summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2003-11-27 05:34:28 +0000
committerAndrew Tridgell <tridge@samba.org>2003-11-27 05:34:28 +0000
commitab3d728b7e7b1f3aa878ed5601a45ba08a08eb1f (patch)
treefa5e981618d0128676d6954beb5f90fda0c923e6
parent61bb3c865c4d4324cd2c1ea7d8b337b15dd66493 (diff)
downloadsamba-ab3d728b7e7b1f3aa878ed5601a45ba08a08eb1f.tar.gz
samba-ab3d728b7e7b1f3aa878ed5601a45ba08a08eb1f.tar.bz2
samba-ab3d728b7e7b1f3aa878ed5601a45ba08a08eb1f.zip
added an rpc scanner. This prints messages like this:
uuid 82273fdc-e32a-18c3-3f78-827929dc23ea version 0x0000:0x0000 'eventlog' 24 calls available WARNING: local IDL defines 4 calls when all the WARNINGs are gone then we know we have all the calls :) (This used to be commit f5821b2468a0c46d0e5590de59562926d746c349)
-rw-r--r--source4/Makefile.in3
-rw-r--r--source4/build/pidl/header.pm3
-rw-r--r--source4/build/pidl/parser.pm8
-rw-r--r--source4/librpc/idl/dcerpc.idl6
-rw-r--r--source4/librpc/rpc/dcerpc.h2
-rw-r--r--source4/librpc/rpc/dcerpc_util.c3
-rw-r--r--source4/torture/rpc/mgmt.c25
-rw-r--r--source4/torture/rpc/scanner.c211
-rw-r--r--source4/torture/torture.c5
9 files changed, 258 insertions, 8 deletions
diff --git a/source4/Makefile.in b/source4/Makefile.in
index c6b763137e..e631668e09 100644
--- a/source4/Makefile.in
+++ b/source4/Makefile.in
@@ -443,7 +443,8 @@ SMBTORTURE_RAW_OBJ = torture/raw/qfsinfo.o torture/raw/qfileinfo.o torture/raw/s
SMBTORTURE_RPC_OBJ = torture/rpc/lsa.o torture/rpc/echo.o torture/rpc/dfs.o \
torture/rpc/spoolss.o torture/rpc/samr.o torture/rpc/wkssvc.o \
torture/rpc/srvsvc.o torture/rpc/atsvc.o torture/rpc/eventlog.o \
- torture/rpc/epmapper.o torture/rpc/winreg.o torture/rpc/mgmt.o
+ torture/rpc/epmapper.o torture/rpc/winreg.o torture/rpc/mgmt.o \
+ torture/rpc/scanner.o
SMBTORTURE_OBJ1 = torture/torture.o torture/torture_util.o torture/nbio.o torture/scanner.o \
torture/utable.o torture/denytest.o torture/mangle_test.o \
diff --git a/source4/build/pidl/header.pm b/source4/build/pidl/header.pm
index c71b8fbeb1..cdc4522517 100644
--- a/source4/build/pidl/header.pm
+++ b/source4/build/pidl/header.pm
@@ -241,10 +241,9 @@ sub HeaderInterface($)
$res .= "#define DCERPC_$name\_UUID \"$if_uuid\"\n";
$res .= "#define DCERPC_$name\_VERSION $if_version\n";
$res .= "#define DCERPC_$name\_NAME \"$interface->{NAME}\"\n\n";
+ $res .= "extern const struct dcerpc_interface_table dcerpc_table_$interface->{NAME};\n\n";
}
- $res .= "extern struct dcerpc_interface_table dcerpc_table_$interface->{NAME};\n\n";
-
foreach my $d (@{$data}) {
if ($d->{TYPE} eq "FUNCTION") {
my $u_name = uc $d->{NAME};
diff --git a/source4/build/pidl/parser.pm b/source4/build/pidl/parser.pm
index a7dad3707c..5c80812ec1 100644
--- a/source4/build/pidl/parser.pm
+++ b/source4/build/pidl/parser.pm
@@ -1246,13 +1246,17 @@ sub FunctionTable($)
my($interface) = shift;
my($data) = $interface->{DATA};
my $count = 0;
+ my $uname = uc $interface->{NAME};
foreach my $d (@{$data}) {
