diff options
-rw-r--r-- | source4/torture/rpc/lsa.c | 418 |
1 files changed, 207 insertions, 211 deletions
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index 454afabc50..038757e9bf 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -37,7 +37,8 @@ static void init_lsa_String(struct lsa_String *name, const char *s) name->string = s; } -static bool test_OpenPolicy(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) +static bool test_OpenPolicy(struct dcerpc_pipe *p, + struct torture_context *tctx) { struct lsa_ObjectAttribute attr; struct policy_handle handle; @@ -65,7 +66,7 @@ static bool test_OpenPolicy(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.handle = &handle; - status = dcerpc_lsa_OpenPolicy(p, mem_ctx, &r); + status = dcerpc_lsa_OpenPolicy(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) || NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) { @@ -80,7 +81,8 @@ static bool test_OpenPolicy(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) } -bool test_lsa_OpenPolicy2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, +bool test_lsa_OpenPolicy2(struct dcerpc_pipe *p, + struct torture_context *tctx, struct policy_handle **handle) { struct lsa_ObjectAttribute attr; @@ -90,7 +92,7 @@ bool test_lsa_OpenPolicy2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, printf("\nTesting OpenPolicy2\n"); - *handle = talloc(mem_ctx, struct policy_handle); + *handle = talloc(tctx, struct policy_handle); if (!*handle) { return false; } @@ -112,7 +114,7 @@ bool test_lsa_OpenPolicy2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.handle = *handle; - status = dcerpc_lsa_OpenPolicy2(p, mem_ctx, &r); + status = dcerpc_lsa_OpenPolicy2(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) || NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) { @@ -147,7 +149,7 @@ static const char *sid_type_lookup(enum lsa_SidType r) } static bool test_LookupNames(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct lsa_TransNameArray *tnames) { @@ -164,7 +166,7 @@ static bool test_LookupNames(struct dcerpc_pipe *p, sids.count = 0; sids.sids = NULL; - names = talloc_array(mem_ctx, struct lsa_String, tnames->count); + names = talloc_array(tctx, struct lsa_String, tnames->count); for (i=0;i<tnames->count;i++) { init_lsa_String(&names[i], tnames->names[i].name.string); } @@ -179,7 +181,7 @@ static bool test_LookupNames(struct dcerpc_pipe *p, r.out.sids = &sids; r.out.domains = &domains; - status = dcerpc_lsa_LookupNames(p, mem_ctx, &r); + status = dcerpc_lsa_LookupNames(p, tctx, &r); if (NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED) || NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) { @@ -213,9 +215,9 @@ static bool test_LookupNames(struct dcerpc_pipe *p, return true; } -static bool test_LookupNames_bogus(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, - struct policy_handle *handle) +static bool test_LookupNames_bogus(struct dcerpc_pipe *p, + struct torture_context *tctx, + struct policy_handle *handle) { struct lsa_LookupNames r; struct lsa_TransSidArray sids; @@ -238,7 +240,7 @@ static bool test_LookupNames_bogus(struct dcerpc_pipe *p, sids.count = 0; sids.sids = NULL; - names = talloc_array(mem_ctx, struct lsa_String, tnames.count); + names = talloc_array(tctx, struct lsa_String, tnames.count); for (i=0;i<tnames.count;i++) { init_lsa_String(&names[i], tnames.names[i].name.string); } @@ -253,7 +255,7 @@ static bool test_LookupNames_bogus(struct dcerpc_pipe *p, r.out.sids = &sids; r.out.domains = &domains; - status = dcerpc_lsa_LookupNames(p, mem_ctx, &r); + status = dcerpc_lsa_LookupNames(p, tctx, &r); if (!NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) { printf("LookupNames failed - %s\n", nt_errstr(status)); return false; @@ -265,7 +267,7 @@ static bool test_LookupNames_bogus(struct dcerpc_pipe *p, } static bool test_LookupNames_wellknown(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle) { struct lsa_TranslatedName name; @@ -278,44 +280,44 @@ static bool test_LookupNames_wellknown(struct dcerpc_pipe *p, tnames.count = 1; name.name.string = "NT AUTHORITY\\SYSTEM"; name.sid_type = SID_NAME_WKN_GRP; - ret &= test_LookupNames(p, mem_ctx, handle, &tnames); + ret &= test_LookupNames(p, tctx, handle, &tnames); name.name.string = "NT AUTHORITY\\ANONYMOUS LOGON"; name.sid_type = SID_NAME_WKN_GRP; - ret &= test_LookupNames(p, mem_ctx, handle, &tnames); + ret &= test_LookupNames(p, tctx, handle, &tnames); name.name.string = "NT AUTHORITY\\Authenticated Users"; name.sid_type = SID_NAME_WKN_GRP; - ret &= test_LookupNames(p, mem_ctx, handle, &tnames); + ret &= test_LookupNames(p, tctx, handle, &tnames); #if 0 name.name.string = "NT AUTHORITY"; - ret &= test_LookupNames(p, mem_ctx, handle, &tnames); + ret &= test_LookupNames(p, tctx, handle, &tnames); name.name.string = "NT AUTHORITY\\"; - ret &= test_LookupNames(p, mem_ctx, handle, &tnames); + ret &= test_LookupNames(p, tctx, handle, &tnames); #endif name.name.string = "BUILTIN\\"; name.sid_type = SID_NAME_DOMAIN; - ret &= test_LookupNames(p, mem_ctx, handle, &tnames); + ret &= test_LookupNames(p, tctx, handle, &tnames); name.name.string = "BUILTIN\\Administrators"; name.sid_type = SID_NAME_ALIAS; - ret &= test_LookupNames(p, mem_ctx, handle, &tnames); + ret &= test_LookupNames(p, tctx, handle, &tnames); name.name.string = "SYSTEM"; name.sid_type = SID_NAME_WKN_GRP; - ret &= test_LookupNames(p, mem_ctx, handle, &tnames); + ret &= test_LookupNames(p, tctx, handle, &tnames); name.name.string = "Everyone"; name.sid_type = SID_NAME_WKN_GRP; - ret &= test_LookupNames(p, mem_ctx, handle, &tnames); + ret &= test_LookupNames(p, tctx, handle, &tnames); return ret; } static bool test_LookupNames2(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct lsa_TransNameArray2 *tnames) { @@ -332,7 +334,7 @@ static bool test_LookupNames2(struct dcerpc_pipe *p, sids.count = 0; sids.sids = NULL; - names = talloc_array(mem_ctx, struct lsa_String, tnames->count); + names = talloc_array(tctx, struct lsa_String, tnames->count); for (i=0;i<tnames->count;i++) { init_lsa_String(&names[i], tnames->names[i].name.string); } @@ -349,7 +351,7 @@ static bool test_LookupNames2(struct dcerpc_pipe *p, r.out.sids = &sids; r.out.domains = &domains; - status = dcerpc_lsa_LookupNames2(p, mem_ctx, &r); + status = dcerpc_lsa_LookupNames2(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("LookupNames2 