LCOV - code coverage report
Current view: top level - source4/torture/raw - acls.c (source / functions) Hit Total Coverage
Test: coverage report for support-claim-type-attributes 6b5c566e Lines: 1192 1338 89.1 %
Date: 2023-11-21 12:31:41 Functions: 17 17 100.0 %

          Line data    Source code
       1             : /* 
       2             :    Unix SMB/CIFS implementation.
       3             : 
       4             :    test security descriptor operations
       5             : 
       6             :    Copyright (C) Andrew Tridgell 2004
       7             :    
       8             :    This program is free software; you can redistribute it and/or modify
       9             :    it under the terms of the GNU General Public License as published by
      10             :    the Free Software Foundation; either version 3 of the License, or
      11             :    (at your option) any later version.
      12             :    
      13             :    This program is distributed in the hope that it will be useful,
      14             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      15             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      16             :    GNU General Public License for more details.
      17             :    
      18             :    You should have received a copy of the GNU General Public License
      19             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      20             : */
      21             : 
      22             : #include "includes.h"
      23             : #include "torture/torture.h"
      24             : #include "libcli/raw/libcliraw.h"
      25             : #include "libcli/libcli.h"
      26             : #include "librpc/gen_ndr/lsa.h"
      27             : #include "libcli/smb2/smb2.h"
      28             : #include "libcli/util/clilsa.h"
      29             : #include "libcli/security/security.h"
      30             : #include "torture/util.h"
      31             : #include "librpc/gen_ndr/ndr_security.h"
      32             : #include "torture/raw/proto.h"
      33             : 
      34             : #define BASEDIR "\\testsd"
      35             : 
      36             : #define CHECK_STATUS(status, correct) do { \
      37             :         if (!NT_STATUS_EQUAL(status, correct)) { \
      38             :                 ret = false; \
      39             :                 torture_result(tctx, TORTURE_FAIL, "(%s) Incorrect status %s - should be %s\n", \
      40             :                        __location__, nt_errstr(status), nt_errstr(correct)); \
      41             :                 goto done; \
      42             :         }} while (0)
      43             : 
      44             : #define FAIL_UNLESS(__cond)                                     \
      45             :         do {                                                    \
      46             :                 if (__cond) {} else {                           \
      47             :                         ret = false; \
      48             :                         torture_result(tctx, TORTURE_FAIL, "%s) condition violated: %s\n", \
      49             :                             __location__, #__cond); \
      50             :                         goto done; \
      51             :                 }                                               \
      52             :         } while(0)
      53             : 
      54             : #define CHECK_SECURITY_DESCRIPTOR(_sd1, _sd2) do { \
      55             :         if (!security_descriptor_equal(_sd1, _sd2)) { \
      56             :                 torture_warning(tctx, "%s: security descriptors don't match!\n", __location__); \
      57             :                 torture_warning(tctx, "got:\n"); \
      58             :                 NDR_PRINT_DEBUG(security_descriptor, _sd1); \
      59             :                 torture_warning(tctx, "expected:\n"); \
      60             :                 NDR_PRINT_DEBUG(security_descriptor, _sd2); \
      61             :                 ret = false; \
      62             :         } \
      63             : } while (0)
      64             : 
      65             : /*
      66             :  * Helper function to verify a security descriptor, by querying
      67             :  * and comparing against the passed in sd.
      68             :  * Copied to smb2_util_verify_sd() for SMB2.
      69             :  */
      70         151 : static bool verify_sd(TALLOC_CTX *tctx, struct smbcli_state *cli,
      71             :     int fnum, struct security_descriptor *sd)
      72             : {
      73           0 :         NTSTATUS status;
      74         151 :         bool ret = true;
      75         151 :         union smb_fileinfo q = {};
      76             : 
      77         151 :         if (sd) {
      78         151 :                 q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
      79         151 :                 q.query_secdesc.in.file.fnum = fnum;
      80         151 :                 q.query_secdesc.in.secinfo_flags =
      81             :                     SECINFO_OWNER |
      82             :                     SECINFO_GROUP |
      83             :                     SECINFO_DACL;
      84         151 :                 status = smb_raw_fileinfo(cli->tree, tctx, &q);
      85         151 :                 CHECK_STATUS(status, NT_STATUS_OK);
      86             : 
      87             :                 /* More work is needed if we're going to check this bit. */
      88         151 :                 sd->type &= ~SEC_DESC_DACL_AUTO_INHERITED;
      89             : 
      90         151 :                 CHECK_SECURITY_DESCRIPTOR(q.query_secdesc.out.sd, sd);
      91             :         }
      92             : 
      93         121 :  done:
      94         151 :         return ret;
      95             : }
      96             : 
      97             : /*
      98             :  * Helper function to verify attributes, by querying
      99             :  * and comparing against the passed attrib.
     100             :  * Copied to smb2_util_verify_attrib() for SMB2.
     101             :  */
     102          83 : static bool verify_attrib(TALLOC_CTX *tctx, struct smbcli_state *cli,
     103             :     int fnum, uint32_t attrib)
     104             : {
     105           0 :         NTSTATUS status;
     106          83 :         bool ret = true;
     107          83 :         union smb_fileinfo q2 = {};
     108             : 
     109          83 :         if (attrib) {
     110          83 :                 q2.standard.level = RAW_FILEINFO_STANDARD;
     111          83 :                 q2.standard.in.file.fnum = fnum;
     112          83 :                 status = smb_raw_fileinfo(cli->tree, tctx, &q2);
     113          83 :                 CHECK_STATUS(status, NT_STATUS_OK);
     114             : 
     115          83 :                 q2.standard.out.attrib &= ~FILE_ATTRIBUTE_ARCHIVE;
     116             : 
     117          83 :                 if (q2.standard.out.attrib != attrib) {
     118           1 :                         torture_warning(tctx, "%s: attributes don't match! "
     119             :                             "got %x, expected %x\n", __location__,
     120           1 :                             (uint32_t)q2.standard.out.attrib,
     121             :                             (uint32_t)attrib);
     122           1 :                         ret = false;
     123             :                 }
     124             :         }
     125             : 
     126          82 :  done:
     127          83 :         return ret;
     128             : }
     129             : 
     130             : /**
     131             :  * Test setting and removing a DACL.
     132             :  * Test copied to torture_smb2_setinfo() for SMB2.
     133             :  */
     134          19 : static bool test_sd(struct torture_context *tctx, struct smbcli_state *cli)
     135             : {
     136           0 :         NTSTATUS status;
     137           0 :         union smb_open io;
     138          19 :         const char *fname = BASEDIR "\\sd.txt";
     139          19 :         bool ret = true;
     140          19 :         int fnum = -1;
     141           0 :         union smb_fileinfo q;
     142           0 :         union smb_setfileinfo set;
     143          19 :         struct security_ace ace = {};
     144           0 :         struct security_descriptor *sd;
     145           0 :         const struct dom_sid *test_sid;
     146             : 
     147          19 :         if (!torture_setup_dir(cli, BASEDIR))
     148           0 :                 return false;
     149             : 
     150          19 :         torture_comment(tctx, "TESTING SETFILEINFO EA_SET\n");
     151             : 
     152          19 :         io.generic.level = RAW_OPEN_NTCREATEX;
     153          19 :         io.ntcreatex.in.root_fid.fnum = 0;
     154          19 :         io.ntcreatex.in.flags = 0;
     155          19 :         io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
     156          19 :         io.ntcreatex.in.create_options = 0;
     157          19 :         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
     158          19 :         io.ntcreatex.in.share_access = 
     159             :                 NTCREATEX_SHARE_ACCESS_READ | 
     160             :                 NTCREATEX_SHARE_ACCESS_WRITE;
     161          19 :         io.ntcreatex.in.alloc_size = 0;
     162          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
     163          19 :         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
     164          19 :         io.ntcreatex.in.security_flags = 0;
     165          19 :         io.ntcreatex.in.fname = fname;
     166          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     167          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     168          19 :         fnum = io.ntcreatex.out.file.fnum;
     169             :         
     170          19 :         q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     171          19 :         q.query_secdesc.in.file.fnum = fnum;
     172          19 :         q.query_secdesc.in.secinfo_flags = 
     173             :                 SECINFO_OWNER |
     174             :                 SECINFO_GROUP |
     175             :                 SECINFO_DACL;
     176          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
     177          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     178          19 :         sd = q.query_secdesc.out.sd;
     179             : 
     180          19 :         torture_comment(tctx, "add a new ACE to the DACL\n");
     181             : 
     182          19 :         test_sid = &global_sid_Authenticated_Users;
     183             : 
     184          19 :         ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
     185          19 :         ace.flags = 0;
     186          19 :         ace.access_mask = SEC_STD_ALL;
     187          19 :         ace.trustee = *test_sid;
     188             : 
     189          19 :         status = security_descriptor_dacl_add(sd, &ace);
     190          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     191             : 
     192          19 :         set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
     193          19 :         set.set_secdesc.in.file.fnum = fnum;
     194          19 :         set.set_secdesc.in.secinfo_flags = q.query_secdesc.in.secinfo_flags;
     195          19 :         set.set_secdesc.in.sd = sd;
     196             : 
     197          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
     198          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     199          19 :         FAIL_UNLESS(verify_sd(tctx, cli, fnum, sd));
     200             : 
     201          19 :         torture_comment(tctx, "remove it again\n");
     202             : 
     203          19 :         status = security_descriptor_dacl_del(sd, test_sid);
     204          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     205             : 
     206          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
     207          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     208          19 :         FAIL_UNLESS(verify_sd(tctx, cli, fnum, sd));
     209             : 
     210          19 : done:
     211          19 :         smbcli_close(cli->tree, fnum);
     212          19 :         smb_raw_exit(cli->session);
     213          19 :         smbcli_deltree(cli->tree, BASEDIR);
     214             : 
     215          19 :         return ret;
     216             : }
     217             : 
     218             : 
     219             : /*
     220             :   test using nttrans create to create a file with an initial acl set
     221             :   Test copied to test_create_acl() for SMB2.
     222             : */
     223          38 : static bool test_nttrans_create_ext(struct torture_context *tctx,
     224             :                                     struct smbcli_state *cli, bool test_dir)
     225             : {
     226           0 :         NTSTATUS status;
     227           0 :         union smb_open io;
     228          38 :         const char *fname = BASEDIR "\\acl2.txt";
     229          38 :         bool ret = true;
     230          38 :         int fnum = -1;
     231          38 :         union smb_fileinfo q = {};
     232           0 :         struct security_ace ace;
     233           0 :         struct security_descriptor *sd;
     234           0 :         const struct dom_sid *test_sid;
     235          38 :         uint32_t attrib =
     236             :             FILE_ATTRIBUTE_HIDDEN |
     237             :             FILE_ATTRIBUTE_SYSTEM |
     238             :             (test_dir ? FILE_ATTRIBUTE_DIRECTORY : 0);
     239          38 :         NTSTATUS (*delete_func)(struct smbcli_tree *, const char *) =
     240          38 :             test_dir ? smbcli_rmdir : smbcli_unlink;
     241             : 
     242          38 :         ZERO_STRUCT(ace);
     243             : 
     244          38 :         if (!torture_setup_dir(cli, BASEDIR))
     245           0 :                 return false;
     246             : 
     247          38 :         io.generic.level = RAW_OPEN_NTTRANS_CREATE;
     248          38 :         io.ntcreatex.in.root_fid.fnum = 0;
     249          38 :         io.ntcreatex.in.flags = 0;
     250          38 :         io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
     251          38 :         io.ntcreatex.in.create_options =
     252          38 :             test_dir ? NTCREATEX_OPTIONS_DIRECTORY : 0;
     253          38 :         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
     254          38 :         io.ntcreatex.in.share_access = 
     255             :                 NTCREATEX_SHARE_ACCESS_READ | 
     256             :                 NTCREATEX_SHARE_ACCESS_WRITE;
     257          38 :         io.ntcreatex.in.alloc_size = 0;
     258          38 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
     259          38 :         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
     260          38 :         io.ntcreatex.in.security_flags = 0;
     261          38 :         io.ntcreatex.in.fname = fname;
     262          38 :         io.ntcreatex.in.sec_desc = NULL;
     263          38 :         io.ntcreatex.in.ea_list = NULL;
     264             : 
     265          38 :         torture_comment(tctx, "basic create\n");
     266             : 
     267          38 :         status = smb_raw_open(cli->tree, tctx, &io);
     268          38 :         CHECK_STATUS(status, NT_STATUS_OK);
     269          38 :         fnum = io.ntcreatex.out.file.fnum;
     270             : 
     271          38 :         torture_comment(tctx, "querying ACL\n");
     272             : 
     273          38 :         q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     274          38 :         q.query_secdesc.in.file.fnum = fnum;
     275          38 :         q.query_secdesc.in.secinfo_flags = 
     276             :                 SECINFO_OWNER |
     277             :                 SECINFO_GROUP |
     278             :                 SECINFO_DACL;
     279          38 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
     280          38 :         CHECK_STATUS(status, NT_STATUS_OK);
     281          38 :         sd = q.query_secdesc.out.sd;
     282             : 
     283          38 :         status = smbcli_close(cli->tree, fnum);
     284          38 :         CHECK_STATUS(status, NT_STATUS_OK);
     285             : 
     286          38 :         status = delete_func(cli->tree, fname);
     287          38 :         CHECK_STATUS(status, NT_STATUS_OK);
     288             : 
     289          38 :         torture_comment(tctx, "adding a new ACE\n");
     290          38 :         test_sid = &global_sid_Authenticated_Users;
     291             : 
     292          38 :         ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
     293          38 :         ace.flags = 0;
     294          38 :         ace.access_mask = SEC_STD_ALL;
     295          38 :         ace.trustee = *test_sid;
     296             : 
     297          38 :         status = security_descriptor_dacl_add(sd, &ace);
     298          38 :         CHECK_STATUS(status, NT_STATUS_OK);
     299             :         
     300          38 :         torture_comment(tctx, "creating with an initial ACL\n");
     301             : 
     302          38 :         io.ntcreatex.in.sec_desc = sd;
     303          38 :         status = smb_raw_open(cli->tree, tctx, &io);
     304          38 :         CHECK_STATUS(status, NT_STATUS_OK);
     305          38 :         fnum = io.ntcreatex.out.file.fnum;
     306             :         
     307          38 :         FAIL_UNLESS(verify_sd(tctx, cli, fnum, sd));
     308             : 
     309          38 :         status = smbcli_close(cli->tree, fnum);
     310          38 :         CHECK_STATUS(status, NT_STATUS_OK);
     311          38 :         status = delete_func(cli->tree, fname);
     312          38 :         CHECK_STATUS(status, NT_STATUS_OK);
     313             : 
     314          38 :         torture_comment(tctx, "creating with attributes\n");
     315             : 
     316          38 :         io.ntcreatex.in.sec_desc = NULL;
     317          38 :         io.ntcreatex.in.file_attr = attrib;
     318          38 :         status = smb_raw_open(cli->tree, tctx, &io);
     319          38 :         CHECK_STATUS(status, NT_STATUS_OK);
     320          38 :         fnum = io.ntcreatex.out.file.fnum;
     321             : 
     322          38 :         FAIL_UNLESS(verify_attrib(tctx, cli, fnum, attrib));
     323             : 
     324          37 :         status = smbcli_close(cli->tree, fnum);
     325          37 :         CHECK_STATUS(status, NT_STATUS_OK);
     326             : 
     327          37 :         status = delete_func(cli->tree, fname);
     328          37 :         CHECK_STATUS(status, NT_STATUS_OK);
     329             : 
     330          37 :         torture_comment(tctx, "creating with attributes and ACL\n");
     331             : 
     332          37 :         io.ntcreatex.in.sec_desc = sd;
     333          37 :         io.ntcreatex.in.file_attr = attrib;
     334          37 :         status = smb_raw_open(cli->tree, tctx, &io);
     335          37 :         CHECK_STATUS(status, NT_STATUS_OK);
     336          37 :         fnum = io.ntcreatex.out.file.fnum;
     337             : 
     338          37 :         FAIL_UNLESS(verify_sd(tctx, cli, fnum, sd));
     339          37 :         FAIL_UNLESS(verify_attrib(tctx, cli, fnum, attrib));
     340             : 
     341          37 :         status = smbcli_close(cli->tree, fnum);
     342          37 :         CHECK_STATUS(status, NT_STATUS_OK);
     343          37 :         status = delete_func(cli->tree, fname);
     344          37 :         CHECK_STATUS(status, NT_STATUS_OK);
     345             : 
     346          38 :  done:
     347          38 :         smbcli_close(cli->tree, fnum);
     348          38 :         smb_raw_exit(cli->session);
     349          38 :         smbcli_deltree(cli->tree, BASEDIR);
     350          38 :         return ret;
     351             : }
     352             : 
     353             : /*
     354             :   test using nttrans create to create a file and directory with an initial acl
     355             :   and owner.
     356             : */
     357          38 : static bool test_nttrans_create_ext_owner(
     358             :         struct torture_context *tctx,
     359             :         struct smbcli_state *cli, bool test_dir)
     360             : {
     361           0 :         NTSTATUS status;
     362           0 :         union smb_open io;
     363          38 :         const char *fname = BASEDIR "\\foo.txt";
     364          38 :         bool ret = true;
     365          38 :         int fnum = -1;
     366           0 :         struct security_ace ace;
     367           0 :         struct security_descriptor *sd;
     368          38 :         uint32_t attrib =
     369             :             FILE_ATTRIBUTE_HIDDEN |
     370             :             FILE_ATTRIBUTE_SYSTEM |
     371             :             (test_dir ? FILE_ATTRIBUTE_DIRECTORY : 0);
     372          38 :         NTSTATUS (*delete_func)(struct smbcli_tree *, const char *) =
     373          38 :             test_dir ? smbcli_rmdir : smbcli_unlink;
     374             : 
     375          38 :         ZERO_STRUCT(ace);
     376             : 
     377          38 :         smbcli_deltree(cli->tree, BASEDIR);
     378             : 
     379          38 :         if (!torture_setup_dir(cli, BASEDIR))
     380           0 :                 return false;
     381             : 
     382          38 :         io.generic.level = RAW_OPEN_NTTRANS_CREATE;
     383          38 :         io.ntcreatex.in.root_fid.fnum = 0;
     384          38 :         io.ntcreatex.in.flags = 0;
     385          38 :         io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
     386          38 :         io.ntcreatex.in.create_options =
     387          38 :             test_dir ? NTCREATEX_OPTIONS_DIRECTORY : 0;
     388          38 :         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
     389          38 :         io.ntcreatex.in.share_access =
     390             :                 NTCREATEX_SHARE_ACCESS_READ |
     391             :                 NTCREATEX_SHARE_ACCESS_WRITE;
     392          38 :         io.ntcreatex.in.alloc_size = 0;
     393          38 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
     394          38 :         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
     395          38 :         io.ntcreatex.in.security_flags = 0;
     396          38 :         io.ntcreatex.in.fname = fname;
     397          38 :         io.ntcreatex.in.sec_desc = NULL;
     398          38 :         io.ntcreatex.in.ea_list = NULL;
     399             : 
     400          38 :         torture_comment(tctx, "creating with attributes, ACL and owner\n");
     401             : 
     402          38 :         sd = security_descriptor_dacl_create(tctx,
     403             :                                         0, SID_WORLD, SID_BUILTIN_USERS,
     404             :                                         SID_WORLD,
     405             :                                         SEC_ACE_TYPE_ACCESS_ALLOWED,
     406             :                                         SEC_RIGHTS_FILE_READ | SEC_STD_ALL,
     407             :                                         0,
     408             :                                         NULL);
     409             : 
     410          38 :         io.ntcreatex.in.sec_desc = sd;
     411          38 :         io.ntcreatex.in.file_attr = attrib;
     412          38 :         status = smb_raw_open(cli->tree, tctx, &io);
     413          38 :         CHECK_STATUS(status, NT_STATUS_OK);
     414          38 :         fnum = io.ntcreatex.out.file.fnum;
     415             : 
     416          38 :         FAIL_UNLESS(verify_sd(tctx, cli, fnum, sd));
     417           8 :         FAIL_UNLESS(verify_attrib(tctx, cli, fnum, attrib));
     418             : 
     419           8 :         status = smbcli_close(cli->tree, fnum);
     420           8 :         CHECK_STATUS(status, NT_STATUS_OK);
     421           8 :         status = delete_func(cli->tree, fname);
     422           8 :         CHECK_STATUS(status, NT_STATUS_OK);
     423             : 
     424          38 :  done:
     425          38 :         smbcli_close(cli->tree, fnum);
     426          38 :         smb_raw_exit(cli->session);
     427          38 :         smbcli_deltree(cli->tree, BASEDIR);
     428          38 :         return ret;
     429             : }
     430             : 
     431          19 : static bool test_nttrans_create_file(struct torture_context *tctx,
     432             :     struct smbcli_state *cli)
     433             : {
     434          19 :         torture_comment(tctx, "Testing nttrans create with sec_desc on files\n");
     435             : 
     436          19 :         return test_nttrans_create_ext(tctx, cli, false);
     437             : }
     438             : 
     439          19 : static bool test_nttrans_create_dir(struct torture_context *tctx,
     440             :     struct smbcli_state *cli)
     441             : {
     442          19 :         torture_comment(tctx, "Testing nttrans create with sec_desc on directories\n");
     443             : 
     444          19 :         return test_nttrans_create_ext(tctx, cli, true);
     445             : }
     446             : 
     447          19 : static bool test_nttrans_create_owner_file(struct torture_context *tctx,
     448             :     struct smbcli_state *cli)
     449             : {
     450          19 :         torture_comment(tctx, "Testing nttrans create with sec_desc with owner on file\n");
     451             : 
     452          19 :         return test_nttrans_create_ext_owner(tctx, cli, false);
     453             : }
     454             : 
     455          19 : static bool test_nttrans_create_owner_dir(struct torture_context *tctx,
     456             :     struct smbcli_state *cli)
     457             : {
     458          19 :         torture_comment(tctx, "Testing nttrans create with sec_desc with owner on directory\n");
     459             : 
     460          19 :         return test_nttrans_create_ext_owner(tctx, cli, true);
     461             : }
     462             : 
     463             : #define CHECK_ACCESS_FLAGS(_fnum, flags) do { \
     464             :         union smb_fileinfo _q; \
     465             :         _q.access_information.level = RAW_FILEINFO_ACCESS_INFORMATION; \
     466             :         _q.access_information.in.file.fnum = (_fnum); \
     467             :         status = smb_raw_fileinfo(cli->tree, tctx, &_q); \
     468             :         CHECK_STATUS(status, NT_STATUS_OK); \
     469             :         if (_q.access_information.out.access_flags != (flags)) { \
     470             :                 ret = false; \
     471             :                 torture_result(tctx, TORTURE_FAIL, "(%s) Incorrect access_flags 0x%08x - should be 0x%08x\n", \
     472             :                        __location__, _q.access_information.out.access_flags, (flags)); \
     473             :                 goto done; \
     474             :         } \
     475             : } while (0)
     476             : 
     477             : /*
     478             :   test using NTTRANS CREATE to create a file with a null ACL set
     479             :   Test copied to test_create_null_dacl() for SMB2.
     480             : */
     481          19 : static bool test_nttrans_create_null_dacl(struct torture_context *tctx,
     482             :                                           struct smbcli_state *cli)
     483             : {
     484           0 :         NTSTATUS status;
     485           0 :         union smb_open io;
     486          19 :         const char *fname = BASEDIR "\\nulldacl.txt";
     487          19 :         bool ret = true;
     488          19 :         int fnum = -1;
     489           0 :         union smb_fileinfo q;
     490           0 :         union smb_setfileinfo s;
     491          19 :         struct security_descriptor *sd = security_descriptor_initialise(tctx);
     492           0 :         struct security_acl dacl;
     493             : 
     494          19 :         if (!torture_setup_dir(cli, BASEDIR))
     495           0 :                 return false;
     496             : 
     497          19 :         torture_comment(tctx, "TESTING SEC_DESC WITH A NULL DACL\n");
     498             : 
     499          19 :         io.generic.level = RAW_OPEN_NTTRANS_CREATE;
     500          19 :         io.ntcreatex.in.root_fid.fnum = 0;
     501          19 :         io.ntcreatex.in.flags = 0;
     502          19 :         io.ntcreatex.in.access_mask = SEC_STD_READ_CONTROL | SEC_STD_WRITE_DAC
     503             :                 | SEC_STD_WRITE_OWNER;
     504          19 :         io.ntcreatex.in.create_options = 0;
     505          19 :         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
     506          19 :         io.ntcreatex.in.share_access =
     507             :                 NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
     508          19 :         io.ntcreatex.in.alloc_size = 0;
     509          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF;
     510          19 :         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
     511          19 :         io.ntcreatex.in.security_flags = 0;
     512          19 :         io.ntcreatex.in.fname = fname;
     513          19 :         io.ntcreatex.in.sec_desc = sd;
     514          19 :         io.ntcreatex.in.ea_list = NULL;
     515             : 
     516          19 :         torture_comment(tctx, "creating a file with a empty sd\n");
     517          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     518          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     519          19 :         fnum = io.ntcreatex.out.file.fnum;
     520             : 
     521          19 :         torture_comment(tctx, "get the original sd\n");
     522          19 :         q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     523          19 :         q.query_secdesc.in.file.fnum = fnum;
     524          19 :         q.query_secdesc.in.secinfo_flags =
     525             :                 SECINFO_OWNER |
     526             :                 SECINFO_GROUP |
     527             :                 SECINFO_DACL;
     528          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
     529          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     530             : 
     531             :         /*
     532             :          * Testing the created DACL,
     533             :          * the server should add the inherited DACL
     534             :          * when SEC_DESC_DACL_PRESENT isn't specified
     535             :          */
     536          19 :         if (!(q.query_secdesc.out.sd->type & SEC_DESC_DACL_PRESENT)) {
     537           0 :                 ret = false;
     538           0 :                 torture_result(tctx, TORTURE_FAIL, "DACL_PRESENT flag not set by the server!\n");
     539           0 :                 goto done;
     540             :         }
     541          19 :         if (q.query_secdesc.out.sd->dacl == NULL) {
     542           0 :                 ret = false;
     543           0 :                 torture_result(tctx, TORTURE_FAIL, "no DACL has been created on the server!\n");
     544           0 :                 goto done;
     545             :         }
     546             : 
     547          19 :         torture_comment(tctx, "set NULL DACL\n");
     548          19 :         sd->type |= SEC_DESC_DACL_PRESENT;
     549             : 
     550          19 :         s.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
     551          19 :         s.set_secdesc.in.file.fnum = fnum;
     552          19 :         s.set_secdesc.in.secinfo_flags = SECINFO_DACL;
     553          19 :         s.set_secdesc.in.sd = sd;
     554          19 :         status = smb_raw_setfileinfo(cli->tree, &s);
     555          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     556             : 
     557          19 :         torture_comment(tctx, "get the sd\n");
     558          19 :         q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     559          19 :         q.query_secdesc.in.file.fnum = fnum;
     560          19 :         q.query_secdesc.in.secinfo_flags =
     561             :                 SECINFO_OWNER |
     562             :                 SECINFO_GROUP |
     563             :                 SECINFO_DACL;
     564          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
     565          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     566             : 
     567             :         /* Testing the modified DACL */
     568          19 :         if (!(q.query_secdesc.out.sd->type & SEC_DESC_DACL_PRESENT)) {
     569           0 :                 ret = false;
     570           0 :                 torture_result(tctx, TORTURE_FAIL, "DACL_PRESENT flag not set by the server!\n");
     571           0 :                 goto done;
     572             :         }
     573          19 :         if (q.query_secdesc.out.sd->dacl != NULL) {
     574          14 :                 ret = false;
     575          14 :                 torture_result(tctx, TORTURE_FAIL, "DACL has been created on the server!\n");
     576          14 :                 goto done;
     577             :         }
     578             : 
     579           5 :         torture_comment(tctx, "try open for read control\n");
     580           5 :         io.ntcreatex.in.access_mask = SEC_STD_READ_CONTROL;
     581           5 :         status = smb_raw_open(cli->tree, tctx, &io);
     582           5 :         CHECK_STATUS(status, NT_STATUS_OK);
     583           5 :         CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum,
     584             :                 SEC_STD_READ_CONTROL | SEC_FILE_READ_ATTRIBUTE);
     585           5 :         smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
     586             : 
     587           5 :         torture_comment(tctx, "try open for write\n");
     588           5 :         io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA;
     589           5 :         status = smb_raw_open(cli->tree, tctx, &io);
     590           5 :         CHECK_STATUS(status, NT_STATUS_OK);
     591           5 :         CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum,
     592             :                 SEC_FILE_WRITE_DATA | SEC_FILE_READ_ATTRIBUTE);
     593           5 :         smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
     594             : 
     595           5 :         torture_comment(tctx, "try open for read\n");
     596           5 :         io.ntcreatex.in.access_mask = SEC_FILE_READ_DATA;
     597           5 :         status = smb_raw_open(cli->tree, tctx, &io);
     598           5 :         CHECK_STATUS(status, NT_STATUS_OK);
     599           5 :         CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum,
     600             :                 SEC_FILE_READ_DATA | SEC_FILE_READ_ATTRIBUTE);
     601           5 :         smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
     602             : 
     603           5 :         torture_comment(tctx, "try open for generic write\n");
     604           5 :         io.ntcreatex.in.access_mask = SEC_GENERIC_WRITE;
     605           5 :         status = smb_raw_open(cli->tree, tctx, &io);
     606           5 :         CHECK_STATUS(status, NT_STATUS_OK);
     607           5 :         CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum,
     608             :                 SEC_RIGHTS_FILE_WRITE | SEC_FILE_READ_ATTRIBUTE);
     609           5 :         smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
     610             : 
     611           5 :         torture_comment(tctx, "try open for generic read\n");
     612           5 :         io.ntcreatex.in.access_mask = SEC_GENERIC_READ;
     613           5 :         status = smb_raw_open(cli->tree, tctx, &io);
     614           5 :         CHECK_STATUS(status, NT_STATUS_OK);
     615           5 :         CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum,
     616             :                 SEC_RIGHTS_FILE_READ | SEC_FILE_READ_ATTRIBUTE);
     617           5 :         smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
     618             : 
     619           5 :         torture_comment(tctx, "set DACL with 0 aces\n");
     620           5 :         ZERO_STRUCT(dacl);
     621           5 :         dacl.revision = SECURITY_ACL_REVISION_NT4;
     622           5 :         dacl.num_aces = 0;
     623           5 :         sd->dacl = &dacl;
     624             : 
     625           5 :         s.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
     626           5 :         s.set_secdesc.in.file.fnum = fnum;
     627           5 :         s.set_secdesc.in.secinfo_flags = SECINFO_DACL;
     628           5 :         s.set_secdesc.in.sd = sd;
     629           5 :         status = smb_raw_setfileinfo(cli->tree, &s);
     630           5 :         CHECK_STATUS(status, NT_STATUS_OK);
     631             : 
     632           5 :         torture_comment(tctx, "get the sd\n");
     633           5 :         q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     634           5 :         q.query_secdesc.in.file.fnum = fnum;
     635           5 :         q.query_secdesc.in.secinfo_flags =
     636             :                 SECINFO_OWNER |
     637             :                 SECINFO_GROUP |
     638             :                 SECINFO_DACL;
     639           5 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
     640           5 :         CHECK_STATUS(status, NT_STATUS_OK);
     641             : 
     642             :         /* Testing the modified DACL */
     643           5 :         if (!(q.query_secdesc.out.sd->type & SEC_DESC_DACL_PRESENT)) {
     644           0 :                 ret = false;
     645           0 :                 torture_result(tctx, TORTURE_FAIL, "DACL_PRESENT flag not set by the server!\n");
     646           0 :                 goto done;
     647             :         }
     648           5 :         if (q.query_secdesc.out.sd->dacl == NULL) {
     649           0 :                 ret = false;
     650           0 :                 torture_result(tctx, TORTURE_FAIL, "no DACL has been created on the server!\n");
     651           0 :                 goto done;
     652             :         }
     653           5 :         if (q.query_secdesc.out.sd->dacl->num_aces != 0) {
     654           0 :                 ret = false;
     655           0 :                 torture_result(tctx, TORTURE_FAIL, "DACL has %u aces!\n",
     656           0 :                        q.query_secdesc.out.sd->dacl->num_aces);
     657           0 :                 goto done;
     658             :         }
     659             : 
     660           5 :         torture_comment(tctx, "try open for read control\n");
     661           5 :         io.ntcreatex.in.access_mask = SEC_STD_READ_CONTROL;
     662           5 :         status = smb_raw_open(cli->tree, tctx, &io);
     663           5 :         CHECK_STATUS(status, NT_STATUS_OK);
     664           5 :         CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum,
     665             :                 SEC_STD_READ_CONTROL | SEC_FILE_READ_ATTRIBUTE);
     666           5 :         smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
     667             : 
     668           5 :         torture_comment(tctx, "try open for write => access_denied\n");
     669           5 :         io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA;
     670           5 :         status = smb_raw_open(cli->tree, tctx, &io);
     671           5 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
     672             : 
     673           5 :         torture_comment(tctx, "try open for read => access_denied\n");
     674           5 :         io.ntcreatex.in.access_mask = SEC_FILE_READ_DATA;
     675           5 :         status = smb_raw_open(cli->tree, tctx, &io);
     676           5 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
     677             : 
     678           5 :         torture_comment(tctx, "try open for generic write => access_denied\n");
     679           5 :         io.ntcreatex.in.access_mask = SEC_GENERIC_WRITE;
     680           5 :         status = smb_raw_open(cli->tree, tctx, &io);
     681           5 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
     682             : 
     683           5 :         torture_comment(tctx, "try open for generic read => access_denied\n");
     684           5 :         io.ntcreatex.in.access_mask = SEC_GENERIC_READ;
     685           5 :         status = smb_raw_open(cli->tree, tctx, &io);
     686           5 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
     687             : 
     688           5 :         torture_comment(tctx, "set empty sd\n");
     689           5 :         sd->type &= ~SEC_DESC_DACL_PRESENT;
     690           5 :         sd->dacl = NULL;
     691             : 
     692           5 :         s.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
     693           5 :         s.set_secdesc.in.file.fnum = fnum;
     694           5 :         s.set_secdesc.in.secinfo_flags = SECINFO_DACL;
     695           5 :         s.set_secdesc.in.sd = sd;
     696           5 :         status = smb_raw_setfileinfo(cli->tree, &s);
     697           5 :         CHECK_STATUS(status, NT_STATUS_OK);
     698             : 
     699           5 :         torture_comment(tctx, "get the sd\n");
     700           5 :         q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     701           5 :         q.query_secdesc.in.file.fnum = fnum;
     702           5 :         q.query_secdesc.in.secinfo_flags =
     703             :                 SECINFO_OWNER |
     704             :                 SECINFO_GROUP |
     705             :                 SECINFO_DACL;
     706           5 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
     707           5 :         CHECK_STATUS(status, NT_STATUS_OK);
     708             : 
     709             :         /* Testing the modified DACL */
     710           5 :         if (!(q.query_secdesc.out.sd->type & SEC_DESC_DACL_PRESENT)) {
     711           0 :                 ret = false;
     712           0 :                 torture_result(tctx, TORTURE_FAIL, "DACL_PRESENT flag not set by the server!\n");
     713           0 :                 goto done;
     714             :         }
     715           5 :         if (q.query_secdesc.out.sd->dacl != NULL) {
     716           0 :                 ret = false;
     717           0 :                 torture_result(tctx, TORTURE_FAIL, "DACL has been created on the server!\n");
     718           0 :                 goto done;
     719             :         }
     720           5 : done:
     721          19 :         smbcli_close(cli->tree, fnum);
     722          19 :         smb_raw_exit(cli->session);
     723          19 :         smbcli_deltree(cli->tree, BASEDIR);
     724          19 :         return ret;
     725             : }
     726             : 
     727             : /*
     728             :   test the behaviour of the well known SID_CREATOR_OWNER sid, and some generic
     729             :   mapping bits
     730             :   Test copied to smb2/acls.c for SMB2.
