Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 : IDMAP TDB common code tester
4 :
5 : Copyright (C) Christian Ambach 2012
6 :
7 : This program is free software; you can redistribute it and/or modify
8 : it under the terms of the GNU General Public License as published by
9 : the Free Software Foundation; either version 3 of the License, or
10 : (at your option) any later version.
11 :
12 : This program is distributed in the hope that it will be useful,
13 : but WITHOUT ANY WARRANTY; without even the implied warranty of
14 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 : GNU General Public License for more details.
16 :
17 : You should have received a copy of the GNU General Public License
18 : along with this program. If not, see <http://www.gnu.org/licenses/>.
19 : */
20 :
21 : #include "includes.h"
22 : #include "system/filesys.h"
23 : #include "torture/proto.h"
24 : #include "idmap.h"
25 : #include "winbindd/idmap_rw.h"
26 : #include "winbindd/idmap_tdb_common.h"
27 : #include "winbindd/winbindd.h"
28 : #include "winbindd/winbindd_proto.h"
29 : #include "dbwrap/dbwrap.h"
30 : #include "dbwrap/dbwrap_open.h"
31 : #include "../libcli/security/dom_sid.h"
32 :
33 : #define HWM_GROUP "GROUP HWM"
34 : #define HWM_USER "USER HWM"
35 :
36 : #define LOW_ID 100
37 : #define HIGH_ID 199
38 :
39 : #define DOM_SID1 "S-1-5-21-1234-5678-9012"
40 : #define DOM_SID2 "S-1-5-21-0123-5678-9012"
41 : #define DOM_SID3 "S-1-5-21-0012-5678-9012"
42 : #define DOM_SID4 "S-1-5-21-0001-5678-9012"
43 : #define DOM_SID5 "S-1-5-21-2345-5678-9012"
44 : #define DOM_SID6 "S-1-5-21-3456-5678-9012"
45 :
46 : /* overwrite some winbind internal functions */
47 0 : struct winbindd_domain *find_domain_from_name(const char *domain_name)
48 : {
49 0 : return NULL;
50 : }
51 :
52 0 : bool get_global_winbindd_state_offline(void) {
53 0 : return false;
54 : }
55 :
56 0 : bool winbindd_use_idmap_cache(void) {
57 0 : return false;
58 : }
59 :
60 1 : static bool open_db(struct idmap_tdb_common_context *ctx)
61 : {
62 1 : NTSTATUS status;
63 1 : char *db_path;
64 :
65 1 : if(ctx->db) {
66 : /* already open */
67 0 : return true;
68 : }
69 :
70 1 : db_path = talloc_asprintf(talloc_tos(), "%s/idmap_test.tdb",
71 : lp_private_dir());
72 1 : if(!db_path) {
73 0 : DEBUG(0, ("Out of memory!\n"));
74 0 : return false;
75 : }
76 :
77 1 : ctx->db = db_open(ctx, db_path, 0, TDB_DEFAULT,
78 : O_RDWR | O_CREAT, 0600,
79 : DBWRAP_LOCK_ORDER_1, DBWRAP_FLAG_NONE);
80 :
81 1 : if(!ctx->db) {
82 0 : DEBUG(0, ("Failed to open database: %s\n", strerror(errno)));
83 0 : return false;
84 : }
85 :
86 1 : if(dbwrap_transaction_start(ctx->db) != 0) {
87 0 : DEBUG(0, ("Failed to start transaction!\n"));
88 0 : return false;
89 : }
90 :
91 1 : status = dbwrap_store_uint32_bystring(ctx->db, ctx->hwmkey_uid,
92 : LOW_ID);
93 1 : if(!NT_STATUS_IS_OK(status)) {
94 0 : dbwrap_transaction_cancel(ctx->db);
95 0 : return false;
96 : }
97 :
98 1 : status = dbwrap_store_uint32_bystring(ctx->db, ctx->hwmkey_gid,
99 : LOW_ID);
100 1 : if(!NT_STATUS_IS_OK(status)) {
101 0 : dbwrap_transaction_cancel(ctx->db);
102 0 : return false;
103 : }
104 :
105 1 : if(dbwrap_transaction_commit(ctx->db) != 0) {
106 0 : DEBUG(0, ("Failed to commit transaction!\n"));
107 0 : return false;
108 : }
109 :
110 0 : return true;
111 : }
112 :
113 1 : static NTSTATUS idmap_test_tdb_db_init(struct idmap_domain *dom)
114 : {
115 1 : struct idmap_tdb_common_context *ret;
116 :
117 1 : DBG_DEBUG("called for domain '%s'\n", dom->name);
118 :
119 1 : ret = talloc_zero(dom, struct idmap_tdb_common_context);
120 1 : if (ret == NULL) {
121 0 : return NT_STATUS_NO_MEMORY;
122 : }
123 1 : ret->rw_ops = talloc_zero(ret, struct idmap_rw_ops);
124 1 : if (ret->rw_ops == NULL) {
125 0 : TALLOC_FREE(ret);
126 0 : return NT_STATUS_NO_MEMORY;
127 : }
128 :
129 1 : ret->max_id = HIGH_ID;
130 1 : ret->hwmkey_uid = HWM_USER;
131 1 : ret->hwmkey_gid = HWM_GROUP;
132 :
133 1 : ret->rw_ops->get_new_id = idmap_tdb_common_get_new_id;
134 1 : ret->rw_ops->set_mapping = idmap_tdb_common_set_mapping;
135 :
136 1 : if (!open_db(ret)) {
137 0 : TALLOC_FREE(ret);
138 0 : return NT_STATUS_INTERNAL_ERROR;
139 1 : };
140 :
