search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4:torture/rpc/winreg.c: make use of dcerpc_binding_handle stubs
[Samba/nascimento.git] / source4 / torture / rpc / winreg.c
blobca4434bc98d8ef59b67b5f9e9b238c8a8a884eae
1 /*
2 Unix SMB/CIFS implementation.
3 test suite for winreg rpc operations
4
5 Copyright (C) Tim Potter 2003
6 Copyright (C) Jelmer Vernooij 2004-2007
7 Copyright (C) Günther Deschner 2007
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "librpc/gen_ndr/ndr_winreg_c.h"
25 #include "librpc/gen_ndr/ndr_security.h"
26 #include "libcli/security/security.h"
27 #include "torture/rpc/rpc.h"
28 #include "param/param.h"
29 #include "lib/registry/registry.h"
30
31 #define TEST_KEY_BASE "smbtorture test"
32 #define TEST_KEY1 TEST_KEY_BASE "\\spottyfoot"
33 #define TEST_KEY2 TEST_KEY_BASE "\\with a SD (#1)"
34 #define TEST_KEY3 TEST_KEY_BASE "\\with a subkey"
35 #define TEST_KEY4 TEST_KEY_BASE "\\sd_tests"
36 #define TEST_SUBKEY TEST_KEY3 "\\subkey"
37 #define TEST_SUBKEY_SD TEST_KEY4 "\\subkey_sd"
38 #define TEST_SUBSUBKEY_SD TEST_KEY4 "\\subkey_sd\\subsubkey_sd"
39 #define TEST_VALUE "torture_value_name"
40
41 #define TEST_SID "S-1-5-21-1234567890-1234567890-1234567890-500"
42
43 static void init_lsa_StringLarge(struct lsa_StringLarge *name, const char *s)
44 {
45 name->string = s;
46 }
47
48 static void init_winreg_String(struct winreg_String *name, const char *s)
49 {
50 name->name = s;
51 if (s) {
52 name->name_len = 2 * (strlen_m(s) + 1);
53 name->name_size = name->name_len;
54 } else {
55 name->name_len = 0;
56 name->name_size = 0;
57 }
58 }
59
60 static bool test_GetVersion(struct dcerpc_binding_handle *b,
61 struct torture_context *tctx,
62 struct policy_handle *handle)
63 {
64 struct winreg_GetVersion r;
65 uint32_t v;
66
67 ZERO_STRUCT(r);
68 r.in.handle = handle;
69 r.out.version = &v;
70
71 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_GetVersion_r(b, tctx, &r),
72 "GetVersion failed");
73
74 torture_assert_werr_ok(tctx, r.out.result, "GetVersion failed");
75
76 return true;
77 }
78
79 static bool test_NotifyChangeKeyValue(struct dcerpc_binding_handle *b,
80 struct torture_context *tctx,
81 struct policy_handle *handle)
82 {
83 struct winreg_NotifyChangeKeyValue r;
84
85 ZERO_STRUCT(r);
86 r.in.handle = handle;
87 r.in.watch_subtree = true;
88 r.in.notify_filter = 0;
89 r.in.unknown = r.in.unknown2 = 0;
90 init_winreg_String(&r.in.string1, NULL);
91 init_winreg_String(&r.in.string2, NULL);
92
93 torture_assert_ntstatus_ok(tctx,
94 dcerpc_winreg_NotifyChangeKeyValue_r(b, tctx, &r),
95 "NotifyChangeKeyValue failed");
96
97 if (!W_ERROR_IS_OK(r.out.result)) {
98 torture_comment(tctx,
99 "NotifyChangeKeyValue failed - %s - not considering\n",
100 win_errstr(r.out.result));
101 return true;
102 }
103
104 return true;
105 }
106
107 static bool test_CreateKey(struct dcerpc_binding_handle *b,
108 struct torture_context *tctx,
109 struct policy_handle *handle, const char *name,
110 const char *kclass)
111 {
112 struct winreg_CreateKey r;
113 struct policy_handle newhandle;
114 enum winreg_CreateAction action_taken = 0;
115
116 ZERO_STRUCT(r);
117 r.in.handle = handle;
118 r.out.new_handle = &newhandle;
119 init_winreg_String(&r.in.name, name);
120 init_winreg_String(&r.in.keyclass, kclass);
121 r.in.options = 0x0;
122 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
123 r.in.action_taken = r.out.action_taken = &action_taken;
124 r.in.secdesc = NULL;
125
126 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_CreateKey_r(b, tctx, &r),
127 "CreateKey failed");
128
129 torture_assert_werr_ok(tctx, r.out.result, "CreateKey failed");
130
131 return true;
132 }
133
134
135 /*
136 createkey testing with a SD
137 */
138 static bool test_CreateKey_sd(struct dcerpc_binding_handle *b,
139 struct torture_context *tctx,
140 struct policy_handle *handle, const char *name,
141 const char *kclass,
142 struct policy_handle *newhandle)
143 {
144 struct winreg_CreateKey r;
145 enum winreg_CreateAction action_taken = 0;
146 struct security_descriptor *sd;
147 DATA_BLOB sdblob;
148 struct winreg_SecBuf secbuf;
149
150 sd = security_descriptor_dacl_create(tctx,
151 0,
152 NULL, NULL,
153 SID_NT_AUTHENTICATED_USERS,
154 SEC_ACE_TYPE_ACCESS_ALLOWED,
155 SEC_GENERIC_ALL,
156 SEC_ACE_FLAG_OBJECT_INHERIT |
157 SEC_ACE_FLAG_CONTAINER_INHERIT,
158 NULL);
159
160 torture_assert_ndr_success(tctx,
161 ndr_push_struct_blob(&sdblob, tctx, NULL, sd,
162 (ndr_push_flags_fn_t)ndr_push_security_descriptor),
163 "Failed to push security_descriptor ?!\n");
164
165 secbuf.sd.data = sdblob.data;
166 secbuf.sd.len = sdblob.length;
167 secbuf.sd.size = sdblob.length;
168 secbuf.length = sdblob.length-10;
169 secbuf.inherit = 0;
170
171 ZERO_STRUCT(r);
172 r.in.handle = handle;
173 r.out.new_handle = newhandle;
174 init_winreg_String(&r.in.name, name);
175 init_winreg_String(&r.in.keyclass, kclass);
176 r.in.options = 0x0;
177 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
178 r.in.action_taken = r.out.action_taken = &action_taken;
179 r.in.secdesc = &secbuf;
180
181 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_CreateKey_r(b, tctx, &r),
182 "CreateKey with sd failed");
183
184 torture_assert_werr_ok(tctx, r.out.result, "CreateKey with sd failed");
185
186 return true;
187 }
188
189 static bool _test_GetKeySecurity(struct dcerpc_pipe *p,
190 struct torture_context *tctx,
191 struct policy_handle *handle,
192 uint32_t *sec_info_ptr,
193 WERROR get_werr,
194 struct security_descriptor **sd_out)
195 {
196 struct winreg_GetKeySecurity r;
197 struct security_descriptor *sd = NULL;
198 uint32_t sec_info;
199 DATA_BLOB sdblob;
200 struct dcerpc_binding_handle *b = p->binding_handle;
201
202 if (sec_info_ptr) {
203 sec_info = *sec_info_ptr;
204 } else {
205 sec_info = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL;
206 }
207
208 ZERO_STRUCT(r);
209
210 r.in.handle = handle;
211 r.in.sec_info = sec_info;
212 r.in.sd = r.out.sd = talloc_zero(tctx, struct KeySecurityData);
213 r.in.sd->size = 0x1000;
214
215 torture_assert_ntstatus_ok(tctx,
216 dcerpc_winreg_GetKeySecurity_r(b, tctx, &r),
217 "GetKeySecurity failed");
218
219 torture_assert_werr_equal(tctx, r.out.result, get_werr,
220 "GetKeySecurity failed");
221
222 sdblob.data = r.out.sd->data;
223 sdblob.length = r.out.sd->len;
224
225 sd = talloc_zero(tctx, struct security_descriptor);
226
227 torture_assert_ndr_success(tctx,
228 ndr_pull_struct_blob(&sdblob, tctx, NULL, sd,
229 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor),
230 "pull_security_descriptor failed");
231
232 if (p->conn->flags & DCERPC_DEBUG_PRINT_OUT) {
233 NDR_PRINT_DEBUG(security_descriptor, sd);
234 }
235
236 if (sd_out) {
237 *sd_out = sd;
238 } else {
239 talloc_free(sd);
240 }
241
242 return true;
243 }
244
245 static bool test_GetKeySecurity(struct dcerpc_pipe *p,
246 struct torture_context *tctx,
247 struct policy_handle *handle,
248 struct security_descriptor **sd_out)
249 {
250 return _test_GetKeySecurity(p, tctx, handle, NULL, WERR_OK, sd_out);
251 }
252
253 static bool _test_SetKeySecurity(struct dcerpc_pipe *p,
254 struct torture_context *tctx,
255 struct policy_handle *handle,
256 uint32_t *sec_info_ptr,
257 struct security_descriptor *sd,
258 WERROR werr)
259 {
260 struct winreg_SetKeySecurity r;
261 struct KeySecurityData *sdata = NULL;
262 DATA_BLOB sdblob;
263 uint32_t sec_info;
264 struct dcerpc_binding_handle *b = p->binding_handle;
265
266 ZERO_STRUCT(r);
267
268 if (sd && (p->conn->flags & DCERPC_DEBUG_PRINT_OUT)) {
269 NDR_PRINT_DEBUG(security_descriptor, sd);
270 }
271
272 torture_assert_ndr_success(tctx,
273 ndr_push_struct_blob(&sdblob, tctx, NULL, sd,
274 (ndr_push_flags_fn_t)ndr_push_security_descriptor),
275 "push_security_descriptor failed");
276
277 sdata = talloc_zero(tctx, struct KeySecurityData);
278 sdata->data = sdblob.data;
279 sdata->size = sdblob.length;
280 sdata->len = sdblob.length;
281
282 if (sec_info_ptr) {
283 sec_info = *sec_info_ptr;
284 } else {
285 sec_info = SECINFO_UNPROTECTED_SACL |
286 SECINFO_UNPROTECTED_DACL;
287 if (sd->owner_sid) {
288 sec_info |= SECINFO_OWNER;
289 }
290 if (sd->group_sid) {
291 sec_info |= SECINFO_GROUP;
292 }
293 if (sd->sacl) {
294 sec_info |= SECINFO_SACL;
295 }
296 if (sd->dacl) {
297 sec_info |= SECINFO_DACL;
298 }
299 }
300
301 r.in.handle = handle;
302 r.in.sec_info = sec_info;
303 r.in.sd = sdata;
304
305 torture_assert_ntstatus_ok(tctx,
306 dcerpc_winreg_SetKeySecurity_r(b, tctx, &r),
307 "SetKeySecurity failed");
308
309 torture_assert_werr_equal(tctx, r.out.result, werr,
310 "SetKeySecurity failed");
311
312 return true;
313 }
314
315 static bool test_SetKeySecurity(struct dcerpc_pipe *p,
316 struct torture_context *tctx,
317 struct policy_handle *handle,