     731             : */
     732          19 : static bool test_creator_sid(struct torture_context *tctx, 
     733             :                                                          struct smbcli_state *cli)
     734             : {
     735           0 :         NTSTATUS status;
     736           0 :         union smb_open io;
     737          19 :         const char *fname = BASEDIR "\\creator.txt";
     738          19 :         bool ret = true;
     739          19 :         int fnum = -1;
     740           0 :         union smb_fileinfo q;
     741           0 :         union smb_setfileinfo set;
     742           0 :         struct security_descriptor *sd, *sd_orig, *sd2;
     743           0 :         const char *owner_sid;
     744             : 
     745          19 :         if (!torture_setup_dir(cli, BASEDIR))
     746           0 :                 return false;
     747             : 
     748          19 :         torture_comment(tctx, "TESTING SID_CREATOR_OWNER\n");
     749             : 
     750          19 :         io.generic.level = RAW_OPEN_NTCREATEX;
     751          19 :         io.ntcreatex.in.root_fid.fnum = 0;
     752          19 :         io.ntcreatex.in.flags = 0;
     753          19 :         io.ntcreatex.in.access_mask = SEC_STD_READ_CONTROL | SEC_STD_WRITE_DAC | SEC_STD_WRITE_OWNER;
     754          19 :         io.ntcreatex.in.create_options = 0;
     755          19 :         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
     756          19 :         io.ntcreatex.in.share_access = 
     757             :                 NTCREATEX_SHARE_ACCESS_READ | 
     758             :                 NTCREATEX_SHARE_ACCESS_WRITE;
     759          19 :         io.ntcreatex.in.alloc_size = 0;
     760          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF;
     761          19 :         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
     762          19 :         io.ntcreatex.in.security_flags = 0;
     763          19 :         io.ntcreatex.in.fname = fname;
     764          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     765          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     766          19 :         fnum = io.ntcreatex.out.file.fnum;
     767             : 
     768          19 :         torture_comment(tctx, "get the original sd\n");
     769          19 :         q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
     770          19 :         q.query_secdesc.in.file.fnum = fnum;
     771          19 :         q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
     772          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
     773          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     774          19 :         sd_orig = q.query_secdesc.out.sd;
     775             : 
     776          19 :         owner_sid = dom_sid_string(tctx, sd_orig->owner_sid);
     777             : 
     778          19 :         torture_comment(tctx, "set a sec desc allowing no write by CREATOR_OWNER\n");
     779          19 :         sd = security_descriptor_dacl_create(tctx,
     780             :                                         0, NULL, NULL,
     781             :                                         SID_CREATOR_OWNER,
     782             :                                         SEC_ACE_TYPE_ACCESS_ALLOWED,
     783             :                                         SEC_RIGHTS_FILE_READ | SEC_STD_ALL,
     784             :                                         0,
     785             :                                         NULL);
     786             : 
     787          19 :         set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
     788          19 :         set.set_secdesc.in.file.fnum = fnum;
     789          19 :         set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
     790          19 :         set.set_secdesc.in.sd = sd;
     791             : 
     792          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
     793          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     794             : 
     795          19 :         torture_comment(tctx, "try open for write\n");
     796          19 :         io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA;
     797          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     798          19 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
     799             : 
     800          19 :         torture_comment(tctx, "try open for read\n");
     801          19 :         io.ntcreatex.in.access_mask = SEC_FILE_READ_DATA;
     802          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     803          19 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
     804             : 
     805          19 :         torture_comment(tctx, "try open for generic write\n");
     806          19 :         io.ntcreatex.in.access_mask = SEC_GENERIC_WRITE;
     807          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     808          19 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
     809             : 
     810          19 :         torture_comment(tctx, "try open for generic read\n");
     811          19 :         io.ntcreatex.in.access_mask = SEC_GENERIC_READ;
     812          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     813          19 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
     814             : 
     815          19 :         torture_comment(tctx, "set a sec desc allowing no write by owner\n");
     816          19 :         sd = security_descriptor_dacl_create(tctx,
     817             :                                         0, owner_sid, NULL,
     818             :                                         owner_sid,
     819             :                                         SEC_ACE_TYPE_ACCESS_ALLOWED,
     820             :                                         SEC_RIGHTS_FILE_READ | SEC_STD_ALL,
     821             :                                         0,
     822             :                                         NULL);
     823             : 
     824          19 :         set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
     825          19 :         set.set_secdesc.in.file.fnum = fnum;
     826          19 :         set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
     827          19 :         set.set_secdesc.in.sd = sd;
     828          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
     829          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     830             : 
     831          19 :         torture_comment(tctx, "check that sd has been mapped correctly\n");
     832          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
     833          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     834          19 :         CHECK_SECURITY_DESCRIPTOR(q.query_secdesc.out.sd, sd);
     835             : 
     836          19 :         torture_comment(tctx, "try open for write\n");
     837          19 :         io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA;
     838          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     839          19 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
     840             : 
     841          19 :         torture_comment(tctx, "try open for read\n");
     842          19 :         io.ntcreatex.in.access_mask = SEC_FILE_READ_DATA;
     843          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     844          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     845          19 :         CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum, 
     846             :                            SEC_FILE_READ_DATA|
     847             :                            SEC_FILE_READ_ATTRIBUTE);
     848          19 :         smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
     849             : 
     850          19 :         torture_comment(tctx, "try open for generic write\n");
     851          19 :         io.ntcreatex.in.access_mask = SEC_GENERIC_WRITE;
     852          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     853          19 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
     854             : 
     855          19 :         torture_comment(tctx, "try open for generic read\n");
     856          19 :         io.ntcreatex.in.access_mask = SEC_GENERIC_READ;
     857          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     858          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     859          19 :         CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum, 
     860             :                            SEC_RIGHTS_FILE_READ);
     861          19 :         smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
     862             : 
     863          19 :         torture_comment(tctx, "set a sec desc allowing generic read by owner\n");
     864          19 :         sd = security_descriptor_dacl_create(tctx,
     865             :                                         0, NULL, NULL,
     866             :                                         owner_sid,
     867             :                                         SEC_ACE_TYPE_ACCESS_ALLOWED,
     868             :                                         SEC_GENERIC_READ | SEC_STD_ALL,
     869             :                                         0,
     870             :                                         NULL);
     871             : 
     872          19 :         set.set_secdesc.in.sd = sd;
     873          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
     874          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     875             : 
     876          19 :         torture_comment(tctx, "check that generic read has been mapped correctly\n");
     877          19 :         sd2 = security_descriptor_dacl_create(tctx,
     878             :                                          0, owner_sid, NULL,
     879             :                                          owner_sid,
     880             :                                          SEC_ACE_TYPE_ACCESS_ALLOWED,
     881             :                                          SEC_RIGHTS_FILE_READ | SEC_STD_ALL,
     882             :                                          0,
     883             :                                          NULL);
     884             : 
     885          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
     886          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     887          19 :         CHECK_SECURITY_DESCRIPTOR(q.query_secdesc.out.sd, sd2);
     888             : 
     889          19 :         torture_comment(tctx, "try open for write\n");
     890          19 :         io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA;
     891          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     892          19 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
     893             : 
     894          19 :         torture_comment(tctx, "try open for read\n");
     895          19 :         io.ntcreatex.in.access_mask = SEC_FILE_READ_DATA;
     896          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     897          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     898          19 :         CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum, 
     899             :                            SEC_FILE_READ_DATA | 
     900             :                            SEC_FILE_READ_ATTRIBUTE);
     901          19 :         smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
     902             : 
     903          19 :         torture_comment(tctx, "try open for generic write\n");
     904          19 :         io.ntcreatex.in.access_mask = SEC_GENERIC_WRITE;
     905          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     906          19 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
     907             : 
     908          19 :         torture_comment(tctx, "try open for generic read\n");
     909          19 :         io.ntcreatex.in.access_mask = SEC_GENERIC_READ;
     910          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     911          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     912          19 :         CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum, SEC_RIGHTS_FILE_READ);
     913          19 :         smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
     914             : 
     915             : 
     916          19 :         torture_comment(tctx, "put back original sd\n");
     917          19 :         set.set_secdesc.in.sd = sd_orig;
     918          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
     919          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     920             : 
     921             : 
     922          19 : done:
     923          19 :         smbcli_close(cli->tree, fnum);
     924          19 :         smb_raw_exit(cli->session);
     925          19 :         smbcli_deltree(cli->tree, BASEDIR);
     926          19 :         return ret;
     927             : }
     928             : 
     929             : 
     930             : /*
     931             :   test the mapping of the SEC_GENERIC_xx bits to SEC_STD_xx and
     932             :   SEC_FILE_xx bits
     933             :   Test copied to smb2/acls.c for SMB2.
     934             : */
     935          19 : static bool test_generic_bits(struct torture_context *tctx, 
     936             :                                                           struct smbcli_state *cli)
     937             : {
     938           0 :         NTSTATUS status;
     939           0 :         union smb_open io;
     940          19 :         const char *fname = BASEDIR "\\generic.txt";
     941          19 :         bool ret = true;
     942          19 :         int fnum = -1, i;
     943           0 :         union smb_fileinfo q;
     944           0 :         union smb_setfileinfo set;
     945           0 :         struct security_descriptor *sd, *sd_orig, *sd2;
     946           0 :         const char *owner_sid;
     947           0 :         const struct {
     948             :                 uint32_t gen_bits;
     949             :                 uint32_t specific_bits;
     950          19 :         } file_mappings[] = {
     951             :                 { 0,                       0 },
     952             :                 { SEC_GENERIC_READ,        SEC_RIGHTS_FILE_READ },
     953             :                 { SEC_GENERIC_WRITE,       SEC_RIGHTS_FILE_WRITE },
     954             :                 { SEC_GENERIC_EXECUTE,     SEC_RIGHTS_FILE_EXECUTE },
     955             :                 { SEC_GENERIC_ALL,         SEC_RIGHTS_FILE_ALL },
     956             :                 { SEC_FILE_READ_DATA,      SEC_FILE_READ_DATA },
     957             :                 { SEC_FILE_READ_ATTRIBUTE, SEC_FILE_READ_ATTRIBUTE }
     958             :         };
     959           0 :         const struct {
     960             :                 uint32_t gen_bits;
     961             :                 uint32_t specific_bits;
     962          19 :         } dir_mappings[] = {
     963             :                 { 0,                   0 },
     964             :                 { SEC_GENERIC_READ,    SEC_RIGHTS_DIR_READ },
     965             :                 { SEC_GENERIC_WRITE,   SEC_RIGHTS_DIR_WRITE },
     966             :                 { SEC_GENERIC_EXECUTE, SEC_RIGHTS_DIR_EXECUTE },
     967             :                 { SEC_GENERIC_ALL,     SEC_RIGHTS_DIR_ALL }
     968             :         };
     969           0 :         bool has_restore_privilege;
     970           0 :         bool has_take_ownership_privilege;
     971             : 
     972          19 :         if (!torture_setup_dir(cli, BASEDIR))
     973           0 :                 return false;
     974             : 
     975          19 :         torture_comment(tctx, "TESTING FILE GENERIC BITS\n");
     976             : 
     977          19 :         io.generic.level = RAW_OPEN_NTCREATEX;
     978          19 :         io.ntcreatex.in.root_fid.fnum = 0;
     979          19 :         io.ntcreatex.in.flags = 0;
     980          19 :         io.ntcreatex.in.access_mask = 
     981             :                 SEC_STD_READ_CONTROL | 
     982             :                 SEC_STD_WRITE_DAC | 
     983             :                 SEC_STD_WRITE_OWNER;
     984          19 :         io.ntcreatex.in.create_options = 0;
     985          19 :         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
     986          19 :         io.ntcreatex.in.share_access = 
     987             :                 NTCREATEX_SHARE_ACCESS_READ | 
     988             :                 NTCREATEX_SHARE_ACCESS_WRITE;
     989          19 :         io.ntcreatex.in.alloc_size = 0;
     990          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF;
     991          19 :         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
     992          19 :         io.ntcreatex.in.security_flags = 0;
     993          19 :         io.ntcreatex.in.fname = fname;
     994          19 :         status = smb_raw_open(cli->tree, tctx, &io);
     995          19 :         CHECK_STATUS(status, NT_STATUS_OK);
     996          19 :         fnum = io.ntcreatex.out.file.fnum;
     997             : 
     998          19 :         torture_comment(tctx, "get the original sd\n");
     999          19 :         q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
    1000          19 :         q.query_secdesc.in.file.fnum = fnum;
    1001          19 :         q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
    1002          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
    1003          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1004          19 :         sd_orig = q.query_secdesc.out.sd;
    1005             : 
    1006          19 :         owner_sid = dom_sid_string(tctx, sd_orig->owner_sid);
    1007             : 
    1008          19 :         status = torture_check_privilege(cli, 
    1009             :                                             owner_sid, 
    1010             :                                             sec_privilege_name(SEC_PRIV_RESTORE));
    1011          19 :         has_restore_privilege = NT_STATUS_IS_OK(status);
    1012          19 :         if (!NT_STATUS_IS_OK(status)) {
    1013          16 :                 torture_warning(tctx, "torture_check_privilege - %s\n",
    1014             :                     nt_errstr(status));
    1015             :         }
    1016          19 :         torture_comment(tctx, "SEC_PRIV_RESTORE - %s\n", has_restore_privilege?"Yes":"No");
    1017             : 
    1018          19 :         status = torture_check_privilege(cli, 
    1019             :                                             owner_sid, 
    1020             :                                             sec_privilege_name(SEC_PRIV_TAKE_OWNERSHIP));
    1021          19 :         has_take_ownership_privilege = NT_STATUS_IS_OK(status);
    1022          19 :         if (!NT_STATUS_IS_OK(status)) {
    1023          16 :                 torture_warning(tctx, "torture_check_privilege - %s\n",
    1024             :                     nt_errstr(status));
    1025             :         }
    1026          19 :         torture_comment(tctx, "SEC_PRIV_TAKE_OWNERSHIP - %s\n", has_take_ownership_privilege?"Yes":"No");
    1027             : 
    1028         152 :         for (i=0;i<ARRAY_SIZE(file_mappings);i++) {
    1029         133 :                 uint32_t expected_mask = 
    1030             :                         SEC_STD_WRITE_DAC | 
    1031             :                         SEC_STD_READ_CONTROL | 
    1032             :                         SEC_FILE_READ_ATTRIBUTE |
    1033             :                         SEC_STD_DELETE;
    1034         133 :                 uint32_t expected_mask_anon = SEC_FILE_READ_ATTRIBUTE;
    1035             : 
    1036         133 :                 if (has_restore_privilege) {
    1037          21 :                         expected_mask_anon |= SEC_STD_DELETE;
    1038             :                 }
    1039             : 
    1040         133 :                 torture_comment(tctx, "Testing generic bits 0x%08x\n",
    1041         133 :                        file_mappings[i].gen_bits);
    1042         133 :                 sd = security_descriptor_dacl_create(tctx,
    1043             :                                                 0, owner_sid, NULL,
    1044             :                                                 owner_sid,
    1045             :                                                 SEC_ACE_TYPE_ACCESS_ALLOWED,
    1046         133 :                                                 file_mappings[i].gen_bits,
    1047             :                                                 0,
    1048             :                                                 NULL);
    1049             : 
    1050         133 :                 set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
    1051         133 :                 set.set_secdesc.in.file.fnum = fnum;
    1052         133 :                 set.set_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
    1053         133 :                 set.set_secdesc.in.sd = sd;
    1054             : 
    1055         133 :                 status = smb_raw_setfileinfo(cli->tree, &set);
    1056         133 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1057             : 
    1058         133 :                 sd2 = security_descriptor_dacl_create(tctx,
    1059             :                                                  0, owner_sid, NULL,
    1060             :                                                  owner_sid,
    1061             :                                                  SEC_ACE_TYPE_ACCESS_ALLOWED,
    1062         133 :                                                  file_mappings[i].specific_bits,
    1063             :                                                  0,
    1064             :                                                  NULL);
    1065             : 
    1066         133 :                 status = smb_raw_fileinfo(cli->tree, tctx, &q);
    1067         133 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1068         133 :                 CHECK_SECURITY_DESCRIPTOR(q.query_secdesc.out.sd, sd2);
    1069             : 
    1070         133 :                 io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
    1071         133 :                 status = smb_raw_open(cli->tree, tctx, &io);
    1072         133 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1073         133 :                 CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum, 
    1074             :                                    expected_mask | file_mappings[i].specific_bits);
    1075         133 :                 smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