failed - %s\n", nt_errstr(status)); return false; @@ -362,7 +364,7 @@ static bool test_LookupNames2(struct dcerpc_pipe *p, static bool test_LookupNames3(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct lsa_TransNameArray2 *tnames) { @@ -379,7 +381,7 @@ static bool test_LookupNames3(struct dcerpc_pipe *p, sids.count = 0; sids.sids = NULL; - names = talloc_array(mem_ctx, struct lsa_String, tnames->count); + names = talloc_array(tctx, struct lsa_String, tnames->count); for (i=0;i<tnames->count;i++) { init_lsa_String(&names[i], tnames->names[i].name.string); } @@ -396,7 +398,7 @@ static bool test_LookupNames3(struct dcerpc_pipe *p, r.out.sids = &sids; r.out.domains = &domains; - status = dcerpc_lsa_LookupNames3(p, mem_ctx, &r); + status = dcerpc_lsa_LookupNames3(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("LookupNames3 failed - %s\n", nt_errstr(status)); return false; @@ -408,7 +410,7 @@ static bool test_LookupNames3(struct dcerpc_pipe *p, } static bool test_LookupNames4(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct lsa_TransNameArray2 *tnames) { struct lsa_LookupNames4 r; @@ -424,7 +426,7 @@ static bool test_LookupNames4(struct dcerpc_pipe *p, sids.count = 0; sids.sids = NULL; - names = talloc_array(mem_ctx, struct lsa_String, tnames->count); + names = talloc_array(tctx, struct lsa_String, tnames->count); for (i=0;i<tnames->count;i++) { init_lsa_String(&names[i], tnames->names[i].name.string); } @@ -440,7 +442,7 @@ static bool test_LookupNames4(struct dcerpc_pipe *p, r.out.sids = &sids; r.out.domains = &domains; - status = dcerpc_lsa_LookupNames4(p, mem_ctx, &r); + status = dcerpc_lsa_LookupNames4(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("LookupNames4 failed - %s\n", nt_errstr(status)); return false; @@ -453,7 +455,7 @@ static bool test_LookupNames4(struct dcerpc_pipe *p, static bool test_LookupSids(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct lsa_SidArray *sids) { @@ -477,7 +479,7 @@ static bool test_LookupSids(struct dcerpc_pipe *p, r.out.names = &names; r.out.domains = &domains; - status = dcerpc_lsa_LookupSids(p, mem_ctx, &r); + status = dcerpc_lsa_LookupSids(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("LookupSids failed - %s\n", nt_errstr(status)); return false; @@ -485,7 +487,7 @@ static bool test_LookupSids(struct dcerpc_pipe *p, printf("\n"); - if (!test_LookupNames(p, mem_ctx, handle, &names)) { + if (!test_LookupNames(p, tctx, handle, &names)) { return false; } @@ -494,7 +496,7 @@ static bool test_LookupSids(struct dcerpc_pipe *p, static bool test_LookupSids2(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct lsa_SidArray *sids) { @@ -520,7 +522,7 @@ static bool test_LookupSids2(struct dcerpc_pipe *p, r.out.names = &names; r.out.domains = &domains; - status = dcerpc_lsa_LookupSids2(p, mem_ctx, &r); + status = dcerpc_lsa_LookupSids2(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("LookupSids2 failed - %s\n", nt_errstr(status)); return false; @@ -528,11 +530,11 @@ static bool test_LookupSids2(struct dcerpc_pipe *p, printf("\n"); - if (!test_LookupNames2(p, mem_ctx, handle, &names)) { + if (!test_LookupNames2(p, tctx, handle, &names)) { return false; } - if (!test_LookupNames3(p, mem_ctx, handle, &names)) { + if (!test_LookupNames3(p, tctx, handle, &names)) { return false; } @@ -540,7 +542,7 @@ static bool test_LookupSids2(struct dcerpc_pipe *p, } static bool test_LookupSids3(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct lsa_SidArray *sids) { struct lsa_LookupSids3 r; @@ -564,7 +566,7 @@ static bool test_LookupSids3(struct dcerpc_pipe *p, r.out.count = &count; r.out.names = &names; - status = dcerpc_lsa_LookupSids3(p, mem_ctx, &r); + status = dcerpc_lsa_LookupSids3(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) || NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) { @@ -578,7 +580,7 @@ static bool test_LookupSids3(struct dcerpc_pipe *p, printf("\n"); - if (!test_LookupNames4(p, mem_ctx, &names)) { + if (!test_LookupNames4(p, tctx, &names)) { return false; } @@ -586,7 +588,7 @@ static bool test_LookupSids3(struct dcerpc_pipe *p, } bool test_many_LookupSids(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle) { uint32_t count; @@ -598,11 +600,11 @@ bool test_many_LookupSids(struct dcerpc_pipe *p, sids.num_sids = 100; - sids.sids = talloc_array(mem_ctx, struct lsa_SidPtr, sids.num_sids); + sids.sids = talloc_array(tctx, struct lsa_SidPtr, sids.num_sids); for (i=0; i<sids.num_sids; i++) { const char *sidstr = "S-1-5-32-545"; - sids.sids[i].sid = dom_sid_parse_talloc(mem_ctx, sidstr); + sids.sids[i].sid = dom_sid_parse_talloc(tctx, sidstr); } count = sids.num_sids; @@ -623,7 +625,7 @@ bool test_many_LookupSids(struct dcerpc_pipe *p, r.out.names = &names; r.out.domains = &domains; - status = dcerpc_lsa_LookupSids(p, mem_ctx, &r); + status = dcerpc_lsa_LookupSids(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("LookupSids failed - %s\n", nt_errstr(status)); return false; @@ -631,7 +633,7 @@ bool test_many_LookupSids(struct dcerpc_pipe *p, printf("\n"); - if (!test_LookupNames(p, mem_ctx, handle, &names)) { + if (!test_LookupNames(p, tctx, handle, &names)) { return false; } } else if (p->conn->security_state.auth_info->auth_type == DCERPC_AUTH_TYPE_SCHANNEL && @@ -655,7 +657,7 @@ bool test_many_LookupSids(struct dcerpc_pipe *p, r.out.names = &names; r.out.domains = &domains; - status = dcerpc_lsa_LookupSids3(p, mem_ctx, &r); + status = dcerpc_lsa_LookupSids3(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) || NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) { @@ -666,7 +668,7 @@ bool test_many_LookupSids(struct dcerpc_pipe *p, nt_errstr(status)); return false; } - if (!test_LookupNames4(p, mem_ctx, &names)) { + if (!test_LookupNames4(p, tctx, &names)) { return false; } } @@ -694,8 +696,8 @@ static void lookupsids_cb(struct rpc_request *req) } } -static bool test_LookupSids_async(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, +static bool test_LookupSids_async(struct dcerpc_pipe *p, + struct torture_context *tctx, struct policy_handle *handle) { struct lsa_SidArray sids; @@ -709,17 +711,17 @@ static bool test_LookupSids_async(struct dcerpc_pipe *p, bool ret = true; const int num_async_requests = 50; - count = talloc_array(mem_ctx, uint32_t, num_async_requests); - names = talloc_array(mem_ctx, struct lsa_TransNameArray, num_async_requests); - r = talloc_array(mem_ctx, struct lsa_LookupSids, num_async_requests); + count = talloc_array(tctx, uint32_t, num_async_requests); + names = talloc_array(tctx, struct lsa_TransNameArray, num_async_requests); + r = talloc_array(tctx, struct lsa_LookupSids, num_async_requests); printf("\nTesting %d async lookupsids request\n", num_async_requests); - req = talloc_array(mem_ctx, struct rpc_request *, num_async_requests); + req = talloc_array(tctx, struct rpc_request *, num_async_requests); sids.num_sids = 1; sids.sids = &sidptr; - sidptr.sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-545"); + sidptr.sid = dom_sid_parse_talloc(tctx, "S-1-5-32-545"); replies = 0; @@ -761,7 +763,7 @@ static bool test_LookupSids_async(struct dcerpc_pipe *p, } static bool test_LookupPrivValue(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct lsa_String *name) { @@ -773,7 +775,7 @@ static bool test_LookupPrivValue(struct dcerpc_pipe *p, r.in.name = name; r.out.luid = &luid; - status = dcerpc_lsa_LookupPrivValue(p, mem_ctx, &r); + status = dcerpc_lsa_LookupPrivValue(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("\nLookupPrivValue failed - %s\n", nt_errstr(status)); return false; @@ -783,7 +785,7 @@ static bool test_LookupPrivValue(struct dcerpc_pipe *p, } static bool test_LookupPrivName(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct lsa_LUID *luid) { @@ -795,7 +797,7 @@ static bool test_LookupPrivName(struct dcerpc_pipe *p, r.in.luid = luid; r.out.name = &name; - status = dcerpc_lsa_LookupPrivName(p, mem_ctx, &r); + status = dcerpc_lsa_LookupPrivName(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("\nLookupPrivName failed - %s\n", nt_errstr(status)); return false; @@ -805,7 +807,7 @@ static bool test_LookupPrivName(struct dcerpc_pipe *p, } static bool test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct policy_handle *acct_handle, struct lsa_LUID *luid) @@ -823,11 +825,11 @@ static bool test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p, privs.count = 1; privs.unknown = 0; - privs.set = talloc_array(mem_ctx, struct lsa_LUIDAttribute, 1); + privs.set = talloc_array(tctx, struct lsa_LUIDAttribute, 1); privs.set[0].luid = *luid; privs.set[0].attribute = 0; - status = dcerpc_lsa_RemovePrivilegesFromAccount(p, mem_ctx, &r); + status = dcerpc_lsa_RemovePrivilegesFromAccount(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { struct lsa_LookupPrivName r_name; @@ -837,7 +839,7 @@ static bool test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p, r_name.in.luid = luid; r_name.out.name = &name; - status = dcerpc_lsa_LookupPrivName(p, mem_ctx, &r_name); + status = dcerpc_lsa_LookupPrivName(p, tctx, &r_name); if (!NT_STATUS_IS_OK(status)) { printf("\nLookupPrivName failed - %s\n", nt_errstr(status)); return false; @@ -857,7 +859,7 @@ static bool test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p, } static bool test_AddPrivilegesToAccount(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *acct_handle, struct lsa_LUID *luid) { @@ -873,11 +875,11 @@ static bool test_AddPrivilegesToAccount(struct dcerpc_pipe *p, privs.count = 1; privs.unknown = 0; - privs.set = talloc_array(mem_ctx, struct lsa_LUIDAttribute, 1); + privs.set = talloc_array(tctx, struct lsa_LUIDAttribute, 1); privs.set[0].luid = *luid; privs.set[0].attribute = 0; - status = dcerpc_lsa_AddPrivilegesToAccount(p, mem_ctx, &r); + status = dcerpc_lsa_AddPrivilegesToAccount(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("AddPrivilegesToAccount failed - %s\n", nt_errstr(status)); return false; @@ -887,7 +889,7 @@ static bool test_AddPrivilegesToAccount(struct dcerpc_pipe *p, } static bool test_EnumPrivsAccount(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct policy_handle *acct_handle) { @@ -901,7 +903,7 @@ static bool test_EnumPrivsAccount(struct dcerpc_pipe *p, r.in.handle = acct_handle; r.out.privs = &privs; - status = dcerpc_lsa_EnumPrivsAccount(p, mem_ctx, &r); + status = dcerpc_lsa_EnumPrivsAccount(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("EnumPrivsAccount failed - %s\n", nt_errstr(status)); return false; @@ -910,13 +912,13 @@ static bool test_EnumPrivsAccount(struct dcerpc_pipe *p, if (privs && privs->count > 0) { int i; for (i=0;i<privs->count;i++) { - test_LookupPrivName(p, mem_ctx, handle, + test_LookupPrivName(p, tctx, handle, &privs->set[i].luid); } - ret &= test_RemovePrivilegesFromAccount(p, mem_ctx, handle, acct_handle, + ret &= test_RemovePrivilegesFromAccount(p, tctx, handle, acct_handle, &privs->set[0].luid); - ret &= test_AddPrivilegesToAccount(p, mem_ctx, acct_handle, + ret &= test_AddPrivilegesToAccount(p, tctx, acct_handle, &privs->set[0].luid); } @@ -924,7 +926,7 @@ static bool test_EnumPrivsAccount(struct dcerpc_pipe *p, } static bool test_GetSystemAccessAccount(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct policy_handle *acct_handle) { @@ -937,7 +939,7 @@ static bool test_GetSystemAccessAccount(struct dcerpc_pipe *p, r.in.handle = acct_handle; r.out.access_mask = &access_mask; - status = dcerpc_lsa_GetSystemAccessAccount(p, mem_ctx, &r); + status = dcerpc_lsa_GetSystemAccessAccount(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("GetSystemAccessAccount failed - %s\n", nt_errstr(status)); return false; @@ -978,8 +980,8 @@ static bool test_GetSystemAccessAccount(struct dcerpc_pipe *p, } static bool test_Delete(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, - struct policy_handle *handle) + struct torture_context *tctx, + struct policy_handle *handle) { NTSTATUS status; struct lsa_Delete r; @@ -987,7 +989,7 @@ static bool test_Delete(struct dcerpc_pipe *p, printf("\nTesting Delete\n"); r.in.handle = handle; - status = dcerpc_lsa_Delete(p, mem_ctx, &r); + status = dcerpc_lsa_Delete(p, tctx, &r); if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) { printf("Delete should have failed NT_STATUS_NOT_SUPPORTED - %s\n", nt_errstr(status)); return false; @@ -997,7 +999,7 @@ static bool test_Delete(struct dcerpc_pipe *p, } static bool test_DeleteObject(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle) { NTSTATUS status; @@ -1007,7 +1009,7 @@ static bool test_DeleteObject(struct dcerpc_pipe *p, r.in.handle = handle; r.out.handle = handle; - status = dcerpc_lsa_DeleteObject(p, mem_ctx, &r); + status = dcerpc_lsa_DeleteObject(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("DeleteObject failed - %s\n", nt_errstr(status)); return false; @@ -1018,7 +1020,7 @@ static bool test_DeleteObject(struct dcerpc_pipe *p, static bool test_CreateAccount(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle) { NTSTATUS status; @@ -1026,7 +1028,7 @@ static bool test_CreateAccount(struct dcerpc_pipe *p, struct dom_sid2 *newsid; struct policy_handle acct_handle; - newsid = dom_sid_parse_talloc(mem_ctx, "S-1-5-12349876-4321-2854"); + newsid = dom_sid_parse_talloc(tctx, "S-1-5-12349876-4321-2854"); printf("\nTesting CreateAccount\n"); @@ -1035,7 +1037,7 @@ static bool test_CreateAccount(struct dcerpc_pipe *p, r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.acct_handle = &acct_handle; - status = dcerpc_lsa_CreateAccount(p, mem_ctx, &r); + status = dcerpc_lsa_CreateAccount(p, tctx, &r); if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) { struct lsa_OpenAccount r_o; r_o.in.handle = handle; @@ -1043,7 +1045,7 @@ static bool test_CreateAccount(struct dcerpc_pipe *p, r_o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r_o.out.acct_handle = &acct_handle; - status = dcerpc_lsa_OpenAccount(p, mem_ctx, &r_o); + status = dcerpc_lsa_OpenAccount(p, tctx, &r_o); if (!NT_STATUS_IS_OK(status)) { printf("OpenAccount failed - %s\n", nt_errstr(status)); return false; @@ -1053,11 +1055,11 @@ static bool test_CreateAccount(struct dcerpc_pipe *p, return false; } - if (!test_Delete(p, mem_ctx, &acct_handle)) { + if (!test_Delete(p, tctx, &acct_handle)) { return false; } - if (!test_DeleteObject(p, mem_ctx, &acct_handle)) { + if (!test_DeleteObject(p, tctx, &acct_handle)) { return false; } @@ -1065,7 +1067,7 @@ static bool test_CreateAccount(struct dcerpc_pipe *p, } static bool test_DeleteTrustedDomain(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct lsa_StringLarge name) { @@ -1078,17 +1080,17 @@ static bool test_DeleteTrustedDomain(struct dcerpc_pipe *p, r.in.access_mask = SEC_STD_DELETE; r.out.trustdom_handle = &trustdom_handle; - status = dcerpc_lsa_OpenTrustedDomainByName(p, mem_ctx, &r); + status = dcerpc_lsa_OpenTrustedDomainByName(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("OpenTrustedDomainByName failed - %s\n", nt_errstr(status)); return false; } - if (!test_Delete(p, mem_ctx, &trustdom_handle)) { + if (!test_Delete(p, tctx, &trustdom_handle)) { return false; } - if (!test_DeleteObject(p, mem_ctx, &trustdom_handle)) { + if (!test_DeleteObject(p, tctx, &trustdom_handle)) { return false; } @@ -1096,7 +1098,7 @@ static bool test_DeleteTrustedDomain(struct dcerpc_pipe *p, } static bool test_DeleteTrustedDomainBySid(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct dom_sid *sid) { @@ -1106,7 +1108,7 @@ static bool test_DeleteTrustedDomainBySid(struct dcerpc_pipe *p, r.in.handle = handle; r.in.dom_sid = sid; - status = dcerpc_lsa_DeleteTrustedDomain(p, mem_ctx, &r); + status = dcerpc_lsa_DeleteTrustedDomain(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("DeleteTrustedDomain failed - %s\n", nt_errstr(status)); return false; @@ -1117,7 +1119,7 @@ static bool test_DeleteTrustedDomainBySid(struct dcerpc_pipe *p, static bool test_CreateSecret(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle) { NTSTATUS status; @@ -1150,8 +1152,8 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, const int LOCAL = 0; const int GLOBAL = 1; - secname[LOCAL] = talloc_asprintf(mem_ctx, "torturesecret-%u", (uint_t)random()); - secname[GLOBAL] = talloc_asprintf(mem_ctx, "G$torturesecret-%u", (uint_t)random()); + secname[LOCAL] = talloc_asprintf(tctx, "torturesecret-%u", (uint_t)random()); + secname[GLOBAL] = talloc_asprintf(tctx, "G$torturesecret-%u", (uint_t)random()); for (i=0; i< 2; i++) { printf("\nTesting CreateSecret of %s\n", secname[i]); @@ -1162,7 +1164,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.sec_handle = &sec_handle; - status = dcerpc_lsa_CreateSecret(p, mem_ctx, &r); + status = dcerpc_lsa_CreateSecret(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("CreateSecret failed - %s\n", nt_errstr(status)); return false; @@ -1172,7 +1174,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.sec_handle = &sec_handle3; - status = dcerpc_lsa_CreateSecret(p, mem_ctx, &r); + status = dcerpc_lsa_CreateSecret(p, tctx, &r); if (!NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) { printf("CreateSecret should have failed OBJECT_NAME_COLLISION - %s\n", nt_errstr(status)); return false; @@ -1185,7 +1187,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, printf("Testing OpenSecret\n"); - status = dcerpc_lsa_OpenSecret(p, mem_ctx, &r2); + status = dcerpc_lsa_OpenSecret(p, tctx, &r2); if (!NT_STATUS_IS_OK(status)) { printf("OpenSecret failed - %s\n", nt_errstr(status)); return false; @@ -1208,7 +1210,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, printf("Testing SetSecret\n"); - status = dcerpc_lsa_SetSecret(p, mem_ctx, &r3); + status = dcerpc_lsa_SetSecret(p, tctx, &r3); if (!NT_STATUS_IS_OK(status)) { printf("SetSecret failed - %s\n", nt_errstr(status)); return false; @@ -1226,7 +1228,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, printf("Testing SetSecret with broken key\n"); - status = dcerpc_lsa_SetSecret(p, mem_ctx, &r3); + status = dcerpc_lsa_SetSecret(p, tctx, &r3); if (!NT_STATUS_EQUAL(status, NT_STATUS_UNKNOWN_REVISION)) { printf("SetSecret should have failed UNKNOWN_REVISION - %s\n", nt_errstr(status)); ret = false; @@ -1247,7 +1249,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, bufp1.buf = NULL; printf("Testing QuerySecret\n"); - status = dcerpc_lsa_QuerySecret(p, mem_ctx, &r4); + status = dcerpc_lsa_QuerySecret(p, tctx, &r4); if (!NT_STATUS_IS_OK(status)) { printf("QuerySecret failed - %s\n", nt_errstr(status)); ret = false; @@ -1259,9 +1261,9 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, blob1.data = r4.out.new_val->buf->data; blob1.length = r4.out.new_val->buf->size; - blob2 = data_blob_talloc(mem_ctx, NULL, blob1.length); + blob2 = data_blob_talloc(tctx, NULL, blob1.length); - secret2 = sess_decrypt_string(mem_ctx, + secret2 = sess_decrypt_string(tctx, &blob1, &session_key); if (strcmp(secret1, secret2) != 0) { @@ -1285,7 +1287,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, msleep(200); printf("Testing SetSecret (existing value should move to