[PATCH] Some tests for lsa
Julius Schwartzenberg
julius.schwartzenberg at gmail.com
Sun Feb 5 13:57:08 CST 2017
---
dlls/secur32/tests/Makefile.in | 1 +
dlls/secur32/tests/lsa.c | 215 +++++++++++++++++++++++++++++++++++++++++
include/ntsecapi.h | 38 ++++++++
3 files changed, 254 insertions(+)
create mode 100644 dlls/secur32/tests/lsa.c
diff --git a/dlls/secur32/tests/Makefile.in b/dlls/secur32/tests/Makefile.in
index 089d1c3..d9f140a 100644
--- a/dlls/secur32/tests/Makefile.in
+++ b/dlls/secur32/tests/Makefile.in
@@ -2,6 +2,7 @@ TESTDLL = secur32.dll
IMPORTS = secur32 crypt32 advapi32 ws2_32
C_SRCS = \
+ lsa.c \
main.c \
negotiate.c \
ntlm.c \
diff --git a/dlls/secur32/tests/lsa.c b/dlls/secur32/tests/lsa.c
new file mode 100644
index 0000000..6fa1564
--- /dev/null
+++ b/dlls/secur32/tests/lsa.c
@@ -0,0 +1,215 @@
+/*
+ * Lsa tests
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#include <stdio.h>
+#include <windows.h>
+#include <ntsecapi.h>
+#define SECURITY_WIN32
+#include <ntstatus.h>
+#include <winternl.h>
+
+#include "wine/test.h"
+
+static HMODULE secdll;
+
+char *package_name_kerberos = MICROSOFT_KERBEROS_NAME_A;
+
+static void test_LsaConnectUntrusted_null_handle(void)
+{
+ NTSTATUS status;
+
+ status = LsaConnectUntrusted(NULL);
+
+ todo_wine {
+ ok(status == STATUS_ACCESS_VIOLATION || status == RPC_NT_NULL_REF_POINTER,
+ "LsaConnectUntrusted(NULL) returned 0x%x\n", status);
+ }
+}
+
+static void test_LsaConnectUntrsuted_correct_handle(void)
+{
+ NTSTATUS status;
+ HANDLE lsa_handle;
+
+ status = LsaConnectUntrusted(&lsa_handle);
+
+ ok(status == STATUS_SUCCESS, "LsaConnectUntrusted(valid_handle) returned 0x%x\n", status);
+}
+
+static void test_LsaLookupAuthenticationPackage_null_handle(void)
+{
+ NTSTATUS status;
+ LSA_STRING package_name;
+ ULONG auth_package;
+ package_name.Buffer = package_name_kerberos;
+ package_name.Length = (USHORT)strlen(package_name.Buffer);
+
+ status = LsaLookupAuthenticationPackage(NULL, &package_name, &auth_package);
+
+ todo_wine {
+ ok(status == STATUS_INVALID_HANDLE || status == STATUS_INVALID_CONNECTION,
+ "LsaLookupAuthenticationPackage(NULL, \"Kerberos\", ...) returned 0x%x\n", status);
+ }
+}
+
+static void test_LsaLookupAuthenticationPackage_correct_handle(void)
+{
+ NTSTATUS status;
+ HANDLE lsa_handle;
+ LSA_STRING package_name;
+ ULONG auth_package;
+ package_name.Buffer = package_name_kerberos;
+ package_name.Length = (USHORT)strlen(package_name.Buffer);
+
+ LsaConnectUntrusted(&lsa_handle);
+ status = LsaLookupAuthenticationPackage(lsa_handle, &package_name, &auth_package);
+
+ ok(status == STATUS_SUCCESS,
+ "LsaLookupAuthenticationPackage(valid_handle, \"Kerberos\", ...) returned 0x%x\n", status);
+}
+
+static void test_LsaLookupAuthenticationPackage_correct_handle_wrong_name(void)
+{
+ NTSTATUS status;
+ HANDLE lsa_handle;
+ LSA_STRING package_name;
+ ULONG auth_package;
+ package_name.Buffer = "this is probably not a valid authentication package name";
