smbtorture: add a test opening a READ-ONLY file with SEC_FLAG_MAXIMUM_ALLOWED

Passes against Windows, currently fails against Samba.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14215
RN: Requesting maximum allowed permission of file with DOS read-only attribute results in access denied error

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/selftest/knownfail.d/samba3.smb2.maximum_allowed.read_only b/selftest/knownfail.d/samba3.smb2.maximum_allowed.read_only
new file mode 100644 (file)
index 0000000..80fb1a3
--- /dev/null
+++ b/selftest/knownfail.d/samba3.smb2.maximum_allowed.read_only
@@ -0,0 +1 @@
+^samba3.smb2.maximum_allowed.read_only

diff --git a/source4/torture/smb2/max_allowed.c b/source4/torture/smb2/max_allowed.c
index e70f0c865a3d74d3cc99da3511b5cda12dcfedbd..af8b08ac9a92170439a6624d08f8df9b8a4ab57d 100644 (file)
--- a/source4/torture/smb2/max_allowed.c
+++ b/source4/torture/smb2/max_allowed.c
@@ -191,10 +191,58 @@ static bool torture_smb2_maximum_allowed(struct torture_context *tctx,
        return ret;
 }
 
+static bool torture_smb2_read_only_file(struct torture_context *tctx,
+                                       struct smb2_tree *tree)
+{
+       struct smb2_create c;
+       struct smb2_handle h = {{0}};
+       bool ret = true;
+       NTSTATUS status;
+
+       smb2_deltree(tree, MAXIMUM_ALLOWED_FILE);
+
+       c = (struct smb2_create) {
+               .in.desired_access = SEC_RIGHTS_FILE_ALL,
+               .in.file_attributes = FILE_ATTRIBUTE_READONLY,
+               .in.create_disposition = NTCREATEX_DISP_CREATE,
+               .in.fname = MAXIMUM_ALLOWED_FILE,
+       };
+
+       status = smb2_create(tree, tctx, &c);
+       torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+                                       "smb2_create failed\n");
+       h = c.out.file.handle;
+       smb2_util_close(tree, h);
+       ZERO_STRUCT(h);
+
+       c = (struct smb2_create) {
+               .in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED,
+               .in.file_attributes = FILE_ATTRIBUTE_READONLY,
+               .in.create_disposition = NTCREATEX_DISP_OPEN,
+               .in.fname = MAXIMUM_ALLOWED_FILE,
+       };
+
+       status = smb2_create(tree, tctx, &c);
+       torture_assert_ntstatus_ok_goto(
+               tctx, status, ret, done,
+               "Failed to open READ-ONLY file with SEC_FLAG_MAXIMUM_ALLOWED\n");
+       h = c.out.file.handle;
+       smb2_util_close(tree, h);
+       ZERO_STRUCT(h);
+
+done:
+       if (!smb2_util_handle_empty(h)) {
+               smb2_util_close(tree, h);
+       }
+       smb2_deltree(tree, MAXIMUM_ALLOWED_FILE);
+       return ret;
+}
+
 struct torture_suite *torture_smb2_max_allowed(TALLOC_CTX *ctx)
 {
        struct torture_suite *suite = torture_suite_create(ctx, "maximum_allowed");
 
        torture_suite_add_1smb2_test(suite, "maximum_allowed", torture_smb2_maximum_allowed);
+       torture_suite_add_1smb2_test(suite, "read_only", torture_smb2_read_only_file);
        return suite;
 }