s4 torture: add new rpc torture tests for backup key remote protocol

Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Feb 5 13:01:42 CET 2011 on sn-devel-104
author: Matthieu Patou <mat@matws.net> 2010-07-26 03:01:03 +0400
committer: Stefan Metzmacher <metze@samba.org> 2011-02-05 13:01:42 +0100
commit: 56b1cff70e9708ce5b3ac5a7980d1d1e858f5cbb (patch)
tree: 6094eff20fcd99abb8135c8d9a74998c6c2d46ae /source4/torture
parent: f46495553409e95527cb53f1db2a971dcd22dac2 (diff)
download: samba-56b1cff70e9708ce5b3ac5a7980d1d1e858f5cbb.tar.gz
samba-56b1cff70e9708ce5b3ac5a7980d1d1e858f5cbb.tar.bz2
samba-56b1cff70e9708ce5b3ac5a7980d1d1e858f5cbb.zip
3 files changed, 1041 insertions, 2 deletions
diff --git a/source4/torture/rpc/backupkey.c b/source4/torture/rpc/backupkey.c
new file mode 100644
index 0000000000..85c53fea66
--- /dev/null
+++ b/source4/torture/rpc/backupkey.c
@@ -0,0 +1,1038 @@
+/*
+   Unix SMB/CIFS implementation.
+   test suite for backupkey remote protocol rpc operations
+
+   Copyright (C) Matthieu Patou 2010-2011
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "../libcli/security/security.h"
+#include "librpc/gen_ndr/ndr_backupkey_c.h"
+#include "librpc/gen_ndr/ndr_backupkey.h"
+#include "librpc/gen_ndr/ndr_lsa_c.h"
+#include "torture/rpc/torture_rpc.h"
+#include "lib/cmdline/popt_common.h"
+#include "heimdal/lib/hx509/hx_locl.h"
+
+/* Our very special and valued secret */
+/* No need to put const as we cast the array in uint8_t
+ * we will get a warning about the discared const
+ */
+static const char secret[] = "tata yoyo mais qu'est ce qu'il y a sous ton grand chapeau ?";
+
+/* Get the SID from a user */
+static const struct dom_sid *get_user_sid(struct torture_context *tctx,
+					struct dcerpc_pipe *p,
+					TALLOC_CTX *mem_ctx,
+					const char *user)
+{
+	struct lsa_ObjectAttribute attr;
+	struct lsa_QosInfo qos;
+	struct lsa_OpenPolicy2 r;
+	struct lsa_Close c;
+	NTSTATUS status;
+	struct policy_handle handle;
+	struct lsa_LookupNames l;
+	struct lsa_TransSidArray sids;
+	struct lsa_RefDomainList *domains = NULL;
+	struct lsa_String lsa_name;
+	uint32_t count = 0;
+	struct dom_sid *result;
+	TALLOC_CTX *tmp_ctx;
+	struct dcerpc_pipe *p2;
+	struct dcerpc_binding_handle *b;
+
+	const char *domain = cli_credentials_get_domain(cmdline_credentials);
+
+	torture_assert_ntstatus_ok(tctx,
+				torture_rpc_connection(tctx, &p2, &ndr_table_lsarpc),
+				"could not open lsarpc pipe");
+	b = p2->binding_handle;
+
+	if (!(tmp_ctx = talloc_new(mem_ctx))) {
+		return NULL;
+	}
+	qos.len = 0;
+	qos.impersonation_level = 2;
+	qos.context_mode = 1;
+	qos.effective_only = 0;
+
+	attr.len = 0;
+	attr.root_dir = NULL;
+	attr.object_name = NULL;
+	attr.attributes = 0;
+	attr.sec_desc = NULL;
+	attr.sec_qos = &qos;
+
+	r.in.system_name = "\\";
+	r.in.attr = &attr;
+	r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+	r.out.handle = &handle;
+
+	status = dcerpc_lsa_OpenPolicy2_r(b, tmp_ctx, &r);
+	if (!NT_STATUS_IS_OK(status)) {
+		torture_comment(tctx,
+				"OpenPolicy2 failed - %s\n",
+				nt_errstr(status));
+		talloc_free(tmp_ctx);
+		return NULL;
+	}
+	if (!NT_STATUS_IS_OK(r.out.result)) {
+		torture_comment(tctx,
+				"OpenPolicy2_ failed - %s\n",
+				nt_errstr(r.out.result));
+		talloc_free(tmp_ctx);
+		return NULL;
+	}
+
+	sids.count = 0;
+	sids.sids = NULL;
+
+	lsa_name.string = talloc_asprintf(tmp_ctx, "%s\\%s", domain, user);
+
+	l.in.handle = &handle;
+	l.in.num_names = 1;
+	l.in.names = &lsa_name;
+	l.in.sids = &sids;
+	l.in.level = 1;
+	l.in.count = &count;
+	l.out.count = &count;
+	l.out.sids = &sids;
+	l.out.domains = &domains;
+
+	status = dcerpc_lsa_LookupNames_r(b, tmp_ctx, &l);
+	if (!NT_STATUS_IS_OK(status)) {
+		torture_comment(tctx,
+				"LookupNames of %s failed - %s\n",
+				lsa_name.string,
+				nt_errstr(status));
+		talloc_free(tmp_ctx);
+		return NULL;
+	}
+
+	if (domains->count == 0) {
+		return NULL;
+	}
+
+	result = dom_sid_add_rid(mem_ctx,
+				 domains->domains[0].sid,
+				 l.out.sids->sids[0].rid);
+	c.in.handle = &handle;
+	c.out.handle = &handle;
+
+	status = dcerpc_lsa_Close_r(b, tmp_ctx, &c);
+
+	if (!NT_STATUS_IS_OK(status)) {
+		torture_comment(tctx,
+				"dcerpc_lsa_Close failed - %s\n",
+				nt_errstr(status));
+		talloc_free(tmp_ctx);
+		return NULL;
+	}
+
+	if (!NT_STATUS_IS_OK(c.out.result)) {
+		torture_comment(tctx,
+				"dcerpc_lsa_Close failed - %s\n",
+				nt_errstr(c.out.result));
+		talloc_free(tmp_ctx);
+		return NULL;
+	}
+
+	talloc_free(tmp_ctx);
+	talloc_free(p2);
+
+	torture_comment(tctx, "Get_user_sid finished\n");
+	return result;
+}
+
+/*
+ * Create a bkrp_encrypted_secret_vX structure
+ * the version depends on the version parameter
+ * the structure is returned as a blob.