    1076             : 
    1077         133 :                 if (!has_take_ownership_privilege) {
    1078         112 :                         continue;
    1079             :                 }
    1080             : 
    1081          21 :                 torture_comment(tctx, "Testing generic bits 0x%08x (anonymous)\n",
    1082          21 :                        file_mappings[i].gen_bits);
    1083          21 :                 sd = security_descriptor_dacl_create(tctx,
    1084             :                                                 0, SID_NT_ANONYMOUS, NULL,
    1085             :                                                 owner_sid,
    1086             :                                                 SEC_ACE_TYPE_ACCESS_ALLOWED,
    1087          21 :                                                 file_mappings[i].gen_bits,
    1088             :                                                 0,
    1089             :                                                 NULL);
    1090             : 
    1091          21 :                 set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
    1092          21 :                 set.set_secdesc.in.file.fnum = fnum;
    1093          21 :                 set.set_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
    1094          21 :                 set.set_secdesc.in.sd = sd;
    1095             : 
    1096          21 :                 status = smb_raw_setfileinfo(cli->tree, &set);
    1097          21 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1098             : 
    1099          21 :                 sd2 = security_descriptor_dacl_create(tctx,
    1100             :                                                  0, SID_NT_ANONYMOUS, NULL,
    1101             :                                                  owner_sid,
    1102             :                                                  SEC_ACE_TYPE_ACCESS_ALLOWED,
    1103          21 :                                                  file_mappings[i].specific_bits,
    1104             :                                                  0,
    1105             :                                                  NULL);
    1106             : 
    1107          21 :                 status = smb_raw_fileinfo(cli->tree, tctx, &q);
    1108          21 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1109          21 :                 CHECK_SECURITY_DESCRIPTOR(q.query_secdesc.out.sd, sd2);
    1110             : 
    1111          21 :                 io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
    1112          21 :                 status = smb_raw_open(cli->tree, tctx, &io);
    1113          21 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1114          21 :                 CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum, 
    1115             :                                    expected_mask_anon | file_mappings[i].specific_bits);
    1116          21 :                 smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
    1117             :         }
    1118             : 
    1119          19 :         torture_comment(tctx, "put back original sd\n");
    1120          19 :         set.set_secdesc.in.sd = sd_orig;
    1121          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
    1122          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1123             : 
    1124          19 :         smbcli_close(cli->tree, fnum);
    1125          19 :         smbcli_unlink(cli->tree, fname);
    1126             : 
    1127             : 
    1128          19 :         torture_comment(tctx, "TESTING DIR GENERIC BITS\n");
    1129             : 
    1130          19 :         io.generic.level = RAW_OPEN_NTCREATEX;
    1131          19 :         io.ntcreatex.in.root_fid.fnum = 0;
    1132          19 :         io.ntcreatex.in.flags = 0;
    1133          19 :         io.ntcreatex.in.access_mask = 
    1134             :                 SEC_STD_READ_CONTROL | 
    1135             :                 SEC_STD_WRITE_DAC | 
    1136             :                 SEC_STD_WRITE_OWNER;
    1137          19 :         io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY;
    1138          19 :         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_DIRECTORY;
    1139          19 :         io.ntcreatex.in.share_access = 
    1140             :                 NTCREATEX_SHARE_ACCESS_READ | 
    1141             :                 NTCREATEX_SHARE_ACCESS_WRITE;
    1142          19 :         io.ntcreatex.in.alloc_size = 0;
    1143          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF;
    1144          19 :         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
    1145          19 :         io.ntcreatex.in.security_flags = 0;
    1146          19 :         io.ntcreatex.in.fname = fname;
    1147          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    1148          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1149          19 :         fnum = io.ntcreatex.out.file.fnum;
    1150             : 
    1151          19 :         torture_comment(tctx, "get the original sd\n");
    1152          19 :         q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
    1153          19 :         q.query_secdesc.in.file.fnum = fnum;
    1154          19 :         q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
    1155          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
    1156          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1157          19 :         sd_orig = q.query_secdesc.out.sd;
    1158             : 
    1159          19 :         owner_sid = dom_sid_string(tctx, sd_orig->owner_sid);
    1160             : 
    1161          19 :         status = torture_check_privilege(cli, 
    1162             :                                             owner_sid, 
    1163             :                                             sec_privilege_name(SEC_PRIV_RESTORE));
    1164          19 :         has_restore_privilege = NT_STATUS_IS_OK(status);
    1165          19 :         if (!NT_STATUS_IS_OK(status)) {
    1166          16 :                 torture_warning(tctx, "torture_check_privilege - %s\n",
    1167             :                     nt_errstr(status));
    1168             :         }
    1169          19 :         torture_comment(tctx, "SEC_PRIV_RESTORE - %s\n", has_restore_privilege?"Yes":"No");
    1170             : 
    1171          19 :         status = torture_check_privilege(cli, 
    1172             :                                             owner_sid, 
    1173             :                                             sec_privilege_name(SEC_PRIV_TAKE_OWNERSHIP));
    1174          19 :         has_take_ownership_privilege = NT_STATUS_IS_OK(status);
    1175          19 :         if (!NT_STATUS_IS_OK(status)) {
    1176          16 :                 torture_warning(tctx, "torture_check_privilege - %s\n",
    1177             :                     nt_errstr(status));
    1178             :         }
    1179          19 :         torture_comment(tctx, "SEC_PRIV_TAKE_OWNERSHIP - %s\n", has_take_ownership_privilege?"Yes":"No");
    1180             : 
    1181         114 :         for (i=0;i<ARRAY_SIZE(dir_mappings);i++) {
    1182          95 :                 uint32_t expected_mask = 
    1183             :                         SEC_STD_WRITE_DAC | 
    1184             :                         SEC_STD_READ_CONTROL | 
    1185             :                         SEC_FILE_READ_ATTRIBUTE |
    1186             :                         SEC_STD_DELETE;
    1187          95 :                 uint32_t expected_mask_anon = SEC_FILE_READ_ATTRIBUTE;
    1188             : 
    1189          95 :                 if (has_restore_privilege) {
    1190          15 :                         expected_mask_anon |= SEC_STD_DELETE;
    1191             :                 }
    1192             : 
    1193          95 :                 torture_comment(tctx, "Testing generic bits 0x%08x\n",
    1194          95 :                        file_mappings[i].gen_bits);
    1195          95 :                 sd = security_descriptor_dacl_create(tctx,
    1196             :                                                 0, owner_sid, NULL,
    1197             :                                                 owner_sid,
    1198             :                                                 SEC_ACE_TYPE_ACCESS_ALLOWED,
    1199          95 :                                                 dir_mappings[i].gen_bits,
    1200             :                                                 0,
    1201             :                                                 NULL);
    1202             : 
    1203          95 :                 set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
    1204          95 :                 set.set_secdesc.in.file.fnum = fnum;
    1205          95 :                 set.set_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
    1206          95 :                 set.set_secdesc.in.sd = sd;
    1207             : 
    1208          95 :                 status = smb_raw_setfileinfo(cli->tree, &set);
    1209          95 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1210             : 
    1211          95 :                 sd2 = security_descriptor_dacl_create(tctx,
    1212             :                                                  0, owner_sid, NULL,
    1213             :                                                  owner_sid,
    1214             :                                                  SEC_ACE_TYPE_ACCESS_ALLOWED,
    1215          95 :                                                  dir_mappings[i].specific_bits,
    1216             :                                                  0,
    1217             :                                                  NULL);
    1218             : 
    1219          95 :                 status = smb_raw_fileinfo(cli->tree, tctx, &q);
    1220          95 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1221          95 :                 CHECK_SECURITY_DESCRIPTOR(q.query_secdesc.out.sd, sd2);
    1222             : 
    1223          95 :                 io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
    1224          95 :                 status = smb_raw_open(cli->tree, tctx, &io);
    1225          95 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1226          95 :                 CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum, 
    1227             :                                    expected_mask | dir_mappings[i].specific_bits);
    1228          95 :                 smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
    1229             : 
    1230          95 :                 if (!has_take_ownership_privilege) {
    1231          80 :                         continue;
    1232             :                 }
    1233             : 
    1234          15 :                 torture_comment(tctx, "Testing generic bits 0x%08x (anonymous)\n",
    1235          15 :                        file_mappings[i].gen_bits);
    1236          15 :                 sd = security_descriptor_dacl_create(tctx,
    1237             :                                                 0, SID_NT_ANONYMOUS, NULL,
    1238             :                                                 owner_sid,
    1239             :                                                 SEC_ACE_TYPE_ACCESS_ALLOWED,
    1240          15 :                                                 file_mappings[i].gen_bits,
    1241             :                                                 0,
    1242             :                                                 NULL);
    1243             : 
    1244          15 :                 set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
    1245          15 :                 set.set_secdesc.in.file.fnum = fnum;
    1246          15 :                 set.set_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
    1247          15 :                 set.set_secdesc.in.sd = sd;
    1248             : 
    1249          15 :                 status = smb_raw_setfileinfo(cli->tree, &set);
    1250          15 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1251             : 
    1252          15 :                 sd2 = security_descriptor_dacl_create(tctx,
    1253             :                                                  0, SID_NT_ANONYMOUS, NULL,
    1254             :                                                  owner_sid,
    1255             :                                                  SEC_ACE_TYPE_ACCESS_ALLOWED,
    1256          15 :                                                  file_mappings[i].specific_bits,
    1257             :                                                  0,
    1258             :                                                  NULL);
    1259             : 
    1260          15 :                 status = smb_raw_fileinfo(cli->tree, tctx, &q);
    1261          15 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1262          15 :                 CHECK_SECURITY_DESCRIPTOR(q.query_secdesc.out.sd, sd2);
    1263             : 
    1264          15 :                 io.ntcreatex.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
    1265          15 :                 status = smb_raw_open(cli->tree, tctx, &io);
    1266          15 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1267          15 :                 CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum, 
    1268             :                                    expected_mask_anon | dir_mappings[i].specific_bits);
    1269          15 :                 smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
    1270             :         }
    1271             : 
    1272          19 :         torture_comment(tctx, "put back original sd\n");
    1273          19 :         set.set_secdesc.in.sd = sd_orig;
    1274          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
    1275          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1276             : 
    1277          19 :         smbcli_close(cli->tree, fnum);
    1278          19 :         smbcli_unlink(cli->tree, fname);
    1279             : 
    1280          19 : done:
    1281          19 :         smbcli_close(cli->tree, fnum);
    1282          19 :         smb_raw_exit(cli->session);
    1283          19 :         smbcli_deltree(cli->tree, BASEDIR);
    1284          19 :         return ret;
    1285             : }
    1286             : 
    1287             : 
    1288             : /*
    1289             :   see what access bits the owner of a file always gets
    1290             :   Test copied to smb2/acls.c for SMB2.
    1291             : */
    1292          19 : static bool test_owner_bits(struct torture_context *tctx, 
    1293             :                                                         struct smbcli_state *cli)
    1294             : {
    1295           0 :         NTSTATUS status;
    1296           0 :         union smb_open io;
    1297          19 :         const char *fname = BASEDIR "\\test_owner_bits.txt";
    1298          19 :         bool ret = true;
    1299          19 :         int fnum = -1, i;
    1300           0 :         union smb_fileinfo q;
    1301           0 :         union smb_setfileinfo set;
    1302           0 :         struct security_descriptor *sd, *sd_orig;
    1303           0 :         const char *owner_sid;
    1304           0 :         bool has_restore_privilege;
    1305           0 :         bool has_take_ownership_privilege;
    1306           0 :         uint32_t expected_bits;
    1307             : 
    1308          19 :         if (!torture_setup_dir(cli, BASEDIR))
    1309           0 :                 return false;
    1310             : 
    1311          19 :         torture_comment(tctx, "TESTING FILE OWNER BITS\n");
    1312             : 
    1313          19 :         io.generic.level = RAW_OPEN_NTCREATEX;
    1314          19 :         io.ntcreatex.in.root_fid.fnum = 0;
    1315          19 :         io.ntcreatex.in.flags = 0;
    1316          19 :         io.ntcreatex.in.access_mask = 
    1317             :                 SEC_STD_READ_CONTROL | 
    1318             :                 SEC_STD_WRITE_DAC | 
    1319             :                 SEC_STD_WRITE_OWNER;
    1320          19 :         io.ntcreatex.in.create_options = 0;
    1321          19 :         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
    1322          19 :         io.ntcreatex.in.share_access = 
    1323             :                 NTCREATEX_SHARE_ACCESS_READ | 
    1324             :                 NTCREATEX_SHARE_ACCESS_WRITE;
    1325          19 :         io.ntcreatex.in.alloc_size = 0;
    1326          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF;
    1327          19 :         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
    1328          19 :         io.ntcreatex.in.security_flags = 0;
    1329          19 :         io.ntcreatex.in.fname = fname;
    1330          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    1331          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1332          19 :         fnum = io.ntcreatex.out.file.fnum;
    1333             : 
    1334          19 :         torture_comment(tctx, "get the original sd\n");
    1335          19 :         q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
    1336          19 :         q.query_secdesc.in.file.fnum = fnum;
    1337          19 :         q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
    1338          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
    1339          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1340          19 :         sd_orig = q.query_secdesc.out.sd;
    1341             : 
    1342          19 :         owner_sid = dom_sid_string(tctx, sd_orig->owner_sid);
    1343             : 
    1344          19 :         status = torture_check_privilege(cli, 
    1345             :                                             owner_sid, 
    1346             :                                             sec_privilege_name(SEC_PRIV_RESTORE));
    1347          19 :         has_restore_privilege = NT_STATUS_IS_OK(status);
    1348          19 :         if (!NT_STATUS_IS_OK(status)) {
    1349          16 :                 torture_warning(tctx, "torture_check_privilege - %s\n", nt_errstr(status));
    1350             :         }
    1351          19 :         torture_comment(tctx, "SEC_PRIV_RESTORE - %s\n", has_restore_privilege?"Yes":"No");
    1352             : 
    1353          19 :         status = torture_check_privilege(cli, 
    1354             :                                             owner_sid, 
    1355             :                                             sec_privilege_name(SEC_PRIV_TAKE_OWNERSHIP));
    1356          19 :         has_take_ownership_privilege = NT_STATUS_IS_OK(status);
    1357          19 :         if (!NT_STATUS_IS_OK(status)) {
    1358          16 :                 torture_warning(tctx, "torture_check_privilege - %s\n", nt_errstr(status));
    1359             :         }
    1360          19 :         torture_comment(tctx, "SEC_PRIV_TAKE_OWNERSHIP - %s\n", has_take_ownership_privilege?"Yes":"No");
    1361             : 
    1362          19 :         sd = security_descriptor_dacl_create(tctx,
    1363             :                                         0, NULL, NULL,
    1364             :                                         owner_sid,
    1365             :                                         SEC_ACE_TYPE_ACCESS_ALLOWED,
    1366             :                                         SEC_FILE_WRITE_DATA,
    1367             :                                         0,
    1368             :                                         NULL);
    1369             : 
    1370          19 :         set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
    1371          19 :         set.set_secdesc.in.file.fnum = fnum;
    1372          19 :         set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
    1373          19 :         set.set_secdesc.in.sd = sd;
    1374             : 
    1375          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
    1376          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1377             : 
    1378          19 :         expected_bits = SEC_FILE_WRITE_DATA | SEC_FILE_READ_ATTRIBUTE;
    1379             : 
    1380         323 :         for (i=0;i<16;i++) {
    1381         304 :                 uint32_t bit = (1<<i);
    1382         304 :                 io.ntcreatex.in.access_mask = bit;
    1383         304 :                 status = smb_raw_open(cli->tree, tctx, &io);
    1384         304 :                 if (expected_bits & bit) {
    1385          38 :                         if (!NT_STATUS_IS_OK(status)) {
    1386           0 :                                 torture_warning(tctx, "failed with access mask 0x%08x of expected 0x%08x\n",
    1387             :                                        bit, expected_bits);
    1388             :                         }
    1389          38 :                         CHECK_STATUS(status, NT_STATUS_OK);
    1390          38 :                         CHECK_ACCESS_FLAGS(io.ntcreatex.out.file.fnum, bit | SEC_FILE_READ_ATTRIBUTE);
    1391          38 :                         smbcli_close(cli->tree, io.ntcreatex.out.file.fnum);
    1392             :                 } else {
    1393         266 :                         if (NT_STATUS_IS_OK(status)) {
    1394           0 :                                 torture_warning(tctx, "open succeeded with access mask 0x%08x of "
    1395             :                                         "expected 0x%08x - should fail\n",
    1396             :                                        bit, expected_bits);
    1397             :                         }
    1398         266 :                         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
    1399             :                 }
    1400             :         }
    1401             : 
    1402          19 :         torture_comment(tctx, "put back original sd\n");
    1403          19 :         set.set_secdesc.in.sd = sd_orig;
    1404          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
    1405          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1406             : 
    1407          19 : done:
    1408          19 :         smbcli_close(cli->tree, fnum);
    1409          19 :         smbcli_unlink(cli->tree, fname);
    1410          19 :         smb_raw_exit(cli->session);
    1411          19 :         smbcli_deltree(cli->tree, BASEDIR);
    1412          19 :         return ret;
    1413             : }
    1414             : 
    1415             : 
    1416             : 
    1417             : /*
    1418             :   test the inheritance of ACL flags onto new files and directories
    1419             :   Test copied to smb2/acls.c for SMB2.
