summaryrefslogtreecommitdiff
path: root/source4/torture/rpc
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2008-10-27 23:41:48 +0100
committerJelmer Vernooij <jelmer@samba.org>2008-10-27 23:41:48 +0100
commit35f12009af7e70c7bf45f751bdbd12f8146a7c0b (patch)
tree5ddf16c4690218e158889d3b26b8258931a48b3a /source4/torture/rpc
parentaafe9ca1aa829f64d4bad1df3ee1d5997fb17d71 (diff)
parenta4ad2658500e83613eeb5c01a6dfb5d067803d16 (diff)
downloadsamba-35f12009af7e70c7bf45f751bdbd12f8146a7c0b.tar.gz
samba-35f12009af7e70c7bf45f751bdbd12f8146a7c0b.tar.bz2
samba-35f12009af7e70c7bf45f751bdbd12f8146a7c0b.zip
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Diffstat (limited to 'source4/torture/rpc')
-rw-r--r--source4/torture/rpc/handles.c2
-rw-r--r--source4/torture/rpc/lsa.c165
-rw-r--r--source4/torture/rpc/lsa_lookup.c11
-rw-r--r--source4/torture/rpc/object_uuid.c8
-rw-r--r--source4/torture/rpc/samba3rpc.c23
-rw-r--r--source4/torture/rpc/samsync.c26
-rw-r--r--source4/torture/rpc/schannel.c21
7 files changed, 173 insertions, 83 deletions
diff --git a/source4/torture/rpc/handles.c b/source4/torture/rpc/handles.c
index f35897b3df..553025276d 100644
--- a/source4/torture/rpc/handles.c
+++ b/source4/torture/rpc/handles.c
@@ -109,6 +109,7 @@ static bool test_handles_lsa_shared(struct torture_context *torture)
struct lsa_OpenPolicy r;
struct lsa_Close c;
struct lsa_QuerySecurity qsec;
+ struct sec_desc_buf *sdbuf = NULL;
uint16_t system_name = '\\';
TALLOC_CTX *mem_ctx = talloc_new(torture);
enum dcerpc_transport_t transport;
@@ -167,6 +168,7 @@ static bool test_handles_lsa_shared(struct torture_context *torture)
qsec.in.handle = &handle;
qsec.in.sec_info = 0;
+ qsec.out.sdbuf = &sdbuf;
c.in.handle = &handle;
c.out.handle = &handle2;
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index 69df965f19..454afabc50 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -153,6 +153,7 @@ static bool test_LookupNames(struct dcerpc_pipe *p,
{
struct lsa_LookupNames r;
struct lsa_TransSidArray sids;
+ struct lsa_RefDomainList *domains = NULL;
struct lsa_String *names;
uint32_t count = 0;
NTSTATUS status;
@@ -176,6 +177,7 @@ static bool test_LookupNames(struct dcerpc_pipe *p,
r.in.count = &count;
r.out.count = &count;
r.out.sids = &sids;
+ r.out.domains = &domains;
status = dcerpc_lsa_LookupNames(p, mem_ctx, &r);
@@ -217,6 +219,7 @@ static bool test_LookupNames_bogus(struct dcerpc_pipe *p,
{
struct lsa_LookupNames r;
struct lsa_TransSidArray sids;
+ struct lsa_RefDomainList *domains = NULL;
struct lsa_String *names;
uint32_t count = 0;
NTSTATUS status;
@@ -248,6 +251,7 @@ static bool test_LookupNames_bogus(struct dcerpc_pipe *p,
r.in.count = &count;
r.out.count = &count;
r.out.sids = &sids;
+ r.out.domains = &domains;
status = dcerpc_lsa_LookupNames(p, mem_ctx, &r);
if (!NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) {
@@ -317,6 +321,7 @@ static bool test_LookupNames2(struct dcerpc_pipe *p,
{
struct lsa_LookupNames2 r;
struct lsa_TransSidArray2 sids;
+ struct lsa_RefDomainList *domains = NULL;
struct lsa_String *names;
uint32_t count = 0;
NTSTATUS status;
@@ -342,6 +347,7 @@ static bool test_LookupNames2(struct dcerpc_pipe *p,
r.in.client_revision = 0;
r.out.count = &count;
r.out.sids = &sids;
+ r.out.domains = &domains;
status = dcerpc_lsa_LookupNames2(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -362,6 +368,7 @@ static bool test_LookupNames3(struct dcerpc_pipe *p,
{
struct lsa_LookupNames3 r;
struct lsa_TransSidArray3 sids;
+ struct lsa_RefDomainList *domains = NULL;
struct lsa_String *names;
uint32_t count = 0;
NTSTATUS status;
@@ -387,6 +394,7 @@ static bool test_LookupNames3(struct dcerpc_pipe *p,
r.in.client_revision = 0;
r.out.count = &count;
r.out.sids = &sids;
+ r.out.domains = &domains;
status = dcerpc_lsa_LookupNames3(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -405,6 +413,7 @@ static bool test_LookupNames4(struct dcerpc_pipe *p,
{
struct lsa_LookupNames4 r;
struct lsa_TransSidArray3 sids;
+ struct lsa_RefDomainList *domains = NULL;
struct lsa_String *names;
uint32_t count = 0;
NTSTATUS status;
@@ -429,6 +438,7 @@ static bool test_LookupNames4(struct dcerpc_pipe *p,
r.in.client_revision = 0;
r.out.count = &count;
r.out.sids = &sids;
+ r.out.domains = &domains;