141 1 : dom->private_data = ret;
142 :
143 1 : return NT_STATUS_OK;
144 : }
145 :
146 1 : static struct idmap_domain *createdomain(TALLOC_CTX *memctx)
147 : {
148 1 : struct idmap_domain *dom;
149 1 : struct idmap_methods *m;
150 :
151 1 : dom = talloc_zero(memctx, struct idmap_domain);
152 1 : dom->name = "*";
153 1 : dom->low_id = LOW_ID;
154 1 : dom->high_id = HIGH_ID;
155 1 : dom->read_only = false;
156 1 : m = talloc_zero(dom, struct idmap_methods);
157 1 : *m = (struct idmap_methods) {
158 : .init = idmap_test_tdb_db_init,
159 : .sids_to_unixids = idmap_tdb_common_sids_to_unixids,
160 : .unixids_to_sids = idmap_tdb_common_unixids_to_sids,
161 : .allocate_id = idmap_tdb_common_get_new_id,
162 : };
163 1 : dom->methods = m;
164 :
165 1 : return dom;
166 : }
167 :
168 1 : static bool test_getnewid1(TALLOC_CTX *memctx, struct idmap_domain *dom)
169 : {
170 1 : NTSTATUS status;
171 1 : struct unixid id;
172 :
173 1 : id.type = ID_TYPE_UID;
174 :
175 1 : status = idmap_tdb_common_get_new_id(dom, &id);
176 :
177 1 : if(!NT_STATUS_IS_OK(status)) {
178 0 : DEBUG(0, ("test_getnewid1: Could not allocate id!\n"));
179 0 : return false;
180 : }
181 :
182 1 : if(id.id == 0) {
183 0 : DEBUG(0, ("test_getnewid1: Allocate returned "
184 : "empty id!\n"));
185 0 : return false;
186 : }
187 :
188 1 : if(id.id > HIGH_ID || id.id < LOW_ID) {
189 0 : DEBUG(0, ("test_getnewid1: Allocate returned "
190 : "out of range id!\n"));
191 0 : return false;
192 : }
193 :
194 1 : DEBUG(0, ("test_getnewid1: PASSED!\n"));
195 :
196 0 : return true;
197 : }
198 :
199 1 : static bool test_getnewid2(TALLOC_CTX *memctx, struct idmap_domain *dom)
200 : {
201 1 : NTSTATUS status;
202 1 : struct unixid id;
203 1 : int i, left;
204 :
205 1 : id.type = ID_TYPE_UID;
206 :
207 1 : status = idmap_tdb_common_get_new_id(dom, &id);
208 :
209 1 : if(!NT_STATUS_IS_OK(status)) {
210 0 : DEBUG(0, ("test_getnewid2: Could not allocate id!\n"));
211 0 : return false;
212 : }
213 :
214 1 : if(id.id == 0) {
215 0 : DEBUG(0, ("test_getnewid2: Allocate returned "
216 : "empty id!\n"));
217 0 : return false;
218 : }
219 :
220 1 : if(id.id > HIGH_ID || id.id < LOW_ID) {
221 0 : DEBUG(0, ("test_getnewid2: Allocate returned "
222 : "out of range id!\n"));
223 0 : return false;
224 : }
225 :
226 : /* how many ids are left? */
227 :
228 1 : left = HIGH_ID - id.id;
229 :
230 : /* consume them all */
231 90 : for(i = 0; i<left; i++) {
232 :
233 89 : status = idmap_tdb_common_get_new_id(dom, &id);
234 :
235 89 : if(!NT_STATUS_IS_OK(status)) {
236 0 : DEBUG(0, ("test_getnewid2: Allocate returned "
237 : "error %s\n", nt_errstr(status)));
238 0 : return false;
239 : }
240 :
241 89 : if(id.id > HIGH_ID) {
242 0 : DEBUG(0, ("test_getnewid2: Allocate returned "
243 : "out of range id (%d)!\n", id.id));
244 0 : return false;
245 : }
246 : }
247 :
248 : /* one more must fail */
249 1 : status = idmap_tdb_common_get_new_id(dom, &id);
250 :
251 1 : if(NT_STATUS_IS_OK(status)) {
252 0 : DEBUG(0, ("test_getnewid2: Could allocate id (%d) from "
253 : "depleted pool!\n", id.id));
254 0 : return false;
255 : }
256 :
257 1 : DEBUG(0, ("test_getnewid2: PASSED!\n"));
258 :
259 0 : return true;
260 : }
261 :
262 1 : static bool test_setmap1(TALLOC_CTX *memctx, struct idmap_domain *dom)
263 : {
264 1 : NTSTATUS status;
265 1 : struct id_map map;
266 :
267 1 : ZERO_STRUCT(map);
268 :
269 : /* test for correct return code with invalid data */
270 :
271 1 : status = idmap_tdb_common_set_mapping(dom, NULL);
272 1 : if(!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
273 0 : DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
274 0 : return false;
275 : }
276 :
277 1 : status = idmap_tdb_common_set_mapping(dom, &map);
278 1 : if(!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
279 0 : DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
280 0 : return false;
281 : }
282 :
283 1 : map.sid = dom_sid_parse_talloc(memctx, DOM_SID1 "-100");
284 :
285 1 : map.xid.type = ID_TYPE_NOT_SPECIFIED;
286 1 : map.xid.id = 4711;
287 :
288 1 : status = idmap_tdb_common_set_mapping(dom, &map);
289 1 : if(!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
290 0 : DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
