diff options
-rw-r--r-- | source4/torture/winbind/struct_based.c | 144 |
1 files changed, 144 insertions, 0 deletions
diff --git a/source4/torture/winbind/struct_based.c b/source4/torture/winbind/struct_based.c index f8cddf589c..b6686e8a04 100644 --- a/source4/torture/winbind/struct_based.c +++ b/source4/torture/winbind/struct_based.c @@ -22,6 +22,7 @@ #include "torture/torture.h" #include "torture/winbind/proto.h" #include "nsswitch/winbind_client.h" +#include "libcli/security/security.h" #include "param/param.h" #define DO_STRUCT_REQ_REP(op,req,rep) do { \ @@ -53,11 +54,153 @@ static bool torture_winbind_struct_ping(struct torture_context *torture) return true; } +struct torture_trust_domain { + const char *netbios_name; + const char *dns_name; + struct dom_sid *sid; +}; + +static bool get_trusted_domains(struct torture_context *torture, + struct torture_trust_domain **_d) +{ + struct winbindd_request req; + struct winbindd_response rep; + struct torture_trust_domain *d = NULL; + uint32_t dcount = 0; + fstring line; + const char *extra_data; + + ZERO_STRUCT(req); + ZERO_STRUCT(rep); + + DO_STRUCT_REQ_REP(WINBINDD_LIST_TRUSTDOM, &req, &rep); + + extra_data = (char *)rep.extra_data.data; + torture_assert(torture, extra_data, "NULL trust list"); + + while (next_token(&extra_data, line, "\n", sizeof(fstring))) { + char *p, *lp; + + d = talloc_realloc(torture, d, + struct torture_trust_domain, + dcount + 2); + ZERO_STRUCT(d[dcount+1]); + + lp = line; + p = strchr(lp, '\\'); + torture_assert(torture, p, "missing 1st '\\' in line"); + *p = 0; + d[dcount].netbios_name = talloc_strdup(d, lp); + torture_assert(torture, strlen(d[dcount].netbios_name) > 0, + "empty netbios_name"); + + lp = p+1; + p = strchr(lp, '\\'); + torture_assert(torture, p, "missing 2nd '\\' in line"); + *p = 0; + d[dcount].dns_name = talloc_strdup(d, lp); + /* it's ok to have an empty dns_name */ + + lp = p+1; + d[dcount].sid = dom_sid_parse_talloc(d, lp); + torture_assert(torture, d[dcount].sid, + "failed to parse sid"); + + dcount++; + } + + SAFE_FREE(rep.extra_data.data); + *_d = d; + return true; +} + +static bool torture_winbind_struct_list_trustdom(struct torture_context *torture) +{ + struct winbindd_request req; + struct winbindd_response rep; + char *list1; + char *list2; + bool ok; + struct torture_trust_domain *listd = NULL; + uint32_t i; + + torture_comment(torture, "Running WINBINDD_LIST_TRUSTDOM (struct based)\n"); + + ZERO_STRUCT(req); + ZERO_STRUCT(rep); + + req.data.list_all_domains = false; + + DO_STRUCT_REQ_REP(WINBINDD_LIST_TRUSTDOM, &req, &rep); + + list1 = (char *)rep.extra_data.data; + torture_assert(torture, list1, "NULL trust list"); + + torture_comment(torture, "%s\n", list1); + + ZERO_STRUCT(req); + ZERO_STRUCT(rep); + + req.data.list_all_domains = true; + + DO_STRUCT_REQ_REP(WINBINDD_LIST_TRUSTDOM, &req, &rep); + + list2 = (char *)rep.extra_data.data; + torture_assert(torture, list2, "NULL trust list"); + + /* + * The list_all_domains parameter should be ignored + */ + torture_assert_str_equal(torture, list2, list1, "list_all_domains not ignored"); + + SAFE_FREE(list1); + SAFE_FREE(list2); + + ok = get_trusted_domains(torture, &listd); + torture_assert(torture, ok, "failed to get trust list"); + + for (i=0; listd[i].netbios_name; i++) { + if (i == 0) { + struct dom_sid *builtin_sid; + + builtin_sid = dom_sid_parse_talloc(torture, SID_BUILTIN); + + torture_assert_str_equal(torture, + listd[i].netbios_name, + NAME_BUILTIN, + "first domain should be 'BUILTIN'"); + + torture_assert_str_equal(torture, + listd[i].dns_name, + "", + "BUILTIN domain should not have a dns name"); + + ok = dom_sid_equal(builtin_sid, + listd[i].sid); + torture_assert(torture, ok, "BUILTIN domain should have S-1-5-32"); + + continue; + } + + /* + * TODO: verify the content of the 2nd and 3rd (in member server mode) + * domain entries + */ + } + + torture_assert(torture, i >= 2, + "The list of trusted domain should contain 2 entries"); + + return true; +} + static bool torture_winbind_struct_getdcname(struct torture_context *torture) { struct winbindd_request req; struct winbindd_response rep; + torture_comment(torture, "Running WINBINDD_GETDCNAME (struct based)\n"); + ZERO_STRUCT(req); ZERO_STRUCT(rep); @@ -78,6 +221,7 @@ struct torture_suite *torture_winbind_struct_init(void) torture_suite_add_simple_test(suite, "PING", torture_winbind_struct_ping); torture_suite_add_simple_test(suite, "GETDCNAME", torture_winbind_struct_getdcname); + torture_suite_add_simple_test(suite, "LIST_TRUSTDOM", torture_winbind_struct_list_trustdom); suite->description = talloc_strdup(suite, "WINBIND - struct based protocol tests"); |