summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xsource4/scripting/swig/torture/torture_samr.py640
1 files changed, 88 insertions, 552 deletions
diff --git a/source4/scripting/swig/torture/torture_samr.py b/source4/scripting/swig/torture/torture_samr.py
index 2d1dfb6a95..9025fdd978 100755
--- a/source4/scripting/swig/torture/torture_samr.py
+++ b/source4/scripting/swig/torture/torture_samr.py
@@ -5,631 +5,170 @@ import dcerpc, samr
def test_Connect(pipe):
- print 'testing Connect'
-
handle = samr.Connect(pipe)
handle = samr.Connect2(pipe)
handle = samr.Connect3(pipe)
handle = samr.Connect4(pipe)
-# handle = samr.Connect5(pipe) # win2k3 only?
-
- return handle
-
-def test_QuerySecurity(pipe, handle):
-
- print 'testing QuerySecurity'
-
- sdbuf = handle.QuerySecurity()
- handle.SetSecurity(sdbuf)
-
-
-def test_GetDomPwInfo(pipe, handle, domain):
-
- print 'testing GetDomPwInfo'
-
- handle.GetDomPwInfo(domain)
- handle.GetDomPwInfo('__NONAME__')
- handle.GetDomPwInfo('Builtin')
-
-def test_RemoveMemberFromForeignDomain(pipe, domain_handle):
-
- print 'testing RemoveMemberFromForeignDomain'
-
- sid = samr.string_to_sid('S-1-5-32-12-34-56-78-9')
-
- domain_handle.RemoveMemberFromForeignDomain(sid)
-
-def test_CreateUser2(pipe, domain_handle):
-
- print 'testing CreateUser2'
-
- username = 'samrtorturemach$'
-
- try:
- return domain_handle.CreateUser2(username, 0x0080) # WSTRUST
- except dcerpc.NTSTATUS, arg:
- if arg[0] == 0x0c0000063L:
- test_OpenUser_byname(pipe, domain_handle, username).DeleteUser()
- return domain_handle.CreateUser2(username)
- raise
-
-def test_LookupName(pipe, domain_handle, name):
-
- print 'testing samr_LookupNames'
-
- domain_handle.LookupNames(['Administrator', 'xxNONAMExx'])
-
- try:
- domain_handle.LookupNames(['xxNONAMExx'])
- except dcerpc.NTSTATUS, arg:
- if arg[0] != 0xc0000073L:
- raise dcerpc.NTSTATUS(arg)
-
- return domain_handle.LookupNames([name])
-
-def test_OpenUser_byname(pipe, domain_handle, user_name):
-
- rids, types = test_LookupName(pipe, domain_handle, user_name)
-
- return domain_handle.OpenUser(rids[0])
-def test_DeleteUser_byname(pipe, domain_handle, user_name):
-
- user_handle = test_OpenUser_byname(pipe, domain_handle, user_name)
+ # WIN2K3 only?