+ * The broken flag is to indicate if we want
+ * to create a non conform to specification structre
+ */
+static DATA_BLOB *create_unencryptedsecret(TALLOC_CTX *mem_ctx,
+					   bool broken,
+					   int version)
+{
+	TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+	DATA_BLOB *blob = talloc_zero(mem_ctx, DATA_BLOB);
+	enum ndr_err_code ndr_err;
+
+	if (version == 2) {
+		struct bkrp_encrypted_secret_v2 unenc_sec;
+
+		ZERO_STRUCT(unenc_sec);
+		unenc_sec.secret_len = sizeof(secret);
+		unenc_sec.secret = discard_const_p(uint8_t, secret);
+		generate_random_buffer(unenc_sec.payload_key,
+				       sizeof(unenc_sec.payload_key));
+
+		ndr_err = ndr_push_struct_blob(blob, blob, &unenc_sec,
+				(ndr_push_flags_fn_t)ndr_push_bkrp_encrypted_secret_v2);
+		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+			return NULL;
+		}
+
+		if (broken) {
+			/* The magic value is correctly set by the NDR push
+			 * but we want to test the behavior of the server
+			 * if a differrent value is provided
+			 */
+			((uint8_t*)blob->data)[4] = 79; /* A great year !!! */
+		}
+	}
+
+	if (version == 3) {
+		struct bkrp_encrypted_secret_v3 unenc_sec;
+
+		ZERO_STRUCT(unenc_sec);
+		unenc_sec.secret_len = sizeof(secret);
+		unenc_sec.secret = discard_const_p(uint8_t, secret);
+		generate_random_buffer(unenc_sec.payload_key,
+				       sizeof(unenc_sec.payload_key));
+
+		ndr_err = ndr_push_struct_blob(blob, blob, &unenc_sec,
+					(ndr_push_flags_fn_t)ndr_push_bkrp_encrypted_secret_v3);
+		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+			return NULL;
+		}
+
+		if (broken) {
+			/*
+			 * The magic value is correctly set by the NDR push
+			 * but we want to test the behavior of the server
+			 * if a differrent value is provided
+			 */
+			((uint8_t*)blob->data)[4] = 79; /* A great year !!! */
+		}
+	}
+	talloc_free(tmp_ctx);
+	return blob;
+}
+
+/*
+ * Create an access check structure, the format depends on the version parameter.
+ * If broken is specified then we create a stucture that isn't conform to the 
+ * specification.
+ *
+ * If the structure can't be created then NULL is returned.
+ */
+static DATA_BLOB *create_access_check(struct torture_context *tctx,
+				      struct dcerpc_pipe *p,
+				      TALLOC_CTX *mem_ctx,
+				      const char *user,
+				      bool broken,
+				      uint32_t version)
+{
+	TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+	DATA_BLOB *blob = talloc_zero(mem_ctx, DATA_BLOB);
+	enum ndr_err_code ndr_err;
+	const struct dom_sid *sid = get_user_sid(tctx, p, tmp_ctx, user);
+
+	if (sid == NULL) {
+		return NULL;
+	}
+
+	if (version == 2) {
+		struct bkrp_access_check_v2 access_struct;
+		struct sha sctx;
+		uint8_t nonce[32];
+
+		ZERO_STRUCT(access_struct);
+		generate_random_buffer(nonce, sizeof(nonce));
+		access_struct.nonce_len = sizeof(nonce);
+		access_struct.nonce = nonce;
+		access_struct.sid = *sid;
+
+		ndr_err = ndr_push_struct_blob(blob, blob, &access_struct,
+				(ndr_push_flags_fn_t)ndr_push_bkrp_access_check_v2);
+		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+			return NULL;
+		}
+
+		/*
+		 * We pushed the whole structure including a null hash
+		 * but the hash need to be calculated only up to the hash field
+		 * so we reduce the size of what has to be calculated
+		 */
+
+		SHA1_Init(&sctx);
+		SHA1_Update(&sctx, blob->data,
+			    blob->length - sizeof(access_struct.hash));
+		SHA1_Final(blob->data + blob->length - sizeof(access_struct.hash),
+			   &sctx);
+
+		/* Altering the SHA */
+		if (broken) {
+			blob->data[blob->length - 1]++;
+		}
+	}
+
+	if (version == 3) {
+		struct bkrp_access_check_v3 access_struct;
+		struct hc_sha512state sctx;
+		uint8_t nonce[32];
+
+		ZERO_STRUCT(access_struct);
+		generate_random_buffer(nonce, sizeof(nonce));
