projects / reactos.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[ROSTESTS]
[reactos.git] / rostests / winetests / advapi32 / lsa.c
1 /*
2 * Unit tests for lsa functions
3 *
4 * Copyright (c) 2006 Robert Reif
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 */
20
21 #include <stdarg.h>
22 #include <stdio.h>
23
24 #include "ntstatus.h"
25 #define WIN32_NO_STATUS
26 #define _INC_WINDOWS
27 #define COM_NO_WINDOWS_H
28 #include "windef.h"
29 #include "winbase.h"
30 #include "winreg.h"
31 #include "ntsecapi.h"
32 #include "sddl.h"
33 #include "winnls.h"
34 #include "objbase.h"
35 #include "initguid.h"
36 #include "wine/test.h"
37
38 DEFINE_GUID(GUID_NULL,0,0,0,0,0,0,0,0,0,0,0);
39
40 static HMODULE hadvapi32;
41 static NTSTATUS (WINAPI *pLsaClose)(LSA_HANDLE);
42 static NTSTATUS (WINAPI *pLsaEnumerateAccountRights)(LSA_HANDLE,PSID,PLSA_UNICODE_STRING*,PULONG);
43 static NTSTATUS (WINAPI *pLsaFreeMemory)(PVOID);
44 static NTSTATUS (WINAPI *pLsaOpenPolicy)(PLSA_UNICODE_STRING,PLSA_OBJECT_ATTRIBUTES,ACCESS_MASK,PLSA_HANDLE);
45 static NTSTATUS (WINAPI *pLsaQueryInformationPolicy)(LSA_HANDLE,POLICY_INFORMATION_CLASS,PVOID*);
46 static BOOL (WINAPI *pConvertSidToStringSidA)(PSID,LPSTR*);
47 static NTSTATUS (WINAPI *pLsaLookupNames2)(LSA_HANDLE,ULONG,ULONG,PLSA_UNICODE_STRING,PLSA_REFERENCED_DOMAIN_LIST*,PLSA_TRANSLATED_SID2*);
48 static NTSTATUS (WINAPI *pLsaLookupSids)(LSA_HANDLE,ULONG,PSID*,LSA_REFERENCED_DOMAIN_LIST**,LSA_TRANSLATED_NAME**);
49
50 static BOOL init(void)
51 {
52 hadvapi32 = GetModuleHandleA("advapi32.dll");
53
54 pLsaClose = (void*)GetProcAddress(hadvapi32, "LsaClose");
55 pLsaEnumerateAccountRights = (void*)GetProcAddress(hadvapi32, "LsaEnumerateAccountRights");
56 pLsaFreeMemory = (void*)GetProcAddress(hadvapi32, "LsaFreeMemory");
57 pLsaOpenPolicy = (void*)GetProcAddress(hadvapi32, "LsaOpenPolicy");
58 pLsaQueryInformationPolicy = (void*)GetProcAddress(hadvapi32, "LsaQueryInformationPolicy");
59 pConvertSidToStringSidA = (void*)GetProcAddress(hadvapi32, "ConvertSidToStringSidA");
60 pLsaLookupNames2 = (void*)GetProcAddress(hadvapi32, "LsaLookupNames2");
61 pLsaLookupSids = (void*)GetProcAddress(hadvapi32, "LsaLookupSids");
62
63 if (pLsaClose && pLsaEnumerateAccountRights && pLsaFreeMemory && pLsaOpenPolicy && pLsaQueryInformationPolicy && pConvertSidToStringSidA)
64 return TRUE;
65
66 return FALSE;
67 }
68
69 static void test_lsa(void)
70 {
71 NTSTATUS status;
72 LSA_HANDLE handle;
73 LSA_OBJECT_ATTRIBUTES object_attributes;
74
75 ZeroMemory(&object_attributes, sizeof(object_attributes));
76 object_attributes.Length = sizeof(object_attributes);
77
78 status = pLsaOpenPolicy( NULL, &object_attributes, POLICY_ALL_ACCESS, &handle);
79 ok(status == STATUS_SUCCESS || status == STATUS_ACCESS_DENIED,
80 "LsaOpenPolicy(POLICY_ALL_ACCESS) returned 0x%08x\n", status);
