search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4-smbtorture: add test_DeleteKey_opts to RPC-WINREG.
[Samba/nascimento.git] / source4 / torture / rpc / winreg.c
blob2c3f542c7af1e7549dd87a42f90b28ce518b19c1
1 /*
2 Unix SMB/CIFS implementation.
3 test suite for winreg rpc operations
4
5 Copyright (C) Tim Potter 2003
6 Copyright (C) Jelmer Vernooij 2004-2007
7 Copyright (C) Günther Deschner 2007
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "librpc/gen_ndr/ndr_winreg_c.h"
25 #include "librpc/gen_ndr/ndr_security.h"
26 #include "libcli/security/security.h"
27 #include "torture/rpc/rpc.h"
28 #include "param/param.h"
29 #include "lib/registry/registry.h"
30
31 #define TEST_KEY_BASE "smbtorture test"
32 #define TEST_KEY1 TEST_KEY_BASE "\\spottyfoot"
33 #define TEST_KEY2 TEST_KEY_BASE "\\with a SD (#1)"
34 #define TEST_KEY3 TEST_KEY_BASE "\\with a subkey"
35 #define TEST_KEY4 TEST_KEY_BASE "\\sd_tests"
36 #define TEST_SUBKEY TEST_KEY3 "\\subkey"
37 #define TEST_SUBKEY_SD TEST_KEY4 "\\subkey_sd"
38 #define TEST_SUBSUBKEY_SD TEST_KEY4 "\\subkey_sd\\subsubkey_sd"
39 #define TEST_VALUE "torture_value_name"
40
41 #define TEST_SID "S-1-5-21-1234567890-1234567890-1234567890-500"
42
43 static void init_lsa_StringLarge(struct lsa_StringLarge *name, const char *s)
44 {
45 name->string = s;
46 }
47
48 static void init_winreg_String(struct winreg_String *name, const char *s)
49 {
50 name->name = s;
51 if (s) {
52 name->name_len = 2 * (strlen_m(s) + 1);
53 name->name_size = name->name_len;
54 } else {
55 name->name_len = 0;
56 name->name_size = 0;
57 }
58 }
59
60 static bool test_GetVersion(struct dcerpc_binding_handle *b,
61 struct torture_context *tctx,
62 struct policy_handle *handle)
63 {
64 struct winreg_GetVersion r;
65 uint32_t v;
66
67 ZERO_STRUCT(r);
68 r.in.handle = handle;
69 r.out.version = &v;
70
71 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_GetVersion_r(b, tctx, &r),
72 "GetVersion failed");
73
74 torture_assert_werr_ok(tctx, r.out.result, "GetVersion failed");
75
76 return true;
77 }
78
79 static bool test_NotifyChangeKeyValue(struct dcerpc_binding_handle *b,
80 struct torture_context *tctx,
81 struct policy_handle *handle)
82 {
83 struct winreg_NotifyChangeKeyValue r;
84
85 ZERO_STRUCT(r);
86 r.in.handle = handle;
87 r.in.watch_subtree = true;
88 r.in.notify_filter = 0;
89 r.in.unknown = r.in.unknown2 = 0;
90 init_winreg_String(&r.in.string1, NULL);
91 init_winreg_String(&r.in.string2, NULL);
92
93 torture_assert_ntstatus_ok(tctx,
94 dcerpc_winreg_NotifyChangeKeyValue_r(b, tctx, &r),
95 "NotifyChangeKeyValue failed");
96
97 if (!W_ERROR_IS_OK(r.out.result)) {
98 torture_comment(tctx,
99 "NotifyChangeKeyValue failed - %s - not considering\n",
100 win_errstr(r.out.result));
101 return true;
102 }
103
104 return true;
105 }
106
107 static bool test_CreateKey_opts(struct torture_context *tctx,
108 struct dcerpc_binding_handle *b,
109 struct policy_handle *handle,
110 const char *name,
111 const char *kclass,
112 enum winreg_KeyType options,
113 uint32_t access_mask,
114 struct winreg_SecBuf *secdesc,
115 WERROR expected_result,
116 enum winreg_CreateAction *action_taken_p,
117 struct policy_handle *new_handle_p)
118 {
119 struct winreg_CreateKey r;
120 struct policy_handle newhandle;
121 enum winreg_CreateAction action_taken = 0;
122
123 torture_comment(tctx, "Testing CreateKey(%s)\n", name);
124
125 ZERO_STRUCT(r);
126 r.in.handle = handle;
127 init_winreg_String(&r.in.name, name);
128 init_winreg_String(&r.in.keyclass, kclass);
129 r.in.options = options;
130 r.in.access_mask = access_mask;
131 r.in.action_taken = &action_taken;
132 r.in.secdesc = secdesc;
133 r.out.new_handle = &newhandle;
134 r.out.action_taken = &action_taken;
135
136 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_CreateKey_r(b, tctx, &r),
137 "CreateKey failed");
138
139 torture_assert_werr_equal(tctx, r.out.result, expected_result, "CreateKey failed");
140
141 if (new_handle_p) {
142 *new_handle_p = newhandle;
143 }
144 if (action_taken_p) {
145 *action_taken_p = *r.out.action_taken;
146 }
147
148 return true;
149 }
150
151 static bool test_CreateKey(struct dcerpc_binding_handle *b,
152 struct torture_context *tctx,
153 struct policy_handle *handle, const char *name,
154 const char *kclass)
155 {
156 return test_CreateKey_opts(tctx, b, handle, name, kclass,
157 REG_KEYTYPE_NON_VOLATILE,
158 SEC_FLAG_MAXIMUM_ALLOWED,
159 NULL, /* secdesc */
160 WERR_OK,
161 NULL, /* action_taken */
162 NULL /* new_handle */);
163 }
164
165 /*
166 createkey testing with a SD
167 */
168 static bool test_CreateKey_sd(struct dcerpc_binding_handle *b,
169 struct torture_context *tctx,
170 struct policy_handle *handle, const char *name,
171 const char *kclass,
172 struct policy_handle *newhandle)
173 {
174 struct winreg_CreateKey r;
175 enum winreg_CreateAction action_taken = 0;
176 struct security_descriptor *sd;
177 DATA_BLOB sdblob;
178 struct winreg_SecBuf secbuf;
179
180 sd = security_descriptor_dacl_create(tctx,
181 0,
182 NULL, NULL,
183 SID_NT_AUTHENTICATED_USERS,
184 SEC_ACE_TYPE_ACCESS_ALLOWED,
185 SEC_GENERIC_ALL,
186 SEC_ACE_FLAG_OBJECT_INHERIT |
187 SEC_ACE_FLAG_CONTAINER_INHERIT,
188 NULL);
189
190 torture_assert_ndr_success(tctx,
191 ndr_push_struct_blob(&sdblob, tctx, NULL, sd,
192 (ndr_push_flags_fn_t)ndr_push_security_descriptor),
193 "Failed to push security_descriptor ?!\n");
194
195 secbuf.sd.data = sdblob.data;
196 secbuf.sd.len = sdblob.length;
197 secbuf.sd.size = sdblob.length;
198 secbuf.length = sdblob.length-10;
199 secbuf.inherit = 0;
200
201 ZERO_STRUCT(r);
202 r.in.handle = handle;
203 r.out.new_handle = newhandle;
204 init_winreg_String(&r.in.name, name);
205 init_winreg_String(&r.in.keyclass, kclass);
206 r.in.options = 0x0;
207 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
208 r.in.action_taken = r.out.action_taken = &action_taken;
209 r.in.secdesc = &secbuf;
210
211 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_CreateKey_r(b, tctx, &r),
212 "CreateKey with sd failed");
213
214 torture_assert_werr_ok(tctx, r.out.result, "CreateKey with sd failed");
215
216 return true;
217 }
218
219 static bool _test_GetKeySecurity(struct dcerpc_pipe *p,
220 struct torture_context *tctx,
221 struct policy_handle *handle,
222 uint32_t *sec_info_ptr,
223 WERROR get_werr,
224 struct security_descriptor **sd_out)
225 {
226 struct winreg_GetKeySecurity r;
227 struct security_descriptor *sd = NULL;
228 uint32_t sec_info;
229 DATA_BLOB sdblob;
230 struct dcerpc_binding_handle *b = p->binding_handle;
231
232 if (sec_info_ptr) {
233 sec_info = *sec_info_ptr;
234 } else {
235 sec_info = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL;
236 }
237
238 ZERO_STRUCT(r);
239
240 r.in.handle = handle;
241 r.in.sec_info = sec_info;
242 r.in.sd = r.out.sd = talloc_zero(tctx, struct KeySecurityData);
243 r.in.sd->size = 0x1000;
244
245 torture_assert_ntstatus_ok(tctx,
246 dcerpc_winreg_GetKeySecurity_r(b, tctx, &r),
247 "GetKeySecurity failed");
248
249 torture_assert_werr_equal(tctx, r.out.result, get_werr,
250 "GetKeySecurity failed");
251
252 sdblob.data = r.out.sd->data;
253 sdblob.length = r.out.sd->len;
254
255 sd = talloc_zero(tctx, struct security_descriptor);
256
257 torture_assert_ndr_success(tctx,
258 ndr_pull_struct_blob(&sdblob, tctx, NULL, sd,
259 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor),
260 "pull_security_descriptor failed");
261
262 if (p->conn->flags & DCERPC_DEBUG_PRINT_OUT) {
263 NDR_PRINT_DEBUG(security_descriptor, sd);
264 }
265
266 if (sd_out) {
267 *sd_out = sd;
268 } else {
269 talloc_free(sd);
270 }
271
272 return true;
273 }
274
275 static bool test_GetKeySecurity(struct dcerpc_pipe *p,
276 struct torture_context *tctx,
277 struct policy_handle *handle,
278 struct security_descriptor **sd_out)
279 {
280 return _test_GetKeySecurity(p, tctx, handle, NULL, WERR_OK, sd_out);
281 }
282
283 static bool _test_SetKeySecurity(struct dcerpc_pipe *p,
284 struct torture_context *tctx,
285 struct policy_handle *handle,
286 uint32_t *sec_info_ptr,
287 struct security_descriptor *sd,
288 WERROR werr)
289 {
290 struct winreg_SetKeySecurity r;
291 struct KeySecurityData *sdata = NULL;
292 DATA_BLOB sdblob;
293 uint32_t sec_info;
294 struct dcerpc_binding_handle *b = p->binding_handle;
295
296 ZERO_STRUCT(r);
297
298 if (sd && (p->conn->flags & DCERPC_DEBUG_PRINT_OUT)) {
299 NDR_PRINT_DEBUG(security_descriptor, sd);
300 }
301
302 torture_assert_ndr_success(tctx,
303 ndr_push_struct_blob(&sdblob, tctx, NULL, sd,
304 (ndr_push_flags_fn_t)ndr_push_security_descriptor),
305 "push_security_descriptor failed");
306
307 sdata = talloc_zero(tctx, struct KeySecurityData);
308 sdata->data = sdblob.data;
309 sdata->size = sdblob.length;
310 sdata->len = sdblob.length;
311
312 if (sec_info_ptr) {
313 sec_info = *sec_info_ptr;
314 } else {
315 sec_info = SECINFO_UNPROTECTED_SACL |
316 SECINFO_UNPROTECTED_DACL;
317 if (sd->owner_sid) {
318 sec_info |= SECINFO_OWNER;
319 }
320 if (sd->group_sid) {
321 sec_info |= SECINFO_GROUP;
322 }
323 if (sd->sacl) {
324 sec_info |= SECINFO_SACL;