status = dcerpc_lsa_LookupNames4(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -449,6 +459,7 @@ static bool test_LookupSids(struct dcerpc_pipe *p,
{
struct lsa_LookupSids r;
struct lsa_TransNameArray names;
+ struct lsa_RefDomainList *domains = NULL;
uint32_t count = sids->num_sids;
NTSTATUS status;
@@ -464,6 +475,7 @@ static bool test_LookupSids(struct dcerpc_pipe *p,
r.in.count = &count;
r.out.count = &count;
r.out.names = &names;
+ r.out.domains = &domains;
status = dcerpc_lsa_LookupSids(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -488,6 +500,7 @@ static bool test_LookupSids2(struct dcerpc_pipe *p,
{
struct lsa_LookupSids2 r;
struct lsa_TransNameArray2 names;
+ struct lsa_RefDomainList *domains = NULL;
uint32_t count = sids->num_sids;
NTSTATUS status;
@@ -505,6 +518,7 @@ static bool test_LookupSids2(struct dcerpc_pipe *p,
r.in.unknown2 = 0;
r.out.count = &count;
r.out.names = &names;
+ r.out.domains = &domains;
status = dcerpc_lsa_LookupSids2(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -531,6 +545,7 @@ static bool test_LookupSids3(struct dcerpc_pipe *p,
{
struct lsa_LookupSids3 r;
struct lsa_TransNameArray2 names;
+ struct lsa_RefDomainList *domains = NULL;
uint32_t count = sids->num_sids;
NTSTATUS status;
@@ -545,6 +560,7 @@ static bool test_LookupSids3(struct dcerpc_pipe *p,
r.in.count = &count;
r.in.unknown1 = 0;
r.in.unknown2 = 0;
+ r.out.domains = &domains;
r.out.count = &count;
r.out.names = &names;
@@ -594,6 +610,7 @@ bool test_many_LookupSids(struct dcerpc_pipe *p,
if (handle) {
struct lsa_LookupSids r;
struct lsa_TransNameArray names;
+ struct lsa_RefDomainList *domains = NULL;
names.count = 0;
names.names = NULL;
@@ -604,6 +621,7 @@ bool test_many_LookupSids(struct dcerpc_pipe *p,
r.in.count = &names.count;
r.out.count = &count;
r.out.names = &names;
+ r.out.domains = &domains;
status = dcerpc_lsa_LookupSids(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -619,6 +637,7 @@ bool test_many_LookupSids(struct dcerpc_pipe *p,
} else if (p->conn->security_state.auth_info->auth_type == DCERPC_AUTH_TYPE_SCHANNEL &&
p->conn->security_state.auth_info->auth_level >= DCERPC_AUTH_LEVEL_INTEGRITY) {
struct lsa_LookupSids3 r;
+ struct lsa_RefDomainList *domains = NULL;
struct lsa_TransNameArray2 names;
names.count = 0;
@@ -634,6 +653,7 @@ bool test_many_LookupSids(struct dcerpc_pipe *p,
r.in.unknown2 = 0;
r.out.count = &count;
r.out.names = &names;
+ r.out.domains = &domains;
status = dcerpc_lsa_LookupSids3(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -683,6 +703,7 @@ static bool test_LookupSids_async(struct dcerpc_pipe *p,
uint32_t *count;
struct lsa_TransNameArray *names;
struct lsa_LookupSids *r;
+ struct lsa_RefDomainList *domains = NULL;
struct rpc_request **req;
int i, replies;
bool ret = true;
@@ -714,6 +735,7 @@ static bool test_LookupSids_async(struct dcerpc_pipe *p,
r[i].in.count = &names[i].count;
r[i].out.count = &count[i];
r[i].out.names = &names[i];
+ r[i].out.domains = &domains;
req[i] = dcerpc_lsa_LookupSids_send(p, req, &r[i]);
if (req[i] == NULL) {
@@ -767,9 +789,11 @@ static bool test_LookupPrivName(struct dcerpc_pipe *p,
{
NTSTATUS status;
struct lsa_LookupPrivName r;
+ struct lsa_StringLarge *name = NULL;
r.in.handle = handle;
r.in.luid = luid;
+ r.out.name = &name;
status = dcerpc_lsa_LookupPrivName(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -807,22 +831,24 @@ static bool test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p,
if (!NT_STATUS_IS_OK(status)) {
struct lsa_LookupPrivName r_name;
+ struct lsa_StringLarge *name = NULL;
r_name.in.handle = handle;
r_name.in.luid = luid;
-
+ r_name.out.name = &name;
+
status = dcerpc_lsa_LookupPrivName(p, mem_ctx, &r_name);
if (!NT_STATUS_IS_OK(status)) {
printf("\nLookupPrivName failed - %s\n", nt_errstr(status));
return false;
}
/* Windows 2008 does not allow this to be removed */
- if (strcmp("SeAuditPrivilege", r_name.out.name->string) == 0) {
+ if (strcmp("SeAuditPrivilege", name->string) == 0) {
return ret;
}
printf("RemovePrivilegesFromAccount failed to remove %s - %s\n",
- r_name.out.name->string,
+ name->string,
nt_errstr(status));
return false;
}
@@ -867,11 +893,13 @@ static bool test_EnumPrivsAccount(struct dcerpc_pipe *p,
{
NTSTATUS status;
struct lsa_EnumPrivsAccount r;
+ struct lsa_PrivilegeSet *privs = NULL;
