CHECK_ACCESS_FLAGS(fnum2, SEC_RIGHTS_FILE_ALL);
smbcli_close(cli->tree, fnum2);
} else {
- CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ if (TARGET_IS_WIN7(tctx)) {
+ CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
+ } else {
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ }
}
torture_comment(tctx, "trying without execute\n");
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL & ~SEC_FILE_EXECUTE;
status = smb_raw_open(cli->tree, tctx, &io);
- CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ if (TARGET_IS_WIN7(tctx)) {
+ CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
+ } else {
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ }
torture_comment(tctx, "and with full permissions again\n");
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL;
status = smb_raw_open(cli->tree, tctx, &io);
- CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ if (TARGET_IS_WIN7(tctx)) {
+ CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
+ } else {
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ }
io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA;
status = smb_raw_open(cli->tree, tctx, &io);
io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL;
status = smb_raw_open(cli->tree, tctx, &io);
- CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ if (TARGET_IS_WIN7(tctx)) {
+ CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
+ } else {
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ }
io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA;
status = smb_raw_open(cli->tree, tctx, &io);
CHECK_ACCESS_FLAGS(fnum2, SEC_FILE_WRITE_DATA | SEC_FILE_READ_ATTRIBUTE);
smbcli_close(cli->tree, fnum2);
- smbcli_unlink(cli->tree, fname1);
- smbcli_rmdir(cli->tree, dname);
-
done:
if (sd_orig != NULL) {
set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
}
smbcli_close(cli->tree, fnum);
+ smbcli_unlink(cli->tree, fname1);
+ smbcli_rmdir(cli->tree, dname);
smb_raw_exit(cli->session);
smbcli_deltree(cli->tree, BASEDIR);
return ret;
CHECK_ACCESS_FLAGS(handle2, SEC_RIGHTS_FILE_ALL);
smb2_util_close(tree, handle2);
} else {
- if (TARGET_IS_WIN7(tctx)) {
+ if (torture_setting_bool(tctx, "hide_on_access_denied",
+ false)) {
CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
} else {
CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
io.in.create_disposition = NTCREATEX_DISP_OPEN;
io.in.desired_access = SEC_RIGHTS_FILE_ALL & ~SEC_FILE_EXECUTE;
status = smb2_create(tree, tctx, &io);
- if (TARGET_IS_WIN7(tctx)) {
+ if (torture_setting_bool(tctx, "hide_on_access_denied", false)) {
CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
} else {
CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
io.in.create_disposition = NTCREATEX_DISP_OPEN;
io.in.desired_access = SEC_RIGHTS_FILE_ALL;
status = smb2_create(tree, tctx, &io);
- if (TARGET_IS_WIN7(tctx)) {
+ if (torture_setting_bool(tctx, "hide_on_access_denied", false)) {
CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
} else {
CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
io.in.desired_access = SEC_RIGHTS_FILE_ALL;
status = smb2_create(tree, tctx, &io);
- if (TARGET_IS_WIN7(tctx)) {
+ if (torture_setting_bool(tctx, "hide_on_access_denied", false)) {
CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
} else {
CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
torture_comment(tctx, "try open for write => access_denied\n");
io.in.desired_access = SEC_FILE_WRITE_DATA;
status = smb2_create(tree, tctx, &io);
- CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ if (torture_setting_bool(tctx, "hide_on_access_denied", false)) {
+ CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
+ } else {
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ }
torture_comment(tctx, "try open for read => access_denied\n");
io.in.desired_access = SEC_FILE_READ_DATA;
status = smb2_create(tree, tctx, &io);
- CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ if (torture_setting_bool(tctx, "hide_on_access_denied", false)) {
+ CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
+ } else {
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ }
torture_comment(tctx, "try open for generic write => access_denied\n");
io.in.desired_access = SEC_GENERIC_WRITE;
status = smb2_create(tree, tctx, &io);
- CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ if (torture_setting_bool(tctx, "hide_on_access_denied", false)) {
+ CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
+ } else {
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ }
torture_comment(tctx, "try open for generic read => access_denied\n");
io.in.desired_access = SEC_GENERIC_READ;
status = smb2_create(tree, tctx, &io);
- CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ if (torture_setting_bool(tctx, "hide_on_access_denied", false)) {
+ CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
+ } else {
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ }
torture_comment(tctx, "set empty sd\n");
sd->type &= ~SEC_DESC_DACL_PRESENT;
/* RAW-SEARCH for fails for inexplicable reasons against win7 */
lp_set_cmdline(cmdline_lp_ctx, "torture:search_ea_support", "false");
+
+ lp_set_cmdline(cmdline_lp_ctx, "torture:hide_on_access_denied",
+ "true");
} else if (strcmp(target, "onefs") == 0) {
lp_set_cmdline(cmdline_lp_ctx, "torture:onefs", "true");
lp_set_cmdline(cmdline_lp_ctx, "torture:openx_deny_dos_support",
* the appropriate test.
*/
+/* torture:hide_on_acess_denied
+ *
+ * Some servers (win7) choose to hide files when certain access has been
+ * denied. When true, torture will expect NT_STATUS_OBJECT_NAME_NOT_FOUND
+ * rather than NT_STATUS_ACCESS_DENIED when trying to open one of these files.
+ */
#endif /* __SMBTORTURE_H__ */
const char *sid_str,
const char *privilege);
+
#endif /* _TORTURE_UTIL_H_ */