diff options
| -rw-r--r-- | source4/torture/ldap/cldap.c | 65 |
1 files changed, 60 insertions, 5 deletions
diff --git a/source4/torture/ldap/cldap.c b/source4/torture/ldap/cldap.c index 24cbc184ad..5f6ef3f649 100644 --- a/source4/torture/ldap/cldap.c +++ b/source4/torture/ldap/cldap.c @@ -26,6 +26,14 @@ #include "libcli/ldap/ldap.h" #include "lib/events/events.h" +#define CHECK_STATUS(status, correct) do { \ + if (!NT_STATUS_EQUAL(status, correct)) { \ + printf("(%s) Incorrect status %s - should be %s\n", \ + __location__, nt_errstr(status), nt_errstr(correct)); \ + ret = False; \ + goto done; \ + }} while (0) + /* test netlogon operations @@ -35,27 +43,74 @@ static BOOL test_cldap_netlogon(TALLOC_CTX *mem_ctx, const char *dest) struct cldap_socket *cldap = cldap_socket_init(mem_ctx, NULL); NTSTATUS status; struct cldap_netlogon search; + union nbt_cldap_netlogon n1; + struct GUID guid; int i; + BOOL ret = True; search.in.dest_address = dest; search.in.realm = lp_realm(); search.in.host = lp_netbios_name(); + search.in.user = NULL; + search.in.domain_guid = NULL; + search.in.domain_sid = NULL; + search.in.acct_control = -1; + printf("Scanning for netlogon levels\n"); for (i=0;i<256;i++) { search.in.version = i; printf("Trying netlogon level %d\n", i); status = cldap_netlogon(cldap, mem_ctx, &search); - if (!NT_STATUS_IS_OK(status)) { - printf("netlogon[%d] failed - %s\n", i, nt_errstr(status)); - } else { + CHECK_STATUS(status, NT_STATUS_OK); + if (DEBUGLVL(10)) { NDR_PRINT_UNION_DEBUG(nbt_cldap_netlogon, i & 0xF, &search.out.netlogon); } } - printf("cldap_search gave %s\n", nt_errstr(status)); + search.in.version = 6; + status = cldap_netlogon(cldap, mem_ctx, &search); + CHECK_STATUS(status, NT_STATUS_OK); + n1 = search.out.netlogon; + + printf("Trying with User=Administrator\n"); + + search.in.user = "Administrator"; + status = cldap_netlogon(cldap, mem_ctx, &search); + CHECK_STATUS(status, NT_STATUS_OK); + + printf("Trying with a GUID\n"); + search.in.domain_guid = GUID_string(mem_ctx, &n1.logon4.domain_uuid); + status = cldap_netlogon(cldap, mem_ctx, &search); + CHECK_STATUS(status, NT_STATUS_OK); + + printf("Trying with a incorrect GUID\n"); + guid = GUID_random(); + search.in.user = NULL; + search.in.domain_guid = GUID_string(mem_ctx, &guid); + status = cldap_netlogon(cldap, mem_ctx, &search); + CHECK_STATUS(status, NT_STATUS_OK); + + printf("Trying with a incorrect domain\n"); + search.in.realm = "test.example.com"; + search.in.domain_guid = NULL; + status = cldap_netlogon(cldap, mem_ctx, &search); + CHECK_STATUS(status, NT_STATUS_NOT_FOUND); + + printf("Trying with a AAC\n"); + search.in.acct_control = 0x180; + search.in.realm = lp_realm(); + status = cldap_netlogon(cldap, mem_ctx, &search); + CHECK_STATUS(status, NT_STATUS_OK); + + printf("Trying with a bad AAC\n"); + search.in.acct_control = 0xFF00FF00; + search.in.realm = lp_realm(); + status = cldap_netlogon(cldap, mem_ctx, &search); + CHECK_STATUS(status, NT_STATUS_OK); - return True; +done: + return ret; } BOOL torture_cldap(void) |