+ package_name.Length = (USHORT)strlen(package_name.Buffer);
+
+ LsaConnectUntrusted(&lsa_handle);
+ status = LsaLookupAuthenticationPackage(lsa_handle, &package_name, &auth_package);
+
+ todo_wine {
+ ok(status == STATUS_NO_SUCH_PACKAGE,
+ "LsaLookupAuthenticationPackage(valid_handle, invalid, ...) returned 0x%x\n", status);
+ }
+}
+
+static void test_LsaCallAuthenticationPackage_invalid_handle(void)
+{
+ NTSTATUS status;
+ ULONG submit_buffer_length = 0;
+
+ VOID *protocol_return_buffer;
+ ULONG *return_buffer_length;
+ PNTSTATUS protocol_status;
+
+ status = LsaCallAuthenticationPackage(
+ NULL, 0xdeadbeef, NULL, submit_buffer_length,
+ protocol_return_buffer, return_buffer_length, protocol_status
+ );
+
+ todo_wine {
+ ok(status == STATUS_INVALID_HANDLE || status == STATUS_INVALID_CONNECTION,
+ "LsaCallAuthenticationPackage(NULL, ...) returned 0x%x\n", status);
+ }
+}
+
+static void test_LsaCallAuthenticationPackage_invalid_package(void)
+{
+ NTSTATUS status;
+ HANDLE lsa_handle;
+ ULONG submit_buffer_length = 0;
+
+ VOID *protocol_return_buffer;
+ ULONG *return_buffer_length;
+ PNTSTATUS protocol_status;
+
+ LsaConnectUntrusted(&lsa_handle);
+ status = LsaCallAuthenticationPackage(
+ lsa_handle, 0xdeadbeef, NULL, submit_buffer_length,
+ protocol_return_buffer, return_buffer_length, protocol_status
+ );
+
+ todo_wine {
+ ok(status == STATUS_NO_SUCH_PACKAGE,
+ "LsaCallAuthenticationPackage(valid_handle, invalid, ...) returned 0x%x\n", status);
+ }
+}
+
+static void test_LsaCallAuthenticationPackage_null_submit_buffer(void)
+{
+ NTSTATUS status;
+ HANDLE lsa_handle;
+ LSA_STRING package_name;
+ ULONG auth_package;
+ package_name.Buffer = package_name_kerberos;
+ package_name.Length = (USHORT)strlen(package_name.Buffer);
+ ULONG submit_buffer_length = 0;
+
+ VOID *protocol_return_buffer;
+ ULONG *return_buffer_length;
+ PNTSTATUS protocol_status;
+
+ LsaConnectUntrusted(&lsa_handle);
+ LsaLookupAuthenticationPackage(lsa_handle, &package_name, &auth_package);
+ status = LsaCallAuthenticationPackage(
+ lsa_handle, auth_package, NULL, submit_buffer_length,
+ protocol_return_buffer, return_buffer_length, protocol_status
+ );
+
+ todo_wine {
+ ok(status == STATUS_INVALID_PARAMETER,
+ "LsaCallAuthenticationPackage(...) returned 0x%x\n", status);
+ }
+}
+
+static void test_LsaCallAuthenticationPackage_correct_submit_buffer(void)
+{
+ NTSTATUS status;
+ HANDLE lsa_handle;
+ LSA_STRING package_name;
+ ULONG auth_package;
+ package_name.Buffer = package_name_kerberos;
+ package_name.Length = (USHORT)strlen(package_name.Buffer);
+ PKERB_RETRIEVE_TKT_REQUEST protocol_submit_buffer;
+
+ VOID *protocol_return_buffer;
+ ULONG *return_buffer_length;
+ PNTSTATUS protocol_status;
+
+ LsaConnectUntrusted(&lsa_handle);
+ LsaLookupAuthenticationPackage(lsa_handle, &package_name, &auth_package);
+
+ protocol_submit_buffer = LocalAlloc(LMEM_ZEROINIT, sizeof(KERB_RETRIEVE_TKT_REQUEST));
