[PATCH 3/3] advapi32/tests: Simple tests for TokenIntegrityLevel [try2]
Detlef Riekenberg
wine.dev at web.de
Mon Jul 30 11:08:35 CDT 2012
try2: now using EqualSid.
Thanks Nikolay for comments
--
By by ... Detlef
---
dlls/advapi32/tests/security.c | 79 +++++++++++++++++++++++++++++++++++++---
1 files changed, 74 insertions(+), 5 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 28e43ec..4a9822b 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -167,6 +167,8 @@ static void init(void)
pSetSecurityDescriptorControl = (void *)GetProcAddress(hmod, "SetSecurityDescriptorControl");
pGetSecurityInfo = (void *)GetProcAddress(hmod, "GetSecurityInfo");
pCreateRestrictedToken = (void *)GetProcAddress(hmod, "CreateRestrictedToken");
+ pConvertSidToStringSidA = (void *)GetProcAddress( hmod, "ConvertSidToStringSidA" );
+ pConvertStringSidToSidA = (void *)GetProcAddress( hmod, "ConvertStringSidToSidA" );
myARGC = winetest_get_mainargs( &myARGV );
}
@@ -211,12 +213,11 @@ static void test_sid(void)
BOOL r;
LPSTR str = NULL;
- pConvertSidToStringSidA = (void *)GetProcAddress( hmod, "ConvertSidToStringSidA" );
- if( !pConvertSidToStringSidA )
- return;
- pConvertStringSidToSidA = (void *)GetProcAddress( hmod, "ConvertStringSidToSidA" );
- if( !pConvertStringSidToSidA )
+ if( !pConvertSidToStringSidA || !pConvertStringSidToSidA )
+ {
+ skip("ConvertSidToStringSidA or ConvertStringSidToSidA not available\n");
return;
+ }
r = pConvertStringSidToSidA( NULL, NULL );
ok( !r, "expected failure with NULL parameters\n" );
@@ -4274,6 +4275,73 @@ static void test_kernel_objects_security(void)
CloseHandle(token);
}
+static void test_TokenIntegrityLevel(void)
+{
+ TOKEN_MANDATORY_LABEL *tml;
+ HANDLE token;
+ DWORD size;
+ DWORD res;
+ LPVOID buffer = NULL;
+ char *sidname = NULL;
+ static SID medium_level = {SID_REVISION, 1, {SECURITY_MANDATORY_LABEL_AUTHORITY},
+ {SECURITY_MANDATORY_HIGH_RID}};
+ static SID high_level = {SID_REVISION, 1, {SECURITY_MANDATORY_LABEL_AUTHORITY},
+ {SECURITY_MANDATORY_MEDIUM_RID}};
+
+ if(!pConvertSidToStringSidA)
+ {
+ skip("ConvertSidToStringSidA not available\n");
+ return;
+ }
+
+ SetLastError(0xdeadbeef);
+ res = OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token);
+ ok(res, "got %d with %d (expected TRUE)\n", res, GetLastError());
+ if (!res)
+ return;
+
+ SetLastError(0xdeadbeef);
+ res = GetTokenInformation(token, TokenIntegrityLevel, NULL, 0, &size);
+
+ /* not supported before Vista */
+ if (!res && (GetLastError() == ERROR_INVALID_PARAMETER))
+ {
+ skip("TokenIntegrityLevel not supported\n");
+ CloseHandle(token);
+ return;
+ }
+
+ if (!res && (GetLastError() == ERROR_INSUFFICIENT_BUFFER))
+ {
+ buffer = HeapAlloc(GetProcessHeap(), 0, size);
+ SetLastError(0xdeadbeef);
+ res = GetTokenInformation(token, TokenIntegrityLevel, buffer, size, &size);
+ }
+
+ ok(res, "got %u with %u (expected TRUE)\n", res, GetLastError());
+
+ if (!res || !buffer)
+ goto cleanup;
+
+ tml = buffer;
+
+ ok(tml->Label.Sid != NULL, "Label.Sid: NULL\n");
+ if (!tml->Label.Sid)
+ goto cleanup;
+
+ ok(tml->Label.Attributes == (SE_GROUP_INTEGRITY | SE_GROUP_INTEGRITY_ENABLED),
+ "got 0x%x (expected 0x%x)\n", tml->Label.Attributes, (SE_GROUP_INTEGRITY | SE_GROUP_INTEGRITY_ENABLED));
+
+ res = pConvertSidToStringSidA(tml->Label.Sid, &sidname);
+ ok(EqualSid(tml->Label.Sid, &medium_level) || EqualSid(tml->Label.Sid, &high_level),
+ "got %s (expected 'S-1-16-8192' or 'S-1-16-12288')\n", sidname);
+ LocalFree(sidname);
+
+cleanup:
+ HeapFree(GetProcessHeap(), 0, buffer);
+ CloseHandle(token);
+}
+
START_TEST(security)
{
init();
@@ -4311,4 +4379,5 @@ START_TEST(security)
test_GetUserNameA();
test_GetUserNameW();
test_CreateRestrictedToken();
+ test_TokenIntegrityLevel();
}
--
1.7.5.4
More information about the wine-patches
mailing list