diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-04-19 05:48:03 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:51:19 -0500 |
commit | 8fce9e3c549bcf1433119333ddbbf0a3dc4af8d9 (patch) | |
tree | 47f7cbbc59bbd5f65d50e5d14321cd4f82c4d30c /source4/torture/rpc/samr.c | |
parent | 6de32ddc2dbfe0685f361ed1a0dc11dff8ca19e5 (diff) | |
download | samba-8fce9e3c549bcf1433119333ddbbf0a3dc4af8d9.tar.gz samba-8fce9e3c549bcf1433119333ddbbf0a3dc4af8d9.tar.bz2 samba-8fce9e3c549bcf1433119333ddbbf0a3dc4af8d9.zip |
r275: added IDL and test code for samr_QueryDisplayInfo3(),
samr_AddMultipleMembersToAlias(),
samr_RemoveMultipleMembersFromAlias(), samr_OemChangePasswordUser2(),
and samr_ChangePasswordUser2()
The password change functions don't actually work yet (but should
soon). At this stage I have just completed the IDL for them. Next step
is to get the hash verifiers right and the torture test should be able
to do password changes.
(This used to be commit 849d0d314a2add80f2b2be6b503fea05973f998e)
Diffstat (limited to 'source4/torture/rpc/samr.c')
-rw-r--r-- | source4/torture/rpc/samr.c | 171 |
1 files changed, 171 insertions, 0 deletions
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index a098fbd9ca..2a48a6c584 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -421,6 +421,76 @@ static BOOL test_ChangePasswordUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, } +static BOOL test_OemChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + struct policy_handle *handle) +{ + NTSTATUS status; + struct samr_OemChangePasswordUser2 r; + BOOL ret = True; + struct samr_Hash hash; + struct samr_CryptPassword pass; + struct samr_AsciiName server, account; + + printf("Testing OemChangePasswordUser2\n"); + + ZERO_STRUCT(hash); + ZERO_STRUCT(pass); + + server.name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p)); + account.name = TEST_USERNAME; + + r.in.server = &server; + r.in.account = &account; + r.in.password = &pass; + r.in.hash = &hash; + + status = dcerpc_samr_OemChangePasswordUser2(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("OemChangePasswordUser2 failed - %s\n", nt_errstr(status)); + ret = False; + } + + return ret; +} + +static BOOL test_ChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + struct policy_handle *handle) +{ + NTSTATUS status; + struct samr_ChangePasswordUser2 r; + BOOL ret = True; + struct samr_Name server, account; + struct samr_CryptPassword nt_pass, lm_pass; + struct samr_Hash nt_verifier, lm_verifier; + + printf("Testing ChangePasswordUser2\n"); + + server.name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p)); + init_samr_Name(&account, TEST_USERNAME); + + ZERO_STRUCT(nt_pass); + ZERO_STRUCT(lm_pass); + ZERO_STRUCT(nt_verifier); + ZERO_STRUCT(lm_verifier); + + r.in.server = &server; + r.in.account = &account; + r.in.nt_password = &nt_pass; + r.in.nt_verifier = &nt_verifier; + r.in.lm_change = 1; + r.in.lm_password = &lm_pass; + r.in.lm_verifier = &lm_verifier; + + status = dcerpc_samr_ChangePasswordUser2(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("ChangePasswordUser2 failed - %s\n", nt_errstr(status)); + ret = False; + } + + return ret; +} + + static BOOL test_GetMembersInAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *alias_handle) { @@ -479,6 +549,62 @@ static BOOL test_AddMemberToAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return ret; } +static BOOL test_AddMultipleMembersToAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + struct policy_handle *alias_handle) +{ + struct samr_AddMultipleMembersToAlias a; + struct samr_RemoveMultipleMembersFromAlias r; + NTSTATUS status; + BOOL ret = True; + struct lsa_SidArray sids; + + printf("testing AddMultipleMembersToAlias\n"); + a.in.handle = alias_handle; + a.in.sids = &sids; + + sids.num_sids = 3; + sids.sids = talloc_array_p(mem_ctx, struct lsa_SidPtr, 3); + + sids.sids[0].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-1"); + sids.sids[1].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-2"); + sids.sids[2].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-3"); + + status = dcerpc_samr_AddMultipleMembersToAlias(p, mem_ctx, &a); + if (!NT_STATUS_IS_OK(status)) { + printf("AddMultipleMembersToAlias failed - %s\n", nt_errstr(status)); + ret = False; + } + + + printf("testing RemoveMultipleMembersFromAlias\n"); + r.in.handle = alias_handle; + r.in.sids = &sids; + + status = dcerpc_samr_RemoveMultipleMembersFromAlias(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("RemoveMultipleMembersFromAlias failed - %s\n", nt_errstr(status)); + ret = False; + } + + /* strange! removing twice doesn't give any error */ + status = dcerpc_samr_RemoveMultipleMembersFromAlias(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("RemoveMultipleMembersFromAlias failed - %s\n", nt_errstr(status)); + ret = False; + } + + /* but removing an alias that isn't there does */ + sids.sids[2].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-4"); + + status = dcerpc_samr_RemoveMultipleMembersFromAlias(p, mem_ctx, &r); + if (!NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_NOT_FOUND, status)) { + printf("RemoveMultipleMembersFromAlias failed - %s\n", nt_errstr(status)); + ret = False; + } + + return ret; +} + static BOOL test_TestPrivateFunctionsUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *user_handle) { @@ -556,6 +682,10 @@ static BOOL test_alias_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, ret = False; } + if (!test_AddMultipleMembersToAlias(p, mem_ctx, alias_handle)) { + ret = False; + } + return ret; } @@ -800,6 +930,14 @@ static BOOL test_CreateUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, ret = False; } + if (!test_OemChangePasswordUser2(p, mem_ctx, domain_handle)) { + ret = False; + } + + if (!test_ChangePasswordUser2(p, mem_ctx, domain_handle)) { + ret = False; + } + if (!test_user_ops(p, mem_ctx, user_handle)) { ret = False; } @@ -1461,6 +1599,35 @@ static BOOL test_QueryDisplayInfo2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return ret; } +static BOOL test_QueryDisplayInfo3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + struct policy_handle *handle) +{ + NTSTATUS status; + struct samr_QueryDisplayInfo3 r; + BOOL ret = True; + uint16 levels[] = {1, 2, 3, 4, 5}; + int i; + + for (i=0;i<ARRAY_SIZE(levels);i++) { + printf("Testing QueryDisplayInfo3 level %u\n", levels[i]); + + r.in.handle = handle; + r.in.level = levels[i]; + r.in.start_idx = 0; + r.in.max_entries = 1000; + r.in.buf_size = (uint32)-1; + + status = dcerpc_samr_QueryDisplayInfo3(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("QueryDisplayInfo3 level %u failed - %s\n", + levels[i], nt_errstr(status)); + ret = False; + } + } + + return ret; +} + static BOOL test_QueryDomainInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle) { @@ -1920,6 +2087,10 @@ static BOOL test_OpenDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, ret = False; } + if (!test_QueryDisplayInfo3(p, mem_ctx, &domain_handle)) { + ret = False; + } + if (!test_GetDisplayEnumerationIndex(p, mem_ctx, &domain_handle)) { ret = False; } |