diff options
author | Andrew Tridgell <tridge@samba.org> | 2003-11-27 05:34:28 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2003-11-27 05:34:28 +0000 |
commit | ab3d728b7e7b1f3aa878ed5601a45ba08a08eb1f (patch) | |
tree | fa5e981618d0128676d6954beb5f90fda0c923e6 | |
parent | 61bb3c865c4d4324cd2c1ea7d8b337b15dd66493 (diff) | |
download | samba-ab3d728b7e7b1f3aa878ed5601a45ba08a08eb1f.tar.gz samba-ab3d728b7e7b1f3aa878ed5601a45ba08a08eb1f.tar.bz2 samba-ab3d728b7e7b1f3aa878ed5601a45ba08a08eb1f.zip |
added an rpc scanner. This prints messages like this:
uuid 82273fdc-e32a-18c3-3f78-827929dc23ea version 0x0000:0x0000 'eventlog'
24 calls available
WARNING: local IDL defines 4 calls
when all the WARNINGs are gone then we know we have all the calls :)
(This used to be commit f5821b2468a0c46d0e5590de59562926d746c349)
-rw-r--r-- | source4/Makefile.in | 3 | ||||
-rw-r--r-- | source4/build/pidl/header.pm | 3 | ||||
-rw-r--r-- | source4/build/pidl/parser.pm | 8 | ||||
-rw-r--r-- | source4/librpc/idl/dcerpc.idl | 6 | ||||
-rw-r--r-- | source4/librpc/rpc/dcerpc.h | 2 | ||||
-rw-r--r-- | source4/librpc/rpc/dcerpc_util.c | 3 | ||||
-rw-r--r-- | source4/torture/rpc/mgmt.c | 25 | ||||
-rw-r--r-- | source4/torture/rpc/scanner.c | 211 | ||||
-rw-r--r-- | source4/torture/torture.c | 5 |
9 files changed, 258 insertions, 8 deletions
diff --git a/source4/Makefile.in b/source4/Makefile.in index c6b763137e..e631668e09 100644 --- a/source4/Makefile.in +++ b/source4/Makefile.in @@ -443,7 +443,8 @@ SMBTORTURE_RAW_OBJ = torture/raw/qfsinfo.o torture/raw/qfileinfo.o torture/raw/s SMBTORTURE_RPC_OBJ = torture/rpc/lsa.o torture/rpc/echo.o torture/rpc/dfs.o \ torture/rpc/spoolss.o torture/rpc/samr.o torture/rpc/wkssvc.o \ torture/rpc/srvsvc.o torture/rpc/atsvc.o torture/rpc/eventlog.o \ - torture/rpc/epmapper.o torture/rpc/winreg.o torture/rpc/mgmt.o + torture/rpc/epmapper.o torture/rpc/winreg.o torture/rpc/mgmt.o \ + torture/rpc/scanner.o SMBTORTURE_OBJ1 = torture/torture.o torture/torture_util.o torture/nbio.o torture/scanner.o \ torture/utable.o torture/denytest.o torture/mangle_test.o \ diff --git a/source4/build/pidl/header.pm b/source4/build/pidl/header.pm index c71b8fbeb1..cdc4522517 100644 --- a/source4/build/pidl/header.pm +++ b/source4/build/pidl/header.pm @@ -241,10 +241,9 @@ sub HeaderInterface($) $res .= "#define DCERPC_$name\_UUID \"$if_uuid\"\n"; $res .= "#define DCERPC_$name\_VERSION $if_version\n"; $res .= "#define DCERPC_$name\_NAME \"$interface->{NAME}\"\n\n"; + $res .= "extern const struct dcerpc_interface_table dcerpc_table_$interface->{NAME};\n\n"; } - $res .