- r = {}
- r['user_handle'] = user_handle
-
- dcerpc.samr_DeleteUser(pipe, r)
-
-def test_QueryUserInfo(pipe, user_handle):
-
- print 'testing samr_QueryUserInfo'
-
- levels = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 20, 21]
-
- for level in levels:
- r = {}
- r['user_handle'] = user_handle
- r['level'] = level
-
- dcerpc.samr_QueryUserInfo(pipe, r)
-
-def test_QueryUserInfo2(pipe, user_handle):
-
- print 'testing samr_QueryUserInfo2'
-
- levels = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 20, 21]
-
- for level in levels:
- r = {}
- r['user_handle'] = user_handle
- r['level'] = level
-
- dcerpc.samr_QueryUserInfo2(pipe, r)
-
-def test_SetUserInfo(pipe, user_handle):
-
- r = {}
- r['user_handle'] = user_handle
- r['level'] = 2
- r['info'] = {}
- r['info']['info2'] = {}
- r['info']['info2']['comment'] = {}
- r['info']['info2']['comment']['name'] = 'hello'
- r['info']['info2']['unknown'] = {}
- r['info']['info2']['unknown']['name'] = None
- r['info']['info2']['country_code'] = 0
- r['info']['info2']['code_page'] = 0
-
- dcerpc.samr_SetUserInfo(pipe, r)
-
-def test_GetUserPwInfo(pipe, user_handle):
-
- print 'testing samr_GetUserpwInfo'
-
- r = {}
- r['user_handle'] = user_handle
-
- dcerpc.samr_GetUserPwInfo(pipe, r)
-
-def test_TestPrivateFunctionsUser(pipe, user_handle):
-
- print 'testing samr.TestPrivateFunctionsUser'
-
- r = {}
- r['user_handle'] = user_handle
-
- try:
- dcerpc.samr_TestPrivateFunctionsUser(pipe, r)
- except dcerpc.NTSTATUS, arg:
- if arg[0] != dcerpc.NT_STATUS_NOT_IMPLEMENTED:
- raise dcerpc.NTSTATUS(arg)
-
-def test_user_ops(pipe, user_handle):
-
- test_QuerySecurity(pipe, user_handle)
-
- test_QueryUserInfo(pipe, user_handle)
-
- test_QueryUserInfo2(pipe, user_handle)
-
- test_SetUserInfo(pipe, user_handle)
-
- test_GetUserPwInfo(pipe, user_handle)
-
- test_TestPrivateFunctionsUser(pipe, user_handle)
-
-def test_CreateUser(pipe, domain_handle):
-
- username = 'samrtorturetest'
-
try:
- return domain_handle.CreateUser(username)
+ handle = samr.Connect5(pipe)
except dcerpc.NTSTATUS, arg:
- if arg[0] == 0xc0000063L:
- test_OpenUser_byname(pipe, domain_handle, username).DeleteUser()
- return domain_handle.CreateUser(username)
-
-def test_SetAliasInfo(pipe, alias_handle):
-
- r = {}
- r['alias_handle'] = alias_handle
- r['level'] = 2
- r['info'] = {}
- r['info']['name'] = {}
- r['info']['name']['name'] = 'hello'
-
- dcerpc.samr_SetAliasInfo(pipe, r)
-
- del(r['info']['name'])
+ if arg[0] != 0xc00000d2L: # NT_STATUS_NET_WRITE_FAULT
+ raise
- r['level'] = 3
- r['info']['description'] = {}
- r['info']['description']['name'] = 'this is a description'
+ return handle
- dcerpc.samr_SetAliasInfo(pipe, r)
-
-def test_Aliases(pipe, domain_handle, domain_sid):
-
- print 'testing aliases'
+def test_UserHandle(user_handle):
- aliasname = 'samrtorturetestalias'
+ # QuerySecurity()/SetSecurity()
- # Create a new alias
+ user_handle.SetSecurity(user_handle.QuerySecurity())
- try:
-
- handle, rid = domain_handle.CreateDomAlias(aliasname)
-
- except dcerpc.NTSTATUS, arg:
+ # GetUserPwInfo()
- if arg[0] == 0x0c0000154L:
+ user_handle.GetUserPwInfo()
- # Alias exists, delete it and try again
+ # GetUserInfo()
- rids, types = domain_handle.LookupNames([aliasname])
- domain_handle.OpenAlias(rids[0]).DeleteDomAlias()
-
- handle, rid = domain_handle.CreateDomAlias(aliasname)
-
- else:
- raise
+ for level in [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 20,
+ 21, 23, 24, 25, 26]:
- # QuerySecurity/GetSecurity
-
- handle.SetSecurity(handle.QuerySecurity())
-
- # QueryAliasInfo/SetAliasInfo
-
- for i in [1, 2, 3]:
- info = handle.QueryAliasInfo(i)
try:
- handle.SetAliasInfo(i, info)
+ user_handle.QueryUserInfo(level)
+ user_handle.QueryUserInfo2(level)
except dcerpc.NTSTATUS, arg:
-
- # Can't set alias info level 1
-
- if not (arg[0] == 0xC0000003L and i == 1):
+ if arg[0] != 0xc0000003L: # NT_STATUS_INVALID_INFO_CLASS
raise
- # AddAliasMember
-
- handle.AddAliasMember('S-1-5-21-1606980848-1677128483-854245398-500')
+def test_GroupHandle(group_handle):
- # AddMultipleMembersToAlias
+ # QuerySecurity()/SetSecurity()
- handle.AddMultipleMembersToAlias(
- ['S-1-5-21-1606980848-1677128483-854245398-501',
- 'S-1-5-21-1606980848-1677128483-854245398-502'])
+ group_handle.SetSecurity(group_handle.QuerySecurity())
- # DeleteDomAlias
+def test_AliasHandle(alias_handle):
- handle.DeleteDomAlias()
+ # QuerySecurity()/SetSecurity()
-def test_DeleteGroup_byname(pipe, domain_handle, group_name):
-
- rid = test_LookupNames(pipe, domain_handle, group_name)
-
- r = {}
- r['domain_handle'] = domain_handle
- r['access_mask'] = 0x02000000
- r['rid'] = rid
+ alias_handle.SetSecurity(alias_handle.QuerySecurity())
- result = dcerpc.samr_OpenGroup(pipe, r)
+def test_DomainHandle(name, sid, domain_handle):
- s = {}
- s['group_handle'] = result['group_handle']
+ print 'testing %s (%s)' % (name, sid)
- dcerpc.samr_DeleteDomainGroup(pipe, s)
+ # QuerySecurity()/SetSecurity()
-def test_CreateDomainGroup(pipe, domain_handle):
+ domain_handle.SetSecurity(domain_handle.QuerySecurity())
- print 'testing samr_CreateDomainGroup'
-
- r = {}
- r['domain_handle'] = domain_handle
- r['name'] = {}
- r['name']['name'] = 'samrtorturetestgroup'
- r['access_mask'] = 0x02000000
+ # LookupNames(), none mapped
try:
- result = dcerpc.samr_CreateDomainGroup(pipe, r)
+ domain_handle.LookupNames(['xxNONAMExx'])
except dcerpc.NTSTATUS, arg:
- if arg[0] == dcerpc.NT_STATUS_ACCESS_DENIED:
- return
- if arg[0] != dcerpc.NT_STATUS_GROUP_EXISTS:
+ if arg[0] != 0xc0000073L:
raise dcerpc.NTSTATUS(arg)
- test_DeleteGroup_byname(pipe, domain_handle, 'samrtorturetestgroup')
-
- result = dcerpc.samr_CreateDomainGroup(pipe, r)
-
- return result['group_handle']
+ # LookupNames(), some mapped
-def test_QueryDomainInfo(pipe, domain_handle):
+ if name != 'Builtin':
+ domain_handle.LookupNames(['Administrator', 'xxNONAMExx'])
- print 'testing samr_QueryDomainInfo'
+ # QueryDomainInfo()/SetDomainInfo()
levels = [1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13]
set_ok = [1, 0, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0]
- for i in range(0, len(levels)):
+ for i in range(len(levels)):
- r = {}
