2 Unix SMB/CIFS implementation.
3 test suite for winreg rpc operations
5 Copyright (C) Tim Potter 2003
6 Copyright (C) Jelmer Vernooij 2004
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "torture/torture.h"
25 #include "librpc/gen_ndr/ndr_winreg.h"
26 #include "libcli/security/proto.h"
27 #include "torture/rpc/rpc.h"
29 #define TEST_KEY_BASE "smbtorture test"
30 #define TEST_KEY1 TEST_KEY_BASE "\\spottyfoot"
31 #define TEST_KEY2 TEST_KEY_BASE "\\with a SD (#1)"
33 static void init_initshutdown_String(TALLOC_CTX *mem_ctx, struct initshutdown_String *name, const char *s)
35 name->name = talloc(mem_ctx, struct initshutdown_String_sub);
39 static void init_winreg_String(struct winreg_String *name, const char *s)
43 name->name_len = 2 * (strlen_m(s) + 1);
44 name->name_size = name->name_len;
51 static BOOL test_GetVersion(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
52 struct policy_handle *handle)
55 struct winreg_GetVersion r;
57 printf("\ntesting GetVersion\n");
61 status = dcerpc_winreg_GetVersion(p, mem_ctx, &r);
63 if (!NT_STATUS_IS_OK(status)) {
64 printf("GetVersion failed - %s\n", nt_errstr(status));
68 if (!W_ERROR_IS_OK(r.out.result)) {
69 printf("GetVersion failed - %s\n", win_errstr(r.out.result));
76 static BOOL test_NotifyChangeKeyValue(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
77 struct policy_handle *handle)
79 struct winreg_NotifyChangeKeyValue r;
82 printf("\ntesting NotifyChangeKeyValue\n");
85 r.in.watch_subtree = 1;
86 r.in.notify_filter = 0;
87 r.in.unknown = r.in.unknown2 = 0;
88 init_winreg_String(&r.in.string1, NULL);
89 init_winreg_String(&r.in.string2, NULL);
91 status = dcerpc_winreg_NotifyChangeKeyValue(p, mem_ctx, &r);
93 if (!NT_STATUS_IS_OK(status)) {
94 printf("NotifyChangeKeyValue failed - %s\n", nt_errstr(status));
98 if (!W_ERROR_IS_OK(r.out.result)) {
99 printf("NotifyChangeKeyValue failed - %s - not considering\n", win_errstr(r.out.result));
106 static BOOL test_CreateKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
107 struct policy_handle *handle, const char *name,
110 struct winreg_CreateKey r;
111 struct policy_handle newhandle;
113 uint32_t action_taken = 0;
115 printf("\ntesting CreateKey\n");
117 r.in.handle = handle;
118 r.out.new_handle = &newhandle;
119 init_winreg_String(&r.in.name, name);
120 init_winreg_String(&r.in.class, class);
122 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
123 r.in.action_taken = r.out.action_taken = &action_taken;
126 status = dcerpc_winreg_CreateKey(p, mem_ctx, &r);
128 if (!NT_STATUS_IS_OK(status)) {
129 printf("CreateKey failed - %s\n", nt_errstr(status));
133 if (!W_ERROR_IS_OK(r.out.result)) {
134 printf("CreateKey failed - %s\n", win_errstr(r.out.result));
143 createkey testing with a SD
145 static BOOL test_CreateKey_sd(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
146 struct policy_handle *handle, const char *name,
147 const char *class, struct policy_handle *newhandle)
149 struct winreg_CreateKey r;
151 uint32_t action_taken = 0;
152 struct security_descriptor *sd;
154 struct winreg_SecBuf secbuf;
156 sd = security_descriptor_create(mem_ctx,
158 SID_NT_AUTHENTICATED_USERS,
159 SEC_ACE_TYPE_ACCESS_ALLOWED,
161 SEC_ACE_FLAG_OBJECT_INHERIT,
164 status = ndr_push_struct_blob(&sdblob, mem_ctx, sd,
165 (ndr_push_flags_fn_t)ndr_push_security_descriptor);
166 if (!NT_STATUS_IS_OK(status)) {
167 printf("Failed to push security_descriptor ?!\n");
171 secbuf.sd.data = sdblob.data;
