diff options
| -rw-r--r-- | source4/Makefile.in | 6 | ||||
| -rw-r--r-- | source4/libcli/ndr/libndr.h | 6 | ||||
| -rw-r--r-- | source4/libcli/ndr/ndr_basic.c | 96 | ||||
| -rw-r--r-- | source4/libcli/ndr/ndr_echo.c | 6 | ||||
| -rw-r--r-- | source4/libcli/ndr/ndr_lsa.c | 85 | ||||
| -rw-r--r-- | source4/libcli/ndr/ndr_lsa.h | 47 | ||||
| -rw-r--r-- | source4/libcli/ndr/ndr_misc.c | 45 | ||||
| -rw-r--r-- | source4/libcli/ndr/ndr_misc.h | 26 | ||||
| -rw-r--r-- | source4/libcli/raw/rawdcerpc.c | 62 | ||||
| -rw-r--r-- | source4/libcli/rpc/dcerpc.c | 10 | ||||
| -rw-r--r-- | source4/libcli/rpc/rpc_lsa.c | 64 | ||||
| -rw-r--r-- | source4/torture/rpc/echo.c | 8 | ||||
| -rw-r--r-- | source4/torture/rpc/lsa.c | 52 | ||||
| -rw-r--r-- | source4/torture/torture.c | 52 |
14 files changed, 459 insertions, 106 deletions
diff --git a/source4/Makefile.in b/source4/Makefile.in index 82354713f2..1055c0ac6c 100644 --- a/source4/Makefile.in +++ b/source4/Makefile.in @@ -194,9 +194,9 @@ LIBCLIUTIL_OBJ = libcli/util/asn1.o \ libcli/util/pwd_cache.o libcli/util/clierror.o libcli/util/cliutil.o LIBRAW_NDR_OBJ = libcli/ndr/ndr.o libcli/ndr/ndr_basic.o libcli/ndr/ndr_sec.o \ - libcli/ndr/ndr_echo.o + libcli/ndr/ndr_echo.o libcli/ndr/ndr_misc.o libcli/ndr/ndr_lsa.o -LIBRAW_RPC_OBJ = libcli/rpc/dcerpc.o libcli/rpc/rpc_echo.o +LIBRAW_RPC_OBJ = libcli/rpc/dcerpc.o libcli/rpc/rpc_echo.o libcli/rpc/rpc_lsa.o LIBRAW_OBJ = libcli/raw/rawfile.o libcli/raw/smb_signing.o \ libcli/raw/clisocket.o libcli/raw/clitransport.o \ @@ -533,7 +533,7 @@ SMBTORTURE_RPC_OBJ = torture/rpc/lsa.o torture/rpc/echo.o SMBTORTURE_OBJ1 = torture/torture.o torture/torture_util.o torture/nbio.o torture/scanner.o \ torture/utable.o torture/denytest.o torture/mangle_test.o \ torture/aliases.o libcli/raw/clirewrite.o $(SMBTORTURE_RAW_OBJ) \ - $(SMBTORTURE_RPC_OBJ) rpc_parse/parse_lsa.o + $(SMBTORTURE_RPC_OBJ) SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) \ $(LIBSMB_OBJ) $(LIBDFS_OBJ) $(PARAM_OBJ) $(LIB_OBJ) diff --git a/source4/libcli/ndr/libndr.h b/source4/libcli/ndr/libndr.h index 0205a64552..931fc1c341 100644 --- a/source4/libcli/ndr/libndr.h +++ b/source4/libcli/ndr/libndr.h @@ -54,6 +54,10 @@ struct ndr_push { TALLOC_CTX *mem_ctx; }; +struct ndr_push_save { + uint32 offset; +}; + #define NDR_BASE_MARSHALL_SIZE 1024 @@ -90,4 +94,6 @@ typedef NTSTATUS (*ndr_pull_fn_t)(struct ndr_pull *, void *); /* now pull in the individual parsers */ #include "libcli/ndr/ndr_sec.h" +#include "libcli/ndr/ndr_misc.h" #include "libcli/ndr/ndr_echo.h" +#include "libcli/ndr/ndr_lsa.h" diff --git a/source4/libcli/ndr/ndr_basic.c b/source4/libcli/ndr/ndr_basic.c index d06eac3ca9..8cbf375403 100644 --- a/source4/libcli/ndr/ndr_basic.c +++ b/source4/libcli/ndr/ndr_basic.c @@ -36,21 +36,6 @@ } while(0) /* - parse a GUID -*/ -NTSTATUS ndr_pull_guid(struct ndr_pull *ndr, GUID *guid) -{ - int i; - NDR_PULL_NEED_BYTES(ndr, GUID_SIZE); - for (i=0;i<GUID_SIZE;i++) { - guid->info[i] = CVAL(ndr->data, ndr->offset + i); - } - ndr->offset += i; - return NT_STATUS_OK; -} - - -/* parse a u8 */ NTSTATUS ndr_pull_u8(struct ndr_pull *ndr, uint8 *v) @@ -96,17 +81,40 @@ NTSTATUS ndr_pull_u32(struct ndr_pull *ndr, uint32 *v) } /* + pull a NTSTATUS +*/ +NTSTATUS ndr_pull_status(struct ndr_pull *ndr, NTSTATUS *status) +{ + uint32 v; + NDR_CHECK(ndr_pull_u32(ndr, &v)); + *status = NT_STATUS(v); + return NT_STATUS_OK; +} + +/* parse a set of bytes */ -NTSTATUS ndr_pull_bytes(struct ndr_pull *ndr, char **data, uint32 n) +NTSTATUS ndr_pull_bytes(struct ndr_pull *ndr, char *data, uint32 n) { NDR_PULL_NEED_BYTES(ndr, n); - NDR_ALLOC_N(ndr, *data, n); - memcpy(*data, ndr->data + ndr->offset, n); + memcpy(data, ndr->data + ndr->offset, n); ndr->offset += n; return NT_STATUS_OK; } +/* + parse a GUID +*/ +NTSTATUS ndr_pull_guid(struct ndr_pull *ndr, GUID *guid) +{ + int i; + NDR_PULL_NEED_BYTES(ndr, GUID_SIZE); + for (i=0;i<GUID_SIZE;i++) { + guid->info[i] = CVAL(ndr->data, ndr->offset + i); + } + ndr->offset += i; + return NT_STATUS_OK; +} #define NDR_PUSH_NEED_BYTES(ndr, n) NDR_CHECK(ndr_push_expand(ndr, ndr->offset+(n))) @@ -161,3 +169,55 @@ NTSTATUS ndr_push_bytes(struct ndr_push *ndr, const char *data, uint32 n) ndr->offset += n; return NT_STATUS_OK; } + + +/* + this is used when a packet has a 4 byte length field. We remember the start position + and come back to it later to fill in the size +*/ +NTSTATUS ndr_push_length4_start(struct ndr_push *ndr, struct ndr_push_save *save) +{ + save->offset = ndr->offset; + return ndr_push_u32(ndr, 0); +} + +NTSTATUS ndr_push_length4_end(struct ndr_push *ndr, struct ndr_push_save *save) +{ + uint32 offset = ndr->offset; + ndr->offset = save->offset; + NDR_CHECK(ndr_push_u32(ndr, offset - save->offset)); + ndr->offset = offset; + return NT_STATUS_OK; +} + +/* + push a 1 if a pointer is non-NULL, otherwise 0 +*/ +NTSTATUS ndr_push_ptr(struct ndr_push *ndr, const void *p) +{ + return ndr_push_u32(ndr, p?1:0); +} + +/* + push a comformant, variable ucs2 string onto the wire from a C string +*/ +NTSTATUS ndr_push_unistr(struct ndr_push *ndr, const char *s) +{ + smb_ucs2_t *ws; + ssize_t len; + int i; + len = push_ucs2_talloc(ndr->mem_ctx, &ws, s); + if (len == -1) { + return NT_STATUS_INVALID_PARAMETER; + } + NDR_CHECK(ndr_push_u32(ndr, len)); + NDR_CHECK(ndr_push_u32(ndr, 0)); + NDR_CHECK(ndr_push_u32(ndr, len-2)); + NDR_PUSH_NEED_BYTES(ndr, len); + for (i=0;i<len;i+=2) { + SSVAL(ndr->data, ndr->offset + i, ws[i]); + } + ndr->offset += i; + return NT_STATUS_OK; +} + diff --git a/source4/libcli/ndr/ndr_echo.c b/source4/libcli/ndr/ndr_echo.c index a085a6534d..c60569676c 100644 --- a/source4/libcli/ndr/ndr_echo.c +++ b/source4/libcli/ndr/ndr_echo.c @@ -53,7 +53,8 @@ NTSTATUS ndr_pull_rpcecho_echodata(struct ndr_pull *ndr, struct rpcecho_echodata *r) { NDR_CHECK(ndr_pull_u32(ndr, &r->out.len)); - NDR_CHECK(ndr_pull_bytes(ndr, &r->out.data, r->out.len)); + NDR_ALLOC_N(ndr, r->out.data, r->out.len); + NDR_CHECK(ndr_pull_bytes(ndr, r->out.data, r->out.len)); return NT_STATUS_OK; } @@ -97,7 +98,8 @@ NTSTATUS ndr_pull_rpcecho_sourcedata(struct ndr_pull *ndr, struct rpcecho_sourcedata *r) { NDR_CHECK(ndr_pull_u32(ndr, &r->out.len)); - NDR_CHECK(ndr_pull_bytes(ndr, &r->out.data, r->out.len)); + NDR_ALLOC_N(ndr, r->out.data, r->out.len); + NDR_CHECK(ndr_pull_bytes(ndr, r->out.data, r->out.len)); return NT_STATUS_OK; } diff --git a/source4/libcli/ndr/ndr_lsa.c b/source4/libcli/ndr/ndr_lsa.c new file mode 100644 index 0000000000..6649bd04c2 --- /dev/null +++ b/source4/libcli/ndr/ndr_lsa.c @@ -0,0 +1,85 @@ +/* + Unix SMB/CIFS implementation. + + routines for marshalling/unmarshalling lsa pipe + + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + + +#include "includes.h" + +NTSTATUS ndr_push_lsa_QosInfo(struct ndr_push *ndr, + struct lsa_QosInfo *r) +{ + struct ndr_push_save length; + + NDR_CHECK(ndr_push_length4_start(ndr, &length)); + NDR_CHECK(ndr_push_u16(ndr, r->impersonation_level)); + NDR_CHECK(ndr_push_u8(ndr, r->context_mode)); + NDR_CHECK(ndr_push_u8(ndr, r->effective_only)); + NDR_CHECK(ndr_push_length4_end(ndr, &length)); + + return NT_STATUS_OK; +} + +NTSTATUS ndr_push_lsa_ObjectAttribute(struct ndr_push *ndr, + struct lsa_ObjectAttribute *r) +{ + struct ndr_push_save length; + + NDR_CHECK(ndr_push_length4_start(ndr, &length)); + NDR_CHECK(ndr_push_ptr(ndr, r->root_dir)); + NDR_CHECK(ndr_push_ptr(ndr, r->object_name)); + NDR_CHECK(ndr_push_u32(ndr, r->attributes)); + NDR_CHECK(ndr_push_ptr(ndr, r->sec_desc)); + NDR_CHECK(ndr_push_ptr(ndr, r->sec_qos)); + + if (r->root_dir) NDR_CHECK(ndr_push_u8(ndr, r->root_dir[0])); + if (r->object_name) NDR_CHECK(ndr_push_unistr(ndr, r->object_name)); + if (r->sec_desc) NDR_CHECK(ndr_push_security_descriptor(ndr, r->sec_desc)); + if (r->sec_qos) NDR_CHECK(ndr_push_lsa_QosInfo(ndr, r->sec_qos)); + + NDR_CHECK(ndr_push_length4_end(ndr, &length)); + + return NT_STATUS_OK; +} + +/* + push a openpolicy +*/ +NTSTATUS ndr_push_lsa_OpenPolicy(struct ndr_push *ndr, + struct lsa_OpenPolicy *r) +{ + NDR_CHECK(ndr_push_ptr(ndr, r->in.system_name)); + NDR_CHECK(ndr_push_u16(ndr, r->in.system_name[0])); + NDR_CHECK(ndr_push_lsa_ObjectAttribute(ndr, r->in.attr)); + NDR_CHECK(ndr_push_u32(ndr, r->in.desired_access)); + return NT_STATUS_OK; +} + + +/* + parse a openpolicy +*/ +NTSTATUS ndr_pull_lsa_OpenPolicy(struct ndr_pull *ndr, + struct lsa_OpenPolicy *r) +{ + NDR_CHECK(ndr_pull_policy_handle(ndr, &r->out.handle)); + NDR_CHECK(ndr_pull_status(ndr, &r->out.status)); + return NT_STATUS_OK; +} diff --git a/source4/libcli/ndr/ndr_lsa.h b/source4/libcli/ndr/ndr_lsa.h new file mode 100644 index 0000000000..4a0aff8323 --- /dev/null +++ b/source4/libcli/ndr/ndr_lsa.h @@ -0,0 +1,47 @@ +/* + Unix SMB/CIFS implementation. + + definitions for marshalling/unmarshalling the lsa pipe + + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +struct lsa_QosInfo { + uint16 impersonation_level; + uint8 context_mode; + uint8 effective_only; +}; + +struct lsa_ObjectAttribute { + const char *root_dir; + const char *object_name; + uint32 attributes; + struct security_descriptor *sec_desc; + struct lsa_QosInfo *sec_qos; +}; + +struct lsa_OpenPolicy { + struct { + const char *system_name; + struct lsa_ObjectAttribute *attr; + uint32 desired_access; + } in; + struct { + struct policy_handle handle; + NTSTATUS status; + } out; +}; diff --git a/source4/libcli/ndr/ndr_misc.c b/source4/libcli/ndr/ndr_misc.c new file mode 100644 index 0000000000..cdd6652068 --- /dev/null +++ b/source4/libcli/ndr/ndr_misc.c @@ -0,0 +1,45 @@ +/* + Unix SMB/CIFS implementation. + + routines for marshalling/unmarshalling miscellaneous rpc structures + + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + + +#include "includes.h" + + +/* + parse a policy handle +*/ +NTSTATUS ndr_pull_policy_handle(struct ndr_pull *ndr, + struct policy_handle *r) +{ + NDR_CHECK(ndr_pull_bytes(ndr, r->data, 20)); + return NT_STATUS_OK; +} + +/* + push a policy handle +*/ +NTSTATUS ndr_push_policy_handle(struct ndr_push *ndr, + struct policy_handle *r) +{ + NDR_CHECK(ndr_push_bytes(ndr, r->data, 20)); + return NT_STATUS_OK; +} diff --git a/source4/libcli/ndr/ndr_misc.h b/source4/libcli/ndr/ndr_misc.h new file mode 100644 index 0000000000..cc3576b3e8 --- /dev/null +++ b/source4/libcli/ndr/ndr_misc.h @@ -0,0 +1,26 @@ +/* + Unix SMB/CIFS implementation. + + definitions for marshalling/unmarshalling miscellaneous structures + + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +/* policy handles are used all over the place */ +struct policy_handle { + char data[20]; +}; diff --git a/source4/libcli/raw/rawdcerpc.c b/source4/libcli/raw/rawdcerpc.c index a6cd75eeaa..6a3275c7a4 100644 --- a/source4/libcli/raw/rawdcerpc.c +++ b/source4/libcli/raw/rawdcerpc.c @@ -22,6 +22,68 @@ #include "includes.h" + +/* + open a rpc connection to a named pipe +*/ +NTSTATUS dcerpc_pipe_open_smb(struct dcerpc_pipe *p, const char *pipe_name) +{ + NTSTATUS status; + char *name = NULL; + union smb_open io; + TALLOC_CTX *mem_ctx; + + asprintf(&name, "\\%s", pipe_name); + if (!name) { + return NT_STATUS_NO_MEMORY; + } + + io.ntcreatex.level = RAW_OPEN_NTCREATEX; + io.ntcreatex.in.flags = 0; + io.ntcreatex.in.root_fid = 0; + io.ntcreatex.in.access_mask = + STD_RIGHT_READ_CONTROL_ACCESS | + SA_RIGHT_FILE_WRITE_ATTRIBUTES | + SA_RIGHT_FILE_WRITE_EA | + GENERIC_RIGHTS_FILE_READ | + GENERIC_RIGHTS_FILE_WRITE; + io.ntcreatex.in.file_attr = 0; + io.ntcreatex.in.alloc_size = 0; + io.ntcreatex.in.share_access = + NTCREATEX_SHARE_ACCESS_READ | + NTCREATEX_SHARE_ACCESS_WRITE; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN; + io.ntcreatex.in.create_options = 0; + io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_IMPERSONATION; + io.ntcreatex.in.security_flags = 0; + io.ntcreatex.in.fname = name; + + mem_ctx = talloc_init("torture_rpc_connection"); + status = smb_raw_open(p->tree, mem_ctx, &io); + free(name); + talloc_destroy(mem_ctx); + + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + p->fnum = io.ntcreatex.out.fnum; + + /* bind to the pipe, using the pipe_name as the key */ + status = dcerpc_bind_byname(p, pipe_name); + + if (!NT_STATUS_IS_OK(status)) { + union smb_close c; + c.close.level = RAW_CLOSE_CLOSE; + c.close.in.fnum = p->fnum; + c.close.in.write_time = 0; + smb_raw_close(p->tree, &c); + } + + return status; +} + + struct cli_request *dcerpc_raw_send(struct dcerpc_pipe *p, DATA_BLOB *blob) { struct smb_trans2 trans; diff --git a/source4/libcli/rpc/dcerpc.c b/source4/libcli/rpc/dcerpc.c index 7d6888dde7..89f2c6d5b1 100644 --- a/source4/libcli/rpc/dcerpc.c +++ b/source4/libcli/rpc/dcerpc.c @@ -28,7 +28,7 @@ struct dcerpc_pipe *dcerpc_pipe_init(struct cli_tree *tree) { struct dcerpc_pipe *p; - TALLOC_CTX *mem_ctx = talloc_init("cli_dcerpc_tree"); + TALLOC_CTX *mem_ctx = talloc_init("dcerpc_tree"); if (mem_ctx == NULL) return NULL; @@ -513,7 +513,7 @@ NTSTATUS dcerpc_bind(struct dcerpc_pipe *p, DATA_BLOB blob; DATA_BLOB blob_out; - mem_ctx = talloc_init("cli_dcerpc_bind"); + mem_ctx = talloc_init("dcerpc_bind"); if (!mem_ctx) { return NT_STATUS_NO_MEMORY; } @@ -590,7 +590,7 @@ static const struct { /* Perform a bind using the given well-known pipe name */ -NTSTATUS cli_dcerpc_bind_byname(struct dcerpc_pipe *p, const char *pipe_name) +NTSTATUS dcerpc_bind_byname(struct dcerpc_pipe *p, const char *pipe_name) { int i; @@ -609,7 +609,7 @@ NTSTATUS cli_dcerpc_bind_byname(struct dcerpc_pipe *p, const char *pipe_name) /* perform a full request/response pair on a dcerpc pipe */ -NTSTATUS cli_dcerpc_request(struct dcerpc_pipe *p, +NTSTATUS dcerpc_request(struct dcerpc_pipe *p, uint16 opnum, TALLOC_CTX *mem_ctx, DATA_BLOB *stub_data_in, @@ -777,7 +777,7 @@ NTSTATUS dcerpc_ndr_request(struct dcerpc_pipe *p, request = ndr_push_blob(push); /* make the actual dcerpc request */ - status = cli_dcerpc_request(p, opnum, mem_ctx, &request, &response); + status = dcerpc_request(p, opnum, mem_ctx, &request, &response); if (!NT_STATUS_IS_OK(status)) { goto failed; } diff --git a/source4/libcli/rpc/rpc_lsa.c b/source4/libcli/rpc/rpc_lsa.c new file mode 100644 index 0000000000..b747762984 --- /dev/null +++ b/source4/libcli/rpc/rpc_lsa.c @@ -0,0 +1,64 @@ +/* + Unix SMB/CIFS implementation. + + rpc lsa pipe calls + + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +/* + OpenPolicy interface +*/ +NTSTATUS dcerpc_lsa_OpenPolicy(struct dcerpc_pipe *p, + const char *server, + struct lsa_ObjectAttribute *attr, + uint32 access_mask, + struct policy_handle *handle) +{ + struct lsa_OpenPolicy r; + NTSTATUS status; + TALLOC_CTX *mem_ctx; + + mem_ctx = talloc_init("dcerpc_rpcecho_addone"); + if (!mem_ctx) { + return NT_STATUS_NO_MEMORY; + } + + /* fill