#include "libcli/smb2/smb2_calls.h"
#include "torture/torture.h"
#include "torture/smb2/proto.h"
-#include "param/param.h"
#include "librpc/gen_ndr/ndr_security.h"
#include "libcli/security/security.h"
#define CHECK_STATUS(status, correct) do { \
if (!NT_STATUS_EQUAL(status, correct)) { \
- printf("(%s) Incorrect status %s - should be %s\n", \
- __location__, nt_errstr(status), nt_errstr(correct)); \
+ torture_result(torture, TORTURE_FAIL, \
+ "(%s) Incorrect status %s - should be %s\n", \
+ __location__, nt_errstr(status), nt_errstr(correct)); \
return false; \
}} while (0)
#define CHECK_EQUAL(v, correct) do { \
if (v != correct) { \
- printf("(%s) Incorrect value for %s 0x%08llx - should be 0x%08llx\n", \
- __location__, #v, (unsigned long long)v, (unsigned long long)correct); \
+ torture_result(torture, TORTURE_FAIL, \
+ "(%s) Incorrect value for %s 0x%08llx - " \
+ "should be 0x%08llx\n", \
+ __location__, #v, \
+ (unsigned long long)v, \
+ (unsigned long long)correct); \
return false; \
}} while (0)
+#define TARGET_IS_WIN7(_tctx) (torture_setting_bool(_tctx, "win7", false))
+
/*
test some interesting combinations found by gentest
*/
CHECK_STATUS(status, NT_STATUS_OK);
} else {
unexpected_mask |= 1<<i;
- printf("create option 0x%08x returned %s\n", 1<<i, nt_errstr(status));
+ torture_comment(torture,
+ "create option 0x%08x returned %s\n",
+ 1<<i, nt_errstr(status));
}
}
}
}
}
- CHECK_EQUAL(access_mask, 0x0df0fe00);
+ if (TARGET_IS_WIN7(torture)) {
+ CHECK_EQUAL(access_mask, 0x0de0fe00);
+ } else {
+ CHECK_EQUAL(access_mask, 0x0df0fe00);
+ }
io.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
int i;
for (i=0;i<32;i++) {
io.in.file_attributes = 1<<i;
+ if (io.in.file_attributes & FILE_ATTRIBUTE_ENCRYPTED) {
+ continue;
+ }
smb2_deltree(tree, FNAME);
status = smb2_create(tree, tmp_ctx, &io);
if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
CHECK_STATUS(status, NT_STATUS_OK);
} else {
unexpected_mask |= 1<<i;
- printf("file attribute 0x%08x returned %s\n", 1<<i, nt_errstr(status));
+ torture_comment(torture,
+ "file attribute 0x%08x returned %s\n",
+ 1<<i, nt_errstr(status));
}
}
}
- CHECK_EQUAL(ok_mask, 0x00007fb7);
+ CHECK_EQUAL(ok_mask, 0x00003fb7);
CHECK_EQUAL(invalid_parameter_mask, 0xffff8048);
CHECK_EQUAL(unexpected_mask, 0x00000000);
- CHECK_EQUAL(file_attributes_set, 0x00005127);
+ CHECK_EQUAL(file_attributes_set, 0x00001127);
+
+ smb2_deltree(tree, FNAME);
+
+ /*
+ * Standalone servers doesn't support encryption
+ */
+ io.in.file_attributes = FILE_ATTRIBUTE_ENCRYPTED;
+ status = smb2_create(tree, tmp_ctx, &io);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ torture_comment(torture,
+ "FILE_ATTRIBUTE_ENCRYPTED returned %s\n",
+ nt_errstr(status));
+ } else {
+ CHECK_STATUS(status, NT_STATUS_OK);
+ CHECK_EQUAL(io.out.file_attr, (FILE_ATTRIBUTE_ENCRYPTED | FILE_ATTRIBUTE_ARCHIVE));
+ status = smb2_util_close(tree, io.out.file.handle);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ }
smb2_deltree(tree, FNAME);
status = smb2_getinfo_file(tree, tmp_ctx, &q);
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_EQUAL(q.access_information.out.access_flags, io.in.desired_access);
+
+ io.in.file_attributes = 0;
+ io.in.desired_access = 0;
+ io.in.query_maximal_access = false;
+ io.in.share_access = 0;
+ status = smb2_create(tree, tmp_ctx, &io);
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
talloc_free(tmp_ctx);
status = smb2_util_close(tree, io.out.file.handle);
CHECK_STATUS(status, NT_STATUS_OK);
- printf("testing alloc size\n");
+ torture_comment(torture, "testing alloc size\n");
io.in.alloc_size = 4096;
status = smb2_create(tree, tmp_ctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_util_close(tree, io.out.file.handle);
CHECK_STATUS(status, NT_STATUS_OK);
- printf("testing durable open\n");
+ torture_comment(torture, "testing durable open\n");
io.in.durable_open = true;
status = smb2_create(tree, tmp_ctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_util_close(tree, io.out.file.handle);
CHECK_STATUS(status, NT_STATUS_OK);
- printf("testing query maximal access\n");
+ torture_comment(torture, "testing query maximal access\n");
io.in.query_maximal_access = true;
status = smb2_create(tree, tmp_ctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_util_close(tree, io.out.file.handle);
CHECK_STATUS(status, NT_STATUS_OK);
- printf("testing timewarp\n");
+ torture_comment(torture, "testing timewarp\n");
io.in.timewarp = 10000;
status = smb2_create(tree, tmp_ctx, &io);
CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
io.in.timewarp = 0;
- printf("testing query_on_disk\n");
+ torture_comment(torture, "testing query_on_disk\n");
io.in.query_on_disk_id = true;
status = smb2_create(tree, tmp_ctx, &io);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_util_close(tree, io.out.file.handle);
CHECK_STATUS(status, NT_STATUS_OK);
- printf("testing unknown tag\n");
+ torture_comment(torture, "testing unknown tag\n");
status = smb2_create_blob_add(tmp_ctx, &io.in.blobs,
"FooO", data_blob(NULL, 0));
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_util_close(tree, io.out.file.handle);
CHECK_STATUS(status, NT_STATUS_OK);
- printf("testing bad tag length\n");
+ torture_comment(torture, "testing bad tag length\n");
status = smb2_create_blob_add(tmp_ctx, &io.in.blobs,
"xxx", data_blob(NULL, 0));
CHECK_STATUS(status, NT_STATUS_OK);
smb2_util_unlink(tree, FNAME);
- printf("adding a new ACE\n");
+ torture_comment(torture, "adding a new ACE\n");
test_sid = dom_sid_parse_talloc(tmp_ctx, "S-1-5-32-1234-54321");
ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
status = security_descriptor_dacl_add(sd, &ace);
CHECK_STATUS(status, NT_STATUS_OK);
-
- printf("creating a file with an initial ACL\n");
+
+ torture_comment(torture, "creating a file with an initial ACL\n");
io.in.sec_desc = sd;
status = smb2_create(tree, tmp_ctx, &io);
sd2 = q.query_secdesc.out.sd;
if (!security_acl_equal(sd->dacl, sd2->dacl)) {
- printf("%s: security descriptors don't match!\n", __location__);
- printf("got:\n");
+ torture_comment(torture,
+ "%s: security descriptors don't match!\n", __location__);
+ torture_comment(torture, "got:\n");
NDR_PRINT_DEBUG(security_descriptor, sd2);
- printf("expected:\n");
+ torture_comment(torture, "expected:\n");
NDR_PRINT_DEBUG(security_descriptor, sd);
return false;
}