[PATCH] secur32/tests: Add some tests for lsa functions.
Julius Schwartzenberg
julius.schwartzenberg at gmail.com
Sun Feb 26 15:06:55 CST 2017
---
dlls/secur32/tests/Makefile.in | 1 +
dlls/secur32/tests/lsa.c | 122 +++++++++++++++++++++++++++++++++++++++++
include/ntsecapi.h | 50 +++++++++++++++++
3 files changed, 173 insertions(+)
create mode 100644 dlls/secur32/tests/lsa.c
diff --git a/dlls/secur32/tests/Makefile.in b/dlls/secur32/tests/Makefile.in
index 089d1c3..d9f140a 100644
--- a/dlls/secur32/tests/Makefile.in
+++ b/dlls/secur32/tests/Makefile.in
@@ -2,6 +2,7 @@ TESTDLL = secur32.dll
IMPORTS = secur32 crypt32 advapi32 ws2_32
C_SRCS = \
+ lsa.c \
main.c \
negotiate.c \
ntlm.c \
diff --git a/dlls/secur32/tests/lsa.c b/dlls/secur32/tests/lsa.c
new file mode 100644
index 0000000..fef3f0f
--- /dev/null
+++ b/dlls/secur32/tests/lsa.c
@@ -0,0 +1,122 @@
+/*
+ * Lsa tests
+ *
+ * Copyright 2017 Julius Schwartzenberg
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#define SECURITY_WIN32
+
+#include <stdio.h>
+#include <ntstatus.h>
+#define WIN32_NO_STATUS
+#include <windows.h>
+#include <ntsecapi.h>
+
+#include "wine/test.h"
+
+static void test_LsaConnectUntrusted(void)
+{
+ NTSTATUS status;
+ HANDLE lsa_handle;
+
+ status = LsaConnectUntrusted(NULL);
+ todo_wine ok(status == STATUS_ACCESS_VIOLATION || status == RPC_NT_NULL_REF_POINTER,
+ "LsaConnectUntrusted(NULL) returned 0x%x\n", status);
+
+ status = LsaConnectUntrusted(&lsa_handle);
+ LsaDeregisterLogonProcess(lsa_handle);
+ ok(status == STATUS_SUCCESS, "LsaConnectUntrusted(valid_handle) returned 0x%x\n", status);
+}
+
+static void test_LsaLookupAuthenticationPackage(void)
+{
+ NTSTATUS status;
+ HANDLE lsa_handle;
+ LSA_STRING package_name_kerberos;
+ LSA_STRING package_name_invalid;
+ ULONG auth_package;
+ char name_kerberos[] = MICROSOFT_KERBEROS_NAME_A;
+ char name_invalid[] = "this is probably not a valid authentication package name";
+ package_name_kerberos.Buffer = name_kerberos;
+ package_name_kerberos.Length = sizeof(MICROSOFT_KERBEROS_NAME_A) - 1;
+ package_name_invalid.Buffer = name_invalid;
+ package_name_invalid.Length = strlen(package_name_invalid.Buffer);
+
+ status = LsaLookupAuthenticationPackage(NULL, &package_name_kerberos, &auth_package);
+ // Windows versions before 7 appear to have less granular return codes
+ todo_wine ok(status == STATUS_INVALID_HANDLE || status == STATUS_INVALID_CONNECTION,
+ "LsaLookupAuthenticationPackage(NULL, \"Kerberos\", ...) returned 0x%x\n", status);
+
+ LsaConnectUntrusted(&lsa_handle);
+ status = LsaLookupAuthenticationPackage(lsa_handle, &package_name_kerberos, &auth_package);
+ LsaDeregisterLogonProcess(lsa_handle);
+ ok(status == STATUS_SUCCESS,
+ "LsaLookupAuthenticationPackage(valid_handle, \"Kerberos\", ...) returned 0x%x\n", status);
+
+ LsaConnectUntrusted(&lsa_handle);
+ status = LsaLookupAuthenticationPackage(lsa_handle, &package_name_invalid, &auth_package);
+ LsaDeregisterLogonProcess(lsa_handle);
+ todo_wine ok(status == STATUS_NO_SUCH_PACKAGE,
+ "LsaLookupAuthenticationPackage(valid_handle, invalid, ...) returned 0x%x\n", status);
+}
+
+static void test_LsaCallAuthenticationPackage(void)
+{
+ NTSTATUS status;
+ HANDLE lsa_handle;
+ PKERB_RETRIEVE_TKT_REQUEST protocol_submit_buffer;
+ LSA_STRING package_name_kerberos;
+ ULONG auth_package;
+ char name_kerberos[] = MICROSOFT_KERBEROS_NAME_A;
+ package_name_kerberos.Buffer = name_kerberos;
+ package_name_kerberos.Length = sizeof(MICROSOFT_KERBEROS_NAME_A) - 1;
+
+ status = LsaCallAuthenticationPackage(NULL, 0xdeadbeef, NULL, 0, NULL, 0, NULL);