    1420             : */
    1421          19 : static bool test_inheritance(struct torture_context *tctx, 
    1422             :                                                          struct smbcli_state *cli)
    1423             : {
    1424           0 :         NTSTATUS status;
    1425           0 :         union smb_open io;
    1426          19 :         const char *dname = BASEDIR "\\inheritance";
    1427          19 :         const char *fname1 = BASEDIR "\\inheritance\\testfile";
    1428          19 :         const char *fname2 = BASEDIR "\\inheritance\\testdir";
    1429          19 :         bool ret = true;
    1430          19 :         int fnum=0, fnum2, i;
    1431           0 :         union smb_fileinfo q;
    1432           0 :         union smb_setfileinfo set;
    1433          19 :         struct security_descriptor *sd, *sd2, *sd_orig=NULL, *sd_def1, *sd_def2;
    1434           0 :         const char *owner_sid, *group_sid;
    1435           0 :         const struct dom_sid *creator_owner;
    1436           0 :         const struct {
    1437             :                 uint32_t parent_flags;
    1438             :                 uint32_t file_flags;
    1439             :                 uint32_t dir_flags;
    1440          19 :         } test_flags[] = {
    1441             :                 {
    1442             :                         0, 
    1443             :                         0,
    1444             :                         0
    1445             :                 },
    1446             :                 {
    1447             :                         SEC_ACE_FLAG_OBJECT_INHERIT,
    1448             :                         0,
    1449             :                         SEC_ACE_FLAG_OBJECT_INHERIT | 
    1450             :                         SEC_ACE_FLAG_INHERIT_ONLY,
    1451             :                 },
    1452             :                 {
    1453             :                         SEC_ACE_FLAG_CONTAINER_INHERIT,
    1454             :                         0,
    1455             :                         SEC_ACE_FLAG_CONTAINER_INHERIT,
    1456             :                 },
    1457             :                 {
    1458             :                         SEC_ACE_FLAG_OBJECT_INHERIT | 
    1459             :                         SEC_ACE_FLAG_CONTAINER_INHERIT,
    1460             :                         0,
    1461             :                         SEC_ACE_FLAG_OBJECT_INHERIT | 
    1462             :                         SEC_ACE_FLAG_CONTAINER_INHERIT,
    1463             :                 },
    1464             :                 {
    1465             :                         SEC_ACE_FLAG_NO_PROPAGATE_INHERIT,
    1466             :                         0,
    1467             :                         0,
    1468             :                 },
    1469             :                 {
    1470             :                         SEC_ACE_FLAG_NO_PROPAGATE_INHERIT | 
    1471             :                         SEC_ACE_FLAG_OBJECT_INHERIT,
    1472             :                         0,
    1473             :                         0,
    1474             :                 },
    1475             :                 {
    1476             :                         SEC_ACE_FLAG_NO_PROPAGATE_INHERIT | 
    1477             :                         SEC_ACE_FLAG_CONTAINER_INHERIT,
    1478             :                         0,
    1479             :                         0,
    1480             :                 },
    1481             :                 {
    1482             :                         SEC_ACE_FLAG_NO_PROPAGATE_INHERIT | 
    1483             :                         SEC_ACE_FLAG_CONTAINER_INHERIT | 
    1484             :                         SEC_ACE_FLAG_OBJECT_INHERIT,
    1485             :                         0,
    1486             :                         0,
    1487             :                 },
    1488             :                 {
    1489             :                         SEC_ACE_FLAG_INHERIT_ONLY,
    1490             :                         0,
    1491             :                         0,
    1492             :                 },
    1493             :                 {
    1494             :                         SEC_ACE_FLAG_INHERIT_ONLY | 
    1495             :                         SEC_ACE_FLAG_OBJECT_INHERIT,
    1496             :                         0,
    1497             :                         SEC_ACE_FLAG_OBJECT_INHERIT | 
    1498             :                         SEC_ACE_FLAG_INHERIT_ONLY,
    1499             :                 },
    1500             :                 {
    1501             :                         SEC_ACE_FLAG_INHERIT_ONLY | 
    1502             :                         SEC_ACE_FLAG_CONTAINER_INHERIT,
    1503             :                         0,
    1504             :                         SEC_ACE_FLAG_CONTAINER_INHERIT,
    1505             :                 },
    1506             :                 {
    1507             :                         SEC_ACE_FLAG_INHERIT_ONLY | 
    1508             :                         SEC_ACE_FLAG_CONTAINER_INHERIT | 
    1509             :                         SEC_ACE_FLAG_OBJECT_INHERIT,
    1510             :                         0,
    1511             :                         SEC_ACE_FLAG_CONTAINER_INHERIT | 
    1512             :                         SEC_ACE_FLAG_OBJECT_INHERIT,
    1513             :                 },
    1514             :                 {
    1515             :                         SEC_ACE_FLAG_INHERIT_ONLY | 
    1516             :                         SEC_ACE_FLAG_NO_PROPAGATE_INHERIT,
    1517             :                         0,
    1518             :                         0,
    1519             :                 },
    1520             :                 {
    1521             :                         SEC_ACE_FLAG_INHERIT_ONLY | 
    1522             :                         SEC_ACE_FLAG_NO_PROPAGATE_INHERIT | 
    1523             :                         SEC_ACE_FLAG_OBJECT_INHERIT,
    1524             :                         0,
    1525             :                         0,
    1526             :                 },
    1527             :                 {
    1528             :                         SEC_ACE_FLAG_INHERIT_ONLY | 
    1529             :                         SEC_ACE_FLAG_NO_PROPAGATE_INHERIT | 
    1530             :                         SEC_ACE_FLAG_CONTAINER_INHERIT,
    1531             :                         0,
    1532             :                         0,
    1533             :                 },
    1534             :                 {
    1535             :                         SEC_ACE_FLAG_INHERIT_ONLY | 
    1536             :                         SEC_ACE_FLAG_NO_PROPAGATE_INHERIT | 
    1537             :                         SEC_ACE_FLAG_CONTAINER_INHERIT | 
    1538             :                         SEC_ACE_FLAG_OBJECT_INHERIT,
    1539             :                         0,
    1540             :                         0,
    1541             :                 }
    1542             :         };
    1543             : 
    1544          19 :         if (!torture_setup_dir(cli, BASEDIR))
    1545           0 :                 return false;
    1546             : 
    1547          19 :         torture_comment(tctx, "TESTING ACL INHERITANCE\n");
    1548             : 
    1549          19 :         io.generic.level = RAW_OPEN_NTCREATEX;
    1550          19 :         io.ntcreatex.in.root_fid.fnum = 0;
    1551          19 :         io.ntcreatex.in.flags = 0;
    1552          19 :         io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL;
    1553          19 :         io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY;
    1554          19 :         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_DIRECTORY;
    1555          19 :         io.ntcreatex.in.share_access = 0;
    1556          19 :         io.ntcreatex.in.alloc_size = 0;
    1557          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
    1558          19 :         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
    1559          19 :         io.ntcreatex.in.security_flags = 0;
    1560          19 :         io.ntcreatex.in.fname = dname;
    1561             : 
    1562          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    1563          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1564          19 :         fnum = io.ntcreatex.out.file.fnum;
    1565             : 
    1566          19 :         torture_comment(tctx, "get the original sd\n");
    1567          19 :         q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
    1568          19 :         q.query_secdesc.in.file.fnum = fnum;
    1569          19 :         q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER | SECINFO_GROUP;
    1570          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
    1571          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1572          19 :         sd_orig = q.query_secdesc.out.sd;
    1573             : 
    1574          19 :         owner_sid = dom_sid_string(tctx, sd_orig->owner_sid);
    1575          19 :         group_sid = dom_sid_string(tctx, sd_orig->group_sid);
    1576             : 
    1577          19 :         torture_comment(tctx, "owner_sid is %s\n", owner_sid);
    1578          19 :         torture_comment(tctx, "group_sid is %s\n", group_sid);
    1579             : 
    1580          19 :         q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
    1581             : 
    1582          19 :         if (torture_setting_bool(tctx, "samba4", false)) {
    1583             :                 /* the default ACL in Samba4 includes the group and
    1584             :                    other permissions */
    1585           1 :                 sd_def1 = security_descriptor_dacl_create(tctx,
    1586             :                                                          0, owner_sid, NULL,
    1587             :                                                          owner_sid,
    1588             :                                                          SEC_ACE_TYPE_ACCESS_ALLOWED,
    1589             :                                                          SEC_RIGHTS_FILE_ALL,
    1590             :                                                          0,
    1591             :                                                          group_sid,
    1592             :                                                          SEC_ACE_TYPE_ACCESS_ALLOWED,
    1593             :                                                          SEC_RIGHTS_FILE_READ | SEC_FILE_EXECUTE,
    1594             :                                                          0,
    1595             :                                                          SID_WORLD,
    1596             :                                                          SEC_ACE_TYPE_ACCESS_ALLOWED,
    1597             :                                                          SEC_RIGHTS_FILE_READ | SEC_FILE_EXECUTE,
    1598             :                                                          0,
    1599             :                                                          SID_NT_SYSTEM,
    1600             :                                                          SEC_ACE_TYPE_ACCESS_ALLOWED,
    1601             :                                                          SEC_RIGHTS_FILE_ALL,
    1602             :                                                          0,
    1603             :                                                          NULL);
    1604             :         } else {
    1605             :                 /*
    1606             :                  * The Windows Default ACL for a new file, when there is no ACL to be
    1607             :                  * inherited: FullControl for the owner and SYSTEM.
    1608             :                  */
    1609          18 :                 sd_def1 = security_descriptor_dacl_create(tctx,
    1610             :                                                          0, owner_sid, NULL,
    1611             :                                                          owner_sid,
    1612             :                                                          SEC_ACE_TYPE_ACCESS_ALLOWED,
    1613             :                                                          SEC_RIGHTS_FILE_ALL,
    1614             :                                                          0,
    1615             :                                                          SID_NT_SYSTEM,
    1616             :                                                          SEC_ACE_TYPE_ACCESS_ALLOWED,
    1617             :                                                          SEC_RIGHTS_FILE_ALL,
    1618             :                                                          0,
    1619             :                                                          NULL);
    1620             :         }
    1621             : 
    1622             :         /*
    1623             :          * Use this in the case the system being tested does not add an ACE for
    1624             :          * the SYSTEM SID.
