diff options
| author | Jeremy Allison <jra@samba.org> | 2014-06-17 17:02:07 -0700 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2014-06-18 09:42:42 +0200 |
| commit | 937d35bd182a7dfb0845bc4e418ea7982538f55f (patch) | |
| tree | f8059c173549afd8ec66eb9419f2662b50627f7c | |
| parent | d84d0fc3797f30a78673bcba18c635902bde521d (diff) | |
| download | samba-937d35bd182a7dfb0845bc4e418ea7982538f55f.tar.gz samba-937d35bd182a7dfb0845bc4e418ea7982538f55f.tar.xz samba-937d35bd182a7dfb0845bc4e418ea7982538f55f.zip | |
s4: torture : Add test case to show that a bad impersonation level causes an error on a regular file open.
An invalid impersonation level is only allowed for durable handle reopen.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ira Cooper <ira@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 18 09:42:43 CEST 2014 on sn-devel-104
| -rw-r--r-- | selftest/knownfail | 1 | ||||
| -rw-r--r-- | source4/torture/smb2/create.c | 46 |
2 files changed, 47 insertions, 0 deletions
diff --git a/selftest/knownfail b/selftest/knownfail index 9d1f3c3405..434ce0c095 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -143,6 +143,7 @@ ^samba4.raw.acls.*.create_dir ^samba4.raw.acls.*.create_file ^samba4.smb2.create.*.acldir +^samba4.smb2.create.*.impersonation ^samba4.smb2.acls.*.generic ^samba4.smb2.acls.*.inheritflags ^samba4.smb2.acls.*.owner diff --git a/source4/torture/smb2/create.c b/source4/torture/smb2/create.c index f5b40b6717..44650b58da 100644 --- a/source4/torture/smb2/create.c +++ b/source4/torture/smb2/create.c @@ -1178,6 +1178,51 @@ static bool test_smb2_leading_slash(struct torture_context *tctx, return ret; } +/* + test SMB2 open with an invalid impersonation level. + Should give NT_STATUS_BAD_IMPERSONATION_LEVEL error +*/ +static bool test_smb2_impersonation_level(struct torture_context *tctx, + struct smb2_tree *tree) +{ + union smb_open io; + const char *fname = DNAME "\\torture_invalid_impersonation_level.txt"; + NTSTATUS status; + struct smb2_handle h; + bool ret = true; + + torture_comment(tctx, + "Testing SMB2 open with an invalid impersonation level.\n"); + + smb2_util_unlink(tree, fname); + smb2_util_rmdir(tree, DNAME); + + status = torture_smb2_testdir(tree, DNAME, &h); + CHECK_STATUS(status, NT_STATUS_OK); + + ZERO_STRUCT(io.smb2); + io.generic.level = RAW_OPEN_SMB2; + io.smb2.in.desired_access = SEC_RIGHTS_FILE_ALL; + io.smb2.in.alloc_size = 0; + io.smb2.in.file_attributes = FILE_ATTRIBUTE_NORMAL; + io.smb2.in.share_access = NTCREATEX_SHARE_ACCESS_READ| + NTCREATEX_SHARE_ACCESS_WRITE| + NTCREATEX_SHARE_ACCESS_DELETE; + io.smb2.in.create_disposition = NTCREATEX_DISP_CREATE; + io.smb2.in.create_options = 0; + io.smb2.in.impersonation_level = 0x12345678; + io.smb2.in.security_flags = 0; + io.smb2.in.fname = fname; + io.smb2.in.create_flags = 0; + + status = smb2_create(tree, tree, &(io.smb2)); + CHECK_STATUS(status, NT_STATUS_BAD_IMPERSONATION_LEVEL); + + smb2_util_close(tree, h); + smb2_util_unlink(tree, fname); + smb2_deltree(tree, DNAME); + return ret; +} static bool test_create_acl_file(struct torture_context *tctx, struct smb2_tree *tree) @@ -1486,6 +1531,7 @@ struct torture_suite *torture_smb2_create_init(void) torture_suite_add_1smb2_test(suite, "multi", test_smb2_open_multi); torture_suite_add_1smb2_test(suite, "delete", test_smb2_open_for_delete); torture_suite_add_1smb2_test(suite, "leading-slash", test_smb2_leading_slash); + torture_suite_add_1smb2_test(suite, "impersonation", test_smb2_impersonation_level); torture_suite_add_1smb2_test(suite, "aclfile", test_create_acl_file); torture_suite_add_1smb2_test(suite, "acldir", test_create_acl_dir); torture_suite_add_1smb2_test(suite, "nulldacl", test_create_null_dacl); |