diff options
author | Günther Deschner <gd@samba.org> | 2011-12-14 11:07:11 +0100 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2011-12-14 17:28:29 +0100 |
commit | 030ccc42b974e0dfc991c0a908a748be5a657996 (patch) | |
tree | bcfc033b24f9ba5b38b16a47ffdd133547174ae6 | |
parent | be288b0c82be3f796816e79744a79817cfcbce7f (diff) | |
download | samba-030ccc42b974e0dfc991c0a908a748be5a657996.tar.gz samba-030ccc42b974e0dfc991c0a908a748be5a657996.tar.bz2 samba-030ccc42b974e0dfc991c0a908a748be5a657996.zip |
s4-smbtorture: make sure we can successfully run the schannel test against windows.
lsa lookupsids3/lookupnames4 is only available over schannel sealed
ncacn_ip_tcp.
Guenther
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Wed Dec 14 17:28:29 CET 2011 on sn-devel-104
-rw-r--r-- | source4/torture/rpc/schannel.c | 46 |
1 files changed, 30 insertions, 16 deletions
diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c index 7eb5148152..dff9fe7055 100644 --- a/source4/torture/rpc/schannel.c +++ b/source4/torture/rpc/schannel.c @@ -244,10 +244,6 @@ static bool test_lsa_ops(struct torture_context *tctx, struct dcerpc_pipe *p) } } } - if (!test_many_LookupSids(p, tctx, NULL)) { - torture_comment(tctx, "LsaLookupSids3 failed!\n"); - return false; - } return ret; } @@ -272,6 +268,7 @@ static bool test_schannel(struct torture_context *tctx, struct dcerpc_pipe *p_lsa = NULL; struct netlogon_creds_CredentialState *creds; struct cli_credentials *credentials; + enum dcerpc_transport_t transport; join_ctx = torture_join_domain(tctx, talloc_asprintf(tctx, "%s%d", TEST_MACHINE_NAME, i), @@ -287,7 +284,7 @@ static bool test_schannel(struct torture_context *tctx, status = dcerpc_pipe_connect_b(tctx, &p, b, &ndr_table_samr, credentials, tctx->ev, tctx->lp_ctx); torture_assert_ntstatus_ok(tctx, status, - "Failed to connect with schannel"); + "Failed to connect to samr with schannel"); torture_assert(tctx, test_samr_ops(tctx, p->binding_handle), "Failed to process schannel secured SAMR ops"); @@ -326,21 +323,35 @@ static bool test_schannel(struct torture_context *tctx, status = dcerpc_epm_map_binding(tctx, b, &ndr_table_lsarpc, tctx->ev, tctx->lp_ctx); torture_assert_ntstatus_ok(tctx, status, "epm map"); - status = dcerpc_secondary_connection(p, &p_lsa, - b); + torture_assert_ntstatus_ok(tctx, + dcerpc_pipe_connect_b(tctx, &p_lsa, b, &ndr_table_lsarpc, + credentials, tctx->ev, tctx->lp_ctx), + "failed to connect lsarpc with schannel"); - torture_assert_ntstatus_ok(tctx, status, "secondary connection"); + torture_assert(tctx, test_lsa_ops(tctx, p_lsa), + "Failed to process schannel secured LSA ops"); - status = dcerpc_bind_auth(p_lsa, &ndr_table_lsarpc, - credentials, lpcfg_gensec_settings(tctx, tctx->lp_ctx), - DCERPC_AUTH_TYPE_SCHANNEL, - dcerpc_auth_level(p->conn), - NULL); + talloc_free(p_lsa); + p_lsa = NULL; - torture_assert_ntstatus_ok(tctx, status, "bind auth"); + /* we *MUST* use ncacn_ip_tcp for lookupsids3/lookupnames4 */ + transport = b->transport; + b->transport = NCACN_IP_TCP; - torture_assert(tctx, test_lsa_ops(tctx, p_lsa), - "Failed to process schannel secured LSA ops"); + torture_assert_ntstatus_ok(tctx, + dcerpc_epm_map_binding(tctx, b, &ndr_table_lsarpc, tctx->ev, tctx->lp_ctx), + "failed to call epm map"); + + torture_assert_ntstatus_ok(tctx, + dcerpc_pipe_connect_b(tctx, &p_lsa, b, &ndr_table_lsarpc, + credentials, tctx->ev, tctx->lp_ctx), + "failed to connect lsarpc with schannel"); + + torture_assert(tctx, + test_many_LookupSids(p_lsa, tctx, NULL), + "LsaLookupSids3 failed!\n"); + + b->transport = transport; /* Drop the socket, we want to start from scratch */ talloc_free(p); @@ -438,6 +449,9 @@ bool torture_rpc_schannel(struct torture_context *torture) int i; for (i=0;i<ARRAY_SIZE(tests);i++) { + torture_comment(torture, "Testing with acct_flags=0x%x dcerpc_flags=0x%x \n", + tests[i].acct_flags, tests[i].dcerpc_flags); + if (!test_schannel(torture, tests[i].acct_flags, tests[i].dcerpc_flags, i)) { |