Commit 55a9d35c authored by Uri Simchoni's avatar Uri Simchoni Committed by David Disseldorp

s4-selftest: add test for read access check

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12149Signed-off-by: default avatarUri Simchoni <uri@samba.org>
Reviewed-by: default avatarDavid Disseldorp <ddiss@samba.org>
parent 1b06acaf
......@@ -286,3 +286,6 @@
^samba4.krb5.kdc.*as-req-aes.*fl2000dc
# nt4_member and ad_member don't support ntlmv1
^samba3.blackbox.smbclient_auth.plain.*_member.*option=clientntlmv2auth=no.member.creds.*as.user
#new read tests fail
^samba4.smb2.read.access
^samba3.smb2.read.access
......@@ -226,6 +226,79 @@ done:
return ret;
}
static bool test_read_access(struct torture_context *torture,
struct smb2_tree *tree)
{
bool ret = true;
NTSTATUS status;
struct smb2_handle h;
uint8_t buf[64 * 1024];
struct smb2_read rd;
TALLOC_CTX *tmp_ctx = talloc_new(tree);
ZERO_STRUCT(buf);
/* create a file */
smb2_util_unlink(tree, FNAME);
status = torture_smb2_testfile(tree, FNAME, &h);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_util_write(tree, h, buf, 0, ARRAY_SIZE(buf));
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_util_close(tree, h);
CHECK_STATUS(status, NT_STATUS_OK);
/* open w/ READ access - success */
status = torture_smb2_testfile_access(
tree, FNAME, &h, SEC_FILE_READ_ATTRIBUTE | SEC_FILE_READ_DATA);
CHECK_STATUS(status, NT_STATUS_OK);
ZERO_STRUCT(rd);
rd.in.file.handle = h;
rd.in.length = 5;
rd.in.offset = 0;
status = smb2_read(tree, tree, &rd);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_util_close(tree, h);
CHECK_STATUS(status, NT_STATUS_OK);
/* open w/ EXECUTE access - success */
status = torture_smb2_testfile_access(
tree, FNAME, &h, SEC_FILE_READ_ATTRIBUTE | SEC_FILE_EXECUTE);
CHECK_STATUS(status, NT_STATUS_OK);
ZERO_STRUCT(rd);
rd.in.file.handle = h;
rd.in.length = 5;
rd.in.offset = 0;
status = smb2_read(tree, tree, &rd);
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_util_close(tree, h);
CHECK_STATUS(status, NT_STATUS_OK);
/* open without READ or EXECUTE access - access denied */
status = torture_smb2_testfile_access(tree, FNAME, &h,
SEC_FILE_READ_ATTRIBUTE);
CHECK_STATUS(status, NT_STATUS_OK);
ZERO_STRUCT(rd);
rd.in.file.handle = h;
rd.in.length = 5;
rd.in.offset = 0;
status = smb2_read(tree, tree, &rd);
CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
status = smb2_util_close(tree, h);
CHECK_STATUS(status, NT_STATUS_OK);
done:
talloc_free(tmp_ctx);
return ret;
}
/*
basic testing of SMB2 read
......@@ -237,6 +310,7 @@ struct torture_suite *torture_smb2_read_init(void)
torture_suite_add_1smb2_test(suite, "eof", test_read_eof);
torture_suite_add_1smb2_test(suite, "position", test_read_position);
torture_suite_add_1smb2_test(suite, "dir", test_read_dir);
torture_suite_add_1smb2_test(suite, "access", test_read_access);
suite->description = talloc_strdup(suite, "SMB2-READ tests");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment