diff options
-rw-r--r-- | source4/torture/libnet/libnet.c | 6 | ||||
-rw-r--r-- | source4/torture/libnet/libnet_rpc.c | 206 |
2 files changed, 136 insertions, 76 deletions
diff --git a/source4/torture/libnet/libnet.c b/source4/torture/libnet/libnet.c index d886903b2d..0632b6cdf8 100644 --- a/source4/torture/libnet/libnet.c +++ b/source4/torture/libnet/libnet.c @@ -34,7 +34,11 @@ NTSTATUS torture_net_init(void) register_torture_op("NET-API-LOOKUPPDC", torture_lookup_pdc, 0); register_torture_op("NET-API-CREATEUSER", torture_createuser, 0); register_torture_op("NET-API-DELETEUSER", torture_deleteuser, 0); - register_torture_op("NET-API-RPCCONNECT", torture_rpc_connect, 0); + register_torture_op("NET-API-RPCCONN-BIND", torture_rpc_connect_binding, 0); + register_torture_op("NET-API-RPCCONN-SRV", torture_rpc_connect_srv, 0); + register_torture_op("NET-API-RPCCONN-PDC", torture_rpc_connect_pdc, 0); + register_torture_op("NET-API-RPCCONN-DC", torture_rpc_connect_dc, 0); + register_torture_op("NET-API-RPCCONN-DCINFO", torture_rpc_connect_dc_info, 0); register_torture_op("NET-API-LISTSHARES", torture_listshares, 0); register_torture_op("NET-API-DELSHARE", torture_delshare, 0); diff --git a/source4/torture/libnet/libnet_rpc.c b/source4/torture/libnet/libnet_rpc.c index 39023886ad..4a394c58d2 100644 --- a/source4/torture/libnet/libnet_rpc.c +++ b/source4/torture/libnet/libnet_rpc.c @@ -21,146 +21,202 @@ #include "includes.h" #include "lib/cmdline/popt_common.h" +#include "auth/credentials/credentials.h" #include "libnet/libnet.h" #include "libcli/security/security.h" #include "librpc/ndr/libndr.h" #include "librpc/gen_ndr/ndr_lsa.h" #include "librpc/gen_ndr/ndr_samr.h" +#include "librpc/gen_ndr/ndr_srvsvc.h" #include "librpc/rpc/dcerpc.h" #include "torture/torture.h" -static BOOL test_lsa_connect(struct libnet_context *ctx) +static BOOL test_connect_service(struct libnet_context *ctx, + const struct dcerpc_interface_table *iface, + const char *binding_string, + const char *hostname, + const enum libnet_RpcConnect_level level, + BOOL badcreds, NTSTATUS expected_status) { NTSTATUS status; struct libnet_RpcConnect connect; - connect.level = LIBNET_RPC_CONNECT_BINDING; - connect.in.binding = lp_parm_string(-1, "torture", "binding"); - connect.in.dcerpc_iface = &dcerpc_table_lsarpc; + connect.level = level; + connect.in.binding = binding_string; + connect.in.name = hostname; + connect.in.dcerpc_iface = iface; + + /* if bad credentials are needed, set baduser%badpassword instead + of default commandline-passed credentials */ + if (badcreds) { + cli_credentials_set_username(ctx->cred, "baduser", CRED_SPECIFIED); + cli_credentials_set_password(ctx->cred, "badpassword", CRED_SPECIFIED); + } status = libnet_RpcConnect(ctx, ctx, &connect); - if (!NT_STATUS_IS_OK(status)) { - printf("Couldn't connect to rpc service %s on %s: %s\n", - connect.in.dcerpc_iface->name, connect.in.binding, + if (!NT_STATUS_EQUAL(status, expected_status)) { + printf("Connecting to rpc service %s on %s.