git.oblomov.eu Git - wine/blob - dlls/secur32/tests/main.c

   1 /*
   2  * Miscellaneous secur32 tests
   3  *
   4  * Copyright 2005 Kai Blin
   5  *
   6  * This library is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 2.1 of the License, or (at your option) any later version.
  10  *
  11  * This library is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public
  17  * License along with this library; if not, write to the Free Software
  18  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  19  */
  20
  21 #define SECURITY_WIN32
  22
  23 #include <stdio.h>
  24 #include <stdarg.h>
  25 #include <windows.h>
  26 #include "wine/test.h"
  27 #include <winbase.h>
  28 #include <sspi.h>
  29
  30 #define BUFF_SIZE 2048
  31 #define MAX_MESSAGE 12000
  32
  33 /*---------------------------------------------------------*/
  34 /* General helper functions */
  35
  36 static const char* getSecStatusError(SECURITY_STATUS status)
  37 {
  38 #define _SEC_ERR(x) case (x): return #x;
  39     switch(status)
  40     {
  41         _SEC_ERR(SEC_E_OK);
  42         _SEC_ERR(SEC_E_INSUFFICIENT_MEMORY);
  43         _SEC_ERR(SEC_E_INVALID_HANDLE);
  44         _SEC_ERR(SEC_E_UNSUPPORTED_FUNCTION);
  45         _SEC_ERR(SEC_E_TARGET_UNKNOWN);
  46         _SEC_ERR(SEC_E_INTERNAL_ERROR);
  47         _SEC_ERR(SEC_E_SECPKG_NOT_FOUND);
  48         _SEC_ERR(SEC_E_NOT_OWNER);
  49         _SEC_ERR(SEC_E_CANNOT_INSTALL);
  50         _SEC_ERR(SEC_E_INVALID_TOKEN);
  51         _SEC_ERR(SEC_E_CANNOT_PACK);
  52         _SEC_ERR(SEC_E_QOP_NOT_SUPPORTED);
  53         _SEC_ERR(SEC_E_NO_IMPERSONATION);
  54         _SEC_ERR(SEC_I_CONTINUE_NEEDED);
  55         default:
  56             trace("Error = %ld\n", status);
  57             return "Unknown error";
  58     }
  59 #undef _SEC_ERR
  60 }
  61
  62 /*---------------------------------------------------------*/
  63 /* Helper for testQuerySecurityPagageInfo */
  64
  65 static SECURITY_STATUS setupPackageA(SEC_CHAR *p_package_name,
  66         PSecPkgInfo *p_pkg_info)
  67 {
  68     SECURITY_STATUS ret = SEC_E_SECPKG_NOT_FOUND;
  69
  70     ret = QuerySecurityPackageInfoA( p_package_name, p_pkg_info);
  71     return ret;
  72 }
  73
  74 /*---------------------------------------------------------*/
  75 /* Helper for testAuthentication */
  76
  77 static int genClientContext(PBYTE in, DWORD in_count, PBYTE out,
  78         DWORD *out_count, BOOL *done, char *target, CredHandle *cred_handle,
  79         PCtxtHandle ctxt_handle, PSecurityFunctionTable sft)
  80 {
  81     SECURITY_STATUS sec_status;
  82     TimeStamp       ttl;
  83     SecBufferDesc   in_sec_buff_desc, out_sec_buff_desc;
  84     SecBuffer       in_sec_buff, out_sec_buff;
  85     ULONG           context_attr;
  86
  87     if(in == NULL){
  88         sec_status = (sft->AcquireCredentialsHandle)(NULL, "Negotiate",
  89                 SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL, cred_handle,
  90                 &ttl);
  91         todo_wine{
  92             ok(sec_status == SEC_E_OK,
  93                     "Client AcquireCredentialsHandle should not return %s\n",
  94                     getSecStatusError(sec_status) );
  95         }
  96     }
  97
  98     out_sec_buff_desc.ulVersion = 0;
  99     out_sec_buff_desc.cBuffers  = 1;
 100     out_sec_buff_desc.pBuffers  = &out_sec_buff;
 101
 102     out_sec_buff.cbBuffer   = *out_count;
 103     out_sec_buff.BufferType = SECBUFFER_TOKEN;
 104     out_sec_buff.pvBuffer = out;
 105
 106     if(in){
 107         /* we got some data, initialize input buffer, too. */
 108         in_sec_buff_desc.ulVersion = 0;