81
82 /* try a more restricted access mask if necessary */
83 if (status == STATUS_ACCESS_DENIED) {
84 trace("LsaOpenPolicy(POLICY_ALL_ACCESS) failed, trying POLICY_VIEW_LOCAL_INFORMATION|POLICY_LOOKUP_NAMES\n");
85 status = pLsaOpenPolicy( NULL, &object_attributes, POLICY_VIEW_LOCAL_INFORMATION|POLICY_LOOKUP_NAMES, &handle);
86 ok(status == STATUS_SUCCESS, "LsaOpenPolicy(POLICY_VIEW_LOCAL_INFORMATION|POLICY_LOOKUP_NAMES) returned 0x%08x\n", status);
87 }
88
89 if (status == STATUS_SUCCESS) {
90 PPOLICY_AUDIT_EVENTS_INFO audit_events_info;
91 PPOLICY_PRIMARY_DOMAIN_INFO primary_domain_info;
92 PPOLICY_ACCOUNT_DOMAIN_INFO account_domain_info;
93 PPOLICY_DNS_DOMAIN_INFO dns_domain_info;
94 HANDLE token;
95 BOOL ret;
96
97 status = pLsaQueryInformationPolicy(handle, PolicyAuditEventsInformation, (PVOID*)&audit_events_info);
98 if (status == STATUS_ACCESS_DENIED)
99 skip("Not enough rights to retrieve PolicyAuditEventsInformation\n");
100 else
101 ok(status == STATUS_SUCCESS, "LsaQueryInformationPolicy(PolicyAuditEventsInformation) failed, returned 0x%08x\n", status);
102 if (status == STATUS_SUCCESS) {
103 pLsaFreeMemory((LPVOID)audit_events_info);
104 }
105
106 status = pLsaQueryInformationPolicy(handle, PolicyPrimaryDomainInformation, (PVOID*)&primary_domain_info);
107 ok(status == STATUS_SUCCESS, "LsaQueryInformationPolicy(PolicyPrimaryDomainInformation) failed, returned 0x%08x\n", status);
108 if (status == STATUS_SUCCESS) {
109 if (primary_domain_info->Sid) {
110 LPSTR strsid;
111 if (pConvertSidToStringSidA(primary_domain_info->Sid, &strsid))
112 {
113 if (primary_domain_info->Name.Buffer) {
114 LPSTR name = NULL;
115 UINT len;
116 len = WideCharToMultiByte( CP_ACP, 0, primary_domain_info->Name.Buffer, -1, NULL, 0, NULL, NULL );
117 name = LocalAlloc( 0, len );
118 WideCharToMultiByte( CP_ACP, 0, primary_domain_info->Name.Buffer, -1, name, len, NULL, NULL );
119 trace(" name: %s sid: %s\n", name, strsid);
120 LocalFree( name );
121 } else
122 trace(" name: NULL sid: %s\n", strsid);
123 LocalFree( strsid );
124 }
125 else
126 trace("invalid sid\n");
127 }
128 else
129 trace("Running on a standalone system.\n");
130 pLsaFreeMemory((LPVOID)primary_domain_info);
131 }
132
133 status = pLsaQueryInformationPolicy(handle, PolicyAccountDomainInformation, (PVOID*)&account_domain_info);
134 ok(status == STATUS_SUCCESS, "LsaQueryInformationPolicy(PolicyAccountDomainInformation) failed, returned 0x%08x\n", status);
135 if (status == STATUS_SUCCESS) {
136 pLsaFreeMemory((LPVOID)account_domain_info);
137 }
138
139 /* This isn't supported in NT4 */
140 status = pLsaQueryInformationPolicy(handle, PolicyDnsDomainInformation, (PVOID*)&dns_domain_info);
141 ok(status == STATUS_SUCCESS || status == STATUS_INVALID_PARAMETER,