+ protocol_submit_buffer->MessageType = KerbRetrieveEncodedTicketMessage;
+
+ status = LsaCallAuthenticationPackage(
+ lsa_handle, auth_package, protocol_submit_buffer, sizeof(KERB_RETRIEVE_TKT_REQUEST),
+ protocol_return_buffer, return_buffer_length, protocol_status
+ );
+
+ ok(status == STATUS_SUCCESS, "LsaCallAuthenticationPackage(...) returned 0x%x\n", status);
+}
+
+START_TEST(lsa)
+{
+ test_LsaConnectUntrusted_null_handle();
+ test_LsaConnectUntrsuted_correct_handle();
+ test_LsaLookupAuthenticationPackage_null_handle();
+ test_LsaLookupAuthenticationPackage_correct_handle();
+ test_LsaLookupAuthenticationPackage_correct_handle_wrong_name();
+ test_LsaCallAuthenticationPackage_invalid_handle();
+ test_LsaCallAuthenticationPackage_invalid_package();
+ test_LsaCallAuthenticationPackage_null_submit_buffer();
+ test_LsaCallAuthenticationPackage_correct_submit_buffer();
+
+ if(secdll)
+ FreeLibrary(secdll);
+}
diff --git a/include/ntsecapi.h b/include/ntsecapi.h
index 2bb3d31..439f67e 100644
--- a/include/ntsecapi.h
+++ b/include/ntsecapi.h
@@ -387,6 +387,44 @@ NTSTATUS WINAPI LsaSetTrustedDomainInformation(LSA_HANDLE,PSID,TRUSTED_INFORMATI
NTSTATUS WINAPI LsaStorePrivateData(LSA_HANDLE,PLSA_UNICODE_STRING,PLSA_UNICODE_STRING);
NTSTATUS WINAPI LsaUnregisterPolicyChangeNotification(POLICY_NOTIFICATION_INFORMATION_CLASS,HANDLE);
+#ifndef MICROSOFT_KERBEROS_NAME_A
+
+#define MICROSOFT_KERBEROS_NAME_A "Kerberos"
+#define MICROSOFT_KERBEROS_NAME_W L"Kerberos"
+#ifdef WIN32_CHICAGO
+#define MICROSOFT_KERBEROS_NAME MICROSOFT_KERBEROS_NAME_A
+#else
+#define MICROSOFT_KERBEROS_NAME MICROSOFT_KERBEROS_NAME_W
+#endif
+#endif
+
+typedef enum _KERB_PROTOCOL_MESSAGE_TYPE {
+ KerbDebugRequestMessage = 0,KerbQueryTicketCacheMessage,KerbChangeMachinePasswordMessage,KerbVerifyPacMessage,KerbRetrieveTicketMessage,
+ KerbUpdateAddressesMessage,KerbPurgeTicketCacheMessage,KerbChangePasswordMessage,KerbRetrieveEncodedTicketMessage,KerbDecryptDataMessage,
+ KerbAddBindingCacheEntryMessage,KerbSetPasswordMessage,KerbSetPasswordExMessage,KerbVerifyCredentialsMessage,KerbQueryTicketCacheExMessage,
+ KerbPurgeTicketCacheExMessage,KerbRefreshSmartcardCredentialsMessage,KerbAddExtraCredentialsMessage,KerbQuerySupplementalCredentialsMessage,
+ KerbTransferCredentialsMessage,KerbQueryTicketCacheEx2Message
+} KERB_PROTOCOL_MESSAGE_TYPE,*PKERB_PROTOCOL_MESSAGE_TYPE;
+
+#ifndef __SECHANDLE_DEFINED__
+ typedef struct _SecHandle {
+ ULONG_PTR dwLower;
+ ULONG_PTR dwUpper;
+ } SecHandle,*PSecHandle;
+
+#define __SECHANDLE_DEFINED__
+#endif
+
+typedef struct _KERB_RETRIEVE_TKT_REQUEST {
+ KERB_PROTOCOL_MESSAGE_TYPE MessageType;
+ LUID LogonId;
+ UNICODE_STRING TargetName;
+ ULONG TicketFlags;
+ ULONG CacheOptions;
+ LONG EncryptionType;
+ SecHandle CredentialsHandle;
+} KERB_RETRIEVE_TKT_REQUEST,*PKERB_RETRIEVE_TKT_REQUEST;
+
#ifdef __cplusplus
} /* extern "C" */
#endif /* defined(__cplusplus) */
--
1.9.1
More information about the wine-patches
mailing list