 109         in_sec_buff_desc.cBuffers  = 1;
 110         in_sec_buff_desc.pBuffers  = &in_sec_buff;
 111
 112         in_sec_buff.cbBuffer   = in_count;
 113         in_sec_buff.BufferType = SECBUFFER_TOKEN;
 114         in_sec_buff.pvBuffer = in;
 115
 116         sec_status = (sft->InitializeSecurityContext)( cred_handle, ctxt_handle,
 117                 target,ISC_REQ_CONFIDENTIALITY, 0, SECURITY_NATIVE_DREP,
 118                 &in_sec_buff_desc, 0, ctxt_handle, &out_sec_buff_desc,
 119                 &context_attr, &ttl);
 120
 121     }
 122     else {
 123         sec_status = (sft->InitializeSecurityContext)( cred_handle, NULL,
 124                 target, ISC_REQ_CONFIDENTIALITY, 0, SECURITY_NATIVE_DREP, NULL,
 125                 0, ctxt_handle, &out_sec_buff_desc, &context_attr, &ttl);
 126     }
 127
 128     if( (sec_status == SEC_I_COMPLETE_NEEDED) ||
 129             (sec_status == SEC_I_COMPLETE_AND_CONTINUE)){
 130         if(sft->CompleteAuthToken != NULL){
 131             sec_status = (sft->CompleteAuthToken)( ctxt_handle,
 132                     &out_sec_buff_desc);
 133             ok((sec_status == SEC_E_OK)||(sec_status == SEC_I_CONTINUE_NEEDED),
 134                     "CompleteAuthToken should not return %s\n",
 135                     getSecStatusError(sec_status));
 136
 137         }
 138
 139     }
 140
 141     *out_count = out_sec_buff.cbBuffer;
 142     *done = !( (sec_status == SEC_I_CONTINUE_NEEDED) ||
 143             (sec_status == SEC_I_COMPLETE_AND_CONTINUE));
 144
 145     return 0;
 146
 147 }
 148
 149 static int genServerContext(PBYTE in, DWORD in_count, PBYTE out,
 150         DWORD *out_count, BOOL *done, BOOL *new_conn, CredHandle *cred_handle,
 151         PCtxtHandle ctxt_handle, PSecurityFunctionTable sft)
 152 {
 153     SECURITY_STATUS sec_status;
 154     TimeStamp       ttl;
 155     SecBufferDesc   in_sec_buff_desc, out_sec_buff_desc;
 156     SecBuffer       in_sec_buff, out_sec_buff;
 157     DWORD           ctxt_attr;
 158
 159     out_sec_buff_desc.ulVersion = 0;
 160     out_sec_buff_desc.cBuffers  = 1;
 161     out_sec_buff_desc.pBuffers  = &out_sec_buff;
 162
 163     out_sec_buff.cbBuffer   = *out_count;
 164     out_sec_buff.BufferType = SECBUFFER_TOKEN;
 165     out_sec_buff.pvBuffer = out;
 166
 167     in_sec_buff_desc.ulVersion = 0;
 168     in_sec_buff_desc.cBuffers  = 1;
 169     in_sec_buff_desc.pBuffers  = &in_sec_buff;
 170
 171     in_sec_buff.cbBuffer   = in_count;
 172     in_sec_buff.BufferType = SECBUFFER_TOKEN;
 173     in_sec_buff.pvBuffer = in;
 174
 175     sec_status = (sft->AcceptSecurityContext)( cred_handle,
 176             *new_conn ? NULL : ctxt_handle,          /* maybe use an if here? */
 177             &in_sec_buff_desc, 0, SECURITY_NATIVE_DREP,
 178             ctxt_handle, &out_sec_buff_desc, &ctxt_attr, &ttl);
 179
 180    ok((sec_status == SEC_E_OK) || (sec_status == SEC_I_CONTINUE_NEEDED),
 181            "AcceptSecurityContext returned %s\n",
 182            getSecStatusError(sec_status));
 183
 184     if( (sec_status == SEC_I_COMPLETE_NEEDED) ||
 185             (sec_status == SEC_I_COMPLETE_AND_CONTINUE)){
 186         if(sft->CompleteAuthToken != NULL){
 187             sec_status = (sft->CompleteAuthToken)( ctxt_handle,
 188                     &out_sec_buff_desc);
 189
 190             ok((sec_status ==SEC_E_OK) || (sec_status ==SEC_I_CONTINUE_NEEDED),
 191                     "CompleteAuthToken should not return %s\n",
 192                     getSecStatusError(sec_status));
 193         }
 194     }
 195
 196     *out_count = out_sec_buff.cbBuffer;
