diff options
Diffstat (limited to 'source4/torture/ldap')
-rw-r--r-- | source4/torture/ldap/cldap.c | 111 | ||||
-rw-r--r-- | source4/torture/ldap/schema.c | 70 | ||||
-rw-r--r-- | source4/torture/ldap/uptodatevector.c | 12 |
3 files changed, 102 insertions, 91 deletions
diff --git a/source4/torture/ldap/cldap.c b/source4/torture/ldap/cldap.c index 3730193c86..1ddc628a5c 100644 --- a/source4/torture/ldap/cldap.c +++ b/source4/torture/ldap/cldap.c @@ -24,6 +24,7 @@ #include "libcli/cldap/cldap.h" #include "libcli/ldap/ldap.h" #include "librpc/gen_ndr/ndr_nbt.h" +#include "librpc/gen_ndr/netlogon.h" #include "torture/torture.h" #include "lib/ldb/include/ldb.h" #include "param/param.h" @@ -64,7 +65,7 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest) n1 = search.out.netlogon; search.in.user = "Administrator"; - search.in.realm = n1.nt5_ex.dns_domain; + search.in.realm = n1.data.nt5_ex.dns_domain; search.in.host = "__cldap_torture__"; printf("Scanning for netlogon levels\n"); @@ -93,8 +94,8 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest) search.in.user = NULL; status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_STRING(search.out.netlogon.nt5_ex.user_name, ""); - CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); + CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); + CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); printf("Trying with User=Administrator\n"); @@ -102,8 +103,8 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest) status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_STRING(search.out.netlogon.nt5_ex.user_name, search.in.user); - CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX); + CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user); + CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX); search.in.version = NETLOGON_NT_VERSION_5; status = cldap_netlogon(cldap, tctx, &search); @@ -114,8 +115,8 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest) search.in.user = NULL; status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_STRING(search.out.netlogon.nt5_ex.user_name, ""); - CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE); + CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); + CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE); printf("Trying with User=Administrator\n"); @@ -123,18 +124,18 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest) status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_STRING(search.out.netlogon.nt5_ex.user_name, search.in.user); - CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN); + CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user); + CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN); search.in.version = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX; printf("Trying with a GUID\n"); search.in.realm = NULL; - search.in.domain_guid = GUID_string(tctx, &n1.nt5_ex.domain_uuid); + search.in.domain_guid = GUID_string(tctx, &n1.data.nt5_ex.domain_uuid); status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX); - CHECK_STRING(GUID_string(tctx, &search.out.netlogon.nt5_ex.domain_uuid), search.in.domain_guid); + CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX); + CHECK_STRING(GUID_string(tctx, &search.out.netlogon.data.nt5_ex.domain_uuid), search.in.domain_guid); printf("Trying with a incorrect GUID\n"); guid = GUID_random(); @@ -145,53 +146,53 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest) printf("Trying with a AAC\n"); search.in.acct_control = ACB_WSTRUST|ACB_SVRTRUST; - search.in.realm = n1.nt5_ex.dns_domain; + search.in.realm = n1.data.nt5_ex.dns_domain; status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); - CHECK_STRING(search.out.netlogon.nt5_ex.user_name, ""); + CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); + CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); printf("Trying with a zero AAC\n"); search.in.acct_control = 0x0; - search.in.realm = n1.nt5_ex.dns_domain; + search.in.realm = n1.data.nt5_ex.dns_domain; status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); - CHECK_STRING(search.out.netlogon.nt5_ex.user_name, ""); + CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); + CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); printf("Trying with a zero AAC and user=Administrator\n"); search.in.acct_control = 0x0; search.in.user = "Administrator"; - search.in.realm = n1.nt5_ex.dns_domain; + search.in.realm = n1.data.nt5_ex.dns_domain; status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX); - CHECK_STRING(search.out.netlogon.nt5_ex.user_name, "Administrator"); + CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX); + CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, "Administrator"); printf("Trying with a bad AAC\n"); search.in.user = NULL; search.in.acct_control = 0xFF00FF00; - search.in.realm = n1.nt5_ex.dns_domain; + search.in.realm = n1.data.nt5_ex.dns_domain; status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); - CHECK_STRING(search.out.netlogon.nt5_ex.user_name, ""); + CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); + CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); printf("Trying with a user only\n"); search = empty_search; search.in.user = "Administrator"; status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_STRING(search.out.netlogon.nt5_ex.dns_domain, n1.nt5_ex.dns_domain); - CHECK_STRING(search.out.netlogon.nt5_ex.user_name, search.in.user); + CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain, n1.data.nt5_ex.dns_domain); + CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user); printf("Trying with just a bad username\n"); search.in.user = "___no_such_user___"; status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_STRING(search.out.netlogon.nt5_ex.user_name, search.in.user); - CHECK_STRING(search.out.netlogon.nt5_ex.dns_domain, n1.nt5_ex.dns_domain); - CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX); + CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user); + CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain, n1.data.nt5_ex.dns_domain); + CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX); printf("Trying with just a bad domain\n"); search = empty_search; @@ -200,29 +201,29 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest) CHECK_STATUS(status, NT_STATUS_NOT_FOUND); printf("Trying with a incorrect domain and correct guid\n"); - search.in.domain_guid = GUID_string(tctx, &n1.nt5_ex.domain_uuid); + search.in.domain_guid = GUID_string(tctx, &n1.data.nt5_ex.domain_uuid); status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_STRING(search.out.netlogon.nt5_ex.dns_domain, n1.nt5_ex.dns_domain); - CHECK_STRING(search.out.netlogon.nt5_ex.user_name, ""); - CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); + CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain, n1.data.nt5_ex.dns_domain); + CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); + CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); printf("Trying with a incorrect domain and incorrect guid\n"); search.in.domain_guid = GUID_string(tctx, &guid); status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_NOT_FOUND); - CHECK_STRING(search.out.netlogon.nt5_ex.dns_domain, n1.nt5_ex.dns_domain); - CHECK_STRING(search.out.netlogon.nt5_ex.user_name, ""); - CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); + CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain, n1.data.nt5_ex.dns_domain); + CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); + CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); printf("Trying with a incorrect GUID and correct domain\n"); search.in.domain_guid = GUID_string(tctx, &guid); - search.in.realm = n1.nt5_ex.dns_domain; + search.in.realm = n1.data.nt5_ex.dns_domain; status = cldap_netlogon(cldap, tctx, &search); CHECK_STATUS(status, NT_STATUS_OK); - CHECK_STRING(search.out.netlogon.nt5_ex.dns_domain, n1.nt5_ex.dns_domain); - CHECK_STRING(search.out.netlogon.nt5_ex.user_name, ""); - CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); + CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain, n1.data.nt5_ex.dns_domain); + CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, ""); + CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX); return