old)\n"); - status = dcerpc_lsa_SetSecret(p, mem_ctx, &r5); + status = dcerpc_lsa_SetSecret(p, tctx, &r5); if (!NT_STATUS_IS_OK(status)) { printf("SetSecret failed - %s\n", nt_errstr(status)); ret = false; @@ -1306,7 +1308,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, bufp1.buf = NULL; bufp2.buf = NULL; - status = dcerpc_lsa_QuerySecret(p, mem_ctx, &r6); + status = dcerpc_lsa_QuerySecret(p, tctx, &r6); if (!NT_STATUS_IS_OK(status)) { printf("QuerySecret failed - %s\n", nt_errstr(status)); ret = false; @@ -1322,9 +1324,9 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, blob1.data = r6.out.new_val->buf->data; blob1.length = r6.out.new_val->buf->size; - blob2 = data_blob_talloc(mem_ctx, NULL, blob1.length); + blob2 = data_blob_talloc(tctx, NULL, blob1.length); - secret4 = sess_decrypt_string(mem_ctx, + secret4 = sess_decrypt_string(tctx, &blob1, &session_key); if (strcmp(secret3, secret4) != 0) { @@ -1335,9 +1337,9 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, blob1.data = r6.out.old_val->buf->data; blob1.length = r6.out.old_val->buf->length; - blob2 = data_blob_talloc(mem_ctx, NULL, blob1.length); + blob2 = data_blob_talloc(tctx, NULL, blob1.length); - secret2 = sess_decrypt_string(mem_ctx, + secret2 = sess_decrypt_string(tctx, &blob1, &session_key); if (strcmp(secret1, secret2) != 0) { @@ -1349,8 +1351,8 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, printf("Returned secret (r6-%d) %s must not have same mtime for both secrets: %s != %s\n", i, secname[i], - nt_time_string(mem_ctx, *r6.out.old_mtime), - nt_time_string(mem_ctx, *r6.out.new_mtime)); + nt_time_string(tctx, *r6.out.old_mtime), + nt_time_string(tctx, *r6.out.new_mtime)); ret = false; } } @@ -1367,7 +1369,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, printf("Testing SetSecret of old Secret only\n"); - status = dcerpc_lsa_SetSecret(p, mem_ctx, &r7); + status = dcerpc_lsa_SetSecret(p, tctx, &r7); if (!NT_STATUS_IS_OK(status)) { printf("SetSecret failed - %s\n", nt_errstr(status)); ret = false; @@ -1385,7 +1387,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, bufp1.buf = NULL; bufp2.buf = NULL; - status = dcerpc_lsa_QuerySecret(p, mem_ctx, &r8); + status = dcerpc_lsa_QuerySecret(p, tctx, &r8); if (!NT_STATUS_IS_OK(status)) { printf("QuerySecret failed - %s\n", nt_errstr(status)); ret = false; @@ -1406,9 +1408,9 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, blob1.data = r8.out.old_val->buf->data; blob1.length = r8.out.old_val->buf->size; - blob2 = data_blob_talloc(mem_ctx, NULL, blob1.length); + blob2 = data_blob_talloc(tctx, NULL, blob1.length); - secret6 = sess_decrypt_string(mem_ctx, + secret6 = sess_decrypt_string(tctx, &blob1, &session_key); if (strcmp(secret5, secret6) != 0) { @@ -1419,24 +1421,24 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, if (*r8.out.new_mtime != *r8.out.old_mtime) { printf("Returned secret (r8) %s did not had same mtime for both secrets: %s != %s\n", secname[i], - nt_time_string(mem_ctx, *r8.out.old_mtime), - nt_time_string(mem_ctx, *r8.out.new_mtime)); + nt_time_string(tctx, *r8.out.old_mtime), + nt_time_string(tctx, *r8.out.new_mtime)); ret = false; } } } - if (!test_Delete(p, mem_ctx, &sec_handle)) { + if (!test_Delete(p, tctx, &sec_handle)) { ret = false; } - if (!test_DeleteObject(p, mem_ctx, &sec_handle)) { + if (!test_DeleteObject(p, tctx, &sec_handle)) { return false; } d_o.in.handle = &sec_handle2; d_o.out.handle = &sec_handle2; - status = dcerpc_lsa_DeleteObject(p, mem_ctx, &d_o); + status = dcerpc_lsa_DeleteObject(p, tctx, &d_o); if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_HANDLE)) { printf("Second delete expected INVALID_HANDLE - %s\n", nt_errstr(status)); ret = false; @@ -1444,7 +1446,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, printf("Testing OpenSecret of just-deleted secret\n"); - status = dcerpc_lsa_OpenSecret(p, mem_ctx, &r2); + status = dcerpc_lsa_OpenSecret(p, tctx, &r2); if (!NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) { printf("OpenSecret expected OBJECT_NAME_NOT_FOUND - %s\n", nt_errstr(status)); ret = false; @@ -1458,7 +1460,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, static bool test_EnumAccountRights(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *acct_handle, struct dom_sid *sid) { @@ -1472,10 +1474,10 @@ static bool test_EnumAccountRights(struct dcerpc_pipe *p, r.in.sid = sid; r.out.rights = &rights; - status = dcerpc_lsa_EnumAccountRights(p, mem_ctx, &r); + status = dcerpc_lsa_EnumAccountRights(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("EnumAccountRights of %s failed - %s\n", - dom_sid_string(mem_ctx, sid), nt_errstr(status)); + dom_sid_string(tctx, sid), nt_errstr(status)); return false; } @@ -1513,7 +1515,7 @@ static bool test_QuerySecurity(struct dcerpc_pipe *p, } static bool test_OpenAccount(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct dom_sid *sid) { @@ -1528,21 +1530,21 @@ static bool test_OpenAccount(struct dcerpc_pipe *p, r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.acct_handle = &acct_handle; - status = dcerpc_lsa_OpenAccount(p, mem_ctx, &r); + status = dcerpc_lsa_OpenAccount(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("OpenAccount failed - %s\n", nt_errstr(status)); return false; } - if (!test_EnumPrivsAccount(p, mem_ctx, handle, &acct_handle)) { + if (!test_EnumPrivsAccount(p, tctx, handle, &acct_handle)) { return false; } - if (!test_GetSystemAccessAccount(p, mem_ctx, handle, &acct_handle)) { + if (!test_GetSystemAccessAccount(p, tctx, handle, &acct_handle)) { return false; } - if (!test_QuerySecurity(p, mem_ctx, handle, &acct_handle)) { + if (!test_QuerySecurity(p, tctx, handle, &acct_handle)) { return false; } @@ -1550,8 +1552,8 @@ static bool test_OpenAccount(struct dcerpc_pipe *p, } static bool test_EnumAccounts(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, - struct policy_handle *handle) + struct torture_context *tctx, + struct policy_handle *handle) { NTSTATUS status; struct lsa_EnumAccounts r; @@ -1570,7 +1572,7 @@ static bool test_EnumAccounts(struct dcerpc_pipe *p, resume_handle = 0; while (true) { - status = dcerpc_lsa_EnumAccounts(p, mem_ctx, &r); + status = dcerpc_lsa_EnumAccounts(p, tctx, &r); if (NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES)) { break; } @@ -1579,11 +1581,11 @@ static bool test_EnumAccounts(struct