- r['domain_handle'] = domain_handle
- r['level'] = levels[i]
-
- result = dcerpc.samr_QueryDomainInfo(pipe, r)
-
- s = {}
- s['domain_handle'] = domain_handle
- s['level'] = levels[i]
- s['info'] = result['info']
+ info = domain_handle.QueryDomainInfo(level = levels[i])
try:
- dcerpc.samr_SetDomainInfo(pipe, s)
+ domain_handle.SetDomainInfo(levels[i], info)
except dcerpc.NTSTATUS, arg:
- if set_ok[i]:
- raise dcerpc.NTSTATUS(arg)
- if arg[0] != dcerpc.NT_STATUS_INVALID_INFO_CLASS:
- raise dcerpc.NTSTATUS(arg)
-
-def test_QueryDomainInfo2(pipe, domain_handle):
+ if not (arg[0] == 0xc0000003L and not set_ok[i]):
+ raise
- print 'testing samr_QueryDomainInfo'
+ # QueryDomainInfo2()
levels = [1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13]
- for i in range(0, len(levels)):
-
- r = {}
- r['domain_handle'] = domain_handle
- r['level'] = levels[i]
-
- dcerpc.samr_QueryDomainInfo2(pipe, r)
+ for i in range(len(levels)):
+ domain_handle.QueryDomainInfo2(level = levels[i])
-def test_EnumDomainUsers(pipe, domain_handle):
+ # EnumDomainUsers
- print 'testing samr_EnumDomainUsers'
+ print 'testing users'
- r = {}
- r['domain_handle'] = domain_handle
- r['resume_handle'] = 0
- r['acct_flags'] = 0
- r['max_size'] = -1
-
- while 1:
- result = dcerpc.samr_EnumDomainUsers(pipe, r)
- if result['result'] == dcerpc.STATUS_MORE_ENTRIES:
- r['resume_handle'] = result['resume_handle']
- continue
- break
-
-def test_EnumDomainGroups(pipe, domain_handle):
-
- print 'testing samr_EnumDomainGroups'
-
- r = {}
- r['domain_handle'] = domain_handle
- r['resume_handle'] = 0
- r['acct_flags'] = 0
- r['max_size'] = -1
+ users = domain_handle.EnumDomainUsers()
+ rids = domain_handle.LookupNames(users)
- while 1:
- result = dcerpc.samr_EnumDomainGroups(pipe, r)
- if result['result'] == dcerpc.STATUS_MORE_ENTRIES:
- r['resume_handle'] = result['resume_handle']
- continue
- break
-
-def test_EnumDomainAliases(pipe, domain_handle):
-
- print 'testing samr_EnumDomainAliases'
-
- r = {}
- r['domain_handle'] = domain_handle
- r['resume_handle'] = 0
- r['acct_flags'] = 0
- r['max_size'] = -1
-
- while 1:
- result = dcerpc.samr_EnumDomainAliases(pipe, r)
- if result['result'] == dcerpc.STATUS_MORE_ENTRIES:
- r['resume_handle'] = result['resume_handle']
- continue
- break
-
-def test_QueryDisplayInfo(pipe, domain_handle):
-
- print 'testing samr_QueryDisplayInfo'
-
- levels = [1, 2, 3, 4, 5]
-
- for i in range(0, len(levels)):
-
- r = {}
- r['domain_handle'] = domain_handle
- r['level'] = levels[i]
- r['start_idx'] = 0
- r['max_entries'] = 1000
- r['buf_size'] = -1
-
- dcerpc.samr_QueryDisplayInfo(pipe, r)
-
-def test_QueryDisplayInfo2(pipe, domain_handle):
-
- print 'testing samr_QueryDisplayInfo2'
-
- levels = [1, 2, 3, 4, 5]
-
- for i in range(0, len(levels)):
-
- r = {}
- r['domain_handle'] = domain_handle
- r['level'] = levels[i]
- r['start_idx'] = 0
- r['max_entries'] = 1000
- r['buf_size'] = -1
-
- dcerpc.samr_QueryDisplayInfo2(pipe, r)
+ for i in range(len(users)):
+ test_UserHandle(domain_handle.OpenUser(rids[0][i]))
-def test_QueryDisplayInfo3(pipe, domain_handle):
-
