summaryrefslogtreecommitdiff
path: root/source4/torture/rpc
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2005-03-06 08:24:34 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:10:58 -0500
commit42031bc4be2516872ccf832b6b09d141cb13c76b (patch)
tree6075fee54b1619c21cf3722ed6b8937bdb21ea74 /source4/torture/rpc
parent765832748b4ef6141802ff72e3dea99453bf23d8 (diff)
downloadsamba-42031bc4be2516872ccf832b6b09d141cb13c76b.tar.gz
samba-42031bc4be2516872ccf832b6b09d141cb13c76b.tar.bz2
samba-42031bc4be2516872ccf832b6b09d141cb13c76b.zip
r5668: Add tests to RPC-SAMLOGON to test for user@REALM style logins. These
need a NULL domain (or a "" domain, except this breaks NTLMv2, and I need to look into it a bit more). Add support to the Samba4 server for these logins. This will need extension when we handle trusted domains as a DC, as it is a principal name, not just another format for the username. Andrew Bartlett (This used to be commit de02c7c222a32d2b3fb8ee8b715749b96cb647f9)
Diffstat (limited to 'source4/torture/rpc')
-rw-r--r--source4/torture/rpc/samlogon.c87
1 files changed, 77 insertions, 10 deletions
diff --git a/source4/torture/rpc/samlogon.c b/source4/torture/rpc/samlogon.c
index 06988459fd..4fe7903332 100644
--- a/source4/torture/rpc/samlogon.c
+++ b/source4/torture/rpc/samlogon.c
@@ -1066,6 +1066,7 @@ static const struct ntlm_tests {
*/
static BOOL test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct creds_CredentialState *creds,
+ const char *account_domain, const char *account_name,
int n_subtests)
{
int i, v, l, f;
@@ -1081,8 +1082,8 @@ static BOOL test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
printf("testing netr_LogonSamLogon and netr_LogonSamLogonWithFlags\n");
samlogon_state.mem_ctx = mem_ctx;
- samlogon_state.account_name = lp_parm_string(-1, "torture", "username");
- samlogon_state.account_domain = lp_parm_string(-1, "torture", "userdomain");
+ samlogon_state.account_name = account_name;
+ samlogon_state.account_domain = account_domain;
samlogon_state.password = lp_parm_string(-1, "torture", "password");
samlogon_state.p = p;
samlogon_state.creds = creds;
@@ -1121,7 +1122,9 @@ static BOOL test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
samlogon_state.r_flags.in.validation_level = validation_levels[v];
samlogon_state.r_flags.in.logon_level = logon_levels[l];
if (!test_table[i].fn(&samlogon_state, &error_string)) {
- printf("Testing '%s' at validation level %d, logon level %d, function %d: \n",
+ printf("Testing [%s]\\[%s] '%s' at validation level %d, logon level %d, function %d: \n",
+ samlogon_state.account_domain,
+ samlogon_state.account_name,
test_table[i].name, validation_levels[v],
logon_levels[l], function_levels[f]);
@@ -1145,7 +1148,8 @@ static BOOL test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
test an ADS style interactive domain logon
*/
static BOOL test_InteractiveLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
- struct creds_CredentialState *creds)
+ struct creds_CredentialState *creds,
+ const char *account_domain, const char *account_name)
{
NTSTATUS status;
struct netr_LogonSamLogonWithFlags r;
@@ -1168,11 +1172,11 @@ static BOOL test_InteractiveLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
r.in.validation_level = 6;
r.in.flags = 0;
- pinfo.identity_info.domain_name.string = lp_parm_string(-1, "torture", "userdomain");
+ pinfo.identity_info.domain_name.string = account_domain;
pinfo.identity_info.parameter_control = 0;
pinfo.identity_info.logon_id_low = 0;
pinfo.identity_info.logon_id_high = 0;
- pinfo.identity_info.account_name.string = lp_parm_string(-1, "torture", "username");
+ pinfo.identity_info.account_name.string = account_name;
pinfo.identity_info.workstation.string = TEST_MACHINE_NAME;
plain_pass = lp_parm_string(-1, "torture", "password");
@@ -1271,11 +1275,54 @@ BOOL torture_rpc_samlogon(void)
goto failed;
}
- if (!test_InteractiveLogon(p, mem_ctx, creds)) {
+ if (!test_InteractiveLogon(p, mem_ctx, creds,
+ lp_parm_string(-1, "torture", "userdomain"),
+ lp_parm_string(-1, "torture", "username"))) {
ret = False;
}
- if (!test_SamLogon(p, mem_ctx, creds, 0)) {
+ if (!test_SamLogon(p, mem_ctx, creds,
+ lp_parm_string(-1, "torture", "userdomain"),
+ lp_parm_string(-1, "torture", "username"),
+ 0)) {
+ ret = False;
+ }
+
+ if (!test_InteractiveLogon(p, mem_ctx, creds,
+ NULL,
+ talloc_asprintf(mem_ctx,
+ "%s@%s",
+ lp_parm_string(-1, "torture", "username"),
+ lp_parm_string(-1, "torture", "userdomain")))) {
+ ret = False;
+ }
+
+ if (!test_InteractiveLogon(p, mem_ctx, creds,
+ NULL,
+ talloc_asprintf(mem_ctx,
+ "%s@%s",
+ lp_parm_string(-1, "torture", "username"),
+ lp_realm()))) {
+ ret = False;
+ }
+
+ if (!test_SamLogon(p, mem_ctx, creds,
+ NULL,
+ talloc_asprintf(mem_ctx,
+ "%s@%s",
+ lp_parm_string(-1, "torture", "username"),
+ lp_realm()),
+ 0)) {
+ ret = False;
+ }
+
+ if (!test_SamLogon(p, mem_ctx, creds,
+ NULL,
+ talloc_asprintf(mem_ctx,
+ "%s@%s",
+ lp_parm_string(-1, "torture", "username"),
+ lp_realm()),
+ 0)) {
ret = False;
}
@@ -1287,11 +1334,31 @@ BOOL torture_rpc_samlogon(void)
return False;
}
- if (!test_InteractiveLogon(p, mem_ctx, creds)) {
+ if (!test_InteractiveLogon(p, mem_ctx, creds,
+ NULL,
+ talloc_asprintf(mem_ctx,
+ "%s@%s",
+ lp_parm_string(-1, "torture", "username"),
+ lp_parm_string(-1, "torture", "userdomain")))) {
ret = False;
}
- if (!test_SamLogon(p, mem_ctx, creds, 1)) {
+ if (!test_InteractiveLogon(p, mem_ctx, creds,
+ NULL,
+ talloc_asprintf(mem_ctx,
+ "%s@%s",
+ lp_parm_string(-1, "torture", "username"),
+ lp_realm()))) {
+ ret = False;
+ }
+
+ if (!test_SamLogon(p, mem_ctx, creds,
+ NULL,
+ talloc_asprintf(mem_ctx,
+ "%s@%s",
+ lp_parm_string(-1, "torture", "username"),
+ lp_realm()),
+ 1)) {
ret = False;
}
}