, void **data)
        char *dirname;
        NTSTATUS status;
 
-       status = torture_temp_dir(tctx, "hive-dir", &dirname);
+       status = torture_temp_dir(tctx, "hive-regf", &dirname);
        if (!NT_STATUS_IS_OK(status))
                return false;