2 Unix SMB/CIFS implementation.
3 test suite for winreg rpc operations
5 Copyright (C) Tim Potter 2003
6 Copyright (C) Jelmer Vernooij 2004
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "torture/torture.h"
25 #include "librpc/gen_ndr/ndr_winreg_c.h"
26 #include "librpc/gen_ndr/ndr_security.h"
27 #include "libcli/security/security.h"
28 #include "torture/rpc/rpc.h"
30 #define TEST_KEY_BASE "smbtorture test"
31 #define TEST_KEY1 TEST_KEY_BASE "\\spottyfoot"
32 #define TEST_KEY2 TEST_KEY_BASE "\\with a SD (#1)"
34 static void init_initshutdown_String(TALLOC_CTX *mem_ctx, struct initshutdown_String *name, const char *s)
36 name->name = talloc(mem_ctx, struct initshutdown_String_sub);
40 static void init_winreg_String(struct winreg_String *name, const char *s)
44 name->name_len = 2 * (strlen_m(s) + 1);
45 name->name_size = name->name_len;
52 static bool test_GetVersion(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
53 struct policy_handle *handle)
56 struct winreg_GetVersion r;
58 printf("\ntesting GetVersion\n");
64 status = dcerpc_winreg_GetVersion(p, mem_ctx, &r);
66 if (!NT_STATUS_IS_OK(status)) {
67 printf("GetVersion failed - %s\n", nt_errstr(status));
71 if (!W_ERROR_IS_OK(r.out.result)) {
72 printf("GetVersion failed - %s\n", win_errstr(r.out.result));
79 static bool test_NotifyChangeKeyValue(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
80 struct policy_handle *handle)
82 struct winreg_NotifyChangeKeyValue r;
85 printf("\ntesting NotifyChangeKeyValue\n");
88 r.in.watch_subtree = 1;
89 r.in.notify_filter = 0;
90 r.in.unknown = r.in.unknown2 = 0;
91 init_winreg_String(&r.in.string1, NULL);
92 init_winreg_String(&r.in.string2, NULL);
94 status = dcerpc_winreg_NotifyChangeKeyValue(p, mem_ctx, &r);
96 if (!NT_STATUS_IS_OK(status)) {
97 printf("NotifyChangeKeyValue failed - %s\n", nt_errstr(status));
101 if (!W_ERROR_IS_OK(r.out.result)) {
102 printf("NotifyChangeKeyValue failed - %s - not considering\n", win_errstr(r.out.result));
109 static bool test_CreateKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
110 struct policy_handle *handle, const char *name,
113 struct winreg_CreateKey r;
114 struct policy_handle newhandle;
116 enum winreg_CreateAction action_taken = 0;
118 printf("\ntesting CreateKey\n");
120 r.in.handle = handle;
121 r.out.new_handle = &newhandle;
122 init_winreg_String(&r.in.name, name);
123 init_winreg_String(&r.in.keyclass, class);
125 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
126 r.in.action_taken = r.out.action_taken = &action_taken;
129 status = dcerpc_winreg_CreateKey(p, mem_ctx, &r);
131 if (!NT_STATUS_IS_OK(status)) {
132 printf("CreateKey failed - %s\n", nt_errstr(status));
136 if (!W_ERROR_IS_OK(r.out.result)) {
137 printf("CreateKey failed - %s\n", win_errstr(r.out.result));
146 createkey testing with a SD
148 static bool test_CreateKey_sd(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
149 struct policy_handle *handle, const char *name,
150 const char *class, struct policy_handle *newhandle)
152 struct winreg_CreateKey r;
154 enum winreg_CreateAction action_taken = 0;
155 struct security_descriptor *sd;
157 struct winreg_SecBuf secbuf;
159 sd = security_descriptor_create(mem_ctx,
161 SID_NT_AUTHENTICATED_USERS,
162 SEC_ACE_TYPE_ACCESS_ALLOWED,
164 SEC_ACE_FLAG_OBJECT_INHERIT,
167 status = ndr_push_struct_blob(&sdblob, mem_ctx, sd,
168 (ndr_push_flags_fn_t)ndr_push_security_descriptor);
169 if (!NT_STATUS_IS_OK(status)) {
170 printf("Failed to push security_descriptor ?!\n");
174 secbuf.sd.data = sdblob.data;
175 secbuf.sd.len = sdblob.length;
176 secbuf.sd.size = sdblob.length;