325 }
326 if (sd->dacl) {
327 sec_info |= SECINFO_DACL;
328 }
329 }
330
331 r.in.handle = handle;
332 r.in.sec_info = sec_info;
333 r.in.sd = sdata;
334
335 torture_assert_ntstatus_ok(tctx,
336 dcerpc_winreg_SetKeySecurity_r(b, tctx, &r),
337 "SetKeySecurity failed");
338
339 torture_assert_werr_equal(tctx, r.out.result, werr,
340 "SetKeySecurity failed");
341
342 return true;
343 }
344
345 static bool test_SetKeySecurity(struct dcerpc_pipe *p,
346 struct torture_context *tctx,
347 struct policy_handle *handle,
348 struct security_descriptor *sd)
349 {
350 return _test_SetKeySecurity(p, tctx, handle, NULL, sd, WERR_OK);
351 }
352
353 static bool test_CloseKey(struct dcerpc_binding_handle *b,
354 struct torture_context *tctx,
355 struct policy_handle *handle)
356 {
357 struct winreg_CloseKey r;
358
359 ZERO_STRUCT(r);
360 r.in.handle = r.out.handle = handle;
361
362 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_CloseKey_r(b, tctx, &r),
363 "CloseKey failed");
364
365 torture_assert_werr_ok(tctx, r.out.result, "CloseKey failed");
366
367 return true;
368 }
369
370 static bool test_FlushKey(struct dcerpc_binding_handle *b,
371 struct torture_context *tctx,
372 struct policy_handle *handle)
373 {
374 struct winreg_FlushKey r;
375
376 ZERO_STRUCT(r);
377 r.in.handle = handle;
378
379 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_FlushKey_r(b, tctx, &r),
380 "FlushKey failed");
381
382 torture_assert_werr_ok(tctx, r.out.result, "FlushKey failed");
383
384 return true;
385 }
386
387 static bool test_OpenKey_opts(struct torture_context *tctx,
388 struct dcerpc_binding_handle *b,
389 struct policy_handle *hive_handle,
390 const char *keyname,
391 enum winreg_KeyType options,
392 uint32_t access_mask,
393 struct policy_handle *key_handle,
394 WERROR expected_result)
395 {
396 struct winreg_OpenKey r;
397
398 ZERO_STRUCT(r);
399 r.in.parent_handle = hive_handle;
400 init_winreg_String(&r.in.keyname, keyname);
401 r.in.options = options;
402 r.in.access_mask = access_mask;
403 r.out.handle = key_handle;
404
405 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_OpenKey_r(b, tctx, &r),
406 "OpenKey failed");
407
408 torture_assert_werr_equal(tctx, r.out.result, expected_result,
409 "OpenKey failed");
410
411 return true;
412 }
413
414 static bool test_OpenKey(struct dcerpc_binding_handle *b,
415 struct torture_context *tctx,
416 struct policy_handle *hive_handle,
417 const char *keyname, struct policy_handle *key_handle)
418 {
419 return test_OpenKey_opts(tctx, b, hive_handle, keyname,
420 REG_KEYTYPE_NON_VOLATILE,
421 SEC_FLAG_MAXIMUM_ALLOWED,
422 key_handle,
423 WERR_OK);
424 }
425
426 static bool test_Cleanup(struct dcerpc_binding_handle *b,
427 struct torture_context *tctx,
428 struct policy_handle *handle, const char *key)
429 {
430 struct winreg_DeleteKey r;
431
432 ZERO_STRUCT(r);
433 r.in.handle = handle;
434
435 init_winreg_String(&r.in.key, key);
436 dcerpc_winreg_DeleteKey_r(b, tctx, &r);
437
438 return true;
439 }
440
441 static bool _test_GetSetSecurityDescriptor(struct dcerpc_pipe *p,
442 struct torture_context *tctx,
443 struct policy_handle *handle,
444 WERROR get_werr,
445 WERROR set_werr)
446 {
447 struct security_descriptor *sd = NULL;
448
449 if (!_test_GetKeySecurity(p, tctx, handle, NULL, get_werr, &sd)) {
450 return false;
451 }
452
453 if (!_test_SetKeySecurity(p, tctx, handle, NULL, sd, set_werr)) {
454 return false;
455 }
456
457 return true;
458 }
459
460 static bool test_SecurityDescriptor(struct dcerpc_pipe *p,
461 struct torture_context *tctx,
462 struct policy_handle *handle,
463 const char *key)
464 {
465 struct policy_handle new_handle;
466 bool ret = true;
467 struct dcerpc_binding_handle *b = p->binding_handle;
468
469 torture_comment(tctx, "SecurityDescriptor get & set\n");
470
471 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
472 return false;
473 }
474
475 if (!_test_GetSetSecurityDescriptor(p, tctx, &new_handle,
476 WERR_OK, WERR_OK)) {
477 ret = false;
478 }
479
480 if (!test_CloseKey(b, tctx, &new_handle)) {
481 return false;
482 }
483
484 return ret;
485 }
486
487 static bool _test_SecurityDescriptor(struct dcerpc_pipe *p,
488 struct torture_context *tctx,
489 struct policy_handle *handle,
490 uint32_t access_mask,
491 const char *key,
492 WERROR open_werr,
493 WERROR get_werr,
494 WERROR set_werr)
495 {
496 struct policy_handle new_handle;
497 bool ret = true;
498 struct dcerpc_binding_handle *b = p->binding_handle;
499
500 torture_assert(tctx,
501 test_OpenKey_opts(tctx, b, handle, key,
502 REG_KEYTYPE_NON_VOLATILE,
503 access_mask,
504 &new_handle,
505 open_werr),
506 "failed to open key");
507
508 if (!W_ERROR_IS_OK(open_werr)) {
509 return true;
510 }
511
512 if (!_test_GetSetSecurityDescriptor(p, tctx, &new_handle,
513 get_werr, set_werr)) {
514 ret = false;
515 }
516
517 if (!test_CloseKey(b, tctx, &new_handle)) {
518 return false;
519 }
520
521 return ret;
522 }
523
524 static bool test_dacl_trustee_present(struct dcerpc_pipe *p,
525 struct torture_context *tctx,
526 struct policy_handle *handle,
527 const struct dom_sid *sid)
528 {
529 struct security_descriptor *sd = NULL;
530 int i;
531
532 if (!test_GetKeySecurity(p, tctx, handle, &sd)) {
533 return false;
534 }
535
536 if (!sd || !sd->dacl) {
537 return false;
538 }
539
540 for (i = 0; i < sd->dacl->num_aces; i++) {
541 if (dom_sid_equal(&sd->dacl->aces[i].trustee, sid)) {
542 return true;
543 }
544 }
545
546 return false;
547 }
548
549 static bool _test_dacl_trustee_present(struct dcerpc_pipe *p,
550 struct torture_context *tctx,
551 struct policy_handle *handle,
552 const char *key,
553 const struct dom_sid *sid)
554 {
555 struct policy_handle new_handle;
556 bool ret = true;
557 struct dcerpc_binding_handle *b = p->binding_handle;
558
559 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
560 return false;
561 }
562
563 ret = test_dacl_trustee_present(p, tctx, &new_handle, sid);
564
565 test_CloseKey(b, tctx, &new_handle);
566
567 return ret;
568 }
569
570 static bool test_sacl_trustee_present(struct dcerpc_pipe *p,
571 struct torture_context *tctx,
572 struct policy_handle *handle,
573 const struct dom_sid *sid)
574 {
575 struct security_descriptor *sd = NULL;
576 int i;
577 uint32_t sec_info = SECINFO_SACL;
578
579 if (!_test_GetKeySecurity(p, tctx, handle, &sec_info, WERR_OK, &sd)) {
580 return false;
581 }
582
583 if (!sd || !sd->sacl) {
584 return false;
585 }
586
587 for (i = 0; i < sd->sacl->num_aces; i++) {
588 if (dom_sid_equal(&sd->sacl->aces[i].trustee, sid)) {
589 return true;
590 }
591 }
592
593 return false;
594 }
595
596 static bool _test_sacl_trustee_present(struct dcerpc_pipe *p,
597 struct torture_context *tctx,
598 struct policy_handle *handle,
599 const char *key,
600 const struct dom_sid *sid)
601 {
602 struct policy_handle new_handle;
603 bool ret = true;
604 struct dcerpc_binding_handle *b = p->binding_handle;
605
606 torture_assert(tctx,
607 test_OpenKey_opts(tctx, b, handle, key,
608 REG_KEYTYPE_NON_VOLATILE,
609 SEC_FLAG_SYSTEM_SECURITY,
610 &new_handle,
611 WERR_OK),
612 "failed to open key");
613
614 ret = test_sacl_trustee_present(p, tctx, &new_handle, sid);
615
616 test_CloseKey(b, tctx, &new_handle);
617
618 return ret;
619 }
620
621 static bool test_owner_present(struct dcerpc_pipe *p,
622 struct torture_context *tctx,
623 struct policy_handle *handle,
624 const struct dom_sid *sid)
625 {
626 struct security_descriptor *sd = NULL;
627 uint32_t sec_info = SECINFO_OWNER;
628
629 if (!_test_GetKeySecurity(p, tctx, handle, &sec_info, WERR_OK, &sd)) {
630 return false;
631 }
632
633 if (!sd || !sd->owner_sid) {
634 return false;
635 }
636
637 return dom_sid_equal(sd->owner_sid, sid);
638 }
639
640 static bool _test_owner_present(struct dcerpc_pipe *p,
641 struct torture_context *tctx,
642 struct policy_handle *handle,
643 const char *key,
644 const struct dom_sid *sid)
645 {
646 struct policy_handle new_handle;
647 bool ret = true;
648 struct dcerpc_binding_handle *b = p->binding_handle;
649
650 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
651 return false;
652 }
653
654 ret = test_owner_present(p, tctx, &new_handle, sid);
655
656 test_CloseKey(b, tctx, &new_handle);
657
658 return ret;
659 }
660
661 static bool test_group_present(struct dcerpc_pipe *p,
662 struct torture_context *tctx,
663 struct policy_handle *handle,
664 const struct dom_sid *sid)
665 {
666 struct security_descriptor *sd = NULL;
667 uint32_t sec_info = SECINFO_GROUP;
668
669 if (!_test_GetKeySecurity(p, tctx, handle, &sec_info, WERR_OK, &sd)) {
670 return false;
671 }
672
673 if (!sd || !sd->group_sid) {
674 return false;
675 }
676
677 return dom_sid_equal(sd->group_sid, sid);
678 }
679
680 static bool _test_group_present(struct dcerpc_pipe *p,
681 struct torture_context *tctx,
682 struct policy_handle *handle,
683 const char *key,
684 const struct dom_sid *sid)
685 {
686 struct policy_handle new_handle;
687 bool ret = true;
688 struct dcerpc_binding_handle *b = p->binding_handle;
689
690 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
691 return false;