bool ret = true;
printf("\nTesting EnumPrivsAccount\n");
r.in.handle = acct_handle;
+ r.out.privs = &privs;
status = dcerpc_lsa_EnumPrivsAccount(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -879,17 +907,17 @@ static bool test_EnumPrivsAccount(struct dcerpc_pipe *p,
return false;
}
- if (r.out.privs && r.out.privs->count > 0) {
+ if (privs && privs->count > 0) {
int i;
- for (i=0;i<r.out.privs->count;i++) {
+ for (i=0;i<privs->count;i++) {
test_LookupPrivName(p, mem_ctx, handle,
- &r.out.privs->set[i].luid);
+ &privs->set[i].luid);
}
ret &= test_RemovePrivilegesFromAccount(p, mem_ctx, handle, acct_handle,
- &r.out.privs->set[0].luid);
+ &privs->set[0].luid);
ret &= test_AddPrivilegesToAccount(p, mem_ctx, acct_handle,
- &r.out.privs->set[0].luid);
+ &privs->set[0].luid);
}
return ret;
@@ -1462,6 +1490,7 @@ static bool test_QuerySecurity(struct dcerpc_pipe *p,
{
NTSTATUS status;
struct lsa_QuerySecurity r;
+ struct sec_desc_buf *sdbuf = NULL;
if (torture_setting_bool(tctx, "samba4", false)) {
printf("\nskipping QuerySecurity test against Samba4\n");
@@ -1472,6 +1501,7 @@ static bool test_QuerySecurity(struct dcerpc_pipe *p,
r.in.handle = acct_handle;
r.in.sec_info = 7;
+ r.out.sdbuf = &sdbuf;
status = dcerpc_lsa_QuerySecurity(p, tctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -1602,14 +1632,17 @@ static bool test_LookupPrivDisplayName(struct dcerpc_pipe *p,
/* produce a reasonable range of language output without screwing up
terminals */
uint16_t language_id = (random() % 4) + 0x409;
+ uint16_t returned_language_id = 0;
+ struct lsa_StringLarge *disp_name = NULL;
printf("\nTesting LookupPrivDisplayName(%s)\n", priv_name->string);
r.in.handle = handle;
r.in.name = priv_name;
- r.in.language_id = &language_id;
- r.out.language_id = &language_id;
- r.in.unknown = 0;
+ r.in.language_id = language_id;
+ r.in.language_id_sys = 0;
+ r.out.returned_language_id = &returned_language_id;
+ r.out.disp_name = &disp_name;
status = dcerpc_lsa_LookupPrivDisplayName(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -1617,8 +1650,8 @@ static bool test_LookupPrivDisplayName(struct dcerpc_pipe *p,
return false;
}
printf("%s -> \"%s\" (language 0x%x/0x%x)\n",
- priv_name->string, r.out.disp_name->string,
- *r.in.language_id, *r.out.language_id);
+ priv_name->string, disp_name->string,
+ r.in.language_id, *r.out.returned_language_id);
return true;
}
@@ -1794,7 +1827,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p,
for (j=0; j < ARRAY_SIZE(levels); j++) {
struct lsa_QueryTrustedDomainInfo q;
- union lsa_TrustedDomainInfo info;
+ union lsa_TrustedDomainInfo *info = NULL;
q.in.trustdom_handle = &trustdom_handle;
q.in.level = levels[j];
q.out.info = &info;
@@ -1827,7 +1860,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p,
for (j=0; j < ARRAY_SIZE(levels); j++) {
struct lsa_QueryTrustedDomainInfoBySid q;
- union lsa_TrustedDomainInfo info;
+ union lsa_TrustedDomainInfo *info = NULL;
if (!domains->domains[i].sid) {
continue;
@@ -1837,6 +1870,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p,
q.in.dom_sid = domains->domains[i].sid;
q.in.level = levels[j];
q.out.info = &info;
+
status = dcerpc_lsa_QueryTrustedDomainInfoBySid(p, mem_ctx, &q);
if (!NT_STATUS_IS_OK(status) && ok[j]) {
printf("QueryTrustedDomainInfoBySid level %d failed - %s\n",
@@ -1864,7 +1898,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p,
for (j=0; j < ARRAY_SIZE(levels); j++) {
struct lsa_QueryTrustedDomainInfo q;
- union lsa_TrustedDomainInfo info;
+ union lsa_TrustedDomainInfo *info = NULL;
q.in.trustdom_handle = &trustdom_handle;
q.in.level = levels[j];
q.out.info = &info;
@@ -1891,9 +1925,13 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p,
for (j=0; j < ARRAY_SIZE(levels); j++) {
struct lsa_QueryTrustedDomainInfoByName q;
- union lsa_TrustedDomainInfo info;
+ union lsa_TrustedDomainInfo *info = NULL;
+ struct lsa_String name;
+
+ name.string = domains->domains[i].name.string;
+
q.in.handle = handle;
- q.in.trusted_domain.string = domains->domains[i].name.string;
+ q.in.trusted_domain = &name;
q.in.level = levels[j];
q.out.info = &info;
status = dcerpc_lsa_QueryTrustedDomainInfoByName(p, mem_ctx, &q);
@@ -2055,6 +2093,7 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p,
struct dom_sid *domsid[12];