\n\tFAILED. Expected: %s." + "Received: %s\n", + connect.in.dcerpc_iface->name, connect.in.binding, nt_errstr(expected_status), nt_errstr(status)); return False; } + printf("PASSED. Expected: %s, received: %s\n", nt_errstr(expected_status), + nt_errstr(status)); + + if (connect.level == LIBNET_RPC_CONNECT_DC_INFO && NT_STATUS_IS_OK(status)) { + printf("Domain Controller Info:\n"); + printf("\tDomain Name:\t %s\n", connect.out.domain_name); + printf("\tDomain SID:\t %s\n", dom_sid_string(ctx, connect.out.domain_sid)); + printf("\tRealm:\t\t %s\n", connect.out.realm); + printf("\tGUID:\t\t %s\n", GUID_string(ctx, connect.out.guid)); + + } else if (!NT_STATUS_IS_OK(status)) { + printf("Error string: %s\n", connect.out.error_string); + } + return True; } -static BOOL test_lsa_dcinfo_connect(struct libnet_context *ctx) +static BOOL torture_rpc_connect(struct torture_context *torture, + const enum libnet_RpcConnect_level level, + const char *bindstr, const char *hostname) { - NTSTATUS status; - struct libnet_RpcConnect connect; - connect.level = LIBNET_RPC_CONNECT_DC_INFO; - connect.in.binding = lp_parm_string(-1, "torture", "binding"); - connect.in.dcerpc_iface = &dcerpc_table_lsarpc; - - status = libnet_RpcConnect(ctx, ctx, &connect); + struct libnet_context *ctx; + + ctx = libnet_context_init(NULL); + ctx->cred = cmdline_credentials; - if (!NT_STATUS_IS_OK(status)) { - printf("Couldn't connect to rpc service %s on %s: %s\n", - connect.in.dcerpc_iface->name, connect.in.binding, - nt_errstr(status)); + printf("Testing connection to LSA interface\n"); + if (!test_connect_service(ctx, &dcerpc_table_lsarpc, bindstr, + hostname, level, False, NT_STATUS_OK)) { + printf("failed to connect LSA interface\n"); + return False; + } + + printf("Testing connection to SAMR interface\n"); + if (!test_connect_service(ctx, &dcerpc_table_samr, bindstr, + hostname, level, False, NT_STATUS_OK)) { + printf("failed to connect SAMR interface\n"); + return False; + } + + printf("Testing connection to SRVSVC interface\n"); + if (!test_connect_service(ctx, &dcerpc_table_srvsvc, bindstr, + hostname, level, False, NT_STATUS_OK)) { + printf("failed to connect SRVSVC interface\n"); + return False; + } + printf("Testing connection to LSA interface with wrong credentials\n"); + if (!test_connect_service(ctx, &dcerpc_table_lsarpc, bindstr, + hostname, level, True, NT_STATUS_LOGON_FAILURE)) { + printf("failed to test wrong credentials on LSA interface\n"); return False; } - printf("Domain Controller Info:\n"); - printf("\tDomain Name:\t %s\n", connect.out.domain_name); - printf("\tDomain SID:\t %s\n", dom_sid_string(ctx, connect.out.domain_sid)); - printf("\tRealm:\t\t %s\n", connect.out.realm); - printf("\tGUID:\t\t %s\n", GUID_string(ctx, connect.out.guid)); + printf("Testing connection to SAMR interface with wrong credentials\n"); + if (!test_connect_service(ctx, &dcerpc_table_samr, bindstr, + hostname, level, True, NT_STATUS_LOGON_FAILURE)) { + printf("failed to test wrong credentials on SAMR interface\n"); + return False; + } + + talloc_free(ctx); return True; } -static BOOL test_samr_connect(struct libnet_context *ctx) +BOOL torture_rpc_connect_srv(struct torture_context *torture) { + const enum libnet_RpcConnect_level level = LIBNET_RPC_CONNECT_SERVER; NTSTATUS status; - struct libnet_RpcConnect connect; - connect.level = LIBNET_RPC_CONNECT_BINDING; - connect.in.binding = lp_parm_string(-1, "torture", "binding"); - connect.in.dcerpc_iface = &dcerpc_table_samr; - - status = libnet_RpcConnect(ctx, ctx, &connect); + struct dcerpc_binding *binding; + const char *bindstr;; + bindstr = lp_parm_string(-1, "torture", "binding"); + status = dcerpc_parse_binding(torture, bindstr, &binding); if (!NT_STATUS_IS_OK(status)) { - printf("Couldn't connect to rpc service %s on %s: %s\n", - connect.in.dcerpc_iface->name, connect.in.binding, - nt_errstr(status)); - + printf("failed to parse binding string\n"); return False; } - return True; + return torture_rpc_connect(torture, level, NULL, binding->host); } -static