692 }
693
694 ret = test_group_present(p, tctx, &new_handle, sid);
695
696 test_CloseKey(b, tctx, &new_handle);
697
698 return ret;
699 }
700
701 static bool test_dacl_trustee_flags_present(struct dcerpc_pipe *p,
702 struct torture_context *tctx,
703 struct policy_handle *handle,
704 const struct dom_sid *sid,
705 uint8_t flags)
706 {
707 struct security_descriptor *sd = NULL;
708 int i;
709
710 if (!test_GetKeySecurity(p, tctx, handle, &sd)) {
711 return false;
712 }
713
714 if (!sd || !sd->dacl) {
715 return false;
716 }
717
718 for (i = 0; i < sd->dacl->num_aces; i++) {
719 if ((dom_sid_equal(&sd->dacl->aces[i].trustee, sid)) &&
720 (sd->dacl->aces[i].flags == flags)) {
721 return true;
722 }
723 }
724
725 return false;
726 }
727
728 static bool test_dacl_ace_present(struct dcerpc_pipe *p,
729 struct torture_context *tctx,
730 struct policy_handle *handle,
731 const struct security_ace *ace)
732 {
733 struct security_descriptor *sd = NULL;
734 int i;
735
736 if (!test_GetKeySecurity(p, tctx, handle, &sd)) {
737 return false;
738 }
739
740 if (!sd || !sd->dacl) {
741 return false;
742 }
743
744 for (i = 0; i < sd->dacl->num_aces; i++) {
745 if (security_ace_equal(&sd->dacl->aces[i], ace)) {
746 return true;
747 }
748 }
749
750 return false;
751 }
752
753 static bool test_RestoreSecurity(struct dcerpc_pipe *p,
754 struct torture_context *tctx,
755 struct policy_handle *handle,
756 const char *key,
757 struct security_descriptor *sd)
758 {
759 struct policy_handle new_handle;
760 bool ret = true;
761 struct dcerpc_binding_handle *b = p->binding_handle;
762
763 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
764 return false;
765 }
766
767 if (!test_SetKeySecurity(p, tctx, &new_handle, sd)) {
768 ret = false;
769 }
770
771 if (!test_CloseKey(b, tctx, &new_handle)) {
772 ret = false;
773 }
774
775 return ret;
776 }
777
778 static bool test_BackupSecurity(struct dcerpc_pipe *p,
779 struct torture_context *tctx,
780 struct policy_handle *handle,
781 const char *key,
782 struct security_descriptor **sd)
783 {
784 struct policy_handle new_handle;
785 bool ret = true;
786 struct dcerpc_binding_handle *b = p->binding_handle;
787
788 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
789 return false;
790 }
791
792 if (!test_GetKeySecurity(p, tctx, &new_handle, sd)) {
793 ret = false;
794 }
795
796 if (!test_CloseKey(b, tctx, &new_handle)) {
797 ret = false;
798 }
799
800 return ret;
801 }
802
803 static bool test_SecurityDescriptorInheritance(struct dcerpc_pipe *p,
804 struct torture_context *tctx,
805 struct policy_handle *handle,
806 const char *key)
807 {
808 /* get sd
809 add ace SEC_ACE_FLAG_CONTAINER_INHERIT
810 set sd
811 get sd
812 check ace
813 add subkey
814 get sd
815 check ace
816 add subsubkey
817 get sd
818 check ace
819 del subsubkey
820 del subkey
821 reset sd
822 */
823
824 struct security_descriptor *sd = NULL;
825 struct security_descriptor *sd_orig = NULL;
826 struct security_ace *ace = NULL;
827 struct policy_handle new_handle;
828 bool ret = true;
829 struct dcerpc_binding_handle *b = p->binding_handle;
830
831 torture_comment(tctx, "SecurityDescriptor inheritance\n");
832
833 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
834 return false;
835 }
836
837 if (!_test_GetKeySecurity(p, tctx, &new_handle, NULL, WERR_OK, &sd)) {
838 return false;
839 }
840
841 sd_orig = security_descriptor_copy(tctx, sd);
842 if (sd_orig == NULL) {
843 return false;
844 }
845
846 ace = security_ace_create(tctx,
847 TEST_SID,
848 SEC_ACE_TYPE_ACCESS_ALLOWED,
849 SEC_STD_REQUIRED,
850 SEC_ACE_FLAG_CONTAINER_INHERIT);
851
852 torture_assert_ntstatus_ok(tctx,
853 security_descriptor_dacl_add(sd, ace),
854 "failed to add ace");
855
856 /* FIXME: add further tests for these flags */
857 sd->type |= SEC_DESC_DACL_AUTO_INHERIT_REQ |
858 SEC_DESC_SACL_AUTO_INHERITED;
859
860 if (!test_SetKeySecurity(p, tctx, &new_handle, sd)) {
861 return false;
862 }
863
864 torture_assert(tctx,
865 test_dacl_ace_present(p, tctx, &new_handle, ace),
866 "new ACE not present!");
867
868 if (!test_CloseKey(b, tctx, &new_handle)) {
869 return false;
870 }
871
872 if (!test_CreateKey(b, tctx, handle, TEST_SUBKEY_SD, NULL)) {
873 ret = false;
874 goto out;
875 }
876
877 if (!test_OpenKey(b, tctx, handle, TEST_SUBKEY_SD, &new_handle)) {
878 ret = false;
879 goto out;
880 }
881
882 if (!test_dacl_ace_present(p, tctx, &new_handle, ace)) {
883 torture_comment(tctx, "inherited ACE not present!\n");
884 ret = false;
885 goto out;
886 }
887
888 test_CloseKey(b, tctx, &new_handle);
889 if (!test_CreateKey(b, tctx, handle, TEST_SUBSUBKEY_SD, NULL)) {
890 ret = false;
891 goto out;
892 }
893
894 if (!test_OpenKey(b, tctx, handle, TEST_SUBSUBKEY_SD, &new_handle)) {
895 ret = false;
896 goto out;
897 }
898
899 if (!test_dacl_ace_present(p, tctx, &new_handle, ace)) {
900 torture_comment(tctx, "inherited ACE not present!\n");
901 ret = false;
902 goto out;
903 }
904
905 out:
906 test_CloseKey(b, tctx, &new_handle);
907 test_Cleanup(b, tctx, handle, TEST_SUBKEY_SD);
908 test_RestoreSecurity(p, tctx, handle, key, sd_orig);
909
910 return true;
911 }
912
913 static bool test_SecurityDescriptorBlockInheritance(struct dcerpc_pipe *p,
914 struct torture_context *tctx,
915 struct policy_handle *handle,
916 const char *key)
917 {
918 /* get sd
919 add ace SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
920 set sd
921 add subkey/subkey
922 get sd
923 check ace
924 get sd from subkey
925 check ace
926 del subkey/subkey
927 del subkey
928 reset sd
929 */
930
931 struct security_descriptor *sd = NULL;
932 struct security_descriptor *sd_orig = NULL;
933 struct security_ace *ace = NULL;
934 struct policy_handle new_handle;
935 struct dom_sid *sid = NULL;
936 bool ret = true;
937 uint8_t ace_flags = 0x0;
938 struct dcerpc_binding_handle *b = p->binding_handle;
939
940 torture_comment(tctx, "SecurityDescriptor inheritance block\n");
941
942 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
943 return false;
944 }
945
946 if (!_test_GetKeySecurity(p, tctx, &new_handle, NULL, WERR_OK, &sd)) {
947 return false;
948 }
949
950 sd_orig = security_descriptor_copy(tctx, sd);
951 if (sd_orig == NULL) {
952 return false;
953 }
954
955 ace = security_ace_create(tctx,
956 TEST_SID,
957 SEC_ACE_TYPE_ACCESS_ALLOWED,
958 SEC_STD_REQUIRED,
959 SEC_ACE_FLAG_CONTAINER_INHERIT |
960 SEC_ACE_FLAG_NO_PROPAGATE_INHERIT);
961
962 torture_assert_ntstatus_ok(tctx,
963 security_descriptor_dacl_add(sd, ace),
964 "failed to add ace");
965
966 if (!_test_SetKeySecurity(p, tctx, &new_handle, NULL, sd, WERR_OK)) {
967 return false;
968 }
969
970 torture_assert(tctx,
971 test_dacl_ace_present(p, tctx, &new_handle, ace),
972 "new ACE not present!");
973
974 if (!test_CloseKey(b, tctx, &new_handle)) {
975 return false;
976 }
977
978 if (!test_CreateKey(b, tctx, handle, TEST_SUBSUBKEY_SD, NULL)) {
979 return false;
980 }
981
982 if (!test_OpenKey(b, tctx, handle, TEST_SUBSUBKEY_SD, &new_handle)) {
983 ret = false;
984 goto out;
985 }
986
987 if (test_dacl_ace_present(p, tctx, &new_handle, ace)) {
988 torture_comment(tctx, "inherited ACE present but should not!\n");
989 ret = false;
990 goto out;
991 }
992
993 sid = dom_sid_parse_talloc(tctx, TEST_SID);
994 if (sid == NULL) {
995 return false;
996 }
997
998 if (test_dacl_trustee_present(p, tctx, &new_handle, sid)) {
999 torture_comment(tctx, "inherited trustee SID present but should not!\n");
1000 ret = false;
1001 goto out;
1002 }
1003
1004 test_CloseKey(b, tctx, &new_handle);
1005
1006 if (!test_OpenKey(b, tctx, handle, TEST_SUBKEY_SD, &new_handle)) {
1007 ret = false;
1008 goto out;
1009 }
1010
1011 if (test_dacl_ace_present(p, tctx, &new_handle, ace)) {
1012 torture_comment(tctx, "inherited ACE present but should not!\n");
1013 ret = false;
1014 goto out;
1015 }
1016
1017 if (!test_dacl_trustee_flags_present(p, tctx, &new_handle, sid, ace_flags)) {
1018 torture_comment(tctx, "inherited trustee SID with flags 0x%02x not present!\n",
1019 ace_flags);
1020 ret = false;
1021 goto out;
1022 }
1023
1024 out:
1025 test_CloseKey(b, tctx, &new_handle);
1026 test_Cleanup(b, tctx, handle, TEST_SUBKEY_SD);
1027 test_RestoreSecurity(p, tctx, handle, key, sd_orig);
1028
1029 return ret;
1030 }
1031
1032 static bool test_SecurityDescriptorsMasks(struct dcerpc_pipe *p,
1033 struct torture_context *tctx,
1034 struct policy_handle *handle,
1035 const char *key)
1036 {
1037 bool ret = true;
1038 int i;
1039
1040 struct winreg_mask_result_table {
1041 uint32_t access_mask;
1042 WERROR open_werr;
1043 WERROR get_werr;
1044 WERROR set_werr;
1045 } sd_mask_tests[] = {
1046 { 0,
1047 WERR_ACCESS_DENIED, WERR_BADFILE, WERR_FOOBAR },
1048 { SEC_FLAG_MAXIMUM_ALLOWED,
1049 WERR_OK, WERR_OK, WERR_OK },
1050 { SEC_STD_WRITE_DAC,
1051 WERR_OK, WERR_ACCESS_DENIED, WERR_FOOBAR },
1052 { SEC_FLAG_SYSTEM_SECURITY,
1053 WERR_OK, WERR_ACCESS_DENIED, WERR_FOOBAR }
1054 };
1055
1056 /* FIXME: before this test can ever run successfully we need a way to
1057 * correctly read a NULL security_descritpor in ndr, get the required
1058 * length, requery, etc.