291 0 : return false;
292 : }
293 :
294 : /* now the good ones */
295 1 : map.xid.type = ID_TYPE_UID;
296 1 : map.xid.id = 0;
297 :
298 1 : status = idmap_tdb_common_get_new_id(dom, &(map.xid));
299 1 : if(!NT_STATUS_IS_OK(status)) {
300 0 : DEBUG(0, ("test_setmap1: get_new_uid failed!\n"));
301 0 : return false;
302 : }
303 :
304 1 : status = idmap_tdb_common_set_mapping(dom, &map);
305 1 : if(!NT_STATUS_IS_OK(status)) {
306 0 : DEBUG(0, ("test_setmap1: setting UID mapping failed!\n"));
307 0 : return false;
308 : }
309 :
310 : /* try to set the same mapping again as group (must fail) */
311 :
312 1 : map.xid.type = ID_TYPE_GID;
313 1 : status = idmap_tdb_common_set_mapping(dom, &map);
314 1 : if(NT_STATUS_IS_OK(status)) {
315 0 : DEBUG(0, ("test_setmap1: could create map for "
316 : "group and user!\n"));
317 0 : return false;
318 : }
319 :
320 : /* now a group with a different SID*/
321 1 : map.xid.id = 0;
322 :
323 1 : map.sid = dom_sid_parse_talloc(memctx, DOM_SID1 "-101");
324 :
325 1 : status = idmap_tdb_common_get_new_id(dom, &(map.xid));
326 1 : if(!NT_STATUS_IS_OK(status)) {
327 0 : DEBUG(0, ("test_setmap1: get_new_gid failed!\n"));
328 0 : return false;
329 : }
330 :
331 1 : status = idmap_tdb_common_set_mapping(dom, &map);
332 1 : if(!NT_STATUS_IS_OK(status)) {
333 0 : DEBUG(0, ("test_setmap1: setting GID mapping failed!\n"));
334 0 : return false;
335 : }
336 1 : DEBUG(0, ("test_setmap1: PASSED!\n"));
337 :
338 0 : return true;
339 : }
340 :
341 1 : static bool test_sid2unixid1(TALLOC_CTX *memctx, struct idmap_domain *dom)
342 : {
343 1 : NTSTATUS status1, status2, status3;
344 1 : struct id_map map;
345 :
346 : /* check for correct dealing with bad parameters */
347 1 : status1 = idmap_tdb_common_sid_to_unixid(NULL, &map);
348 1 : status2 = idmap_tdb_common_sid_to_unixid(dom, NULL);
349 1 : status3 = idmap_tdb_common_sid_to_unixid(NULL, NULL);
350 :
351 1 : if(!NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status1) ||
352 1 : !NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status2) ||
353 1 : !NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status3)) {
354 0 : DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
355 0 : return false;
356 : }
357 :
358 1 : DEBUG(0, ("test_unixid2sid1: PASSED!\n"));
359 :
360 0 : return true;
361 : }
362 :
363 1 : static bool test_sid2unixid2(TALLOC_CTX *memctx, struct idmap_domain *dom)
364 : {
365 1 : NTSTATUS status;
366 1 : struct id_map uid_map, gid_map, test_map;
367 1 : bool doagain = true;
368 :
369 1 : ZERO_STRUCT(uid_map);
370 1 : ZERO_STRUCT(gid_map);
371 :
372 : /* create two mappings for a UID and GID */
373 :
374 2 : again:
375 :
376 2 : uid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID2 "-1000");
377 2 : uid_map.xid.type = ID_TYPE_UID;
378 :
379 2 : gid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID2 "-1001");
380 2 : gid_map.xid.type = ID_TYPE_GID;
381 :
382 2 : status = idmap_tdb_common_new_mapping(dom, &uid_map);
383 2 : if(!NT_STATUS_IS_OK(status)) {
384 0 : DEBUG(0, ("test_sid2unixid2: could not create uid map!\n"));
385 0 : return false;
386 : }
387 :
388 2 : status = idmap_tdb_common_new_mapping(dom, &gid_map);
389 2 : if(!NT_STATUS_IS_OK(status)) {
390 0 : DEBUG(0, ("test_sid2unixid2: could not create gid map!\n"));
391 0 : return false;
392 : }
393 :
394 : /* now read them back */
395 2 : ZERO_STRUCT(test_map);
396 2 : test_map.sid = uid_map.sid;
397 :
398 2 : status = idmap_tdb_common_sid_to_unixid(dom, &test_map);
399 2 : if(!NT_STATUS_IS_OK(status)) {
400 0 : DEBUG(0, ("test_sid2unixid2: sid2unixid failed for uid!\n"));
401 0 : return false;
402 : }
403 :
404 2 : if(test_map.xid.id!=uid_map.xid.id) {
405 0 : DEBUG(0, ("test_sid2unixid2: sid2unixid returned wrong uid!\n"));
406 0 : return false;
407 : }
408 :
409 2 : test_map.sid = gid_map.sid;
410 :
411 2 : status = idmap_tdb_common_sid_to_unixid(dom, &test_map);
412 2 : if(!NT_STATUS_IS_OK(status)) {
413 0 : DEBUG(0, ("test_sid2unixid2: sid2unixid failed for gid!\n"));
414 0 : return false;
415 : }
416 :
417 2 : if(test_map.xid.id!=gid_map.xid.id) {
418 0 : DEBUG(0, ("test_sid2unixid2: sid2unixid returned wrong gid!\n"));
419 0 : return false;