177 secbuf.length = sdblob.length-10;
180 printf("\ntesting CreateKey with sd\n");
182 r.in.handle = handle;
183 r.out.new_handle = newhandle;
184 init_winreg_String(&r.in.name, name);
185 init_winreg_String(&r.in.keyclass, class);
187 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
188 r.in.action_taken = r.out.action_taken = &action_taken;
189 r.in.secdesc = &secbuf;
191 status = dcerpc_winreg_CreateKey(p, mem_ctx, &r);
193 if (!NT_STATUS_IS_OK(status)) {
194 printf("CreateKey with sd failed - %s\n", nt_errstr(status));
198 if (!W_ERROR_IS_OK(r.out.result)) {
199 printf("CreateKey with sd failed - %s\n", win_errstr(r.out.result));
206 static bool test_GetKeySecurity(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
207 struct policy_handle *handle)
210 struct winreg_GetKeySecurity r;
211 struct security_descriptor sd;
214 printf("\ntesting GetKeySecurity\n");
218 r.in.handle = handle;
219 r.in.sd = r.out.sd = talloc_zero(mem_ctx, struct KeySecurityData);
220 r.in.sd->size = 0x1000;
221 r.in.sec_info = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL;
223 status = dcerpc_winreg_GetKeySecurity(p, mem_ctx, &r);
225 if (!NT_STATUS_IS_OK(status)) {
226 printf("GetKeySecurity failed - %s\n", nt_errstr(status));
230 if (!W_ERROR_IS_OK(r.out.result)) {
231 printf("GetKeySecurity failed - %s\n", win_errstr(r.out.result));
235 sdblob.data = r.out.sd->data;
236 sdblob.length = r.out.sd->len;
238 status = ndr_pull_struct_blob(&sdblob, mem_ctx, &sd,
239 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
240 if (!NT_STATUS_IS_OK(status)) {
241 printf("pull_security_descriptor failed - %s\n", nt_errstr(status));
244 if (p->conn->flags & DCERPC_DEBUG_PRINT_OUT) {
245 NDR_PRINT_DEBUG(security_descriptor, &sd);
251 static bool test_CloseKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
252 struct policy_handle *handle)
255 struct winreg_CloseKey r;
257 printf("\ntesting CloseKey\n");
259 r.in.handle = r.out.handle = handle;
261 status = dcerpc_winreg_CloseKey(p, mem_ctx, &r);
263 if (!NT_STATUS_IS_OK(status)) {
264 printf("CloseKey failed - %s\n", nt_errstr(status));
268 if (!W_ERROR_IS_OK(r.out.result)) {
269 printf("CloseKey failed - %s\n", win_errstr(r.out.result));
276 static bool test_FlushKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
277 struct policy_handle *handle)
280 struct winreg_FlushKey r;
282 printf("\ntesting FlushKey\n");
284 r.in.handle = handle;
286 status = dcerpc_winreg_FlushKey(p, mem_ctx, &r);
288 if (!NT_STATUS_IS_OK(status)) {
289 printf("FlushKey failed - %s\n", nt_errstr(status));
293 if (!W_ERROR_IS_OK(r.out.result)) {
294 printf("FlushKey failed - %s\n", win_errstr(r.out.result));
301 static bool test_OpenKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
302 struct policy_handle *hive_handle,
303 const char *keyname, struct policy_handle *key_handle)
306 struct winreg_OpenKey r;
308 printf("\ntesting OpenKey\n");
310 r.in.parent_handle = hive_handle;
311 init_winreg_String(&r.in.keyname, keyname);
312 r.in.unknown = 0x00000000;
313 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
314 r.out.handle = key_handle;
316 status = dcerpc_winreg_OpenKey(p, mem_ctx, &r);
318 if (!NT_STATUS_IS_OK(status)) {
319 printf("OpenKey failed - %s\n", nt_errstr(status));
323 if (!W_ERROR_IS_OK(r.out.result)) {
324 printf("OpenKey failed - %s\n", win_errstr(r.out.result));
332 static bool test_Cleanup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
333 struct policy_handle *handle, const char *key)
335 struct winreg_DeleteKey r;
337 r.in.handle = handle;
339 init_winreg_String(&r.in.key, key);
340 dcerpc_winreg_DeleteKey(p, mem_ctx, &r);
