search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
auth/credentials: don't ignore "client use kerberos" and --use-kerberos for machine...
[Samba.git] / source3 / torture / test_idmap_tdb_common.c
blob825ee3ef92e90bbee03adc57f0dc798575e8cf2f
1 /*
2 Unix SMB/CIFS implementation.
3 IDMAP TDB common code tester
4
5 Copyright (C) Christian Ambach 2012
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "system/filesys.h"
23 #include "torture/proto.h"
24 #include "idmap.h"
25 #include "winbindd/idmap_rw.h"
26 #include "winbindd/idmap_tdb_common.h"
27 #include "winbindd/winbindd.h"
28 #include "winbindd/winbindd_proto.h"
29 #include "dbwrap/dbwrap.h"
30 #include "dbwrap/dbwrap_open.h"
31 #include "../libcli/security/dom_sid.h"
32
33 #define HWM_GROUP "GROUP HWM"
34 #define HWM_USER "USER HWM"
35
36 #define LOW_ID 100
37 #define HIGH_ID 199
38
39 #define DOM_SID1 "S-1-5-21-1234-5678-9012"
40 #define DOM_SID2 "S-1-5-21-0123-5678-9012"
41 #define DOM_SID3 "S-1-5-21-0012-5678-9012"
42 #define DOM_SID4 "S-1-5-21-0001-5678-9012"
43 #define DOM_SID5 "S-1-5-21-2345-5678-9012"
44 #define DOM_SID6 "S-1-5-21-3456-5678-9012"
45
46 /* overwrite some winbind internal functions */
47 struct winbindd_domain *find_domain_from_name(const char *domain_name)
48 {
49 return NULL;
50 }
51
52 bool get_global_winbindd_state_offline(void) {
53 return false;
54 }
55
56 bool winbindd_use_idmap_cache(void) {
57 return false;
58 }
59
60 static bool open_db(struct idmap_tdb_common_context *ctx)
61 {
62 NTSTATUS status;
63 char *db_path;
64
65 if(ctx->db) {
66 /* already open */
67 return true;
68 }
69
70 db_path = talloc_asprintf(talloc_tos(), "%s/idmap_test.tdb",
71 lp_private_dir());
72 if(!db_path) {
73 DEBUG(0, ("Out of memory!\n"));
74 return false;
75 }
76
77 ctx->db = db_open(ctx, db_path, 0, TDB_DEFAULT,
78 O_RDWR | O_CREAT, 0600,
79 DBWRAP_LOCK_ORDER_1, DBWRAP_FLAG_NONE);
80
81 if(!ctx->db) {
82 DEBUG(0, ("Failed to open database: %s\n", strerror(errno)));
83 return false;
84 }
85
86 if(dbwrap_transaction_start(ctx->db) != 0) {
87 DEBUG(0, ("Failed to start transaction!\n"));
88 return false;
89 }
90
91 status = dbwrap_store_uint32_bystring(ctx->db, ctx->hwmkey_uid,
92 LOW_ID);
93 if(!NT_STATUS_IS_OK(status)) {
94 dbwrap_transaction_cancel(ctx->db);
95 return false;
96 }
97
98 status = dbwrap_store_uint32_bystring(ctx->db, ctx->hwmkey_gid,
99 LOW_ID);
100 if(!NT_STATUS_IS_OK(status)) {
101 dbwrap_transaction_cancel(ctx->db);
102 return false;
103 }
104
105 if(dbwrap_transaction_commit(ctx->db) != 0) {
106 DEBUG(0, ("Failed to commit transaction!\n"));
107 return false;
108 }
109
110 return true;
111 }
112
113 static NTSTATUS idmap_test_tdb_db_init(struct idmap_domain *dom)
114 {
115 struct idmap_tdb_common_context *ret;
116
117 DBG_DEBUG("called for domain '%s'\n", dom->name);
118
119 ret = talloc_zero(dom, struct idmap_tdb_common_context);
120 if (ret == NULL) {
121 return NT_STATUS_NO_MEMORY;
122 }
123 ret->rw_ops = talloc_zero(ret, struct idmap_rw_ops);
124 if (ret->rw_ops == NULL) {
125 TALLOC_FREE(ret);
126 return NT_STATUS_NO_MEMORY;
127 }
128
129 ret->max_id = HIGH_ID;
130 ret->hwmkey_uid = HWM_USER;
131 ret->hwmkey_gid = HWM_GROUP;
132
133 ret->rw_ops->get_new_id = idmap_tdb_common_get_new_id;
134 ret->rw_ops->set_mapping = idmap_tdb_common_set_mapping;
135
136 if (!open_db(ret)) {
137 TALLOC_FREE(ret);
138 return NT_STATUS_INTERNAL_ERROR;
139 };
140
141 dom->private_data = ret;
142
143 return NT_STATUS_OK;
144 }
145
146 static struct idmap_domain *createdomain(TALLOC_CTX *memctx)
147 {
148 struct idmap_domain *dom;
149 struct idmap_methods *m;
150
151 dom = talloc_zero(memctx, struct idmap_domain);
152 dom->name = "*";
153 dom->low_id = LOW_ID;
154 dom->high_id = HIGH_ID;