true; } @@ -255,9 +256,9 @@ static bool test_cldap_netlogon_flags(struct torture_context *tctx, n1 = search.out.netlogon; if (n1.ntver == NETLOGON_NT_VERSION_5) - server_type = n1.nt5.server_type; + server_type = n1.data.nt5.server_type; else if (n1.ntver == NETLOGON_NT_VERSION_5EX) - server_type = n1.nt5_ex.server_type; + server_type = n1.data.nt5_ex.server_type; printf("The word is: %i\n", server_type); if (server_type & NBT_SERVER_PDC) @@ -280,16 +281,16 @@ static bool test_cldap_netlogon_flags(struct torture_context *tctx, printf("NBT_SERVER_GOOD_TIMESERV "); if (server_type & NBT_SERVER_NDNC) printf("NBT_SERVER_NDNC "); - if (server_type & NBT_SERVER_SEL_SEC_DOM_6) - printf("NBT_SERVER_SEL_SEC_DOM_6 "); - if (server_type & NBT_SERVER_FUL_SEC_DOM_6) - printf("NBT_SERVER_FUL_SEC_DOM_6 "); - if (server_type & NBT_SERVER_DS_DNS_CONTR) - printf("NBT_SERVER_DS_DNS_CONTR "); - if (server_type & NBT_SERVER_DS_DNS_DOMAIN) - printf("NBT_SERVER_DS_DNS_DOMAIN "); - if (server_type & NBT_SERVER_DS_DNS_FOREST) - printf("NBT_SERVER_DS_DNS_FOREST "); + if (server_type & NBT_SERVER_SELECT_SECRET_DOMAIN_6) + printf("NBT_SERVER_SELECT_SECRET_DOMAIN_6"); + if (server_type & NBT_SERVER_FULL_SECRET_DOMAIN_6) + printf("NBT_SERVER_FULL_SECRET_DOMAIN_6"); + if (server_type & DS_DNS_CONTROLLER) + printf("DS_DNS_CONTROLLER "); + if (server_type & DS_DNS_DOMAIN) + printf("DS_DNS_DOMAIN "); + if (server_type & DS_DNS_FOREST) + printf("DS_DNS_FOREST "); printf("\n"); @@ -366,11 +367,11 @@ static bool test_cldap_netlogon_flag_ds_dns_forest(struct torture_context *tctx, n1 = search.out.netlogon; if (n1.ntver == NETLOGON_NT_VERSION_5) - server_type = n1.nt5.server_type; + server_type = n1.data.nt5.server_type; else if (n1.ntver == NETLOGON_NT_VERSION_5EX) - server_type = n1.nt5_ex.server_type; + server_type = n1.data.nt5_ex.server_type; - if (server_type & NBT_SERVER_DS_DNS_FOREST) { + if (server_type & DS_DNS_FOREST) { struct cldap_search search2; const char *attrs[] = { "defaultNamingContext", "rootDomainNamingContext", NULL }; diff --git a/source4/torture/ldap/schema.c b/source4/torture/ldap/schema.c index 8437e7f79d..6184ad266d 100644 --- a/source4/torture/ldap/schema.c +++ b/source4/torture/ldap/schema.c @@ -26,7 +26,7 @@ #include "lib/ldb/include/ldb.h" #include "lib/ldb/include/ldb_errors.h" #include "dsdb/samdb/samdb.h" -#include "lib/util/dlinklist.h" +#include "../lib/util/dlinklist.h" #include "torture/torture.h" #include "torture/ldap/proto.h" @@ -41,6 +41,8 @@ struct test_rootDSE { }; struct test_schema_ctx { + struct ldb_context *ldb; + struct ldb_paged_control *ctrl; uint32_t count; bool pending; @@ -57,8 +59,8 @@ static bool test_search_rootDSE(struct ldb_context *ldb, struct test_rootDSE *ro d_printf("Testing RootDSE Search\n"); - ret = ldb_search(ldb, ldb_dn_new(ldb, ldb, NULL), LDB_SCOPE_BASE, - NULL, NULL, &r); + ret = ldb_search(ldb, ldb, &r, ldb_dn_new(ldb, ldb, NULL), + LDB_SCOPE_BASE, NULL, NULL); if (ret != LDB_SUCCESS) { return false; } else if (r->count != 1) { @@ -82,15 +84,24 @@ static bool test_search_rootDSE(struct ldb_context *ldb, struct test_rootDSE *ro return true; } -static int test_schema_search_callback(struct ldb_context *ldb, void *context, struct ldb_reply *ares) +static int test_schema_search_callback(struct ldb_request *req, struct ldb_reply *ares) { - struct test_schema_ctx *actx = talloc_get_type(context, struct test_schema_ctx); + struct test_schema_ctx *actx; int ret = LDB_SUCCESS; + actx = talloc_get_type(req->context, struct test_schema_ctx); + + if (!ares) { + return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR); + } + if (ares->error != LDB_SUCCESS) { + return ldb_request_done(req, ares->error); + } + switch (ares->type) { case LDB_REPLY_ENTRY: actx->count++; - ret = actx->callback(actx->private_data, ldb, ares->message); + ret = actx->callback(actx->private_data, actx->ldb, ares->message); break; case LDB_REPLY_REFERRAL: @@ -118,21 +129,22 @@ static int test_schema_search_callback(struct ldb_context *ldb, void *context, s