+		access_struct.nonce_len = sizeof(nonce);
+		access_struct.nonce = nonce;
+		access_struct.sid = *sid;
+
+		ndr_err = ndr_push_struct_blob(blob, blob, &access_struct,
+				(ndr_push_flags_fn_t)ndr_push_bkrp_access_check_v3);
+		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+			return NULL;
+		}
+
+		/*We pushed the whole structure including a null hash
+		* but the hash need to be calculated only up to the hash field
+		* so we reduce the size of what has to be calculated
+		*/
+
+		SHA512_Init(&sctx);
+		SHA512_Update(&sctx, blob->data,
+			      blob->length - sizeof(access_struct.hash));
+		SHA512_Final(blob->data + blob->length - sizeof(access_struct.hash),
+			     &sctx);
+
+		/* Altering the SHA */
+		if (broken) {
+			blob->data[blob->length -1]++;
+		}
+	}
+	talloc_free(tmp_ctx);
+	return blob;
+}
+
+
+static DATA_BLOB *encrypt_blob(struct torture_context *tctx,
+				    TALLOC_CTX *mem_ctx,
+				    DATA_BLOB *key,
+				    DATA_BLOB *iv,
+				    DATA_BLOB *to_encrypt,
+				    const AlgorithmIdentifier *alg)
+{
+	hx509_crypto crypto;
+	hx509_context hctx;
+	heim_octet_string ivos;
+	heim_octet_string *encrypted;
+	DATA_BLOB *blob = talloc_zero(mem_ctx, DATA_BLOB);
+	int res;
+
+	ivos.data = talloc_array(mem_ctx, uint8_t, iv->length);
+	ivos.length = iv->length;
+	memcpy(ivos.data, iv->data, iv->length);
+
+	hx509_context_init(&hctx);
+	res = hx509_crypto_init(hctx, NULL, &alg->algorithm, &crypto);
+	if (res) {
+		torture_comment(tctx,
+				"error while doing the init of the crypto object\n");
+		hx509_context_free(&hctx);
+		return NULL;
+	}
+	res = hx509_crypto_set_key_data(crypto, key->data, key->length);
+	if (res) {
+		torture_comment(tctx,
+				"error while setting the key of the crypto object\n");
+		hx509_context_free(&hctx);
+		return NULL;
+	}
+
+	hx509_crypto_set_padding(crypto, HX509_CRYPTO_PADDING_NONE);
+	res = hx509_crypto_encrypt(crypto,
+				   to_encrypt->data,
+				   to_encrypt->length,
+				   &ivos,
+				   &encrypted);
+	if (res) {
+		torture_comment(tctx, "error while encrypting\n");
+		hx509_crypto_destroy(crypto);
+		hx509_context_free(&hctx);
+		return NULL;
+	}
+
+	*blob = data_blob_talloc(blob, encrypted->data, encrypted->length);
+	der_free_octet_string(encrypted);
+	free(encrypted);
+	hx509_crypto_destroy(crypto);
+	hx509_context_free(&hctx);
+	return blob;
+}
+
+/*
+ * Certs used for this protocol have a GUID in the issuer_uniq_id field.
+ * This function fetch it.
+ */
+static struct GUID *get_cert_guid(struct torture_context *tctx,
+				  TALLOC_CTX *mem_ctx,
+				  uint8_t *cert_data,
+				  uint32_t cert_len)
+{
+	hx509_context hctx;
+	hx509_cert cert;
+	heim_bit_string subjectuniqid;
+	DATA_BLOB data;
+	int hret;
+	uint32_t size;
+	struct GUID *guid = talloc_zero(mem_ctx, struct GUID);
+	NTSTATUS status;
+
+	hx509_context_init(&hctx);
+
+	hret = hx509_cert_init_data(hctx, cert_data, cert_len, &cert);
+	if (hret) {
+		torture_comment(tctx, "error while loading the cert\n");
+		hx509_context_free(&hctx);
+		return NULL;
+	}
+	hret = hx509_cert_get_issuer_unique_id(hctx, cert, &subjectuniqid);
+	if (hret) {
+		torture_comment(tctx, "error while getting the issuer_uniq_id\n");
+		hx509_cert_free(cert);
+		hx509_context_free(&hctx);
+		return NULL;
+	}
+
+	/* The subjectuniqid is a bit string,
+	 * which means that the real size has to be divided by 8
+	 * to have the number of bytes
+	 */
+	hx509_cert_free(cert);
+	hx509_context_free(&hctx);
+	size = subjectuniqid.length / 8;
+	data = data_blob_const(subjectuniqid.data, size);
+
+	status = GUID_from_data_blob(&data, guid);
+	der_free_bit_string(&subjectuniqid);
+	if (!NT_STATUS_IS_OK(status)) {
+		return NULL;
+	}
+
+	return guid;
+}
+
+/*
+ * Encrypt a blob with the private key of the certificate
+ * passed as a parameter.