155 dom->read_only = false;
156 m = talloc_zero(dom, struct idmap_methods);
157 *m = (struct idmap_methods) {
158 .init = idmap_test_tdb_db_init,
159 .sids_to_unixids = idmap_tdb_common_sids_to_unixids,
160 .unixids_to_sids = idmap_tdb_common_unixids_to_sids,
161 .allocate_id = idmap_tdb_common_get_new_id,
162 };
163 dom->methods = m;
164
165 return dom;
166 }
167
168 static bool test_getnewid1(TALLOC_CTX *memctx, struct idmap_domain *dom)
169 {
170 NTSTATUS status;
171 struct unixid id;
172
173 id.type = ID_TYPE_UID;
174
175 status = idmap_tdb_common_get_new_id(dom, &id);
176
177 if(!NT_STATUS_IS_OK(status)) {
178 DEBUG(0, ("test_getnewid1: Could not allocate id!\n"));
179 return false;
180 }
181
182 if(id.id == 0) {
183 DEBUG(0, ("test_getnewid1: Allocate returned "
184 "empty id!\n"));
185 return false;
186 }
187
188 if(id.id > HIGH_ID || id.id < LOW_ID) {
189 DEBUG(0, ("test_getnewid1: Allocate returned "
190 "out of range id!\n"));
191 return false;
192 }
193
194 DEBUG(0, ("test_getnewid1: PASSED!\n"));
195
196 return true;
197 }
198
199 static bool test_getnewid2(TALLOC_CTX *memctx, struct idmap_domain *dom)
200 {
201 NTSTATUS status;
202 struct unixid id;
203 int i, left;
204
205 id.type = ID_TYPE_UID;
206
207 status = idmap_tdb_common_get_new_id(dom, &id);
208
209 if(!NT_STATUS_IS_OK(status)) {
210 DEBUG(0, ("test_getnewid2: Could not allocate id!\n"));
211 return false;
212 }
213
214 if(id.id == 0) {
215 DEBUG(0, ("test_getnewid2: Allocate returned "
216 "empty id!\n"));
217 return false;
218 }
219
220 if(id.id > HIGH_ID || id.id < LOW_ID) {
221 DEBUG(0, ("test_getnewid2: Allocate returned "
222 "out of range id!\n"));
223 return false;
224 }
225
226 /* how many ids are left? */
227
228 left = HIGH_ID - id.id;
229
230 /* consume them all */
231 for(i = 0; i<left; i++) {
232
233 status = idmap_tdb_common_get_new_id(dom, &id);
234
235 if(!NT_STATUS_IS_OK(status)) {
236 DEBUG(0, ("test_getnewid2: Allocate returned "
237 "error %s\n", nt_errstr(status)));
238 return false;
239 }
240
241 if(id.id > HIGH_ID) {
242 DEBUG(0, ("test_getnewid2: Allocate returned "
243 "out of range id (%d)!\n", id.id));
244 return false;
245 }
246 }
247
248 /* one more must fail */
249 status = idmap_tdb_common_get_new_id(dom, &id);
250
251 if(NT_STATUS_IS_OK(status)) {
252 DEBUG(0, ("test_getnewid2: Could allocate id (%d) from "
253 "depleted pool!\n", id.id));
254 return false;
255 }
256
257 DEBUG(0, ("test_getnewid2: PASSED!\n"));
258
259 return true;
260 }
261
262 static bool test_setmap1(TALLOC_CTX *memctx, struct idmap_domain *dom)
263 {
264 NTSTATUS status;
265 struct id_map map;
266
267 ZERO_STRUCT(map);
268
269 /* test for correct return code with invalid data */
270
271 status = idmap_tdb_common_set_mapping(dom, NULL);
272 if(!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
273 DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
274 return false;
275 }
276
277 status = idmap_tdb_common_set_mapping(dom, &map);
278 if(!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
279 DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
280 return false;
281 }
282
283 map.sid = dom_sid_parse_talloc(memctx, DOM_SID1 "-100");
284
285 map.xid.type = ID_TYPE_NOT_SPECIFIED;
286 map.xid.id = 4711;
287
288 status = idmap_tdb_common_set_mapping(dom, &map);
289 if(!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
290 DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
291 return false;
292 }
293
294 /* now the good ones */
295 map.xid.type = ID_TYPE_UID;
296 map.xid.id = 0;
297
298 status = idmap_tdb_common_get_new_id(dom, &(map.xid));
299 if(!NT_STATUS_IS_OK(status)) {
300 DEBUG(0, ("test_setmap1: get_new_uid failed!\n"));
301 return false;
302 }
303