actx->pending = true; } } - break; - + talloc_free(ares); + return ldb_request_done(req, LDB_SUCCESS); + default: d_printf("%s: unknown Reply Type %u\n", __location__, ares->type); - return LDB_ERR_OTHER; + return ldb_request_done(req, LDB_ERR_OTHER); } if (talloc_free(ares) == -1) { d_printf("talloc_free failed\n"); actx->pending = 0; - return LDB_ERR_OPERATIONS_ERROR; + return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR); } if (ret) { - return LDB_ERR_OPERATIONS_ERROR; + return ldb_request_done(req, LDB_ERR_OPERATIONS_ERROR); } return LDB_SUCCESS; @@ -149,10 +161,12 @@ static bool test_create_schema_type(struct ldb_context *ldb, struct test_rootDSE int ret; struct test_schema_ctx *actx; - req = talloc(ldb, struct ldb_request); - actx = talloc(req, struct test_schema_ctx); + actx = talloc(ldb, struct test_schema_ctx); + actx->ldb = ldb; + actx->private_data = private_data; + actx->callback= callback; - ctrl = talloc_array(req, struct ldb_control *, 2); + ctrl = talloc_array(actx, struct ldb_control *, 2); ctrl[0] = talloc(ctrl, struct ldb_control); ctrl[0]->oid = LDB_CONTROL_PAGED_RESULTS_OID; ctrl[0]->critical = true; @@ -163,33 +177,30 @@ static bool test_create_schema_type(struct ldb_context *ldb, struct test_rootDSE ctrl[0]->data = control; ctrl[1] = NULL; - req->operation = LDB_SEARCH; - req->op.search.base = ldb_dn_new(req, ldb, root->schemadn); - req->op.search.scope = LDB_SCOPE_SUBTREE; - req->op.search.tree = ldb_parse_tree(req, filter); - if (req->op.search.tree == NULL) return -1; - req->op.search.attrs = NULL; - req->controls = ctrl; - req->context = actx; - req->callback = test_schema_search_callback; - ldb_set_timeout(ldb, req, 0); - - actx->count = 0; - actx->ctrl = control; - actx->callback = callback; - actx->private_data = private_data; + ret = ldb_build_search_req(&req, ldb, actx, + ldb_dn_new(actx, ldb, root->schemadn), + LDB_SCOPE_SUBTREE, + filter, NULL, + ctrl, + actx, test_schema_search_callback, + NULL); + + actx->ctrl = control; + actx->count = 0; again: actx->pending = false; ret = ldb_request(ldb, req); if (ret != LDB_SUCCESS) { d_printf("search failed - %s\n", ldb_errstring(ldb)); + talloc_free(actx); return false; } ret = ldb_wait(req->handle, LDB_WAIT_ALL); if (ret != LDB_SUCCESS) { d_printf("search error - %s\n", ldb_errstring(ldb)); + talloc_free(actx); return false; } @@ -197,6 +208,7 @@ again: goto again; d_printf("filter[%s] count[%u]\n", filter, actx->count); + talloc_free(actx); return true; } diff --git a/source4/torture/ldap/uptodatevector.c b/source4/torture/ldap/uptodatevector.c index 87b7e09e13..6200f4c3de 100644 --- a/source4/torture/ldap/uptodatevector.c +++ b/source4/torture/ldap/uptodatevector.c @@ -26,7 +26,7 @@ #include "lib/ldb/include/ldb.h" #include "lib/ldb/include/ldb_errors.h" #include "dsdb/samdb/samdb.h" -#include "lib/util/dlinklist.h" +#include "../lib/util/dlinklist.h" #include "torture/torture.h" #include "torture/ldap/proto.h" @@ -57,15 +57,14 @@ static bool test_check_uptodatevector(struct torture_context *torture, torture_comment(torture, "Check replUpToDateVector on partition[%s]\n", ldb_dn_get_linearized(partition_dn)); - ret = ldb_search(ldb, partition_dn, LDB_SCOPE_BASE, - "(objectClass=*)", attrs, &r); + ret = ldb_search(ldb, torture, &r, partition_dn, LDB_SCOPE_BASE, attrs, + "(objectClass=*)"); if (ret != LDB_SUCCESS) { return false; } else if (r->count != 1) { talloc_free(r); return false; } - talloc_steal(torture, r); ZERO_STRUCT(utdv1); utdv_val1 = ldb_msg_find_ldb_val(r->msgs[0], "replUpToDateVector"); @@ -104,15 +103,14 @@ static bool test_check_uptodatevector(struct torture_context *torture, ret = ldb_modify(ldb, msg); if (ret != LDB_SUCCESS) return false; - ret = ldb_search(ldb, partition_dn, LDB_SCOPE_BASE, - "(objectClass=*)", attrs, &r); + ret = ldb_search(ldb, msg, &r, partition_dn, LDB_SCOPE_BASE, + attrs, "(objectClass=*)"); if (ret != LDB_SUCCESS) { return false; } else if (r->count != 1) { talloc_free(r); return false; } - talloc_steal(msg, r); ZERO_STRUCT(utdv); utdv_val = ldb_msg_find_ldb_val(r->msgs[0], "replUpToDateVector"); |