if ($d->{TYPE} eq "FUNCTION") { $count++; }
}
+ if ($count == 0) {
+ return;
+ }
- pidl "static const struct dcerpc_interface_call calls[] = {\n";
+ pidl "static const struct dcerpc_interface_call $interface->{NAME}\_calls[] = {\n";
foreach my $d (@{$data}) {
if ($d->{TYPE} eq "FUNCTION") {
pidl "\t{\n";
@@ -1266,7 +1270,7 @@ sub FunctionTable($)
}
pidl "\t{ NULL, 0, NULL, NULL }\n};\n\n";
- pidl "\nstruct dcerpc_interface_table dcerpc_table_$interface->{NAME} = {\"$interface->{NAME}\", $count,calls};\n\n";
+ pidl "\nconst struct dcerpc_interface_table dcerpc_table_$interface->{NAME} = {\"$interface->{NAME}\", DCERPC_$uname\_UUID, DCERPC_$uname\_VERSION, $count, $interface->{NAME}\_calls};\n\n";
}
diff --git a/source4/librpc/idl/dcerpc.idl b/source4/librpc/idl/dcerpc.idl
index d31e734416..b00396e787 100644
--- a/source4/librpc/idl/dcerpc.idl
+++ b/source4/librpc/idl/dcerpc.idl
@@ -78,7 +78,13 @@ interface dcerpc
[flag(NDR_REMAINING)] DATA_BLOB stub_and_verifier;
} dcerpc_response;
+
+ const int DCERPC_FAULT_OP_RNG_ERROR = 0x1c010002;
+
typedef struct {
+ uint32 alloc_hint;
+ uint16 context_id;
+ uint8 cancel_count;
uint32 status;
} dcerpc_fault;
diff --git a/source4/librpc/rpc/dcerpc.h b/source4/librpc/rpc/dcerpc.h
index 9a301db66b..6f9aa75e8b 100644
--- a/source4/librpc/rpc/dcerpc.h
+++ b/source4/librpc/rpc/dcerpc.h
@@ -78,6 +78,8 @@ struct dcerpc_interface_call {
struct dcerpc_interface_table {
const char *name;
+ const char *uuid;
+ uint32 if_version;
uint32 num_calls;
const struct dcerpc_interface_call *calls;
};
diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c
index fa69425ab0..e9499f969b 100644
--- a/source4/librpc/rpc/dcerpc_util.c
+++ b/source4/librpc/rpc/dcerpc_util.c
@@ -62,7 +62,8 @@ NTSTATUS dcerpc_epm_map_tcp_port(const char *server,
GUID guid;
struct epm_twr_t twr, *twr_r;
- if (strcasecmp(uuid, DCERPC_EPMAPPER_UUID) == 0) {
+ if (strcasecmp(uuid, DCERPC_EPMAPPER_UUID) == 0 ||
+ strcasecmp(uuid, DCERPC_MGMT_UUID) == 0) {
/* don't lookup epmapper via epmapper! */
*port = EPMAPPER_PORT;
return NT_STATUS_OK;
diff --git a/source4/torture/rpc/mgmt.c b/source4/torture/rpc/mgmt.c
index e3a8146e64..0f3cfffa66 100644
--- a/source4/torture/rpc/mgmt.c
+++ b/source4/torture/rpc/mgmt.c
@@ -22,6 +22,9 @@
#include "includes.h"
+/*
+ ask the server what interface IDs are available on this endpoint
+*/
static BOOL test_inq_if_ids(struct dcerpc_pipe *p,
TALLOC_CTX *mem_ctx)
{
@@ -166,11 +169,14 @@ BOOL torture_rpc_mgmt(int dummy)
TALLOC_CTX *mem_ctx;
BOOL ret = True;
int i;
+ char *host = lp_parm_string(-1, "torture", "host");
+ uint32 port;
mem_ctx = talloc_init("torture_rpc_mgmt");
- for (i=0;dcerpc_pipes[i];i++) {
-
+ for (i=0;dcerpc_pipes[i];i++) {
+ char *transport = lp_parm_string(-1, "torture", "transport");
+
/* some interfaces are not mappable */
if (dcerpc_pipes[i]->num_calls == 0 ||
strcmp(dcerpc_pipes[i]->name, "mgmt") == 0) {
@@ -179,6 +185,21 @@ BOOL torture_rpc_mgmt(int dummy)
printf("\nTesting pipe '%s'\n", dcerpc_pipes[i]->name);