    1625             :          */
    1626          19 :         sd_def2 = security_descriptor_dacl_create(tctx,
    1627             :                                             0, owner_sid, NULL,
    1628             :                                             owner_sid,
    1629             :                                             SEC_ACE_TYPE_ACCESS_ALLOWED,
    1630             :                                             SEC_RIGHTS_FILE_ALL,
    1631             :                                             0,
    1632             :                                             NULL);
    1633             : 
    1634          19 :         creator_owner = dom_sid_parse_talloc(tctx, SID_CREATOR_OWNER);
    1635             : 
    1636         323 :         for (i=0;i<ARRAY_SIZE(test_flags);i++) {
    1637         304 :                 sd = security_descriptor_dacl_create(tctx,
    1638             :                                                 0, NULL, NULL,
    1639             :                                                 SID_CREATOR_OWNER,
    1640             :                                                 SEC_ACE_TYPE_ACCESS_ALLOWED,
    1641             :                                                 SEC_FILE_WRITE_DATA,
    1642         304 :                                                 test_flags[i].parent_flags,
    1643             :                                                 SID_WORLD,
    1644             :                                                 SEC_ACE_TYPE_ACCESS_ALLOWED,
    1645             :                                                 SEC_FILE_ALL | SEC_STD_ALL,
    1646             :                                                 0,
    1647             :                                                 NULL);
    1648         304 :                 set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
    1649         304 :                 set.set_secdesc.in.file.fnum = fnum;
    1650         304 :                 set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
    1651         304 :                 set.set_secdesc.in.sd = sd;
    1652         304 :                 status = smb_raw_setfileinfo(cli->tree, &set);
    1653         304 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1654             : 
    1655         304 :                 io.ntcreatex.in.fname = fname1;
    1656         304 :                 io.ntcreatex.in.create_options = 0;
    1657         304 :                 status = smb_raw_open(cli->tree, tctx, &io);
    1658         304 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1659         304 :                 fnum2 = io.ntcreatex.out.file.fnum;
    1660             : 
    1661         304 :                 q.query_secdesc.in.file.fnum = fnum2;
    1662         304 :                 status = smb_raw_fileinfo(cli->tree, tctx, &q);
    1663         304 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1664             : 
    1665         304 :                 smbcli_close(cli->tree, fnum2);
    1666         304 :                 smbcli_unlink(cli->tree, fname1);
    1667             : 
    1668         304 :                 if (!(test_flags[i].parent_flags & SEC_ACE_FLAG_OBJECT_INHERIT)) {
    1669         152 :                         if (!security_descriptor_equal(q.query_secdesc.out.sd, sd_def1) &&
    1670         144 :                             !security_descriptor_equal(q.query_secdesc.out.sd, sd_def2)) {
    1671         144 :                                 torture_warning(tctx, "Expected default sd "
    1672             :                                     "for i=%d:\n", i);
    1673         144 :                                 NDR_PRINT_DEBUG(security_descriptor, sd_def1);
    1674         144 :                                 torture_warning(tctx, "at %d - got:\n", i);
    1675         144 :                                 NDR_PRINT_DEBUG(security_descriptor, q.query_secdesc.out.sd);
    1676             :                         }
    1677         152 :                         goto check_dir;
    1678             :                 }
    1679             : 
    1680         152 :                 if (q.query_secdesc.out.sd->dacl == NULL ||
    1681         152 :                     q.query_secdesc.out.sd->dacl->num_aces != 1 ||
    1682         152 :                     q.query_secdesc.out.sd->dacl->aces[0].access_mask != SEC_FILE_WRITE_DATA ||
    1683         152 :                     !dom_sid_equal(&q.query_secdesc.out.sd->dacl->aces[0].trustee,
    1684         152 :                                    sd_orig->owner_sid)) {
    1685           0 :                         ret = false;
    1686           0 :                         torture_warning(tctx, "Bad sd in child file at %d\n", i);
    1687           0 :                         NDR_PRINT_DEBUG(security_descriptor, q.query_secdesc.out.sd);
    1688           0 :                         goto check_dir;
    1689             :                 }
    1690             : 
    1691         152 :                 if (q.query_secdesc.out.sd->dacl->aces[0].flags != 
    1692         152 :                     test_flags[i].file_flags) {
    1693           0 :                         torture_warning(tctx, "incorrect file_flags 0x%x - expected 0x%x for parent 0x%x with (i=%d)\n",
    1694           0 :                                q.query_secdesc.out.sd->dacl->aces[0].flags,
    1695           0 :                                test_flags[i].file_flags,
    1696           0 :                                test_flags[i].parent_flags,
    1697             :                                i);
    1698           0 :                         ret = false;
    1699             :                 }
    1700             : 
    1701         152 :         check_dir:
    1702         304 :                 io.ntcreatex.in.fname = fname2;
    1703         304 :                 io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY;
    1704         304 :                 status = smb_raw_open(cli->tree, tctx, &io);
    1705         304 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1706         304 :                 fnum2 = io.ntcreatex.out.file.fnum;
    1707             : 
    1708         304 :                 q.query_secdesc.in.file.fnum = fnum2;
    1709         304 :                 status = smb_raw_fileinfo(cli->tree, tctx, &q);
    1710         304 :                 CHECK_STATUS(status, NT_STATUS_OK);
    1711             : 
    1712         304 :                 smbcli_close(cli->tree, fnum2);
    1713         304 :                 smbcli_rmdir(cli->tree, fname2);
    1714             : 
    1715         304 :                 if (!(test_flags[i].parent_flags & SEC_ACE_FLAG_CONTAINER_INHERIT) &&
    1716         152 :                     (!(test_flags[i].parent_flags & SEC_ACE_FLAG_OBJECT_INHERIT) ||
    1717          76 :                      (test_flags[i].parent_flags & SEC_ACE_FLAG_NO_PROPAGATE_INHERIT))) {
    1718         114 :                         if (!security_descriptor_equal(q.query_secdesc.out.sd, sd_def1) &&
    1719         108 :                             !security_descriptor_equal(q.query_secdesc.out.sd, sd_def2)) {
    1720         108 :                                 torture_warning(tctx, "Expected default sd for dir at %d:\n", i);
    1721         108 :                                 NDR_PRINT_DEBUG(security_descriptor, sd_def1);
    1722         108 :                                 torture_warning(tctx, "got:\n");
    1723         108 :                                 NDR_PRINT_DEBUG(security_descriptor, q.query_secdesc.out.sd);
    1724             :                         }
    1725         114 :                         continue;
    1726             :                 }
    1727             : 
    1728         190 :                 if ((test_flags[i].parent_flags & SEC_ACE_FLAG_CONTAINER_INHERIT) && 
    1729         152 :                     (test_flags[i].parent_flags & SEC_ACE_FLAG_NO_PROPAGATE_INHERIT)) {
    1730          76 :                         if (q.query_secdesc.out.sd->dacl == NULL ||
    1731          76 :                             q.query_secdesc.out.sd->dacl->num_aces != 1 ||
    1732          76 :                             q.query_secdesc.out.sd->dacl->aces[0].access_mask != SEC_FILE_WRITE_DATA ||
    1733          76 :                             !dom_sid_equal(&q.query_secdesc.out.sd->dacl->aces[0].trustee,
    1734          76 :                                            sd_orig->owner_sid) ||
    1735          76 :                             q.query_secdesc.out.sd->dacl->aces[0].flags != test_flags[i].dir_flags) {
    1736           0 :                                 torture_warning(tctx, "(CI & NP) Bad sd in child dir - expected 0x%x for parent 0x%x (i=%d)\n",
    1737           0 :                                        test_flags[i].dir_flags,
    1738           0 :                                        test_flags[i].parent_flags, i);
    1739           0 :                                 NDR_PRINT_DEBUG(security_descriptor, q.query_secdesc.out.sd);
    1740           0 :                                 torture_comment(tctx, "FYI, here is the parent sd:\n");
    1741           0 :                                 NDR_PRINT_DEBUG(security_descriptor, sd);
    1742           0 :                                 ret = false;
    1743           0 :                                 continue;
    1744             :                         }
    1745         114 :                 } else if (test_flags[i].parent_flags & SEC_ACE_FLAG_CONTAINER_INHERIT) {
    1746          76 :                         if (q.query_secdesc.out.sd->dacl == NULL ||
    1747          76 :                             q.query_secdesc.out.sd->dacl->num_aces != 2 ||
    1748          76 :                             q.query_secdesc.out.sd->dacl->aces[0].access_mask != SEC_FILE_WRITE_DATA ||
    1749          76 :                             !dom_sid_equal(&q.query_secdesc.out.sd->dacl->aces[0].trustee,
    1750          76 :                                            sd_orig->owner_sid) ||
    1751          76 :                             q.query_secdesc.out.sd->dacl->aces[1].access_mask != SEC_FILE_WRITE_DATA ||
    1752          76 :                             !dom_sid_equal(&q.query_secdesc.out.sd->dacl->aces[1].trustee,
    1753          76 :                                            creator_owner) ||
    1754          76 :                             q.query_secdesc.out.sd->dacl->aces[0].flags != 0 ||
    1755          76 :                             q.query_secdesc.out.sd->dacl->aces[1].flags != 
    1756          76 :                             (test_flags[i].dir_flags | SEC_ACE_FLAG_INHERIT_ONLY)) {
    1757           0 :                                 torture_warning(tctx, "(CI) Bad sd in child dir - expected 0x%x for parent 0x%x (i=%d)\n",
    1758           0 :                                        test_flags[i].dir_flags,
    1759           0 :                                        test_flags[i].parent_flags, i);
    1760           0 :                                 NDR_PRINT_DEBUG(security_descriptor, q.query_secdesc.out.sd);
    1761           0 :                                 torture_comment(tctx, "FYI, here is the parent sd:\n");
    1762           0 :                                 NDR_PRINT_DEBUG(security_descriptor, sd);
    1763           0 :                                 ret = false;
    1764           0 :                                 continue;
    1765             :                         }
    1766             :                 } else {
    1767          38 :                         if (q.query_secdesc.out.sd->dacl == NULL ||
    1768          38 :                             q.query_secdesc.out.sd->dacl->num_aces != 1 ||
    1769          38 :                             q.query_secdesc.out.sd->dacl->aces[0].access_mask != SEC_FILE_WRITE_DATA ||
    1770          38 :                             !dom_sid_equal(&q.query_secdesc.out.sd->dacl->aces[0].trustee,
    1771          38 :                                            creator_owner) ||
    1772          38 :                             q.query_secdesc.out.sd->dacl->aces[0].flags != test_flags[i].dir_flags) {
    1773           0 :                                 torture_warning(tctx, "(0) Bad sd in child dir - expected 0x%x for parent 0x%x (i=%d)\n",
    1774           0 :                                        test_flags[i].dir_flags,
    1775           0 :                                        test_flags[i].parent_flags, i);
    1776           0 :                                 NDR_PRINT_DEBUG(security_descriptor, q.query_secdesc.out.sd);
    1777           0 :                                 torture_comment(tctx, "FYI, here is the parent sd:\n");
    1778           0 :                                 NDR_PRINT_DEBUG(security_descriptor, sd);
    1779           0 :                                 ret = false;
    1780           0 :                                 continue;
    1781             :                         }
    1782             :                 }
    1783             :         }
    1784             : 
    1785          19 :         torture_comment(tctx, "Testing access checks on inherited create with %s\n", fname1);
    1786          19 :         sd = security_descriptor_dacl_create(tctx,
    1787             :                                         0, NULL, NULL,
    1788             :                                         owner_sid,
    1789             :                                         SEC_ACE_TYPE_ACCESS_ALLOWED,
    1790             :                                         SEC_FILE_WRITE_DATA | SEC_STD_WRITE_DAC,
    1791             :                                         SEC_ACE_FLAG_OBJECT_INHERIT,
    1792             :                                         SID_WORLD,
    1793             :                                         SEC_ACE_TYPE_ACCESS_ALLOWED,
    1794             :                                         SEC_FILE_ALL | SEC_STD_ALL,
    1795             :                                         0,
    1796             :                                         NULL);
    1797          19 :         set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
    1798          19 :         set.set_secdesc.in.file.fnum = fnum;
    1799          19 :         set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
    1800          19 :         set.set_secdesc.in.sd = sd;
    1801          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
    1802          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1803             : 
    1804             :         /* Check DACL we just set. */
    1805          19 :         torture_comment(tctx, "checking new sd\n");
    1806          19 :         q.query_secdesc.in.file.fnum = fnum;
    1807          19 :         q.query_secdesc.in.secinfo_flags = SECINFO_DACL;
    1808          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
    1809          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1810          19 :         CHECK_SECURITY_DESCRIPTOR(q.query_secdesc.out.sd, sd);
    1811             : 
    1812          19 :         io.ntcreatex.in.fname = fname1;
    1813          19 :         io.ntcreatex.in.create_options = 0;
    1814          19 :         io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL;
    1815          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
    1816          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    1817          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1818          19 :         fnum2 = io.ntcreatex.out.file.fnum;
    1819          19 :         CHECK_ACCESS_FLAGS(fnum2, SEC_RIGHTS_FILE_ALL);
    1820             : 
    1821          19 :         q.query_secdesc.in.file.fnum = fnum2;
    1822          19 :         q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
    1823          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
    1824          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1825          19 :         smbcli_close(cli->tree, fnum2);
    1826             : 
    1827          19 :         sd2 = security_descriptor_dacl_create(tctx,
    1828             :                                          0, owner_sid, NULL,
    1829             :                                          owner_sid,
    1830             :                                          SEC_ACE_TYPE_ACCESS_ALLOWED,
    1831             :                                          SEC_FILE_WRITE_DATA | SEC_STD_WRITE_DAC,
    1832             :                                          0,
    1833             :                                          NULL);
    1834          19 :         CHECK_SECURITY_DESCRIPTOR(q.query_secdesc.out.sd, sd2);
    1835             : 
    1836          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
    1837          19 :         io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL;
    1838          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    1839          19 :         if (NT_STATUS_IS_OK(status)) {
    1840           0 :                 torture_warning(tctx, "failed: w2k3 ACL bug (allowed open when ACL should deny)\n");
    1841           0 :                 ret = false;
    1842           0 :                 fnum2 = io.ntcreatex.out.file.fnum;
    1843           0 :                 CHECK_ACCESS_FLAGS(fnum2, SEC_RIGHTS_FILE_ALL);
    1844           0 :                 smbcli_close(cli->tree, fnum2);
    1845             :         } else {
    1846          19 :                 if (TARGET_IS_WIN7(tctx)) {
    1847           0 :                         CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
    1848             :                 } else {
    1849          19 :                         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
    1850             :                 }
    1851             :         }
    1852             : 
    1853          19 :         torture_comment(tctx, "trying without execute\n");
    1854          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
    1855          19 :         io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL & ~SEC_FILE_EXECUTE;
    1856          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    1857          19 :         if (TARGET_IS_WIN7(tctx)) {
    1858           0 :                 CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
    1859             :         } else {
    1860          19 :                 CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
    1861             :         }
    1862             : 
    1863          19 :         torture_comment(tctx, "and with full permissions again\n");
    1864          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
    1865          19 :         io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL;
    1866          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    1867          19 :         if (TARGET_IS_WIN7(tctx)) {
    1868           0 :                 CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
    1869             :         } else {
    1870          19 :                 CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
    1871             :         }
    1872             : 
    1873          19 :         io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA;
    1874          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    1875          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1876          19 :         fnum2 = io.ntcreatex.out.file.fnum;
    1877          19 :         CHECK_ACCESS_FLAGS(fnum2, SEC_FILE_WRITE_DATA | SEC_FILE_READ_ATTRIBUTE);
    1878          19 :         smbcli_close(cli->tree, fnum2);
    1879             : 
    1880          19 :         torture_comment(tctx, "put back original sd\n");
    1881          19 :         set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
    1882          19 :         set.set_secdesc.in.file.fnum = fnum;
    1883          19 :         set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
    1884          19 :         set.set_secdesc.in.sd = sd_orig;
    1885          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
    1886          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1887             : 
    1888          19 :         smbcli_close(cli->tree, fnum);
    1889             : 
    1890          19 :         io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL;
    1891          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    1892          19 :         if (TARGET_IS_WIN7(tctx)) {
    1893           0 :                 CHECK_STATUS(status, NT_STATUS_OBJECT_NAME_NOT_FOUND);
    1894             :         } else {
    1895          19 :                 CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
    1896             :         }
    1897             : 
    1898          19 :         io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA;
    1899          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    1900          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    1901          19 :         fnum2 = io.ntcreatex.out.file.fnum;
    1902          19 :         CHECK_ACCESS_FLAGS(fnum2, SEC_FILE_WRITE_DATA | SEC_FILE_READ_ATTRIBUTE);
    1903          19 :         smbcli_close(cli->tree, fnum2);
    1904             : 
    1905          19 : done:
    1906          19 :         if (sd_orig != NULL) {
    1907          19 :                 set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
    1908          19 :                 set.set_secdesc.in.file.fnum = fnum;
    1909          19 :                 set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
    1910          19 :                 set.set_secdesc.in.sd = sd_orig;
    1911          19 :                 status = smb_raw_setfileinfo(cli->tree, &set);
    1912             :         }
    1913             : 
    1914          19 :         smbcli_close(cli->tree, fnum);
    1915          19 :         smbcli_unlink(cli->tree, fname1);
    1916          19 :         smbcli_rmdir(cli->tree, dname);
    1917          19 :         smb_raw_exit(cli->session);
    1918          19 :         smbcli_deltree(cli->tree, BASEDIR);
    1919             : 
    1920          19 :         if (!ret) {
    1921           0 :                 torture_result(tctx,
    1922             :                         TORTURE_FAIL, "(%s) test_inheritance\n",
    1923             :                         __location__);
    1924             :         }
    1925             : 
    1926          19 :         return ret;
    1927             : }
    1928             : 
    1929          19 : static bool test_inheritance_flags(struct torture_context *tctx,
    1930             :     struct smbcli_state *cli)
    1931             : {
    1932           0 :         NTSTATUS status;
    1933           0 :         union smb_open io;
    1934          19 :         const char *dname = BASEDIR "\\inheritance";
    1935          19 :         const char *fname1 = BASEDIR "\\inheritance\\testfile";
    1936          19 :         bool ret = true;
    1937          19 :         int fnum=0, fnum2, i, j;
    1938           0 :         union smb_fileinfo q;
    1939           0 :         union smb_setfileinfo set;
    1940          19 :         struct security_descriptor *sd, *sd2, *sd_orig=NULL;
    1941           0 :         const char *owner_sid;
    1942           0 :         struct {
    1943             :                 uint32_t parent_set_sd_type; /* 3 options */
    1944             :                 uint32_t parent_set_ace_inherit; /* 1 option */
    1945             :                 uint32_t parent_get_sd_type;
    1946             :                 uint32_t parent_get_ace_inherit;
    1947             :                 uint32_t child_get_sd_type;
    1948             :                 uint32_t child_get_ace_inherit;
    1949          19 :         } tflags[16] = {{0}}; /* 2^4 */
    1950             : 
    1951         304 :         for (i = 0; i < 15; i++) {
    1952         285 :                 torture_comment(tctx, "i=%d:", i);
    1953             : 
    1954         285 :                 ZERO_STRUCT(tflags[i]);
    1955             : 
    1956         285 :                 if (i & 1) {
    1957         133 :                         tflags[i].parent_set_sd_type |=
    1958             :                             SEC_DESC_DACL_AUTO_INHERITED;
    1959         133 :                         torture_comment(tctx, "AUTO_INHERITED, ");
    1960             :                 }
    1961         285 :                 if (i & 2) {
    1962         133 :                         tflags[i].parent_set_sd_type |=
    1963             :                             SEC_DESC_DACL_AUTO_INHERIT_REQ;
    1964         133 :                         torture_comment(tctx, "AUTO_INHERIT_REQ, ");
    1965             :                 }
    1966         285 :                 if (i & 4) {
    1967         133 :                         tflags[i].parent_set_sd_type |=
    1968             :                             SEC_DESC_DACL_PROTECTED;
    1969         133 :                         tflags[i].parent_get_sd_type |=
    1970             :                             SEC_DESC_DACL_PROTECTED;
    1971         133 :                         torture_comment(tctx, "PROTECTED, ");
    1972             :                 }
    1973         285 :                 if (i & 8) {
    1974         133 :                         tflags[i].parent_set_ace_inherit |=
    1975             :                             SEC_ACE_FLAG_INHERITED_ACE;
    1976         133 :                         tflags[i].parent_get_ace_inherit |=
    1977             :                             SEC_ACE_FLAG_INHERITED_ACE;
    1978         133 :                         torture_comment(tctx, "INHERITED, ");
    1979             :                 }
    1980             : 
    1981         285 :                 if ((tflags[i].parent_set_sd_type &
    1982             :                     (SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_DACL_AUTO_INHERIT_REQ)) ==
    1983             :                     (SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_DACL_AUTO_INHERIT_REQ)) {
    1984          57 :                         tflags[i].parent_get_sd_type |=
    1985             :                             SEC_DESC_DACL_AUTO_INHERITED;
    1986          57 :                         tflags[i].child_get_sd_type |=
    1987             :                             SEC_DESC_DACL_AUTO_INHERITED;
    1988          57 :                         tflags[i].child_get_ace_inherit |=
    1989             :                             SEC_ACE_FLAG_INHERITED_ACE;
    1990          57 :                         torture_comment(tctx, "  ... parent is AUTO INHERITED");
    1991             :                 }
    1992             : 
    1993         285 :                 if (tflags[i].parent_set_ace_inherit &
    1994             :                     SEC_ACE_FLAG_INHERITED_ACE) {
    1995         133 :                         tflags[i].parent_get_ace_inherit =
    1996             :                             SEC_ACE_FLAG_INHERITED_ACE;
    1997         133 :                         torture_comment(tctx, "  ... parent ACE is INHERITED");
    1998             :                 }
    1999             : 
    2000         285 :                 torture_comment(tctx, "\n");
    2001             :         }
    2002             : 
    2003          19 :         if (!torture_setup_dir(cli, BASEDIR))
    2004           0 :                 return false;
    2005             : 
    2006          19 :         torture_comment(tctx, "TESTING ACL INHERITANCE FLAGS\n");
    2007             : 
    2008          19 :         ZERO_STRUCT(io);
    2009             : 
    2010          19 :         io.generic.level = RAW_OPEN_NTCREATEX;
    2011          19 :         io.ntcreatex.in.root_fid.fnum = 0;
    2012          19 :         io.ntcreatex.in.flags = 0;
    2013          19 :         io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL;
    2014          19 :         io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY;
    2015          19 :         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_DIRECTORY;
    2016          19 :         io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_MASK;
    2017          19 :         io.ntcreatex.in.alloc_size = 0;
    2018          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
    2019          19 :         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
    2020          19 :         io.ntcreatex.in.security_flags = 0;
    2021          19 :         io.ntcreatex.in.fname = dname;
    2022             : 
    2023          19 :         torture_comment(tctx, "creating initial directory %s\n", dname);
    2024          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    2025          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    2026          19 :         fnum = io.ntcreatex.out.file.fnum;
    2027             : 
    2028          19 :         torture_comment(tctx, "getting original sd\n");
    2029          19 :         q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
    2030          19 :         q.query_secdesc.in.file.fnum = fnum;
    2031          19 :         q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
    2032          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
    2033          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    2034          19 :         sd_orig = q.query_secdesc.out.sd;
    2035             : 
    2036          19 :         owner_sid = dom_sid_string(tctx, sd_orig->owner_sid);
    2037          19 :         torture_comment(tctx, "owner_sid is %s\n", owner_sid);
    2038             : 
    2039         323 :         for (i=0; i < ARRAY_SIZE(tflags); i++) {
    2040         304 :                 torture_comment(tctx, "setting a new sd on directory, pass #%d\n", i);
    2041             : 
    2042         304 :                 sd = security_descriptor_dacl_create(tctx,
    2043         304 :                                                 tflags[i].parent_set_sd_type,
    2044             :                                                 NULL, NULL,
    2045             :                                                 owner_sid,
    2046             :                                                 SEC_ACE_TYPE_ACCESS_ALLOWED,
    2047             :                                                 SEC_FILE_WRITE_DATA | SEC_STD_WRITE_DAC,
    2048             :                                                 SEC_ACE_FLAG_OBJECT_INHERIT |
    2049             :                                                 SEC_ACE_FLAG_CONTAINER_INHERIT |
    2050         304 :                                                 tflags[i].parent_set_ace_inherit,
    2051             :                                                 SID_WORLD,
    2052             :                                                 SEC_ACE_TYPE_ACCESS_ALLOWED,
    2053             :                                                 SEC_FILE_ALL | SEC_STD_ALL,
    2054             :                                                 0,
    2055             :                                                 NULL);
    2056         304 :                 set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
    2057         304 :                 set.set_secdesc.in.file.fnum = fnum;
    2058         304 :                 set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
    2059         304 :                 set.set_secdesc.in.sd = sd;
    2060         304 :                 status = smb_raw_setfileinfo(cli->tree, &set);
    2061         304 :                 CHECK_STATUS(status, NT_STATUS_OK);
    2062             : 
    2063             :                 /*
    2064             :                  * Check DACL we just set, except change the bits to what they
    2065             :                  * should be.