+ */
+static DATA_BLOB *encrypt_blob_pk(struct torture_context *tctx,
+				  TALLOC_CTX *mem_ctx,
+				  uint8_t *cert_data,
+				  uint32_t cert_len,
+				  DATA_BLOB *to_encrypt)
+{
+	hx509_context hctx;
+	hx509_cert cert;
+	heim_octet_string secretdata;
+	heim_octet_string encrypted;
+	heim_oid encryption_oid;
+	DATA_BLOB *blob;
+	int hret;
+
+	hx509_context_init(&hctx);
+
+	hret = hx509_cert_init_data(hctx, cert_data, cert_len, &cert);
+	if (hret) {
+		torture_comment(tctx, "error while loading the cert\n");
+		hx509_context_free(&hctx);
+		return NULL;
+	}
+
+	secretdata.data = to_encrypt->data;
+	secretdata.length = to_encrypt->length;
+	hret = _hx509_cert_public_encrypt(hctx, &secretdata,
+					  cert, &encryption_oid,
+					  &encrypted);
+	hx509_cert_free(cert);
+	hx509_context_free(&hctx);
+	if (hret) {
+		torture_comment(tctx, "error while encrypting\n");
+		return NULL;
+	}
+
+	blob = talloc_zero(mem_ctx, DATA_BLOB);
+	if (blob == NULL) {
+		der_free_oid(&encryption_oid);
+		der_free_octet_string(&encrypted);
+		return NULL;
+	}
+
+	*blob = data_blob_talloc(blob, encrypted.data, encrypted.length);
+	der_free_octet_string(&encrypted);
+	der_free_oid(&encryption_oid);
+	if (blob->data == NULL) {
+		return NULL;
+	}
+
+	return blob;
+}
+
+
+static struct bkrp_BackupKey *createRetreiveBackupKeyGUIDStruct(struct torture_context *tctx,
+				struct dcerpc_pipe *p, int version, DATA_BLOB *out)
+{
+	struct dcerpc_binding *binding = p->binding;
+	struct bkrp_client_side_wrapped data;
+	struct GUID *g = talloc(tctx, struct GUID);
+	struct bkrp_BackupKey *r = talloc_zero(tctx, struct bkrp_BackupKey);
+	enum ndr_err_code ndr_err;
+	DATA_BLOB blob;
+	NTSTATUS status;
+
+	if (r == NULL) {
+		return NULL;
+	}
+
+	binding->flags = binding->flags & (DCERPC_SEAL|DCERPC_AUTH_SPNEGO);
+	ZERO_STRUCT(data);
+	status = GUID_from_string(BACKUPKEY_RETRIEVE_BACKUP_KEY_GUID, g);
+	if (!NT_STATUS_IS_OK(status)) {
+		return NULL;
+	}
+
+	r->in.guidActionAgent = g;
+	data.version = version;
+	ndr_err = ndr_push_struct_blob(&blob, tctx, &data,
+			(ndr_push_flags_fn_t)ndr_push_bkrp_client_side_wrapped);
+	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+		return NULL;
+	}
+	r->in.data_in = blob.data;
+	r->in.data_in_len = blob.length;
+	r->out.data_out = &out->data;
+	r->out.data_out_len = talloc(r, uint32_t);
+	return r;
+}
+
+static struct bkrp_BackupKey *createRestoreGUIDStruct(struct torture_context *tctx,
+				struct dcerpc_pipe *p, int version, DATA_BLOB *out,
+				bool norevert,
+				bool broken_version,
+				bool broken_user,
+				bool broken_magic_secret,
+				bool broken_magic_access,
+				bool broken_hash_access,
+				bool broken_cert_guid)
+{
+	struct dcerpc_binding_handle *b = p->binding_handle;
+	struct bkrp_client_side_wrapped data;
+	DATA_BLOB *xs;
+	DATA_BLOB *sec;
+	DATA_BLOB *enc_sec;
+	DATA_BLOB *enc_xs;
+	DATA_BLOB *blob2;
+	DATA_BLOB enc_sec_reverted;
+	DATA_BLOB des3_key;
+	DATA_BLOB aes_key;
+	DATA_BLOB iv;
+	DATA_BLOB out_blob;
+	struct GUID *guid, *g;
+	int t;
+	uint32_t size;
+	enum ndr_err_code ndr_err;
+	NTSTATUS status;
+	const char *user;
+	struct bkrp_BackupKey *r = createRetreiveBackupKeyGUIDStruct(tctx, p, version, &out_blob);
+	if (r == NULL) {
+		return NULL;
+	}
+
+	if (broken_user) {
+		/* we take a fake user*/
+		user = "guest";
+	} else {
+		user = cli_credentials_get_username(cmdline_credentials);
+	}
+
+
+	torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
+					"Get GUID");
+	/*
+	 * We have to set it outside of the function createRetreiveBackupKeyGUIDStruct
+	 * the len of the blob, this is due to the fact that they don't have the
+	 * same size (one is 32bits the other 64bits)
+	 */
+	out_blob.length = *r->out.data_out_len;
+
+	sec = create_unencryptedsecret(tctx, broken_magic_secret, version);
+	if (sec == NULL) {
+		return NULL;
+	}
+
+	xs = create_access_check(tctx, p, tctx, user, broken_hash_access, version);
+	if (xs == NULL) {
+		return NULL;
+	}
+
+	if (broken_magic_access){
+		/* The start of the access_check structure contains the 
+		 * GUID of the certificate
+		 */
+		xs->data[0]++;
+	}
+
+	enc_sec = encrypt_blob_pk(tctx, tctx, out_blob.data, out_blob.length, sec);
+	if (!enc_sec) {
+		return NULL;
+	}
+	enc_sec_reverted.data = talloc_array(tctx, uint8_t, enc_sec->length);
+	if (enc_sec_reverted.data == NULL) {
+		return NULL;
+	}
+	enc_sec_reverted.length = enc_sec->length;
+
+	/*
+	* We DO NOT revert the array on purpose it's in order to check that
+	* when the server is not able to decrypt then it answer the correct error
+	*/
+	if (norevert) {
+		for(t=0; t< enc_sec->length; t++) {
+			enc_sec_reverted.data[t] = ((uint8_t*)enc_sec->data)[t];
+		}
+	} else {
+		for(t=0; t< enc_sec->length; t++) {
+			enc_sec_reverted.data[t] = ((uint8_t*)enc_sec->data)[enc_sec->length - t -1];
+		}
+	}
+
+	size = sec->length;
+	if (version ==2) {
+		const AlgorithmIdentifier *alg = hx509_crypto_des_rsdi_ede3_cbc();