 197     *done = !( (sec_status == SEC_I_CONTINUE_NEEDED) ||
 198             (sec_status == SEC_I_COMPLETE_AND_CONTINUE));
 199
 200     return 0;
 201
 202 }
 203
 204
 205 /*--------------------------------------------------------- */
 206 /* The test functions */
 207
 208 static void testInitSecurityInterface(void)
 209 {
 210     PSecurityFunctionTable sec_fun_table = NULL;
 211
 212     sec_fun_table = InitSecurityInterface();
 213     ok(sec_fun_table != NULL, "InitSecurityInterface() returned NULL.\n");
 214
 215 }
 216
 217 static void testEnumerateSecurityPackages(void)
 218 {
 219
 220     SECURITY_STATUS sec_status;
 221     ULONG           num_packages, i;
 222     PSecPkgInfo     pkg_info = NULL;
 223
 224     trace("Running testEnumerateSecurityPackages\n");
 225
 226     sec_status = EnumerateSecurityPackages(&num_packages, &pkg_info);
 227
 228     ok(sec_status == SEC_E_OK,
 229             "EnumerateSecurityPackages() should return %ld, not %ld\n",
 230             (LONG)SEC_E_OK, (LONG)sec_status);
 231
 232     ok(num_packages > 0, "Number of sec packages should be > 0 ,but is %ld\n",
 233             num_packages);
 234
 235     ok(pkg_info != NULL,
 236             "pkg_info should not be NULL after EnumerateSecurityPackages\n");
 237
 238     trace("Number of packages: %ld\n", num_packages);
 239     for(i = 0; i < num_packages; ++i){
 240         trace("%ld: ", i);
 241         trace("Package \"%s\"\n", pkg_info[i].Name);
 242         trace("Flags supported: \n");
 243         if(pkg_info[i].fCapabilities & SECPKG_FLAG_INTEGRITY)
 244             trace("\tSECPKG_FLAG_INTEGRITY\n");
 245         if(pkg_info[i].fCapabilities & SECPKG_FLAG_PRIVACY)
 246             trace("\tSECPKG_FLAG_PRIVACY\n");
 247         if(pkg_info[i].fCapabilities & SECPKG_FLAG_TOKEN_ONLY)
 248             trace("\tSECPKG_FLAG_TOKEN_ONLY\n");
 249         if(pkg_info[i].fCapabilities & SECPKG_FLAG_DATAGRAM)
 250             trace("\tSECPKG_FLAG_DATAGRAM\n");
 251         if(pkg_info[i].fCapabilities & SECPKG_FLAG_CONNECTION)
 252             trace("\tSECPKG_FLAG_CONNECTION\n");
 253         if(pkg_info[i].fCapabilities & SECPKG_FLAG_MULTI_REQUIRED)
 254             trace("\tSECPKG_FLAG_MULTI_REQUIRED\n");
 255         if(pkg_info[i].fCapabilities & SECPKG_FLAG_CLIENT_ONLY)
 256             trace("\tSECPKG_FLAG_CLIENT_ONLY\n");
 257         if(pkg_info[i].fCapabilities & SECPKG_FLAG_EXTENDED_ERROR)
 258             trace("\tSECPKG_FLAG_EXTENDED_ERROR\n");
 259         if(pkg_info[i].fCapabilities & SECPKG_FLAG_IMPERSONATION)
 260             trace("\tSECPKG_FLAG_IMPERSONATION\n");
 261         if(pkg_info[i].fCapabilities & SECPKG_FLAG_ACCEPT_WIN32_NAME)
 262             trace("\tSECPKG_FLAG_ACCEPT_WIN32_NAME\n");
 263         if(pkg_info[i].fCapabilities & SECPKG_FLAG_STREAM)
 264             trace("\tSECPKG_FLAG_STREAM\n");
 265         if(pkg_info[i].fCapabilities & SECPKG_FLAG_READONLY_WITH_CHECKSUM)
 266             trace("\tSECPKG_FLAG_READONLY_WITH_CHECKSUM\n");
 267         trace("Comment: %s\n", pkg_info[i].Comment);
 268         trace("\n");
 269     }
 270
 271     FreeContextBuffer(pkg_info);
 272 }
 273
 274
 275 static void testQuerySecurityPackageInfo(void)
 276 {
 277     SECURITY_STATUS     sec_status;
 278     SEC_CHAR            sec_pkg_name[256];
 279     PSecPkgInfo         pkg_info = NULL;
 280     ULONG               max_token = 0;
 281     USHORT              version = 0;
 282
 283     trace("Running testQuerySecurityPackageInfo\n");
 284
 285     /* Test with an existing package. Test should pass */
 286
 287     lstrcpy(sec_pkg_name, "Negotiate");
 288
 289     sec_status = setupPackageA(sec_pkg_name, &pkg_info);