    2066             :                  */
    2067         304 :                 torture_comment(tctx, "  checking new sd\n");
    2068             : 
    2069             :                 /* REQ bit should always be false. */
    2070         304 :                 sd->type &= ~SEC_DESC_DACL_AUTO_INHERIT_REQ;
    2071             : 
    2072         304 :                 if ((tflags[i].parent_get_sd_type & SEC_DESC_DACL_AUTO_INHERITED) == 0)
    2073         247 :                         sd->type &= ~SEC_DESC_DACL_AUTO_INHERITED;
    2074             : 
    2075         304 :                 q.query_secdesc.in.file.fnum = fnum;
    2076         304 :                 q.query_secdesc.in.secinfo_flags = SECINFO_DACL;
    2077         304 :                 status = smb_raw_fileinfo(cli->tree, tctx, &q);
    2078         304 :                 CHECK_STATUS(status, NT_STATUS_OK);
    2079         304 :                 CHECK_SECURITY_DESCRIPTOR(q.query_secdesc.out.sd, sd);
    2080             : 
    2081             :                 /* Create file. */
    2082         304 :                 torture_comment(tctx, "  creating file %s\n", fname1);
    2083         304 :                 io.ntcreatex.in.fname = fname1;
    2084         304 :                 io.ntcreatex.in.create_options = 0;
    2085         304 :                 io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
    2086         304 :                 io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL;
    2087         304 :                 io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
    2088         304 :                 status = smb_raw_open(cli->tree, tctx, &io);
    2089         304 :                 CHECK_STATUS(status, NT_STATUS_OK);
    2090         304 :                 fnum2 = io.ntcreatex.out.file.fnum;
    2091         304 :                 CHECK_ACCESS_FLAGS(fnum2, SEC_RIGHTS_FILE_ALL);
    2092             : 
    2093         304 :                 q.query_secdesc.in.file.fnum = fnum2;
    2094         304 :                 q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
    2095         304 :                 status = smb_raw_fileinfo(cli->tree, tctx, &q);
    2096         304 :                 CHECK_STATUS(status, NT_STATUS_OK);
    2097             : 
    2098         304 :                 torture_comment(tctx, "  checking sd on file %s\n", fname1);
    2099         304 :                 sd2 = security_descriptor_dacl_create(tctx,
    2100         304 :                                                  tflags[i].child_get_sd_type,
    2101             :                                                  owner_sid, NULL,
    2102             :                                                  owner_sid,
    2103             :                                                  SEC_ACE_TYPE_ACCESS_ALLOWED,
    2104             :                                                  SEC_FILE_WRITE_DATA | SEC_STD_WRITE_DAC,
    2105             :                                                  tflags[i].child_get_ace_inherit,
    2106             :                                                  NULL);
    2107         304 :                 CHECK_SECURITY_DESCRIPTOR(q.query_secdesc.out.sd, sd2);
    2108             : 
    2109             :                 /*
    2110             :                  * Set new sd on file ... prove that the bits have nothing to
    2111             :                  * do with the parents bits when manually setting an ACL. The
    2112             :                  * _AUTO_INHERITED bit comes directly from the ACL set.
    2113             :                  */
    2114        5168 :                 for (j = 0; j < ARRAY_SIZE(tflags); j++) {
    2115        4864 :                         torture_comment(tctx, "  setting new file sd, pass #%d\n", j);
    2116             : 
    2117             :                         /* Change sd type. */
    2118        4864 :                         sd2->type &= ~(SEC_DESC_DACL_AUTO_INHERITED |
    2119             :                             SEC_DESC_DACL_AUTO_INHERIT_REQ |
    2120             :                             SEC_DESC_DACL_PROTECTED);
    2121        4864 :                         sd2->type |= tflags[j].parent_set_sd_type;
    2122             : 
    2123        4864 :                         sd2->dacl->aces[0].flags &=
    2124             :                             ~SEC_ACE_FLAG_INHERITED_ACE;
    2125        4864 :                         sd2->dacl->aces[0].flags |=
    2126        4864 :                             tflags[j].parent_set_ace_inherit;
    2127             : 
    2128        4864 :                         set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
    2129        4864 :                         set.set_secdesc.in.file.fnum = fnum2;
    2130        4864 :                         set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
    2131        4864 :                         set.set_secdesc.in.sd = sd2;
    2132        4864 :                         status = smb_raw_setfileinfo(cli->tree, &set);
    2133        4864 :                         CHECK_STATUS(status, NT_STATUS_OK);
    2134             : 
    2135             :                         /* Check DACL we just set. */
    2136        4864 :                         sd2->type &= ~SEC_DESC_DACL_AUTO_INHERIT_REQ;
    2137        4864 :                         if ((tflags[j].parent_get_sd_type & SEC_DESC_DACL_AUTO_INHERITED) == 0)
    2138        3952 :                                 sd2->type &= ~SEC_DESC_DACL_AUTO_INHERITED;
    2139             : 
    2140        4864 :                         q.query_secdesc.in.file.fnum = fnum2;
    2141        4864 :                         q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
    2142        4864 :                         status = smb_raw_fileinfo(cli->tree, tctx, &q);
    2143        4864 :                         CHECK_STATUS(status, NT_STATUS_OK);
    2144             : 
    2145        4864 :                         CHECK_SECURITY_DESCRIPTOR(q.query_secdesc.out.sd, sd2);
    2146             :                 }
    2147             : 
    2148         304 :                 smbcli_close(cli->tree, fnum2);
    2149         304 :                 smbcli_unlink(cli->tree, fname1);
    2150             :         }
    2151             : 
    2152          19 : done:
    2153          19 :         smbcli_close(cli->tree, fnum);
    2154          19 :         smb_raw_exit(cli->session);
    2155          19 :         smbcli_deltree(cli->tree, BASEDIR);
    2156             : 
    2157          19 :         if (!ret) {
    2158           9 :                 torture_result(tctx,
    2159             :                         TORTURE_FAIL, "(%s) test_inheritance_flags\n",
    2160             :                         __location__);
    2161             :         }
    2162             : 
    2163          19 :         return ret;
    2164             : }
    2165             : 
    2166             : /*
    2167             :   test dynamic acl inheritance
    2168             :   Test copied to smb2/acls.c for SMB2.
    2169             : */
    2170          19 : static bool test_inheritance_dynamic(struct torture_context *tctx, 
    2171             :                                                                          struct smbcli_state *cli)
    2172             : {
    2173           0 :         NTSTATUS status;
    2174           0 :         union smb_open io;
    2175          19 :         const char *dname = BASEDIR "\\inheritance2";
    2176          19 :         const char *fname1 = BASEDIR "\\inheritance2\\testfile";
    2177          19 :         bool ret = true;
    2178          19 :         int fnum=0, fnum2;
    2179           0 :         union smb_fileinfo q;
    2180           0 :         union smb_setfileinfo set;
    2181          19 :         struct security_descriptor *sd, *sd_orig=NULL;
    2182           0 :         const char *owner_sid;
    2183             :         
    2184          19 :         torture_comment(tctx, "TESTING DYNAMIC ACL INHERITANCE\n");
    2185             : 
    2186          19 :         if (!torture_setup_dir(cli, BASEDIR))
    2187           0 :                 return false;
    2188             : 
    2189          19 :         io.generic.level = RAW_OPEN_NTCREATEX;
    2190          19 :         io.ntcreatex.in.root_fid.fnum = 0;
    2191          19 :         io.ntcreatex.in.flags = 0;
    2192          19 :         io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL;
    2193          19 :         io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY;
    2194          19 :         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_DIRECTORY;
    2195          19 :         io.ntcreatex.in.share_access = 0;
    2196          19 :         io.ntcreatex.in.alloc_size = 0;
    2197          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
    2198          19 :         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
    2199          19 :         io.ntcreatex.in.security_flags = 0;
    2200          19 :         io.ntcreatex.in.fname = dname;
    2201             : 
    2202          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    2203          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    2204          19 :         fnum = io.ntcreatex.out.file.fnum;
    2205             : 
    2206          19 :         torture_comment(tctx, "get the original sd\n");
    2207          19 :         q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
    2208          19 :         q.query_secdesc.in.file.fnum = fnum;
    2209          19 :         q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
    2210          19 :         status = smb_raw_fileinfo(cli->tree, tctx, &q);
    2211          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    2212          19 :         sd_orig = q.query_secdesc.out.sd;
    2213             : 
    2214          19 :         owner_sid = dom_sid_string(tctx, sd_orig->owner_sid);
    2215             : 
    2216          19 :         torture_comment(tctx, "owner_sid is %s\n", owner_sid);
    2217             : 
    2218          19 :         sd = security_descriptor_dacl_create(tctx,
    2219             :                                         0, NULL, NULL,
    2220             :                                         owner_sid,
    2221             :                                         SEC_ACE_TYPE_ACCESS_ALLOWED,
    2222             :                                         SEC_FILE_WRITE_DATA | SEC_STD_DELETE | SEC_FILE_READ_ATTRIBUTE,
    2223             :                                         SEC_ACE_FLAG_OBJECT_INHERIT,
    2224             :                                         NULL);
    2225          19 :         sd->type |= SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_DACL_AUTO_INHERIT_REQ;
    2226             : 
    2227          19 :         set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
    2228          19 :         set.set_secdesc.in.file.fnum = fnum;
    2229          19 :         set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
    2230          19 :         set.set_secdesc.in.sd = sd;
    2231          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
    2232          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    2233             : 
    2234          19 :         torture_comment(tctx, "create a file with an inherited acl\n");
    2235          19 :         io.ntcreatex.in.fname = fname1;
    2236          19 :         io.ntcreatex.in.create_options = 0;
    2237          19 :         io.ntcreatex.in.access_mask = SEC_FILE_READ_ATTRIBUTE;
    2238          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE;
    2239          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    2240          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    2241          19 :         fnum2 = io.ntcreatex.out.file.fnum;
    2242          19 :         smbcli_close(cli->tree, fnum2);
    2243             : 
    2244          19 :         torture_comment(tctx, "try and access file with base rights - should be OK\n");
    2245          19 :         io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA;
    2246          19 :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
    2247          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    2248          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    2249          19 :         fnum2 = io.ntcreatex.out.file.fnum;
    2250          19 :         smbcli_close(cli->tree, fnum2);
    2251             : 
    2252          19 :         torture_comment(tctx, "try and access file with extra rights - should be denied\n");
    2253          19 :         io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA | SEC_FILE_EXECUTE;
    2254          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    2255          19 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
    2256             : 
    2257          19 :         torture_comment(tctx, "update parent sd\n");
    2258          19 :         sd = security_descriptor_dacl_create(tctx,
    2259             :                                         0, NULL, NULL,
    2260             :                                         owner_sid,
    2261             :                                         SEC_ACE_TYPE_ACCESS_ALLOWED,
    2262             :                                         SEC_FILE_WRITE_DATA | SEC_STD_DELETE | SEC_FILE_READ_ATTRIBUTE | SEC_FILE_EXECUTE,
    2263             :                                         SEC_ACE_FLAG_OBJECT_INHERIT,
    2264             :                                         NULL);
    2265          19 :         sd->type |= SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_DACL_AUTO_INHERIT_REQ;
    2266             : 
    2267          19 :         set.set_secdesc.in.sd = sd;
    2268          19 :         status = smb_raw_setfileinfo(cli->tree, &set);
    2269          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    2270             : 
    2271          19 :         torture_comment(tctx, "try and access file with base rights - should be OK\n");
    2272          19 :         io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA;
    2273          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    2274          19 :         CHECK_STATUS(status, NT_STATUS_OK);
    2275          19 :         fnum2 = io.ntcreatex.out.file.fnum;
    2276          19 :         smbcli_close(cli->tree, fnum2);
    2277             : 
    2278             : 
    2279          19 :         torture_comment(tctx, "try and access now - should be OK if dynamic inheritance works\n");
    2280          19 :         io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA | SEC_FILE_EXECUTE;
    2281          19 :         status = smb_raw_open(cli->tree, tctx, &io);
    2282          19 :         if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
    2283          19 :                 torture_comment(tctx, "Server does not have dynamic inheritance\n");
    2284             :         }
    2285          19 :         if (NT_STATUS_EQUAL(status, NT_STATUS_OK)) {
    2286           0 :                 torture_comment(tctx, "Server does have dynamic inheritance\n");
    2287             :         }
    2288          19 :         CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
    2289             : 
    2290          19 :         smbcli_unlink(cli->tree, fname1);
    2291             : 
    2292          19 : done:
    2293          19 :         if (sd_orig != NULL) {
    2294          19 :                 torture_comment(tctx, "put back original sd\n");
    2295          19 :                 set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
    2296          19 :                 set.set_secdesc.in.file.fnum = fnum;
    2297          19 :                 set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
    2298          19 :                 set.set_secdesc.in.sd = sd_orig;
    2299          19 :                 status = smb_raw_setfileinfo(cli->tree, &set);
    2300             :         }
    2301          19 :         smbcli_close(cli->tree, fnum);
    2302          19 :         smbcli_rmdir(cli->tree, dname);
    2303          19 :         smb_raw_exit(cli->session);
    2304          19 :         smbcli_deltree(cli->tree, BASEDIR);
    2305             : 
    2306          19 :         return ret;
    2307             : }
    2308             : 
    2309             : #define CHECK_STATUS_FOR_BIT_ACTION(status, bits, action) do { \
    2310             :         if (!(bits & desired_64)) {\
    2311             :                 CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED); \
    2312             :                 action; \
    2313             :         } else { \
    2314             :                 CHECK_STATUS(status, NT_STATUS_OK); \
    2315             :         } \
    2316             : } while (0)