+ /* on TCP we need to find the right endpoint */
+ if (strcasecmp(transport, "ncacn_ip_tcp") == 0) {
+ status = dcerpc_epm_map_tcp_port(host,
+ dcerpc_pipes[i]->uuid,
+ dcerpc_pipes[i]->if_version,
+ &port);
+ if (!NT_STATUS_IS_OK(status)) {
+ ret = False;
+ continue;
+ }
+
+ lp_set_cmdline("torture:share",
+ talloc_asprintf(mem_ctx, "%u", port));
+ }
+
status = torture_rpc_connection(&p,
dcerpc_pipes[i]->name,
DCERPC_MGMT_UUID,
diff --git a/source4/torture/rpc/scanner.c b/source4/torture/rpc/scanner.c
new file mode 100644
index 0000000000..814b28a01d
--- /dev/null
+++ b/source4/torture/rpc/scanner.c
@@ -0,0 +1,211 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ scanner for rpc calls
+
+ Copyright (C) Andrew Tridgell 2003
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+/*
+ find the number of calls defined by local IDL
+*/
+static const char *find_idl_name(const char *uuid, uint32 if_version)
+{
+ int i;
+ for (i=0;dcerpc_pipes[i];i++) {
+ if (strcasecmp(dcerpc_pipes[i]->uuid, uuid) == 0 &&
+ dcerpc_pipes[i]->if_version == if_version) {
+ return dcerpc_pipes[i]->name;
+ }
+ }
+ return "UNKNOWN";
+}
+
+/*
+ find the number of calls defined by local IDL
+*/
+static int num_idl_calls(const char *uuid, uint32 if_version)
+{
+ int i;
+ for (i=0;dcerpc_pipes[i];i++) {
+ if (strcasecmp(dcerpc_pipes[i]->uuid, uuid) == 0 &&
+ dcerpc_pipes[i]->if_version == if_version) {
+ return dcerpc_pipes[i]->num_calls;
+ }
+ }
+ return -1;
+}
+
+/*
+ work out how many calls there are for an interface
+ */
+static BOOL test_num_calls(const struct dcerpc_interface_table *iface,
+ TALLOC_CTX *mem_ctx,
+ struct dcerpc_syntax_id *id)
+{
+ struct dcerpc_pipe *p;
+ NTSTATUS status;
+ const char *uuid;
+ int i;
+ DATA_BLOB stub_in, stub_out;
+ int idl_calls;
+
+ uuid = GUID_string(mem_ctx, &id->uuid);
+
+ status = torture_rpc_connection(&p, iface->name,
+ uuid, id->major_version);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Failed to connect to '%s' on '%s' - %s\n",
+ uuid, iface->name, nt_errstr(status));
+ return False;
+ }
+
+ /* make null calls */
+ stub_in = data_blob(NULL, 0);
+
+ status = dcerpc_request(p, 10000, mem_ctx, &stub_in, &stub_out);
+ if (NT_STATUS_IS_OK(status) ||
+ p->last_fault_code != DCERPC_FAULT_OP_RNG_ERROR) {
+ printf("unable to determine call count - %s %08x\n",
+ nt_errstr(status), p->last_fault_code);
+ goto done;
+ }
+
+ for (i=128;i>=0;i--) {
+ status = dcerpc_request(p, i, mem_ctx, &stub_in, &stub_out);
+ if (NT_STATUS_IS_OK(status) ||
+ p->last_fault_code != DCERPC_FAULT_OP_RNG_ERROR) break;
+ }
+
+ printf("\t%d calls available\n", i+1);
+ idl_calls = num_idl_calls(uuid, id->major_version);
+ if (idl_calls == -1) {
+ printf("\tinterface not known in local IDL\n");
+ } else if (i+1 != idl_calls) {
+ printf("\tWARNING: local IDL defines %u calls\n", idl_calls);
+ } else {
+ printf("\tOK: matches num_calls in local IDL\n");
+ }
+
+done:
+ torture_rpc_close(p);
+ return True;
+}
+
+/*