+		iv.data = sec->data+(size - 8);
+		iv.length = 8;
+
+		des3_key.data = sec->data+(size - 32);
+		des3_key.length = 24;
+
+		enc_xs = encrypt_blob(tctx, tctx, &des3_key, &iv, xs, alg);
+	}
+	if (version == 3) {
+		const AlgorithmIdentifier *alg = hx509_crypto_aes256_cbc();
+		iv.data = sec->data+(size-16);
+		iv.length = 16;
+
+		aes_key.data = sec->data+(size-48);
+		aes_key.length = 32;
+
+		enc_xs = encrypt_blob(tctx, tctx, &aes_key, &iv, xs, alg);
+	}
+
+	if (!enc_xs) {
+		return NULL;
+	}
+
+	/* To cope with the fact that heimdal do padding at the end for the moment */
+	enc_xs->length = xs->length;
+
+	guid = get_cert_guid(tctx, tctx, out_blob.data, out_blob.length);
+	if (guid == NULL) {
+		return NULL;
+	}
+
+	if (broken_version) {
+		data.version = 1;
+	} else {
+		data.version = version;
+	}
+
+	data.guid = *guid;
+	data.encrypted_secret = enc_sec_reverted.data;
+	data.access_check = enc_xs->data;
+	data.encrypted_secret_len = enc_sec->length;
+	data.access_check_len = enc_xs->length;
+
+	/* We want the blob to persist after this function so we don't
+	 * allocate it in the stack
+	 */
+	blob2 = talloc(tctx, DATA_BLOB);
+	if (blob2 == NULL) {
+		return NULL;
+	}
+
+	ndr_err = ndr_push_struct_blob(blob2, tctx, &data,
+			(ndr_push_flags_fn_t)ndr_push_bkrp_client_side_wrapped);
+	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+		return NULL;
+	}
+
+	if (broken_cert_guid) {
+		blob2->data[12]++;
+	}
+
+	ZERO_STRUCT(*r);
+
+	g = talloc(tctx, struct GUID);
+	if (g == NULL) {
+		return NULL;
+	}
+
+	status = GUID_from_string(BACKUPKEY_RESTORE_GUID, g);
+	if (!NT_STATUS_IS_OK(status)) {
+		return NULL;
+	}
+
+	r->in.guidActionAgent = g;
+	r->in.data_in = blob2->data;
+	r->in.data_in_len = blob2->length;
+	r->in.param = 0;
+	r->out.data_out = &(out->data);
+	r->out.data_out_len = talloc(r, uint32_t);
+	return r;
+}
+
+/* Check that we are able to receive the certificate of the DCs
+ * used for client wrap version of the backup key protocol
+ */
+static bool test_RetreiveBackupKeyGUID(struct torture_context *tctx,
+					struct dcerpc_pipe *p)
+{
+	struct dcerpc_binding_handle *b = p->binding_handle;
+	DATA_BLOB out_blob;
+	struct bkrp_BackupKey *r = createRetreiveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
+
+	if (r == NULL) {
+		return false;
+	}
+
+	if (p->conn->security_state.auth_info != NULL &&
+	    p->conn->security_state.auth_info->auth_level == 6) {
+		torture_assert_ntstatus_ok(tctx,
+				dcerpc_bkrp_BackupKey_r(b, tctx, r),
+				"Get GUID");
+
+		out_blob.length = *r->out.data_out_len;
+		torture_assert_werr_equal(tctx,
+						r->out.result,
+						WERR_OK,
+						"Wrong dce/rpc error code");
+	} else {
+		torture_assert_ntstatus_equal(tctx,
+						dcerpc_bkrp_BackupKey_r(b, tctx, r),
+						NT_STATUS_ACCESS_DENIED,
+						"Get GUID");
+	}
+	return true;
+}
+
+/* Test to check the failure to recover a secret because the 
+ * secret blob is not reversed
+ */
+static bool test_RestoreGUID_ko(struct torture_context *tctx,
+				struct dcerpc_pipe *p)
+{
+	enum ndr_err_code ndr_err;
+	struct dcerpc_binding_handle *b = p->binding_handle;
+	DATA_BLOB out_blob;
+	struct bkrp_client_side_unwrapped resp;
+
+	if (p->conn->security_state.auth_info != NULL &&
+	    p->conn->security_state.auth_info->auth_level == 6) {
+		struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob,
+					true, false, false, false, false, false, false);
+		torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
+		out_blob.length = *r->out.data_out_len;
+		ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
+		torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
+		torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Wrong error code");
+	} else {
+		struct bkrp_BackupKey *r = createRetreiveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
+		torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
+			NT_STATUS_ACCESS_DENIED, "Get GUID");
+	}
+	return true;
+}
+
+static bool test_RestoreGUID_wrongversion(struct torture_context *tctx,
+					  struct dcerpc_pipe *p)
+{
+	enum ndr_err_code ndr_err;
+	struct dcerpc_binding_handle *b = p->binding_handle;
+	DATA_BLOB out_blob;
+	struct bkrp_client_side_unwrapped resp;
+
+	if (p->conn->security_state.auth_info != NULL &&
+	    p->conn->security_state.auth_info->auth_level == 6) {
+		struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob,
+					false, true, false, false, false, false, false);
+		torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
+		out_blob.length = *r->out.data_out_len;
+		ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
+		torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
+		torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_PARAM, "Wrong error code on wrong version");
+	} else {
+		struct bkrp_BackupKey *r = createRetreiveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
+		torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