1059 */
1060
1061 return true;
1062
1063 for (i=0; i < ARRAY_SIZE(sd_mask_tests); i++) {
1064
1065 torture_comment(tctx,
1066 "SecurityDescriptor get & set with access_mask: 0x%08x\n",
1067 sd_mask_tests[i].access_mask);
1068 torture_comment(tctx,
1069 "expecting: open %s, get: %s, set: %s\n",
1070 win_errstr(sd_mask_tests[i].open_werr),
1071 win_errstr(sd_mask_tests[i].get_werr),
1072 win_errstr(sd_mask_tests[i].set_werr));
1073
1074 if (_test_SecurityDescriptor(p, tctx, handle,
1075 sd_mask_tests[i].access_mask, key,
1076 sd_mask_tests[i].open_werr,
1077 sd_mask_tests[i].get_werr,
1078 sd_mask_tests[i].set_werr)) {
1079 ret = false;
1080 }
1081 }
1082
1083 return ret;
1084 }
1085
1086 typedef bool (*secinfo_verify_fn)(struct dcerpc_pipe *,
1087 struct torture_context *,
1088 struct policy_handle *,
1089 const char *,
1090 const struct dom_sid *);
1091
1092 static bool test_SetSecurityDescriptor_SecInfo(struct dcerpc_pipe *p,
1093 struct torture_context *tctx,
1094 struct policy_handle *handle,
1095 const char *key,
1096 const char *test,
1097 uint32_t access_mask,
1098 uint32_t sec_info,
1099 struct security_descriptor *sd,
1100 WERROR set_werr,
1101 bool expect_present,
1102 bool (*fn) (struct dcerpc_pipe *,
1103 struct torture_context *,
1104 struct policy_handle *,
1105 const char *,
1106 const struct dom_sid *),
1107 const struct dom_sid *sid)
1108 {
1109 struct policy_handle new_handle;
1110 struct dcerpc_binding_handle *b = p->binding_handle;
1111
1112 torture_comment(tctx, "SecurityDescriptor (%s) sets for secinfo: "
1113 "0x%08x, access_mask: 0x%08x\n",
1114 test, sec_info, access_mask);
1115
1116 torture_assert(tctx,
1117 test_OpenKey_opts(tctx, b, handle, key,
1118 REG_KEYTYPE_NON_VOLATILE,
1119 access_mask,
1120 &new_handle,
1121 WERR_OK),
1122 "failed to open key");
1123
1124 if (!_test_SetKeySecurity(p, tctx, &new_handle, &sec_info,
1125 sd,
1126 set_werr)) {
1127 torture_warning(tctx,
1128 "SetKeySecurity with secinfo: 0x%08x has failed\n",
1129 sec_info);
1130 smb_panic("");
1131 test_CloseKey(b, tctx, &new_handle);
1132 return false;
1133 }
1134
1135 test_CloseKey(b, tctx, &new_handle);
1136
1137 if (W_ERROR_IS_OK(set_werr)) {
1138 bool present;
1139 present = fn(p, tctx, handle, key, sid);
1140 if ((expect_present) && (!present)) {
1141 torture_warning(tctx,
1142 "%s sid is not present!\n",
1143 test);
1144 return false;
1145 }
1146 if ((!expect_present) && (present)) {
1147 torture_warning(tctx,
1148 "%s sid is present but not expected!\n",
1149 test);
1150 return false;
1151 }
1152 }
1153
1154 return true;
1155 }
1156
1157 static bool test_SecurityDescriptorsSecInfo(struct dcerpc_pipe *p,
1158 struct torture_context *tctx,
1159 struct policy_handle *handle,
1160 const char *key)
1161 {
1162 struct security_descriptor *sd_orig = NULL;
1163 struct dom_sid *sid = NULL;
1164 bool ret = true;
1165 int i, a;
1166
1167 struct security_descriptor *sd_owner =
1168 security_descriptor_dacl_create(tctx,
1169 0,
1170 TEST_SID, NULL, NULL);
1171
1172 struct security_descriptor *sd_group =
1173 security_descriptor_dacl_create(tctx,
1174 0,
1175 NULL, TEST_SID, NULL);
1176
1177 struct security_descriptor *sd_dacl =
1178 security_descriptor_dacl_create(tctx,
1179 0,
1180 NULL, NULL,
1181 TEST_SID,
1182 SEC_ACE_TYPE_ACCESS_ALLOWED,
1183 SEC_GENERIC_ALL,
1184 0,
1185 SID_NT_AUTHENTICATED_USERS,
1186 SEC_ACE_TYPE_ACCESS_ALLOWED,
1187 SEC_GENERIC_ALL,
1188 0,
1189 NULL);
1190
1191 struct security_descriptor *sd_sacl =
1192 security_descriptor_sacl_create(tctx,
1193 0,
1194 NULL, NULL,
1195 TEST_SID,
1196 SEC_ACE_TYPE_SYSTEM_AUDIT,
1197 SEC_GENERIC_ALL,
1198 SEC_ACE_FLAG_SUCCESSFUL_ACCESS,
1199 NULL);
1200
1201 struct winreg_secinfo_table {
1202 struct security_descriptor *sd;
1203 uint32_t sec_info;
1204 WERROR set_werr;
1205 bool sid_present;
1206 secinfo_verify_fn fn;
1207 };
1208
1209 struct winreg_secinfo_table sec_info_owner_tests[] = {
1210 { sd_owner, 0, WERR_OK,
1211 false, (secinfo_verify_fn)_test_owner_present },
1212 { sd_owner, SECINFO_OWNER, WERR_OK,
1213 true, (secinfo_verify_fn)_test_owner_present },
1214 { sd_owner, SECINFO_GROUP, WERR_INVALID_PARAM },
1215 { sd_owner, SECINFO_DACL, WERR_OK,
1216 true, (secinfo_verify_fn)_test_owner_present },
1217 { sd_owner, SECINFO_SACL, WERR_ACCESS_DENIED },
1218 };
1219
1220 uint32_t sd_owner_good_access_masks[] = {
1221 SEC_FLAG_MAXIMUM_ALLOWED,
1222 /* SEC_STD_WRITE_OWNER, */
1223 };
1224
1225 struct winreg_secinfo_table sec_info_group_tests[] = {
1226 { sd_group, 0, WERR_OK,
1227 false, (secinfo_verify_fn)_test_group_present },
1228 { sd_group, SECINFO_OWNER, WERR_INVALID_PARAM },
1229 { sd_group, SECINFO_GROUP, WERR_OK,
1230 true, (secinfo_verify_fn)_test_group_present },
1231 { sd_group, SECINFO_DACL, WERR_OK,
1232 true, (secinfo_verify_fn)_test_group_present },
1233 { sd_group, SECINFO_SACL, WERR_ACCESS_DENIED },
1234 };
1235
1236 uint32_t sd_group_good_access_masks[] = {
1237 SEC_FLAG_MAXIMUM_ALLOWED,
1238 };
1239
1240 struct winreg_secinfo_table sec_info_dacl_tests[] = {
1241 { sd_dacl, 0, WERR_OK,
1242 false, (secinfo_verify_fn)_test_dacl_trustee_present },
1243 { sd_dacl, SECINFO_OWNER, WERR_INVALID_PARAM },
1244 { sd_dacl, SECINFO_GROUP, WERR_INVALID_PARAM },
1245 { sd_dacl, SECINFO_DACL, WERR_OK,
1246 true, (secinfo_verify_fn)_test_dacl_trustee_present },
1247 { sd_dacl, SECINFO_SACL, WERR_ACCESS_DENIED },
1248 };
1249
1250 uint32_t sd_dacl_good_access_masks[] = {
1251 SEC_FLAG_MAXIMUM_ALLOWED,
1252 SEC_STD_WRITE_DAC,
1253 };
1254
1255 struct winreg_secinfo_table sec_info_sacl_tests[] = {
1256 { sd_sacl, 0, WERR_OK,
1257 false, (secinfo_verify_fn)_test_sacl_trustee_present },
1258 { sd_sacl, SECINFO_OWNER, WERR_INVALID_PARAM },
1259 { sd_sacl, SECINFO_GROUP, WERR_INVALID_PARAM },
1260 { sd_sacl, SECINFO_DACL, WERR_OK,
1261 false, (secinfo_verify_fn)_test_sacl_trustee_present },
1262 { sd_sacl, SECINFO_SACL, WERR_OK,
1263 true, (secinfo_verify_fn)_test_sacl_trustee_present },
1264 };
1265
1266 uint32_t sd_sacl_good_access_masks[] = {
1267 SEC_FLAG_MAXIMUM_ALLOWED | SEC_FLAG_SYSTEM_SECURITY,
1268 /* SEC_FLAG_SYSTEM_SECURITY, */
1269 };
1270
1271 sid = dom_sid_parse_talloc(tctx, TEST_SID);
1272 if (sid == NULL) {
1273 return false;
1274 }
1275
1276 if (!test_BackupSecurity(p, tctx, handle, key, &sd_orig)) {
1277 return false;
1278 }
1279
1280 /* OWNER */
1281
1282 for (i=0; i < ARRAY_SIZE(sec_info_owner_tests); i++) {
1283
1284 for (a=0; a < ARRAY_SIZE(sd_owner_good_access_masks); a++) {
1285
1286 if (!test_SetSecurityDescriptor_SecInfo(p, tctx, handle,
1287 key,
1288 "OWNER",
1289 sd_owner_good_access_masks[a],
1290 sec_info_owner_tests[i].sec_info,
1291 sec_info_owner_tests[i].sd,
1292 sec_info_owner_tests[i].set_werr,
1293 sec_info_owner_tests[i].sid_present,
1294 sec_info_owner_tests[i].fn,
1295 sid))
1296 {
1297 torture_comment(tctx, "test_SetSecurityDescriptor_SecInfo failed for OWNER\n");
1298 ret = false;
1299 goto out;
1300 }
1301 }
1302 }
1303
1304 /* GROUP */
1305
1306 for (i=0; i < ARRAY_SIZE(sec_info_group_tests); i++) {
1307
1308 for (a=0; a < ARRAY_SIZE(sd_group_good_access_masks); a++) {
1309
1310 if (!test_SetSecurityDescriptor_SecInfo(p, tctx, handle,
1311 key,
1312 "GROUP",
1313 sd_group_good_access_masks[a],
1314 sec_info_group_tests[i].sec_info,
1315 sec_info_group_tests[i].sd,
1316 sec_info_group_tests[i].set_werr,
1317 sec_info_group_tests[i].sid_present,
1318 sec_info_group_tests[i].fn,
1319 sid))
1320 {
1321 torture_comment(tctx, "test_SetSecurityDescriptor_SecInfo failed for GROUP\n");
1322 ret = false;
1323 goto out;
1324 }
1325 }
1326 }
1327
1328 /* DACL */
