diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2006-02-07 23:30:50 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:51:51 -0500 |
| commit | e45ce50a61a1438a219d2554308aa94915b7020f (patch) | |
| tree | 6e8727bfa76acebf33a4b7d956e99fece4696f27 | |
| parent | b8a9bec662d756788126824f7d5605b3b3656f83 (diff) | |
| download | samba-e45ce50a61a1438a219d2554308aa94915b7020f.tar.gz samba-e45ce50a61a1438a219d2554308aa94915b7020f.tar.bz2 samba-e45ce50a61a1438a219d2554308aa94915b7020f.zip | |
r13380: Drop the socket, then try SAMR operations secured with netlogon on the new socket.
We should also test netlogon operations, but there are issues with
what state is expected to be stored (far more than we currently do).
Andrew Bartlett
(This used to be commit 39ddba0d0dc4475f9f7c5b7aa19ffff42c9fd1f5)
| -rwxr-xr-x | source4/script/tests/test_rpc_quick.sh | 6 | ||||
| -rw-r--r-- | source4/torture/rpc/schannel.c | 29 |
2 files changed, 32 insertions, 3 deletions
diff --git a/source4/script/tests/test_rpc_quick.sh b/source4/script/tests/test_rpc_quick.sh index fe3fad73ea..62b2d6cb9d 100755 --- a/source4/script/tests/test_rpc_quick.sh +++ b/source4/script/tests/test_rpc_quick.sh @@ -2,9 +2,9 @@ # add tests to this list as they start passing, so we test # that they stay passing -ncacn_np_tests="RPC-ALTERCONTEXT RPC-JOIN RPC-ECHO" -ncalrpc_tests="RPC-ALTERCONTEXT RPC-JOIN RPC-ECHO" -ncacn_ip_tcp_tests="RPC-ALTERCONTEXT RPC-JOIN RPC-ECHO" +ncacn_np_tests="RPC-ALTERCONTEXT RPC-JOIN RPC-ECHO RPC-SCHANNEL" +ncalrpc_tests="RPC-ALTERCONTEXT RPC-JOIN RPC-ECHO RPC-SCHANNEL" +ncacn_ip_tcp_tests="RPC-ALTERCONTEXT RPC-JOIN RPC-ECHO RPC-SCHANNEL" if [ $# -lt 4 ]; then cat <<EOF diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c index 4e9d644138..9341fc4a93 100644 --- a/source4/torture/rpc/schannel.c +++ b/source4/torture/rpc/schannel.c @@ -157,6 +157,7 @@ static BOOL test_schannel(TALLOC_CTX *mem_ctx, struct dcerpc_binding *b; struct dcerpc_pipe *p = NULL; struct dcerpc_pipe *p_netlogon = NULL; + struct dcerpc_pipe *p_samr2 = NULL; struct dcerpc_pipe *p_lsa = NULL; struct creds_CredentialState *creds; struct cli_credentials *credentials; @@ -256,6 +257,34 @@ static BOOL test_schannel(TALLOC_CTX *mem_ctx, ret = False; } + /* Drop the socket, we want to start from scratch */ + talloc_free(p); + p = NULL; + + /* Now see what we are still allowed to do */ + + status = dcerpc_parse_binding(test_ctx, binding, &b); + if (!NT_STATUS_IS_OK(status)) { + printf("Bad binding string %s\n", binding); + goto failed; + } + + b->flags &= ~DCERPC_AUTH_OPTIONS; + b->flags |= dcerpc_flags; + + status = dcerpc_pipe_connect_b(test_ctx, &p_samr2, b, &dcerpc_table_samr, + credentials, NULL); + if (!NT_STATUS_IS_OK(status)) { + printf("Failed to connect with schannel: %s\n", nt_errstr(status)); + goto failed; + } + + /* do a couple of logins. We have *not* done a new serverauthenticate */ + if (!test_samr_ops(p_samr2, test_ctx)) { + printf("Failed to process schannel secured SAMR ops (on fresh connection)\n"); + ret = False; + } + torture_leave_domain(join_ctx); talloc_free(test_ctx); return ret; |