    2317             : 
    2318             : #define CHECK_STATUS_FOR_BIT(status, bits, access) do { \
    2319             :         if (NT_STATUS_IS_OK(status)) { \
    2320             :                 if (!(granted & access)) {\
    2321             :                         ret = false; \
    2322             :                         torture_result(tctx, TORTURE_FAIL, "(%s) %s but flags 0x%08X are not granted! granted[0x%08X] desired[0x%08X]\n", \
    2323             :                                __location__, nt_errstr(status), access, granted, desired); \
    2324             :                         goto done; \
    2325             :                 } \
    2326             :         } else { \
    2327             :                 if (granted & access) {\
    2328             :                         ret = false; \
    2329             :                         torture_result(tctx, TORTURE_FAIL, "(%s) %s but flags 0x%08X are granted! granted[0x%08X] desired[0x%08X]\n", \
    2330             :                                __location__, nt_errstr(status), access, granted, desired); \
    2331             :                         goto done; \
    2332             :                 } \
    2333             :         } \
    2334             :         CHECK_STATUS_FOR_BIT_ACTION(status, bits, do {} while (0)); \
    2335             : } while (0)
    2336             : 
    2337             : #if 0
    2338             : 
    2339             : /* test what access mask is needed for getting and setting security_descriptors
    2340             :   Test copied to smb2/acls.c for SMB2. */
    2341             : static bool test_sd_get_set(struct torture_context *tctx, 
    2342             :                                                         struct smbcli_state *cli)
    2343             : {
    2344             :         NTSTATUS status;
    2345             :         bool ret = true;
    2346             :         union smb_open io;
    2347             :         union smb_fileinfo fi;
    2348             :         union smb_setfileinfo si;
    2349             :         struct security_descriptor *sd;
    2350             :         struct security_descriptor *sd_owner = NULL;
    2351             :         struct security_descriptor *sd_group = NULL;
    2352             :         struct security_descriptor *sd_dacl = NULL;
    2353             :         struct security_descriptor *sd_sacl = NULL;
    2354             :         int fnum=0;
    2355             :         const char *fname = BASEDIR "\\sd_get_set.txt";
    2356             :         uint64_t desired_64;
    2357             :         uint32_t desired = 0, granted;
    2358             :         int i = 0;
    2359             : #define NO_BITS_HACK (((uint64_t)1)<<32)
    2360             :         uint64_t open_bits =
    2361             :                 SEC_MASK_GENERIC |
    2362             :                 SEC_FLAG_SYSTEM_SECURITY |
    2363             :                 SEC_FLAG_MAXIMUM_ALLOWED |
    2364             :                 SEC_STD_ALL |
    2365             :                 SEC_FILE_ALL | 
    2366             :                 NO_BITS_HACK;
    2367             :         uint64_t get_owner_bits = SEC_MASK_GENERIC | SEC_FLAG_MAXIMUM_ALLOWED | SEC_STD_READ_CONTROL;
    2368             :         uint64_t set_owner_bits = SEC_GENERIC_ALL  | SEC_FLAG_MAXIMUM_ALLOWED | SEC_STD_WRITE_OWNER;
    2369             :         uint64_t get_group_bits = SEC_MASK_GENERIC | SEC_FLAG_MAXIMUM_ALLOWED | SEC_STD_READ_CONTROL;
    2370             :         uint64_t set_group_bits = SEC_GENERIC_ALL  | SEC_FLAG_MAXIMUM_ALLOWED | SEC_STD_WRITE_OWNER;
    2371             :         uint64_t get_dacl_bits  = SEC_MASK_GENERIC | SEC_FLAG_MAXIMUM_ALLOWED | SEC_STD_READ_CONTROL;
    2372             :         uint64_t set_dacl_bits  = SEC_GENERIC_ALL  | SEC_FLAG_MAXIMUM_ALLOWED | SEC_STD_WRITE_DAC;
    2373             :         uint64_t get_sacl_bits  = SEC_FLAG_SYSTEM_SECURITY;
    2374             :         uint64_t set_sacl_bits  = SEC_FLAG_SYSTEM_SECURITY;
    2375             : 
    2376             :         if (!torture_setup_dir(cli, BASEDIR))
    2377             :                 return false;
    2378             : 
    2379             :         torture_comment(tctx, "TESTING ACCESS MASKS FOR SD GET/SET\n");
    2380             : 
    2381             :         /* first create a file with full access for everyone */
    2382             :         sd = security_descriptor_dacl_create(tctx,
    2383             :                                         0, SID_NT_ANONYMOUS, SID_BUILTIN_USERS,
    2384             :                                         SID_WORLD,
    2385             :                                         SEC_ACE_TYPE_ACCESS_ALLOWED,
    2386             :                                         SEC_GENERIC_ALL,
    2387             :                                         0,
    2388             :                                         NULL);
    2389             :         sd->type |= SEC_DESC_SACL_PRESENT;
    2390             :         sd->sacl = NULL;
    2391             :         io.ntcreatex.level = RAW_OPEN_NTTRANS_CREATE;
    2392             :         io.ntcreatex.in.root_fid.fnum = 0;
    2393             :         io.ntcreatex.in.flags = 0;
    2394             :         io.ntcreatex.in.access_mask = SEC_GENERIC_ALL;
    2395             :         io.ntcreatex.in.create_options = 0;
    2396             :         io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL;
    2397             :         io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE;
    2398             :         io.ntcreatex.in.alloc_size = 0;
    2399             :         io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OVERWRITE_IF;
    2400             :         io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS;
    2401             :         io.ntcreatex.in.security_flags = 0;
    2402             :         io.ntcreatex.in.fname = fname;
    2403             :         io.ntcreatex.in.sec_desc = sd;
    2404             :         io.ntcreatex.in.ea_list = NULL;
    2405             :         status = smb_raw_open(cli->tree, tctx, &io);
    2406             :         CHECK_STATUS(status, NT_STATUS_OK);
    2407             :         fnum = io.ntcreatex.out.file.fnum;
    2408             : 
    2409             :         status = smbcli_close(cli->tree, fnum);
    2410             :         CHECK_STATUS(status, NT_STATUS_OK);
    2411             : 
    2412             :         /* 
    2413             :          * now try each access_mask bit and no bit at all in a loop
    2414             :          * and see what's allowed
    2415             :          * NOTE: if i == 32 it means access_mask = 0 (see NO_BITS_HACK above)
    2416             :          */
    2417             :         for (i=0; i <= 32; i++) {
    2418             :                 desired_64 = ((uint64_t)1) << i;
    2419             :                 desired = (uint32_t)desired_64;
    2420             : 
    2421             :                 /* first open the file with the desired access */
    2422             :                 io.ntcreatex.level = RAW_OPEN_NTCREATEX;
    2423             :                 io.ntcreatex.in.access_mask = desired;
    2424             :                 io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
    2425             :                 status = smb_raw_open(cli->tree, tctx, &io);
    2426             :                 CHECK_STATUS_FOR_BIT_ACTION(status, open_bits, goto next);
    2427             :                 fnum = io.ntcreatex.out.file.fnum;
    2428             : 
    2429             :                 /* then check what access was granted */
    2430             :                 fi.access_information.level             = RAW_FILEINFO_ACCESS_INFORMATION;
    2431             :                 fi.access_information.in.file.fnum      = fnum;
    2432             :                 status = smb_raw_fileinfo(cli->tree, tctx, &fi);
    2433             :                 CHECK_STATUS(status, NT_STATUS_OK);
    2434             :                 granted = fi.access_information.out.access_flags;
    2435             : 
    2436             :                 /* test the owner */
    2437             :                 ZERO_STRUCT(fi);
    2438             :                 fi.query_secdesc.level                  = RAW_FILEINFO_SEC_DESC;
    2439             :                 fi.query_secdesc.in.file.fnum           = fnum;
    2440             :                 fi.query_secdesc.in.secinfo_flags       = SECINFO_OWNER;
    2441             :                 status = smb_raw_fileinfo(cli->tree, tctx, &fi);
    2442             :                 CHECK_STATUS_FOR_BIT(status, get_owner_bits, SEC_STD_READ_CONTROL);
    2443             :                 if (fi.query_secdesc.out.sd) {
    2444             :                         sd_owner = fi.query_secdesc.out.sd;
    2445             :                 } else if (!sd_owner) {
    2446             :                         sd_owner = sd;
    2447             :                 }
    2448             :                 si.set_secdesc.level                    = RAW_SFILEINFO_SEC_DESC;
    2449             :                 si.set_secdesc.in.file.fnum             = fnum;
    2450             :                 si.set_secdesc.in.secinfo_flags         = SECINFO_OWNER;
    2451             :                 si.set_secdesc.in.sd                    = sd_owner;
    2452             :                 status = smb_raw_setfileinfo(cli->tree, &si);
    2453             :                 CHECK_STATUS_FOR_BIT(status, set_owner_bits, SEC_STD_WRITE_OWNER);
    2454             : 
    2455             :                 /* test the group */
    2456             :                 ZERO_STRUCT(fi);
    2457             :                 fi.query_secdesc.level                  = RAW_FILEINFO_SEC_DESC;
    2458             :                 fi.query_secdesc.in.file.fnum           = fnum;
    2459             :                 fi.query_secdesc.in.secinfo_flags       = SECINFO_GROUP;
    2460             :                 status = smb_raw_fileinfo(cli->tree, tctx, &fi);
    2461             :                 CHECK_STATUS_FOR_BIT(status, get_group_bits, SEC_STD_READ_CONTROL);
    2462             :                 if (fi.query_secdesc.out.sd) {
    2463             :                         sd_group = fi.query_secdesc.out.sd;
    2464             :                 } else if (!sd_group) {
    2465             :                         sd_group = sd;
    2466             :                 }
    2467             :                 si.set_secdesc.level                    = RAW_SFILEINFO_SEC_DESC;
    2468             :                 si.set_secdesc.in.file.fnum             = fnum;
    2469             :                 si.set_secdesc.in.secinfo_flags         = SECINFO_GROUP;
    2470             :                 si.set_secdesc.in.sd                    = sd_group;
    2471             :                 status = smb_raw_setfileinfo(cli->tree, &si);
    2472             :                 CHECK_STATUS_FOR_BIT(status, set_group_bits, SEC_STD_WRITE_OWNER);
    2473             : 
    2474             :                 /* test the DACL */
    2475             :                 ZERO_STRUCT(fi);
    2476             :                 fi.query_secdesc.level                  = RAW_FILEINFO_SEC_DESC;
    2477             :                 fi.query_secdesc.in.file.fnum           = fnum;
    2478             :                 fi.query_secdesc.in.secinfo_flags       = SECINFO_DACL;
    2479             :                 status = smb_raw_fileinfo(cli->tree, tctx, &fi);
    2480             :                 CHECK_STATUS_FOR_BIT(status, get_dacl_bits, SEC_STD_READ_CONTROL);
    2481             :                 if (fi.query_secdesc.out.sd) {
    2482             :                         sd_dacl = fi.query_secdesc.out.sd;
    2483             :                 } else if (!sd_dacl) {
    2484             :                         sd_dacl = sd;
    2485             :                 }
    2486             :                 si.set_secdesc.level                    = RAW_SFILEINFO_SEC_DESC;
    2487             :                 si.set_secdesc.in.file.fnum             = fnum;
    2488             :                 si.set_secdesc.in.secinfo_flags         = SECINFO_DACL;
    2489             :                 si.set_secdesc.in.sd                    = sd_dacl;
    2490             :                 status = smb_raw_setfileinfo(cli->tree, &si);
    2491             :                 CHECK_STATUS_FOR_BIT(status, set_dacl_bits, SEC_STD_WRITE_DAC);
    2492             : 
    2493             :                 /* test the SACL */
    2494             :                 ZERO_STRUCT(fi);
    2495             :                 fi.query_secdesc.level                  = RAW_FILEINFO_SEC_DESC;
    2496             :                 fi.query_secdesc.in.file.fnum           = fnum;
    2497             :                 fi.query_secdesc.in.secinfo_flags       = SECINFO_SACL;
    2498             :                 status = smb_raw_fileinfo(cli->tree, tctx, &fi);
    2499             :                 CHECK_STATUS_FOR_BIT(status, get_sacl_bits, SEC_FLAG_SYSTEM_SECURITY);
    2500             :                 if (fi.query_secdesc.out.sd) {
    2501             :                         sd_sacl = fi.query_secdesc.out.sd;
    2502             :                 } else if (!sd_sacl) {
    2503             :                         sd_sacl = sd;
    2504             :                 }
    2505             :                 si.set_secdesc.level                    = RAW_SFILEINFO_SEC_DESC;
    2506             :                 si.set_secdesc.in.file.fnum             = fnum;
    2507             :                 si.set_secdesc.in.secinfo_flags         = SECINFO_SACL;
    2508             :                 si.set_secdesc.in.sd                    = sd_sacl;
    2509             :                 status = smb_raw_setfileinfo(cli->tree, &si);
    2510             :                 CHECK_STATUS_FOR_BIT(status, set_sacl_bits, SEC_FLAG_SYSTEM_SECURITY);
    2511             : 
    2512             :                 /* close the handle */
    2513             :                 status = smbcli_close(cli->tree, fnum);
    2514             :                 CHECK_STATUS(status, NT_STATUS_OK);
    2515             : next:
    2516             :                 continue;
    2517             :         }
    2518             : 
    2519             : done:
    2520             :         smbcli_close(cli->tree, fnum);
    2521             :         smbcli_unlink(cli->tree, fname);
    2522             :         smb_raw_exit(cli->session);
    2523             :         smbcli_deltree(cli->tree, BASEDIR);
    2524             : 
    2525             :         return ret;
    2526             : }
    2527             : 
    2528             : #endif
    2529             : 
    2530             : /* 
    2531             :    basic testing of security descriptor calls
    2532             : */
    2533        2358 : struct torture_suite *torture_raw_acls(TALLOC_CTX *mem_ctx)
    2534             : {
    2535        2358 :         struct torture_suite *suite = torture_suite_create(mem_ctx, "acls");
    2536             : 
    2537        2358 :         torture_suite_add_1smb_test(suite, "sd", test_sd);
    2538        2358 :         torture_suite_add_1smb_test(suite, "create_file", test_nttrans_create_file);
    2539        2358 :         torture_suite_add_1smb_test(suite, "create_dir", test_nttrans_create_dir);
    2540        2358 :         torture_suite_add_1smb_test(suite, "create_owner_file", test_nttrans_create_owner_file);
    2541        2358 :         torture_suite_add_1smb_test(suite, "create_owner_dir", test_nttrans_create_owner_dir);
    2542        2358 :         torture_suite_add_1smb_test(suite, "nulldacl", test_nttrans_create_null_dacl);
    2543        2358 :         torture_suite_add_1smb_test(suite, "creator", test_creator_sid);
    2544        2358 :         torture_suite_add_1smb_test(suite, "generic", test_generic_bits);
    2545        2358 :         torture_suite_add_1smb_test(suite, "owner", test_owner_bits);
    2546        2358 :         torture_suite_add_1smb_test(suite, "inheritance", test_inheritance);
    2547             : 
    2548        2358 :         torture_suite_add_1smb_test(suite, "INHERITFLAGS", test_inheritance_flags);
    2549        2358 :         torture_suite_add_1smb_test(suite, "dynamic", test_inheritance_dynamic);
    2550             : #if 0
    2551             :         /* XXX This test does not work against XP or Vista. */
    2552             :         torture_suite_add_1smb_test(suite, "GETSET", test_sd_get_set);
    2553             : #endif
    2554             : 
    2555        2358 :         return suite;
    2556             : }

Generated by: LCOV version 1.14