struct policy_handle trustdom_handle[12];
struct lsa_QueryTrustedDomainInfo q;
+ union lsa_TrustedDomainInfo *info = NULL;
int i;
printf("\nTesting CreateTrustedDomain for 12 domains\n");
@@ -2089,6 +2128,7 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p,
q.in.trustdom_handle = &trustdom_handle[i];
q.in.level = LSA_TRUSTED_DOMAIN_INFO_INFO_EX;
+ q.out.info = &info;
status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q);
if (!NT_STATUS_IS_OK(status)) {
printf("QueryTrustedDomainInfo level 1 failed - %s\n", nt_errstr(status));
@@ -2096,24 +2136,24 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p,
} else if (!q.out.info) {
ret = false;
} else {
- if (strcmp(q.out.info->info_ex.netbios_name.string, trustinfo.name.string) != 0) {
+ if (strcmp(info->info_ex.netbios_name.string, trustinfo.name.string) != 0) {
printf("QueryTrustedDomainInfo returned inconsistant short name: %s != %s\n",
- q.out.info->info_ex.netbios_name.string, trustinfo.name.string);
+ info->info_ex.netbios_name.string, trustinfo.name.string);
ret = false;
}
- if (q.out.info->info_ex.trust_type != LSA_TRUST_TYPE_DOWNLEVEL) {
+ if (info->info_ex.trust_type != LSA_TRUST_TYPE_DOWNLEVEL) {
printf("QueryTrustedDomainInfo of %s returned incorrect trust type %d != %d\n",
- trust_name, q.out.info->info_ex.trust_type, LSA_TRUST_TYPE_DOWNLEVEL);
+ trust_name, info->info_ex.trust_type, LSA_TRUST_TYPE_DOWNLEVEL);
ret = false;
}
- if (q.out.info->info_ex.trust_attributes != 0) {
+ if (info->info_ex.trust_attributes != 0) {
printf("QueryTrustedDomainInfo of %s returned incorrect trust attributes %d != %d\n",
- trust_name, q.out.info->info_ex.trust_attributes, 0);
+ trust_name, info->info_ex.trust_attributes, 0);
ret = false;
}
- if (q.out.info->info_ex.trust_direction != LSA_TRUST_DIRECTION_OUTBOUND) {
+ if (info->info_ex.trust_direction != LSA_TRUST_DIRECTION_OUTBOUND) {
printf("QueryTrustedDomainInfo of %s returned incorrect trust direction %d != %d\n",
- trust_name, q.out.info->info_ex.trust_direction, LSA_TRUST_DIRECTION_OUTBOUND);
+ trust_name, info->info_ex.trust_direction, LSA_TRUST_DIRECTION_OUTBOUND);
ret = false;
}
}
@@ -2149,6 +2189,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p,
struct dom_sid *domsid[12];
struct policy_handle trustdom_handle[12];
struct lsa_QueryTrustedDomainInfo q;
+ union lsa_TrustedDomainInfo *info = NULL;
DATA_BLOB session_key;
enum ndr_err_code ndr_err;
int i;
@@ -2221,6 +2262,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p,
q.in.trustdom_handle = &trustdom_handle[i];
q.in.level = LSA_TRUSTED_DOMAIN_INFO_INFO_EX;
+ q.out.info = &info;
status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q);
if (!NT_STATUS_IS_OK(status)) {
printf("QueryTrustedDomainInfo level 1 failed - %s\n", nt_errstr(status));
@@ -2229,24 +2271,24 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p,
printf("QueryTrustedDomainInfo level 1 failed to return an info pointer\n");
ret = false;
} else {
- if (strcmp(q.out.info->info_ex.netbios_name.string, trustinfo.netbios_name.string) != 0) {
+ if (strcmp(info->info_ex.netbios_name.string, trustinfo.netbios_name.string) != 0) {
printf("QueryTrustedDomainInfo returned inconsistant short name: %s != %s\n",
- q.out.info->info_ex.netbios_name.string, trustinfo.netbios_name.string);
+ info->info_ex.netbios_name.string, trustinfo.netbios_name.string);
ret = false;
}
- if (q.out.info->info_ex.trust_type != trustinfo.trust_type) {
+ if (info->info_ex.trust_type != trustinfo.trust_type) {
printf("QueryTrustedDomainInfo of %s returned incorrect trust type %d != %d\n",
- trust_name, q.out.info->info_ex.trust_type, trustinfo.trust_type);
+ trust_name, info->info_ex.trust_type, trustinfo.trust_type);
ret = false;
}
- if (q.out.info->info_ex.trust_attributes != LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION) {
+ if (info->info_ex.trust_attributes != LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION) {
printf("QueryTrustedDomainInfo of %s returned incorrect trust attributes %d != %d\n",
- trust_name, q.out.info->info_ex.trust_attributes, LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION);
+ trust_name, info->info_ex.trust_attributes, LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION);
ret = false;
}
- if (q.out.info->info_ex.trust_direction != trustinfo.trust_direction) {