420 : }
421 :
422 : /*
423 : * Go through the same tests again once to see if trying to recreate
424 : * a mapping that was already created will work or not
425 : */
426 2 : if(doagain) {
427 1 : doagain = false;
428 1 : goto again;
429 : }
430 :
431 1 : DEBUG(0, ("test_sid2unixid2: PASSED!\n"));
432 :
433 0 : return true;
434 : }
435 :
436 1 : static bool test_sids2unixids1(TALLOC_CTX *memctx, struct idmap_domain *dom)
437 : {
438 1 : NTSTATUS status;
439 1 : struct id_map uid_map, gid_map, **test_maps;
440 :
441 1 : ZERO_STRUCT(uid_map);
442 1 : ZERO_STRUCT(gid_map);
443 :
444 : /* create two mappings for a UID and GID */
445 :
446 1 : uid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID4 "-1000");
447 1 : uid_map.xid.type = ID_TYPE_UID;
448 :
449 1 : gid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID4 "-1001");
450 1 : gid_map.xid.type = ID_TYPE_GID;
451 :
452 1 : status = idmap_tdb_common_new_mapping(dom, &uid_map);
453 1 : if(!NT_STATUS_IS_OK(status)) {
454 0 : DEBUG(0, ("test_sids2unixids1: could not create uid map!\n"));
455 0 : return false;
456 : }
457 :
458 1 : status = idmap_tdb_common_new_mapping(dom, &gid_map);
459 1 : if(!NT_STATUS_IS_OK(status)) {
460 0 : DEBUG(0, ("test_sids2unixids1: could not create gid map!\n"));
461 0 : return false;
462 : }
463 :
464 : /* now read them back */
465 1 : test_maps = talloc_zero_array(memctx, struct id_map*, 3);
466 :
467 1 : test_maps[0] = talloc(test_maps, struct id_map);
468 1 : test_maps[1] = talloc(test_maps, struct id_map);
469 1 : test_maps[2] = NULL;
470 :
471 1 : test_maps[0]->sid = talloc(test_maps, struct dom_sid);
472 1 : test_maps[1]->sid = talloc(test_maps, struct dom_sid);
473 1 : sid_copy(test_maps[0]->sid, uid_map.sid);
474 1 : sid_copy(test_maps[1]->sid, gid_map.sid);
475 :
476 1 : status = idmap_tdb_common_sids_to_unixids(dom, test_maps);
477 1 : if(!NT_STATUS_IS_OK(status)) {
478 0 : DEBUG(0, ("test_sids2sunixids1: sids2unixids failed!\n"));
479 0 : talloc_free(test_maps);
480 0 : return false;
481 : }
482 :
483 1 : if(test_maps[0]->xid.id!=uid_map.xid.id ||
484 1 : test_maps[1]->xid.id!=gid_map.xid.id ) {
485 0 : DEBUG(0, ("test_sids2unixids1: sid2unixid returned wrong xid!\n"));
486 0 : talloc_free(test_maps);
487 0 : return false;
488 : }
489 :
490 1 : DEBUG(0, ("test_sids2unixids1: PASSED!\n"));
491 :
492 1 : talloc_free(test_maps);
493 :
494 1 : return true;
495 : }
496 :
497 1 : static bool test_sids2unixids2(TALLOC_CTX *memctx, struct idmap_domain *dom)
498 : {
499 1 : NTSTATUS status;
500 1 : struct id_map **test_maps;
501 1 : struct unixid save;
502 :
503 1 : test_maps = talloc_zero_array(memctx, struct id_map*, 3);
504 :
505 1 : test_maps[0] = talloc(test_maps, struct id_map);
506 1 : test_maps[1] = talloc(test_maps, struct id_map);
507 1 : test_maps[2] = NULL;
508 :
509 : /* ask for two new mappings for a UID and GID */
510 1 : test_maps[0]->sid = dom_sid_parse_talloc(test_maps, DOM_SID4 "-1003");
511 1 : test_maps[0]->xid.type = ID_TYPE_UID;
512 1 : test_maps[1]->sid = dom_sid_parse_talloc(test_maps, DOM_SID4 "-1004");
513 1 : test_maps[1]->xid.type = ID_TYPE_GID;
514 :
515 1 : status = idmap_tdb_common_sids_to_unixids(dom, test_maps);
516 1 : if(!NT_STATUS_IS_OK(status)) {
517 0 : DEBUG(0, ("test_sids2sunixids2: sids2unixids "
518 : "failed (%s)!\n", nt_errstr(status)));
519 0 : talloc_free(test_maps);
520 0 : return false;
521 : }
522 :
523 1 : if(test_maps[0]->xid.id == 0 || test_maps[1]->xid.id == 0) {
524 0 : DEBUG(0, ("test_sids2sunixids2: sids2unixids "
525 : "returned zero ids!\n"));
526 0 : talloc_free(test_maps);
527 0 : return false;
528 : }
529 :
530 1 : save = test_maps[1]->xid;
531 :
532 : /* ask for a known and a new mapping at the same time */
533 1 : talloc_free(test_maps);
534 1 : test_maps = talloc_zero_array(memctx, struct id_map*, 3);
535 1 : test_maps[0] = talloc(test_maps, struct id_map);
536 1 : test_maps[1] = talloc(test_maps, struct id_map);
537 1 : test_maps[2] = NULL;
538 :
539 1 : test_maps[0]->sid = dom_sid_parse_talloc(test_maps, DOM_SID4 "-1004");
540 1 : test_maps[0]->xid.type = ID_TYPE_GID;
541 1 : test_maps[1]->sid = dom_sid_parse_talloc(test_maps, DOM_SID4 "-1005");
