2 * Unit tests for lsa functions
4 * Copyright (c) 2006 Robert Reif
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
25 #define WIN32_NO_STATUS
34 #include "wine/test.h"
36 DEFINE_GUID(GUID_NULL
,0,0,0,0,0,0,0,0,0,0,0);
38 static HMODULE hadvapi32
;
39 static NTSTATUS (WINAPI
*pLsaClose
)(LSA_HANDLE
);
40 static NTSTATUS (WINAPI
*pLsaEnumerateAccountRights
)(LSA_HANDLE
,PSID
,PLSA_UNICODE_STRING
*,PULONG
);
41 static NTSTATUS (WINAPI
*pLsaFreeMemory
)(PVOID
);
42 static NTSTATUS (WINAPI
*pLsaOpenPolicy
)(PLSA_UNICODE_STRING
,PLSA_OBJECT_ATTRIBUTES
,ACCESS_MASK
,PLSA_HANDLE
);
43 static NTSTATUS (WINAPI
*pLsaQueryInformationPolicy
)(LSA_HANDLE
,POLICY_INFORMATION_CLASS
,PVOID
*);
44 static BOOL (WINAPI
*pConvertSidToStringSidA
)(PSID pSid
, LPSTR
*str
);
46 static BOOL
init(void)
48 hadvapi32
= GetModuleHandle("advapi32.dll");
50 pLsaClose
= (void*)GetProcAddress(hadvapi32
, "LsaClose");
51 pLsaEnumerateAccountRights
= (void*)GetProcAddress(hadvapi32
, "LsaEnumerateAccountRights");
52 pLsaFreeMemory
= (void*)GetProcAddress(hadvapi32
, "LsaFreeMemory");
53 pLsaOpenPolicy
= (void*)GetProcAddress(hadvapi32
, "LsaOpenPolicy");
54 pLsaQueryInformationPolicy
= (void*)GetProcAddress(hadvapi32
, "LsaQueryInformationPolicy");
55 pConvertSidToStringSidA
= (void*)GetProcAddress(hadvapi32
, "ConvertSidToStringSidA");
57 if (pLsaClose
&& pLsaEnumerateAccountRights
&& pLsaFreeMemory
&& pLsaOpenPolicy
&& pLsaQueryInformationPolicy
&& pConvertSidToStringSidA
)
63 static void test_lsa(void)
67 LSA_OBJECT_ATTRIBUTES object_attributes
;
69 ZeroMemory(&object_attributes
, sizeof(object_attributes
));
70 object_attributes
.Length
= sizeof(object_attributes
);
72 status
= pLsaOpenPolicy( NULL
, &object_attributes
, POLICY_ALL_ACCESS
, &handle
);
73 ok(status
== STATUS_SUCCESS
|| status
== STATUS_ACCESS_DENIED
,
74 "LsaOpenPolicy(POLICY_ALL_ACCESS) returned 0x%08x\n", status
);
76 /* try a more restricted access mask if necessary */
77 if (status
== STATUS_ACCESS_DENIED
) {
78 trace("LsaOpenPolicy(POLICY_ALL_ACCESS) failed, trying POLICY_VIEW_LOCAL_INFORMATION|POLICY_LOOKUP_NAMES\n");
79 status
= pLsaOpenPolicy( NULL
, &object_attributes
, POLICY_VIEW_LOCAL_INFORMATION
|POLICY_LOOKUP_NAMES
, &handle
);
80 ok(status
== STATUS_SUCCESS
, "LsaOpenPolicy(POLICY_VIEW_LOCAL_INFORMATION|POLICY_LOOKUP_NAMES) returned 0x%08x\n", status
);
83 if (status
== STATUS_SUCCESS
) {
84 PPOLICY_AUDIT_EVENTS_INFO audit_events_info
;
85 PPOLICY_PRIMARY_DOMAIN_INFO primary_domain_info
;
86 PPOLICY_ACCOUNT_DOMAIN_INFO account_domain_info
;
87 PPOLICY_DNS_DOMAIN_INFO dns_domain_info
;
91 status
= pLsaQueryInformationPolicy(handle
, PolicyAuditEventsInformation
, (PVOID
*)&audit_events_info
);
92 if (status
== STATUS_ACCESS_DENIED
)
93 skip("Not enough rights to retrieve PolicyAuditEventsInformation\n");
95 ok(status
== STATUS_SUCCESS
, "LsaQueryInformationPolicy(PolicyAuditEventsInformation) failed, returned 0x%08x\n", status
);
96 if (status
== STATUS_SUCCESS
) {
97 pLsaFreeMemory((LPVOID
)audit_events_info
);
100 status
= pLsaQueryInformationPolicy(handle
, PolicyPrimaryDomainInformation
, (PVOID
*)&primary_domain_info
);
101 ok(status
== STATUS_SUCCESS
, "LsaQueryInformationPolicy(PolicyPrimaryDomainInformation) failed, returned 0x%08x\n", status
);
102 if (status
== STATUS_SUCCESS
) {
103 if (primary_domain_info
->Sid
) {
105 if (pConvertSidToStringSidA(primary_domain_info
->Sid
, &strsid
))
107 if (primary_domain_info
->Name
.Buffer
) {
110 len
= WideCharToMultiByte( CP_ACP
, 0, primary_domain_info
->Name
.Buffer
, -1, NULL
, 0, NULL
, NULL
);
111 name
= LocalAlloc( 0, len
);
112 WideCharToMultiByte( CP_ACP
, 0, primary_domain_info
->Name
.Buffer
, -1, name
, len
, NULL
, NULL
);
113 trace(" name: %s sid: %s\n", name
, strsid
);
116 trace(" name: NULL sid: %s\n", strsid
);
120 trace("invalid sid\n");
123 trace("Running on a standalone system.\n");
124 pLsaFreeMemory((LPVOID
)primary_domain_info
);