318 struct security_descriptor *sd)
319 {
320 return _test_SetKeySecurity(p, tctx, handle, NULL, sd, WERR_OK);
321 }
322
323 static bool test_CloseKey(struct dcerpc_binding_handle *b,
324 struct torture_context *tctx,
325 struct policy_handle *handle)
326 {
327 struct winreg_CloseKey r;
328
329 ZERO_STRUCT(r);
330 r.in.handle = r.out.handle = handle;
331
332 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_CloseKey_r(b, tctx, &r),
333 "CloseKey failed");
334
335 torture_assert_werr_ok(tctx, r.out.result, "CloseKey failed");
336
337 return true;
338 }
339
340 static bool test_FlushKey(struct dcerpc_binding_handle *b,
341 struct torture_context *tctx,
342 struct policy_handle *handle)
343 {
344 struct winreg_FlushKey r;
345
346 ZERO_STRUCT(r);
347 r.in.handle = handle;
348
349 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_FlushKey_r(b, tctx, &r),
350 "FlushKey failed");
351
352 torture_assert_werr_ok(tctx, r.out.result, "FlushKey failed");
353
354 return true;
355 }
356
357 static bool _test_OpenKey(struct dcerpc_binding_handle *b,
358 struct torture_context *tctx,
359 struct policy_handle *hive_handle,
360 const char *keyname, uint32_t access_mask,
361 struct policy_handle *key_handle,
362 WERROR open_werr,
363 bool *success)
364 {
365 struct winreg_OpenKey r;
366
367 ZERO_STRUCT(r);
368 r.in.parent_handle = hive_handle;
369 init_winreg_String(&r.in.keyname, keyname);
370 r.in.options = REG_KEYTYPE_NON_VOLATILE;
371 r.in.access_mask = access_mask;
372 r.out.handle = key_handle;
373
374 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_OpenKey_r(b, tctx, &r),
375 "OpenKey failed");
376
377 torture_assert_werr_equal(tctx, r.out.result, open_werr,
378 "OpenKey failed");
379
380 if (success && W_ERROR_EQUAL(r.out.result, WERR_OK)) {
381 *success = true;
382 }
383
384 return true;
385 }
386
387 static bool test_OpenKey(struct dcerpc_binding_handle *b,
388 struct torture_context *tctx,
389 struct policy_handle *hive_handle,
390 const char *keyname, struct policy_handle *key_handle)
391 {
392 return _test_OpenKey(b, tctx, hive_handle, keyname,
393 SEC_FLAG_MAXIMUM_ALLOWED, key_handle,
394 WERR_OK, NULL);
395 }
396
397 static bool test_Cleanup(struct dcerpc_binding_handle *b,
398 struct torture_context *tctx,
399 struct policy_handle *handle, const char *key)
400 {
401 struct winreg_DeleteKey r;
402
403 ZERO_STRUCT(r);
404 r.in.handle = handle;
405
406 init_winreg_String(&r.in.key, key);
407 dcerpc_winreg_DeleteKey_r(b, tctx, &r);
408
409 return true;
410 }
411
412 static bool _test_GetSetSecurityDescriptor(struct dcerpc_pipe *p,
413 struct torture_context *tctx,
414 struct policy_handle *handle,
415 WERROR get_werr,
416 WERROR set_werr)
417 {
418 struct security_descriptor *sd = NULL;
419
420 if (!_test_GetKeySecurity(p, tctx, handle, NULL, get_werr, &sd)) {
421 return false;
422 }
423
424 if (!_test_SetKeySecurity(p, tctx, handle, NULL, sd, set_werr)) {
425 return false;
426 }
427
428 return true;
429 }
430
431 static bool test_SecurityDescriptor(struct dcerpc_pipe *p,
432 struct torture_context *tctx,
433 struct policy_handle *handle,
434 const char *key)
435 {
436 struct policy_handle new_handle;
437 bool ret = true;
438 struct dcerpc_binding_handle *b = p->binding_handle;
439
440 torture_comment(tctx, "SecurityDescriptor get & set\n");
441
442 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
443 return false;
444 }
445
446 if (!_test_GetSetSecurityDescriptor(p, tctx, &new_handle,
447 WERR_OK, WERR_OK)) {
448 ret = false;
449 }
450
451 if (!test_CloseKey(b, tctx, &new_handle)) {
452 return false;
453 }
454
455 return ret;
456 }
457
458 static bool _test_SecurityDescriptor(struct dcerpc_pipe *p,
459 struct torture_context *tctx,
460 struct policy_handle *handle,
461 uint32_t access_mask,
462 const char *key,
463 WERROR open_werr,
464 WERROR get_werr,
465 WERROR set_werr)
466 {
467 struct policy_handle new_handle;
468 bool ret = true;
469 bool got_key = false;
470 struct dcerpc_binding_handle *b = p->binding_handle;
471
472 if (!_test_OpenKey(b, tctx, handle, key, access_mask, &new_handle,
473 open_werr, &got_key)) {
474 return false;
475 }
476
477 if (!got_key) {
478 return true;
479 }
480
481 if (!_test_GetSetSecurityDescriptor(p, tctx, &new_handle,
482 get_werr, set_werr)) {
483 ret = false;
484 }
485
486 if (!test_CloseKey(b, tctx, &new_handle)) {
487 return false;
488 }
489
490 return ret;
491 }
492
493 static bool test_dacl_trustee_present(struct dcerpc_pipe *p,
494 struct torture_context *tctx,
495 struct policy_handle *handle,
496 const struct dom_sid *sid)
497 {
498 struct security_descriptor *sd = NULL;
499 int i;
500
501 if (!test_GetKeySecurity(p, tctx, handle, &sd)) {
502 return false;
503 }
504
505 if (!sd || !sd->dacl) {
506 return false;
507 }
508
509 for (i = 0; i < sd->dacl->num_aces; i++) {
510 if (dom_sid_equal(&sd->dacl->aces[i].trustee, sid)) {
511 return true;
512 }
513 }
514
515 return false;
516 }
517
518 static bool _test_dacl_trustee_present(struct dcerpc_pipe *p,
519 struct torture_context *tctx,
520 struct policy_handle *handle,
521 const char *key,
522 const struct dom_sid *sid)
523 {
524 struct policy_handle new_handle;
525 bool ret = true;
526 struct dcerpc_binding_handle *b = p->binding_handle;
527
528 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
529 return false;
530 }
531
532 ret = test_dacl_trustee_present(p, tctx, &new_handle, sid);
533
534 test_CloseKey(b, tctx, &new_handle);
535
536 return ret;
537 }
538
539 static bool test_sacl_trustee_present(struct dcerpc_pipe *p,
540 struct torture_context *tctx,
541 struct policy_handle *handle,
542 const struct dom_sid *sid)
543 {
544 struct security_descriptor *sd = NULL;
545 int i;
546 uint32_t sec_info = SECINFO_SACL;
547
548 if (!_test_GetKeySecurity(p, tctx, handle, &sec_info, WERR_OK, &sd)) {
549 return false;
550 }
551
552 if (!sd || !sd->sacl) {
553 return false;
554 }
555
556 for (i = 0; i < sd->sacl->num_aces; i++) {
557 if (dom_sid_equal(&sd->sacl->aces[i].trustee, sid)) {
558 return true;
559 }
560 }
561
562 return false;
563 }
564
565 static bool _test_sacl_trustee_present(struct dcerpc_pipe *p,
566 struct torture_context *tctx,
567 struct policy_handle *handle,
568 const char *key,
569 const struct dom_sid *sid)
570 {
571 struct policy_handle new_handle;
572 bool ret = true;
573 struct dcerpc_binding_handle *b = p->binding_handle;
574
575 if (!_test_OpenKey(b, tctx, handle, key, SEC_FLAG_SYSTEM_SECURITY,
576 &new_handle, WERR_OK, NULL)) {
577 return false;
578 }
579
580 ret = test_sacl_trustee_present(p, tctx, &new_handle, sid);
581
582 test_CloseKey(b, tctx, &new_handle);
583
584 return ret;
585 }
586
587 static bool test_owner_present(struct dcerpc_pipe *p,
588 struct torture_context *tctx,
589 struct policy_handle *handle,
590 const struct dom_sid *sid)
591 {
592 struct security_descriptor *sd = NULL;
593 uint32_t sec_info = SECINFO_OWNER;
594
595 if (!_test_GetKeySecurity(p, tctx, handle, &sec_info, WERR_OK, &sd)) {
596 return false;
597 }
598
599 if (!sd || !sd->owner_sid) {
600 return false;
601 }
602
603 return dom_sid_equal(sd->owner_sid, sid);
604 }
605
606 static bool _test_owner_present(struct dcerpc_pipe *p,
607 struct torture_context *tctx,
608 struct policy_handle *handle,
609 const char *key,
610 const struct dom_sid *sid)
611 {
612 struct policy_handle new_handle;
613 bool ret = true;
614 struct dcerpc_binding_handle *b = p->binding_handle;
615
616 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
617 return false;
618 }
619
620 ret = test_owner_present(p, tctx, &new_handle, sid);
621
622 test_CloseKey(b, tctx, &new_handle);
623
624 return ret;
625 }
626
627 static bool test_group_present(struct dcerpc_pipe *p,
628 struct torture_context *tctx,
629 struct policy_handle *handle,
630 const struct dom_sid *sid)
631 {
632 struct security_descriptor *sd = NULL;
633 uint32_t sec_info = SECINFO_GROUP;
634
635 if (!_test_GetKeySecurity(p, tctx, handle, &sec_info, WERR_OK, &sd)) {
636 return false;
637 }
638
639 if (!sd || !sd->group_sid) {
640 return false;
641 }
642
643 return dom_sid_equal(sd->group_sid, sid);
644 }
645
646 static bool _test_group_present(struct dcerpc_pipe *p,
647 struct torture_context *tctx,
648 struct policy_handle *handle,
649 const char *key,
650 const struct dom_sid *sid)
651 {
652 struct policy_handle new_handle;
653 bool ret = true;
654 struct dcerpc_binding_handle *b = p->binding_handle;
655
656 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
657 return false;
658 }
659
660 ret = test_group_present(p, tctx, &new_handle, sid);
661
662 test_CloseKey(b, tctx, &new_handle);
663
664 return ret;
665 }
666
667 static bool test_dacl_trustee_flags_present(struct dcerpc_pipe *p,
668 struct torture_context *tctx,
669 struct policy_handle *handle,