304 status = idmap_tdb_common_set_mapping(dom, &map);
305 if(!NT_STATUS_IS_OK(status)) {
306 DEBUG(0, ("test_setmap1: setting UID mapping failed!\n"));
307 return false;
308 }
309
310 /* try to set the same mapping again as group (must fail) */
311
312 map.xid.type = ID_TYPE_GID;
313 status = idmap_tdb_common_set_mapping(dom, &map);
314 if(NT_STATUS_IS_OK(status)) {
315 DEBUG(0, ("test_setmap1: could create map for "
316 "group and user!\n"));
317 return false;
318 }
319
320 /* now a group with a different SID*/
321 map.xid.id = 0;
322
323 map.sid = dom_sid_parse_talloc(memctx, DOM_SID1 "-101");
324
325 status = idmap_tdb_common_get_new_id(dom, &(map.xid));
326 if(!NT_STATUS_IS_OK(status)) {
327 DEBUG(0, ("test_setmap1: get_new_gid failed!\n"));
328 return false;
329 }
330
331 status = idmap_tdb_common_set_mapping(dom, &map);
332 if(!NT_STATUS_IS_OK(status)) {
333 DEBUG(0, ("test_setmap1: setting GID mapping failed!\n"));
334 return false;
335 }
336 DEBUG(0, ("test_setmap1: PASSED!\n"));
337
338 return true;
339 }
340
341 static bool test_sid2unixid1(TALLOC_CTX *memctx, struct idmap_domain *dom)
342 {
343 NTSTATUS status1, status2, status3;
344 struct id_map map;
345
346 /* check for correct dealing with bad parameters */
347 status1 = idmap_tdb_common_sid_to_unixid(NULL, &map);
348 status2 = idmap_tdb_common_sid_to_unixid(dom, NULL);
349 status3 = idmap_tdb_common_sid_to_unixid(NULL, NULL);
350
351 if(!NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status1) ||
352 !NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status2) ||
353 !NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status3)) {
354 DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
355 return false;
356 }
357
358 DEBUG(0, ("test_unixid2sid1: PASSED!\n"));
359
360 return true;
361 }
362
363 static bool test_sid2unixid2(TALLOC_CTX *memctx, struct idmap_domain *dom)
364 {
365 NTSTATUS status;
366 struct id_map uid_map, gid_map, test_map;
367 bool doagain = true;
368
369 ZERO_STRUCT(uid_map);
370 ZERO_STRUCT(gid_map);
371
372 /* create two mappings for a UID and GID */
373
374 again:
375
376 uid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID2 "-1000");
377 uid_map.xid.type = ID_TYPE_UID;
378
379 gid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID2 "-1001");
380 gid_map.xid.type = ID_TYPE_GID;
381
382 status = idmap_tdb_common_new_mapping(dom, &uid_map);
383 if(!NT_STATUS_IS_OK(status)) {
384 DEBUG(0, ("test_sid2unixid2: could not create uid map!\n"));
385 return false;
386 }
387
388 status = idmap_tdb_common_new_mapping(dom, &gid_map);
389 if(!NT_STATUS_IS_OK(status)) {
390 DEBUG(0, ("test_sid2unixid2: could not create gid map!\n"));
391 return false;
392 }
393
394 /* now read them back */
395 ZERO_STRUCT(test_map);
396 test_map.sid = uid_map.sid;
397
398 status = idmap_tdb_common_sid_to_unixid(dom, &test_map);
399 if(!NT_STATUS_IS_OK(status)) {
400 DEBUG(0, ("test_sid2unixid2: sid2unixid failed for uid!\n"));
401 return false;
402 }
403
404 if(test_map.xid.id!=uid_map.xid.id) {
405 DEBUG(0, ("test_sid2unixid2: sid2unixid returned wrong uid!\n"));
406 return false;
407 }
408
409 test_map.sid = gid_map.sid;
410
411 status = idmap_tdb_common_sid_to_unixid(dom, &test_map);
412 if(!NT_STATUS_IS_OK(status)) {
413 DEBUG(0, ("test_sid2unixid2: sid2unixid failed for gid!\n"));
414 return false;
415 }
416
417 if(test_map.xid.id!=gid_map.xid.id) {
418 DEBUG(0, ("test_sid2unixid2: sid2unixid returned wrong gid!\n"));
419 return false;
420 }
421
422 /*
423 * Go through the same tests again once to see if trying to recreate
424 * a mapping that was already created will work or not
425 */
426 if(doagain) {
427 doagain = false;
428 goto again;
429 }
430
431 DEBUG(0, ("test_sid2unixid2: PASSED!\n"));
432