1329
1330 for (i=0; i < ARRAY_SIZE(sec_info_dacl_tests); i++) {
1331
1332 for (a=0; a < ARRAY_SIZE(sd_dacl_good_access_masks); a++) {
1333
1334 if (!test_SetSecurityDescriptor_SecInfo(p, tctx, handle,
1335 key,
1336 "DACL",
1337 sd_dacl_good_access_masks[a],
1338 sec_info_dacl_tests[i].sec_info,
1339 sec_info_dacl_tests[i].sd,
1340 sec_info_dacl_tests[i].set_werr,
1341 sec_info_dacl_tests[i].sid_present,
1342 sec_info_dacl_tests[i].fn,
1343 sid))
1344 {
1345 torture_comment(tctx, "test_SetSecurityDescriptor_SecInfo failed for DACL\n");
1346 ret = false;
1347 goto out;
1348 }
1349 }
1350 }
1351
1352 /* SACL */
1353
1354 for (i=0; i < ARRAY_SIZE(sec_info_sacl_tests); i++) {
1355
1356 for (a=0; a < ARRAY_SIZE(sd_sacl_good_access_masks); a++) {
1357
1358 if (!test_SetSecurityDescriptor_SecInfo(p, tctx, handle,
1359 key,
1360 "SACL",
1361 sd_sacl_good_access_masks[a],
1362 sec_info_sacl_tests[i].sec_info,
1363 sec_info_sacl_tests[i].sd,
1364 sec_info_sacl_tests[i].set_werr,
1365 sec_info_sacl_tests[i].sid_present,
1366 sec_info_sacl_tests[i].fn,
1367 sid))
1368 {
1369 torture_comment(tctx, "test_SetSecurityDescriptor_SecInfo failed for SACL\n");
1370 ret = false;
1371 goto out;
1372 }
1373 }
1374 }
1375
1376 out:
1377 test_RestoreSecurity(p, tctx, handle, key, sd_orig);
1378
1379 return ret;
1380 }
1381
1382 static bool test_SecurityDescriptors(struct dcerpc_pipe *p,
1383 struct torture_context *tctx,
1384 struct policy_handle *handle,
1385 const char *key)
1386 {
1387 bool ret = true;
1388
1389 if (!test_SecurityDescriptor(p, tctx, handle, key)) {
1390 torture_comment(tctx, "test_SecurityDescriptor failed\n");
1391 ret = false;
1392 }
1393
1394 if (!test_SecurityDescriptorInheritance(p, tctx, handle, key)) {
1395 torture_comment(tctx, "test_SecurityDescriptorInheritance failed\n");
1396 ret = false;
1397 }
1398
1399 if (!test_SecurityDescriptorBlockInheritance(p, tctx, handle, key)) {
1400 torture_comment(tctx, "test_SecurityDescriptorBlockInheritance failed\n");
1401 ret = false;
1402 }
1403
1404 if (!test_SecurityDescriptorsSecInfo(p, tctx, handle, key)) {
1405 torture_comment(tctx, "test_SecurityDescriptorsSecInfo failed\n");
1406 ret = false;
1407 }
1408
1409 if (!test_SecurityDescriptorsMasks(p, tctx, handle, key)) {
1410 torture_comment(tctx, "test_SecurityDescriptorsMasks failed\n");
1411 ret = false;
1412 }
1413
1414 return ret;
1415 }
1416
1417 static bool test_DeleteKey_opts(struct dcerpc_binding_handle *b,
1418 struct torture_context *tctx,
1419 struct policy_handle *handle,
1420 const char *key,
1421 WERROR expected_result)
1422 {
1423 struct winreg_DeleteKey r;
1424
1425 torture_comment(tctx, "Testing DeleteKey(%s)\n", key);
1426
1427 r.in.handle = handle;
1428 init_winreg_String(&r.in.key, key);
1429
1430 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_DeleteKey_r(b, tctx, &r),
1431 "Delete Key failed");
1432 torture_assert_werr_equal(tctx, r.out.result, expected_result,
1433 "DeleteKey failed");
1434
1435 return true;
1436 }
1437
1438 static bool test_DeleteKey(struct dcerpc_binding_handle *b,
1439 struct torture_context *tctx,
1440 struct policy_handle *handle, const char *key)
1441 {
1442 return test_DeleteKey_opts(b, tctx, handle, key, WERR_OK);
1443 }
1444
1445 static bool test_QueryInfoKey(struct dcerpc_binding_handle *b,
1446 struct torture_context *tctx,
1447 struct policy_handle *handle, char *kclass)
1448 {
1449 struct winreg_QueryInfoKey r;
1450 uint32_t num_subkeys, max_subkeylen, max_classlen,
1451 num_values, max_valnamelen, max_valbufsize,
1452 secdescsize;
1453 NTTIME last_changed_time;
1454
1455 ZERO_STRUCT(r);
1456 r.in.handle = handle;
1457 r.out.num_subkeys = &num_subkeys;
1458 r.out.max_subkeylen = &max_subkeylen;
1459 r.out.max_classlen = &max_classlen;
1460 r.out.num_values = &num_values;
1461 r.out.max_valnamelen = &max_valnamelen;
1462 r.out.max_valbufsize = &max_valbufsize;
1463 r.out.secdescsize = &secdescsize;
1464 r.out.last_changed_time = &last_changed_time;
1465
1466 r.out.classname = talloc(tctx, struct winreg_String);
1467
1468 r.in.classname = talloc(tctx, struct winreg_String);
1469 init_winreg_String(r.in.classname, kclass);
1470
1471 torture_assert_ntstatus_ok(tctx,
1472 dcerpc_winreg_QueryInfoKey_r(b, tctx, &r),
1473 "QueryInfoKey failed");
1474
1475 torture_assert_werr_ok(tctx, r.out.result, "QueryInfoKey failed");
1476
1477 return true;
1478 }
1479
1480 static bool test_SetValue(struct dcerpc_binding_handle *b,
1481 struct torture_context *tctx,
1482 struct policy_handle *handle,
1483 const char *value_name,
1484 enum winreg_Type type,
1485 uint8_t *data,
1486 uint32_t size)
1487 {
1488 struct winreg_SetValue r;
1489 struct winreg_String name;
1490
1491 torture_comment(tctx, "Testing SetValue(%s), type: %s, offered: 0x%08x)\n",
1492 value_name, str_regtype(type), size);
1493
1494 init_winreg_String(&name, value_name);
1495
1496 r.in.handle = handle;
1497 r.in.name = name;
1498 r.in.type = type;
1499 r.in.data = data;
1500 r.in.size = size;
1501
1502 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_SetValue_r(b, tctx, &r),
1503 "winreg_SetValue failed");
1504 torture_assert_werr_ok(tctx, r.out.result,
1505 "winreg_SetValue failed");
1506
1507 return true;
1508 }
1509
1510 static bool test_DeleteValue(struct dcerpc_binding_handle *b,
1511 struct torture_context *tctx,
1512 struct policy_handle *handle,
1513 const char *value_name)
1514 {
1515 struct winreg_DeleteValue r;
1516 struct winreg_String value;
1517
1518 torture_comment(tctx, "Testing DeleteValue(%s)\n", value_name);
1519
1520 init_winreg_String(&value, value_name);
1521
1522 r.in.handle = handle;
1523 r.in.value = value;
1524
1525 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_DeleteValue_r(b, tctx, &r),
1526 "winreg_DeleteValue failed");
1527 torture_assert_werr_ok(tctx, r.out.result,
1528 "winreg_DeleteValue failed");
1529
1530 return true;
1531 }
1532
1533 static bool test_key(struct dcerpc_pipe *p, struct torture_context *tctx,
1534 struct policy_handle *handle, int depth,
1535 bool test_security);
1536
1537 static bool test_EnumKey(struct dcerpc_pipe *p, struct torture_context *tctx,
1538 struct policy_handle *handle, int depth,
1539 bool test_security)
1540 {
1541 struct winreg_EnumKey r;
1542 struct winreg_StringBuf kclass, name;
1543 NTSTATUS status;
1544 NTTIME t = 0;
1545 struct dcerpc_binding_handle *b = p->binding_handle;
1546
1547 kclass.name = "";
1548 kclass.size = 1024;
1549
1550 ZERO_STRUCT(r);
1551 r.in.handle = handle;
1552 r.in.enum_index = 0;
1553 r.in.name = &name;
1554 r.in.keyclass = &kclass;
1555 r.out.name = &name;
1556 r.in.last_changed_time = &t;
1557
1558 do {
1559 name.name = NULL;
1560 name.size = 1024;
1561
1562 status = dcerpc_winreg_EnumKey_r(b, tctx, &r);
1563
1564 if (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(r.out.result)) {
1565 struct policy_handle key_handle;
1566
1567 torture_comment(tctx, "EnumKey: %d: %s\n",
1568 r.in.enum_index,
1569 r.out.name->name);
1570
1571 if (!test_OpenKey(b, tctx, handle, r.out.name->name,
1572 &key_handle)) {
1573 } else {
1574 test_key(p, tctx, &key_handle,
1575 depth + 1, test_security);
1576 }
1577 }
1578
1579 r.in.enum_index++;
1580
1581 } while (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(r.out.result));
1582
1583 torture_assert_ntstatus_ok(tctx, status, "EnumKey failed");
1584
1585 if (!W_ERROR_IS_OK(r.out.result) &&
1586 !W_ERROR_EQUAL(r.out.result, WERR_NO_MORE_ITEMS)) {
1587 torture_fail(tctx, "EnumKey failed");
1588 }
1589
1590 return true;
1591 }
1592
1593 static bool test_QueryMultipleValues(struct dcerpc_binding_handle *b,