+			NT_STATUS_ACCESS_DENIED, "Get GUID");
+	}
+	return true;
+}
+
+static bool test_RestoreGUID_wronguser(struct torture_context *tctx,
+				       struct dcerpc_pipe *p)
+{
+	enum ndr_err_code ndr_err;
+	struct dcerpc_binding_handle *b = p->binding_handle;
+	DATA_BLOB out_blob;
+	struct bkrp_client_side_unwrapped resp;
+
+	if (p->conn->security_state.auth_info != NULL &&
+	    p->conn->security_state.auth_info->auth_level == 6) {
+		struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob,
+					false, false, true, false, false, false, false);
+		torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
+		out_blob.length = *r->out.data_out_len;
+		ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
+		torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
+		torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_ACCESS, "Restore GUID");
+	} else {
+		struct bkrp_BackupKey *r = createRetreiveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
+		torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
+			NT_STATUS_ACCESS_DENIED, "Get GUID");
+	}
+	return true;
+}
+
+static bool test_RestoreGUID_v3(struct torture_context *tctx,
+				struct dcerpc_pipe *p)
+{
+	enum ndr_err_code ndr_err;
+	struct dcerpc_binding_handle *b = p->binding_handle;
+	DATA_BLOB out_blob;
+	struct bkrp_client_side_unwrapped resp;
+
+	if (p->conn->security_state.auth_info != NULL &&
+	    p->conn->security_state.auth_info->auth_level == 6) {
+		struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob,
+					false, false, false, false, false, false, false);
+		torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
+		out_blob.length = *r->out.data_out_len;
+		ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
+		torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 1, "Unable to unmarshall bkrp_client_side_unwrapped");
+		torture_assert_werr_equal(tctx, r->out.result, WERR_OK, "Restore GUID");
+		torture_assert_str_equal(tctx, (char*)resp.secret.data, secret, "Wrong secret");
+	} else {
+		struct bkrp_BackupKey *r = createRetreiveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
+		torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
+			NT_STATUS_ACCESS_DENIED, "Get GUID");
+	}
+	return true;
+}
+
+static bool test_RestoreGUID(struct torture_context *tctx,
+			     struct dcerpc_pipe *p)
+{
+	enum ndr_err_code ndr_err;
+	struct dcerpc_binding_handle *b = p->binding_handle;
+	DATA_BLOB out_blob;
+	struct bkrp_client_side_unwrapped resp;
+
+	if (p->conn->security_state.auth_info != NULL &&
+	    p->conn->security_state.auth_info->auth_level == 6) {
+		struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob,
+					false, false, false, false, false, false, false);
+		torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
+		out_blob.length = *r->out.data_out_len;
+		ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
+		torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 1, "Unable to unmarshall bkrp_client_side_unwrapped");
+		torture_assert_werr_equal(tctx, r->out.result, WERR_OK, "Restore GUID");
+		torture_assert_str_equal(tctx, (char*)resp.secret.data, secret, "Wrong secret");
+	} else {
+		struct bkrp_BackupKey *r = createRetreiveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
+		torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
+			NT_STATUS_ACCESS_DENIED, "Get GUID");
+	}
+	return true;
+}
+
+static bool test_RestoreGUID_badmagiconsecret(struct torture_context *tctx,
+					      struct dcerpc_pipe *p)
+{
+	enum ndr_err_code ndr_err;
+	struct dcerpc_binding_handle *b = p->binding_handle;
+	DATA_BLOB out_blob;
+	struct bkrp_client_side_unwrapped resp;
+
+	if (p->conn->security_state.auth_info != NULL &&
+	    p->conn->security_state.auth_info->auth_level == 6) {
+		struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob,
+					false, false, false, true, false, false, false);
+		torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
+		out_blob.length = *r->out.data_out_len;
+		ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
+		torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
+		torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Wrong error code while providing bad magic in secret");
+	} else {
+		struct bkrp_BackupKey *r = createRetreiveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
+		torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
+			NT_STATUS_ACCESS_DENIED, "Get GUID");
+	}
+	return true;
+}
+
+static bool test_RestoreGUID_emptyrequest(struct torture_context *tctx,
+					  struct dcerpc_pipe *p)
+{
+	struct dcerpc_binding_handle *b = p->binding_handle;
+	DATA_BLOB out_blob;
+
+	if (p->conn->security_state.auth_info != NULL &&
+	    p->conn->security_state.auth_info->auth_level == 6) {
+		struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob,
+					false, false, false, true, false, false, true);
+
+		torture_assert_int_equal(tctx, r != NULL, 1, "Error while creating the restoreGUID struct");