542 1 : test_maps[1]->xid.type = ID_TYPE_UID;
543 :
544 1 : status = idmap_tdb_common_sids_to_unixids(dom, test_maps);
545 1 : if(!NT_STATUS_IS_OK(status)) {
546 0 : DEBUG(0, ("test_sids2sunixids2: sids2unixids (2) "
547 : "failed (%s)!\n", nt_errstr(status)));
548 0 : talloc_free(test_maps);
549 0 : return false;
550 : }
551 :
552 1 : if(test_maps[0]->xid.type != save.type ||
553 1 : test_maps[0]->xid.id != save.id) {
554 0 : DEBUG(0, ("test_sids2sunixids2: second lookup returned "
555 : "different value!\n"));
556 0 : talloc_free(test_maps);
557 0 : return false;
558 : }
559 :
560 1 : if(test_maps[1]->xid.id == 0) {
561 0 : DEBUG(0, ("test_sids2sunixids2: sids2unixids "
562 : "returned zero id for mixed mapping request!\n"));
563 0 : talloc_free(test_maps);
564 0 : return false;
565 : }
566 :
567 1 : DEBUG(0, ("test_sids2unixids2: PASSED!\n"));
568 :
569 1 : talloc_free(test_maps);
570 :
571 1 : return true;
572 : }
573 :
574 1 : static bool test_sids2unixids3(TALLOC_CTX *memctx, struct idmap_domain *dom)
575 : {
576 1 : NTSTATUS status;
577 1 : struct id_map **test_maps;
578 1 : bool retval = true;
579 :
580 : /*
581 : * check the mapping states:
582 : * NONE_MAPPED, SOME_UNMAPPED, OK (all mapped)
583 : *
584 : * use the ids created by test_sids2unixids1
585 : * need to make dom read-only
586 : */
587 :
588 1 : dom->read_only = true;
589 :
590 1 : test_maps = talloc_zero_array(memctx, struct id_map*, 3);
591 :
592 1 : test_maps[0] = talloc(test_maps, struct id_map);
593 1 : test_maps[1] = talloc(test_maps, struct id_map);
594 1 : test_maps[2] = NULL;
595 :
596 : /* NONE_MAPPED first */
597 1 : test_maps[0]->sid = talloc(test_maps, struct dom_sid);
598 1 : test_maps[1]->sid = talloc(test_maps, struct dom_sid);
599 1 : test_maps[0]->sid = dom_sid_parse_talloc(test_maps,
600 : "S-1-5-21-1-2-3-4");
601 1 : test_maps[0]->xid.type = ID_TYPE_UID;
602 :
603 1 : test_maps[1]->sid = dom_sid_parse_talloc(test_maps,
604 : "S-1-5-21-1-2-3-5");
605 1 : test_maps[1]->xid.type = ID_TYPE_GID;
606 :
607 1 : status = idmap_tdb_common_sids_to_unixids(dom, test_maps);
608 1 : if(!NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) {
609 0 : DEBUG(0, ("test_sids2unixids3: incorrect status "
610 : "(%s), expected NT_STATUS_NONE_MAPPED!\n",
611 : nt_errstr(status)));
612 0 : retval = false;
613 0 : goto out;
614 : }
615 :
616 : /* SOME_UNMAPPED */
617 1 : test_maps[0]->sid = talloc(test_maps, struct dom_sid);
618 1 : test_maps[1]->sid = talloc(test_maps, struct dom_sid);
619 1 : test_maps[0]->sid = dom_sid_parse_talloc(test_maps,
620 : DOM_SID4 "-1000");
621 1 : test_maps[0]->xid.type = ID_TYPE_UID;
622 1 : test_maps[1]->sid = dom_sid_parse_talloc(test_maps,
623 : "S-1-5-21-1-2-3-5");
624 1 : test_maps[1]->xid.type = ID_TYPE_GID;
625 :
626 1 : status = idmap_tdb_common_sids_to_unixids(dom, test_maps);
627 1 : if(!NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
628 0 : DEBUG(0, ("test_sids2unixids3: incorrect status "
629 : "(%s), expected STATUS_SOME_UNMAPPED!\n",
630 : nt_errstr(status)));
631 0 : retval = false;
632 0 : goto out;
633 : }
634 :
635 : /* OK */
636 1 : test_maps[0]->sid = talloc(test_maps, struct dom_sid);
637 1 : test_maps[1]->sid = talloc(test_maps, struct dom_sid);
638 1 : test_maps[0]->sid = dom_sid_parse_talloc(test_maps,
639 : DOM_SID4 "-1001");
640 1 : test_maps[1]->sid = dom_sid_parse_talloc(test_maps,
641 : DOM_SID4 "-1000");
642 :
643 1 : status = idmap_tdb_common_sids_to_unixids(dom, test_maps);
644 1 : if(!NT_STATUS_IS_OK(status)) {
645 0 : DEBUG(0, ("test_sids2unixids3: incorrect status "
646 : "(%s), expected NT_STATUS_OK!\n",
647 : nt_errstr(status)));
648 0 : retval = false;
649 0 : goto out;
650 : }
651 :
652 1 : DEBUG(0, ("test_sids2unixids3: PASSED!\n"));
653 :
654 1 : out:
655 1 : talloc_free(test_maps);
656 1 : dom->read_only = false;
657 1 : return retval;
658 : }
659 :
660 1 : static bool test_unixid2sid1(TALLOC_CTX *memctx, struct idmap_domain *dom)
661 : {
662 1 : NTSTATUS status1, status2, status3;
663 1 : struct id_map map;
664 :
665 : /* check for correct dealing with bad parameters */
666 1 : status1 = idmap_tdb_common_unixid_to_sid(NULL, &map);
667 1 : status2 = idmap_tdb_common_unixid_to_sid(dom, NULL);