the .in side of the call */ + r.in.system_name = server; + r.in.attr = attr; + r.in.desired_access = access_mask; + + /* make the call */ + status = dcerpc_ndr_request(p, LSA_OPENPOLICY, mem_ctx, + (ndr_push_fn_t) ndr_push_lsa_OpenPolicy, + (ndr_pull_fn_t) ndr_pull_lsa_OpenPolicy, + &r); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + /* and extract the .out parameters */ + *handle = r.out.handle; + status = r.out.status; + +done: + talloc_destroy(mem_ctx); + return status; +} diff --git a/source4/torture/rpc/echo.c b/source4/torture/rpc/echo.c index 1d034c48df..8780b39f87 100644 --- a/source4/torture/rpc/echo.c +++ b/source4/torture/rpc/echo.c @@ -53,7 +53,7 @@ static BOOL test_echodata(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) int i; NTSTATUS status; char *data_in, *data_out; - int len = 17; + int len = 1 + (random() % 5000); int len_out; printf("\nTesting EchoData\n"); @@ -92,7 +92,7 @@ static BOOL test_sourcedata(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) int i; NTSTATUS status; char *data_out; - int len = 200000; + int len = 200000 + (random() % 5000); int len_out; printf("\nTesting SourceData\n"); @@ -126,7 +126,7 @@ static BOOL test_sinkdata(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) int i; NTSTATUS status; char *data_in; - int len = 200000; + int len = 200000 + (random() % 5000); printf("\nTesting SinkData\n"); @@ -143,6 +143,8 @@ static BOOL test_sinkdata(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) return False; } + printf("sunk %d bytes\n", len); + return True; } diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index cac7f80d5a..95a07ef0c6 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -1,7 +1,7 @@ /* Unix SMB/CIFS implementation. test suite for lsa rpc operations - Copyright (C) Tim Potter 2003 + Copyright (C) Andrew Tridgell 2003 This program is free software; you can redistribute it and/or modify @@ -21,38 +21,40 @@ #include "includes.h" -/* form a lsa open request */ -static DATA_BLOB blob_lsa_open_policy_req(TALLOC_CTX *mem_ctx, BOOL sec_qos, uint32 des_access) +static BOOL test_OpenPolicy(struct dcerpc_pipe *p) { - prs_struct qbuf; - LSA_Q_OPEN_POL q; - LSA_SEC_QOS qos; + struct lsa_ObjectAttribute attr; + struct policy_handle handle; + struct lsa_QosInfo qos; + NTSTATUS status; - ZERO_STRUCT(q); + qos.impersonation_level = 2; + qos.context_mode = 1; + qos.effective_only = 0; - /* Initialise parse structures */ - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); + attr.root_dir = NULL; + attr.object_name = NULL; + attr.attributes = 0; + attr.sec_desc = NULL; + attr.sec_qos = &qos; - /* Initialise input parameters */ - if (sec_qos) { - init_lsa_sec_qos(&qos, 2, 1, 0); - init_q_open_pol(&q, '\\', 0, des_access, &qos); - } else { - init_q_open_pol(&q, '\\', 0, des_access, NULL); + status = dcerpc_lsa_OpenPolicy(p, + "\\", + &attr, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &handle); + if (!NT_STATUS_IS_OK(status)) { + printf("OpenPolicy failed - %s\n", nt_errstr(status)); + return False; } - if (lsa_io_q_open_pol("", &q, &qbuf, 0)) - return data_blob_talloc( - mem_ctx, prs_data_p(&qbuf), prs_offset(&qbuf)); - - return data_blob(NULL, 0); + return True; } BOOL torture_rpc_lsa(int dummy) { NTSTATUS status; struct dcerpc_pipe *p; - DATA_BLOB request, response; TALLOC_CTX *mem_ctx; mem_ctx = talloc_init("torture_rpc_lsa"); @@ -62,13 +64,7 @@ BOOL torture_rpc_lsa(int dummy) return False; } - request = blob_lsa_open_policy_req(mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED); - - status = cli_dcerpc_request(p, LSA_OPENPOLICY, mem_ctx, &request, &response); - if (!NT_STATUS_IS_OK(status)) { - d_printf("Failed to LSA_OPENPOLICY - %s\n", nt_errstr(status)); - } + test_OpenPolicy(p); torture_rpc_close(p); diff --git a/source4/torture/torture.c b/source4/torture/torture.c index bb5741c54f..d88a58032f 100644 --- a/source4/torture/torture.c +++ b/source4/torture/torture.c @@ -135,65 +135,23 @@ BOOL torture_close_connection(struct cli_state *c) NTSTATUS torture_rpc_connection(struct dcerpc_pipe **p, const char *pipe_name) { struct cli_state *cli; - int fnum; NTSTATUS status; - char *name = NULL; - union smb_open open_parms; - TALLOC_CTX *mem_ctx; if (!torture_open_connection(&cli)) { return NT_STATUS_UNSUCCESSFUL; } - asprintf(&name, "\\%s", pipe_name); - if (!name) { - return NT_STATUS_NO_MEMORY; - } - - open_parms.ntcreatex.level = RAW_OPEN_NTCREATEX; - open_parms.ntcreatex.in.flags = 0; - open_parms.ntcreatex.in.root_fid = 0; - open_parms.ntcreatex.in.access_mask = - STD_RIGHT_READ_CONTROL_ACCESS | - SA_RIGHT_FILE_WRITE_ATTRIBUTES | - SA_RIGHT_FILE_WRITE_EA | - GENERIC_RIGHTS_FILE_READ | - GENERIC_RIGHTS_FILE_WRITE; - open_parms.ntcreatex.in.file_attr = 0; - open_parms.ntcreatex.in.alloc_size = 0; - open_parms.ntcreatex.in.share_access = - NTCREATEX_SHARE_ACCESS_READ | - NTCREATEX_SHARE_ACCESS_WRITE; - open_parms.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN; - open_parms.ntcreatex.in.create_options = 0; - open_parms.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_IMPERSONATION; - open_parms.ntcreatex.in.security_flags = 0; - open_parms.ntcreatex.in.fname = name; - - mem_ctx = talloc_init("torture_rpc_connection"); - status = smb_raw_open(cli->tree, mem_ctx, &open_parms); - free(name); - talloc_destroy(mem_ctx); - + if (!(*p = dcerpc_pipe_init(cli->tree))) { + return NT_STATUS_NO_MEMORY; + } + + status = dcerpc_pipe_open_smb(*p, pipe_name); if (!NT_STATUS_IS_OK(status)) { printf("Open of pipe %s failed with error (%s)\n", pipe_name, nt_errstr(status)); return status; } - if (!(*p = dcerpc_pipe_init(cli->tree))) { - return NT_STATUS_NO_MEMORY; - } - - (*p)->fnum = open_parms.ntcreatex.out.fnum; - - status = cli_dcerpc_bind_byname(*p, pipe_name); - - if (!NT_STATUS_IS_OK(status)) { - cli_close(cli, fnum); - dcerpc_pipe_close(*p); - } - return status; } |