+ if (info->info_ex.trust_direction != trustinfo.trust_direction) {
printf("QueryTrustedDomainInfo of %s returned incorrect trust direction %d != %d\n",
- trust_name, q.out.info->info_ex.trust_direction, trustinfo.trust_direction);
+ trust_name, info->info_ex.trust_direction, trustinfo.trust_direction);
ret = false;
}
}
@@ -2274,6 +2316,7 @@ static bool test_QueryDomainInfoPolicy(struct dcerpc_pipe *p,
struct policy_handle *handle)
{
struct lsa_QueryDomainInformationPolicy r;
+ union lsa_DomainInformationPolicy *info = NULL;
NTSTATUS status;
int i;
bool ret = true;
@@ -2283,6 +2326,7 @@ static bool test_QueryDomainInfoPolicy(struct dcerpc_pipe *p,
for (i=2;i<4;i++) {
r.in.handle = handle;
r.in.level = i;
+ r.out.info = &info;
printf("\nTrying QueryDomainInformationPolicy level %d\n", i);
@@ -2308,6 +2352,7 @@ static bool test_QueryInfoPolicyCalls( bool version2,
struct policy_handle *handle)
{
struct lsa_QueryInfoPolicy r;
+ union lsa_PolicyInformation *info = NULL;
NTSTATUS status;
int i;
bool ret = true;
@@ -2320,6 +2365,7 @@ static bool test_QueryInfoPolicyCalls( bool version2,
for (i=1;i<=14;i++) {
r.in.handle = handle;
r.in.level = i;
+ r.out.info = &info;
if (version2)
printf("\nTrying QueryInfoPolicy2 level %d\n", i);
@@ -2389,33 +2435,33 @@ static bool test_QueryInfoPolicyCalls( bool version2,
struct lsa_TransNameArray tnames;
tnames.count = 14;
tnames.names = talloc_zero_array(tctx, struct lsa_TranslatedName, tnames.count);
- tnames.names[0].name.string = r.out.info->dns.name.string;
+ tnames.names[0].name.string = info->dns.name.string;
tnames.names[0].sid_type = SID_NAME_DOMAIN;
- tnames.names[1].name.string = r.out.info->dns.dns_domain.string;
+ tnames.names[1].name.string = info->dns.dns_domain.string;
tnames.names[1].sid_type = SID_NAME_DOMAIN;
- tnames.names[2].name.string = talloc_asprintf(tctx, "%s\\", r.out.info->dns.name.string);
+ tnames.names[2].name.string = talloc_asprintf(tctx, "%s\\", info->dns.name.string);
tnames.names[2].sid_type = SID_NAME_DOMAIN;
- tnames.names[3].name.string = talloc_asprintf(tctx, "%s\\", r.out.info->dns.dns_domain.string);
+ tnames.names[3].name.string = talloc_asprintf(tctx, "%s\\", info->dns.dns_domain.string);
tnames.names[3].sid_type = SID_NAME_DOMAIN;
- tnames.names[4].name.string = talloc_asprintf(tctx, "%s\\guest", r.out.info->dns.name.string);
+ tnames.names[4].name.string = talloc_asprintf(tctx, "%s\\guest", info->dns.name.string);
tnames.names[4].sid_type = SID_NAME_USER;
- tnames.names[5].name.string = talloc_asprintf(tctx, "%s\\krbtgt", r.out.info->dns.name.string);
+ tnames.names[5].name.string = talloc_asprintf(tctx, "%s\\krbtgt", info->dns.name.string);
tnames.names[5].sid_type = SID_NAME_USER;
- tnames.names[6].name.string = talloc_asprintf(tctx, "%s\\guest", r.out.info->dns.dns_domain.string);
+ tnames.names[6].name.string = talloc_asprintf(tctx, "%s\\guest", info->dns.dns_domain.string);
tnames.names[6].sid_type = SID_NAME_USER;
- tnames.names[7].name.string = talloc_asprintf(tctx, "%s\\krbtgt", r.out.info->dns.dns_domain.string);
+ tnames.names[7].name.string = talloc_asprintf(tctx, "%s\\krbtgt", info->dns.dns_domain.string);
tnames.names[7].sid_type = SID_NAME_USER;
- tnames.names[8].name.string = talloc_asprintf(tctx, "krbtgt@%s", r.out.info->dns.name.string);
+ tnames.names[8].name.string = talloc_asprintf(tctx, "krbtgt@%s", info->dns.name.string);
tnames.names[8].sid_type = SID_NAME_USER;
- tnames.names[9].name.string = talloc_asprintf(tctx, "krbtgt@%s", r.out.info->dns.dns_domain.string);
+ tnames.names[9].name.string = talloc_asprintf(tctx, "krbtgt@%s", info->dns.dns_domain.string);
tnames.names[9].sid_type = SID_NAME_USER;
- tnames.names[10].name.string = talloc_asprintf(tctx, "%s\\"TEST_MACHINENAME "$", r.out.info->dns.name.string);
+ tnames.names[10].name.string = talloc_asprintf(tctx, "%s\\"TEST_MACHINENAME "$", info->dns.name.string);
tnames.names[10].sid_type = SID_NAME_USER;
- tnames.names[11].name.string = talloc_asprintf(tctx, "%s\\"TEST_MACHINENAME "$", r.out.info->dns.dns_domain.string);
+ tnames.names[11].name.string = talloc_asprintf(tctx, "%s\\"TEST_MACHINENAME "$", info->dns.dns_domain.string);
tnames.names[11].sid_type = SID_NAME_USER;