346 static bool test_DeleteKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
347 struct policy_handle *handle, const char *key)
350 struct winreg_DeleteKey r;
352 printf("\ntesting DeleteKey\n");
354 r.in.handle = handle;
355 init_winreg_String(&r.in.key, key);
357 status = dcerpc_winreg_DeleteKey(p, mem_ctx, &r);
359 if (!NT_STATUS_IS_OK(status)) {
360 printf("DeleteKey failed - %s\n", nt_errstr(status));
364 if (!W_ERROR_IS_OK(r.out.result)) {
365 printf("DeleteKey failed - %s\n", win_errstr(r.out.result));
372 static bool test_QueryInfoKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
373 struct policy_handle *handle, char *class)
376 struct winreg_QueryInfoKey r;
377 uint32_t num_subkeys, max_subkeylen, max_subkeysize,
378 num_values, max_valnamelen, max_valbufsize,
380 NTTIME last_changed_time;
382 printf("\ntesting QueryInfoKey\n");
385 r.in.handle = handle;
386 r.out.num_subkeys = &num_subkeys;
387 r.out.max_subkeylen = &max_subkeylen;
388 r.out.max_subkeysize = &max_subkeysize;
389 r.out.num_values = &num_values;
390 r.out.max_valnamelen = &max_valnamelen;
391 r.out.max_valbufsize = &max_valbufsize;
392 r.out.secdescsize = &secdescsize;
393 r.out.last_changed_time = &last_changed_time;
395 r.out.classname = talloc(mem_ctx, struct winreg_String);
397 r.in.classname = talloc(mem_ctx, struct winreg_String);
398 init_winreg_String(r.in.classname, class);
400 status = dcerpc_winreg_QueryInfoKey(p, mem_ctx, &r);
402 if (!NT_STATUS_IS_OK(status)) {
403 printf("QueryInfoKey failed - %s\n", nt_errstr(status));
407 if (!W_ERROR_IS_OK(r.out.result)) {
408 printf("QueryInfoKey failed - %s\n", win_errstr(r.out.result));
415 static bool test_key(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
416 struct policy_handle *handle, int depth);
418 static bool test_EnumKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
419 struct policy_handle *handle, int depth)
421 struct winreg_EnumKey r;
422 struct winreg_StringBuf class, name;
426 printf("Testing EnumKey\n\n");
431 r.in.handle = handle;
434 r.in.keyclass = &class;
436 r.in.last_changed_time = &t;
442 status = dcerpc_winreg_EnumKey(p, mem_ctx, &r);
444 if (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(r.out.result)) {
445 struct policy_handle key_handle;
447 printf("EnumKey: %d: %s\n", r.in.enum_index, r.out.name->name);
450 p, mem_ctx, handle, r.out.name->name,
453 test_key(p, mem_ctx, &key_handle, depth + 1);
459 } while (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(r.out.result));
461 if (!NT_STATUS_IS_OK(status)) {
462 printf("EnumKey failed - %s\n", nt_errstr(status));
466 if (!W_ERROR_IS_OK(r.out.result) && !W_ERROR_EQUAL(r.out.result, WERR_NO_MORE_ITEMS)) {
467 printf("EnumKey failed - %s\n", win_errstr(r.out.result));
476 static bool test_QueryMultipleValues(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, const char *valuename)
478 struct winreg_QueryMultipleValues r;
482 printf("Testing QueryMultipleValues\n");
484 r.in.key_handle = handle;
485 r.in.values = r.out.values = talloc_array(mem_ctx, struct QueryMultipleValue, 1);
486 r.in.values[0].name = talloc(mem_ctx, struct winreg_String);
487 r.in.values[0].name->name = valuename;
488 r.in.values[0].offset = 0;
489 r.in.values[0].length = 0;
490 r.in.values[0].type = 0;
493 r.in.buffer_size = r.out.buffer_size = talloc(mem_ctx, uint32_t);
494 *r.in.buffer_size = bufsize;
496 *r.in.buffer_size = bufsize;
497 r.in.buffer = r.out.buffer = talloc_zero_array(mem_ctx, uint8_t,
500 status = dcerpc_winreg_QueryMultipleValues(p, mem_ctx, &r);
502 if(NT_STATUS_IS_ERR(status)) {
503 printf("QueryMultipleValues failed - %s\n", nt_errstr(status));