dcerpc_pipe *p, return false; } - if (!test_LookupSids(p, mem_ctx, handle, &sids1)) { + if (!test_LookupSids(p, tctx, handle, &sids1)) { return false; } - if (!test_LookupSids2(p, mem_ctx, handle, &sids1)) { + if (!test_LookupSids2(p, tctx, handle, &sids1)) { return false; } @@ -1593,8 +1595,8 @@ static bool test_EnumAccounts(struct dcerpc_pipe *p, printf("Testing all accounts\n"); for (i=0;i<sids1.num_sids;i++) { - ret &= test_OpenAccount(p, mem_ctx, handle, sids1.sids[i].sid); - ret &= test_EnumAccountRights(p, mem_ctx, handle, sids1.sids[i].sid); + ret &= test_OpenAccount(p, tctx, handle, sids1.sids[i].sid); + ret &= test_EnumAccountRights(p, tctx, handle, sids1.sids[i].sid); } printf("\n"); } @@ -1608,7 +1610,7 @@ static bool test_EnumAccounts(struct dcerpc_pipe *p, r.in.num_entries = 1; r.out.sids = &sids2; - status = dcerpc_lsa_EnumAccounts(p, mem_ctx, &r); + status = dcerpc_lsa_EnumAccounts(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("EnumAccounts failed - %s\n", nt_errstr(status)); return false; @@ -1623,9 +1625,9 @@ static bool test_EnumAccounts(struct dcerpc_pipe *p, } static bool test_LookupPrivDisplayName(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, - struct policy_handle *handle, - struct lsa_String *priv_name) + struct torture_context *tctx, + struct policy_handle *handle, + struct lsa_String *priv_name) { struct lsa_LookupPrivDisplayName r; NTSTATUS status; @@ -1644,7 +1646,7 @@ static bool test_LookupPrivDisplayName(struct dcerpc_pipe *p, r.out.returned_language_id = &returned_language_id; r.out.disp_name = &disp_name; - status = dcerpc_lsa_LookupPrivDisplayName(p, mem_ctx, &r); + status = dcerpc_lsa_LookupPrivDisplayName(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("LookupPrivDisplayName failed - %s\n", nt_errstr(status)); return false; @@ -1656,10 +1658,10 @@ static bool test_LookupPrivDisplayName(struct dcerpc_pipe *p, return true; } -static bool test_EnumAccountsWithUserRight(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, - struct policy_handle *handle, - struct lsa_String *priv_name) +static bool test_EnumAccountsWithUserRight(struct dcerpc_pipe *p, + struct torture_context *tctx, + struct policy_handle *handle, + struct lsa_String *priv_name) { struct lsa_EnumAccountsWithUserRight r; struct lsa_SidArray sids; @@ -1673,7 +1675,7 @@ static bool test_EnumAccountsWithUserRight(struct dcerpc_pipe *p, r.in.name = priv_name; r.out.sids = &sids; - status = dcerpc_lsa_EnumAccountsWithUserRight(p, mem_ctx, &r); + status = dcerpc_lsa_EnumAccountsWithUserRight(p, tctx, &r); /* NT_STATUS_NO_MORE_ENTRIES means noone has this privilege */ if (NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES)) { @@ -1689,8 +1691,8 @@ static bool test_EnumAccountsWithUserRight(struct dcerpc_pipe *p, } -static bool test_EnumPrivs(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, +static bool test_EnumPrivs(struct dcerpc_pipe *p, + struct torture_context *tctx, struct policy_handle *handle) { NTSTATUS status; @@ -1709,16 +1711,16 @@ static bool test_EnumPrivs(struct dcerpc_pipe *p, r.out.privs = &privs1; resume_handle = 0; - status = dcerpc_lsa_EnumPrivs(p, mem_ctx, &r); + status = dcerpc_lsa_EnumPrivs(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("EnumPrivs failed - %s\n", nt_errstr(status)); return false; } for (i = 0; i< privs1.count; i++) { - test_LookupPrivDisplayName(p, mem_ctx, handle, (struct lsa_String *)&privs1.privs[i].name); - test_LookupPrivValue(p, mem_ctx, handle, (struct lsa_String *)&privs1.privs[i].name); - if (!test_EnumAccountsWithUserRight(p, mem_ctx, handle, (struct lsa_String *)&privs1.privs[i].name)) { + test_LookupPrivDisplayName(p, tctx, handle, (struct lsa_String *)&privs1.privs[i].name); + test_LookupPrivValue(p, tctx, handle, (struct lsa_String *)&privs1.privs[i].name); + if (!test_EnumAccountsWithUserRight(p, tctx, handle, (struct lsa_String *)&privs1.privs[i].name)) { ret = false; } } @@ -1768,7 +1770,7 @@ static bool test_QueryForestTrustInformation(struct dcerpc_pipe *p, } static bool test_query_each_TrustDomEx(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct lsa_DomainListEx *domains) { @@ -1778,7 +1780,7 @@ static bool test_query_each_TrustDomEx(struct dcerpc_pipe *p, for (i=0; i< domains->count; i++) { if (domains->domains[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) { - ret &= test_QueryForestTrustInformation(p, mem_ctx, handle, + ret &= test_QueryForestTrustInformation(p, tctx, handle, domains->domains[i].domain_name.string); } } @@ -1787,7 +1789,7 @@ static bool test_query_each_TrustDomEx(struct dcerpc_pipe *p, } static bool test_query_each_TrustDom(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle, struct lsa_DomainList *domains) { @@ -1812,7 +1814,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p, trust.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; trust.out.trustdom_handle = &trustdom_handle; - status = dcerpc_lsa_OpenTrustedDomain(p, mem_ctx, &trust); + status = dcerpc_lsa_OpenTrustedDomain(p, tctx, &trust); if (!NT_STATUS_IS_OK(status)) { printf("OpenTrustedDomain failed - %s\n", nt_errstr(status)); @@ -1831,7 +1833,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p, q.in.trustdom_handle = &trustdom_handle; q.in.level = levels[j]; q.out.info = &info; - status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q); + status = dcerpc_lsa_QueryTrustedDomainInfo(p, tctx, &q); if (!NT_STATUS_IS_OK(status) && ok[j]) { printf("QueryTrustedDomainInfo level %d failed - %s\n", levels[j], nt_errstr(status)); @@ -1843,7 +1845,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p, } } - status = dcerpc_lsa_CloseTrustedDomainEx(p, mem_ctx, &c_trust); + status = dcerpc_lsa_CloseTrustedDomainEx(p, tctx, &c_trust); if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) { printf("Expected CloseTrustedDomainEx to return NT_STATUS_NOT_IMPLEMENTED, instead - %s\n", nt_errstr(status)); return false; @@ -1852,7 +1854,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p, c.in.handle = &trustdom_handle; c.out.handle = &handle2; - status = dcerpc_lsa_Close(p, mem_ctx, &c); + status = dcerpc_lsa_Close(p, tctx, &c); if (!NT_STATUS_IS_OK(status)) { printf("Close of trusted domain failed - %s\n", nt_errstr(status)); return false; @@ -1871,7 +1873,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p, q.in.level = levels[j]; q.out.info = &info; - status = dcerpc_lsa_QueryTrustedDomainInfoBySid(p, mem_ctx, &q); + status = dcerpc_lsa_QueryTrustedDomainInfoBySid(p, tctx, &q); if (!NT_STATUS_IS_OK(status) && ok[j]) { printf("QueryTrustedDomainInfoBySid level %d failed - %s\n", levels[j], nt_errstr(status)); @@ -1889,7 +1891,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p, trust_by_name.