670 const struct dom_sid *sid,
671 uint8_t flags)
672 {
673 struct security_descriptor *sd = NULL;
674 int i;
675
676 if (!test_GetKeySecurity(p, tctx, handle, &sd)) {
677 return false;
678 }
679
680 if (!sd || !sd->dacl) {
681 return false;
682 }
683
684 for (i = 0; i < sd->dacl->num_aces; i++) {
685 if ((dom_sid_equal(&sd->dacl->aces[i].trustee, sid)) &&
686 (sd->dacl->aces[i].flags == flags)) {
687 return true;
688 }
689 }
690
691 return false;
692 }
693
694 static bool test_dacl_ace_present(struct dcerpc_pipe *p,
695 struct torture_context *tctx,
696 struct policy_handle *handle,
697 const struct security_ace *ace)
698 {
699 struct security_descriptor *sd = NULL;
700 int i;
701
702 if (!test_GetKeySecurity(p, tctx, handle, &sd)) {
703 return false;
704 }
705
706 if (!sd || !sd->dacl) {
707 return false;
708 }
709
710 for (i = 0; i < sd->dacl->num_aces; i++) {
711 if (security_ace_equal(&sd->dacl->aces[i], ace)) {
712 return true;
713 }
714 }
715
716 return false;
717 }
718
719 static bool test_RestoreSecurity(struct dcerpc_pipe *p,
720 struct torture_context *tctx,
721 struct policy_handle *handle,
722 const char *key,
723 struct security_descriptor *sd)
724 {
725 struct policy_handle new_handle;
726 bool ret = true;
727 struct dcerpc_binding_handle *b = p->binding_handle;
728
729 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
730 return false;
731 }
732
733 if (!test_SetKeySecurity(p, tctx, &new_handle, sd)) {
734 ret = false;
735 }
736
737 if (!test_CloseKey(b, tctx, &new_handle)) {
738 ret = false;
739 }
740
741 return ret;
742 }
743
744 static bool test_BackupSecurity(struct dcerpc_pipe *p,
745 struct torture_context *tctx,
746 struct policy_handle *handle,
747 const char *key,
748 struct security_descriptor **sd)
749 {
750 struct policy_handle new_handle;
751 bool ret = true;
752 struct dcerpc_binding_handle *b = p->binding_handle;
753
754 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
755 return false;
756 }
757
758 if (!test_GetKeySecurity(p, tctx, &new_handle, sd)) {
759 ret = false;
760 }
761
762 if (!test_CloseKey(b, tctx, &new_handle)) {
763 ret = false;
764 }
765
766 return ret;
767 }
768
769 static bool test_SecurityDescriptorInheritance(struct dcerpc_pipe *p,
770 struct torture_context *tctx,
771 struct policy_handle *handle,
772 const char *key)
773 {
774 /* get sd
775 add ace SEC_ACE_FLAG_CONTAINER_INHERIT
776 set sd
777 get sd
778 check ace
779 add subkey
780 get sd
781 check ace
782 add subsubkey
783 get sd
784 check ace
785 del subsubkey
786 del subkey
787 reset sd
788 */
789
790 struct security_descriptor *sd = NULL;
791 struct security_descriptor *sd_orig = NULL;
792 struct security_ace *ace = NULL;
793 struct policy_handle new_handle;
794 bool ret = true;
795 struct dcerpc_binding_handle *b = p->binding_handle;
796
797 torture_comment(tctx, "SecurityDescriptor inheritance\n");
798
799 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
800 return false;
801 }
802
803 if (!_test_GetKeySecurity(p, tctx, &new_handle, NULL, WERR_OK, &sd)) {
804 return false;
805 }
806
807 sd_orig = security_descriptor_copy(tctx, sd);
808 if (sd_orig == NULL) {
809 return false;
810 }
811
812 ace = security_ace_create(tctx,
813 TEST_SID,
814 SEC_ACE_TYPE_ACCESS_ALLOWED,
815 SEC_STD_REQUIRED,
816 SEC_ACE_FLAG_CONTAINER_INHERIT);
817
818 torture_assert_ntstatus_ok(tctx,
819 security_descriptor_dacl_add(sd, ace),
820 "failed to add ace");
821
822 /* FIXME: add further tests for these flags */
823 sd->type |= SEC_DESC_DACL_AUTO_INHERIT_REQ |
824 SEC_DESC_SACL_AUTO_INHERITED;
825
826 if (!test_SetKeySecurity(p, tctx, &new_handle, sd)) {
827 return false;
828 }
829
830 torture_assert(tctx,
831 test_dacl_ace_present(p, tctx, &new_handle, ace),
832 "new ACE not present!");
833
834 if (!test_CloseKey(b, tctx, &new_handle)) {
835 return false;
836 }
837
838 if (!test_CreateKey(b, tctx, handle, TEST_SUBKEY_SD, NULL)) {
839 ret = false;
840 goto out;
841 }
842
843 if (!test_OpenKey(b, tctx, handle, TEST_SUBKEY_SD, &new_handle)) {
844 ret = false;
845 goto out;
846 }
847
848 if (!test_dacl_ace_present(p, tctx, &new_handle, ace)) {
849 torture_comment(tctx, "inherited ACE not present!\n");
850 ret = false;
851 goto out;
852 }
853
854 test_CloseKey(b, tctx, &new_handle);
855 if (!test_CreateKey(b, tctx, handle, TEST_SUBSUBKEY_SD, NULL)) {
856 ret = false;
857 goto out;
858 }
859
860 if (!test_OpenKey(b, tctx, handle, TEST_SUBSUBKEY_SD, &new_handle)) {
861 ret = false;
862 goto out;
863 }
864
865 if (!test_dacl_ace_present(p, tctx, &new_handle, ace)) {
866 torture_comment(tctx, "inherited ACE not present!\n");
867 ret = false;
868 goto out;
869 }
870
871 out:
872 test_CloseKey(b, tctx, &new_handle);
873 test_Cleanup(b, tctx, handle, TEST_SUBKEY_SD);
874 test_RestoreSecurity(p, tctx, handle, key, sd_orig);
875
876 return true;
877 }
878
879 static bool test_SecurityDescriptorBlockInheritance(struct dcerpc_pipe *p,
880 struct torture_context *tctx,
881 struct policy_handle *handle,
882 const char *key)
883 {
884 /* get sd
885 add ace SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
886 set sd
887 add subkey/subkey
888 get sd
889 check ace
890 get sd from subkey
891 check ace
892 del subkey/subkey
893 del subkey
894 reset sd
895 */
896
897 struct security_descriptor *sd = NULL;
898 struct security_descriptor *sd_orig = NULL;
899 struct security_ace *ace = NULL;
900 struct policy_handle new_handle;
901 struct dom_sid *sid = NULL;
902 bool ret = true;
903 uint8_t ace_flags = 0x0;
904 struct dcerpc_binding_handle *b = p->binding_handle;
905
906 torture_comment(tctx, "SecurityDescriptor inheritance block\n");
907
908 if (!test_OpenKey(b, tctx, handle, key, &new_handle)) {
909 return false;
910 }
911
912 if (!_test_GetKeySecurity(p, tctx, &new_handle, NULL, WERR_OK, &sd)) {
913 return false;
914 }
915
916 sd_orig = security_descriptor_copy(tctx, sd);
917 if (sd_orig == NULL) {
918 return false;
919 }
920
921 ace = security_ace_create(tctx,
922 TEST_SID,
923 SEC_ACE_TYPE_ACCESS_ALLOWED,
924 SEC_STD_REQUIRED,
925 SEC_ACE_FLAG_CONTAINER_INHERIT |
926 SEC_ACE_FLAG_NO_PROPAGATE_INHERIT);
927
928 torture_assert_ntstatus_ok(tctx,
929 security_descriptor_dacl_add(sd, ace),
930 "failed to add ace");
931
932 if (!_test_SetKeySecurity(p, tctx, &new_handle, NULL, sd, WERR_OK)) {
933 return false;
934 }
935
936 torture_assert(tctx,
937 test_dacl_ace_present(p, tctx, &new_handle, ace),
938 "new ACE not present!");
939
940 if (!test_CloseKey(b, tctx, &new_handle)) {
941 return false;
942 }
943
944 if (!test_CreateKey(b, tctx, handle, TEST_SUBSUBKEY_SD, NULL)) {
945 return false;
946 }
947
948 if (!test_OpenKey(b, tctx, handle, TEST_SUBSUBKEY_SD, &new_handle)) {
949 ret = false;
950 goto out;
951 }
952
953 if (test_dacl_ace_present(p, tctx, &new_handle, ace)) {
954 torture_comment(tctx, "inherited ACE present but should not!\n");
955 ret = false;
956 goto out;
957 }
958
959 sid = dom_sid_parse_talloc(tctx, TEST_SID);
960 if (sid == NULL) {
961 return false;
962 }
963
964 if (test_dacl_trustee_present(p, tctx, &new_handle, sid)) {
965 torture_comment(tctx, "inherited trustee SID present but should not!\n");
966 ret = false;
967 goto out;
968 }
969
970 test_CloseKey(b, tctx, &new_handle);
971
972 if (!test_OpenKey(b, tctx, handle, TEST_SUBKEY_SD, &new_handle)) {
973 ret = false;
974 goto out;
975 }
976
977 if (test_dacl_ace_present(p, tctx, &new_handle, ace)) {
978 torture_comment(tctx, "inherited ACE present but should not!\n");
979 ret = false;
980 goto out;
981 }
982
983 if (!test_dacl_trustee_flags_present(p, tctx, &new_handle, sid, ace_flags)) {
984 torture_comment(tctx, "inherited trustee SID with flags 0x%02x not present!\n",
985 ace_flags);
986 ret = false;
987 goto out;
988 }
989
990 out:
991 test_CloseKey(b, tctx, &new_handle);
992 test_Cleanup(b, tctx, handle, TEST_SUBKEY_SD);
993 test_RestoreSecurity(p, tctx, handle, key, sd_orig);
994
995 return ret;
996 }
997
998 static bool test_SecurityDescriptorsMasks(struct dcerpc_pipe *p,
999 struct torture_context *tctx,
1000 struct policy_handle *handle,
1001 const char *key)
1002 {
1003 bool ret = true;
1004 int i;
1005
1006 struct winreg_mask_result_table {
1007 uint32_t access_mask;
1008 WERROR open_werr;
1009 WERROR get_werr;
1010 WERROR set_werr;
1011 } sd_mask_tests[] = {
1012 { 0,
1013 WERR_ACCESS_DENIED, WERR_BADFILE, WERR_FOOBAR },
1014 { SEC_FLAG_MAXIMUM_ALLOWED,
1015 WERR_OK, WERR_OK, WERR_OK },
1016 { SEC_STD_WRITE_DAC,
1017 WERR_OK, WERR_ACCESS_DENIED, WERR_FOOBAR },
1018 { SEC_FLAG_SYSTEM_SECURITY,
1019 WERR_OK, WERR_ACCESS_DENIED, WERR_FOOBAR }
1020 };
1021
1022 /* FIXME: before this test can ever run successfully we need a way to
1023 * correctly read a NULL security_descritpor in ndr, get the required
1024 * length, requery, etc.