142 "LsaQueryInformationPolicy(PolicyDnsDomainInformation) failed, returned 0x%08x\n", status);
143 if (status == STATUS_SUCCESS) {
144 if (dns_domain_info->Sid || !IsEqualGUID(&dns_domain_info->DomainGuid, &GUID_NULL)) {
145 LPSTR strsid = NULL;
146 LPSTR name = NULL;
147 LPSTR domain = NULL;
148 LPSTR forest = NULL;
149 LPSTR guidstr = NULL;
150 WCHAR guidstrW[64];
151 UINT len;
152 guidstrW[0] = '\0';
153 pConvertSidToStringSidA(dns_domain_info->Sid, &strsid);
154 StringFromGUID2(&dns_domain_info->DomainGuid, guidstrW, sizeof(guidstrW)/sizeof(WCHAR));
155 len = WideCharToMultiByte( CP_ACP, 0, guidstrW, -1, NULL, 0, NULL, NULL );
156 guidstr = LocalAlloc( 0, len );
157 WideCharToMultiByte( CP_ACP, 0, guidstrW, -1, guidstr, len, NULL, NULL );
158 if (dns_domain_info->Name.Buffer) {
159 len = WideCharToMultiByte( CP_ACP, 0, dns_domain_info->Name.Buffer, -1, NULL, 0, NULL, NULL );
160 name = LocalAlloc( 0, len );
161 WideCharToMultiByte( CP_ACP, 0, dns_domain_info->Name.Buffer, -1, name, len, NULL, NULL );
162 }
163 if (dns_domain_info->DnsDomainName.Buffer) {
164 len = WideCharToMultiByte( CP_ACP, 0, dns_domain_info->DnsDomainName.Buffer, -1, NULL, 0, NULL, NULL );
165 domain = LocalAlloc( 0, len );
166 WideCharToMultiByte( CP_ACP, 0, dns_domain_info->DnsDomainName.Buffer, -1, domain, len, NULL, NULL );
167 }
168 if (dns_domain_info->DnsForestName.Buffer) {
169 len = WideCharToMultiByte( CP_ACP, 0, dns_domain_info->DnsForestName.Buffer, -1, NULL, 0, NULL, NULL );
170 forest = LocalAlloc( 0, len );
171 WideCharToMultiByte( CP_ACP, 0, dns_domain_info->DnsForestName.Buffer, -1, forest, len, NULL, NULL );
172 }
173 trace(" name: %s domain: %s forest: %s guid: %s sid: %s\n",
174 name ? name : "NULL", domain ? domain : "NULL",
175 forest ? forest : "NULL", guidstr, strsid ? strsid : "NULL");
176 LocalFree( name );
177 LocalFree( forest );
178 LocalFree( domain );
179 LocalFree( guidstr );
180 LocalFree( strsid );
181 }
182 else
183 trace("Running on a standalone system.\n");
184 pLsaFreeMemory((LPVOID)dns_domain_info);
185 }
186
187 /* We need a valid SID to pass to LsaEnumerateAccountRights */
188 ret = OpenProcessToken( GetCurrentProcess(), TOKEN_QUERY, &token );
189 ok(ret, "Unable to obtain process token, error %u\n", GetLastError( ));
190 if (ret) {
191 char buffer[64];
192 DWORD len;
193 TOKEN_USER *token_user = (TOKEN_USER *) buffer;
194 ret = GetTokenInformation( token, TokenUser, (LPVOID) token_user, sizeof(buffer), &len );
195 ok(ret || GetLastError( ) == ERROR_INSUFFICIENT_BUFFER, "Unable to obtain token information, error %u\n", GetLastError( ));
196 if (! ret && GetLastError( ) == ERROR_INSUFFICIENT_BUFFER) {
197 trace("Resizing buffer to %u.\n", len);
198 token_user = LocalAlloc( 0, len );
199 if (token_user != NULL)
200 ret = GetTokenInformation( token, TokenUser, (LPVOID) token_user, len, &len );