433 return true;
434 }
435
436 static bool test_sids2unixids1(TALLOC_CTX *memctx, struct idmap_domain *dom)
437 {
438 NTSTATUS status;
439 struct id_map uid_map, gid_map, **test_maps;
440
441 ZERO_STRUCT(uid_map);
442 ZERO_STRUCT(gid_map);
443
444 /* create two mappings for a UID and GID */
445
446 uid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID4 "-1000");
447 uid_map.xid.type = ID_TYPE_UID;
448
449 gid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID4 "-1001");
450 gid_map.xid.type = ID_TYPE_GID;
451
452 status = idmap_tdb_common_new_mapping(dom, &uid_map);
453 if(!NT_STATUS_IS_OK(status)) {
454 DEBUG(0, ("test_sids2unixids1: could not create uid map!\n"));
455 return false;
456 }
457
458 status = idmap_tdb_common_new_mapping(dom, &gid_map);
459 if(!NT_STATUS_IS_OK(status)) {
460 DEBUG(0, ("test_sids2unixids1: could not create gid map!\n"));
461 return false;
462 }
463
464 /* now read them back */
465 test_maps = talloc_zero_array(memctx, struct id_map*, 3);
466
467 test_maps[0] = talloc(test_maps, struct id_map);
468 test_maps[1] = talloc(test_maps, struct id_map);
469 test_maps[2] = NULL;
470
471 test_maps[0]->sid = talloc(test_maps, struct dom_sid);
472 test_maps[1]->sid = talloc(test_maps, struct dom_sid);
473 sid_copy(test_maps[0]->sid, uid_map.sid);
474 sid_copy(test_maps[1]->sid, gid_map.sid);
475
476 status = idmap_tdb_common_sids_to_unixids(dom, test_maps);
477 if(!NT_STATUS_IS_OK(status)) {
478 DEBUG(0, ("test_sids2sunixids1: sids2unixids failed!\n"));
479 talloc_free(test_maps);
480 return false;
481 }
482
483 if(test_maps[0]->xid.id!=uid_map.xid.id ||
484 test_maps[1]->xid.id!=gid_map.xid.id ) {
485 DEBUG(0, ("test_sids2unixids1: sid2unixid returned wrong xid!\n"));
486 talloc_free(test_maps);
487 return false;
488 }
489
490 DEBUG(0, ("test_sids2unixids1: PASSED!\n"));
491
492 talloc_free(test_maps);
493
494 return true;
495 }
496
497 static bool test_sids2unixids2(TALLOC_CTX *memctx, struct idmap_domain *dom)
498 {
499 NTSTATUS status;
500 struct id_map **test_maps;
501 struct unixid save;
502
503 test_maps = talloc_zero_array(memctx, struct id_map*, 3);
504
505 test_maps[0] = talloc(test_maps, struct id_map);
506 test_maps[1] = talloc(test_maps, struct id_map);
507 test_maps[2] = NULL;
508
509 /* ask for two new mappings for a UID and GID */
510 test_maps[0]->sid = dom_sid_parse_talloc(test_maps, DOM_SID4 "-1003");
511 test_maps[0]->xid.type = ID_TYPE_UID;
512 test_maps[1]->sid = dom_sid_parse_talloc(test_maps, DOM_SID4 "-1004");
513 test_maps[1]->xid.type = ID_TYPE_GID;
514
515 status = idmap_tdb_common_sids_to_unixids(dom, test_maps);
516 if(!NT_STATUS_IS_OK(status)) {
517 DEBUG(0, ("test_sids2sunixids2: sids2unixids "
518 "failed (%s)!\n", nt_errstr(status)));
519 talloc_free(test_maps);
520 return false;
521 }
522
523 if(test_maps[0]->xid.id == 0 || test_maps[1]->xid.id == 0) {
524 DEBUG(0, ("test_sids2sunixids2: sids2unixids "
525 "returned zero ids!\n"));
526 talloc_free(test_maps);
527 return false;
528 }
529
530 save = test_maps[1]->xid;
531
532 /* ask for a known and a new mapping at the same time */
533 talloc_free(test_maps);
534 test_maps = talloc_zero_array(memctx, struct id_map*, 3);
535 test_maps[0] = talloc(test_maps, struct id_map);
536 test_maps[1] = talloc(test_maps, struct id_map);
537 test_maps[2] = NULL;
538
539 test_maps[0]->sid = dom_sid_parse_talloc(test_maps, DOM_SID4 "-1004");
540 test_maps[0]->xid.type = ID_TYPE_GID;
541 test_maps[1]->sid = dom_sid_parse_talloc(test_maps, DOM_SID4 "-1005");
542 test_maps[1]->xid.type = ID_TYPE_UID;
543
544 status = idmap_tdb_common_sids_to_unixids(dom, test_maps);
545 if(!NT_STATUS_IS_OK(status)) {
546 DEBUG(0, ("test_sids2sunixids2: sids2unixids (2) "