+ ask the server what interface IDs are available on this endpoint
+*/
+static BOOL test_inq_if_ids(struct dcerpc_pipe *p,
+ TALLOC_CTX *mem_ctx,
+ const struct dcerpc_interface_table *iface)
+{
+ NTSTATUS status;
+ struct mgmt_inq_if_ids r;
+ int i;
+
+ status = dcerpc_mgmt_inq_if_ids(p, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("inq_if_ids failed - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("inq_if_ids gave error code %s\n", win_errstr(r.out.result));
+ return False;
+ }
+
+ if (!r.out.if_id_vector) {
+ printf("inq_if_ids gave NULL if_id_vector\n");
+ return False;
+ }
+
+ for (i=0;i<r.out.if_id_vector->count;i++) {
+ const char *uuid;
+ struct dcerpc_syntax_id *id = r.out.if_id_vector->if_id[i].id;
+ if (!id) continue;
+
+ uuid = GUID_string(mem_ctx, &id->uuid),
+
+ printf("\n\tuuid %s version 0x%04x:0x%04x '%s'\n",
+ uuid,
+ id->major_version, id->minor_version,
+ find_idl_name(uuid, id->major_version));
+ test_num_calls(iface, mem_ctx, id);
+ }
+
+ return True;
+}
+
+
+BOOL torture_rpc_scanner(int dummy)
+{
+ NTSTATUS status;
+ struct dcerpc_pipe *p;
+ TALLOC_CTX *mem_ctx;
+ BOOL ret = True;
+ int i;
+ char *host = lp_parm_string(-1, "torture", "host");
+ uint32 port;
+
+ mem_ctx = talloc_init("torture_rpc_scanner");
+
+ for (i=0;dcerpc_pipes[i];i++) {
+ char *transport = lp_parm_string(-1, "torture", "transport");
+
+ /* some interfaces are not mappable */
+ if (dcerpc_pipes[i]->num_calls == 0 ||
+ strcmp(dcerpc_pipes[i]->name, "mgmt") == 0) {
+ continue;
+ }
+
+ printf("\nTesting pipe '%s'\n", dcerpc_pipes[i]->name);
+
+ /* on TCP we need to find the right endpoint */
+ if (strcasecmp(transport, "ncacn_ip_tcp") == 0) {
+ status = dcerpc_epm_map_tcp_port(host,
+ dcerpc_pipes[i]->uuid,
+ dcerpc_pipes[i]->if_version,
+ &port);
+ if (!NT_STATUS_IS_OK(status)) {
+ ret = False;
+ continue;
+ }
+
+ lp_set_cmdline("torture:share",
+ talloc_asprintf(mem_ctx, "%u", port));
+ }
+
+ status = torture_rpc_connection(&p,
+ dcerpc_pipes[i]->name,
+ DCERPC_MGMT_UUID,
+ DCERPC_MGMT_VERSION);
+ if (!NT_STATUS_IS_OK(status)) {
+ ret = False;
+ continue;
+ }
+
+ if (!test_inq_if_ids(p, mem_ctx, dcerpc_pipes[i])) {
+ ret = False;
+ }
+
+ torture_rpc_close(p);
+ }
+
+ return ret;
+}
diff --git a/source4/torture/torture.c b/source4/torture/torture.c
index 7055acbb85..9bc494df7f 100644
--- a/source4/torture/torture.c
+++ b/source4/torture/torture.c
@@ -217,6 +217,10 @@ NTSTATUS torture_rpc_connection(struct dcerpc_pipe **p,
return status;
}
+ /* this ensures that the reference count is decremented so
+ a pipe close will really close the link */
+ cli_tree_close(cli->tree);
+
/* bind to the pipe, using the uuid as the key */
status = dcerpc_bind_auth_none(*p, pipe_uuid, pipe_version);
if (!NT_STATUS_IS_OK(status)) {
@@ -4061,6 +4065,7 @@ static struct {
{"RPC-EPMAPPER", torture_rpc_epmapper, 0},
{"RPC-WINREG", torture_rpc_winreg, 0},
{"RPC-MGMT", torture_rpc_mgmt, 0},
+ {"RPC-SCANNER", torture_rpc_scanner, 0},
{NULL, NULL, 0}};