+		r->in.data_in = talloc(tctx, uint8_t);
+		r->in.data_in_len = 0;
+		r->in.param = 0;
+		torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
+		out_blob.length = *r->out.data_out_len;
+		torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_PARAM, "Bad error code on wrong has in access check");
+	} else {
+		struct bkrp_BackupKey *r = createRetreiveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
+		torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
+			NT_STATUS_ACCESS_DENIED, "Get GUID");
+	}
+	return true;
+}
+
+static bool test_RestoreGUID_badcertguid(struct torture_context *tctx,
+					 struct dcerpc_pipe *p)
+{
+	enum ndr_err_code ndr_err;
+	struct dcerpc_binding_handle *b = p->binding_handle;
+	DATA_BLOB out_blob;
+	struct bkrp_client_side_unwrapped resp;
+
+	if (p->conn->security_state.auth_info != NULL &&
+	    p->conn->security_state.auth_info->auth_level == 6) {
+		struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 3, &out_blob,
+					false, false, false, false, false, false, true);
+		torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
+		out_blob.length = *r->out.data_out_len;
+		ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
+		torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
+		torture_assert_werr_equal(tctx, r->out.result, WERR_FILE_NOT_FOUND, "Bad error code on wrong has in access check");
+	} else {
+		struct bkrp_BackupKey *r = createRetreiveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
+		torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
+			NT_STATUS_ACCESS_DENIED, "Get GUID");
+	}
+	return true;
+}
+
+static bool test_RestoreGUID_badmagicaccesscheck(struct torture_context *tctx,
+						 struct dcerpc_pipe *p)
+{
+	enum ndr_err_code ndr_err;
+	struct dcerpc_binding_handle *b = p->binding_handle;
+	DATA_BLOB out_blob;
+	struct bkrp_client_side_unwrapped resp;
+
+	if (p->conn->security_state.auth_info != NULL &&
+	    p->conn->security_state.auth_info->auth_level == 6) {
+		struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob,
+					false, false, false, false, true, false, false);
+		torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
+		out_blob.length = *r->out.data_out_len;
+		ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
+		torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
+		torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Bad error code on wrong has in access check");
+	} else {
+		struct bkrp_BackupKey *r = createRetreiveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
+		torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
+			NT_STATUS_ACCESS_DENIED, "Get GUID");
+	}
+	return true;
+}
+
+static bool test_RestoreGUID_badhashaccesscheck(struct torture_context *tctx,
+						struct dcerpc_pipe *p)
+{
+	enum ndr_err_code ndr_err;
+	struct dcerpc_binding_handle *b = p->binding_handle;
+	DATA_BLOB out_blob;
+	struct bkrp_client_side_unwrapped resp;
+
+	if (p->conn->security_state.auth_info != NULL &&
+	    p->conn->security_state.auth_info->auth_level == 6) {
+		struct bkrp_BackupKey *r = createRestoreGUIDStruct(tctx, p, 2, &out_blob,
+					false, false, false, false, false, true, false);
+		torture_assert_ntstatus_ok(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r), "Restore GUID");
+		out_blob.length = *r->out.data_out_len;
+		ndr_err = ndr_pull_struct_blob(&out_blob, tctx, &resp, (ndr_pull_flags_fn_t)ndr_pull_bkrp_client_side_unwrapped);
+		torture_assert_int_equal(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), 0, "Unable to unmarshall bkrp_client_side_unwrapped");
+		torture_assert_werr_equal(tctx, r->out.result, WERR_INVALID_DATA, "Bad error code on wrong has in access check");
+	} else {
+		struct bkrp_BackupKey *r = createRetreiveBackupKeyGUIDStruct(tctx, p, 2, &out_blob);
+		torture_assert_ntstatus_equal(tctx, dcerpc_bkrp_BackupKey_r(b, tctx, r),
+			NT_STATUS_ACCESS_DENIED, "Get GUID");
+	}
+	return true;
+}
+
+struct torture_suite *torture_rpc_backupkey(TALLOC_CTX *mem_ctx)
+{
+	struct torture_rpc_tcase *tcase;
+	struct torture_suite *suite = torture_suite_create(mem_ctx, "backupkey");
+	struct torture_test *test;
+
+	tcase = torture_suite_add_rpc_iface_tcase(suite, "backupkey",
+						  &ndr_table_backupkey);
+
+	test = torture_rpc_tcase_add_test(tcase, "retreive_backup_key_guid",
+					  test_RetreiveBackupKeyGUID);
+
+	test = torture_rpc_tcase_add_test(tcase, "restore_guid",
+					  test_RestoreGUID);
+
+	test = torture_rpc_tcase_add_test(tcase, "restore_guid version 3",
+					  test_RestoreGUID_v3);
+
+/* We double the test in order to be sure that we don't mess stuff (ie. freeing static stuff */
+
+	test = torture_rpc_tcase_add_test(tcase, "restore_guid_2nd",
+					  test_RestoreGUID);
+
+	test = torture_rpc_tcase_add_test(tcase, "unable_to_decrypt_secret",
+					  test_RestoreGUID_ko);
+
+	test = torture_rpc_tcase_add_test(tcase, "wrong_user_restore_guid",
