1 files changed, 136 insertions, 0 deletions

diff --git a/source4/torture/rpc/handles.c b/source4/torture/rpc/handles.c
index 2dd9350dd7..1ef99e6132 100644
--- a/source4/torture/rpc/handles.c
+++ b/source4/torture/rpc/handles.c
@@ -385,6 +385,140 @@ static bool test_handles_samr(struct torture_context *torture)
 	return true;
 }
 
+static bool test_handles_mixed_shared(struct torture_context *torture)
+{
+	NTSTATUS status;
+	struct dcerpc_pipe *p1, *p2, *p3, *p4, *p5, *p6;
+	struct policy_handle handle;
+	struct policy_handle handle2;
+	struct samr_Connect r;
+	struct lsa_Close lc;
+	struct samr_Close sc;
+	TALLOC_CTX *mem_ctx = talloc_new(torture);
+	enum dcerpc_transport_t transport;
+	uint32_t assoc_group_id;
+
+	torture_comment(torture, "RPC-HANDLE-MIXED-SHARED\n");
+
+	if (lp_parm_bool(-1, "torture", "samba4", False)) {
+		torture_comment(torture, "Mixed shared-policy-handle test against Samba4 - skipping\n");
+		return true;
+	}
+
+	torture_comment(torture, "connect samr pipe1\n");
+	status = torture_rpc_connection(mem_ctx, &p1, &dcerpc_table_samr);
+	torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
+
+	transport	= p1->conn->transport.transport,
+	assoc_group_id	= p1->assoc_group_id;
+
+	torture_comment(torture, "use assoc_group_id[0x%08X] for new connections\n", assoc_group_id);
+
+	torture_comment(torture, "connect lsa pipe2\n");
+	status = torture_rpc_connection_transport(mem_ctx, &p2, &dcerpc_table_lsarpc,
+						  transport,
+						  assoc_group_id);
+	torture_assert_ntstatus_ok(torture, status, "opening lsa pipe2");
+
+	r.in.system_name = 0;
+	r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+	r.out.connect_handle = &handle;
+
+	torture_comment(torture, "samr_Connect to open a policy handle on samr p1\n");
+	status = dcerpc_samr_Connect(p1, mem_ctx, &r);
+	torture_assert_ntstatus_ok(torture, status, "opening policy handle on p1");
+
+	lc.in.handle 		= &handle;
+	lc.out.handle		= &handle2;
+	sc.in.handle		= &handle;
+	sc.out.handle		= &handle2;
+
+	torture_comment(torture, "use policy handle on lsa p2 - should fail\n");
+	status = dcerpc_lsa_Close(p2, mem_ctx, &lc);
+	torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT, 
+				      "closing handle on lsa p2");
+	torture_assert_int_equal(torture, p2->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH, 
+				      "closing handle on lsa p2");
+
+	torture_comment(torture, "closing policy handle on samr p1\n");
+	status = dcerpc_samr_Close(p1, mem_ctx, &sc);
+	torture_assert_ntstatus_ok(torture, status, "closing policy handle on p1");
+
+	talloc_free(p1);
+	talloc_free(p2);
+	msleep(10);
+
+	torture_comment(torture, "connect samr pipe3 - should fail\n");
+	status = torture_rpc_connection_transport(mem_ctx, &p3, &dcerpc_table_samr,
+						  transport,
+						  assoc_group_id);
+	torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
+				      "opening samr pipe3");
+
+	torture_comment(torture, "connect lsa pipe4 - should fail\n");
+	status = torture_rpc_connection_transport(mem_ctx, &p4, &dcerpc_table_lsarpc,
+						  transport,
+						  assoc_group_id);
+	torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
+				      "opening lsa pipe4");
+
+	torture_comment(torture, "connect samr pipe5 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id);
+	status = torture_rpc_connection_transport(mem_ctx, &p5, &dcerpc_table_samr,
+						  transport,
+						  assoc_group_id);
+	torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
+				      "opening samr pipe5");
+
+	torture_comment(torture, "connect lsa pipe6 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id);
+	status = torture_rpc_connection_transport(mem_ctx, &p6, &dcerpc_table_lsarpc,
+						  transport,
+						  assoc_group_id);
+	torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
+				      "opening lsa pipe6");
+
+	talloc_free(mem_ctx);
+
+	return true;
+}
+
+static bool test_handles_random_assoc(struct torture_context *torture)
+{
+	NTSTATUS status;
+	struct dcerpc_pipe *p1, *p2, *p3;
+	TALLOC_CTX *mem_ctx = talloc_new(torture);
+	enum dcerpc_transport_t transport;
+	uint32_t assoc_group_id;
+
+	torture_comment(torture, "RPC-HANDLE-RANDOM-ASSOC\n");
+
+	torture_comment(torture, "connect samr pipe1\n");
+	status = torture_rpc_connection(mem_ctx, &p1, &dcerpc_table_samr);
+	torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
+
+	transport	= p1->conn->transport.transport,
+	assoc_group_id	= p1->assoc_group_id;
+
+	torture_comment(torture, "pip1 use assoc_group_id[0x%08X]\n", assoc_group_id);
+
+	torture_comment(torture, "connect samr pipe2 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id);
+	status = torture_rpc_connection_transport(mem_ctx, &p2, &dcerpc_table_samr,
+						  transport,
+						  assoc_group_id);
+	torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
+				      "opening samr pipe2");
+
+	torture_comment(torture, "connect samr pipe3 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id);
+	status = torture_rpc_connection_transport(mem_ctx, &p3, &dcerpc_table_samr,
+						  transport,
+						  assoc_group_id);
+	torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
+				      "opening samr pipe3");
+
+	talloc_free(mem_ctx);
+
+	return true;
+}
+
 
 static bool test_handles_drsuapi(struct torture_context *torture)
 {
@@ -450,6 +584,8 @@ struct torture_suite *torture_rpc_handles(void)
 	torture_suite_add_simple_test(suite, "lsarpc", test_handles_lsa);
 	torture_suite_add_simple_test(suite, "lsarpc-shared", test_handles_lsa_shared);
 	torture_suite_add_simple_test(suite, "samr", test_handles_samr);
+	torture_suite_add_simple_test(suite, "mixed-shared", test_handles_mixed_shared);
+	torture_suite_add_simple_test(suite, "random-assoc", test_handles_random_assoc);
 	torture_suite_add_simple_test(suite, "drsuapi", test_handles_drsuapi);
 	return suite;
 }