172 secbuf.sd.len = sdblob.length;
173 secbuf.sd.size = sdblob.length;
174 secbuf.length = sdblob.length-10;
177 printf("\ntesting CreateKey with sd\n");
179 r.in.handle = handle;
180 r.out.new_handle = newhandle;
181 init_winreg_String(&r.in.name, name);
182 init_winreg_String(&r.in.class, class);
184 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
185 r.in.action_taken = r.out.action_taken = &action_taken;
186 r.in.secdesc = &secbuf;
188 status = dcerpc_winreg_CreateKey(p, mem_ctx, &r);
190 if (!NT_STATUS_IS_OK(status)) {
191 printf("CreateKey with sd failed - %s\n", nt_errstr(status));
195 if (!W_ERROR_IS_OK(r.out.result)) {
196 printf("CreateKey with sd failed - %s\n", win_errstr(r.out.result));
203 static BOOL test_GetKeySecurity(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
204 struct policy_handle *handle)
207 struct winreg_GetKeySecurity r;
208 struct security_descriptor sd;
211 printf("\ntesting GetKeySecurity\n");
215 r.in.handle = handle;
216 r.in.sd = r.out.sd = talloc_zero(mem_ctx, struct KeySecurityData);
217 r.in.sd->size = 0x1000;
218 r.in.sec_info = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL;
220 status = dcerpc_winreg_GetKeySecurity(p, mem_ctx, &r);
222 if (!NT_STATUS_IS_OK(status)) {
223 printf("GetKeySecurity failed - %s\n", nt_errstr(status));
227 if (!W_ERROR_IS_OK(r.out.result)) {
228 printf("GetKeySecurity failed - %s\n", win_errstr(r.out.result));
232 sdblob.data = r.out.sd->data;
233 sdblob.length = r.out.sd->len;
235 status = ndr_pull_struct_blob(&sdblob, mem_ctx, &sd,
236 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
237 if (!NT_STATUS_IS_OK(status)) {
238 printf("pull_security_descriptor failed - %s\n", nt_errstr(status));
241 if (p->conn->flags & DCERPC_DEBUG_PRINT_OUT) {
242 NDR_PRINT_DEBUG(security_descriptor, &sd);
248 static BOOL test_CloseKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
249 struct policy_handle *handle)
252 struct winreg_CloseKey r;
254 printf("\ntesting CloseKey\n");
256 r.in.handle = r.out.handle = handle;
258 status = dcerpc_winreg_CloseKey(p, mem_ctx, &r);
260 if (!NT_STATUS_IS_OK(status)) {
261 printf("CloseKey failed - %s\n", nt_errstr(status));
265 if (!W_ERROR_IS_OK(r.out.result)) {
266 printf("CloseKey failed - %s\n", win_errstr(r.out.result));
273 static BOOL test_FlushKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
274 struct policy_handle *handle)
277 struct winreg_FlushKey r;
279 printf("\ntesting FlushKey\n");
281 r.in.handle = handle;
283 status = dcerpc_winreg_FlushKey(p, mem_ctx, &r);
285 if (!NT_STATUS_IS_OK(status)) {
286 printf("FlushKey failed - %s\n", nt_errstr(status));
290 if (!W_ERROR_IS_OK(r.out.result)) {
291 printf("FlushKey failed - %s\n", win_errstr(r.out.result));
298 static BOOL test_OpenKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
299 struct policy_handle *hive_handle,
300 const char *keyname, struct policy_handle *key_handle)
303 struct winreg_OpenKey r;
305 printf("\ntesting OpenKey\n");
307 r.in.handle = hive_handle;
308 init_winreg_String(&r.in.keyname, keyname);
309 r.in.unknown = 0x00000000;
310 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
311 r.out.handle = key_handle;
313 status = dcerpc_winreg_OpenKey(p, mem_ctx, &r);
315 if (!NT_STATUS_IS_OK(status)) {
316 printf("OpenKey failed - %s\n", nt_errstr(status));
320 if (!W_ERROR_IS_OK(r.out.result)) {
321 printf("OpenKey failed - %s\n", win_errstr(r.out.result));
329 static BOOL test_Cleanup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