+					  test_RestoreGUID_wronguser);
+
+	test = torture_rpc_tcase_add_test(tcase, "wrong_version_restore_guid",
+					  test_RestoreGUID_wrongversion);
+
+	test = torture_rpc_tcase_add_test(tcase, "bad_magic_on_secret_restore_guid",
+					  test_RestoreGUID_badmagiconsecret);
+
+	test = torture_rpc_tcase_add_test(tcase, "bad_hash_on_secret_restore_guid",
+					  test_RestoreGUID_badhashaccesscheck);
+
+	test = torture_rpc_tcase_add_test(tcase, "bad_magic_on_accesscheck_restore_guid",
+					  test_RestoreGUID_badmagicaccesscheck);
+
+	test = torture_rpc_tcase_add_test(tcase, "bad_cert_guid_restore_guid",
+					  test_RestoreGUID_badcertguid);
+
+	test = torture_rpc_tcase_add_test(tcase, "empty_request_restore_guid",
+					  test_RestoreGUID_emptyrequest);
+
+	return suite;
+}
diff --git a/source4/torture/rpc/rpc.c b/source4/torture/rpc/rpc.c
index d7fdc48d4d..03936f22ff 100644
--- a/source4/torture/rpc/rpc.c
+++ b/source4/torture/rpc/rpc.c
@@ -525,6 +525,7 @@ NTSTATUS torture_rpc_init(void)
 	torture_suite_add_simple_test(suite, "asyncbind", torture_async_bind);
 	torture_suite_add_suite(suite, torture_rpc_ntsvcs(suite));
 	torture_suite_add_suite(suite, torture_rpc_bind(suite));
+	torture_suite_add_suite(suite, torture_rpc_backupkey(suite));
 
 	suite->description = talloc_strdup(suite, "DCE/RPC protocol and interface tests");
 
diff --git a/source4/torture/wscript_build b/source4/torture/wscript_build
index 7e0a1ba914..0d26d16bbf 100644
--- a/source4/torture/wscript_build
+++ b/source4/torture/wscript_build
@@ -40,11 +40,11 @@ bld.SAMBA_SUBSYSTEM('TORTURE_NDR',
 
 
 bld.SAMBA_MODULE('torture_rpc',
-	source='rpc/join.c rpc/lsa.c rpc/forest_trust.c rpc/lsa_lookup.c rpc/session_key.c rpc/echo.c rpc/dfs.c rpc/drsuapi.c rpc/drsuapi_cracknames.c rpc/dsgetinfo.c rpc/spoolss.c rpc/spoolss_notify.c rpc/spoolss_win.c rpc/spoolss_access.c rpc/unixinfo.c rpc/samr.c rpc/samr_accessmask.c rpc/wkssvc.c rpc/srvsvc.c rpc/svcctl.c rpc/atsvc.c rpc/eventlog.c rpc/epmapper.c rpc/winreg.c rpc/initshutdown.c rpc/oxidresolve.c rpc/remact.c rpc/mgmt.c rpc/scanner.c rpc/autoidl.c rpc/countcalls.c rpc/testjoin.c rpc/schannel.c rpc/netlogon.c rpc/remote_pac.c rpc/samlogon.c rpc/samsync.c rpc/multi_bind.c rpc/dssetup.c rpc/alter_context.c rpc/bench.c rpc/samba3rpc.c rpc/rpc.c rpc/async_bind.c rpc/handles.c rpc/frsapi.c rpc/object_uuid.c rpc/ntsvcs.c rpc/browser.c rpc/bind.c',
+	source='rpc/join.c rpc/lsa.c rpc/forest_trust.c rpc/lsa_lookup.c rpc/session_key.c rpc/echo.c rpc/dfs.c rpc/drsuapi.c rpc/drsuapi_cracknames.c rpc/dsgetinfo.c rpc/spoolss.c rpc/spoolss_notify.c rpc/spoolss_win.c rpc/spoolss_access.c rpc/unixinfo.c rpc/samr.c rpc/samr_accessmask.c rpc/wkssvc.c rpc/srvsvc.c rpc/svcctl.c rpc/atsvc.c rpc/eventlog.c rpc/epmapper.c rpc/winreg.c rpc/initshutdown.c rpc/oxidresolve.c rpc/remact.c rpc/mgmt.c rpc/scanner.c rpc/autoidl.c rpc/countcalls.c rpc/testjoin.c rpc/schannel.c rpc/netlogon.c rpc/remote_pac.c rpc/samlogon.c rpc/samsync.c rpc/multi_bind.c rpc/dssetup.c rpc/alter_context.c rpc/bench.c rpc/samba3rpc.c rpc/rpc.c rpc/async_bind.c rpc/handles.c rpc/frsapi.c rpc/object_uuid.c rpc/ntsvcs.c rpc/browser.c rpc/bind.c rpc/backupkey.c',
 	autoproto='rpc/proto.h',
 	subsystem='smbtorture',
 	init_function='torture_rpc_init',
-	deps='ndr-table RPC_NDR_UNIXINFO dcerpc-samr RPC_NDR_WINREG RPC_NDR_INITSHUTDOWN RPC_NDR_OXIDRESOLVER RPC_NDR_EVENTLOG RPC_NDR_ECHO RPC_NDR_SVCCTL RPC_NDR_NETLOGON dcerpc-atsvc RPC_NDR_DRSUAPI RPC_NDR_LSA RPC_NDR_EPMAPPER RPC_NDR_DFS RPC_NDR_FRSAPI RPC_NDR_SPOOLSS RPC_NDR_SRVSVC RPC_NDR_WKSSVC RPC_NDR_ROT RPC_NDR_DSSETUP RPC_NDR_REMACT RPC_NDR_OXIDRESOLVER RPC_NDR_NTSVCS WB_HELPER samba-net LIBCLI_AUTH POPT_CREDENTIALS TORTURE_LDAP TORTURE_UTIL TORTURE_RAP dcerpc_server service process_model ntvfs RPC_NDR_BROWSER LIBCLI_DRSUAPI TORTURE_DFS SMB_SERVER',
+	deps='ndr-table RPC_NDR_UNIXINFO dcerpc-samr RPC_NDR_WINREG RPC_NDR_INITSHUTDOWN RPC_NDR_OXIDRESOLVER RPC_NDR_EVENTLOG RPC_NDR_ECHO RPC_NDR_SVCCTL RPC_NDR_NETLOGON dcerpc-atsvc RPC_NDR_DRSUAPI RPC_NDR_LSA RPC_NDR_EPMAPPER RPC_NDR_DFS RPC_NDR_FRSAPI RPC_NDR_SPOOLSS RPC_NDR_SRVSVC RPC_NDR_WKSSVC RPC_NDR_ROT RPC_NDR_DSSETUP RPC_NDR_REMACT RPC_NDR_OXIDRESOLVER RPC_NDR_NTSVCS WB_HELPER samba-net LIBCLI_AUTH POPT_CREDENTIALS TORTURE_LDAP TORTURE_UTIL TORTURE_RAP dcerpc_server service process_model ntvfs RPC_NDR_BROWSER LIBCLI_DRSUAPI TORTURE_DFS SMB_SERVER RPC_NDR_BACKUPKEY',
 	internal_module=True
 	)
author	Matthieu Patou <mat@matws.net>	2010-07-26 03:01:03 +0400
committer	Stefan Metzmacher <metze@samba.org>	2011-02-05 13:01:42 +0100
commit	56b1cff70e9708ce5b3ac5a7980d1d1e858f5cbb (patch)
tree	6094eff20fcd99abb8135c8d9a74998c6c2d46ae /source4/torture
parent	f46495553409e95527cb53f1db2a971dcd22dac2 (diff)
download	samba-56b1cff70e9708ce5b3ac5a7980d1d1e858f5cbb.tar.gz samba-56b1cff70e9708ce5b3ac5a7980d1d1e858f5cbb.tar.bz2 samba-56b1cff70e9708ce5b3ac5a7980d1d1e858f5cbb.zip