 290
 291     todo_wine{
 292         ok(sec_status == SEC_E_OK,
 293            "Return value of QuerySecurityPackageInfo() shouldn't be %s\n",
 294            getSecStatusError(sec_status) );
 295         ok(pkg_info != NULL,
 296                 "QuerySecurityPackageInfo should give struct SecPkgInfo, but is NULL\n");
 297     }
 298     if(pkg_info != NULL){
 299         max_token = pkg_info->cbMaxToken;
 300         version   = pkg_info->wVersion;
 301     }
 302     todo_wine{
 303         ok(version == 1, "wVersion always should be 1, but is %d\n", version);
 304         ok(max_token == 12000, "cbMaxToken for Negotiate is %ld, not 12000.\n",
 305                 max_token);
 306     }
 307
 308     trace("Max token = %ld\n", max_token);
 309
 310     sec_status = FreeContextBuffer(&pkg_info);
 311
 312     ok( sec_status == SEC_E_OK,
 313         "Return value of FreeContextBuffer() shouldn't be %s\n",
 314         getSecStatusError(sec_status) );
 315
 316     /* Test with non-existing package, test should fail */
 317
 318     lstrcpy(sec_pkg_name, "Winetest");
 319
 320     sec_status = QuerySecurityPackageInfo( sec_pkg_name, &pkg_info);
 321
 322     ok( sec_status != SEC_E_OK,
 323         "Return value of QuerySecurityPackageInfo() should not be %s for \
 324 a non-existant package\n", getSecStatusError(SEC_E_OK));
 325
 326     sec_status = FreeContextBuffer(&pkg_info);
 327
 328     ok( sec_status == SEC_E_OK,
 329         "Return value of FreeContextBuffer() shouldn't be %s\n",
 330         getSecStatusError(sec_status) );
 331
 332
 333 }
 334
 335 void testAuthentication(void)
 336 {
 337     CredHandle      server_cred, client_cred;
 338     CtxtHandle      server_ctxt, client_ctxt;
 339     BYTE            server_buff[MAX_MESSAGE];
 340     BYTE            client_buff[MAX_MESSAGE];
 341     SECURITY_STATUS sec_status;
 342     DWORD           count_server = MAX_MESSAGE;
 343     DWORD           count_client = MAX_MESSAGE;
 344     BOOL            done = FALSE, new_conn = TRUE;
 345     TimeStamp       server_ttl;
 346     PSecurityFunctionTable sft = NULL;
 347
 348     trace("Running testAuthentication\n");
 349
 350     sft = InitSecurityInterface();
 351
 352     ok(sft != NULL, "InitSecurityInterface() returned NULL!\n");
 353
 354     memset(&server_cred, 0, sizeof(CredHandle));
 355     memset(&client_cred, 0, sizeof(CredHandle));
 356     memset(&server_ctxt, 0, sizeof(CtxtHandle));
 357     memset(&client_ctxt, 0, sizeof(CtxtHandle));
 358
 359     sec_status = (sft->AcquireCredentialsHandle)(NULL, "Negotiate",
 360             SECPKG_CRED_INBOUND, NULL, NULL, NULL, NULL, &server_cred,
 361             &server_ttl);
 362
 363     todo_wine{
 364         ok(sec_status == SEC_E_OK,
 365                 "Server's AcquireCredentialsHandle returned %s.\n",
 366                 getSecStatusError(sec_status) );
 367     }
 368
 369
 370     genClientContext(NULL, 0, server_buff, &count_server, &done, "foo",
 371             &client_cred, &client_ctxt, sft);
 372
 373     while(!done){
 374         genServerContext(server_buff, count_server, client_buff,
 375                 &count_client, &done, &new_conn, &server_cred, &server_ctxt,
 376                 sft);
 377         new_conn = FALSE;
 378         genClientContext(client_buff, count_client, server_buff,
 379                 &count_server, &done, "foo", &client_cred, &client_ctxt, sft);
 380     }
 381
 382
 383 }
 384
 385 START_TEST(main)
 386 {
 387     testInitSecurityInterface();
 388     testEnumerateSecurityPackages();
 389     testQuerySecurityPackageInfo();
 390     testAuthentication();
 391 }