= "extern struct dcerpc_interface_table dcerpc_table_$interface->{NAME};\n\n"; - foreach my $d (@{$data}) { if ($d->{TYPE} eq "FUNCTION") { my $u_name = uc $d->{NAME}; diff --git a/source4/build/pidl/parser.pm b/source4/build/pidl/parser.pm index a7dad3707c..5c80812ec1 100644 --- a/source4/build/pidl/parser.pm +++ b/source4/build/pidl/parser.pm @@ -1246,13 +1246,17 @@ sub FunctionTable($) my($interface) = shift; my($data) = $interface->{DATA}; my $count = 0; + my $uname = uc $interface->{NAME}; foreach my $d (@{$data}) { if ($d->{TYPE} eq "FUNCTION") { $count++; } } + if ($count == 0) { + return; + } - pidl "static const struct dcerpc_interface_call calls[] = {\n"; + pidl "static const struct dcerpc_interface_call $interface->{NAME}\_calls[] = {\n"; foreach my $d (@{$data}) { if ($d->{TYPE} eq "FUNCTION") { pidl "\t{\n"; @@ -1266,7 +1270,7 @@ sub FunctionTable($) } pidl "\t{ NULL, 0, NULL, NULL }\n};\n\n"; - pidl "\nstruct dcerpc_interface_table dcerpc_table_$interface->{NAME} = {\"$interface->{NAME}\", $count,calls};\n\n"; + pidl "\nconst struct dcerpc_interface_table dcerpc_table_$interface->{NAME} = {\"$interface->{NAME}\", DCERPC_$uname\_UUID, DCERPC_$uname\_VERSION, $count, $interface->{NAME}\_calls};\n\n"; } diff --git a/source4/librpc/idl/dcerpc.idl b/source4/librpc/idl/dcerpc.idl index d31e734416..b00396e787 100644 --- a/source4/librpc/idl/dcerpc.idl +++ b/source4/librpc/idl/dcerpc.idl @@ -78,7 +78,13 @@ interface dcerpc [flag(NDR_REMAINING)] DATA_BLOB stub_and_verifier; } dcerpc_response; + + const int DCERPC_FAULT_OP_RNG_ERROR = 0x1c010002; + typedef struct { + uint32 alloc_hint; + uint16 context_id; + uint8 cancel_count; uint32 status; } dcerpc_fault; diff --git a/source4/librpc/rpc/dcerpc.h b/source4/librpc/rpc/dcerpc.h index 9a301db66b..6f9aa75e8b 100644 --- a/source4/librpc/rpc/dcerpc.h +++ b/source4/librpc/rpc/dcerpc.h @@ -78,6 +78,8 @@ struct dcerpc_interface_call { struct dcerpc_interface_table { const char *name; + const char *uuid; + uint32 if_version; uint32 num_calls; const struct dcerpc_interface_call *calls; }; diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c index fa69425ab0..e9499f969b 100644 --- a/source4/librpc/rpc/dcerpc_util.c +++ b/source4/librpc/rpc/dcerpc_util.c @@ -62,7 +62,8 @@ NTSTATUS dcerpc_epm_map_tcp_port(const char *server, GUID guid; struct epm_twr_t twr, *twr_r; - if (strcasecmp(uuid, DCERPC_EPMAPPER_UUID) == 0) { + if (strcasecmp(uuid, DCERPC_EPMAPPER_UUID) == 0 || + strcasecmp(uuid, DCERPC_MGMT_UUID) == 0) { /* don't lookup epmapper via epmapper! */ *port = EPMAPPER_PORT; return NT_STATUS_OK; diff --git a/source4/torture/rpc/mgmt.c b/source4/torture/rpc/mgmt.c index e3a8146e64..0f3cfffa66 100644 --- a/source4/torture/rpc/mgmt.c +++ b/source4/torture/rpc/mgmt.c @@ -22,6 +22,9 @@ #include "includes.h" +/* + ask the server what interface IDs are available on this endpoint +*/ static BOOL test_inq_if_ids(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) { @@ -166,11 +169,14 @@ BOOL torture_rpc_mgmt(int dummy) TALLOC_CTX *mem_ctx; BOOL ret = True; int i; + char *host = lp_parm_string(-1, "torture", "host"); + uint32 port; mem_ctx = talloc_init("torture_rpc_mgmt"); - for (i=0;dcerpc_pipes[i];i++) { - + for (i=0;dcerpc_pipes[i];i++) { + char *transport = lp_parm_string(-1, "torture", "transport"); + /* some interfaces are not mappable */ if (dcerpc_pipes[i]->num_calls == 0 || strcmp(dcerpc_pipes[i]->name, "mgmt") == 0) { @@ -179,6 +185,21 @@ BOOL torture_rpc_mgmt(int dummy) printf("\nTesting pipe '%s'\n", dcerpc_pipes[i]->name); + /* on TCP we need to find the right endpoint */ + if (strcasecmp(transport, "ncacn_ip_tcp") == 0) { + status = dcerpc_epm_map_tcp_port(host, + dcerpc_pipes[i]->uuid, + dcerpc_pipes[i]->if_version, + &port); + if (!NT_STATUS_IS_OK(status)) { + ret = False; + continue; + } + + lp_set_cmdline("torture:share", + talloc_asprintf(mem_ctx, "%u", port)); + } + status = torture_rpc_connection(&p, dcerpc_pipes[i]->name, DCERPC_MGMT_UUID, diff --git a/source4/torture/rpc/scanner.c b/source4/torture/rpc/scanner.c new file mode 100644 index 0000000000..814b28a01d --- /dev/null +++ b/source4/torture/rpc/scanner.c @@ -0,0 +1,211 @@ +/* + Unix SMB/CIFS implementation. + + scanner for rpc calls + + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +/* + find the number of calls defined by local IDL +*/ +static const char *find_idl_name(const char *uuid, uint32 if_version) +{ + int i; + for (i=0;dcerpc_pipes[i];i++) { + if (strcasecmp(dcerpc_pipes[i]->uuid, uuid) == 0 && + dcerpc_pipes[i]->if_version == if_version) { + return dcerpc_pipes[i]->name; + } + } + return "UNKNOWN"; +} + +/* + find the number of calls defined by local IDL +*/ +static int num_idl_calls(const char *uuid, uint32 if_version) +{ + int i; + for (i=0;dcerpc_pipes[i];i++) { + if (strcasecmp(dcerpc_pipes[i]->uuid, uuid) == 0 && + dcerpc_pipes[i]->if_version == if_version) { + return dcerpc_pipes[i]->num_calls; + } + } + return -1; +} + +/* + work out how many calls there are for an interface + */ +static BOOL test_num_calls(const struct dcerpc_interface_table *iface, + TALLOC_CTX *mem_ctx, + struct dcerpc_syntax_id *id) +{ + struct dcerpc_pipe *p; + NTSTATUS status; + const char *uuid; + int i; + DATA_BLOB stub_in, stub_out; + int idl_calls; + + uuid = GUID_string(mem_ctx, &id->uuid); + + status = torture_rpc_connection(&p, iface->name, + uuid, id->major_version); + if (!NT_STATUS_IS_OK(status)) { + printf("Failed to connect to '%s' on '%s' - %s\n", + uuid, iface->name, nt_errstr(status)); + return False; + } + + /* make null calls */ + stub_in = data_blob(NULL, 0); + + status = dcerpc_request(p, 10000, mem_ctx, &stub_in, &stub_out); + if (NT_STATUS_IS_OK(status) || + p->last_fault_code != DCERPC_FAULT_OP_RNG_ERROR) { + printf("unable to determine call count - %s %08x\n", + nt_errstr(status), p->last_fault_code); + goto done; + } + + for (i=128;i>=0;i--) { + status = dcerpc_request(p, i, mem_ctx, &stub_in, &stub_out); + if (NT_STATUS_IS_OK(status) || + p->last_fault_code != DCERPC_FAULT_OP_RNG_ERROR) break; + } + + printf("\t%d calls available\n", i+1); + idl_calls = num_idl_calls(uuid, id->major_version); + if (idl_calls == -1) { + printf("\tinterface not known in local IDL\n"); + } else if (i+1 != idl_calls) { + printf("\tWARNING: local IDL defines %u calls\n", idl_calls); + } else { + printf("\tOK: matches num_calls in local IDL\n"); + } + +done: + torture_rpc_close(p); + return True; +} + +/* + ask the server