201 }
202
203 if (ret) {
204 PLSA_UNICODE_STRING rights;
205 ULONG rights_count;
206 rights = (PLSA_UNICODE_STRING) 0xdeadbeaf;
207 rights_count = 0xcafecafe;
208 status = pLsaEnumerateAccountRights(handle, token_user->User.Sid, &rights, &rights_count);
209 ok(status == STATUS_SUCCESS || status == STATUS_OBJECT_NAME_NOT_FOUND, "Unexpected status 0x%x\n", status);
210 if (status == STATUS_SUCCESS)
211 pLsaFreeMemory( rights );
212 else
213 ok(rights == NULL && rights_count == 0, "Expected rights and rights_count to be set to 0 on failure\n");
214 }
215 if (token_user != NULL && token_user != (TOKEN_USER *) buffer)
216 LocalFree( token_user );
217 CloseHandle( token );
218 }
219
220 status = pLsaClose(handle);
221 ok(status == STATUS_SUCCESS, "LsaClose() failed, returned 0x%08x\n", status);
222 }
223 }
224
225 static void get_sid_info(PSID psid, LPSTR *user, LPSTR *dom)
226 {
227 static char account[257], domain[257];
228 DWORD user_size, dom_size;
229 SID_NAME_USE use;
230 BOOL ret;
231
232 *user = account;
233 *dom = domain;
234
235 user_size = dom_size = 257;
236 account[0] = domain[0] = 0;
237 ret = LookupAccountSidA(NULL, psid, account, &user_size, domain, &dom_size, &use);
238 ok(ret, "LookupAccountSidA failed %u\n", GetLastError());
239 }
240
241 static void test_LsaLookupNames2(void)
242 {
243 static const WCHAR n1[] = {'L','O','C','A','L',' ','S','E','R','V','I','C','E'};
244 static const WCHAR n2[] = {'N','T',' ','A','U','T','H','O','R','I','T','Y','\\','L','o','c','a','l','S','e','r','v','i','c','e'};
245
246 NTSTATUS status;
247 LSA_HANDLE handle;
248 LSA_OBJECT_ATTRIBUTES attrs;
249 PLSA_REFERENCED_DOMAIN_LIST domains;
250 PLSA_TRANSLATED_SID2 sids;
251 LSA_UNICODE_STRING name[3];
252 LPSTR account, sid_dom;
253
254 if (!pLsaLookupNames2)
255 {
256 win_skip("LsaLookupNames2 not available\n");
257 return;
258 }
259
260 if ((PRIMARYLANGID(LANGIDFROMLCID(GetSystemDefaultLCID())) != LANG_ENGLISH) ||
261 (PRIMARYLANGID(LANGIDFROMLCID(GetThreadLocale())) != LANG_ENGLISH))
262 {
263 skip("Non-English locale (skipping LsaLookupNames2 tests)\n");
264 return;
265 }
266
267 memset(&attrs, 0, sizeof(attrs));
268 attrs.Length = sizeof(attrs);
269
270 status = pLsaOpenPolicy(NULL, &attrs, POLICY_ALL_ACCESS, &handle);
271 ok(status == STATUS_SUCCESS || status == STATUS_ACCESS_DENIED,
272 "LsaOpenPolicy(POLICY_ALL_ACCESS) returned 0x%08x\n", status);
273
274 /* try a more restricted access mask if necessary */
275 if (status == STATUS_ACCESS_DENIED)
276 {
277 trace("LsaOpenPolicy(POLICY_ALL_ACCESS) failed, trying POLICY_VIEW_LOCAL_INFORMATION\n");
278 status = pLsaOpenPolicy(NULL, &attrs, POLICY_LOOKUP_NAMES, &handle);
279 ok(status == STATUS_SUCCESS, "LsaOpenPolicy(POLICY_VIEW_LOCAL_INFORMATION) returned 0x%08x\n", status);