330 struct policy_handle *handle, const char *key)
332 struct winreg_DeleteKey r;
334 r.in.handle = handle;
336 init_winreg_String(&r.in.key, key);
337 dcerpc_winreg_DeleteKey(p, mem_ctx, &r);
343 static BOOL test_DeleteKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
344 struct policy_handle *handle, const char *key)
347 struct winreg_DeleteKey r;
349 printf("\ntesting DeleteKey\n");
351 r.in.handle = handle;
352 init_winreg_String(&r.in.key, key);
354 status = dcerpc_winreg_DeleteKey(p, mem_ctx, &r);
356 if (!NT_STATUS_IS_OK(status)) {
357 printf("DeleteKey failed - %s\n", nt_errstr(status));
361 if (!W_ERROR_IS_OK(r.out.result)) {
362 printf("DeleteKey failed - %s\n", win_errstr(r.out.result));
369 static BOOL test_QueryInfoKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
370 struct policy_handle *handle, char *class)
373 struct winreg_QueryInfoKey r;
375 printf("\ntesting QueryInfoKey\n");
377 r.in.handle = handle;
378 init_winreg_String(&r.in.class, class);
380 status = dcerpc_winreg_QueryInfoKey(p, mem_ctx, &r);
382 if (!NT_STATUS_IS_OK(status)) {
383 printf("QueryInfoKey failed - %s\n", nt_errstr(status));
387 if (!W_ERROR_IS_OK(r.out.result)) {
388 printf("QueryInfoKey failed - %s\n", win_errstr(r.out.result));
395 static BOOL test_key(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
396 struct policy_handle *handle, int depth);
398 static BOOL test_EnumKey(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
399 struct policy_handle *handle, int depth)
401 struct winreg_EnumKey r;
402 struct winreg_StringBuf class, name;
406 printf("Testing EnumKey\n\n");
411 r.in.handle = handle;
416 r.in.last_changed_time = &t;
422 status = dcerpc_winreg_EnumKey(p, mem_ctx, &r);
424 if (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(r.out.result)) {
425 struct policy_handle key_handle;
427 printf("EnumKey: %d: %s\n", r.in.enum_index, r.out.name->name);
430 p, mem_ctx, handle, r.out.name->name,
433 test_key(p, mem_ctx, &key_handle, depth + 1);
439 } while (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(r.out.result));
441 if (!NT_STATUS_IS_OK(status)) {
442 printf("EnumKey failed - %s\n", nt_errstr(status));
446 if (!W_ERROR_IS_OK(r.out.result) && !W_ERROR_EQUAL(r.out.result, WERR_NO_MORE_ITEMS)) {
447 printf("EnumKey failed - %s\n", win_errstr(r.out.result));
456 static BOOL test_QueryMultipleValues(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, const char *valuename)
458 struct winreg_QueryMultipleValues r;
462 printf("Testing QueryMultipleValues\n");
464 r.in.key_handle = handle;
465 r.in.values = r.out.values = talloc_array(mem_ctx, struct QueryMultipleValue, 1);
466 r.in.values[0].name = talloc(mem_ctx, struct winreg_String);
467 r.in.values[0].name->name = valuename;
468 r.in.values[0].offset = 0;
469 r.in.values[0].length = 0;
470 r.in.values[0].type = 0;
473 r.in.buffer_size = r.out.buffer_size = talloc(mem_ctx, uint32_t);
474 *r.in.buffer_size = bufsize;
476 *r.in.buffer_size = bufsize;
477 r.in.buffer = r.out.buffer = talloc_zero_array(mem_ctx, uint8_t,
480 status = dcerpc_winreg_QueryMultipleValues(p, mem_ctx, &r);
482 if(NT_STATUS_IS_ERR(status)) {
483 printf("QueryMultipleValues failed - %s\n", nt_errstr(status));
486 talloc_free(r.in.buffer);
488 } while (W_ERROR_EQUAL(r.out.result, WERR_MORE_DATA));
490 if (!W_ERROR_IS_OK(r.out.result)) {
491 printf("QueryMultipleValues failed - %s\n", win_errstr(r.out.result));