668 1 : status3 = idmap_tdb_common_unixid_to_sid(NULL, NULL);
669 :
670 1 : if(!NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status1) ||
671 1 : !NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status2) ||
672 1 : !NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status3)) {
673 0 : DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
674 0 : return false;
675 : }
676 :
677 1 : DEBUG(0, ("test_unixid2sid1: PASSED!\n"));
678 :
679 0 : return true;
680 : }
681 :
682 1 : static bool test_unixid2sid2(TALLOC_CTX *memctx, struct idmap_domain *dom)
683 : {
684 1 : NTSTATUS status;
685 1 : struct id_map *map;
686 1 : bool retval = true;
687 :
688 : /* ask for mapping that is outside of the range */
689 1 : map = talloc(memctx, struct id_map);
690 1 : map->sid = talloc(map, struct dom_sid);
691 :
692 1 : map->xid.type = ID_TYPE_UID;
693 1 : map->xid.id = HIGH_ID + 1;
694 :
695 1 : status = idmap_tdb_common_unixid_to_sid(dom, map);
696 1 : if(NT_STATUS_IS_OK(status)) {
697 0 : DEBUG(0, ("test_unixid2sid2: unixid2sid returned "
698 : "out-of-range result\n"));
699 0 : retval = false;
700 0 : goto out;
701 : }
702 :
703 1 : DEBUG(0, ("test_unixid2sid2: PASSED!\n"));
704 1 : out:
705 1 : talloc_free(map);
706 1 : return retval;
707 :
708 : }
709 :
710 1 : static bool test_unixid2sid3(TALLOC_CTX *memctx, struct idmap_domain *dom)
711 : {
712 1 : NTSTATUS status;
713 1 : struct id_map uid_map, gid_map, test_map;
714 1 : struct dom_sid testsid;
715 :
716 1 : ZERO_STRUCT(uid_map);
717 1 : ZERO_STRUCT(gid_map);
718 :
719 : /* create two mappings for a UID and GID */
720 1 : uid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID3 "-1000");
721 1 : uid_map.xid.type = ID_TYPE_UID;
722 :
723 1 : gid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID3 "-1001");
724 1 : gid_map.xid.type = ID_TYPE_GID;
725 :
726 1 : status = idmap_tdb_common_new_mapping(dom, &uid_map);
727 1 : if(!NT_STATUS_IS_OK(status)) {
728 0 : DEBUG(0, ("test_unixid2sid3: could not create uid map!\n"));
729 0 : return false;
730 : }
731 :
732 1 : status = idmap_tdb_common_new_mapping(dom, &gid_map);
733 1 : if(!NT_STATUS_IS_OK(status)) {
734 0 : DEBUG(0, ("test_unixid2sid3: could not create gid map!\n"));
735 0 : return false;
736 : }
737 :
738 : /* now read them back */
739 1 : ZERO_STRUCT(test_map);
740 1 : test_map.xid.id = uid_map.xid.id;
741 1 : test_map.xid.type = ID_TYPE_UID;
742 1 : test_map.sid = &testsid;
743 :
744 1 : status = idmap_tdb_common_unixid_to_sid(dom, &test_map);
745 1 : if(!NT_STATUS_IS_OK(status)) {
746 0 : DEBUG(0, ("test_unixid2sid3: unixid2sid failed for uid!\n"));
747 0 : return false;
748 : }
749 :
750 1 : if(test_map.xid.type!=uid_map.xid.type) {
751 0 : DEBUG(0, ("test_unixid2sid3: unixid2sid returned wrong type!\n"));
752 0 : return false;
753 : }
754 :
755 1 : if(!dom_sid_equal(test_map.sid, uid_map.sid)) {
756 0 : DEBUG(0, ("test_unixid2sid3: unixid2sid returned wrong SID!\n"));
757 0 : return false;
758 : }
759 :
760 1 : ZERO_STRUCT(test_map);
761 1 : test_map.xid.id = gid_map.xid.id;
762 1 : test_map.xid.type = ID_TYPE_GID;
763 1 : test_map.sid = &testsid;
764 :
765 1 : status = idmap_tdb_common_unixid_to_sid(dom, &test_map);
766 1 : if(!NT_STATUS_IS_OK(status)) {
767 0 : DEBUG(0, ("test_unixid2sid3: unixid2sid failed for gid!\n"));
768 0 : return false;
769 : }
770 :
771 1 : if(test_map.xid.type!=gid_map.xid.type) {
772 0 : DEBUG(0, ("test_unixid2sid3: unixid2sid returned wrong type!\n"));
773 0 : return false;
774 : }
775 :
776 1 : if(!dom_sid_equal(test_map.sid,gid_map.sid)) {
777 0 : DEBUG(0, ("test_unixid2sid3: unixid2sid returned wrong SID!\n"));
778 0 : return false;
779 : }
780 :
781 1 : DEBUG(0, ("test_unixid2sid3: PASSED!\n"));
782 :
783 0 : return true;
784 : }
785 :
786 1 : static bool test_unixids2sids1(TALLOC_CTX *memctx, struct idmap_domain *dom)
787 : {
788 1 : NTSTATUS status;
789 1 : struct id_map uid_map, gid_map, **test_maps;
790 :
791 1 : ZERO_STRUCT(uid_map);
792 1 : ZERO_STRUCT(gid_map);
793 :
794 : /* create two mappings for a UID and GID */
795 :
796 1 : uid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID5 "-1000");
797 1 : uid_map.xid.type = ID_TYPE_UID;
