diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2011-01-20 23:39:37 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2011-01-20 23:44:05 +0100 |
| commit | fbe6d155bf177c610ee549cc534650b0f0700e8a (patch) | |
| tree | 58d82c2cadfc460ad8cf6a7e9b3ec6c162234ec7 /source4/torture/rpc | |
| parent | cce5231b4d4ee9d4918004586bda9d499596d3d4 (diff) | |
| download | samba-fbe6d155bf177c610ee549cc534650b0f0700e8a.tar.gz samba-fbe6d155bf177c610ee549cc534650b0f0700e8a.tar.bz2 samba-fbe6d155bf177c610ee549cc534650b0f0700e8a.zip | |
s4-auth Remove special case for account_sid from auth_serversupplied_info
This makes everything reference a server_info->sids list, which is now
a struct dom_sid *, not a struct dom_sid **. This is in keeping with
the other sid lists in the security_token etc.
In the process, I also tidy up the talloc tree (move more structures
under their logical parents) and check for some possible overflows in
situations with a pathological number of sids.
Andrew Bartlett
Diffstat (limited to 'source4/torture/rpc')
| -rw-r--r-- | source4/torture/rpc/remote_pac.c | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/source4/torture/rpc/remote_pac.c b/source4/torture/rpc/remote_pac.c index 8f4d677c44..73e62a3b6f 100644 --- a/source4/torture/rpc/remote_pac.c +++ b/source4/torture/rpc/remote_pac.c @@ -603,21 +603,17 @@ static bool test_S2U4Self(struct torture_context *tctx, s2u4self_session_info->server_info->account_name, "Account name differs for S2U4Self"); torture_assert_str_equal(tctx, netlogon_server_info->full_name == NULL ? "" : netlogon_server_info->full_name, kinit_session_info->server_info->full_name, "Full name differs for kinit-based PAC"); torture_assert_str_equal(tctx, netlogon_server_info->full_name == NULL ? "" : netlogon_server_info->full_name, s2u4self_session_info->server_info->full_name, "Full name differs for S2U4Self"); - torture_assert(tctx, dom_sid_equal(netlogon_server_info->account_sid, kinit_session_info->server_info->account_sid), "Account SID differs for kinit-based PAC"); - torture_assert(tctx, dom_sid_equal(netlogon_server_info->primary_group_sid, kinit_session_info->server_info->primary_group_sid), "Primary Group SID differs for kinit-based PAC"); - torture_assert(tctx, dom_sid_equal(netlogon_server_info->account_sid, s2u4self_session_info->server_info->account_sid), "Account SID differs for S2U4Self"); - torture_assert(tctx, dom_sid_equal(netlogon_server_info->primary_group_sid, s2u4self_session_info->server_info->primary_group_sid), "Primary Group SID differs for S2U4Self"); - torture_assert_int_equal(tctx, netlogon_server_info->n_domain_groups, kinit_session_info->server_info->n_domain_groups, "Different numbers of domain groups for kinit-based PAC"); - torture_assert_int_equal(tctx, netlogon_server_info->n_domain_groups, s2u4self_session_info->server_info->n_domain_groups, "Different numbers of domain groups for S2U4Self"); + torture_assert_int_equal(tctx, netlogon_server_info->num_sids, kinit_session_info->server_info->num_sids, "Different numbers of domain groups for kinit-based PAC"); + torture_assert_int_equal(tctx, netlogon_server_info->num_sids, s2u4self_session_info->server_info->num_sids, "Different numbers of domain groups for S2U4Self"); builtin_domain = dom_sid_parse_talloc(tmp_ctx, SID_BUILTIN); - for (i = 0; i < kinit_session_info->server_info->n_domain_groups; i++) { - torture_assert(tctx, dom_sid_equal(netlogon_server_info->domain_groups[i], kinit_session_info->server_info->domain_groups[i]), "Different domain groups for kinit-based PAC"); - torture_assert(tctx, dom_sid_equal(netlogon_server_info->domain_groups[i], s2u4self_session_info->server_info->domain_groups[i]), "Different domain groups for S2U4Self"); - torture_assert(tctx, !dom_sid_in_domain(builtin_domain, s2u4self_session_info->server_info->domain_groups[i]), "Returned BUILTIN domain in groups for S2U4Self"); - torture_assert(tctx, !dom_sid_in_domain(builtin_domain, kinit_session_info->server_info->domain_groups[i]), "Returned BUILTIN domain in groups kinit-based PAC"); - torture_assert(tctx, !dom_sid_in_domain(builtin_domain, netlogon_server_info->domain_groups[i]), "Returned BUILTIN domian in groups from NETLOGON SamLogon reply"); + for (i = 0; i < kinit_session_info->server_info->num_sids; i++) { + torture_assert(tctx, dom_sid_equal(&netlogon_server_info->sids[i], &kinit_session_info->server_info->sids[i]), "Different domain groups for kinit-based PAC"); + torture_assert(tctx, dom_sid_equal(&netlogon_server_info->sids[i], &s2u4self_session_info->server_info->sids[i]), "Different domain groups for S2U4Self"); + torture_assert(tctx, !dom_sid_in_domain(builtin_domain, &s2u4self_session_info->server_info->sids[i]), "Returned BUILTIN domain in groups for S2U4Self"); + torture_assert(tctx, !dom_sid_in_domain(builtin_domain, &kinit_session_info->server_info->sids[i]), "Returned BUILTIN domain in groups kinit-based PAC"); + torture_assert(tctx, !dom_sid_in_domain(builtin_domain, &netlogon_server_info->sids[i]), "Returned BUILTIN domian in groups from NETLOGON SamLogon reply"); } return true; |