- print 'testing samr_QueryDisplayInfo3'
-
- levels = [1, 2, 3, 4, 5]
-
- for i in range(0, len(levels)):
-
- r = {}
- r['domain_handle'] = domain_handle
- r['level'] = levels[i]
- r['start_idx'] = 0
- r['max_entries'] = 1000
- r['buf_size'] = -1
-
- dcerpc.samr_QueryDisplayInfo3(pipe, r)
-
-def test_GetDisplayEnumerationIndex(pipe, domain_handle):
-
- print 'testing samr_GetDisplayEnumerationIndex'
-
- levels = [1, 2, 3, 4, 5]
- ok_lvl = [1, 1, 1, 0, 0]
-
- for i in range(0, len(levels)):
-
- r = {}
- r['domain_handle'] = domain_handle
- r['level'] = levels[i]
- r['name'] = {}
- r['name']['name'] = 'samrtorturetest'
-
- try:
- dcerpc.samr_GetDisplayEnumerationIndex(pipe, r)
- except dcerpc.NTSTATUS, arg:
- if ok_lvl[i]:
- raise dcerpc.NTSTATUS(arg)
-
- r['name']['name'] = 'zzzzzzzz'
-
- try:
- dcerpc.samr_GetDisplayEnumerationIndex(pipe, r)
- except dcerpc.NTSTATUS, arg:
- if ok_lvl[i]:
- raise dcerpc.NTSTATUS(arg)
-
-def test_GetDisplayEnumerationIndex2(pipe, domain_handle):
-
- print 'testing samr_GetDisplayEnumerationIndex2'
-
- levels = [1, 2, 3, 4, 5]
- ok_lvl = [1, 1, 1, 0, 0]
-
- for i in range(0, len(levels)):
-
- r = {}
- r['domain_handle'] = domain_handle
- r['level'] = levels[i]
- r['name'] = {}
- r['name']['name'] = 'samrtorturetest'
-
- try:
- dcerpc.samr_GetDisplayEnumerationIndex2(pipe, r)
- except dcerpc.NTSTATUS, arg:
- if ok_lvl[i]:
- raise dcerpc.NTSTATUS(arg)
-
- r['name']['name'] = 'zzzzzzzz'
-
- try:
- dcerpc.samr_GetDisplayEnumerationIndex2(pipe, r)
- except dcerpc.NTSTATUS, arg:
- if ok_lvl[i]:
- raise dcerpc.NTSTATUS(arg)
-
-def test_TestPrivateFunctionsDomain(pipe, domain_handle):
-
- print 'testing samr.TestPrivateFunctionsDomain'
-
- r = {}
- r['domain_handle'] = domain_handle
+ # QueryDisplayInfo
- try:
- dcerpc.samr_TestPrivateFunctionsDomain(pipe, r)
- except dcerpc.NTSTATUS, arg:
- if arg[0] != dcerpc.NT_STATUS_NOT_IMPLEMENTED:
- raise dcerpc.NTSTATUS(arg)
-
-def test_RidToSid(pipe, domain_handle):
-
- print 'testing samr_RidToSid'
-
- r = {}
- r['domain_handle'] = domain_handle
- r['rid'] = 512
-
- dcerpc.samr_RidToSid(pipe, r)
-
-def test_GetBootKeyInformation(pipe, domain_handle):
-
- print 'testing samr_GetBootKeyInformation'
-
- r = {}
- r['domain_handle'] = domain_handle
-
- try:
- dcerpc.samr_GetBootKeyInformation(pipe, r)
- except dcerpc.NTSTATUS, arg:
- pass
-
-def test_DeleteUser(pipe, user_handle):
-
- r = {}
- r['user_handle'] = user_handle
-
- dcerpc.samr_DeleteUser(pipe, r)
-
-def test_DeleteAlias(pipe, alias_handle):
-
- r = {}
- r['alias_handle'] = alias_handle
-
- dcerpc.samr_DeleteDomAlias(pipe, r)
-
-def test_DeleteDomainGroup(pipe, group_handle):
-
- r = {}
- r['group_handle'] = group_handle
-
- dcerpc.samr_DeleteDomainGroup(pipe, r)
-
-def test_Close(pipe, handle):
-
- r = {}
- r['handle'] = handle
-
- dcerpc.samr_Close(pipe, r)
-
-def test_OpenDomain(pipe, connect_handle, domain_sid):
-
- print 'testing OpenDomain'
-
- domain_handle = connect_handle.OpenDomain(domain_sid)
-
- test_QuerySecurity(pipe, domain_handle)
-
- test_RemoveMemberFromForeignDomain(pipe, domain_handle)
-