what interface IDs are available on this endpoint +*/ +static BOOL test_inq_if_ids(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + const struct dcerpc_interface_table *iface) +{ + NTSTATUS status; + struct mgmt_inq_if_ids r; + int i; + + status = dcerpc_mgmt_inq_if_ids(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("inq_if_ids failed - %s\n", nt_errstr(status)); + return False; + } + + if (!W_ERROR_IS_OK(r.out.result)) { + printf("inq_if_ids gave error code %s\n", win_errstr(r.out.result)); + return False; + } + + if (!r.out.if_id_vector) { + printf("inq_if_ids gave NULL if_id_vector\n"); + return False; + } + + for (i=0;i<r.out.if_id_vector->count;i++) { + const char *uuid; + struct dcerpc_syntax_id *id = r.out.if_id_vector->if_id[i].id; + if (!id) continue; + + uuid = GUID_string(mem_ctx, &id->uuid), + + printf("\n\tuuid %s version 0x%04x:0x%04x '%s'\n", + uuid, + id->major_version, id->minor_version, + find_idl_name(uuid, id->major_version)); + test_num_calls(iface, mem_ctx, id); + } + + return True; +} + + +BOOL torture_rpc_scanner(int dummy) +{ + NTSTATUS status; + struct dcerpc_pipe *p; + TALLOC_CTX *mem_ctx; + BOOL ret = True; + int i; + char *host = lp_parm_string(-1, "torture", "host"); + uint32 port; + + mem_ctx = talloc_init("torture_rpc_scanner"); + + for (i=0;dcerpc_pipes[i];i++) { + char *transport = lp_parm_string(-1, "torture", "transport"); + + /* some interfaces are not mappable */ + if (dcerpc_pipes[i]->num_calls == 0 || + strcmp(dcerpc_pipes[i]->name, "mgmt") == 0) { + continue; + } + + printf("\nTesting pipe '%s'\n", dcerpc_pipes[i]->name); + + /* on TCP we need to find the right endpoint */ + if (strcasecmp(transport, "ncacn_ip_tcp") == 0) { + status = dcerpc_epm_map_tcp_port(host, + dcerpc_pipes[i]->uuid, + dcerpc_pipes[i]->if_version, + &port); + if (!NT_STATUS_IS_OK(status)) { + ret = False; + continue; + } + + lp_set_cmdline("torture:share", + talloc_asprintf(mem_ctx, "%u", port)); + } + + status = torture_rpc_connection(&p, + dcerpc_pipes[i]->name, + DCERPC_MGMT_UUID, + DCERPC_MGMT_VERSION); + if (!NT_STATUS_IS_OK(status)) { + ret = False; + continue; + } + + if (!test_inq_if_ids(p, mem_ctx, dcerpc_pipes[i])) { + ret = False; + } + + torture_rpc_close(p); + } + + return ret; +} diff --git a/source4/torture/torture.c b/source4/torture/torture.c index 7055acbb85..9bc494df7f 100644 --- a/source4/torture/torture.c +++ b/source4/torture/torture.c @@ -217,6 +217,10 @@ NTSTATUS torture_rpc_connection(struct dcerpc_pipe **p, return status; } + /* this ensures that the reference count is decremented so + a pipe close will really close the link */ + cli_tree_close(cli->tree); + /* bind to the pipe, using the uuid as the key */ status = dcerpc_bind_auth_none(*p, pipe_uuid, pipe_version); if (!NT_STATUS_IS_OK(status)) { @@ -4061,6 +4065,7 @@ static struct { {"RPC-EPMAPPER", torture_rpc_epmapper, 0}, {"RPC-WINREG", torture_rpc_winreg, 0}, {"RPC-MGMT", torture_rpc_mgmt, 0}, + {"RPC-SCANNER", torture_rpc_scanner, 0}, {NULL, NULL, 0}}; |