498 static BOOL test_QueryValue(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, const char *valuename)
500 struct winreg_QueryValue r;
503 uint32_t offered = 0xfff;
505 printf("Testing QueryValue\n");
507 r.in.handle = handle;
509 r.in.value_name.name = valuename;
511 r.in.size = &offered;
514 status = dcerpc_winreg_QueryValue(p, mem_ctx, &r);
515 if(NT_STATUS_IS_ERR(status)) {
516 printf("QueryValue failed - %s\n", nt_errstr(status));
520 if (!W_ERROR_IS_OK(r.out.result)) {
521 printf("QueryValue failed - %s\n", win_errstr(r.out.result));
528 static BOOL test_EnumValue(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
529 struct policy_handle *handle, int max_valnamelen, int max_valbufsize)
531 struct winreg_EnumValue r;
533 uint32_t size = max_valbufsize, zero = 0;
536 struct winreg_StringBuf name;
538 printf("testing EnumValue\n");
543 r.in.handle = handle;
553 NTSTATUS status = dcerpc_winreg_EnumValue(p, mem_ctx, &r);
554 if(NT_STATUS_IS_ERR(status)) {
555 printf("EnumValue failed - %s\n", nt_errstr(status));
559 if (W_ERROR_IS_OK(r.out.result)) {
560 ret &= test_QueryValue(p, mem_ctx, handle, r.out.name->name);
561 ret &= test_QueryMultipleValues(p, mem_ctx, handle, r.out.name->name);
565 } while (W_ERROR_IS_OK(r.out.result));
567 if(!W_ERROR_EQUAL(r.out.result, WERR_NO_MORE_ITEMS)) {
568 printf("EnumValue failed - %s\n", win_errstr(r.out.result));
575 static BOOL test_InitiateSystemShutdown(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
576 const char *msg, uint32_t timeout)
578 struct winreg_InitiateSystemShutdown r;
580 uint16_t hostname = 0x0;
582 r.in.hostname = &hostname;
583 r.in.message = talloc(mem_ctx, struct initshutdown_String);
584 init_initshutdown_String(mem_ctx, r.in.message, msg);
586 r.in.timeout = timeout;
589 status = dcerpc_winreg_InitiateSystemShutdown(p, mem_ctx, &r);
591 if (!NT_STATUS_IS_OK(status)) {
592 printf("InitiateSystemShutdown failed - %s\n", nt_errstr(status));
596 if (!W_ERROR_IS_OK(r.out.result)) {
597 printf("InitiateSystemShutdown failed - %s\n", win_errstr(r.out.result));
604 static BOOL test_InitiateSystemShutdownEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
605 const char *msg, uint32_t timeout)
607 struct winreg_InitiateSystemShutdownEx r;
609 uint16_t hostname = 0x0;
611 r.in.hostname = &hostname;
612 r.in.message = talloc(mem_ctx, struct initshutdown_String);
613 init_initshutdown_String(mem_ctx, r.in.message, msg);
615 r.in.timeout = timeout;
619 status = dcerpc_winreg_InitiateSystemShutdownEx(p, mem_ctx, &r);
621 if (!NT_STATUS_IS_OK(status)) {
622 printf("InitiateSystemShutdownEx failed - %s\n", nt_errstr(status));
626 if (!W_ERROR_IS_OK(r.out.result)) {
627 printf("InitiateSystemShutdownEx failed - %s\n", win_errstr(r.out.result));
634 static BOOL test_AbortSystemShutdown(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
636 struct winreg_AbortSystemShutdown r;
638 uint16_t server = 0x0;
640 r.in.server = &server;
642 status = dcerpc_winreg_AbortSystemShutdown(p, mem_ctx, &r);
644 if (!NT_STATUS_IS_OK(status)) {
645 printf("AbortSystemShutdown failed - %s\n", nt_errstr(status));
649 if (!W_ERROR_IS_OK(r.out.result)) {
650 printf("AbortSystemShutdown failed - %s\n", win_errstr(r.out.result));
657 #define MAX_DEPTH 2 /* Only go this far down the tree */
659 static BOOL test_key(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
660 struct policy_handle *handle, int depth)
662 if (depth == MAX_DEPTH)
665 if (!test_QueryInfoKey(p, mem_ctx, handle, NULL)) {
669 if (!test_NotifyChangeKeyValue(p, mem_ctx, handle)) {
672 if (!test_GetKeySecurity(p, mem_ctx, handle)) {
675 if (!test_EnumKey(p, mem_ctx, handle, depth)) {
678 if (!test_EnumValue(p, mem_ctx, handle, 0xFF, 0xFFFF)) {
682 test_CloseKey(p, mem_ctx, handle);
687 typedef NTSTATUS (*winreg_open_fn)(struct dcerpc_pipe *, TALLOC_CTX *, void *);
689 static BOOL test_Open(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
690 const char *name, winreg_open_fn open_fn)
692 struct policy_handle handle, newhandle;
693 BOOL ret = True, created = False, created2 = False, deleted = False;
694 struct winreg_OpenHKLM r;
697 printf("Testing %s\n", name);
699 r.in.system_name = 0;
700 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
701 r.out.handle = &handle;
703 status = open_fn(p, mem_ctx, &r);
704 if (!NT_STATUS_IS_OK(status)) {
708 test_Cleanup(p, mem_ctx, &handle, TEST_KEY1);
709 test_Cleanup(p, mem_ctx, &handle, TEST_KEY2);
710 test_Cleanup(p, mem_ctx, &handle, TEST_KEY_BASE);
712 if (!test_CreateKey(p, mem_ctx, &handle, TEST_KEY1, NULL)) {
713 printf("CreateKey failed - not considering a failure\n");
718 if (created && !test_FlushKey(p, mem_ctx, &handle)) {
719 printf("FlushKey failed\n");
723 if (created && !test_OpenKey(p, mem_ctx, &handle, TEST_KEY1, &newhandle)) {
724 printf("CreateKey failed (OpenKey after Create didn't work)\n");
728 if (created && !test_DeleteKey(p, mem_ctx, &handle, TEST_KEY1)) {
729 printf("DeleteKey failed\n");
735 if (created && !test_FlushKey(p, mem_ctx, &handle)) {
736 printf("FlushKey failed\n");
740 if (created && deleted &&
741 test_OpenKey(p, mem_ctx, &handle, TEST_KEY1, &newhandle)) {
742 printf("DeleteKey failed (OpenKey after Delete didn't work)\n");
746 if (!test_GetVersion(p, mem_ctx, &handle)) {
747 printf("GetVersion failed\n");
751 if (created && test_CreateKey_sd(p, mem_ctx, &handle, TEST_KEY2,
756 if (created2 && !test_GetKeySecurity(p, mem_ctx, &newhandle)) {
757 printf("GetKeySecurity failed\n");
761 if (created2 && !test_CloseKey(p, mem_ctx, &newhandle)) {
762 printf("CloseKey failed\n");
766 if (created && !test_DeleteKey(p, mem_ctx, &handle, TEST_KEY2)) {
767 printf("DeleteKey failed\n");
771 /* The HKCR hive has a very large fanout */
773 if (open_fn == (void *)dcerpc_winreg_OpenHKCR) {
774 if(!test_key(p, mem_ctx, &handle, MAX_DEPTH - 1)) {
779 if(!test_key(p, mem_ctx, &handle, 0)) {
783 test_Cleanup(p, mem_ctx, &handle, TEST_KEY_BASE);
788 BOOL torture_rpc_winreg(void)
791 struct dcerpc_pipe *p;
797 } open_fns[] = {{"OpenHKLM", (winreg_open_fn)dcerpc_winreg_OpenHKLM },
798 {"OpenHKU", (winreg_open_fn)dcerpc_winreg_OpenHKU },
799 {"OpenHKCR", (winreg_open_fn)dcerpc_winreg_OpenHKCR },
800 {"OpenHKCU", (winreg_open_fn)dcerpc_winreg_OpenHKCU }};
802 mem_ctx = talloc_init("torture_rpc_winreg");
804 status = torture_rpc_connection(mem_ctx, &p, &dcerpc_table_winreg);
806 if (!NT_STATUS_IS_OK(status)) {
807 talloc_free(mem_ctx);
811 if (!lp_parm_bool(-1, "torture", "dangerous", False)) {
812 printf("winreg_InitiateShutdown disabled - enable dangerous tests to use\n");
814 ret &= test_InitiateSystemShutdown(p, mem_ctx, "spottyfood", 30);
815 ret &= test_AbortSystemShutdown(p, mem_ctx);
816 ret &= test_InitiateSystemShutdownEx(p, mem_ctx, "spottyfood", 30);
817 ret &= test_AbortSystemShutdown(p, mem_ctx);
820 for (i = 0; i < ARRAY_SIZE(open_fns); i++) {
821 if (!test_Open(p, mem_ctx, open_fns[i].name, open_fns[i].fn))
825 talloc_free(mem_ctx);