1594 struct torture_context *tctx,
1595 struct policy_handle *handle,
1596 const char *valuename)
1597 {
1598 struct winreg_QueryMultipleValues r;
1599 NTSTATUS status;
1600 uint32_t bufsize=0;
1601
1602 ZERO_STRUCT(r);
1603 r.in.key_handle = handle;
1604 r.in.values = r.out.values = talloc_array(tctx, struct QueryMultipleValue, 1);
1605 r.in.values[0].name = talloc(tctx, struct winreg_String);
1606 r.in.values[0].name->name = valuename;
1607 r.in.values[0].offset = 0;
1608 r.in.values[0].length = 0;
1609 r.in.values[0].type = 0;
1610
1611 r.in.num_values = 1;
1612 r.in.buffer_size = r.out.buffer_size = talloc(tctx, uint32_t);
1613 *r.in.buffer_size = bufsize;
1614 do {
1615 *r.in.buffer_size = bufsize;
1616 r.in.buffer = r.out.buffer = talloc_zero_array(tctx, uint8_t,
1617 *r.in.buffer_size);
1618
1619 status = dcerpc_winreg_QueryMultipleValues_r(b, tctx, &r);
1620
1621 if(NT_STATUS_IS_ERR(status))
1622 torture_fail(tctx, "QueryMultipleValues failed");
1623
1624 talloc_free(r.in.buffer);
1625 bufsize += 0x20;
1626 } while (W_ERROR_EQUAL(r.out.result, WERR_MORE_DATA));
1627
1628 torture_assert_werr_ok(tctx, r.out.result, "QueryMultipleValues failed");
1629
1630 return true;
1631 }
1632
1633 static bool test_QueryValue(struct dcerpc_binding_handle *b,
1634 struct torture_context *tctx,
1635 struct policy_handle *handle,
1636 const char *valuename)
1637 {
1638 struct winreg_QueryValue r;
1639 NTSTATUS status;
1640 enum winreg_Type zero_type = 0;
1641 uint32_t offered = 0xfff;
1642 uint32_t zero = 0;
1643
1644 ZERO_STRUCT(r);
1645 r.in.handle = handle;
1646 r.in.data = NULL;
1647 r.in.value_name = talloc_zero(tctx, struct winreg_String);
1648 r.in.value_name->name = valuename;
1649 r.in.type = &zero_type;
1650 r.in.data_size = &offered;
1651 r.in.data_length = &zero;
1652
1653 status = dcerpc_winreg_QueryValue_r(b, tctx, &r);
1654 if (NT_STATUS_IS_ERR(status)) {
1655 torture_fail(tctx, "QueryValue failed");
1656 }
1657
1658 torture_assert_werr_ok(tctx, r.out.result, "QueryValue failed");
1659
1660 return true;
1661 }
1662
1663 static bool test_QueryValue_full(struct dcerpc_binding_handle *b,
1664 struct torture_context *tctx,
1665 struct policy_handle *handle,
1666 const char *valuename,
1667 bool existing_value)
1668 {
1669 struct winreg_QueryValue r;
1670 struct winreg_String value_name;
1671 enum winreg_Type type = REG_NONE;
1672 uint32_t data_size = 0;
1673 uint32_t real_data_size = 0;
1674 uint32_t data_length = 0;
1675 uint8_t *data = NULL;
1676 WERROR expected_error = WERR_BADFILE;
1677
1678 if (valuename == NULL) {
1679 expected_error = WERR_INVALID_PARAM;
1680 }
1681
1682 ZERO_STRUCT(r);
1683
1684 init_winreg_String(&value_name, NULL);
1685
1686 torture_comment(tctx, "Testing QueryValue(%s)\n", valuename);
1687
1688 r.in.handle = handle;
1689 r.in.value_name = &value_name;
1690
1691 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r), "QueryValue failed");
1692 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAM,
1693 "expected WERR_INVALID_PARAM for NULL winreg_String.name");
1694
1695 init_winreg_String(&value_name, valuename);
1696 r.in.value_name = &value_name;
1697
1698 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r),
1699 "QueryValue failed");
1700 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAM,
1701 "QueryValue failed");
1702
1703 r.in.type = &type;
1704 r.out.type = &type;
1705 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r),
1706 "QueryValue failed");
1707 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAM,
1708 "QueryValue failed");
1709
1710 r.in.data_length = &data_length;
1711 r.out.data_length = &data_length;
1712 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r),
1713 "QueryValue failed");
1714 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAM,
1715 "QueryValue failed");
1716
1717 r.in.data_size = &data_size;
1718 r.out.data_size = &data_size;
1719 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r),
1720 "QueryValue failed");
1721 if (existing_value) {
1722 torture_assert_werr_ok(tctx, r.out.result,
1723 "QueryValue failed");
1724 } else {
1725 torture_assert_werr_equal(tctx, r.out.result, expected_error,
1726 "QueryValue failed");
1727 }
1728
1729 real_data_size = *r.out.data_size;
1730
1731 data = talloc_zero_array(tctx, uint8_t, 0);
1732 r.in.data = data;
1733 r.out.data = data;
1734 *r.in.data_size = 0;
1735 *r.out.data_size = 0;
1736 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r),
1737 "QueryValue failed");
1738 if (existing_value) {
1739 torture_assert_werr_equal(tctx, r.out.result, WERR_MORE_DATA,
1740 "QueryValue failed");
1741 } else {
1742 torture_assert_werr_equal(tctx, r.out.result, expected_error,
1743 "QueryValue failed");
1744 }
1745
1746 data = talloc_zero_array(tctx, uint8_t, real_data_size);
1747 r.in.data = data;
1748 r.out.data = data;
1749 r.in.data_size = &real_data_size;
1750 r.out.data_size = &real_data_size;
1751 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r),
1752 "QueryValue failed");
1753 if (existing_value) {
1754 torture_assert_werr_ok(tctx, r.out.result,
1755 "QueryValue failed");
1756 } else {
1757 torture_assert_werr_equal(tctx, r.out.result, expected_error,
1758 "QueryValue failed");
1759 }
1760
1761 return true;
1762 }
1763
1764 static bool test_EnumValue(struct dcerpc_binding_handle *b,
1765 struct torture_context *tctx,
1766 struct policy_handle *handle, int max_valnamelen,
1767 int max_valbufsize)
1768 {
1769 struct winreg_EnumValue r;
1770 enum winreg_Type type = 0;
1771 uint32_t size = max_valbufsize, zero = 0;
1772 bool ret = true;
1773 uint8_t buf8;
1774 struct winreg_ValNameBuf name;
1775
1776 name.name = "";
1777 name.size = 1024;
1778
1779 ZERO_STRUCT(r);
1780 r.in.handle = handle;
1781 r.in.enum_index = 0;
1782 r.in.name = &name;
1783 r.out.name = &name;
1784 r.in.type = &type;
1785 r.in.value = &buf8;
1786 r.in.length = &zero;
1787 r.in.size = &size;
1788
1789 do {
1790 torture_assert_ntstatus_ok(tctx,
1791 dcerpc_winreg_EnumValue_r(b, tctx, &r),
1792 "EnumValue failed");
1793
1794 if (W_ERROR_IS_OK(r.out.result)) {
1795 ret &= test_QueryValue(b, tctx, handle,
1796 r.out.name->name);
1797 ret &= test_QueryMultipleValues(b, tctx, handle,
1798 r.out.name->name);
1799 }
1800
1801 r.in.enum_index++;
1802 } while (W_ERROR_IS_OK(r.out.result));
1803
1804 torture_assert_werr_equal(tctx, r.out.result, WERR_NO_MORE_ITEMS,
1805 "EnumValue failed");
1806
1807 return ret;
1808 }
1809
1810 static bool test_AbortSystemShutdown(struct dcerpc_binding_handle *b,
1811 struct torture_context *tctx)
1812 {
1813 struct winreg_AbortSystemShutdown r;
1814 uint16_t server = 0x0;
1815
1816 ZERO_STRUCT(r);
1817 r.in.server = &server;
1818
1819 torture_assert_ntstatus_ok(tctx,
1820 dcerpc_winreg_AbortSystemShutdown_r(b, tctx, &r),
1821 "AbortSystemShutdown failed");
1822
1823 torture_assert_werr_ok(tctx, r.out.result,
1824 "AbortSystemShutdown failed");
1825
1826 return true;
1827 }
1828
1829 static bool test_InitiateSystemShutdown(struct torture_context *tctx,
1830 struct dcerpc_pipe *p)
1831 {
1832 struct winreg_InitiateSystemShutdown r;
1833 uint16_t hostname = 0x0;
1834 struct dcerpc_binding_handle *b = p->binding_handle;
1835
1836 ZERO_STRUCT(r);
1837 r.in.hostname = &hostname;
1838 r.in.message = talloc(tctx, struct lsa_StringLarge);
1839 init_lsa_StringLarge(r.in.message, "spottyfood");
1840 r.in.force_apps = 1;
1841 r.in.timeout = 30;
1842 r.in.do_reboot = 1;
1843
1844 torture_assert_ntstatus_ok(tctx,
1845 dcerpc_winreg_InitiateSystemShutdown_r(b, tctx, &r),
1846 "InitiateSystemShutdown failed");
1847
1848 torture_assert_werr_ok(tctx, r.out.result,