547 "failed (%s)!\n", nt_errstr(status)));
548 talloc_free(test_maps);
549 return false;
550 }
551
552 if(test_maps[0]->xid.type != save.type ||
553 test_maps[0]->xid.id != save.id) {
554 DEBUG(0, ("test_sids2sunixids2: second lookup returned "
555 "different value!\n"));
556 talloc_free(test_maps);
557 return false;
558 }
559
560 if(test_maps[1]->xid.id == 0) {
561 DEBUG(0, ("test_sids2sunixids2: sids2unixids "
562 "returned zero id for mixed mapping request!\n"));
563 talloc_free(test_maps);
564 return false;
565 }
566
567 DEBUG(0, ("test_sids2unixids2: PASSED!\n"));
568
569 talloc_free(test_maps);
570
571 return true;
572 }
573
574 static bool test_sids2unixids3(TALLOC_CTX *memctx, struct idmap_domain *dom)
575 {
576 NTSTATUS status;
577 struct id_map **test_maps;
578 bool retval = true;
579
580 /*
581 * check the mapping states:
582 * NONE_MAPPED, SOME_UNMAPPED, OK (all mapped)
583 *
584 * use the ids created by test_sids2unixids1
585 * need to make dom read-only
586 */
587
588 dom->read_only = true;
589
590 test_maps = talloc_zero_array(memctx, struct id_map*, 3);
591
592 test_maps[0] = talloc(test_maps, struct id_map);
593 test_maps[1] = talloc(test_maps, struct id_map);
594 test_maps[2] = NULL;
595
596 /* NONE_MAPPED first */
597 test_maps[0]->sid = talloc(test_maps, struct dom_sid);
598 test_maps[1]->sid = talloc(test_maps, struct dom_sid);
599 test_maps[0]->sid = dom_sid_parse_talloc(test_maps,
600 "S-1-5-21-1-2-3-4");
601 test_maps[0]->xid.type = ID_TYPE_UID;
602
603 test_maps[1]->sid = dom_sid_parse_talloc(test_maps,
604 "S-1-5-21-1-2-3-5");
605 test_maps[1]->xid.type = ID_TYPE_GID;
606
607 status = idmap_tdb_common_sids_to_unixids(dom, test_maps);
608 if(!NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) {
609 DEBUG(0, ("test_sids2unixids3: incorrect status "
610 "(%s), expected NT_STATUS_NONE_MAPPED!\n",
611 nt_errstr(status)));
612 retval = false;
613 goto out;
614 }
615
616 /* SOME_UNMAPPED */
617 test_maps[0]->sid = talloc(test_maps, struct dom_sid);
618 test_maps[1]->sid = talloc(test_maps, struct dom_sid);
619 test_maps[0]->sid = dom_sid_parse_talloc(test_maps,
620 DOM_SID4 "-1000");
621 test_maps[0]->xid.type = ID_TYPE_UID;
622 test_maps[1]->sid = dom_sid_parse_talloc(test_maps,
623 "S-1-5-21-1-2-3-5");
624 test_maps[1]->xid.type = ID_TYPE_GID;
625
626 status = idmap_tdb_common_sids_to_unixids(dom, test_maps);
627 if(!NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
628 DEBUG(0, ("test_sids2unixids3: incorrect status "
629 "(%s), expected STATUS_SOME_UNMAPPED!\n",
630 nt_errstr(status)));
631 retval = false;
632 goto out;
633 }
634
635 /* OK */
636 test_maps[0]->sid = talloc(test_maps, struct dom_sid);
637 test_maps[1]->sid = talloc(test_maps, struct dom_sid);
638 test_maps[0]->sid = dom_sid_parse_talloc(test_maps,
639 DOM_SID4 "-1001");
640 test_maps[1]->sid = dom_sid_parse_talloc(test_maps,
641 DOM_SID4 "-1000");
642
643 status = idmap_tdb_common_sids_to_unixids(dom, test_maps);
644 if(!NT_STATUS_IS_OK(status)) {
645 DEBUG(0, ("test_sids2unixids3: incorrect status "
646 "(%s), expected NT_STATUS_OK!\n",
647 nt_errstr(status)));
648 retval = false;
649 goto out;
650 }
651
652 DEBUG(0, ("test_sids2unixids3: PASSED!\n"));
653
654 out:
655 talloc_free(test_maps);
656 dom->read_only = false;
657 return retval;
658 }
659
660 static bool test_unixid2sid1(TALLOC_CTX *memctx, struct idmap_domain *dom)
661 {
662 NTSTATUS status1, status2, status3;
663 struct id_map map;
664
665 /* check for correct dealing with bad parameters */
666 status1 = idmap_tdb_common_unixid_to_sid(NULL, &map);
667 status2 = idmap_tdb_common_unixid_to_sid(dom, NULL);
668 status3 = idmap_tdb_common_unixid_to_sid(NULL, NULL);
669
670 if(!NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status1) ||