1025 */
1026
1027 return true;
1028
1029 for (i=0; i < ARRAY_SIZE(sd_mask_tests); i++) {
1030
1031 torture_comment(tctx,
1032 "SecurityDescriptor get & set with access_mask: 0x%08x\n",
1033 sd_mask_tests[i].access_mask);
1034 torture_comment(tctx,
1035 "expecting: open %s, get: %s, set: %s\n",
1036 win_errstr(sd_mask_tests[i].open_werr),
1037 win_errstr(sd_mask_tests[i].get_werr),
1038 win_errstr(sd_mask_tests[i].set_werr));
1039
1040 if (_test_SecurityDescriptor(p, tctx, handle,
1041 sd_mask_tests[i].access_mask, key,
1042 sd_mask_tests[i].open_werr,
1043 sd_mask_tests[i].get_werr,
1044 sd_mask_tests[i].set_werr)) {
1045 ret = false;
1046 }
1047 }
1048
1049 return ret;
1050 }
1051
1052 typedef bool (*secinfo_verify_fn)(struct dcerpc_pipe *,
1053 struct torture_context *,
1054 struct policy_handle *,
1055 const char *,
1056 const struct dom_sid *);
1057
1058 static bool test_SetSecurityDescriptor_SecInfo(struct dcerpc_pipe *p,
1059 struct torture_context *tctx,
1060 struct policy_handle *handle,
1061 const char *key,
1062 const char *test,
1063 uint32_t access_mask,
1064 uint32_t sec_info,
1065 struct security_descriptor *sd,
1066 WERROR set_werr,
1067 bool expect_present,
1068 bool (*fn) (struct dcerpc_pipe *,
1069 struct torture_context *,
1070 struct policy_handle *,
1071 const char *,
1072 const struct dom_sid *),
1073 const struct dom_sid *sid)
1074 {
1075 struct policy_handle new_handle;
1076 bool open_success = false;
1077 struct dcerpc_binding_handle *b = p->binding_handle;
1078
1079 torture_comment(tctx, "SecurityDescriptor (%s) sets for secinfo: "
1080 "0x%08x, access_mask: 0x%08x\n",
1081 test, sec_info, access_mask);
1082
1083 if (!_test_OpenKey(b, tctx, handle, key,
1084 access_mask,
1085 &new_handle,
1086 WERR_OK,
1087 &open_success)) {
1088 return false;
1089 }
1090
1091 if (!open_success) {
1092 torture_comment(tctx, "key did not open\n");
1093 test_CloseKey(b, tctx, &new_handle);
1094 return false;
1095 }
1096
1097 if (!_test_SetKeySecurity(p, tctx, &new_handle, &sec_info,
1098 sd,
1099 set_werr)) {
1100 torture_warning(tctx,
1101 "SetKeySecurity with secinfo: 0x%08x has failed\n",
1102 sec_info);
1103 smb_panic("");
1104 test_CloseKey(b, tctx, &new_handle);
1105 return false;
1106 }
1107
1108 test_CloseKey(b, tctx, &new_handle);
1109
1110 if (W_ERROR_IS_OK(set_werr)) {
1111 bool present;
1112 present = fn(p, tctx, handle, key, sid);
1113 if ((expect_present) && (!present)) {
1114 torture_warning(tctx,
1115 "%s sid is not present!\n",
1116 test);
1117 return false;
1118 }
1119 if ((!expect_present) && (present)) {
1120 torture_warning(tctx,
1121 "%s sid is present but not expected!\n",
1122 test);
1123 return false;
1124 }
1125 }
1126
1127 return true;
1128 }
1129
1130 static bool test_SecurityDescriptorsSecInfo(struct dcerpc_pipe *p,
1131 struct torture_context *tctx,
1132 struct policy_handle *handle,
1133 const char *key)
1134 {
1135 struct security_descriptor *sd_orig = NULL;
1136 struct dom_sid *sid = NULL;
1137 bool ret = true;
1138 int i, a;
1139
1140 struct security_descriptor *sd_owner =
1141 security_descriptor_dacl_create(tctx,
1142 0,
1143 TEST_SID, NULL, NULL);
1144
1145 struct security_descriptor *sd_group =
1146 security_descriptor_dacl_create(tctx,
1147 0,
1148 NULL, TEST_SID, NULL);
1149
1150 struct security_descriptor *sd_dacl =
1151 security_descriptor_dacl_create(tctx,
1152 0,
1153 NULL, NULL,
1154 TEST_SID,
1155 SEC_ACE_TYPE_ACCESS_ALLOWED,
1156 SEC_GENERIC_ALL,
1157 0,
1158 SID_NT_AUTHENTICATED_USERS,
1159 SEC_ACE_TYPE_ACCESS_ALLOWED,
1160 SEC_GENERIC_ALL,
1161 0,
1162 NULL);
1163
1164 struct security_descriptor *sd_sacl =
1165 security_descriptor_sacl_create(tctx,
1166 0,
1167 NULL, NULL,
1168 TEST_SID,
1169 SEC_ACE_TYPE_SYSTEM_AUDIT,
1170 SEC_GENERIC_ALL,
1171 SEC_ACE_FLAG_SUCCESSFUL_ACCESS,
1172 NULL);
1173
1174 struct winreg_secinfo_table {
1175 struct security_descriptor *sd;
1176 uint32_t sec_info;
1177 WERROR set_werr;
1178 bool sid_present;
1179 secinfo_verify_fn fn;
1180 };
1181
1182 struct winreg_secinfo_table sec_info_owner_tests[] = {
1183 { sd_owner, 0, WERR_OK,
1184 false, (secinfo_verify_fn)_test_owner_present },
1185 { sd_owner, SECINFO_OWNER, WERR_OK,
1186 true, (secinfo_verify_fn)_test_owner_present },
1187 { sd_owner, SECINFO_GROUP, WERR_INVALID_PARAM },
1188 { sd_owner, SECINFO_DACL, WERR_OK,
1189 true, (secinfo_verify_fn)_test_owner_present },
1190 { sd_owner, SECINFO_SACL, WERR_ACCESS_DENIED },
1191 };
1192
1193 uint32_t sd_owner_good_access_masks[] = {
1194 SEC_FLAG_MAXIMUM_ALLOWED,
1195 /* SEC_STD_WRITE_OWNER, */
1196 };
1197
1198 struct winreg_secinfo_table sec_info_group_tests[] = {
1199 { sd_group, 0, WERR_OK,
1200 false, (secinfo_verify_fn)_test_group_present },
1201 { sd_group, SECINFO_OWNER, WERR_INVALID_PARAM },
1202 { sd_group, SECINFO_GROUP, WERR_OK,
1203 true, (secinfo_verify_fn)_test_group_present },
1204 { sd_group, SECINFO_DACL, WERR_OK,
1205 true, (secinfo_verify_fn)_test_group_present },
1206 { sd_group, SECINFO_SACL, WERR_ACCESS_DENIED },
1207 };
1208
1209 uint32_t sd_group_good_access_masks[] = {
1210 SEC_FLAG_MAXIMUM_ALLOWED,
1211 };
1212
1213 struct winreg_secinfo_table sec_info_dacl_tests[] = {
1214 { sd_dacl, 0, WERR_OK,
1215 false, (secinfo_verify_fn)_test_dacl_trustee_present },
1216 { sd_dacl, SECINFO_OWNER, WERR_INVALID_PARAM },
1217 { sd_dacl, SECINFO_GROUP, WERR_INVALID_PARAM },
1218 { sd_dacl, SECINFO_DACL, WERR_OK,
1219 true, (secinfo_verify_fn)_test_dacl_trustee_present },
1220 { sd_dacl, SECINFO_SACL, WERR_ACCESS_DENIED },
1221 };
1222
1223 uint32_t sd_dacl_good_access_masks[] = {
1224 SEC_FLAG_MAXIMUM_ALLOWED,
1225 SEC_STD_WRITE_DAC,
1226 };
1227
1228 struct winreg_secinfo_table sec_info_sacl_tests[] = {
1229 { sd_sacl, 0, WERR_OK,
1230 false, (secinfo_verify_fn)_test_sacl_trustee_present },
1231 { sd_sacl, SECINFO_OWNER, WERR_INVALID_PARAM },
1232 { sd_sacl, SECINFO_GROUP, WERR_INVALID_PARAM },
1233 { sd_sacl, SECINFO_DACL, WERR_OK,
1234 false, (secinfo_verify_fn)_test_sacl_trustee_present },
1235 { sd_sacl, SECINFO_SACL, WERR_OK,
1236 true, (secinfo_verify_fn)_test_sacl_trustee_present },
1237 };
1238
1239 uint32_t sd_sacl_good_access_masks[] = {
1240 SEC_FLAG_MAXIMUM_ALLOWED | SEC_FLAG_SYSTEM_SECURITY,
1241 /* SEC_FLAG_SYSTEM_SECURITY, */
1242 };
1243
1244 sid = dom_sid_parse_talloc(tctx, TEST_SID);
1245 if (sid == NULL) {
1246 return false;
1247 }
1248
1249 if (!test_BackupSecurity(p, tctx, handle, key, &sd_orig)) {
1250 return false;
1251 }
1252
1253 /* OWNER */
1254
1255 for (i=0; i < ARRAY_SIZE(sec_info_owner_tests); i++) {
1256
1257 for (a=0; a < ARRAY_SIZE(sd_owner_good_access_masks); a++) {
1258
1259 if (!test_SetSecurityDescriptor_SecInfo(p, tctx, handle,
1260 key,
1261 "OWNER",
1262 sd_owner_good_access_masks[a],
1263 sec_info_owner_tests[i].sec_info,
1264 sec_info_owner_tests[i].sd,
1265 sec_info_owner_tests[i].set_werr,
1266 sec_info_owner_tests[i].sid_present,
1267 sec_info_owner_tests[i].fn,
1268 sid))
1269 {
1270 torture_comment(tctx, "test_SetSecurityDescriptor_SecInfo failed for OWNER\n");
1271 ret = false;
1272 goto out;
1273 }
1274 }
1275 }
1276
1277 /* GROUP */
1278
1279 for (i=0; i < ARRAY_SIZE(sec_info_group_tests); i++) {
1280
1281 for (a=0; a < ARRAY_SIZE(sd_group_good_access_masks); a++) {
1282
1283 if (!test_SetSecurityDescriptor_SecInfo(p, tctx, handle,
1284 key,
1285 "GROUP",
1286 sd_group_good_access_masks[a],
1287 sec_info_group_tests[i].sec_info,
1288 sec_info_group_tests[i].sd,
1289 sec_info_group_tests[i].set_werr,
