summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2005-05-13 06:10:10 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:16:42 -0500
commita90c731ec5d33028380aeb66b411b5f1682fb874 (patch)
treef0ad3abe420d1aa662d42ad72b7798a894bd7544
parent06869ce014ffa249fb117df1d4d7182a1de24c5a (diff)
downloadsamba-a90c731ec5d33028380aeb66b411b5f1682fb874.tar.gz
samba-a90c731ec5d33028380aeb66b411b5f1682fb874.tar.bz2
samba-a90c731ec5d33028380aeb66b411b5f1682fb874.zip
r6765: expanded the cldap test suite to test the usage of the DomainGuid,
AAC, and User attributes in cldap netlogon queries interestingly, while WinXP generated cldap filters with these set, the w2k3 cldap server seems to completely ignore them, so I didn't need to alter our cldap server at all to pass the test :-) (This used to be commit 177c8becd2051c9d1f261358baf4b85ca89700d8)
-rw-r--r--source4/torture/ldap/cldap.c65
1 files changed, 60 insertions, 5 deletions
diff --git a/source4/torture/ldap/cldap.c b/source4/torture/ldap/cldap.c
index 24cbc184ad..5f6ef3f649 100644
--- a/source4/torture/ldap/cldap.c
+++ b/source4/torture/ldap/cldap.c
@@ -26,6 +26,14 @@
#include "libcli/ldap/ldap.h"
#include "lib/events/events.h"
+#define CHECK_STATUS(status, correct) do { \
+ if (!NT_STATUS_EQUAL(status, correct)) { \
+ printf("(%s) Incorrect status %s - should be %s\n", \
+ __location__, nt_errstr(status), nt_errstr(correct)); \
+ ret = False; \
+ goto done; \
+ }} while (0)
+
/*
test netlogon operations
@@ -35,27 +43,74 @@ static BOOL test_cldap_netlogon(TALLOC_CTX *mem_ctx, const char *dest)
struct cldap_socket *cldap = cldap_socket_init(mem_ctx, NULL);
NTSTATUS status;
struct cldap_netlogon search;
+ union nbt_cldap_netlogon n1;
+ struct GUID guid;
int i;
+ BOOL ret = True;
search.in.dest_address = dest;
search.in.realm = lp_realm();
search.in.host = lp_netbios_name();
+ search.in.user = NULL;
+ search.in.domain_guid = NULL;
+ search.in.domain_sid = NULL;
+ search.in.acct_control = -1;
+ printf("Scanning for netlogon levels\n");
for (i=0;i<256;i++) {
search.in.version = i;
printf("Trying netlogon level %d\n", i);
status = cldap_netlogon(cldap, mem_ctx, &search);
- if (!NT_STATUS_IS_OK(status)) {
- printf("netlogon[%d] failed - %s\n", i, nt_errstr(status));
- } else {
+ CHECK_STATUS(status, NT_STATUS_OK);
+ if (DEBUGLVL(10)) {
NDR_PRINT_UNION_DEBUG(nbt_cldap_netlogon, i & 0xF,
&search.out.netlogon);
}
}
- printf("cldap_search gave %s\n", nt_errstr(status));
+ search.in.version = 6;
+ status = cldap_netlogon(cldap, mem_ctx, &search);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ n1 = search.out.netlogon;
+
+ printf("Trying with User=Administrator\n");
+
+ search.in.user = "Administrator";
+ status = cldap_netlogon(cldap, mem_ctx, &search);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ printf("Trying with a GUID\n");
+ search.in.domain_guid = GUID_string(mem_ctx, &n1.logon4.domain_uuid);
+ status = cldap_netlogon(cldap, mem_ctx, &search);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ printf("Trying with a incorrect GUID\n");
+ guid = GUID_random();
+ search.in.user = NULL;
+ search.in.domain_guid = GUID_string(mem_ctx, &guid);
+ status = cldap_netlogon(cldap, mem_ctx, &search);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ printf("Trying with a incorrect domain\n");
+ search.in.realm = "test.example.com";
+ search.in.domain_guid = NULL;
+ status = cldap_netlogon(cldap, mem_ctx, &search);
+ CHECK_STATUS(status, NT_STATUS_NOT_FOUND);
+
+ printf("Trying with a AAC\n");
+ search.in.acct_control = 0x180;
+ search.in.realm = lp_realm();
+ status = cldap_netlogon(cldap, mem_ctx, &search);
+ CHECK_STATUS(status, NT_STATUS_OK);
+
+ printf("Trying with a bad AAC\n");
+ search.in.acct_control = 0xFF00FF00;
+ search.in.realm = lp_realm();
+ status = cldap_netlogon(cldap, mem_ctx, &search);
+ CHECK_STATUS(status, NT_STATUS_OK);
- return True;
+done:
+ return ret;
}
BOOL torture_cldap(void)