BOOL test_samr_dcinfo_connect(struct libnet_context *ctx) +BOOL torture_rpc_connect_pdc(struct torture_context *torture) { + const enum libnet_RpcConnect_level level = LIBNET_RPC_CONNECT_PDC; NTSTATUS status; - struct libnet_RpcConnect connect; - connect.level = LIBNET_RPC_CONNECT_DC_INFO; - connect.in.binding = lp_parm_string(-1, "torture", "binding"); - connect.in.dcerpc_iface = &dcerpc_table_samr; - - status = libnet_RpcConnect(ctx, ctx, &connect); + struct dcerpc_binding *binding; + const char *bindstr; + bindstr = lp_parm_string(-1, "torture", "binding"); + status = dcerpc_parse_binding(torture, bindstr, &binding); if (!NT_STATUS_IS_OK(status)) { - printf("Couldn't connect to rpc service %s on %s: %s\n", - connect.in.dcerpc_iface->name, connect.in.binding, - nt_errstr(status)); - + printf("failed to parse binding string\n"); return False; } - printf("Domain Controller Info:\n"); - printf("\tDomain Name:\t %s\n", connect.out.domain_name); - printf("\tDomain SID:\t %s\n", dom_sid_string(ctx, connect.out.domain_sid)); - printf("\tRealm:\t\t %s\n", connect.out.realm); - printf("\tGUID:\t\t %s\n", GUID_string(ctx, connect.out.guid)); - - return True; + return torture_rpc_connect(torture, level, NULL, binding->host); } - -BOOL torture_rpc_connect(struct torture_context *torture) +BOOL torture_rpc_connect_dc(struct torture_context *torture) { - struct libnet_context *ctx; + const enum libnet_RpcConnect_level level = LIBNET_RPC_CONNECT_DC; + NTSTATUS status; + struct dcerpc_binding *binding; + const char *bindstr; - ctx = libnet_context_init(NULL); - ctx->cred = cmdline_credentials; - - printf("Testing connection to LSA interface\n"); - if (!test_lsa_connect(ctx)) { - printf("failed to connect LSA interface\n"); + bindstr = lp_parm_string(-1, "torture", "binding"); + status = dcerpc_parse_binding(torture, bindstr, &binding); + if (!NT_STATUS_IS_OK(status)) { + printf("failed to parse binding string\n"); return False; } - printf("Testing connection with domain info to LSA interface\n"); - if (!test_lsa_dcinfo_connect(ctx)) { - printf("failed to connect LSA interface\n"); - return False; - } + return torture_rpc_connect(torture, level, NULL, binding->host); +} - printf("Testing connection to SAMR service\n"); - if (!test_samr_connect(ctx)) { - printf("failed to connect SAMR interface\n"); + +BOOL torture_rpc_connect_dc_info(struct torture_context *torture) +{ + const enum libnet_RpcConnect_level level = LIBNET_RPC_CONNECT_DC_INFO; + NTSTATUS status; + struct dcerpc_binding *binding; + const char *bindstr; + + bindstr = lp_parm_string(-1, "torture", "binding"); + status = dcerpc_parse_binding(torture, bindstr, &binding); + if (!NT_STATUS_IS_OK(status)) { + printf("failed to parse binding string\n"); return False; } - printf("Testing connection with domain info to SAMR interface\n"); - if (!test_samr_dcinfo_connect(ctx)) { - printf("failed to connect SAMR interface\n"); + return torture_rpc_connect(torture, level, NULL, binding->host); +} + + +BOOL torture_rpc_connect_binding(struct torture_context *torture) +{ + const enum libnet_RpcConnect_level level = LIBNET_RPC_CONNECT_BINDING; + NTSTATUS status; + struct dcerpc_binding *binding; + const char *bindstr; + + bindstr = lp_parm_string(-1, "torture", "binding"); + status = dcerpc_parse_binding(torture, bindstr, &binding); + if (!NT_STATUS_IS_OK(status)) { + printf("failed to parse binding string\n"); return False; } - return True; + return torture_rpc_connect(torture, level, bindstr, NULL); } |