506 talloc_free(r.in.buffer);
508 } while (W_ERROR_EQUAL(r.out.result, WERR_MORE_DATA));
510 if (!W_ERROR_IS_OK(r.out.result)) {
511 printf("QueryMultipleValues failed - %s\n", win_errstr(r.out.result));
518 static bool test_QueryValue(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, const char *valuename)
520 struct winreg_QueryValue r;
522 enum winreg_Type zero_type = 0;
523 uint32_t offered = 0xfff;
526 printf("Testing QueryValue\n");
528 r.in.handle = handle;
530 r.in.value_name.name = valuename;
531 r.in.type = &zero_type;
532 r.in.size = &offered;
535 status = dcerpc_winreg_QueryValue(p, mem_ctx, &r);
536 if(NT_STATUS_IS_ERR(status)) {
537 printf("QueryValue failed - %s\n", nt_errstr(status));
541 if (!W_ERROR_IS_OK(r.out.result)) {
542 printf("QueryValue failed - %s\n", win_errstr(r.out.result));
549 static bool test_EnumValue(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
550 struct policy_handle *handle, int max_valnamelen, int max_valbufsize)
552 struct winreg_EnumValue r;
553 enum winreg_Type type = 0;
554 uint32_t size = max_valbufsize, zero = 0;
557 struct winreg_StringBuf name;
559 printf("testing EnumValue\n");
564 r.in.handle = handle;
574 NTSTATUS status = dcerpc_winreg_EnumValue(p, mem_ctx, &r);
575 if(NT_STATUS_IS_ERR(status)) {
576 printf("EnumValue failed - %s\n", nt_errstr(status));
580 if (W_ERROR_IS_OK(r.out.result)) {
581 ret &= test_QueryValue(p, mem_ctx, handle, r.out.name->name);
582 ret &= test_QueryMultipleValues(p, mem_ctx, handle, r.out.name->name);
586 } while (W_ERROR_IS_OK(r.out.result));
588 if(!W_ERROR_EQUAL(r.out.result, WERR_NO_MORE_ITEMS)) {
589 printf("EnumValue failed - %s\n", win_errstr(r.out.result));
596 static bool test_InitiateSystemShutdown(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
597 const char *msg, uint32_t timeout)
599 struct winreg_InitiateSystemShutdown r;
601 uint16_t hostname = 0x0;
603 r.in.hostname = &hostname;
604 r.in.message = talloc(mem_ctx, struct initshutdown_String);
605 init_initshutdown_String(mem_ctx, r.in.message, msg);
607 r.in.timeout = timeout;
610 status = dcerpc_winreg_InitiateSystemShutdown(p, mem_ctx, &r);
612 if (!NT_STATUS_IS_OK(status)) {
613 printf("InitiateSystemShutdown failed - %s\n", nt_errstr(status));
617 if (!W_ERROR_IS_OK(r.out.result)) {
618 printf("InitiateSystemShutdown failed - %s\n", win_errstr(r.out.result));
625 static bool test_InitiateSystemShutdownEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
626 const char *msg, uint32_t timeout)
628 struct winreg_InitiateSystemShutdownEx r;
630 uint16_t hostname = 0x0;
632 r.in.hostname = &hostname;
633 r.in.message = talloc(mem_ctx, struct initshutdown_String);
634 init_initshutdown_String(mem_ctx, r.in.message, msg);
636 r.in.timeout = timeout;
640 status = dcerpc_winreg_InitiateSystemShutdownEx(p, mem_ctx, &r);
642 if (!NT_STATUS_IS_OK(status)) {
643 printf("InitiateSystemShutdownEx failed - %s\n", nt_errstr(status));
647 if (!W_ERROR_IS_OK(r.out.result)) {
648 printf("InitiateSystemShutdownEx failed - %s\n", win_errstr(r.out.result));
655 static bool test_AbortSystemShutdown(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
657 struct winreg_AbortSystemShutdown r;
659 uint16_t server = 0x0;
661 r.in.server = &server;
663 status = dcerpc_winreg_AbortSystemShutdown(p, mem_ctx, &r);
665 if (!NT_STATUS_IS_OK(status)) {
666 printf("AbortSystemShutdown failed - %s\n", nt_errstr(status));
670 if (!W_ERROR_IS_OK(r.out.result)) {
671 printf("AbortSystemShutdown failed - %s\n", win_errstr(r.out.result));
678 #define MAX_DEPTH 2 /* Only go this far down the tree */
680 static bool test_key(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