671 !NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status2) ||
672 !NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status3)) {
673 DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
674 return false;
675 }
676
677 DEBUG(0, ("test_unixid2sid1: PASSED!\n"));
678
679 return true;
680 }
681
682 static bool test_unixid2sid2(TALLOC_CTX *memctx, struct idmap_domain *dom)
683 {
684 NTSTATUS status;
685 struct id_map *map;
686 bool retval = true;
687
688 /* ask for mapping that is outside of the range */
689 map = talloc(memctx, struct id_map);
690 map->sid = talloc(map, struct dom_sid);
691
692 map->xid.type = ID_TYPE_UID;
693 map->xid.id = HIGH_ID + 1;
694
695 status = idmap_tdb_common_unixid_to_sid(dom, map);
696 if(NT_STATUS_IS_OK(status)) {
697 DEBUG(0, ("test_unixid2sid2: unixid2sid returned "
698 "out-of-range result\n"));
699 retval = false;
700 goto out;
701 }
702
703 DEBUG(0, ("test_unixid2sid2: PASSED!\n"));
704 out:
705 talloc_free(map);
706 return retval;
707
708 }
709
710 static bool test_unixid2sid3(TALLOC_CTX *memctx, struct idmap_domain *dom)
711 {
712 NTSTATUS status;
713 struct id_map uid_map, gid_map, test_map;
714 struct dom_sid testsid;
715
716 ZERO_STRUCT(uid_map);
717 ZERO_STRUCT(gid_map);
718
719 /* create two mappings for a UID and GID */
720 uid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID3 "-1000");
721 uid_map.xid.type = ID_TYPE_UID;
722
723 gid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID3 "-1001");
724 gid_map.xid.type = ID_TYPE_GID;
725
726 status = idmap_tdb_common_new_mapping(dom, &uid_map);
727 if(!NT_STATUS_IS_OK(status)) {
728 DEBUG(0, ("test_unixid2sid3: could not create uid map!\n"));
729 return false;
730 }
731
732 status = idmap_tdb_common_new_mapping(dom, &gid_map);
733 if(!NT_STATUS_IS_OK(status)) {
734 DEBUG(0, ("test_unixid2sid3: could not create gid map!\n"));
735 return false;
736 }
737
738 /* now read them back */
739 ZERO_STRUCT(test_map);
740 test_map.xid.id = uid_map.xid.id;
741 test_map.xid.type = ID_TYPE_UID;
742 test_map.sid = &testsid;
743
744 status = idmap_tdb_common_unixid_to_sid(dom, &test_map);
745 if(!NT_STATUS_IS_OK(status)) {
746 DEBUG(0, ("test_unixid2sid3: unixid2sid failed for uid!\n"));
747 return false;
748 }
749
750 if(test_map.xid.type!=uid_map.xid.type) {
751 DEBUG(0, ("test_unixid2sid3: unixid2sid returned wrong type!\n"));
752 return false;
753 }
754
755 if(!dom_sid_equal(test_map.sid, uid_map.sid)) {
756 DEBUG(0, ("test_unixid2sid3: unixid2sid returned wrong SID!\n"));
757 return false;
758 }
759
760 ZERO_STRUCT(test_map);
761 test_map.xid.id = gid_map.xid.id;
762 test_map.xid.type = ID_TYPE_GID;
763 test_map.sid = &testsid;
764
765 status = idmap_tdb_common_unixid_to_sid(dom, &test_map);
766 if(!NT_STATUS_IS_OK(status)) {
767 DEBUG(0, ("test_unixid2sid3: unixid2sid failed for gid!\n"));
768 return false;
769 }
770
771 if(test_map.xid.type!=gid_map.xid.type) {
772 DEBUG(0, ("test_unixid2sid3: unixid2sid returned wrong type!\n"));
773 return false;
774 }
775
776 if(!dom_sid_equal(test_map.sid,gid_map.sid)) {
777 DEBUG(0, ("test_unixid2sid3: unixid2sid returned wrong SID!\n"));
778 return false;
779 }
780
781 DEBUG(0, ("test_unixid2sid3: PASSED!\n"));
782
783 return true;
784 }
785
786 static bool test_unixids2sids1(TALLOC_CTX *memctx, struct idmap_domain *dom)
787 {
788 NTSTATUS status;
789 struct id_map uid_map, gid_map, **test_maps;
790
791 ZERO_STRUCT(uid_map);
792 ZERO_STRUCT(gid_map);
793
794 /* create two mappings for a UID and GID */
795
796 uid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID5 "-1000");
797 uid_map.xid.type = ID_TYPE_UID;
798
799 gid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID5 "-1001");
800 gid_map.xid.type = ID_TYPE_GID;
