diff options
author | Günther Deschner <gd@samba.org> | 2012-01-06 17:27:03 +0100 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2012-01-09 10:34:05 +0100 |
commit | 4c03f08c0d46f6482bf9a3f2eec59b0099d9aa7d (patch) | |
tree | 04b89ec1591601c3deb0ba464e40a29c15152600 | |
parent | c3f9e011edbab66f317df97b9ceca7b70f45d739 (diff) | |
download | samba-4c03f08c0d46f6482bf9a3f2eec59b0099d9aa7d.tar.gz samba-4c03f08c0d46f6482bf9a3f2eec59b0099d9aa7d.tar.bz2 samba-4c03f08c0d46f6482bf9a3f2eec59b0099d9aa7d.zip |
s3-pdbtest: only test trusted domains when pdb backends offers trusted domain support.
Guenther
-rw-r--r-- | source3/torture/pdbtest.c | 163 |
1 files changed, 89 insertions, 74 deletions
diff --git a/source3/torture/pdbtest.c b/source3/torture/pdbtest.c index 2f4909a68b..9f9ca0c40a 100644 --- a/source3/torture/pdbtest.c +++ b/source3/torture/pdbtest.c @@ -230,6 +230,90 @@ static bool samu_correct(struct samu *s1, struct samu *s2) return ret; } +static bool test_trusted_domains(TALLOC_CTX *ctx, + struct pdb_methods *pdb, + bool *error) +{ + NTSTATUS rv; + /* test trustdom calls */ + struct pdb_trusted_domain *td; + struct pdb_trusted_domain *new_td; + struct trustAuthInOutBlob taiob; + struct AuthenticationInformation aia; + enum ndr_err_code ndr_err; + + td = talloc_zero(ctx ,struct pdb_trusted_domain); + if (!td) { + fprintf(stderr, "talloc failed\n"); + return false; + } + + td->domain_name = talloc_strdup(td, TRUST_DOM); + td->netbios_name = talloc_strdup(td, TRUST_DOM); + if (!td->domain_name || !td->netbios_name) { + fprintf(stderr, "talloc failed\n"); + return false; + } + + td->trust_auth_incoming = data_blob_null; + + ZERO_STRUCT(taiob); + ZERO_STRUCT(aia); + taiob.count = 1; + taiob.current.count = 1; + taiob.current.array = &aia; + unix_to_nt_time(&aia.LastUpdateTime, time(NULL)); + aia.AuthType = TRUST_AUTH_TYPE_CLEAR; + aia.AuthInfo.clear.password = (uint8_t *) talloc_strdup(ctx, TRUST_PWD); + aia.AuthInfo.clear.size = strlen(TRUST_PWD); + + taiob.previous.count = 0; + taiob.previous.array = NULL; + + ndr_err = ndr_push_struct_blob(&td->trust_auth_outgoing, + td, &taiob, + (ndr_push_flags_fn_t) ndr_push_trustAuthInOutBlob); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + fprintf(stderr, "ndr_push_struct_blob failed.\n"); + return false; + } + + td->trust_direction = LSA_TRUST_DIRECTION_OUTBOUND; + td->trust_type = LSA_TRUST_TYPE_DOWNLEVEL; + td->trust_attributes = 0; + td->trust_forest_trust_info = data_blob_null; + + rv = pdb->set_trusted_domain(pdb, TRUST_DOM, td); + if (!NT_STATUS_IS_OK(rv)) { + fprintf(stderr, "Error in set_trusted_domain %s\n", + get_friendly_nt_error_msg(rv)); + *error = true; + } + + rv = pdb->get_trusted_domain(pdb, ctx, TRUST_DOM, &new_td); + if (!NT_STATUS_IS_OK(rv)) { + fprintf(stderr, "Error in set_trusted_domain %s\n", + get_friendly_nt_error_msg(rv)); + *error = true; + } + + if (!strequal(td->domain_name, new_td->domain_name) || + !strequal(td->netbios_name, new_td->netbios_name) || + !dom_sid_equal(&td->security_identifier, + &new_td->security_identifier) || + td->trust_direction != new_td->trust_direction || + td->trust_type != new_td->trust_type || + td->trust_attributes != new_td->trust_attributes || + td->trust_auth_incoming.length != new_td->trust_auth_incoming.length || + td->trust_forest_trust_info.length != new_td->trust_forest_trust_info.length || + data_blob_cmp(&td->trust_auth_outgoing, &new_td->trust_auth_outgoing) != 0) { + fprintf(stderr, "Old and new trusdet domain data do not match\n"); + *error = true; + } + + return true; +} + int main(int argc, char **argv) { @@ -255,13 +339,6 @@ int main(int argc, char **argv) POPT_TABLEEND }; - /* test trustdom calls */ - struct pdb_trusted_domain *td; - struct pdb_trusted_domain *new_td; - struct trustAuthInOutBlob taiob; - struct AuthenticationInformation aia; - enum ndr_err_code ndr_err; - load_case_tables(); pc = poptGetContext("pdbtest", argc, (const char **) argv, @@ -381,73 +458,11 @@ int main(int argc, char **argv) get_friendly_nt_error_msg(rv)); } - td = talloc_zero(ctx ,struct pdb_trusted_domain); - if (!td) { - fprintf(stderr, "talloc failed\n"); - exit(1); - } - - td->domain_name = talloc_strdup(td, TRUST_DOM); - td->netbios_name = talloc_strdup(td, TRUST_DOM); - if (!td->domain_name || !td->netbios_name) { - fprintf(stderr, "talloc failed\n"); - exit(1); - } - - td->trust_auth_incoming = data_blob_null; - - ZERO_STRUCT(taiob); - ZERO_STRUCT(aia); - taiob.count = 1; - taiob.current.count = 1; - taiob.current.array = &aia; - unix_to_nt_time(&aia.LastUpdateTime, time(NULL)); - aia.AuthType = TRUST_AUTH_TYPE_CLEAR; - aia.AuthInfo.clear.password = (uint8_t *) talloc_strdup(ctx, TRUST_PWD); - aia.AuthInfo.clear.size = strlen(TRUST_PWD); - - taiob.previous.count = 0; - taiob.previous.array = NULL; - - ndr_err = ndr_push_struct_blob(&td->trust_auth_outgoing, - td, &taiob, - (ndr_push_flags_fn_t) ndr_push_trustAuthInOutBlob); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - fprintf(stderr, "ndr_push_struct_blob failed.\n"); - exit(1); - } - - td->trust_direction = LSA_TRUST_DIRECTION_OUTBOUND; - td->trust_type = LSA_TRUST_TYPE_DOWNLEVEL; - td->trust_attributes = 0; - td->trust_forest_trust_info = data_blob_null; - - rv = pdb->set_trusted_domain(pdb, TRUST_DOM, td); - if (!NT_STATUS_IS_OK(rv)) { - fprintf(stderr, "Error in set_trusted_domain %s\n", - get_friendly_nt_error_msg(rv)); - error = True; - } - - rv = pdb->get_trusted_domain(pdb, ctx, TRUST_DOM, &new_td); - if (!NT_STATUS_IS_OK(rv)) { - fprintf(stderr, "Error in set_trusted_domain %s\n", - get_friendly_nt_error_msg(rv)); - error = True; - } - - if (!strequal(td->domain_name, new_td->domain_name) || - !strequal(td->netbios_name, new_td->netbios_name) || - !dom_sid_equal(&td->security_identifier, - &new_td->security_identifier) || - td->trust_direction != new_td->trust_direction || - td->trust_type != new_td->trust_type || - td->trust_attributes != new_td->trust_attributes || - td->trust_auth_incoming.length != new_td->trust_auth_incoming.length || - td->trust_forest_trust_info.length != new_td->trust_forest_trust_info.length || - data_blob_cmp(&td->trust_auth_outgoing, &new_td->trust_auth_outgoing) != 0) { - fprintf(stderr, "Old and new trusdet domain data do not match\n"); - error = True; + if (pdb_capabilities() & PDB_CAP_TRUSTED_DOMAINS_EX) { + if (!test_trusted_domains(ctx, pdb, &error)) { + fprintf(stderr, "failed testing trusted domains.\n"); + exit(1); + } } TALLOC_FREE(ctx); |