+ todo_wine ok(status == STATUS_INVALID_HANDLE || status == STATUS_INVALID_CONNECTION,
+ "LsaCallAuthenticationPackage(NULL, ...) returned 0x%x\n", status);
+
+ LsaConnectUntrusted(&lsa_handle);
+ status = LsaCallAuthenticationPackage(lsa_handle, 0xdeadbeef, NULL, 0, NULL, 0, NULL);
+ LsaDeregisterLogonProcess(lsa_handle);
+ todo_wine ok(status == STATUS_NO_SUCH_PACKAGE,
+ "LsaCallAuthenticationPackage(valid_handle, invalid, ...) returned 0x%x\n", status);
+
+ LsaConnectUntrusted(&lsa_handle);
+ LsaLookupAuthenticationPackage(lsa_handle, &package_name_kerberos, &auth_package);
+ status = LsaCallAuthenticationPackage(lsa_handle, auth_package, NULL, 0, NULL, 0, NULL);
+ LsaDeregisterLogonProcess(lsa_handle);
+ todo_wine ok(status == STATUS_INVALID_PARAMETER,
+ "LsaCallAuthenticationPackage(...) returned 0x%x\n", status);
+
+ LsaConnectUntrusted(&lsa_handle);
+ LsaLookupAuthenticationPackage(lsa_handle, &package_name_kerberos, &auth_package);
+ protocol_submit_buffer = HeapAlloc(GetProcessHeap(), LMEM_ZEROINIT, sizeof(KERB_RETRIEVE_TKT_REQUEST));
+ protocol_submit_buffer->MessageType = KerbRetrieveEncodedTicketMessage;
+ status = LsaCallAuthenticationPackage(
+ lsa_handle, auth_package, protocol_submit_buffer, sizeof(KERB_RETRIEVE_TKT_REQUEST),
+ NULL, 0, NULL
+ );
+ LsaDeregisterLogonProcess(lsa_handle);
+ ok(status == STATUS_SUCCESS, "LsaCallAuthenticationPackage(...) returned 0x%x\n", status);
+}
+
+START_TEST(lsa)
+{
+ test_LsaConnectUntrusted();
+ test_LsaLookupAuthenticationPackage();
+ test_LsaCallAuthenticationPackage();
+}
diff --git a/include/ntsecapi.h b/include/ntsecapi.h
index 2bb3d31..96c49a6 100644
--- a/include/ntsecapi.h
+++ b/include/ntsecapi.h
@@ -387,6 +387,56 @@ NTSTATUS WINAPI LsaSetTrustedDomainInformation(LSA_HANDLE,PSID,TRUSTED_INFORMATI
NTSTATUS WINAPI LsaStorePrivateData(LSA_HANDLE,PLSA_UNICODE_STRING,PLSA_UNICODE_STRING);
NTSTATUS WINAPI LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS,HANDLE);
+#ifndef MICROSOFT_KERBEROS_NAME_A
+
+#define MICROSOFT_KERBEROS_NAME_A "Kerberos"
+#define MICROSOFT_KERBEROS_NAME_W (const WCHAR []){'K','e','r','b','e','r','o','s',0}
+#define MICROSOFT_KERBEROS_NAME MICROSOFT_KERBEROS_NAME_W
+#endif
+
+typedef enum _KERB_PROTOCOL_MESSAGE_TYPE {
+ KerbDebugRequestMessage = 0,
+ KerbQueryTicketCacheMessage,
+ KerbChangeMachinePasswordMessage,
+ KerbVerifyPacMessage,
+ KerbRetrieveTicketMessage,
+ KerbUpdateAddressesMessage,
+ KerbPurgeTicketCacheMessage,
+ KerbChangePasswordMessage,
+ KerbRetrieveEncodedTicketMessage,
+ KerbDecryptDataMessage,
+ KerbAddBindingCacheEntryMessage,
+ KerbSetPasswordMessage,
+ KerbSetPasswordExMessage,
+ KerbVerifyCredentialsMessage,
+ KerbQueryTicketCacheExMessage,
+ KerbPurgeTicketCacheExMessage,
+ KerbRefreshSmartcardCredentialsMessage,
+ KerbAddExtraCredentialsMessage,
+ KerbQuerySupplementalCredentialsMessage,
+ KerbTransferCredentialsMessage,
+ KerbQueryTicketCacheEx2Message
+} KERB_PROTOCOL_MESSAGE_TYPE,*PKERB_PROTOCOL_MESSAGE_TYPE;
+
+#ifndef __SECHANDLE_DEFINED__
+ typedef struct _SecHandle {
+ ULONG_PTR dwLower;
+ ULONG_PTR dwUpper;
+ } SecHandle,*PSecHandle;
+
+#define __SECHANDLE_DEFINED__
+#endif
+
+typedef struct _KERB_RETRIEVE_TKT_REQUEST {
+ KERB_PROTOCOL_MESSAGE_TYPE MessageType;
+ LUID LogonId;
+ UNICODE_STRING TargetName;
+ ULONG TicketFlags;
+ ULONG CacheOptions;
+ LONG EncryptionType;
+ SecHandle CredentialsHandle;
+} KERB_RETRIEVE_TKT_REQUEST,*PKERB_RETRIEVE_TKT_REQUEST;
+
#ifdef __cplusplus
} /* extern "C" */
#endif /* defined(__cplusplus) */
--
1.9.1
More information about the wine-patches
mailing list