- tnames.names[12].name.string = talloc_asprintf(tctx, TEST_MACHINENAME "$@%s", r.out.info->dns.name.string);
+ tnames.names[12].name.string = talloc_asprintf(tctx, TEST_MACHINENAME "$@%s", info->dns.name.string);
tnames.names[12].sid_type = SID_NAME_USER;
- tnames.names[13].name.string = talloc_asprintf(tctx, TEST_MACHINENAME "$@%s", r.out.info->dns.dns_domain.string);
+ tnames.names[13].name.string = talloc_asprintf(tctx, TEST_MACHINENAME "$@%s", info->dns.dns_domain.string);
tnames.names[13].sid_type = SID_NAME_USER;
ret &= test_LookupNames(p, tctx, handle, &tnames);
@@ -2444,14 +2490,27 @@ static bool test_GetUserName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
struct lsa_GetUserName r;
NTSTATUS status;
bool ret = true;
- struct lsa_StringPointer authority_name_p;
+ struct lsa_String *authority_name_p = NULL;
+ struct lsa_String *account_name_p = NULL;
printf("\nTesting GetUserName\n");
- r.in.system_name = "\\";
- r.in.account_name = NULL;
- r.in.authority_name = &authority_name_p;
- authority_name_p.string = NULL;
+ r.in.system_name = "\\";
+ r.in.account_name = &account_name_p;
+ r.in.authority_name = NULL;
+ r.out.account_name = &account_name_p;
+
+ status = dcerpc_lsa_GetUserName(p, mem_ctx, &r);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("GetUserName failed - %s\n", nt_errstr(status));
+ ret = false;
+ }
+
+ account_name_p = NULL;
+ r.in.account_name = &account_name_p;
+ r.in.authority_name = &authority_name_p;
+ r.out.account_name = &account_name_p;
status = dcerpc_lsa_GetUserName(p, mem_ctx, &r);
diff --git a/source4/torture/rpc/lsa_lookup.c b/source4/torture/rpc/lsa_lookup.c
index 9c817a7061..0124ce1741 100644
--- a/source4/torture/rpc/lsa_lookup.c
+++ b/source4/torture/rpc/lsa_lookup.c
@@ -66,15 +66,17 @@ static bool get_domainsid(TALLOC_CTX *mem_ctx, struct dcerpc_pipe *p,
struct dom_sid **sid)
{
struct lsa_QueryInfoPolicy r;
+ union lsa_PolicyInformation *info = NULL;
NTSTATUS status;
r.in.level = LSA_POLICY_INFO_DOMAIN;
r.in.handle = handle;
+ r.out.info = &info;
status = dcerpc_lsa_QueryInfoPolicy(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) return false;
- *sid = r.out.info->domain.sid;
+ *sid = info->domain.sid;
return true;
}
@@ -192,6 +194,7 @@ static bool get_downleveltrust(struct torture_context *tctx, struct dcerpc_pipe
for (i=0; i<domains.count; i++) {
struct lsa_QueryTrustedDomainInfoBySid q;
+ union lsa_TrustedDomainInfo *info = NULL;
if (domains.domains[i].sid == NULL)
continue;
@@ -199,11 +202,13 @@ static bool get_downleveltrust(struct torture_context *tctx, struct dcerpc_pipe
q.in.handle = handle;
q.in.dom_sid = domains.domains[i].sid;
q.in.level = 6;
+ q.out.info = &info;
+
status = dcerpc_lsa_QueryTrustedDomainInfoBySid(p, tctx, &q);
if (!NT_STATUS_IS_OK(status)) continue;
- if ((q.out.info->info_ex.trust_direction & 2) &&
- (q.out.info->info_ex.trust_type == 1)) {
+ if ((info->info_ex.trust_direction & 2) &&
+ (info->info_ex.trust_type == 1)) {
*sid = domains.domains[i].sid;
return true;
}
diff --git a/source4/torture/rpc/object_uuid.c b/source4/torture/rpc/object_uuid.c
index 5a77bd1c29..69905169af 100644
--- a/source4/torture/rpc/object_uuid.c
+++ b/source4/torture/rpc/object_uuid.c
@@ -39,7 +39,8 @@ static bool test_random_uuid(struct torture_context *torture)
struct GUID uuid;
struct dssetup_DsRoleGetPrimaryDomainInformation r1;
struct lsa_GetUserName r2;
- struct lsa_StringPointer authority_name_p;
+ struct lsa_String *authority_name_p = NULL;
+ struct lsa_String *account_name_p = NULL;
torture_comment(torture, "RPC-OBJECTUUID-RANDOM\n");
@@ -63,9 +64,10 @@ static bool test_random_uuid(struct torture_context *torture)
uuid = GUID_random();
r2.in.system_name = "\\";
- r2.in.account_name = NULL;
+ r2.in.account_name = &account_name_p;
r2.in.authority_name = &authority_name_p;
- authority_name_p.string = NULL;
+ r2.out.account_name = &account_name_p;
+ r2.out.authority_name = &authority_name_p;
req = dcerpc_ndr_request_send(p2, &uuid,
&ndr_table_lsarpc,
diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c
index 85714ace13..a45397de46 100644
--- a/source4/torture/rpc/samba3rpc.c
+++ b/source4/torture/rpc/samba3rpc.c
@@ -208,6 +208,7 @@ static bool bindtest(struct smbcli_state *cli,
struct lsa_ObjectAttribute objectattr;
struct lsa_OpenPolicy2 openpolicy;
struct lsa_QueryInfoPolicy query;