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; trust_by_name.out.trustdom_handle = &trustdom_handle; - status = dcerpc_lsa_OpenTrustedDomainByName(p, mem_ctx, &trust_by_name); + status = dcerpc_lsa_OpenTrustedDomainByName(p, tctx, &trust_by_name); if (!NT_STATUS_IS_OK(status)) { printf("OpenTrustedDomainByName failed - %s\n", nt_errstr(status)); @@ -1902,7 +1904,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p, q.in.trustdom_handle = &trustdom_handle; q.in.level = levels[j]; q.out.info = &info; - status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q); + status = dcerpc_lsa_QueryTrustedDomainInfo(p, tctx, &q); if (!NT_STATUS_IS_OK(status) && ok[j]) { printf("QueryTrustedDomainInfo level %d failed - %s\n", levels[j], nt_errstr(status)); @@ -1917,7 +1919,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p, c.in.handle = &trustdom_handle; c.out.handle = &handle2; - status = dcerpc_lsa_Close(p, mem_ctx, &c); + status = dcerpc_lsa_Close(p, tctx, &c); if (!NT_STATUS_IS_OK(status)) { printf("Close of trusted domain failed - %s\n", nt_errstr(status)); return false; @@ -1934,7 +1936,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p, q.in.trusted_domain = &name; q.in.level = levels[j]; q.out.info = &info; - status = dcerpc_lsa_QueryTrustedDomainInfoByName(p, mem_ctx, &q); + status = dcerpc_lsa_QueryTrustedDomainInfoByName(p, tctx, &q); if (!NT_STATUS_IS_OK(status) && ok[j]) { printf("QueryTrustedDomainInfoByName level %d failed - %s\n", levels[j], nt_errstr(status)); @@ -1950,7 +1952,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p, } static bool test_EnumTrustDom(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle) { struct lsa_EnumTrustDom r; @@ -1969,7 +1971,7 @@ static bool test_EnumTrustDom(struct dcerpc_pipe *p, r.out.domains = &domains; r.out.resume_handle = &resume_handle; - enum_status = dcerpc_lsa_EnumTrustDom(p, mem_ctx, &r); + enum_status = dcerpc_lsa_EnumTrustDom(p, tctx, &r); if (NT_STATUS_IS_OK(enum_status)) { if (domains.count == 0) { @@ -1991,7 +1993,7 @@ static bool test_EnumTrustDom(struct dcerpc_pipe *p, r.out.domains = &domains; r.out.resume_handle = &resume_handle; - enum_status = dcerpc_lsa_EnumTrustDom(p, mem_ctx, &r); + enum_status = dcerpc_lsa_EnumTrustDom(p, tctx, &r); /* NO_MORE_ENTRIES is allowed */ if (NT_STATUS_EQUAL(enum_status, NT_STATUS_NO_MORE_ENTRIES)) { @@ -2019,7 +2021,7 @@ static bool test_EnumTrustDom(struct dcerpc_pipe *p, return false; } - ret &= test_query_each_TrustDom(p, mem_ctx, handle, &domains); + ret &= test_query_each_TrustDom(p, tctx, handle, &domains); } while ((NT_STATUS_EQUAL(enum_status, STATUS_MORE_ENTRIES))); @@ -2031,7 +2033,7 @@ static bool test_EnumTrustDom(struct dcerpc_pipe *p, r_ex.out.domains = &domains_ex; r_ex.out.resume_handle = &resume_handle; - enum_status = dcerpc_lsa_EnumTrustedDomainsEx(p, mem_ctx, &r_ex); + enum_status = dcerpc_lsa_EnumTrustedDomainsEx(p, tctx, &r_ex); if (!(NT_STATUS_EQUAL(enum_status, STATUS_MORE_ENTRIES) || NT_STATUS_EQUAL(enum_status, NT_STATUS_NO_MORE_ENTRIES))) { printf("EnumTrustedDomainEx of zero size failed - %s\n", nt_errstr(enum_status)); @@ -2046,7 +2048,7 @@ static bool test_EnumTrustDom(struct dcerpc_pipe *p, r_ex.out.domains = &domains_ex; r_ex.out.resume_handle = &resume_handle; - enum_status = dcerpc_lsa_EnumTrustedDomainsEx(p, mem_ctx, &r_ex); + enum_status = dcerpc_lsa_EnumTrustedDomainsEx(p, tctx, &r_ex); /* NO_MORE_ENTRIES is allowed */ if (NT_STATUS_EQUAL(enum_status, NT_STATUS_NO_MORE_ENTRIES)) { @@ -2075,7 +2077,7 @@ static bool test_EnumTrustDom(struct dcerpc_pipe *p, return false; } - ret &= test_query_each_TrustDomEx(p, mem_ctx, handle, &domains_ex); + ret &= test_query_each_TrustDomEx(p, tctx, handle, &domains_ex); } while ((NT_STATUS_EQUAL(enum_status, STATUS_MORE_ENTRIES))); @@ -2083,7 +2085,7 @@ static bool test_EnumTrustDom(struct dcerpc_pipe *p, } static bool test_CreateTrustedDomain(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle) { NTSTATUS status; @@ -2098,15 +2100,15 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p, printf("\nTesting CreateTrustedDomain for 12 domains\n"); - if (!test_EnumTrustDom(p, mem_ctx, handle)) { + if (!test_EnumTrustDom(p, tctx, handle)) { ret = false; } for (i=0; i< 12; i++) { - char *trust_name = talloc_asprintf(mem_ctx, "torturedom%02d", i); - char *trust_sid = talloc_asprintf(mem_ctx, "S-1-5-21-97398-379795-100%02d", i); + char *trust_name = talloc_asprintf(tctx, "torturedom%02d", i); + char *trust_sid = talloc_asprintf(tctx, "S-1-5-21-97398-379795-100%02d", i); - domsid[i] = dom_sid_parse_talloc(mem_ctx, trust_sid); + domsid[i] = dom_sid_parse_talloc(tctx, trust_sid); trustinfo.sid = domsid[i]; init_lsa_String((struct lsa_String *)&trustinfo.name, trust_name); @@ -2116,10 +2118,10 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p, r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.trustdom_handle = &trustdom_handle[i]; - status = dcerpc_lsa_CreateTrustedDomain(p, mem_ctx, &r); + status = dcerpc_lsa_CreateTrustedDomain(p, tctx, &r); if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) { - test_DeleteTrustedDomain(p, mem_ctx, handle, trustinfo.name); - status = dcerpc_lsa_CreateTrustedDomain(p, mem_ctx, &r); + test_DeleteTrustedDomain(p, tctx, handle, trustinfo.name); + status = dcerpc_lsa_CreateTrustedDomain(p, tctx, &r); } if (!NT_STATUS_IS_OK(status)) { printf("CreateTrustedDomain failed - %s\n", nt_errstr(status)); @@ -2129,7 +2131,7 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p, q.in.trustdom_handle = &trustdom_handle[i]; q.in.level = LSA_TRUSTED_DOMAIN_INFO_INFO_EX; q.out.info = &info; - status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q); + status = dcerpc_lsa_QueryTrustedDomainInfo(p, tctx, &q); if (!NT_STATUS_IS_OK(status)) { printf("QueryTrustedDomainInfo level 1 failed - %s\n", nt_errstr(status)); ret = false; @@ -2161,12 +2163,12 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p, } /* now that we have some domains to look