127 status
= pLsaQueryInformationPolicy(handle
, PolicyAccountDomainInformation
, (PVOID
*)&account_domain_info
);
128 ok(status
== STATUS_SUCCESS
, "LsaQueryInformationPolicy(PolicyAccountDomainInformation) failed, returned 0x%08x\n", status
);
129 if (status
== STATUS_SUCCESS
) {
130 pLsaFreeMemory((LPVOID
)account_domain_info
);
133 /* This isn't supported in NT4 */
134 status
= pLsaQueryInformationPolicy(handle
, PolicyDnsDomainInformation
, (PVOID
*)&dns_domain_info
);
135 ok(status
== STATUS_SUCCESS
|| status
== STATUS_INVALID_PARAMETER
,
136 "LsaQueryInformationPolicy(PolicyDnsDomainInformation) failed, returned 0x%08x\n", status
);
137 if (status
== STATUS_SUCCESS
) {
138 if (dns_domain_info
->Sid
|| !IsEqualGUID(&dns_domain_info
->DomainGuid
, &GUID_NULL
)) {
143 LPSTR guidstr
= NULL
;
147 pConvertSidToStringSidA(dns_domain_info
->Sid
, &strsid
);
148 StringFromGUID2(&dns_domain_info
->DomainGuid
, guidstrW
, sizeof(guidstrW
)/sizeof(WCHAR
));
149 len
= WideCharToMultiByte( CP_ACP
, 0, guidstrW
, -1, NULL
, 0, NULL
, NULL
);
150 guidstr
= LocalAlloc( 0, len
);
151 WideCharToMultiByte( CP_ACP
, 0, guidstrW
, -1, guidstr
, len
, NULL
, NULL
);
152 if (dns_domain_info
->Name
.Buffer
) {
153 len
= WideCharToMultiByte( CP_ACP
, 0, dns_domain_info
->Name
.Buffer
, -1, NULL
, 0, NULL
, NULL
);
154 name
= LocalAlloc( 0, len
);
155 WideCharToMultiByte( CP_ACP
, 0, dns_domain_info
->Name
.Buffer
, -1, name
, len
, NULL
, NULL
);
157 if (dns_domain_info
->DnsDomainName
.Buffer
) {
158 len
= WideCharToMultiByte( CP_ACP
, 0, dns_domain_info
->DnsDomainName
.Buffer
, -1, NULL
, 0, NULL
, NULL
);
159 domain
= LocalAlloc( 0, len
);
160 WideCharToMultiByte( CP_ACP
, 0, dns_domain_info
->DnsDomainName
.Buffer
, -1, domain
, len
, NULL
, NULL
);
162 if (dns_domain_info
->DnsForestName
.Buffer
) {
163 len
= WideCharToMultiByte( CP_ACP
, 0, dns_domain_info
->DnsForestName
.Buffer
, -1, NULL
, 0, NULL
, NULL
);
164 forest
= LocalAlloc( 0, len
);
165 WideCharToMultiByte( CP_ACP
, 0, dns_domain_info
->DnsForestName
.Buffer
, -1, forest
, len
, NULL
, NULL
);
167 trace(" name: %s domain: %s forest: %s guid: %s sid: %s\n",
168 name
? name
: "NULL", domain
? domain
: "NULL",
169 forest
? forest
: "NULL", guidstr
, strsid
? strsid
: "NULL");
173 LocalFree( guidstr
);
177 trace("Running on a standalone system.\n");
178 pLsaFreeMemory((LPVOID
)dns_domain_info
);
181 /* We need a valid SID to pass to LsaEnumerateAccountRights */
182 ret
= OpenProcessToken( GetCurrentProcess(), TOKEN_QUERY
, &token
);
183 ok(ret
, "Unable to obtain process token, error %u\n", GetLastError( ));
187 TOKEN_USER
*token_user
= (TOKEN_USER
*) buffer
;
188 ret
= GetTokenInformation( token
, TokenUser
, (LPVOID
) token_user
, sizeof(buffer
), &len
);
189 ok(ret
|| GetLastError( ) == ERROR_INSUFFICIENT_BUFFER
, "Unable to obtain token information, error %u\n", GetLastError( ));
190 if (! ret
&& GetLastError( ) == ERROR_INSUFFICIENT_BUFFER
) {
191 trace("Resizing buffer to %u.\n", len
);
192 token_user
= LocalAlloc( 0, len
);
193 if (token_user
!= NULL
)
194 ret
= GetTokenInformation( token
, TokenUser
, (LPVOID
) token_user
, len
, &len
);
198 PLSA_UNICODE_STRING rights
;
200 rights
= (PLSA_UNICODE_STRING
) 0xdeadbeaf;
201 rights_count
= 0xcafecafe;
202 status
= pLsaEnumerateAccountRights(handle
, token_user
->User
.Sid
, &rights
, &rights_count
);
203 ok(status
== STATUS_SUCCESS
|| status
== STATUS_OBJECT_NAME_NOT_FOUND
, "Unexpected status 0x%x\n", status
);
204 if (status
== STATUS_SUCCESS
)
205 pLsaFreeMemory( rights
);
207 ok(rights
== NULL
&& rights_count
== 0, "Expected rights and rights_count to be set to 0 on failure\n");
209 if (token_user
!= NULL
&& token_user
!= (TOKEN_USER
*) buffer
)
210 LocalFree( token_user
);
211 CloseHandle( token
);
214 status
= pLsaClose(handle
);
215 ok(status
== STATUS_SUCCESS
, "LsaClose() failed, returned 0x%08x\n", status
);
222 win_skip("Needed functions are not available\n");