798 :
799 1 : gid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID5 "-1001");
800 1 : gid_map.xid.type = ID_TYPE_GID;
801 :
802 1 : status = idmap_tdb_common_new_mapping(dom, &uid_map);
803 1 : if(!NT_STATUS_IS_OK(status)) {
804 0 : DEBUG(0, ("test_unixids2sids1: could not create uid map!\n"));
805 0 : return false;
806 : }
807 :
808 1 : status = idmap_tdb_common_new_mapping(dom, &gid_map);
809 1 : if(!NT_STATUS_IS_OK(status)) {
810 0 : DEBUG(0, ("test_unixids2sids1: could not create gid map!\n"));
811 0 : return false;
812 : }
813 :
814 : /* now read them back */
815 1 : test_maps = talloc_zero_array(memctx, struct id_map*, 3);
816 :
817 1 : test_maps[0] = talloc(test_maps, struct id_map);
818 1 : test_maps[1] = talloc(test_maps, struct id_map);
819 1 : test_maps[2] = NULL;
820 :
821 1 : test_maps[0]->sid = talloc(test_maps, struct dom_sid);
822 1 : test_maps[1]->sid = talloc(test_maps, struct dom_sid);
823 1 : test_maps[0]->xid.id = uid_map.xid.id;
824 1 : test_maps[0]->xid.type = ID_TYPE_UID;
825 1 : test_maps[1]->xid.id = gid_map.xid.id;
826 1 : test_maps[1]->xid.type = ID_TYPE_GID;
827 :
828 1 : status = idmap_tdb_common_unixids_to_sids(dom, test_maps);
829 1 : if(!NT_STATUS_IS_OK(status)) {
830 0 : DEBUG(0, ("test_unixids2sids1: unixids2sids failed!\n"));
831 0 : talloc_free(test_maps);
832 0 : return false;
833 : }
834 :
835 2 : if(!dom_sid_equal(test_maps[0]->sid, uid_map.sid) ||
836 1 : !dom_sid_equal(test_maps[1]->sid, gid_map.sid) ) {
837 0 : DEBUG(0, ("test_unixids2sids1: unixids2sids returned wrong sid!\n"));
838 0 : talloc_free(test_maps);
839 0 : return false;
840 : }
841 :
842 1 : DEBUG(0, ("test_unixids2sids1: PASSED!\n"));
843 :
844 1 : talloc_free(test_maps);
845 :
846 1 : return true;
847 : }
848 :
849 1 : static bool test_unixids2sids2(TALLOC_CTX *memctx, struct idmap_domain *dom)
850 : {
851 1 : NTSTATUS status;
852 1 : struct id_map **test_maps;
853 1 : bool retval = true;
854 :
855 1 : test_maps = talloc_zero_array(memctx, struct id_map*, 3);
856 :
857 1 : test_maps[0] = talloc(test_maps, struct id_map);
858 1 : test_maps[1] = talloc(test_maps, struct id_map);
859 1 : test_maps[2] = NULL;
860 :
861 : /* ask for two unknown mappings for a UID and GID */
862 1 : test_maps[0]->sid = talloc(test_maps, struct dom_sid);
863 1 : test_maps[1]->sid = talloc(test_maps, struct dom_sid);
864 1 : test_maps[0]->xid.id = HIGH_ID - 1;
865 1 : test_maps[0]->xid.type = ID_TYPE_UID;
866 1 : test_maps[1]->xid.id = HIGH_ID - 1;
867 1 : test_maps[1]->xid.type = ID_TYPE_GID;
868 :
869 1 : status = idmap_tdb_common_unixids_to_sids(dom, test_maps);
870 1 : if(NT_STATUS_IS_OK(status)) {
871 0 : DEBUG(0, ("test_unixids2sids2: unixids2sids succeeded "
872 : "unexpectedly!\n"));
873 0 : retval = false;
874 0 : goto out;
875 : }
876 :
877 1 : DEBUG(0, ("test_unixids2sids2: PASSED!\n"));
878 :
879 1 : out:
880 1 : talloc_free(test_maps);
881 :
882 1 : return retval;;
883 : }
884 :
885 1 : static bool test_unixids2sids3(TALLOC_CTX *memctx, struct idmap_domain *dom)
886 : {
887 1 : NTSTATUS status;
888 1 : struct id_map uid_map, gid_map, **test_maps;
889 1 : bool retval = true;
890 :
891 1 : ZERO_STRUCT(uid_map);
892 1 : ZERO_STRUCT(gid_map);
893 :
894 : /* create two mappings for a UID and GID */
895 1 : uid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID6 "-1000");
896 1 : uid_map.xid.type = ID_TYPE_UID;
897 :
898 1 : gid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID6 "-1001");
899 1 : gid_map.xid.type = ID_TYPE_GID;
900 :
901 1 : status = idmap_tdb_common_new_mapping(dom, &uid_map);
902 1 : if(!NT_STATUS_IS_OK(status)) {
903 0 : DEBUG(0, ("test_unixids2sids3: could not create uid map!\n"));
904 0 : return false;
905 : }
906 :
907 1 : status = idmap_tdb_common_new_mapping(dom, &gid_map);
908 1 : if(!NT_STATUS_IS_OK(status)) {
909 0 : DEBUG(0, ("test_unixids2sids3: could not create gid map!\n"));
910 0 : return false;
911 : }
912 :
913 : /*
914 : * check the mapping states:
915 : * NONE_MAPPED, SOME_UNMAPPED, OK (all mapped)
916 : */
917 1 : test_maps = talloc_zero_array(memctx, struct id_map*, 3);
918 :
919 1 : test_maps[0] = talloc(test_maps, struct id_map);