801
802 status = idmap_tdb_common_new_mapping(dom, &uid_map);
803 if(!NT_STATUS_IS_OK(status)) {
804 DEBUG(0, ("test_unixids2sids1: could not create uid map!\n"));
805 return false;
806 }
807
808 status = idmap_tdb_common_new_mapping(dom, &gid_map);
809 if(!NT_STATUS_IS_OK(status)) {
810 DEBUG(0, ("test_unixids2sids1: could not create gid map!\n"));
811 return false;
812 }
813
814 /* now read them back */
815 test_maps = talloc_zero_array(memctx, struct id_map*, 3);
816
817 test_maps[0] = talloc(test_maps, struct id_map);
818 test_maps[1] = talloc(test_maps, struct id_map);
819 test_maps[2] = NULL;
820
821 test_maps[0]->sid = talloc(test_maps, struct dom_sid);
822 test_maps[1]->sid = talloc(test_maps, struct dom_sid);
823 test_maps[0]->xid.id = uid_map.xid.id;
824 test_maps[0]->xid.type = ID_TYPE_UID;
825 test_maps[1]->xid.id = gid_map.xid.id;
826 test_maps[1]->xid.type = ID_TYPE_GID;
827
828 status = idmap_tdb_common_unixids_to_sids(dom, test_maps);
829 if(!NT_STATUS_IS_OK(status)) {
830 DEBUG(0, ("test_unixids2sids1: unixids2sids failed!\n"));
831 talloc_free(test_maps);
832 return false;
833 }
834
835 if(!dom_sid_equal(test_maps[0]->sid, uid_map.sid) ||
836 !dom_sid_equal(test_maps[1]->sid, gid_map.sid) ) {
837 DEBUG(0, ("test_unixids2sids1: unixids2sids returned wrong sid!\n"));
838 talloc_free(test_maps);
839 return false;
840 }
841
842 DEBUG(0, ("test_unixids2sids1: PASSED!\n"));
843
844 talloc_free(test_maps);
845
846 return true;
847 }
848
849 static bool test_unixids2sids2(TALLOC_CTX *memctx, struct idmap_domain *dom)
850 {
851 NTSTATUS status;
852 struct id_map **test_maps;
853 bool retval = true;
854
855 test_maps = talloc_zero_array(memctx, struct id_map*, 3);
856
857 test_maps[0] = talloc(test_maps, struct id_map);
858 test_maps[1] = talloc(test_maps, struct id_map);
859 test_maps[2] = NULL;
860
861 /* ask for two unknown mappings for a UID and GID */
862 test_maps[0]->sid = talloc(test_maps, struct dom_sid);
863 test_maps[1]->sid = talloc(test_maps, struct dom_sid);
864 test_maps[0]->xid.id = HIGH_ID - 1;
865 test_maps[0]->xid.type = ID_TYPE_UID;
866 test_maps[1]->xid.id = HIGH_ID - 1;
867 test_maps[1]->xid.type = ID_TYPE_GID;
868
869 status = idmap_tdb_common_unixids_to_sids(dom, test_maps);
870 if(NT_STATUS_IS_OK(status)) {
871 DEBUG(0, ("test_unixids2sids2: unixids2sids succeeded "
872 "unexpectedly!\n"));
873 retval = false;
874 goto out;
875 }
876
877 DEBUG(0, ("test_unixids2sids2: PASSED!\n"));
878
879 out:
880 talloc_free(test_maps);
881
882 return retval;;
883 }
884
885 static bool test_unixids2sids3(TALLOC_CTX *memctx, struct idmap_domain *dom)
886 {
887 NTSTATUS status;
888 struct id_map uid_map, gid_map, **test_maps;
889 bool retval = true;
890
891 ZERO_STRUCT(uid_map);
892 ZERO_STRUCT(gid_map);
893
894 /* create two mappings for a UID and GID */
895 uid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID6 "-1000");
896 uid_map.xid.type = ID_TYPE_UID;
897
898 gid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID6 "-1001");
899 gid_map.xid.type = ID_TYPE_GID;
900
901 status = idmap_tdb_common_new_mapping(dom, &uid_map);
902 if(!NT_STATUS_IS_OK(status)) {
903 DEBUG(0, ("test_unixids2sids3: could not create uid map!\n"));
904 return false;
905 }
906
907 status = idmap_tdb_common_new_mapping(dom, &gid_map);
908 if(!NT_STATUS_IS_OK(status)) {
909 DEBUG(0, ("test_unixids2sids3: could not create gid map!\n"));
910 return false;
911 }
912
913 /*
914 * check the mapping states:
915 * NONE_MAPPED, SOME_UNMAPPED, OK (all mapped)
916 */
917 test_maps = talloc_zero_array(memctx, struct id_map*, 3);
918
919 test_maps[0] = talloc(test_maps, struct id_map);
920 test_maps[1] = talloc(test_maps, struct id_map);
921 test_maps[2] = NULL;