1290 sec_info_group_tests[i].sid_present,
1291 sec_info_group_tests[i].fn,
1292 sid))
1293 {
1294 torture_comment(tctx, "test_SetSecurityDescriptor_SecInfo failed for GROUP\n");
1295 ret = false;
1296 goto out;
1297 }
1298 }
1299 }
1300
1301 /* DACL */
1302
1303 for (i=0; i < ARRAY_SIZE(sec_info_dacl_tests); i++) {
1304
1305 for (a=0; a < ARRAY_SIZE(sd_dacl_good_access_masks); a++) {
1306
1307 if (!test_SetSecurityDescriptor_SecInfo(p, tctx, handle,
1308 key,
1309 "DACL",
1310 sd_dacl_good_access_masks[a],
1311 sec_info_dacl_tests[i].sec_info,
1312 sec_info_dacl_tests[i].sd,
1313 sec_info_dacl_tests[i].set_werr,
1314 sec_info_dacl_tests[i].sid_present,
1315 sec_info_dacl_tests[i].fn,
1316 sid))
1317 {
1318 torture_comment(tctx, "test_SetSecurityDescriptor_SecInfo failed for DACL\n");
1319 ret = false;
1320 goto out;
1321 }
1322 }
1323 }
1324
1325 /* SACL */
1326
1327 for (i=0; i < ARRAY_SIZE(sec_info_sacl_tests); i++) {
1328
1329 for (a=0; a < ARRAY_SIZE(sd_sacl_good_access_masks); a++) {
1330
1331 if (!test_SetSecurityDescriptor_SecInfo(p, tctx, handle,
1332 key,
1333 "SACL",
1334 sd_sacl_good_access_masks[a],
1335 sec_info_sacl_tests[i].sec_info,
1336 sec_info_sacl_tests[i].sd,
1337 sec_info_sacl_tests[i].set_werr,
1338 sec_info_sacl_tests[i].sid_present,
1339 sec_info_sacl_tests[i].fn,
1340 sid))
1341 {
1342 torture_comment(tctx, "test_SetSecurityDescriptor_SecInfo failed for SACL\n");
1343 ret = false;
1344 goto out;
1345 }
1346 }
1347 }
1348
1349 out:
1350 test_RestoreSecurity(p, tctx, handle, key, sd_orig);
1351
1352 return ret;
1353 }
1354
1355 static bool test_SecurityDescriptors(struct dcerpc_pipe *p,
1356 struct torture_context *tctx,
1357 struct policy_handle *handle,
1358 const char *key)
1359 {
1360 bool ret = true;
1361
1362 if (!test_SecurityDescriptor(p, tctx, handle, key)) {
1363 torture_comment(tctx, "test_SecurityDescriptor failed\n");
1364 ret = false;
1365 }
1366
1367 if (!test_SecurityDescriptorInheritance(p, tctx, handle, key)) {
1368 torture_comment(tctx, "test_SecurityDescriptorInheritance failed\n");
1369 ret = false;
1370 }
1371
1372 if (!test_SecurityDescriptorBlockInheritance(p, tctx, handle, key)) {
1373 torture_comment(tctx, "test_SecurityDescriptorBlockInheritance failed\n");
1374 ret = false;
1375 }
1376
1377 if (!test_SecurityDescriptorsSecInfo(p, tctx, handle, key)) {
1378 torture_comment(tctx, "test_SecurityDescriptorsSecInfo failed\n");
1379 ret = false;
1380 }
1381
1382 if (!test_SecurityDescriptorsMasks(p, tctx, handle, key)) {
1383 torture_comment(tctx, "test_SecurityDescriptorsMasks failed\n");
1384 ret = false;
1385 }
1386
1387 return ret;
1388 }
1389
1390 static bool test_DeleteKey(struct dcerpc_binding_handle *b,
1391 struct torture_context *tctx,
1392 struct policy_handle *handle, const char *key)
1393 {
1394 NTSTATUS status;
1395 struct winreg_DeleteKey r;
1396
1397 r.in.handle = handle;
1398 init_winreg_String(&r.in.key, key);
1399
1400 status = dcerpc_winreg_DeleteKey_r(b, tctx, &r);
1401
1402 torture_assert_ntstatus_ok(tctx, status, "DeleteKey failed");
1403 torture_assert_werr_ok(tctx, r.out.result, "DeleteKey failed");
1404
1405 return true;
1406 }
1407
1408 static bool test_QueryInfoKey(struct dcerpc_binding_handle *b,
1409 struct torture_context *tctx,
1410 struct policy_handle *handle, char *kclass)
1411 {
1412 struct winreg_QueryInfoKey r;
1413 uint32_t num_subkeys, max_subkeylen, max_classlen,
1414 num_values, max_valnamelen, max_valbufsize,
1415 secdescsize;
1416 NTTIME last_changed_time;
1417
1418 ZERO_STRUCT(r);
1419 r.in.handle = handle;
1420 r.out.num_subkeys = &num_subkeys;
1421 r.out.max_subkeylen = &max_subkeylen;
1422 r.out.max_classlen = &max_classlen;
1423 r.out.num_values = &num_values;
1424 r.out.max_valnamelen = &max_valnamelen;
1425 r.out.max_valbufsize = &max_valbufsize;
1426 r.out.secdescsize = &secdescsize;
1427 r.out.last_changed_time = &last_changed_time;
1428
1429 r.out.classname = talloc(tctx, struct winreg_String);
1430
1431 r.in.classname = talloc(tctx, struct winreg_String);
1432 init_winreg_String(r.in.classname, kclass);
1433
1434 torture_assert_ntstatus_ok(tctx,
1435 dcerpc_winreg_QueryInfoKey_r(b, tctx, &r),
1436 "QueryInfoKey failed");
1437
1438 torture_assert_werr_ok(tctx, r.out.result, "QueryInfoKey failed");
1439
1440 return true;
1441 }
1442
1443 static bool test_SetValue(struct dcerpc_binding_handle *b,
1444 struct torture_context *tctx,
1445 struct policy_handle *handle,
1446 const char *value_name,
1447 enum winreg_Type type,
1448 uint8_t *data,
1449 uint32_t size)
1450 {
1451 struct winreg_SetValue r;
1452 struct winreg_String name;
1453
1454 torture_comment(tctx, "Testing SetValue(%s), type: %s, offered: 0x%08x)\n",
1455 value_name, str_regtype(type), size);
1456
1457 init_winreg_String(&name, value_name);
1458
1459 r.in.handle = handle;
1460 r.in.name = name;
1461 r.in.type = type;
1462 r.in.data = data;
1463 r.in.size = size;
1464
1465 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_SetValue_r(b, tctx, &r),
1466 "winreg_SetValue failed");
1467 torture_assert_werr_ok(tctx, r.out.result,
1468 "winreg_SetValue failed");
1469
1470 return true;
1471 }
1472
1473 static bool test_DeleteValue(struct dcerpc_binding_handle *b,
1474 struct torture_context *tctx,
1475 struct policy_handle *handle,
1476 const char *value_name)
1477 {
1478 struct winreg_DeleteValue r;
1479 struct winreg_String value;
1480
1481 torture_comment(tctx, "Testing DeleteValue(%s)\n", value_name);
1482
1483 init_winreg_String(&value, value_name);
1484
1485 r.in.handle = handle;
1486 r.in.value = value;
1487
1488 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_DeleteValue_r(b, tctx, &r),
1489 "winreg_DeleteValue failed");
1490 torture_assert_werr_ok(tctx, r.out.result,
1491 "winreg_DeleteValue failed");
1492
1493 return true;
1494 }
1495
1496 static bool test_key(struct dcerpc_pipe *p, struct torture_context *tctx,
1497 struct policy_handle *handle, int depth,
1498 bool test_security);
1499
1500 static bool test_EnumKey(struct dcerpc_pipe *p, struct torture_context *tctx,
1501 struct policy_handle *handle, int depth,
1502 bool test_security)
1503 {
1504 struct winreg_EnumKey r;
1505 struct winreg_StringBuf kclass, name;
1506 NTSTATUS status;
1507 NTTIME t = 0;
1508 struct dcerpc_binding_handle *b = p->binding_handle;
1509
1510 kclass.name = "";
1511 kclass.size = 1024;
1512
1513 ZERO_STRUCT(r);
1514 r.in.handle = handle;
1515 r.in.enum_index = 0;
1516 r.in.name = &name;
1517 r.in.keyclass = &kclass;
1518 r.out.name = &name;
1519 r.in.last_changed_time = &t;
1520
1521 do {
1522 name.name = NULL;
1523 name.size = 1024;
1524
1525 status = dcerpc_winreg_EnumKey_r(b, tctx, &r);
1526
1527 if (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(r.out.result)) {
1528 struct policy_handle key_handle;
1529
1530 torture_comment(tctx, "EnumKey: %d: %s\n",
1531 r.in.enum_index,
1532 r.out.name->name);
1533
1534 if (!test_OpenKey(b, tctx, handle, r.out.name->name,
1535 &key_handle)) {
1536 } else {
1537 test_key(p, tctx, &key_handle,
1538 depth + 1, test_security);
1539 }
1540 }
1541
1542 r.in.enum_index++;
1543
1544 } while (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(r.out.result));
1545
1546 torture_assert_ntstatus_ok(tctx, status, "EnumKey failed");
1547
1548 if (!W_ERROR_IS_OK(r.out.result) &&
1549 !W_ERROR_EQUAL(r.out.result, WERR_NO_MORE_ITEMS)) {
1550 torture_fail(tctx, "EnumKey failed");
1551 }
1552
1553 return true;
1554 }
1555