280 }
281 if (status != STATUS_SUCCESS)
282 {
283 skip("Cannot acquire policy handle\n");
284 return;
285 }
286
287 name[0].Buffer = HeapAlloc(GetProcessHeap(), 0, sizeof(n1));
288 name[0].Length = name[0].MaximumLength = sizeof(n1);
289 memcpy(name[0].Buffer, n1, sizeof(n1));
290
291 name[1].Buffer = HeapAlloc(GetProcessHeap(), 0, sizeof(n1));
292 name[1].Length = name[1].MaximumLength = sizeof(n1) - sizeof(WCHAR);
293 memcpy(name[1].Buffer, n1, sizeof(n1) - sizeof(WCHAR));
294
295 name[2].Buffer = HeapAlloc(GetProcessHeap(), 0, sizeof(n2));
296 name[2].Length = name[2].MaximumLength = sizeof(n2);
297 memcpy(name[2].Buffer, n2, sizeof(n2));
298
299 /* account name only */
300 sids = NULL;
301 domains = NULL;
302 status = pLsaLookupNames2(handle, 0, 1, &name[0], &domains, &sids);
303 ok(status == STATUS_SUCCESS, "expected STATUS_SUCCESS, got %x)\n", status);
304 ok(sids[0].Use == SidTypeWellKnownGroup, "expected SidTypeWellKnownGroup, got %u\n", sids[0].Use);
305 ok(sids[0].Flags == 0, "expected 0, got 0x%08x\n", sids[0].Flags);
306 ok(domains->Entries == 1, "expected 1, got %u\n", domains->Entries);
307 get_sid_info(sids[0].Sid, &account, &sid_dom);
308 ok(!strcmp(account, "LOCAL SERVICE"), "expected \"LOCAL SERVICE\", got \"%s\"\n", account);
309 ok(!strcmp(sid_dom, "NT AUTHORITY"), "expected \"NT AUTHORITY\", got \"%s\"\n", sid_dom);
310 pLsaFreeMemory(sids);
311 pLsaFreeMemory(domains);
312
313 /* unknown account name */
314 sids = NULL;
315 domains = NULL;
316 status = pLsaLookupNames2(handle, 0, 1, &name[1], &domains, &sids);
317 ok(status == STATUS_NONE_MAPPED, "expected STATUS_NONE_MAPPED, got %x)\n", status);
318 ok(sids[0].Use == SidTypeUnknown, "expected SidTypeUnknown, got %u\n", sids[0].Use);
319 ok(sids[0].Flags == 0, "expected 0, got 0x%08x\n", sids[0].Flags);
320 ok(domains->Entries == 0, "expected 0, got %u\n", domains->Entries);
321 pLsaFreeMemory(sids);
322 pLsaFreeMemory(domains);
323
324 /* account + domain */
325 sids = NULL;
326 domains = NULL;
327 status = pLsaLookupNames2(handle, 0, 1, &name[2], &domains, &sids);
328 ok(status == STATUS_SUCCESS, "expected STATUS_SUCCESS, got %x)\n", status);
329 ok(sids[0].Use == SidTypeWellKnownGroup, "expected SidTypeWellKnownGroup, got %u\n", sids[0].Use);
330 ok(sids[0].Flags == 0, "expected 0, got 0x%08x\n", sids[0].Flags);
331 ok(domains->Entries == 1, "expected 1, got %u\n", domains->Entries);
332 get_sid_info(sids[0].Sid, &account, &sid_dom);
333 ok(!strcmp(account, "LOCAL SERVICE"), "expected \"LOCAL SERVICE\", got \"%s\"\n", account);
334 ok(!strcmp(sid_dom, "NT AUTHORITY"), "expected \"NT AUTHORITY\", got \"%s\"\n", sid_dom);
335 pLsaFreeMemory(sids);
336 pLsaFreeMemory(domains);
337
338 /* all three */
339 sids = NULL;
340 domains = NULL;
341 status = pLsaLookupNames2(handle, 0, 3, name, &domains, &sids);