920 1 : test_maps[1] = talloc(test_maps, struct id_map);
921 1 : test_maps[2] = NULL;
922 :
923 : /* NONE_MAPPED first */
924 1 : test_maps[0]->sid = talloc(test_maps, struct dom_sid);
925 1 : test_maps[1]->sid = talloc(test_maps, struct dom_sid);
926 :
927 1 : test_maps[0]->xid.id = HIGH_ID - 1;
928 1 : test_maps[0]->xid.type = ID_TYPE_UID;
929 :
930 1 : test_maps[1]->xid.id = HIGH_ID - 1;
931 1 : test_maps[1]->xid.type = ID_TYPE_GID;
932 :
933 1 : status = idmap_tdb_common_unixids_to_sids(dom, test_maps);
934 1 : if(!NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) {
935 0 : DEBUG(0, ("test_unixids2sids3: incorrect status "
936 : "(%s), expected NT_STATUS_NONE_MAPPED!\n",
937 : nt_errstr(status)));
938 0 : retval = false;
939 0 : goto out;
940 : }
941 :
942 : /* SOME_UNMAPPED */
943 1 : test_maps[0]->sid = talloc(test_maps, struct dom_sid);
944 1 : test_maps[1]->sid = talloc(test_maps, struct dom_sid);
945 1 : test_maps[0]->xid = uid_map.xid;
946 1 : test_maps[1]->xid.id = HIGH_ID - 1;
947 1 : test_maps[1]->xid.type = ID_TYPE_GID;
948 :
949 1 : status = idmap_tdb_common_unixids_to_sids(dom, test_maps);
950 1 : if(!NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
951 0 : DEBUG(0, ("test_unixids2sids3: incorrect status "
952 : "(%s), expected STATUS_SOME_UNMAPPED!\n",
953 : nt_errstr(status)));
954 0 : retval = false;
955 0 : goto out;
956 : }
957 :
958 : /* OK */
959 1 : test_maps[0]->sid = talloc(test_maps, struct dom_sid);
960 1 : test_maps[1]->sid = talloc(test_maps, struct dom_sid);
961 1 : test_maps[0]->xid = uid_map.xid;
962 1 : test_maps[1]->xid = gid_map.xid;
963 :
964 1 : status = idmap_tdb_common_unixids_to_sids(dom, test_maps);
965 1 : if(!NT_STATUS_IS_OK(status)) {
966 0 : DEBUG(0, ("test_unixids2sids3: incorrect status "
967 : "(%s), expected NT_STATUS_OK!\n",
968 : nt_errstr(status)));
969 0 : retval = false;
970 0 : goto out;
971 : }
972 :
973 1 : DEBUG(0, ("test_unixids2sids3: PASSED!\n"));
974 :
975 1 : out:
976 1 : talloc_free(test_maps);
977 1 : return retval;
978 : }
979 :
980 : #define CHECKRESULT(r) if(!r) {TALLOC_FREE(stack); return r;}
981 :
982 1 : bool run_idmap_tdb_common_test(int dummy)
983 : {
984 1 : bool result;
985 1 : struct idmap_domain *dom;
986 1 : TALLOC_CTX *stack = talloc_stackframe();
987 1 : TALLOC_CTX *memctx = talloc_new(stack);
988 1 : NTSTATUS status;
989 :
990 1 : dom = createdomain(memctx);
991 1 : if (dom == NULL) {
992 0 : TALLOC_FREE(stack);
993 0 : return false;
994 : }
995 :
996 1 : status = dom->methods->init(dom);
997 1 : if (!NT_STATUS_IS_OK(status)) {
998 0 : TALLOC_FREE(stack);
999 0 : return false;
1000 : }
1001 :
1002 : /* test a single allocation from pool (no mapping) */
1003 1 : result = test_getnewid1(memctx, dom);
1004 1 : CHECKRESULT(result);
1005 :
1006 : /* test idmap_tdb_common_set_mapping */
1007 1 : result = test_setmap1(memctx, dom);
1008 1 : CHECKRESULT(result);
1009 :
1010 : /* test idmap_tdb_common_sid_to_unixid */
1011 1 : result = test_sid2unixid1(memctx, dom);
1012 1 : CHECKRESULT(result);
1013 1 : result = test_sid2unixid2(memctx, dom);
1014 1 : CHECKRESULT(result);
1015 :
1016 : /* test idmap_tdb_common_sids_to_unixids */
1017 1 : result = test_sids2unixids1(memctx, dom);
1018 1 : CHECKRESULT(result);
1019 1 : result = test_sids2unixids2(memctx, dom);
1020 1 : CHECKRESULT(result);
1021 1 : result = test_sids2unixids3(memctx, dom);
1022 1 : CHECKRESULT(result);
1023 :
1024 : /* test idmap_tdb_common_unixid_to_sid */
1025 1 : result = test_unixid2sid1(memctx, dom);
1026 1 : CHECKRESULT(result);
1027 1 : result = test_unixid2sid2(memctx, dom);
1028 1 : CHECKRESULT(result);
1029 1 : result = test_unixid2sid3(memctx, dom);
1030 1 : CHECKRESULT(result);
1031 :
1032 : /* test idmap_tdb_common_unixids_to_sids */
1033 1 : result = test_unixids2sids1(memctx, dom);
1034 1 : CHECKRESULT(result);
1035 1 : result = test_unixids2sids2(memctx, dom);
1036 1 : CHECKRESULT(result);
1037 1 : result = test_unixids2sids3(memctx, dom);
1038 1 : CHECKRESULT(result);
1039 :
1040 : /* test filling up the range */
1041 1 : result = test_getnewid2(memctx, dom);
1042 1 : CHECKRESULT(result);
1043 :
1044 1 : talloc_free(stack);
1045 :
1046 1 : return true;
1047 : }
|
