diff options
-rw-r--r-- | source4/torture/rpc/samr.c | 195 |
1 files changed, 111 insertions, 84 deletions
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 5340d2cad6..177e41ff3d 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -54,6 +54,13 @@ enum torture_samr_choice { TORTURE_SAMR_MANY_ALIASES }; +struct torture_samr_context { + struct policy_handle handle; + struct cli_credentials *machine_credentials; + enum torture_samr_choice choice; + uint32_t num_objects_large_dc; +}; + static bool test_QueryUserInfo(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *handle); @@ -6273,9 +6280,9 @@ static bool test_ManyObjects(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *domain_handle, struct dom_sid *domain_sid, - enum torture_samr_choice which_ops) + struct torture_samr_context *ctx) { - uint32_t num_total = 1500; + uint32_t num_total = ctx->num_objects_large_dc; uint32_t num_enum = 0; uint32_t num_disp = 0; uint32_t num_created = 0; @@ -6299,7 +6306,7 @@ static bool test_ManyObjects(struct dcerpc_pipe *p, torture_assert_ntstatus_ok(tctx, status, "failed to query domain info"); - switch (which_ops) { + switch (ctx->choice) { case TORTURE_SAMR_MANY_ACCOUNTS: num_anounced = info->general.num_users; break; @@ -6320,7 +6327,7 @@ static bool test_ManyObjects(struct dcerpc_pipe *p, const char *name = NULL; - switch (which_ops) { + switch (ctx->choice) { case TORTURE_SAMR_MANY_ACCOUNTS: name = talloc_asprintf(tctx, "%s%04d", TEST_ACCOUNT_NAME, i); ret &= test_CreateUser(p, tctx, domain_handle, name, &handles[i], domain_sid, 0, NULL, false); @@ -6343,7 +6350,7 @@ static bool test_ManyObjects(struct dcerpc_pipe *p, /* enum */ - switch (which_ops) { + switch (ctx->choice) { case TORTURE_SAMR_MANY_ACCOUNTS: ret &= test_EnumDomainUsers(p, tctx, domain_handle, &num_enum); break; @@ -6359,7 +6366,7 @@ static bool test_ManyObjects(struct dcerpc_pipe *p, /* dispinfo */ - switch (which_ops) { + switch (ctx->choice) { case TORTURE_SAMR_MANY_ACCOUNTS: ret &= test_QueryDisplayInfo_level(p, tctx, domain_handle, 1, &num_disp); break; @@ -6384,7 +6391,7 @@ static bool test_ManyObjects(struct dcerpc_pipe *p, if (torture_setting_bool(tctx, "samba3", false)) { ret &= test_samr_handle_Close(p, tctx, &handles[i]); } else { - switch (which_ops) { + switch (ctx->choice) { case TORTURE_SAMR_MANY_ACCOUNTS: ret &= test_DeleteUser(p, tctx, &handles[i]); break; @@ -6402,7 +6409,7 @@ static bool test_ManyObjects(struct dcerpc_pipe *p, talloc_free(handles); - if (which_ops == TORTURE_SAMR_MANY_ACCOUNTS && num_enum != num_anounced + num_created) { + if (ctx->choice == TORTURE_SAMR_MANY_ACCOUNTS && num_enum != num_anounced + num_created) { torture_comment(tctx, "unexpected number of results (%u) returned in enum call, expected %u\n", num_enum, num_anounced + num_created); @@ -6418,9 +6425,7 @@ static bool test_Connect(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *handle); static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, - struct policy_handle *handle, struct dom_sid *sid, - enum torture_samr_choice which_ops, - struct cli_credentials *machine_credentials) + struct torture_samr_context *ctx, struct dom_sid *sid) { NTSTATUS status; struct samr_OpenDomain r; @@ -6437,7 +6442,7 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, torture_comment(tctx, "Testing OpenDomain of %s\n", dom_sid_string(tctx, sid)); - r.in.connect_handle = handle; + r.in.connect_handle = &ctx->handle; r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.in.sid = sid; r.out.domain_handle = &domain_handle; @@ -6447,24 +6452,24 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, /* run the domain tests with the main handle closed - this tests the servers reference counting */ - torture_assert(tctx, test_samr_handle_Close(p, tctx, handle), "Failed to close SAMR handle"); + torture_assert(tctx, test_samr_handle_Close(p, tctx, &ctx->handle), "Failed to close SAMR handle"); - switch (which_ops) { + switch (ctx->choice) { case TORTURE_SAMR_PASSWORDS: case TORTURE_SAMR_USER_PRIVILEGES: if (!torture_setting_bool(tctx, "samba3", false)) { - ret &= test_CreateUser2(p, tctx, &domain_handle, sid, which_ops, NULL); + ret &= test_CreateUser2(p, tctx, &domain_handle, sid, ctx->choice, NULL); } - ret &= test_CreateUser(p, tctx, &domain_handle, TEST_ACCOUNT_NAME, &user_handle, sid, which_ops, NULL, true); + ret &= test_CreateUser(p, tctx, &domain_handle, TEST_ACCOUNT_NAME, &user_handle, sid, ctx->choice, NULL, true); if (!ret) { torture_warning(tctx, "Testing PASSWORDS or PRIVILEGES on domain %s failed!\n", dom_sid_string(tctx, sid)); } break; case TORTURE_SAMR_USER_ATTRIBUTES: if (!torture_setting_bool(tctx, "samba3", false)) { - ret &= test_CreateUser2(p, tctx, &domain_handle, sid, which_ops, NULL); + ret &= test_CreateUser2(p, tctx, &domain_handle, sid, ctx->choice, NULL); } - ret &= test_CreateUser(p, tctx, &domain_handle, TEST_ACCOUNT_NAME, &user_handle, sid, which_ops, NULL, true); + ret &= test_CreateUser(p, tctx, &domain_handle, TEST_ACCOUNT_NAME, &user_handle, sid, ctx->choice, NULL, true); /* This test needs 'complex' users to validate */ ret &= test_QueryDisplayInfo(p, tctx, &domain_handle); if (!ret) { @@ -6473,9 +6478,9 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, break; case TORTURE_SAMR_PASSWORDS_PWDLASTSET: if (!torture_setting_bool(tctx, "samba3", false)) { - ret &= test_CreateUser2(p, tctx, &domain_handle, sid, which_ops, machine_credentials); + ret &= test_CreateUser2(p, tctx, &domain_handle, sid, ctx->choice, ctx->machine_credentials); } - ret &= test_CreateUser(p, tctx, &domain_handle, TEST_ACCOUNT_NAME, &user_handle, sid, which_ops, machine_credentials, true); + ret &= test_CreateUser(p, tctx, &domain_handle, TEST_ACCOUNT_NAME, &user_handle, sid, ctx->choice, ctx->machine_credentials, true); if (!ret) { torture_warning(tctx, "Testing PASSWORDS PWDLASTSET on domain %s failed!\n", dom_sid_string(tctx, sid)); } @@ -6483,13 +6488,13 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, case TORTURE_SAMR_MANY_ACCOUNTS: case TORTURE_SAMR_MANY_GROUPS: case TORTURE_SAMR_MANY_ALIASES: - ret &= test_ManyObjects(p, tctx, &domain_handle, sid, which_ops); + ret &= test_ManyObjects(p, tctx, &domain_handle, sid, ctx); if (!ret) { torture_warning(tctx, "Testing MANY-{ACCOUNTS,GROUPS,ALIASES} on domain %s failed!\n", dom_sid_string(tctx, sid)); } break; case TORTURE_SAMR_OTHER: - ret &= test_CreateUser(p, tctx, &domain_handle, TEST_ACCOUNT_NAME, &user_handle, sid, which_ops, NULL, true); + ret &= test_CreateUser(p, tctx, &domain_handle, TEST_ACCOUNT_NAME, &user_handle, sid, ctx->choice, NULL, true); if (!ret) { torture_warning(tctx, "Failed to CreateUser in SAMR-OTHER on domain %s!