1556 static bool test_QueryMultipleValues(struct dcerpc_binding_handle *b,
1557 struct torture_context *tctx,
1558 struct policy_handle *handle,
1559 const char *valuename)
1560 {
1561 struct winreg_QueryMultipleValues r;
1562 NTSTATUS status;
1563 uint32_t bufsize=0;
1564
1565 ZERO_STRUCT(r);
1566 r.in.key_handle = handle;
1567 r.in.values = r.out.values = talloc_array(tctx, struct QueryMultipleValue, 1);
1568 r.in.values[0].name = talloc(tctx, struct winreg_String);
1569 r.in.values[0].name->name = valuename;
1570 r.in.values[0].offset = 0;
1571 r.in.values[0].length = 0;
1572 r.in.values[0].type = 0;
1573
1574 r.in.num_values = 1;
1575 r.in.buffer_size = r.out.buffer_size = talloc(tctx, uint32_t);
1576 *r.in.buffer_size = bufsize;
1577 do {
1578 *r.in.buffer_size = bufsize;
1579 r.in.buffer = r.out.buffer = talloc_zero_array(tctx, uint8_t,
1580 *r.in.buffer_size);
1581
1582 status = dcerpc_winreg_QueryMultipleValues_r(b, tctx, &r);
1583
1584 if(NT_STATUS_IS_ERR(status))
1585 torture_fail(tctx, "QueryMultipleValues failed");
1586
1587 talloc_free(r.in.buffer);
1588 bufsize += 0x20;
1589 } while (W_ERROR_EQUAL(r.out.result, WERR_MORE_DATA));
1590
1591 torture_assert_werr_ok(tctx, r.out.result, "QueryMultipleValues failed");
1592
1593 return true;
1594 }
1595
1596 static bool test_QueryValue(struct dcerpc_binding_handle *b,
1597 struct torture_context *tctx,
1598 struct policy_handle *handle,
1599 const char *valuename)
1600 {
1601 struct winreg_QueryValue r;
1602 NTSTATUS status;
1603 enum winreg_Type zero_type = 0;
1604 uint32_t offered = 0xfff;
1605 uint32_t zero = 0;
1606
1607 ZERO_STRUCT(r);
1608 r.in.handle = handle;
1609 r.in.data = NULL;
1610 r.in.value_name = talloc_zero(tctx, struct winreg_String);
1611 r.in.value_name->name = valuename;
1612 r.in.type = &zero_type;
1613 r.in.data_size = &offered;
1614 r.in.data_length = &zero;
1615
1616 status = dcerpc_winreg_QueryValue_r(b, tctx, &r);
1617 if (NT_STATUS_IS_ERR(status)) {
1618 torture_fail(tctx, "QueryValue failed");
1619 }
1620
1621 torture_assert_werr_ok(tctx, r.out.result, "QueryValue failed");
1622
1623 return true;
1624 }
1625
1626 static bool test_QueryValue_full(struct dcerpc_binding_handle *b,
1627 struct torture_context *tctx,
1628 struct policy_handle *handle,
1629 const char *valuename,
1630 bool existing_value)
1631 {
1632 struct winreg_QueryValue r;
1633 struct winreg_String value_name;
1634 enum winreg_Type type = REG_NONE;
1635 uint32_t data_size = 0;
1636 uint32_t real_data_size = 0;
1637 uint32_t data_length = 0;
1638 uint8_t *data = NULL;
1639 WERROR expected_error = WERR_BADFILE;
1640
1641 if (valuename == NULL) {
1642 expected_error = WERR_INVALID_PARAM;
1643 }
1644
1645 ZERO_STRUCT(r);
1646
1647 init_winreg_String(&value_name, NULL);
1648
1649 torture_comment(tctx, "Testing QueryValue(%s)\n", valuename);
1650
1651 r.in.handle = handle;
1652 r.in.value_name = &value_name;
1653
1654 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r), "QueryValue failed");
1655 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAM,
1656 "expected WERR_INVALID_PARAM for NULL winreg_String.name");
1657
1658 init_winreg_String(&value_name, valuename);
1659 r.in.value_name = &value_name;
1660
1661 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r),
1662 "QueryValue failed");
1663 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAM,
1664 "QueryValue failed");
1665
1666 r.in.type = &type;
1667 r.out.type = &type;
1668 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r),
1669 "QueryValue failed");
1670 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAM,
1671 "QueryValue failed");
1672
1673 r.in.data_length = &data_length;
1674 r.out.data_length = &data_length;
1675 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r),
1676 "QueryValue failed");
1677 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_PARAM,
1678 "QueryValue failed");
1679
1680 r.in.data_size = &data_size;
1681 r.out.data_size = &data_size;
1682 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r),
1683 "QueryValue failed");
1684 if (existing_value) {
1685 torture_assert_werr_ok(tctx, r.out.result,
1686 "QueryValue failed");
1687 } else {
1688 torture_assert_werr_equal(tctx, r.out.result, expected_error,
1689 "QueryValue failed");
1690 }
1691
1692 real_data_size = *r.out.data_size;
1693
1694 data = talloc_zero_array(tctx, uint8_t, 0);
1695 r.in.data = data;
1696 r.out.data = data;
1697 *r.in.data_size = 0;
1698 *r.out.data_size = 0;
1699 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r),
1700 "QueryValue failed");
1701 if (existing_value) {
1702 torture_assert_werr_equal(tctx, r.out.result, WERR_MORE_DATA,
1703 "QueryValue failed");
1704 } else {
1705 torture_assert_werr_equal(tctx, r.out.result, expected_error,
1706 "QueryValue failed");
1707 }
1708
1709 data = talloc_zero_array(tctx, uint8_t, real_data_size);
1710 r.in.data = data;
1711 r.out.data = data;
1712 r.in.data_size = &real_data_size;
1713 r.out.data_size = &real_data_size;
1714 torture_assert_ntstatus_ok(tctx, dcerpc_winreg_QueryValue_r(b, tctx, &r),
1715 "QueryValue failed");
1716 if (existing_value) {
1717 torture_assert_werr_ok(tctx, r.out.result,
1718 "QueryValue failed");
1719 } else {
1720 torture_assert_werr_equal(tctx, r.out.result, expected_error,
1721 "QueryValue failed");
1722 }
1723
1724 return true;
1725 }
1726
1727 static bool test_EnumValue(struct dcerpc_binding_handle *b,
1728 struct torture_context *tctx,
1729 struct policy_handle *handle, int max_valnamelen,
1730 int max_valbufsize)
1731 {
1732 struct winreg_EnumValue r;
1733 enum winreg_Type type = 0;
1734 uint32_t size = max_valbufsize, zero = 0;
1735 bool ret = true;
1736 uint8_t buf8;
1737 struct winreg_ValNameBuf name;
1738
1739 name.name = "";
1740 name.size = 1024;
1741
1742 ZERO_STRUCT(r);
1743 r.in.handle = handle;
1744 r.in.enum_index = 0;
1745 r.in.name = &name;
1746 r.out.name = &name;
1747 r.in.type = &type;
1748 r.in.value = &buf8;
1749 r.in.length = &zero;
1750 r.in.size = &size;
1751
1752 do {
1753 torture_assert_ntstatus_ok(tctx,
1754 dcerpc_winreg_EnumValue_r(b, tctx, &r),
1755 "EnumValue failed");
1756
1757 if (W_ERROR_IS_OK(r.out.result)) {
1758 ret &= test_QueryValue(b, tctx, handle,
1759 r.out.name->name);
1760 ret &= test_QueryMultipleValues(b, tctx, handle,
1761 r.out.name->name);
1762 }
1763
1764 r.in.enum_index++;
1765 } while (W_ERROR_IS_OK(r.out.result));
1766
1767 torture_assert_werr_equal(tctx, r.out.result, WERR_NO_MORE_ITEMS,
1768 "EnumValue failed");
1769
1770 return ret;
1771 }
1772
1773 static bool test_AbortSystemShutdown(struct dcerpc_binding_handle *b,
1774 struct torture_context *tctx)
1775 {
1776 struct winreg_AbortSystemShutdown r;
1777 uint16_t server = 0x0;
1778
1779 ZERO_STRUCT(r);
1780 r.in.server = &server;
1781
1782 torture_assert_ntstatus_ok(tctx,
1783 dcerpc_winreg_AbortSystemShutdown_r(b, tctx, &r),
1784 "AbortSystemShutdown failed");
1785
1786 torture_assert_werr_ok(tctx, r.out.result,
1787 "AbortSystemShutdown failed");
1788
1789 return true;
1790 }
1791
1792 static bool test_InitiateSystemShutdown(struct torture_context *tctx,
1793 struct dcerpc_pipe *p)
1794 {
1795 struct winreg_InitiateSystemShutdown r;
1796 uint16_t hostname = 0x0;
1797 struct dcerpc_binding_handle *b = p->binding_handle;
1798
1799 ZERO_STRUCT(r);
1800 r.in.hostname = &hostname;
1801 r.in.message = talloc(tctx, struct lsa_StringLarge);
1802 init_lsa_StringLarge(r.in.message, "spottyfood");
1803 r.in.force_apps = 1;