1849 "InitiateSystemShutdown failed");
1850
1851 return test_AbortSystemShutdown(b, tctx);
1852 }
1853
1854
1855 static bool test_InitiateSystemShutdownEx(struct torture_context *tctx,
1856 struct dcerpc_pipe *p)
1857 {
1858 struct winreg_InitiateSystemShutdownEx r;
1859 uint16_t hostname = 0x0;
1860 struct dcerpc_binding_handle *b = p->binding_handle;
1861
1862 ZERO_STRUCT(r);
1863 r.in.hostname = &hostname;
1864 r.in.message = talloc(tctx, struct lsa_StringLarge);
1865 init_lsa_StringLarge(r.in.message, "spottyfood");
1866 r.in.force_apps = 1;
1867 r.in.timeout = 30;
1868 r.in.do_reboot = 1;
1869 r.in.reason = 0;
1870
1871 torture_assert_ntstatus_ok(tctx,
1872 dcerpc_winreg_InitiateSystemShutdownEx_r(b, tctx, &r),
1873 "InitiateSystemShutdownEx failed");
1874
1875 torture_assert_werr_ok(tctx, r.out.result,
1876 "InitiateSystemShutdownEx failed");
1877
1878 return test_AbortSystemShutdown(b, tctx);
1879 }
1880 #define MAX_DEPTH 2 /* Only go this far down the tree */
1881
1882 static bool test_key(struct dcerpc_pipe *p, struct torture_context *tctx,
1883 struct policy_handle *handle, int depth,
1884 bool test_security)
1885 {
1886 struct dcerpc_binding_handle *b = p->binding_handle;
1887
1888 if (depth == MAX_DEPTH)
1889 return true;
1890
1891 if (!test_QueryInfoKey(b, tctx, handle, NULL)) {
1892 }
1893
1894 if (!test_NotifyChangeKeyValue(b, tctx, handle)) {
1895 }
1896
1897 if (test_security && !test_GetKeySecurity(p, tctx, handle, NULL)) {
1898 }
1899
1900 if (!test_EnumKey(p, tctx, handle, depth, test_security)) {
1901 }
1902
1903 if (!test_EnumValue(b, tctx, handle, 0xFF, 0xFFFF)) {
1904 }
1905
1906 test_CloseKey(b, tctx, handle);
1907
1908 return true;
1909 }
1910
1911 static bool test_SetValue_simple(struct dcerpc_binding_handle *b,
1912 struct torture_context *tctx,
1913 struct policy_handle *handle)
1914 {
1915 const char *value_name = TEST_VALUE;
1916 uint32_t value = 0x12345678;
1917 const char *string = "torture";
1918 DATA_BLOB blob;
1919 enum winreg_Type types[] = {
1920 REG_DWORD,
1921 REG_BINARY,
1922 REG_SZ,
1923 REG_MULTI_SZ
1924 };
1925 int t;
1926
1927 torture_comment(tctx, "Testing SetValue (standard formats)\n");
1928
1929 for (t=0; t < ARRAY_SIZE(types); t++) {
1930
1931 enum winreg_Type w_type;
1932 uint32_t w_size, w_length;
1933 uint8_t *w_data;
1934
1935 switch (types[t]) {
1936 case REG_DWORD:
1937 blob = data_blob_talloc_zero(tctx, 4);
1938 SIVAL(blob.data, 0, value);
1939 break;
1940 case REG_BINARY:
1941 blob = data_blob_string_const("binary_blob");
1942 break;
1943 case REG_SZ:
1944 torture_assert(tctx,
1945 convert_string_talloc_convenience(tctx, lp_iconv_convenience(tctx->lp_ctx),
1946 CH_UNIX, CH_UTF16,
1947 string,
1948 strlen(string)+1,
1949 (void **)&blob.data,
1950 &blob.length,
1951 false), "");
1952 break;
1953 case REG_MULTI_SZ:
1954 torture_assert(tctx,
1955 convert_string_talloc_convenience(tctx, lp_iconv_convenience(tctx->lp_ctx),
1956 CH_UNIX, CH_UTF16,
1957 string,
1958 strlen(string)+1,
1959 (void **)&blob.data,
1960 &blob.length,
1961 false), "");
1962 torture_assert(tctx, data_blob_realloc(tctx, &blob, blob.length + 2), "");
1963 memset(&blob.data[blob.length - 2], '\0', 2);
1964 break;
1965 default:
1966 break;
1967 }
1968
1969 torture_assert(tctx,
1970 test_SetValue(b, tctx, handle, value_name, types[t], blob.data, blob.length),
1971 "test_SetValue failed");
1972 torture_assert(tctx,
1973 test_QueryValue_full(b, tctx, handle, value_name, true),
1974 talloc_asprintf(tctx, "test_QueryValue_full for %s value failed", value_name));
1975 torture_assert(tctx,
1976 test_winreg_QueryValue(tctx, b, handle, value_name, &w_type, &w_size, &w_length, &w_data),
1977 "test_winreg_QueryValue failed");
1978 torture_assert(tctx,
1979 test_DeleteValue(b, tctx, handle, value_name),
1980 "test_DeleteValue failed");
1981
1982 torture_assert_int_equal(tctx, w_type, types[t], "winreg type mismatch");
1983 torture_assert_int_equal(tctx, w_size, blob.length, "winreg size mismatch");
1984 torture_assert_int_equal(tctx, w_length, blob.length, "winreg length mismatch");
1985 torture_assert_mem_equal(tctx, w_data, blob.data, blob.length, "winreg buffer mismatch");
1986 }
1987
1988 torture_comment(tctx, "Testing SetValue (standard formats) succeeded\n");
1989
1990 return true;
1991 }
1992
1993 typedef NTSTATUS (*winreg_open_fn)(struct dcerpc_binding_handle *, TALLOC_CTX *, void *);
1994
1995 static bool test_Open_Security(struct torture_context *tctx,
1996 struct dcerpc_pipe *p, void *userdata)
1997 {
1998 struct policy_handle handle, newhandle;
1999 bool ret = true, created2 = false;
2000 bool created4 = false;
2001 struct winreg_OpenHKLM r;
2002 struct dcerpc_binding_handle *b = p->binding_handle;
2003
2004 winreg_open_fn open_fn = userdata;
2005
2006 ZERO_STRUCT(r);
2007 r.in.system_name = 0;
2008 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2009 r.out.handle = &handle;
2010
2011 torture_assert_ntstatus_ok(tctx, open_fn(b, tctx, &r),
2012 "open");
2013
2014 test_Cleanup(b, tctx, &handle, TEST_KEY_BASE);
2015
2016 if (!test_CreateKey(b, tctx, &handle, TEST_KEY_BASE, NULL)) {
2017 torture_comment(tctx,
2018 "CreateKey (TEST_KEY_BASE) failed\n");
2019 }
2020
2021 if (test_CreateKey_sd(b, tctx, &handle, TEST_KEY2,
2022 NULL, &newhandle)) {
2023 created2 = true;
2024 }
2025
2026 if (created2 && !test_CloseKey(b, tctx, &newhandle)) {
2027 torture_comment(tctx, "CloseKey failed\n");
2028 ret = false;
2029 }
2030
2031 if (test_CreateKey_sd(b, tctx, &handle, TEST_KEY4, NULL, &newhandle)) {
2032 created4 = true;
2033 }
2034
2035 if (created4 && !test_CloseKey(b, tctx, &newhandle)) {
2036 torture_comment(tctx, "CloseKey failed\n");
2037 ret = false;
2038 }
2039
2040 if (created4 && !test_SecurityDescriptors(p, tctx, &handle, TEST_KEY4)) {
2041 ret = false;
2042 }
2043
2044 if (created4 && !test_DeleteKey(b, tctx, &handle, TEST_KEY4)) {
2045 torture_comment(tctx, "DeleteKey failed\n");
2046 ret = false;
2047 }
2048
2049 if (created2 && !test_DeleteKey(b, tctx, &handle, TEST_KEY2)) {
2050 torture_comment(tctx, "DeleteKey failed\n");
2051 ret = false;
2052 }
2053
2054 /* The HKCR hive has a very large fanout */
2055 if (open_fn == (void *)dcerpc_winreg_OpenHKCR_r) {
2056 if(!test_key(p, tctx, &handle, MAX_DEPTH - 1, true)) {
2057 ret = false;
2058 }
2059 } else {
2060 if (!test_key(p, tctx, &handle, 0, true)) {
2061 ret = false;
2062 }
2063 }
2064
2065 test_Cleanup(b, tctx, &handle, TEST_KEY_BASE);
2066
2067 return ret;
2068 }
2069
2070 static bool test_SetValue_extended(struct dcerpc_binding_handle *b,
2071 struct torture_context *tctx,
2072 struct policy_handle *handle)
2073 {
2074 const char *value_name = TEST_VALUE;
2075 enum winreg_Type types[] = {
2076 REG_NONE,
2077 REG_SZ,
2078 REG_EXPAND_SZ,
2079 REG_BINARY,
2080 REG_DWORD,
2081 REG_DWORD_BIG_ENDIAN,
2082 REG_LINK,
2083 REG_MULTI_SZ,
2084 REG_RESOURCE_LIST,
2085 REG_FULL_RESOURCE_DESCRIPTOR,
2086 REG_RESOURCE_REQUIREMENTS_LIST,
2087 REG_QWORD,
2088 12,
2089 13,
2090 14,
2091 55,
2092 123456,
2093 653210,
2094 __LINE__
2095 };
2096 int t, l;
2097
2098 if (torture_setting_bool(tctx, "samba3", false) ||
2099 torture_setting_bool(tctx, "samba4", false)) {
2100 torture_skip(tctx, "skipping extended SetValue test against Samba");
2101 }
2102
2103 torture_comment(tctx, "Testing SetValue (extended formats)\n");
2104
2105 for (t=0; t < ARRAY_SIZE(types); t++) {
2106 for (l=0; l < 32; l++) {
2107
2108 enum winreg_Type w_type;
2109 uint32_t w_size, w_length;
2110 uint8_t *w_data;
2111
2112 uint32_t size;
2113 uint8_t *data;
2114
2115 size = l;
2116 data = talloc_array(tctx, uint8_t, size);