+ union lsa_PolicyInformation *info = NULL;
struct policy_handle handle;
struct lsa_Close close_handle;
@@ -256,6 +257,7 @@ static bool bindtest(struct smbcli_state *cli,
query.in.handle = &handle;
query.in.level = LSA_POLICY_INFO_DOMAIN;
+ query.out.info = &info;
status = dcerpc_lsa_QueryInfoPolicy(lsa_pipe, mem_ctx, &query);
if (!NT_STATUS_IS_OK(status)) {
@@ -1500,6 +1502,7 @@ static struct dom_sid *name2sid(TALLOC_CTX *mem_ctx,
struct policy_handle handle;
struct lsa_LookupNames l;
struct lsa_TransSidArray sids;
+ struct lsa_RefDomainList *domains = NULL;
struct lsa_String lsa_name;
uint32_t count = 0;
struct dom_sid *result;
@@ -1546,6 +1549,7 @@ static struct dom_sid *name2sid(TALLOC_CTX *mem_ctx,
l.in.count = &count;
l.out.count = &count;
l.out.sids = &sids;
+ l.out.domains = &domains;
status = dcerpc_lsa_LookupNames(p, tmp_ctx, &l);
if (!NT_STATUS_IS_OK(status)) {
@@ -1555,7 +1559,7 @@ static struct dom_sid *name2sid(TALLOC_CTX *mem_ctx,
return NULL;
}
- result = dom_sid_add_rid(mem_ctx, l.out.domains->domains[0].sid,
+ result = dom_sid_add_rid(mem_ctx, domains->domains[0].sid,
l.out.sids->sids[0].rid);
c.in.handle = &handle;
@@ -1583,7 +1587,8 @@ static struct dom_sid *whoami(TALLOC_CTX *mem_ctx,
struct dcerpc_pipe *lsa;
struct lsa_GetUserName r;
NTSTATUS status;
- struct lsa_StringPointer authority_name_p;
+ struct lsa_String *authority_name_p = NULL;
+ struct lsa_String *account_name_p = NULL;
struct dom_sid *result;
status = pipe_bind_smb(mem_ctx, lp_ctx, tree, "\\pipe\\lsarpc",
@@ -1595,12 +1600,14 @@ static struct dom_sid *whoami(TALLOC_CTX *mem_ctx,
}
r.in.system_name = "\\";
- r.in.account_name = NULL;
- authority_name_p.string = NULL;
+ r.in.account_name = &account_name_p;
r.in.authority_name = &authority_name_p;
+ r.out.account_name = &account_name_p;
status = dcerpc_lsa_GetUserName(lsa, mem_ctx, &r);
+ authority_name_p = *r.out.authority_name;
+
if (!NT_STATUS_IS_OK(status)) {
printf("(%s) GetUserName failed - %s\n",
__location__, nt_errstr(status));
@@ -1608,8 +1615,8 @@ static struct dom_sid *whoami(TALLOC_CTX *mem_ctx,
return NULL;
}
- result = name2sid(mem_ctx, lsa, r.out.account_name->string,
- r.out.authority_name->string->string);
+ result = name2sid(mem_ctx, lsa, account_name_p->string,
+ authority_name_p->string);
talloc_free(lsa);
return result;
@@ -2388,8 +2395,10 @@ bool torture_samba3_rpc_lsa(struct torture_context *torture)
for (i=0; i<ARRAY_SIZE(levels); i++) {
struct lsa_QueryInfoPolicy r;
+ union lsa_PolicyInformation *info = NULL;
r.in.handle = &lsa_handle;
r.in.level = levels[i];
+ r.out.info = &info;
status = dcerpc_lsa_QueryInfoPolicy(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) dcerpc_lsa_QueryInfoPolicy %d "
@@ -2399,7 +2408,7 @@ bool torture_samba3_rpc_lsa(struct torture_context *torture)
return false;
}
if (levels[i] == 5) {
- domain_sid = r.out.info->account_domain.sid;
+ domain_sid = info->account_domain.sid;
}
}
}
diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index 2d2aaa80d6..fdd86da28c 100644
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -204,10 +204,12 @@ static struct sec_desc_buf *samsync_query_lsa_sec_desc(TALLOC_CTX *mem_ctx,
struct policy_handle *handle)
{
struct lsa_QuerySecurity r;
+ struct sec_desc_buf *sdbuf = NULL;
NTSTATUS status;
r.in.handle = handle;
r.in.sec_info = 0x7;
+ r.out.sdbuf = &sdbuf;
status = dcerpc_lsa_QuerySecurity(samsync_state->p_lsa, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -215,7 +217,7 @@ static struct sec_desc_buf *samsync_query_lsa_sec_desc(TALLOC_CTX *mem_ctx,
return NULL;
}
- return r.out.sdbuf;
+ return sdbuf;
}
#define TEST_UINT64_EQUAL(i1, i2) do {\
@@ -965,6 +967,7 @@ static bool samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_st
struct policy_handle trustdom_handle;
struct lsa_QueryTrustedDomainInfo q;
union lsa_TrustedDomainInfo *info[9];
+ union lsa_TrustedDomainInfo *_info = NULL;
int levels [] = {1, 3, 8};
int i;
@@ -985,6 +988,7 @@ static bool samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_st
for (i=0; i< ARRAY_SIZE(levels); i++) {
q.in.trustdom_handle = &trustdom_handle;
q.in.level = levels[i];
+ q.out.info = &_info;
status = dcerpc_lsa_QueryTrustedDomainInfo(samsync_state->p_lsa, mem_ctx, &q);
if (!NT_STATUS_IS_OK(status)) {