- test_CreateUser2(pipe, domain_handle)
-
- test_CreateUser(pipe, domain_handle)
-
- test_Aliases(pipe, domain_handle, domain_sid)
-
- sys.exit(0)
+ for i in [1, 2, 3, 4, 5]:
+ domain_handle.QueryDisplayInfo(level = i)
+ domain_handle.QueryDisplayInfo2(level = i)
+ domain_handle.QueryDisplayInfo3(level = i)
+
+ # EnumDomainGroups
- test_CreateDomainGroup(pipe, domain_handle)
+ print 'testing groups'
- test_QueryDomainInfo(pipe, domain_handle)
-
- test_QueryDomainInfo2(pipe, domain_handle)
+ groups = domain_handle.EnumDomainGroups()
+ rids = domain_handle.LookupNames(groups)
- test_EnumDomainUsers(pipe, domain_handle)
+ for i in range(len(groups)):
+ test_GroupHandle(domain_handle.OpenGroup(rids[0][i]))
- test_EnumDomainGroups(pipe, domain_handle)
+ # EnumDomainAliases
- test_EnumDomainAliases(pipe, domain_handle)
+ print 'testing aliases'
- test_QueryDisplayInfo(pipe, domain_handle)
+ aliases = domain_handle.EnumDomainAliases()
+ rids = domain_handle.LookupNames(aliases)
- test_QueryDisplayInfo2(pipe, domain_handle)
+ for i in range(len(aliases)):
+ test_AliasHandle(domain_handle.OpenAlias(rids[0][i]))
- test_QueryDisplayInfo3(pipe, domain_handle)
-
- test_GetDisplayEnumerationIndex(pipe, domain_handle)
-
- test_GetDisplayEnumerationIndex2(pipe, domain_handle)
+ # CreateUser
+ # CreateUser2
+ # CreateDomAlias
+ # RidToSid
+ # RemoveMemberFromForeignDomain
+ # CreateDomainGroup
+ # GetAliasMembership
- test_TestPrivateFunctionsDomain(pipe, domain_handle)
+def test_ConnectHandle(connect_handle):
- test_RidToSid(pipe, domain_handle)
+ print 'testing connect handle'
- test_GetBootKeyInformation(pipe, domain_handle)
+ # QuerySecurity/SetSecurity
- if user_handle != None:
- test_DeleteUser(pipe, user_handle)
+ connect_handle.SetSecurity(connect_handle.QuerySecurity())
- if alias_handle != None:
- test_DeleteAlias(pipe, alias_handle)
-
- if group_handle != None:
- test_DeleteDomainGroup(pipe, group_handle)
-
- test_Close(pipe, domain_handle)
-
-def test_LookupDomain(pipe, connect_handle, domain):
-
- print 'testing LookupDomain'
-
- sid = connect_handle.LookupDomain(domain)
+ # Lookup bogus domain
try:
connect_handle.LookupDomain('xxNODOMAINxx')
except dcerpc.NTSTATUS, arg:
if arg[0] != 0xC00000DFL: # NT_STATUS_NO_SUCH_DOMAIN
raise
-
- test_GetDomPwInfo(pipe, connect_handle, domain)
- test_OpenDomain(pipe, connect_handle, sid)
-
-def test_EnumDomains(pipe, connect_handle):
- print 'testing EnumDomains'
+ # Test all domains
+
+ for domain_name in connect_handle.EnumDomains():
+
+ connect_handle.GetDomPwInfo(domain_name)
+ sid = connect_handle.LookupDomain(domain_name)
+ domain_handle = connect_handle.OpenDomain(sid)
- for domain in connect_handle.EnumDomains():
- test_LookupDomain(pipe, connect_handle, domain)
+ test_DomainHandle(domain_name, sid, domain_handle)
+
+ # TODO: Test Shutdown() function
def runtests(binding, creds):
@@ -639,7 +178,4 @@ def runtests(binding, creds):
dcerpc.DCERPC_SAMR_UUID, int(dcerpc.DCERPC_SAMR_VERSION), creds)
handle = test_Connect(pipe)
-
- test_QuerySecurity(pipe, handle)
-
- test_EnumDomains(pipe, handle)
+ test_ConnectHandle(handle)