\n", dom_sid_string(tctx, sid)); } @@ -6542,7 +6547,7 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, torture_assert(tctx, test_samr_handle_Close(p, tctx, &domain_handle), "Failed to close SAMR domain handle"); - torture_assert(tctx, test_Connect(p, tctx, handle), "Faile to re-connect SAMR handle"); + torture_assert(tctx, test_Connect(p, tctx, &ctx->handle), "Faile to re-connect SAMR handle"); /* reconnect the main handle */ if (!ret) { @@ -6553,9 +6558,7 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, } static bool test_LookupDomain(struct dcerpc_pipe *p, struct torture_context *tctx, - struct policy_handle *handle, const char *domain, - enum torture_samr_choice which_ops, - struct cli_credentials *machine_credentials) + struct torture_samr_context *ctx, const char *domain) { NTSTATUS status; struct samr_LookupDomain r; @@ -6567,7 +6570,7 @@ static bool test_LookupDomain(struct dcerpc_pipe *p, struct torture_context *tct torture_comment(tctx, "Testing LookupDomain(%s)\n", domain); /* check for correct error codes */ - r.in.connect_handle = handle; + r.in.connect_handle = &ctx->handle; r.in.domain_name = &n2; r.out.sid = &sid; n2.string = NULL; @@ -6580,7 +6583,7 @@ static bool test_LookupDomain(struct dcerpc_pipe *p, struct torture_context *tct status = dcerpc_samr_LookupDomain(p, tctx, &r); torture_assert_ntstatus_equal(tctx, NT_STATUS_NO_SUCH_DOMAIN, status, "LookupDomain expected NT_STATUS_NO_SUCH_DOMAIN"); - r.in.connect_handle = handle; + r.in.connect_handle = &ctx->handle; init_lsa_String(&n1, domain); r.in.domain_name = &n1; @@ -6592,8 +6595,7 @@ static bool test_LookupDomain(struct dcerpc_pipe *p, struct torture_context *tct ret = false; } - if (!test_OpenDomain(p, tctx, handle, *r.out.sid, which_ops, - machine_credentials)) { + if (!test_OpenDomain(p, tctx, ctx, *r.out.sid)) { ret = false; } @@ -6602,8 +6604,7 @@ static bool test_LookupDomain(struct dcerpc_pipe *p, struct torture_context *tct static bool test_EnumDomains(struct dcerpc_pipe *p, struct torture_context *tctx, - struct policy_handle *handle, enum torture_samr_choice which_ops, - struct cli_credentials *machine_credentials) + struct torture_samr_context *ctx) { NTSTATUS status; struct samr_EnumDomains r; @@ -6613,7 +6614,7 @@ static bool test_EnumDomains(struct dcerpc_pipe *p, struct torture_context *tctx int i; bool ret = true; - r.in.connect_handle = handle; + r.in.connect_handle = &ctx->handle; r.in.resume_handle = &resume_handle; r.in.buf_size = (uint32_t)-1; r.out.resume_handle = &resume_handle; @@ -6628,9 +6629,8 @@ static bool test_EnumDomains(struct dcerpc_pipe *p, struct torture_context *tctx } for (i=0;i<sam->count;i++) { - if (!test_LookupDomain(p, tctx, handle, - sam->entries[i].name.string, which_ops, - machine_credentials)) { + if (!test_LookupDomain(p, tctx, ctx, + sam->entries[i].name.string)) { ret = false; } } @@ -6792,26 +6792,30 @@ bool torture_rpc_samr(struct torture_context *torture) NTSTATUS status; struct dcerpc_pipe *p; bool ret = true; - struct policy_handle handle; + struct torture_samr_context *ctx; status = torture_rpc_connection(torture, &p, &ndr_table_samr); if (!NT_STATUS_IS_OK(status)) { return false; } - ret &= test_Connect(p, torture, &handle); + ctx = talloc_zero(torture, struct torture_samr_context); + + ctx->choice = TORTURE_SAMR_OTHER; + + ret &= test_Connect(p, torture, &ctx->handle); if (!torture_setting_bool(torture, "samba3", false)) { - ret &= test_QuerySecurity(p, torture, &handle); + ret &= test_QuerySecurity(p, torture, &ctx->handle); } - ret &= test_EnumDomains(p, torture, &handle, TORTURE_SAMR_OTHER, NULL); + ret &= test_EnumDomains(p, torture, ctx); - ret &= test_SetDsrmPassword(p, torture, &handle); + ret &= test_SetDsrmPassword(p, torture, &ctx->handle); - ret &= test_Shutdown(p, torture, &handle); + ret &= test_Shutdown(p, torture, &ctx->handle); - ret &= test_samr_handle_Close(p, torture, &handle); + ret &= test_samr_handle_Close(p, torture, &ctx->handle); return ret; } @@ -6822,26 +6826,30 @@ bool torture_rpc_samr_users(struct torture_context *torture) NTSTATUS status; struct dcerpc_pipe *p; bool ret = true; - struct policy_handle handle; + struct torture_samr_context *ctx; status = torture_rpc_connection(torture, &p, &ndr_table_samr); if (!NT_STATUS_IS_OK(status)) { return false; } - ret &= test_Connect(p, torture, &handle); + ctx = talloc_zero(torture, struct torture_samr_context); + + ctx->choice = TORTURE_SAMR_USER_ATTRIBUTES; + + ret &= test_Connect(p, torture, &ctx->handle); if (!torture_setting_bool(torture, "samba3", false)) { - ret &= test_QuerySecurity(p, torture, &handle); + ret &= test_QuerySecurity(p, torture, &ctx->handle); } - ret &= test_EnumDomains(p, torture, &handle, TORTURE_SAMR_USER_ATTRIBUTES, NULL); + ret &= test_EnumDomains(p, torture, ctx); - ret &= test_SetDsrmPassword(p, torture, &handle); + ret &= test_SetDsrmPassword(p, torture, &ctx->handle); - ret &= test_Shutdown(p, torture, &handle); + ret &= test_Shutdown(p, torture, &ctx->handle); - ret &= test_samr_handle_Close(p, torture, &handle); + ret &= test_samr_handle_Close(p, torture, &ctx->handle); return ret; } @@ -6852,18 +6860,22 @@ bool torture_rpc_samr_passwords(struct torture_context *torture) NTSTATUS status; struct dcerpc_pipe *p; bool ret = true; - struct policy_handle handle; + struct torture_samr_context *ctx; status = torture_rpc_connection(torture, &p, &ndr_table_samr); if (!NT_STATUS_IS_OK(status)) { return false; } - ret &= test_Connect(p, torture, &handle); + ctx = talloc_zero(torture, struct torture_samr_context); + + ctx->choice = TORTURE_SAMR_PASSWORDS; + + ret &= test_Connect(p, torture, &ctx->handle); - ret &= test_EnumDomains(p, torture, &handle, TORTURE_SAMR_PASSWORDS, NULL); + ret &= test_EnumDomains(p, torture, ctx); - ret &= test_samr_handle_Close(p, torture, &handle); + ret &= test_samr_handle_Close(p, torture, &ctx->handle); ret &= test_samr_ValidatePassword(p, torture); @@ -6877,20 +6889,23 @@ static bool torture_rpc_samr_pwdlastset(struct torture_context *torture, NTSTATUS status; struct dcerpc_pipe *p; bool ret = true; - struct policy_handle handle; + struct torture_samr_context *ctx; status = torture_rpc_connection(torture, &p, &ndr_table_samr); if (!NT_STATUS_IS_OK(status)) { return false; } - ret &= test_Connect(p, torture, &handle); + ctx = talloc_zero(torture, struct torture_samr_context); + + ctx->choice = TORTURE_SAMR_PASSWORDS_PWDLASTSET; + ctx->machine_credentials = machine_credentials; - ret &= test_EnumDomains(p, torture, &handle, - TORTURE_SAMR_PASSWORDS_PWDLASTSET, - machine_credentials); + ret &= test_Connect(p, torture, &ctx->handle); - ret &= test_samr_handle_Close(p, torture, &handle); + ret &= test_EnumDomains(p, torture, ctx); + + ret &= test_samr_handle_Close(p, torture, &ctx->handle); return ret; } @@ -6917,20 +6932,23 @@ static bool torture_rpc_samr_users_privileges_delete_user(struct torture_context NTSTATUS status; struct dcerpc_pipe *p; bool ret = true; - struct policy_handle handle; + struct torture_samr_context *ctx; status = torture_rpc_connection(torture, &p, &ndr_table_samr); if (!NT_STATUS_IS_OK(status)) { return false; } - ret &= test_Connect(p, torture, &handle); + ctx = talloc_zero(torture, struct torture_samr_context); + + ctx->choice = TORTURE_SAMR_USER_PRIVILEGES; + ctx->machine_credentials = machine_credentials; + + ret &= test_Connect(p, torture, &ctx->handle); - ret &= test_EnumDomains(p, torture, &handle, - TORTURE_SAMR_USER_PRIVILEGES, - machine_credentials); + ret &= test_EnumDomains(p, torture, ctx); - ret &= test_samr_handle_Close(p, torture, &handle); + ret &= test_samr_handle_Close(p, torture, &ctx->handle); return ret; } @@ -6957,20 +6975,23 @@ static bool torture_rpc_samr_many_accounts(struct torture_context *torture, NTSTATUS status; struct dcerpc_pipe *p; bool ret = true; - struct policy_handle handle; + struct torture_samr_context *ctx; status = torture_rpc_connection(torture, &p, &ndr_table_samr); if (!NT_STATUS_IS_OK(status)) { return false; } - ret &= test_Connect(p, torture, &handle); + ctx = talloc_zero(torture, struct torture_samr_context); + + ctx->choice = TORTURE_SAMR_MANY_ACCOUNTS; + ctx->num_objects_large_dc = 1500; + + ret &= test_Connect(p, torture, &ctx->handle); - ret &= test_EnumDomains(p, torture, &handle, - TORTURE_SAMR_MANY_ACCOUNTS, - machine_credentials); + ret &= test_EnumDomains(p, torture, ctx); - ret &= test_samr_handle_Close(p, torture, &handle); + ret &= test_samr_handle_Close(p, torture, &ctx->handle); return ret; } @@ -6982,20 +7003,23 @@ static bool torture_rpc_samr_many_groups(struct torture_context *torture, NTSTATUS status; struct dcerpc_pipe *p; bool ret = true; - struct policy_handle handle; + struct torture_samr_context *ctx; status = torture_rpc_connection(torture, &p, &ndr_table_samr); if (!NT_STATUS_IS_OK(status)) { return false; } - ret &= test_Connect(p, torture, &handle); + ctx = talloc_zero(torture, struct torture_samr_context); + + ctx->choice = TORTURE_SAMR_MANY_GROUPS; + ctx->num_objects_large_dc = 1500; - ret &= test_EnumDomains(p, torture, &handle, - TORTURE_SAMR_MANY_GROUPS, - machine_credentials); + ret &= test_Connect(p, torture, &ctx->handle); - ret &= test_samr_handle_Close(p, torture, &handle); + ret &= test_EnumDomains(p, torture, ctx); + + ret &= test_samr_handle_Close(p, torture, &ctx->handle); return ret; } @@ -7007,20 +7031,23 @@ static bool torture_rpc_samr_many_aliases(struct torture_context *torture, NTSTATUS status; struct dcerpc_pipe *p; bool ret = true; - struct policy_handle handle; + struct torture_samr_context *ctx; status = torture_rpc_connection(torture, &p, &ndr_table_samr); if (!NT_STATUS_IS_OK(status)) { return false; } - ret &= test_Connect(p, torture, &handle); + ctx = talloc_zero(torture, struct torture_samr_context); + + ctx->choice = TORTURE_SAMR_MANY_ALIASES; + ctx->num_objects_large_dc = 1500; + + ret &= test_Connect(p, torture, &ctx->handle); - ret &= test_EnumDomains(p, torture, &handle, - TORTURE_SAMR_MANY_ALIASES, - machine_credentials); + ret &= test_EnumDomains(p, torture, ctx); - ret &= test_samr_handle_Close(p, torture, &handle); + ret &= test_samr_handle_Close(p, torture, &ctx->handle); return ret; } |