342 ok(status == STATUS_SOME_NOT_MAPPED, "expected STATUS_SOME_NOT_MAPPED, got %x)\n", status);
343 ok(sids[0].Use == SidTypeWellKnownGroup, "expected SidTypeWellKnownGroup, got %u\n", sids[0].Use);
344 ok(sids[1].Use == SidTypeUnknown, "expected SidTypeUnknown, got %u\n", sids[1].Use);
345 ok(sids[2].Use == SidTypeWellKnownGroup, "expected SidTypeWellKnownGroup, got %u\n", sids[2].Use);
346 ok(sids[0].DomainIndex == 0, "expected 0, got %u\n", sids[0].DomainIndex);
347 ok(domains->Entries == 1, "expected 1, got %u\n", domains->Entries);
348 pLsaFreeMemory(sids);
349 pLsaFreeMemory(domains);
350
351 HeapFree(GetProcessHeap(), 0, name[0].Buffer);
352 HeapFree(GetProcessHeap(), 0, name[1].Buffer);
353 HeapFree(GetProcessHeap(), 0, name[2].Buffer);
354
355 status = pLsaClose(handle);
356 ok(status == STATUS_SUCCESS, "LsaClose() failed, returned 0x%08x\n", status);
357 }
358
359 static void test_LsaLookupSids(void)
360 {
361 LSA_REFERENCED_DOMAIN_LIST *list;
362 LSA_OBJECT_ATTRIBUTES attrs;
363 LSA_TRANSLATED_NAME *names;
364 LSA_HANDLE policy;
365 TOKEN_USER *user;
366 NTSTATUS status;
367 HANDLE token;
368 DWORD size;
369 BOOL ret;
370
371 memset(&attrs, 0, sizeof(attrs));
372 attrs.Length = sizeof(attrs);
373
374 status = pLsaOpenPolicy(NULL, &attrs, POLICY_LOOKUP_NAMES, &policy);
375 ok(status == STATUS_SUCCESS, "got 0x%08x\n", status);
376
377 ret = OpenProcessToken(GetCurrentProcess(), MAXIMUM_ALLOWED, &token);
378 ok(ret, "got %d\n", ret);
379
380 ret = GetTokenInformation(token, TokenUser, NULL, 0, &size);
381 ok(!ret, "got %d\n", ret);
382
383 user = HeapAlloc(GetProcessHeap(), 0, size);
384 ret = GetTokenInformation(token, TokenUser, user, size, &size);
385 ok(ret, "got %d\n", ret);
386
387 status = pLsaLookupSids(policy, 1, &user->User.Sid, &list, &names);
388 ok(status == STATUS_SUCCESS, "got 0x%08x\n", status);
389
390 ok(list->Entries > 0, "got %d\n", list->Entries);
391 if (list->Entries)
392 {
393 ok((char*)list->Domains - (char*)list > 0, "%p, %p\n", list, list->Domains);
394 ok((char*)list->Domains[0].Sid - (char*)list->Domains > 0, "%p, %p\n", list->Domains, list->Domains[0].Sid);
395 ok(list->Domains[0].Name.MaximumLength > list->Domains[0].Name.Length, "got %d, %d\n", list->Domains[0].Name.MaximumLength,
396 list->Domains[0].Name.Length);
397 }
398
399 pLsaFreeMemory(names);
400 pLsaFreeMemory(list);
401
402 HeapFree(GetProcessHeap(), 0, user);
403
404 CloseHandle(token);
405
406 status = pLsaClose(policy);
407 ok(status == STATUS_SUCCESS, "got 0x%08x\n", status);
408 }
409
410 START_TEST(lsa)
411 {
412 if (!init()) {
413 win_skip("Needed functions are not available\n");
414 return;
415 }
416
417 test_lsa();
418 test_LsaLookupNames2();
419 test_LsaLookupSids();
420 }
A free Windows-compatible Operating System