summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@samba.org>2012-06-25 18:23:31 +0200
committerAndreas Schneider <asn@cryptomilk.org>2012-07-06 10:00:56 +0200
commit00171a549a29f58659fbe8764a3ee59a155dffae (patch)
treed423b2701746c0de13256caf3c657b9f675e153c
parent682277b44c3aa0e71f0924782cc8964810cb60e9 (diff)
downloadsamba-00171a549a29f58659fbe8764a3ee59a155dffae.tar.gz
samba-00171a549a29f58659fbe8764a3ee59a155dffae.tar.bz2
samba-00171a549a29f58659fbe8764a3ee59a155dffae.zip
s4-torture: Test LookupSids3 and LookupNames4 only over tcpip.
LookupSids3 and LookupNames4 are only available over tcpip and MUST fail over named pipes.
-rw-r--r--source4/torture/rpc/lsa.c49
1 files changed, 36 insertions, 13 deletions
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index 91614f9b5d..4d6cf5de8c 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -503,7 +503,8 @@ static bool test_LookupNames3(struct dcerpc_binding_handle *b,
static bool test_LookupNames4(struct dcerpc_binding_handle *b,
struct torture_context *tctx,
struct lsa_TransNameArray2 *tnames,
- bool check_result)
+ bool check_result,
+ bool test_fail) /* check if the tests fails! */
{
struct lsa_LookupNames4 r;
struct lsa_TransSidArray3 sids;
@@ -544,6 +545,14 @@ static bool test_LookupNames4(struct dcerpc_binding_handle *b,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_LookupNames4_r(b, tctx, &r),
"LookupNames4 failed");
if (!NT_STATUS_IS_OK(r.out.result)) {
+ if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_ACCESS_DENIED) ||
+ NT_STATUS_EQUAL(r.out.result, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) {
+ if (test_fail) {
+ torture_comment(tctx, "not considering %s to be an error\n",
+ nt_errstr(r.out.result));
+ return true;
+ }
+ }
torture_comment(tctx, "LookupNames4 failed - %s\n",
nt_errstr(r.out.result));
return false;
@@ -656,7 +665,8 @@ static bool test_LookupSids2(struct dcerpc_binding_handle *b,
static bool test_LookupSids3(struct dcerpc_binding_handle *b,
struct torture_context *tctx,
- struct lsa_SidArray *sids)
+ struct lsa_SidArray *sids,
+ bool test_fail) /* check if the tests fails! */
{
struct lsa_LookupSids3 r;
struct lsa_TransNameArray2 names;
@@ -683,9 +693,11 @@ static bool test_LookupSids3(struct dcerpc_binding_handle *b,
if (!NT_STATUS_IS_OK(r.out.result)) {
if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_ACCESS_DENIED) ||
NT_STATUS_EQUAL(r.out.result, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) {
- torture_comment(tctx, "not considering %s to be an error\n",
- nt_errstr(r.out.result));
- return true;
+ if (test_fail) {
+ torture_comment(tctx, "not considering %s to be an error\n",
+ nt_errstr(r.out.result));
+ return true;
+ }
}
torture_comment(tctx, "LookupSids3 failed - %s - not considered an error\n",
nt_errstr(r.out.result));
@@ -749,15 +761,26 @@ bool test_many_LookupSids(struct dcerpc_pipe *p,
return false;
}
} else if (p->conn->security_state.auth_info->auth_type == DCERPC_AUTH_TYPE_SCHANNEL &&
- p->conn->security_state.auth_info->auth_level >= DCERPC_AUTH_LEVEL_INTEGRITY &&
- (p->binding->transport == NCACN_IP_TCP || p->binding->transport == NCALRPC)) {
- struct lsa_TransNameArray2 names;
+ p->conn->security_state.auth_info->auth_level >= DCERPC_AUTH_LEVEL_INTEGRITY) {
- if (!test_LookupSids3(b, tctx, &sids)) {
- return false;
- }
- if (!test_LookupNames4(b, tctx, &names, false)) {
- return false;
+ if (p->binding->transport == NCACN_IP_TCP) {
+ struct lsa_TransNameArray2 names;
+
+ if (!test_LookupSids3(b, tctx, &sids, false)) {
+ return false;
+ }
+ if (!test_LookupNames4(b, tctx, &names, false, false)) {
+ return false;
+ }
+ } else if (p->binding->transport == NCACN_NP) {
+ struct lsa_TransNameArray2 names;
+
+ if (!test_LookupSids3(b, tctx, &sids, true)) {
+ return false;
+ }
+ if (!test_LookupNames4(b, tctx, &names, false, true)) {
+ return false;
+ }
}
}