1804 r.in.timeout = 30;
1805 r.in.do_reboot = 1;
1806
1807 torture_assert_ntstatus_ok(tctx,
1808 dcerpc_winreg_InitiateSystemShutdown_r(b, tctx, &r),
1809 "InitiateSystemShutdown failed");
1810
1811 torture_assert_werr_ok(tctx, r.out.result,
1812 "InitiateSystemShutdown failed");
1813
1814 return test_AbortSystemShutdown(b, tctx);
1815 }
1816
1817
1818 static bool test_InitiateSystemShutdownEx(struct torture_context *tctx,
1819 struct dcerpc_pipe *p)
1820 {
1821 struct winreg_InitiateSystemShutdownEx r;
1822 uint16_t hostname = 0x0;
1823 struct dcerpc_binding_handle *b = p->binding_handle;
1824
1825 ZERO_STRUCT(r);
1826 r.in.hostname = &hostname;
1827 r.in.message = talloc(tctx, struct lsa_StringLarge);
1828 init_lsa_StringLarge(r.in.message, "spottyfood");
1829 r.in.force_apps = 1;
1830 r.in.timeout = 30;
1831 r.in.do_reboot = 1;
1832 r.in.reason = 0;
1833
1834 torture_assert_ntstatus_ok(tctx,
1835 dcerpc_winreg_InitiateSystemShutdownEx_r(b, tctx, &r),
1836 "InitiateSystemShutdownEx failed");
1837
1838 torture_assert_werr_ok(tctx, r.out.result,
1839 "InitiateSystemShutdownEx failed");
1840
1841 return test_AbortSystemShutdown(b, tctx);
1842 }
1843 #define MAX_DEPTH 2 /* Only go this far down the tree */
1844
1845 static bool test_key(struct dcerpc_pipe *p, struct torture_context *tctx,
1846 struct policy_handle *handle, int depth,
1847 bool test_security)
1848 {
1849 struct dcerpc_binding_handle *b = p->binding_handle;
1850
1851 if (depth == MAX_DEPTH)
1852 return true;
1853
1854 if (!test_QueryInfoKey(b, tctx, handle, NULL)) {
1855 }
1856
1857 if (!test_NotifyChangeKeyValue(b, tctx, handle)) {
1858 }
1859
1860 if (test_security && !test_GetKeySecurity(p, tctx, handle, NULL)) {
1861 }
1862
1863 if (!test_EnumKey(p, tctx, handle, depth, test_security)) {
1864 }
1865
1866 if (!test_EnumValue(b, tctx, handle, 0xFF, 0xFFFF)) {
1867 }
1868
1869 test_CloseKey(b, tctx, handle);
1870
1871 return true;
1872 }
1873
1874 static bool test_SetValue_simple(struct dcerpc_pipe *p,
1875 struct torture_context *tctx,
1876 struct policy_handle *handle)
1877 {
1878 const char *value_name = TEST_VALUE;
1879 uint32_t value = 0x12345678;
1880 const char *string = "torture";
1881 DATA_BLOB blob;
1882 enum winreg_Type types[] = {
1883 REG_DWORD,
1884 REG_BINARY,
1885 REG_SZ,
1886 REG_MULTI_SZ
1887 };
1888 int t;
1889 struct dcerpc_binding_handle *b = p->binding_handle;
1890
1891 torture_comment(tctx, "Testing SetValue (standard formats)\n");
1892
1893 for (t=0; t < ARRAY_SIZE(types); t++) {
1894
1895 enum winreg_Type w_type;
1896 uint32_t w_size, w_length;
1897 uint8_t *w_data;
1898
1899 switch (types[t]) {
1900 case REG_DWORD:
1901 blob = data_blob_talloc_zero(tctx, 4);
1902 SIVAL(blob.data, 0, value);
1903 break;
1904 case REG_BINARY:
1905 blob = data_blob_string_const("binary_blob");
1906 break;
1907 case REG_SZ:
1908 torture_assert(tctx,
1909 convert_string_talloc_convenience(tctx, lp_iconv_convenience(tctx->lp_ctx),
1910 CH_UNIX, CH_UTF16,
1911 string,
1912 strlen(string)+1,
1913 (void **)&blob.data,
1914 &blob.length,
1915 false), "");
1916 break;
1917 case REG_MULTI_SZ:
1918 torture_assert(tctx,
1919 convert_string_talloc_convenience(tctx, lp_iconv_convenience(tctx->lp_ctx),
1920 CH_UNIX, CH_UTF16,
1921 string,
1922 strlen(string)+1,
1923 (void **)&blob.data,
1924 &blob.length,
1925 false), "");
1926 torture_assert(tctx, data_blob_realloc(tctx, &blob, blob.length + 2), "");
1927 memset(&blob.data[blob.length - 2], '\0', 2);
1928 break;
1929 default:
1930 break;
1931 }
1932
1933 torture_assert(tctx,
1934 test_SetValue(b, tctx, handle, value_name, types[t], blob.data, blob.length),
1935 "test_SetValue failed");
1936 torture_assert(tctx,
1937 test_QueryValue_full(b, tctx, handle, value_name, true),
1938 talloc_asprintf(tctx, "test_QueryValue_full for %s value failed", value_name));
1939 torture_assert(tctx,
1940 test_winreg_QueryValue(tctx, b, handle, value_name, &w_type, &w_size, &w_length, &w_data),
1941 "test_winreg_QueryValue failed");
1942 torture_assert(tctx,
1943 test_DeleteValue(b, tctx, handle, value_name),
1944 "test_DeleteValue failed");
1945
1946 torture_assert_int_equal(tctx, w_type, types[t], "winreg type mismatch");
1947 torture_assert_int_equal(tctx, w_size, blob.length, "winreg size mismatch");
1948 torture_assert_int_equal(tctx, w_length, blob.length, "winreg length mismatch");
1949 torture_assert_mem_equal(tctx, w_data, blob.data, blob.length, "winreg buffer mismatch");
1950 }
1951
1952 torture_comment(tctx, "Testing SetValue (standard formats) succeeded\n");
1953
1954 return true;
1955 }
1956
1957 typedef NTSTATUS (*winreg_open_fn)(struct dcerpc_binding_handle *, TALLOC_CTX *, void *);
1958
1959 static bool test_Open_Security(struct torture_context *tctx,
1960 struct dcerpc_pipe *p, void *userdata)
1961 {
1962 struct policy_handle handle, newhandle;
1963 bool ret = true, created2 = false;
1964 bool created4 = false;
1965 struct winreg_OpenHKLM r;
1966 struct dcerpc_binding_handle *b = p->binding_handle;
1967
1968 winreg_open_fn open_fn = userdata;
1969
1970 ZERO_STRUCT(r);
1971 r.in.system_name = 0;
1972 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1973 r.out.handle = &handle;
1974
1975 torture_assert_ntstatus_ok(tctx, open_fn(b, tctx, &r),
1976 "open");
1977
1978 test_Cleanup(b, tctx, &handle, TEST_KEY_BASE);
1979
1980 if (!test_CreateKey(b, tctx, &handle, TEST_KEY_BASE, NULL)) {
1981 torture_comment(tctx,
1982 "CreateKey (TEST_KEY_BASE) failed\n");
1983 }
1984
1985 if (test_CreateKey_sd(b, tctx, &handle, TEST_KEY2,
1986 NULL, &newhandle)) {
1987 created2 = true;
1988 }
1989
1990 if (created2 && !test_CloseKey(b, tctx, &newhandle)) {
1991 torture_comment(tctx, "CloseKey failed\n");
1992 ret = false;
1993 }
1994
1995 if (test_CreateKey_sd(b, tctx, &handle, TEST_KEY4, NULL, &newhandle)) {
1996 created4 = true;
1997 }
1998
1999 if (created4 && !test_CloseKey(b, tctx, &newhandle)) {
2000 torture_comment(tctx, "CloseKey failed\n");
2001 ret = false;
2002 }
2003
2004 if (created4 && !test_SecurityDescriptors(p, tctx, &handle, TEST_KEY4)) {
2005 ret = false;
2006 }
2007
2008 if (created4 && !test_DeleteKey(b, tctx, &handle, TEST_KEY4)) {
2009 torture_comment(tctx, "DeleteKey failed\n");
2010 ret = false;
2011 }
2012
2013 if (created2 && !test_DeleteKey(b, tctx, &handle, TEST_KEY2)) {
2014 torture_comment(tctx, "DeleteKey failed\n");
2015 ret = false;
2016 }
2017
2018 /* The HKCR hive has a very large fanout */
2019 if (open_fn == (void *)dcerpc_winreg_OpenHKCR_r) {
2020 if(!test_key(p, tctx, &handle, MAX_DEPTH - 1, true)) {
2021 ret = false;
2022 }
2023 } else {
2024 if (!test_key(p, tctx, &handle, 0, true)) {
2025 ret = false;
2026 }
2027 }
2028
2029 test_Cleanup(b, tctx, &handle, TEST_KEY_BASE);
2030
2031 return ret;
2032 }
2033
2034 static bool test_SetValue_extended(struct dcerpc_binding_handle *b,
2035 struct torture_context *tctx,
2036 struct policy_handle *handle)
2037 {
2038 const char *value_name = TEST_VALUE;
2039 enum winreg_Type types[] = {
2040 REG_NONE,
2041 REG_SZ,
2042 REG_EXPAND_SZ,
2043 REG_BINARY,
2044 REG_DWORD,
2045 REG_DWORD_BIG_ENDIAN,
2046 REG_LINK,
2047 REG_MULTI_SZ,
2048 REG_RESOURCE_LIST,
2049 REG_FULL_RESOURCE_DESCRIPTOR,
2050 REG_RESOURCE_REQUIREMENTS_LIST,
2051 REG_QWORD,
2052 12,
2053 13,
2054 14,
2055 55,
2056 123456,
2057 653210,
2058 __LINE__
2059 };
2060 int t, l;
2061
2062 if (torture_setting_bool(tctx, "samba3", false) ||
2063 torture_setting_bool(tctx, "samba4", false)) {