922
923 /* NONE_MAPPED first */
924 test_maps[0]->sid = talloc(test_maps, struct dom_sid);
925 test_maps[1]->sid = talloc(test_maps, struct dom_sid);
926
927 test_maps[0]->xid.id = HIGH_ID - 1;
928 test_maps[0]->xid.type = ID_TYPE_UID;
929
930 test_maps[1]->xid.id = HIGH_ID - 1;
931 test_maps[1]->xid.type = ID_TYPE_GID;
932
933 status = idmap_tdb_common_unixids_to_sids(dom, test_maps);
934 if(!NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) {
935 DEBUG(0, ("test_unixids2sids3: incorrect status "
936 "(%s), expected NT_STATUS_NONE_MAPPED!\n",
937 nt_errstr(status)));
938 retval = false;
939 goto out;
940 }
941
942 /* SOME_UNMAPPED */
943 test_maps[0]->sid = talloc(test_maps, struct dom_sid);
944 test_maps[1]->sid = talloc(test_maps, struct dom_sid);
945 test_maps[0]->xid = uid_map.xid;
946 test_maps[1]->xid.id = HIGH_ID - 1;
947 test_maps[1]->xid.type = ID_TYPE_GID;
948
949 status = idmap_tdb_common_unixids_to_sids(dom, test_maps);
950 if(!NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
951 DEBUG(0, ("test_unixids2sids3: incorrect status "
952 "(%s), expected STATUS_SOME_UNMAPPED!\n",
953 nt_errstr(status)));
954 retval = false;
955 goto out;
956 }
957
958 /* OK */
959 test_maps[0]->sid = talloc(test_maps, struct dom_sid);
960 test_maps[1]->sid = talloc(test_maps, struct dom_sid);
961 test_maps[0]->xid = uid_map.xid;
962 test_maps[1]->xid = gid_map.xid;
963
964 status = idmap_tdb_common_unixids_to_sids(dom, test_maps);
965 if(!NT_STATUS_IS_OK(status)) {
966 DEBUG(0, ("test_unixids2sids3: incorrect status "
967 "(%s), expected NT_STATUS_OK!\n",
968 nt_errstr(status)));
969 retval = false;
970 goto out;
971 }
972
973 DEBUG(0, ("test_unixids2sids3: PASSED!\n"));
974
975 out:
976 talloc_free(test_maps);
977 return retval;
978 }
979
980 #define CHECKRESULT(r) if(!r) {TALLOC_FREE(stack); return r;}
981
982 bool run_idmap_tdb_common_test(int dummy)
983 {
984 bool result;
985 struct idmap_domain *dom;
986 TALLOC_CTX *stack = talloc_stackframe();
987 TALLOC_CTX *memctx = talloc_new(stack);
988 NTSTATUS status;
989
990 dom = createdomain(memctx);
991 if (dom == NULL) {
992 TALLOC_FREE(stack);
993 return false;
994 }
995
996 status = dom->methods->init(dom);
997 if (!NT_STATUS_IS_OK(status)) {
998 TALLOC_FREE(stack);
999 return false;
1000 }
1001
1002 /* test a single allocation from pool (no mapping) */
1003 result = test_getnewid1(memctx, dom);
1004 CHECKRESULT(result);
1005
1006 /* test idmap_tdb_common_set_mapping */
1007 result = test_setmap1(memctx, dom);
1008 CHECKRESULT(result);
1009
1010 /* test idmap_tdb_common_sid_to_unixid */
1011 result = test_sid2unixid1(memctx, dom);
1012 CHECKRESULT(result);
1013 result = test_sid2unixid2(memctx, dom);
1014 CHECKRESULT(result);
1015
1016 /* test idmap_tdb_common_sids_to_unixids */
1017 result = test_sids2unixids1(memctx, dom);
1018 CHECKRESULT(result);
1019 result = test_sids2unixids2(memctx, dom);
1020 CHECKRESULT(result);
1021 result = test_sids2unixids3(memctx, dom);
1022 CHECKRESULT(result);
1023
1024 /* test idmap_tdb_common_unixid_to_sid */
1025 result = test_unixid2sid1(memctx, dom);
1026 CHECKRESULT(result);
1027 result = test_unixid2sid2(memctx, dom);
1028 CHECKRESULT(result);
1029 result = test_unixid2sid3(memctx, dom);
1030 CHECKRESULT(result);
1031
1032 /* test idmap_tdb_common_unixids_to_sids */
1033 result = test_unixids2sids1(memctx, dom);
1034 CHECKRESULT(result);
1035 result = test_unixids2sids2(memctx, dom);
1036 CHECKRESULT(result);
1037 result = test_unixids2sids3(memctx, dom);
1038 CHECKRESULT(result);
1039
1040 /* test filling up the range */
1041 result = test_getnewid2(memctx, dom);
1042 CHECKRESULT(result);
1043
1044 talloc_free(stack);
1045
1046 return true;
1047 }
Samba GIT mirror