Merge 2610c05b5b95cc7036b3d6dfb894c6cfbdb68483 as Samba-4.0alpha16
[kai/samba.git] / source3 / torture / test_nttrans_create.c
1 /*
2    Unix SMB/CIFS implementation.
3    Basic test for share secdescs vs nttrans_create
4    Copyright (C) Volker Lendecke 2011
5
6    This program is free software; you can redistribute it and/or modify
7    it under the terms of the GNU General Public License as published by
8    the Free Software Foundation; either version 3 of the License, or
9    (at your option) any later version.
10
11    This program is distributed in the hope that it will be useful,
12    but WITHOUT ANY WARRANTY; without even the implied warranty of
13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14    GNU General Public License for more details.
15
16    You should have received a copy of the GNU General Public License
17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "torture/proto.h"
22 #include "libsmb/libsmb.h"
23 #include "libcli/security/dom_sid.h"
24 #include "libcli/security/secdesc.h"
25 #include "libcli/security/security.h"
26
27 bool run_nttrans_create(int dummy)
28 {
29         struct cli_state *cli = NULL;
30         NTSTATUS status, status2;
31         bool ret = false;
32         struct security_ace ace;
33         struct security_acl acl;
34         struct security_descriptor *sd;
35         const char *fname = "transtest";
36         uint16_t fnum, fnum2;
37         struct dom_sid owner;
38
39         printf("Starting NTTRANS_CREATE\n");
40
41         if (!torture_open_connection(&cli, 0)) {
42                 printf("torture_open_connection failed\n");
43                 goto fail;
44         }
45
46         ZERO_STRUCT(ace);
47         ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
48         ace.access_mask = SEC_RIGHTS_FILE_ALL & ~SEC_STD_WRITE_DAC;
49         sid_copy(&ace.trustee, &global_sid_World);
50
51         acl.revision = SECURITY_ACL_REVISION_NT4;
52         acl.size = 0;
53         acl.num_aces = 1;
54         acl.aces = &ace;
55
56         dom_sid_parse("S-1-22-1-1000", &owner);
57
58         sd = make_sec_desc(talloc_tos(),
59                            SECURITY_DESCRIPTOR_REVISION_1,
60                            SEC_DESC_SELF_RELATIVE|
61                            SEC_DESC_DACL_PRESENT|SEC_DESC_OWNER_DEFAULTED|
62                            SEC_DESC_GROUP_DEFAULTED,
63                            NULL, NULL, NULL, &acl, NULL);
64         if (sd == NULL) {
65                 d_fprintf(stderr, "make_sec_desc failed\n");
66                 goto fail;
67         }
68
69         status = cli_nttrans_create(
70                 cli, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS|
71                 READ_CONTROL_ACCESS,
72                 FILE_ATTRIBUTE_NORMAL,
73                 FILE_SHARE_READ|FILE_SHARE_WRITE| FILE_SHARE_DELETE,
74                 FILE_CREATE, 0, 0, sd, NULL, 0, &fnum);
75         if (!NT_STATUS_IS_OK(status)) {
76                 d_fprintf(stderr, "cli_nttrans_create returned %s\n",
77                           nt_errstr(status));
78                 goto fail;
79         }
80
81         cli_query_secdesc(cli, fnum, talloc_tos());
82
83         status2 = cli_ntcreate(cli, fname, 0, WRITE_DAC_ACCESS,
84                                FILE_ATTRIBUTE_NORMAL,
85                                FILE_SHARE_READ|FILE_SHARE_WRITE|
86                                FILE_SHARE_DELETE,
87                                FILE_OPEN, 0, 0, &fnum2);
88
89         status = cli_nt_delete_on_close(cli, fnum, true);
90         if (!NT_STATUS_IS_OK(status)) {
91                 d_fprintf(stderr, "cli_nt_delete_on_close returned %s\n",
92                           nt_errstr(status));
93                 goto fail;
94         }
95
96         if (!NT_STATUS_EQUAL(status2, NT_STATUS_ACCESS_DENIED)) {
97                 d_fprintf(stderr, "cli_ntcreate returned %s\n",
98                           nt_errstr(status));
99                 goto fail;
100         }
101
102         ret = true;
103 fail:
104         if (cli != NULL) {
105                 torture_close_connection(cli);
106         }
107         return ret;
108 }