681 struct policy_handle *handle, int depth)
683 if (depth == MAX_DEPTH)
686 if (!test_QueryInfoKey(p, mem_ctx, handle, NULL)) {
689 if (!test_NotifyChangeKeyValue(p, mem_ctx, handle)) {
692 if (!test_GetKeySecurity(p, mem_ctx, handle)) {
695 if (!test_EnumKey(p, mem_ctx, handle, depth)) {
698 if (!test_EnumValue(p, mem_ctx, handle, 0xFF, 0xFFFF)) {
701 test_CloseKey(p, mem_ctx, handle);
706 typedef NTSTATUS (*winreg_open_fn)(struct dcerpc_pipe *, TALLOC_CTX *, void *);
708 static bool test_Open(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
709 const char *name, winreg_open_fn open_fn)
711 struct policy_handle handle, newhandle;
712 bool ret = true, created = false, created2 = false, deleted = false;
713 struct winreg_OpenHKLM r;
716 printf("Testing %s\n", name);
718 r.in.system_name = 0;
719 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
720 r.out.handle = &handle;
722 status = open_fn(p, mem_ctx, &r);
723 if (!NT_STATUS_IS_OK(status)) {
727 test_Cleanup(p, mem_ctx, &handle, TEST_KEY1);
728 test_Cleanup(p, mem_ctx, &handle, TEST_KEY2);
729 test_Cleanup(p, mem_ctx, &handle, TEST_KEY_BASE);
731 if (!test_CreateKey(p, mem_ctx, &handle, TEST_KEY1, NULL)) {
732 printf("CreateKey failed - not considering a failure\n");
737 if (created && !test_FlushKey(p, mem_ctx, &handle)) {
738 printf("FlushKey failed\n");
742 if (created && !test_OpenKey(p, mem_ctx, &handle, TEST_KEY1, &newhandle)) {
743 printf("CreateKey failed (OpenKey after Create didn't work)\n");
747 if (created && !test_DeleteKey(p, mem_ctx, &handle, TEST_KEY1)) {
748 printf("DeleteKey failed\n");
754 if (created && !test_FlushKey(p, mem_ctx, &handle)) {
755 printf("FlushKey failed\n");
759 if (created && deleted &&
760 test_OpenKey(p, mem_ctx, &handle, TEST_KEY1, &newhandle)) {
761 printf("DeleteKey failed (OpenKey after Delete worked)\n");
765 if (!test_GetVersion(p, mem_ctx, &handle)) {
766 printf("GetVersion failed\n");
770 if (created && test_CreateKey_sd(p, mem_ctx, &handle, TEST_KEY2,
775 if (created2 && !test_GetKeySecurity(p, mem_ctx, &newhandle)) {
776 printf("GetKeySecurity failed\n");
780 if (created2 && !test_CloseKey(p, mem_ctx, &newhandle)) {
781 printf("CloseKey failed\n");
785 if (created && !test_DeleteKey(p, mem_ctx, &handle, TEST_KEY2)) {
786 printf("DeleteKey failed\n");
790 /* The HKCR hive has a very large fanout */
792 if (open_fn == (void *)dcerpc_winreg_OpenHKCR) {
793 if(!test_key(p, mem_ctx, &handle, MAX_DEPTH - 1)) {
798 if(!test_key(p, mem_ctx, &handle, 0)) {
802 test_Cleanup(p, mem_ctx, &handle, TEST_KEY_BASE);
807 bool torture_rpc_winreg(struct torture_context *torture)
810 struct dcerpc_pipe *p;
816 } open_fns[] = {{"OpenHKLM", (winreg_open_fn)dcerpc_winreg_OpenHKLM },
817 {"OpenHKU", (winreg_open_fn)dcerpc_winreg_OpenHKU },
818 {"OpenHKCR", (winreg_open_fn)dcerpc_winreg_OpenHKCR },
819 {"OpenHKCU", (winreg_open_fn)dcerpc_winreg_OpenHKCU }};
821 mem_ctx = talloc_init("torture_rpc_winreg");
823 status = torture_rpc_connection(mem_ctx, &p, &dcerpc_table_winreg);
825 if (!NT_STATUS_IS_OK(status)) {
826 talloc_free(mem_ctx);
830 if (!torture_setting_bool(torture, "dangerous", false)) {
831 printf("winreg_InitiateShutdown disabled - enable dangerous tests to use\n");
833 ret &= test_InitiateSystemShutdown(p, mem_ctx, "spottyfood", 30);
834 ret &= test_AbortSystemShutdown(p, mem_ctx);
835 ret &= test_InitiateSystemShutdownEx(p, mem_ctx, "spottyfood", 30);
836 ret &= test_AbortSystemShutdown(p, mem_ctx);
839 for (i = 0; i < ARRAY_SIZE(open_fns); i++) {
840 ret &= test_Open(p, mem_ctx, open_fns[i].name, open_fns[i].fn);
843 talloc_free(mem_ctx);