Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 : Basic test for share secdescs vs nttrans_create
4 : Copyright (C) Volker Lendecke 2011
5 :
6 : This program is free software; you can redistribute it and/or modify
7 : it under the terms of the GNU General Public License as published by
8 : the Free Software Foundation; either version 3 of the License, or
9 : (at your option) any later version.
10 :
11 : This program is distributed in the hope that it will be useful,
12 : but WITHOUT ANY WARRANTY; without even the implied warranty of
13 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 : GNU General Public License for more details.
15 :
16 : You should have received a copy of the GNU General Public License
17 : along with this program. If not, see <http://www.gnu.org/licenses/>.
18 : */
19 :
20 : #include "includes.h"
21 : #include "torture/proto.h"
22 : #include "libsmb/libsmb.h"
23 : #include "libcli/security/dom_sid.h"
24 : #include "libcli/security/secdesc.h"
25 : #include "libcli/security/security.h"
26 :
27 0 : bool run_nttrans_create(int dummy)
28 : {
29 0 : struct cli_state *cli = NULL;
30 : NTSTATUS status, status2;
31 0 : bool ret = false;
32 : struct security_ace ace;
33 : struct security_acl acl;
34 : struct security_descriptor *sd;
35 0 : const char *fname = "transtest";
36 : uint16_t fnum, fnum2;
37 : struct dom_sid owner;
38 :
39 0 : printf("Starting NTTRANS_CREATE\n");
40 :
41 0 : if (!torture_open_connection(&cli, 0)) {
42 0 : printf("torture_open_connection failed\n");
43 0 : goto fail;
44 : }
45 :
46 0 : ZERO_STRUCT(ace);
47 0 : ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
48 0 : ace.access_mask = SEC_RIGHTS_FILE_ALL & ~SEC_STD_WRITE_DAC;
49 0 : sid_copy(&ace.trustee, &global_sid_World);
50 :
51 0 : acl.revision = SECURITY_ACL_REVISION_NT4;
52 0 : acl.size = 0;
53 0 : acl.num_aces = 1;
54 0 : acl.aces = &ace;
55 :
56 0 : dom_sid_parse("S-1-22-1-1000", &owner);
57 :
58 0 : sd = make_sec_desc(talloc_tos(),
59 : SECURITY_DESCRIPTOR_REVISION_1,
60 : SEC_DESC_SELF_RELATIVE|
61 : SEC_DESC_DACL_PRESENT|SEC_DESC_OWNER_DEFAULTED|
62 : SEC_DESC_GROUP_DEFAULTED,
63 : NULL, NULL, NULL, &acl, NULL);
64 0 : if (sd == NULL) {
65 0 : d_fprintf(stderr, "make_sec_desc failed\n");
66 0 : goto fail;
67 : }
68 :
69 0 : status = cli_nttrans_create(
70 : cli, fname, 0, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS|
71 : READ_CONTROL_ACCESS,
72 : FILE_ATTRIBUTE_NORMAL,
73 : FILE_SHARE_READ|FILE_SHARE_WRITE| FILE_SHARE_DELETE,
74 : FILE_CREATE, 0, 0, sd, NULL, 0, &fnum, NULL);
75 0 : if (!NT_STATUS_IS_OK(status)) {
76 0 : d_fprintf(stderr, "cli_nttrans_create returned %s\n",
77 : nt_errstr(status));
78 0 : goto fail;
79 : }
80 :
81 0 : cli_query_secdesc(cli, fnum, talloc_tos(), NULL);
82 :
83 0 : status2 = cli_ntcreate(cli, fname, 0, WRITE_DAC_ACCESS,
84 : FILE_ATTRIBUTE_NORMAL,
85 : FILE_SHARE_READ|FILE_SHARE_WRITE|
86 : FILE_SHARE_DELETE,
87 : FILE_OPEN, 0, 0, &fnum2, NULL);
88 :
89 0 : status = cli_nt_delete_on_close(cli, fnum, true);
90 0 : if (!NT_STATUS_IS_OK(status)) {
91 0 : d_fprintf(stderr, "cli_nt_delete_on_close returned %s\n",
92 : nt_errstr(status));
93 0 : goto fail;
94 : }
95 :
96 0 : if (!NT_STATUS_EQUAL(status2, NT_STATUS_ACCESS_DENIED)) {
97 0 : d_fprintf(stderr, "cli_ntcreate returned %s\n",
98 : nt_errstr(status));
99 0 : goto fail;
100 : }
101 :
102 0 : ret = true;
103 0 : fail:
104 0 : if (cli != NULL) {
105 0 : torture_close_connection(cli);
106 : }
107 0 : return ret;
108 : }
|