over, we can test the enum calls */ - if (!test_EnumTrustDom(p, mem_ctx, handle)) { + if (!test_EnumTrustDom(p, tctx, handle)) { ret = false; } for (i=0; i<12; i++) { - if (!test_DeleteTrustedDomainBySid(p, mem_ctx, handle, domsid[i])) { + if (!test_DeleteTrustedDomainBySid(p, tctx, handle, domsid[i])) { ret = false; } } @@ -2176,7 +2178,6 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p, static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, struct torture_context *tctx, - TALLOC_CTX *mem_ctx, struct policy_handle *handle) { NTSTATUS status; @@ -2203,11 +2204,11 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, } for (i=0; i< 12; i++) { - char *trust_name = talloc_asprintf(mem_ctx, "torturedom%02d", i); - char *trust_name_dns = talloc_asprintf(mem_ctx, "torturedom%02d.samba.example.com", i); - char *trust_sid = talloc_asprintf(mem_ctx, "S-1-5-21-97398-379795-100%02d", i); - - domsid[i] = dom_sid_parse_talloc(mem_ctx, trust_sid); + char *trust_name = talloc_asprintf(tctx, "torturedom%02d", i); + char *trust_name_dns = talloc_asprintf(tctx, "torturedom%02d.samba.example.com", i); + char *trust_sid = talloc_asprintf(tctx, "S-1-5-21-97398-379795-100%02d", i); + + domsid[i] = dom_sid_parse_talloc(tctx, trust_sid); trustinfo.sid = domsid[i]; trustinfo.netbios_name.string = trust_name; @@ -2232,7 +2233,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, auth_struct.outgoing.count = 0; auth_struct.incoming.count = 0; - ndr_err = ndr_push_struct_blob(&auth_blob, mem_ctx, lp_iconv_convenience(tctx->lp_ctx), &auth_struct, + ndr_err = ndr_push_struct_blob(&auth_blob, tctx, lp_iconv_convenience(tctx->lp_ctx), &auth_struct, (ndr_push_flags_fn_t)ndr_push_trustDomainPasswords); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { printf("ndr_push_struct_blob of trustDomainPasswords structure failed"); @@ -2249,11 +2250,11 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, r.in.auth_info = &authinfo; r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.trustdom_handle = &trustdom_handle[i]; - - status = dcerpc_lsa_CreateTrustedDomainEx2(p, mem_ctx, &r); + + status = dcerpc_lsa_CreateTrustedDomainEx2(p, tctx, &r); if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) { - test_DeleteTrustedDomain(p, mem_ctx, handle, trustinfo.netbios_name); - status = dcerpc_lsa_CreateTrustedDomainEx2(p, mem_ctx, &r); + test_DeleteTrustedDomain(p, tctx, handle, trustinfo.netbios_name); + status = dcerpc_lsa_CreateTrustedDomainEx2(p, tctx, &r); } if (!NT_STATUS_IS_OK(status)) { printf("CreateTrustedDomainEx failed2 - %s\n", nt_errstr(status)); @@ -2263,7 +2264,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, q.in.trustdom_handle = &trustdom_handle[i]; q.in.level = LSA_TRUSTED_DOMAIN_INFO_INFO_EX; q.out.info = &info; - status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q); + status = dcerpc_lsa_QueryTrustedDomainInfo(p, tctx, &q); if (!NT_STATUS_IS_OK(status)) { printf("QueryTrustedDomainInfo level 1 failed - %s\n", nt_errstr(status)); ret = false; @@ -2296,13 +2297,13 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, } /* now that we have some domains to look over, we can test the enum calls */ - if (!test_EnumTrustDom(p, mem_ctx, handle)) { + if (!test_EnumTrustDom(p, tctx, handle)) { printf("test_EnumTrustDom failed\n"); ret = false; } for (i=0; i<12; i++) { - if (!test_DeleteTrustedDomainBySid(p, mem_ctx, handle, domsid[i])) { + if (!test_DeleteTrustedDomainBySid(p, tctx, handle, domsid[i])) { printf("test_DeleteTrustedDomainBySid failed\n"); ret = false; } @@ -2485,7 +2486,8 @@ static bool test_QueryInfoPolicy2(struct dcerpc_pipe *p, return test_QueryInfoPolicyCalls(true, p, tctx, handle); } -static bool test_GetUserName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) +static bool test_GetUserName(struct dcerpc_pipe *p, + struct torture_context *tctx) { struct lsa_GetUserName r; NTSTATUS status; @@ -2500,7 +2502,7 @@ static bool test_GetUserName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) r.in.authority_name = NULL; r.out.account_name = &account_name_p; - status = dcerpc_lsa_GetUserName(p, mem_ctx, &r); + status = dcerpc_lsa_GetUserName(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("GetUserName failed - %s\n", nt_errstr(status)); @@ -2512,7 +2514,7 @@ static bool test_GetUserName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) r.in.authority_name = &authority_name_p; r.out.account_name = &account_name_p; - status = dcerpc_lsa_GetUserName(p, mem_ctx, &r); + status = dcerpc_lsa_GetUserName(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("GetUserName failed - %s\n", nt_errstr(status)); @@ -2523,7 +2525,7 @@ static bool test_GetUserName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) } bool test_lsa_Close(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + struct torture_context *tctx, struct policy_handle *handle) { NTSTATUS status; @@ -2535,13 +2537,13 @@ bool test_lsa_Close(struct dcerpc_pipe *p, r.in.handle = handle; r.out.handle = &handle2; - status = dcerpc_lsa_Close(p, mem_ctx, &r); + status = dcerpc_lsa_Close(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("Close failed - %s\n", nt_errstr(status)); return false; } - status = dcerpc_lsa_Close(p, mem_ctx, &r); + status = dcerpc_lsa_Close(p, tctx, &r); /* its really a fault - we need a status code for rpc fault */ if (!NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) { printf("Close failed - %s\n", nt_errstr(status)); @@ -2607,7 +2609,7 @@ bool torture_rpc_lsa(struct torture_context *tctx) ret = false; } - if (!test_CreateTrustedDomainEx2(p, tctx, tctx, handle)) { + if (!test_CreateTrustedDomainEx2(p, tctx, handle)) { ret = false; } @@ -2654,26 +2656,20 @@ bool torture_rpc_lsa(struct torture_context *tctx) return ret; } -bool torture_rpc_lsa_get_user(struct torture_context *torture) +bool torture_rpc_lsa_get_user(struct torture_context *tctx) { NTSTATUS status; struct dcerpc_pipe *p; - TALLOC_CTX *mem_ctx; bool ret = true; - mem_ctx = talloc_init("torture_rpc_lsa_get_user"); - - status = torture_rpc_connection(torture, &p, &ndr_table_lsarpc); + status = torture_rpc_connection(tctx, &p, &ndr_table_lsarpc); if (!NT_STATUS_IS_OK(status)) { - talloc_free(mem_ctx); return false; } - if (!test_GetUserName(p, mem_ctx)) { + if (!test_GetUserName(p, tctx)) { ret = false; } - - talloc_free(mem_ctx); return ret; } |