if (q.in.level == 8 && NT_STATUS_EQUAL(status,NT_STATUS_INVALID_PARAMETER)) {
@@ -995,7 +999,7 @@ static bool samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_st
levels[i], nt_errstr(status));
return false;
}
- info[levels[i]] = q.out.info;
+ info[levels[i]] = _info;
}
if (info[8]) {
@@ -1025,6 +1029,7 @@ static bool samsync_handle_account(TALLOC_CTX *mem_ctx, struct samsync_state *sa
struct lsa_OpenAccount a;
struct policy_handle acct_handle;
struct lsa_EnumPrivsAccount e;
+ struct lsa_PrivilegeSet *privs = NULL;
struct lsa_LookupPrivName r;
int i, j;
@@ -1047,6 +1052,7 @@ static bool samsync_handle_account(TALLOC_CTX *mem_ctx, struct samsync_state *sa
found_priv_in_lsa = talloc_zero_array(mem_ctx, bool, account->privilege_entries);
e.in.handle = &acct_handle;
+ e.out.privs = &privs;
status = dcerpc_lsa_EnumPrivsAccount(samsync_state->p_lsa, mem_ctx, &e);
if (!NT_STATUS_IS_OK(status)) {
@@ -1054,23 +1060,27 @@ static bool samsync_handle_account(TALLOC_CTX *mem_ctx, struct samsync_state *sa
return false;
}
- if ((account->privilege_entries && !e.out.privs)) {
+ if ((account->privilege_entries && !privs)) {
printf("Account %s has privileges in SamSync, but not LSA\n",
dom_sid_string(mem_ctx, dom_sid));
return false;
}
- if (!account->privilege_entries && e.out.privs && e.out.privs->count) {
+ if (!account->privilege_entries && privs && privs->count) {
printf("Account %s has privileges in LSA, but not SamSync\n",
dom_sid_string(mem_ctx, dom_sid));
return false;
}
- TEST_INT_EQUAL(account->privilege_entries, e.out.privs->count);
+ TEST_INT_EQUAL(account->privilege_entries, privs->count);
- for (i=0;i< e.out.privs->count; i++) {
+ for (i=0;i< privs->count; i++) {
+
+ struct lsa_StringLarge *name = NULL;
+
r.in.handle = samsync_state->lsa_handle;
- r.in.luid = &e.out.privs->set[i].luid;
+ r.in.luid = &privs->set[i].luid;
+ r.out.name = &name;
status = dcerpc_lsa_LookupPrivName(samsync_state->p_lsa, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -1083,7 +1093,7 @@ static bool samsync_handle_account(TALLOC_CTX *mem_ctx, struct samsync_state *sa
return false;
}
for (j=0;j<account->privilege_entries; j++) {
- if (strcmp(r.out.name->string, account->privilege_name[j].string) == 0) {
+ if (strcmp(name->string, account->privilege_name[j].string) == 0) {
found_priv_in_lsa[j] = true;
break;
}
diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c
index 15d40a2e17..a8aa046280 100644
--- a/source4/torture/rpc/schannel.c
+++ b/source4/torture/rpc/schannel.c
@@ -182,18 +182,21 @@ static bool test_lsa_ops(struct torture_context *tctx, struct dcerpc_pipe *p)
struct lsa_GetUserName r;
NTSTATUS status;
bool ret = true;
- struct lsa_StringPointer authority_name_p;
+ struct lsa_String *account_name_p = NULL;
+ struct lsa_String *authority_name_p = NULL;
printf("\nTesting GetUserName\n");
r.in.system_name = "\\";
- r.in.account_name = NULL;
+ r.in.account_name = &account_name_p;
r.in.authority_name = &authority_name_p;
- authority_name_p.string = NULL;
+ r.out.account_name = &account_name_p;
/* do several ops to test credential chaining and various operations */
status = dcerpc_lsa_GetUserName(p, tctx, &r);
-
+
+ authority_name_p = *r.out.authority_name;
+
if (NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) {
printf("not considering %s to be an error\n", nt_errstr(status));
} else if (!NT_STATUS_IS_OK(status)) {
@@ -204,18 +207,18 @@ static bool test_lsa_ops(struct torture_context *tctx, struct dcerpc_pipe *p)
return false;
}
- if (strcmp(r.out.account_name->string, "ANONYMOUS LOGON") != 0) {
+ if (strcmp(account_name_p->string, "ANONYMOUS LOGON") != 0) {
printf("GetUserName returned wrong user: %s, expected %s\n",
- r.out.account_name->string, "ANONYMOUS LOGON");
+ account_name_p->string, "ANONYMOUS LOGON");
return false;
}
- if (!r.out.authority_name || !r.out.authority_name->string) {
+ if (!authority_name_p || !authority_name_p->string) {
return false;
}
- if (strcmp(r.out.authority_name->string->string, "NT AUTHORITY") != 0) {
+ if (strcmp(authority_name_p->string, "NT AUTHORITY") != 0) {
printf("GetUserName returned wrong user: %s, expected %s\n",
- r.out.authority_name->string->string, "NT AUTHORITY");
+ authority_name_p->string, "NT AUTHORITY");
return false;
}
}
generated by cgit (git 2.34.1) at 2025-01-16 09:42:32 +0000