2117
2118 generate_random_buffer(data, size);
2119
2120 torture_assert(tctx,
2121 test_SetValue(b, tctx, handle, value_name, types[t], data, size),
2122 "test_SetValue failed");
2123
2124 torture_assert(tctx,
2125 test_winreg_QueryValue(tctx, b, handle, value_name, &w_type, &w_size, &w_length, &w_data),
2126 "test_winreg_QueryValue failed");
2127
2128 torture_assert(tctx,
2129 test_DeleteValue(b, tctx, handle, value_name),
2130 "test_DeleteValue failed");
2131
2132 torture_assert_int_equal(tctx, w_type, types[t], "winreg type mismatch");
2133 torture_assert_int_equal(tctx, w_size, size, "winreg size mismatch");
2134 torture_assert_int_equal(tctx, w_length, size, "winreg length mismatch");
2135 torture_assert_mem_equal(tctx, w_data, data, size, "winreg buffer mismatch");
2136 }
2137 }
2138
2139 torture_comment(tctx, "Testing SetValue (extended formats) succeeded\n");
2140
2141 return true;
2142 }
2143
2144 #define KEY_CURRENT_VERSION "SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION"
2145 #define VALUE_CURRENT_VERSION "CurrentVersion"
2146
2147 static bool test_HKLM_wellknown(struct torture_context *tctx,
2148 struct dcerpc_binding_handle *b,
2149 struct policy_handle *handle)
2150 {
2151 struct policy_handle newhandle;
2152
2153 /* FIXME: s3 does not support SEC_FLAG_MAXIMUM_ALLOWED yet */
2154 if (torture_setting_bool(tctx, "samba3", false)) {
2155 torture_assert(tctx, test_OpenKey_opts(tctx, b, handle,
2156 KEY_CURRENT_VERSION,
2157 REG_KEYTYPE_NON_VOLATILE,
2158 KEY_QUERY_VALUE,
2159 &newhandle,
2160 WERR_OK),
2161 "failed to open current version key");
2162 } else {
2163 torture_assert(tctx, test_OpenKey(b, tctx, handle, KEY_CURRENT_VERSION, &newhandle),
2164 "failed to open current version key");
2165 }
2166
2167 torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, VALUE_CURRENT_VERSION, true),
2168 "failed to query current version");
2169 torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, "IDoNotExist", false),
2170 "failed to query current version");
2171 torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, NULL, false),
2172 "test_QueryValue_full for NULL value failed");
2173 torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, "", false),
2174 "test_QueryValue_full for \"\" value failed");
2175
2176 torture_assert(tctx, test_CloseKey(b, tctx, &newhandle),
2177 "failed to close current version key");
2178
2179 return true;
2180 }
2181
2182 static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p,
2183 void *userdata)
2184 {
2185 struct policy_handle handle, newhandle;
2186 bool ret = true, created = false, deleted = false;
2187 bool created3 = false, created_subkey = false;
2188 struct winreg_OpenHKLM r;
2189 struct dcerpc_binding_handle *b = p->binding_handle;
2190
2191 winreg_open_fn open_fn = userdata;
2192
2193 ZERO_STRUCT(r);
2194 r.in.system_name = 0;
2195 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2196 r.out.handle = &handle;
2197
2198 torture_assert_ntstatus_ok(tctx, open_fn(b, tctx, &r),
2199 "open");
2200
2201 if (open_fn == (void *)dcerpc_winreg_OpenHKLM_r) {
2202 torture_assert(tctx,
2203 test_HKLM_wellknown(tctx, b, &handle),
2204 "failed to test HKLM wellknown keys");
2205 }
2206
2207 test_Cleanup(b, tctx, &handle, TEST_KEY_BASE);
2208
2209 if (!test_CreateKey(b, tctx, &handle, TEST_KEY_BASE, NULL)) {
2210 torture_comment(tctx,
2211 "CreateKey (TEST_KEY_BASE) failed\n");
2212 }
2213
2214 if (!test_CreateKey(b, tctx, &handle, TEST_KEY1, NULL)) {
2215 torture_comment(tctx,
2216 "CreateKey failed - not considering a failure\n");
2217 } else {
2218 created = true;
2219 }
2220
2221 if (created && !test_FlushKey(b, tctx, &handle)) {
2222 torture_comment(tctx, "FlushKey failed\n");
2223 ret = false;
2224 }
2225
2226 if (created && !test_OpenKey(b, tctx, &handle, TEST_KEY1, &newhandle))
2227 torture_fail(tctx,
2228 "CreateKey failed (OpenKey after Create didn't work)\n");
2229
2230 if (created) {
2231 torture_assert(tctx, test_SetValue_simple(b, tctx, &newhandle),
2232 "simple SetValue test failed");
2233 torture_assert(tctx, test_SetValue_extended(b, tctx, &newhandle),
2234 "extended SetValue test failed");
2235 }
2236
2237 if (created && !test_CloseKey(b, tctx, &newhandle))
2238 torture_fail(tctx,
2239 "CreateKey failed (CloseKey after Open didn't work)\n");
2240
2241 if (created && !test_DeleteKey(b, tctx, &handle, TEST_KEY1)) {
2242 torture_comment(tctx, "DeleteKey failed\n");
2243 ret = false;
2244 } else {
2245 deleted = true;
2246 }
2247
2248 if (created && !test_FlushKey(b, tctx, &handle)) {
2249 torture_comment(tctx, "FlushKey failed\n");
2250 ret = false;
2251 }
2252
2253 if (created && deleted &&
2254 !test_OpenKey_opts(tctx, b, &handle, TEST_KEY1,
2255 REG_KEYTYPE_NON_VOLATILE,
2256 SEC_FLAG_MAXIMUM_ALLOWED,
2257 &newhandle,
2258 WERR_BADFILE)) {
2259 torture_comment(tctx,
2260 "DeleteKey failed (OpenKey after Delete "
2261 "did not return WERR_BADFILE)\n");
2262 ret = false;
2263 }
2264
2265 if (!test_GetVersion(b, tctx, &handle)) {
2266 torture_comment(tctx, "GetVersion failed\n");
2267 ret = false;
2268 }
2269
2270 if (created && test_CreateKey(b, tctx, &handle, TEST_KEY3, NULL)) {
2271 created3 = true;
2272 }
2273
2274 if (created3 &&
2275 test_CreateKey(b, tctx, &handle, TEST_SUBKEY, NULL)) {
2276 created_subkey = true;
2277 }
2278
2279 if (created_subkey &&
2280 !test_DeleteKey(b, tctx, &handle, TEST_KEY3)) {
2281 torture_comment(tctx, "DeleteKey failed\n");
2282 ret = false;
2283 }
2284
2285 /* The HKCR hive has a very large fanout */
2286 if (open_fn == (void *)dcerpc_winreg_OpenHKCR_r) {
2287 if(!test_key(p, tctx, &handle, MAX_DEPTH - 1, false)) {
2288 ret = false;
2289 }
2290 } else {
2291 if (!test_key(p, tctx, &handle, 0, false)) {
2292 ret = false;
2293 }
2294 }
2295
2296 test_Cleanup(b, tctx, &handle, TEST_KEY_BASE);
2297
2298 return ret;
2299 }
2300
2301 struct torture_suite *torture_rpc_winreg(TALLOC_CTX *mem_ctx)
2302 {
2303 struct torture_rpc_tcase *tcase;
2304 struct torture_suite *suite = torture_suite_create(mem_ctx, "WINREG");
2305 struct torture_test *test;
2306
2307 tcase = torture_suite_add_rpc_iface_tcase(suite, "winreg",
2308 &ndr_table_winreg);
2309
2310 test = torture_rpc_tcase_add_test(tcase, "InitiateSystemShutdown",
2311 test_InitiateSystemShutdown);
2312 test->dangerous = true;
2313
2314 test = torture_rpc_tcase_add_test(tcase, "InitiateSystemShutdownEx",
2315 test_InitiateSystemShutdownEx);
2316 test->dangerous = true;
2317
2318 /* Basic tests without security descriptors */
2319 torture_rpc_tcase_add_test_ex(tcase, "HKLM-basic",
2320 test_Open,
2321 (winreg_open_fn)dcerpc_winreg_OpenHKLM_r);
2322 torture_rpc_tcase_add_test_ex(tcase, "HKU-basic",
2323 test_Open,
2324 (winreg_open_fn)dcerpc_winreg_OpenHKU_r);
2325 torture_rpc_tcase_add_test_ex(tcase, "HKCR-basic",
2326 test_Open,
2327 (winreg_open_fn)dcerpc_winreg_OpenHKCR_r);
2328 torture_rpc_tcase_add_test_ex(tcase, "HKCU-basic",
2329 test_Open,
2330 (winreg_open_fn)dcerpc_winreg_OpenHKCU_r);
2331
2332 /* Security descriptor tests */
2333 torture_rpc_tcase_add_test_ex(tcase, "HKLM-security",
2334 test_Open_Security,
2335 (winreg_open_fn)dcerpc_winreg_OpenHKLM_r);
2336 torture_rpc_tcase_add_test_ex(tcase, "HKU-security",
2337 test_Open_Security,
2338 (winreg_open_fn)dcerpc_winreg_OpenHKU_r);
2339 torture_rpc_tcase_add_test_ex(tcase, "HKCR-security",
2340 test_Open_Security,
2341 (winreg_open_fn)dcerpc_winreg_OpenHKCR_r);
2342 torture_rpc_tcase_add_test_ex(tcase, "HKCU-security",
2343 test_Open_Security,
2344 (winreg_open_fn)dcerpc_winreg_OpenHKCU_r);
2345
2346 return suite;
2347 }