2064 torture_skip(tctx, "skipping extended SetValue test against Samba");
2065 }
2066
2067 torture_comment(tctx, "Testing SetValue (extended formats)\n");
2068
2069 for (t=0; t < ARRAY_SIZE(types); t++) {
2070 for (l=0; l < 32; l++) {
2071
2072 enum winreg_Type w_type;
2073 uint32_t w_size, w_length;
2074 uint8_t *w_data;
2075
2076 const char *string = generate_random_str(tctx, l);
2077 DATA_BLOB blob = data_blob_string_const(string);
2078
2079 torture_assert(tctx,
2080 test_SetValue(b, tctx, handle, value_name, types[t], blob.data, blob.length),
2081 "test_SetValue failed");
2082
2083 torture_assert(tctx,
2084 test_winreg_QueryValue(tctx, b, handle, value_name, &w_type, &w_size, &w_length, &w_data),
2085 "test_winreg_QueryValue failed");
2086
2087 torture_assert(tctx,
2088 test_DeleteValue(b, tctx, handle, value_name),
2089 "test_DeleteValue failed");
2090
2091 torture_assert_int_equal(tctx, w_type, types[t], "winreg type mismatch");
2092 torture_assert_int_equal(tctx, w_size, blob.length, "winreg size mismatch");
2093 torture_assert_int_equal(tctx, w_length, blob.length, "winreg length mismatch");
2094 torture_assert_mem_equal(tctx, w_data, blob.data, blob.length, "winreg buffer mismatch");
2095 }
2096 }
2097
2098 torture_comment(tctx, "Testing SetValue (extended formats) succeeded\n");
2099
2100 return true;
2101 }
2102
2103 #define KEY_CURRENT_VERSION "SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION"
2104 #define VALUE_CURRENT_VERSION "CurrentVersion"
2105
2106 static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p,
2107 void *userdata)
2108 {
2109 struct policy_handle handle, newhandle;
2110 bool ret = true, created = false, deleted = false;
2111 bool created3 = false, created_subkey = false;
2112 struct winreg_OpenHKLM r;
2113 struct dcerpc_binding_handle *b = p->binding_handle;
2114
2115 winreg_open_fn open_fn = userdata;
2116
2117 ZERO_STRUCT(r);
2118 r.in.system_name = 0;
2119 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2120 r.out.handle = &handle;
2121
2122 torture_assert_ntstatus_ok(tctx, open_fn(b, tctx, &r),
2123 "open");
2124
2125 if (open_fn == (void *)dcerpc_winreg_OpenHKLM_r) {
2126 #if 0
2127 torture_assert(tctx, test_OpenKey(p, tctx, &handle, KEY_CURRENT_VERSION, &newhandle),
2128 "failed to open current version key");
2129 #else
2130 torture_assert(tctx, _test_OpenKey(b, tctx, &handle, KEY_CURRENT_VERSION, KEY_QUERY_VALUE, &newhandle, WERR_OK, NULL),
2131 "failed to open current version key");
2132 #endif
2133 torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, VALUE_CURRENT_VERSION, true),
2134 "failed to query current version");
2135 torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, "IDoNotExist", false),
2136 "failed to query current version");
2137 torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, NULL, false),
2138 "test_QueryValue_full for NULL value failed");
2139 torture_assert(tctx, test_QueryValue_full(b, tctx, &newhandle, "", false),
2140 "test_QueryValue_full for \"\" value failed");
2141
2142 torture_assert(tctx, test_CloseKey(b, tctx, &newhandle),
2143 "failed to close current version key");
2144 }
2145
2146 test_Cleanup(b, tctx, &handle, TEST_KEY_BASE);
2147
2148 if (!test_CreateKey(b, tctx, &handle, TEST_KEY_BASE, NULL)) {
2149 torture_comment(tctx,
2150 "CreateKey (TEST_KEY_BASE) failed\n");
2151 }
2152
2153 if (!test_CreateKey(b, tctx, &handle, TEST_KEY1, NULL)) {
2154 torture_comment(tctx,
2155 "CreateKey failed - not considering a failure\n");
2156 } else {
2157 created = true;
2158 }
2159
2160 if (created && !test_FlushKey(b, tctx, &handle)) {
2161 torture_comment(tctx, "FlushKey failed\n");
2162 ret = false;
2163 }
2164
2165 if (created && !test_OpenKey(b, tctx, &handle, TEST_KEY1, &newhandle))
2166 torture_fail(tctx,
2167 "CreateKey failed (OpenKey after Create didn't work)\n");
2168
2169 if (created) {
2170 torture_assert(tctx, test_SetValue_simple(p, tctx, &newhandle),
2171 "simple SetValue test failed");
2172 torture_assert(tctx, test_SetValue_extended(b, tctx, &newhandle),
2173 "extended SetValue test failed");
2174 }
2175
2176 if (created && !test_CloseKey(b, tctx, &newhandle))
2177 torture_fail(tctx,
2178 "CreateKey failed (CloseKey after Open didn't work)\n");
2179
2180 if (created && !test_DeleteKey(b, tctx, &handle, TEST_KEY1)) {
2181 torture_comment(tctx, "DeleteKey failed\n");
2182 ret = false;
2183 } else {
2184 deleted = true;
2185 }
2186
2187 if (created && !test_FlushKey(b, tctx, &handle)) {
2188 torture_comment(tctx, "FlushKey failed\n");
2189 ret = false;
2190 }
2191
2192 if (created && deleted &&
2193 !_test_OpenKey(b, tctx, &handle, TEST_KEY1,
2194 SEC_FLAG_MAXIMUM_ALLOWED, &newhandle,
2195 WERR_BADFILE, NULL)) {
2196 torture_comment(tctx,
2197 "DeleteKey failed (OpenKey after Delete "
2198 "did not return WERR_BADFILE)\n");
2199 ret = false;
2200 }
2201
2202 if (!test_GetVersion(b, tctx, &handle)) {
2203 torture_comment(tctx, "GetVersion failed\n");
2204 ret = false;
2205 }
2206
2207 if (created && test_CreateKey(b, tctx, &handle, TEST_KEY3, NULL)) {
2208 created3 = true;
2209 }
2210
2211 if (created3 &&
2212 test_CreateKey(b, tctx, &handle, TEST_SUBKEY, NULL)) {
2213 created_subkey = true;
2214 }
2215
2216 if (created_subkey &&
2217 !test_DeleteKey(b, tctx, &handle, TEST_KEY3)) {
2218 torture_comment(tctx, "DeleteKey failed\n");
2219 ret = false;
2220 }
2221
2222 /* The HKCR hive has a very large fanout */
2223 if (open_fn == (void *)dcerpc_winreg_OpenHKCR_r) {
2224 if(!test_key(p, tctx, &handle, MAX_DEPTH - 1, false)) {
2225 ret = false;
2226 }
2227 } else {
2228 if (!test_key(p, tctx, &handle, 0, false)) {
2229 ret = false;
2230 }
2231 }
2232
2233 test_Cleanup(b, tctx, &handle, TEST_KEY_BASE);
2234
2235 return ret;
2236 }
2237
2238 struct torture_suite *torture_rpc_winreg(TALLOC_CTX *mem_ctx)
2239 {
2240 struct torture_rpc_tcase *tcase;
2241 struct torture_suite *suite = torture_suite_create(mem_ctx, "WINREG");
2242 struct torture_test *test;
2243
2244 tcase = torture_suite_add_rpc_iface_tcase(suite, "winreg",
2245 &ndr_table_winreg);
2246
2247 test = torture_rpc_tcase_add_test(tcase, "InitiateSystemShutdown",
2248 test_InitiateSystemShutdown);
2249 test->dangerous = true;
2250
2251 test = torture_rpc_tcase_add_test(tcase, "InitiateSystemShutdownEx",
2252 test_InitiateSystemShutdownEx);
2253 test->dangerous = true;
2254
2255 /* Basic tests without security descriptors */
2256 torture_rpc_tcase_add_test_ex(tcase, "HKLM-basic",
2257 test_Open,
2258 (winreg_open_fn)dcerpc_winreg_OpenHKLM_r);
2259 torture_rpc_tcase_add_test_ex(tcase, "HKU-basic",
2260 test_Open,
2261 (winreg_open_fn)dcerpc_winreg_OpenHKU_r);
2262 torture_rpc_tcase_add_test_ex(tcase, "HKCR-basic",
2263 test_Open,
2264 (winreg_open_fn)dcerpc_winreg_OpenHKCR_r);
2265 torture_rpc_tcase_add_test_ex(tcase, "HKCU-basic",
2266 test_Open,
2267 (winreg_open_fn)dcerpc_winreg_OpenHKCU_r);
2268
2269 /* Security descriptor tests */
2270 torture_rpc_tcase_add_test_ex(tcase, "HKLM-security",
2271 test_Open_Security,
2272 (winreg_open_fn)dcerpc_winreg_OpenHKLM_r);
2273 torture_rpc_tcase_add_test_ex(tcase, "HKU-security",
2274 test_Open_Security,
2275 (winreg_open_fn)dcerpc_winreg_OpenHKU_r);
2276 torture_rpc_tcase_add_test_ex(tcase, "HKCR-security",
2277 test_Open_Security,
2278 (winreg_open_fn)dcerpc_winreg_OpenHKCR_r);
2279 torture_rpc_tcase_add_test_ex(tcase, "HKCU-security",
2280 test_Open_Security,
2281 (winreg_open_fn)dcerpc_winreg_OpenHKCU_r);
2282
2283 return suite;
2284 }