diff options
Diffstat (limited to 'source4/torture/rpc')
| -rw-r--r-- | source4/torture/rpc/drsuapi.c | 190 | ||||
| -rw-r--r-- | source4/torture/rpc/drsuapi_cracknames.c | 178 | ||||
| -rw-r--r-- | source4/torture/rpc/dssync.c | 193 | ||||
| -rw-r--r-- | source4/torture/rpc/eventlog.c | 9 | ||||
| -rw-r--r-- | source4/torture/rpc/initshutdown.c | 4 | ||||
| -rw-r--r-- | source4/torture/rpc/join.c | 6 | ||||
| -rw-r--r-- | source4/torture/rpc/lsa.c | 278 | ||||
| -rw-r--r-- | source4/torture/rpc/netlogon.c | 85 | ||||
| -rw-r--r-- | source4/torture/rpc/object_uuid.c | 87 | ||||
| -rw-r--r-- | source4/torture/rpc/remote_pac.c | 57 | ||||
| -rw-r--r-- | source4/torture/rpc/rpc.c | 3 | ||||
| -rw-r--r-- | source4/torture/rpc/samba3rpc.c | 28 | ||||
| -rw-r--r-- | source4/torture/rpc/samlogon.c | 10 | ||||
| -rw-r--r-- | source4/torture/rpc/samr.c | 184 | ||||
| -rw-r--r-- | source4/torture/rpc/samr_accessmask.c | 2 | ||||
| -rw-r--r-- | source4/torture/rpc/samsync.c | 4 | ||||
| -rw-r--r-- | source4/torture/rpc/spoolss_notify.c | 2 | ||||
| -rw-r--r-- | source4/torture/rpc/testjoin.c | 3 | ||||
| -rw-r--r-- | source4/torture/rpc/winreg.c | 31 | ||||
| -rw-r--r-- | source4/torture/rpc/wkssvc.c | 28 |
20 files changed, 908 insertions, 474 deletions
diff --git a/source4/torture/rpc/drsuapi.c b/source4/torture/rpc/drsuapi.c index e5cb3d7ddf..da6ce2b5f5 100644 --- a/source4/torture/rpc/drsuapi.c +++ b/source4/torture/rpc/drsuapi.c @@ -62,6 +62,8 @@ static bool test_DsGetDomainControllerInfo(struct dcerpc_pipe *p, struct torture { NTSTATUS status; struct drsuapi_DsGetDomainControllerInfo r; + union drsuapi_DsGetDCInfoCtr ctr; + int32_t level_out = 0; bool found = false; int i, j, k; @@ -91,16 +93,21 @@ static bool test_DsGetDomainControllerInfo(struct dcerpc_pipe *p, struct torture for (i=0; i < ARRAY_SIZE(levels); i++) { for (j=0; j < ARRAY_SIZE(names); j++) { + union drsuapi_DsGetDCInfoRequest req; level = levels[i]; r.in.bind_handle = &priv->bind_handle; r.in.level = 1; + r.in.req = &req; - r.in.req.req1.domain_name = names[j].name; - r.in.req.req1.level = level; + r.in.req->req1.domain_name = names[j].name; + r.in.req->req1.level = level; + + r.out.ctr = &ctr; + r.out.level_out = &level_out; torture_comment(torture, "testing DsGetDomainControllerInfo level %d on domainname '%s'\n", - r.in.req.req1.level, r.in.req.req1.domain_name); + r.in.req->req1.level, r.in.req->req1.domain_name); status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, torture, &r); torture_assert_ntstatus_ok(torture, status, @@ -115,13 +122,13 @@ static bool test_DsGetDomainControllerInfo(struct dcerpc_pipe *p, struct torture } torture_assert_int_equal(torture, - r.in.req.req1.level, r.out.level_out, + r.in.req->req1.level, *r.out.level_out, "dcerpc_drsuapi_DsGetDomainControllerInfo level"); switch (level) { case 1: - for (k=0; k < r.out.ctr.ctr1.count; k++) { - if (strcasecmp_m(r.out.ctr.ctr1.array[k].netbios_name, + for (k=0; k < r.out.ctr->ctr1.count; k++) { + if (strcasecmp_m(r.out.ctr->ctr1.array[k].netbios_name, torture_join_netbios_name(priv->join)) == 0) { found = true; break; @@ -129,11 +136,11 @@ static bool test_DsGetDomainControllerInfo(struct dcerpc_pipe *p, struct torture } break; case 2: - for (k=0; k < r.out.ctr.ctr2.count; k++) { - if (strcasecmp_m(r.out.ctr.ctr2.array[k].netbios_name, + for (k=0; k < r.out.ctr->ctr2.count; k++) { + if (strcasecmp_m(r.out.ctr->ctr2.array[k].netbios_name, torture_join_netbios_name(priv->join)) == 0) { found = true; - priv->dcinfo = r.out.ctr.ctr2.array[k]; + priv->dcinfo = r.out.ctr->ctr2.array[k]; break; } } @@ -146,12 +153,15 @@ static bool test_DsGetDomainControllerInfo(struct dcerpc_pipe *p, struct torture r.in.bind_handle = &priv->bind_handle; r.in.level = 1; - - r.in.req.req1.domain_name = "__UNKNOWN_DOMAIN__"; /* This is clearly ignored for this level */ - r.in.req.req1.level = -1; + + r.out.ctr = &ctr; + r.out.level_out = &level_out; + + r.in.req->req1.domain_name = "__UNKNOWN_DOMAIN__"; /* This is clearly ignored for this level */ + r.in.req->req1.level = -1; printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n", - r.in.req.req1.level, r.in.req.req1.domain_name); + r.in.req->req1.level, r.in.req->req1.domain_name); status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, torture, &r); @@ -164,8 +174,8 @@ static bool test_DsGetDomainControllerInfo(struct dcerpc_pipe *p, struct torture const char *dc_account = talloc_asprintf(torture, "%s\\%s$", torture_join_dom_netbios_name(priv->join), priv->dcinfo.netbios_name); - for (k=0; k < r.out.ctr.ctr01.count; k++) { - if (strcasecmp_m(r.out.ctr.ctr01.array[k].client_account, + for (k=0; k < r.out.ctr->ctr01.count; k++) { + if (strcasecmp_m(r.out.ctr->ctr01.array[k].client_account, dc_account)) { found = true; break; @@ -184,22 +194,29 @@ static bool test_DsWriteAccountSpn(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, { NTSTATUS status; struct drsuapi_DsWriteAccountSpn r; + union drsuapi_DsWriteAccountSpnRequest req; struct drsuapi_DsNameString names[2]; + union drsuapi_DsWriteAccountSpnResult res; + int32_t level_out; bool ret = true; r.in.bind_handle = &priv->bind_handle; r.in.level = 1; + r.in.req = &req; printf("testing DsWriteAccountSpn\n"); - r.in.req.req1.operation = DRSUAPI_DS_SPN_OPERATION_ADD; - r.in.req.req1.unknown1 = 0; - r.in.req.req1.object_dn = priv->dcinfo.computer_dn; - r.in.req.req1.count = 2; - r.in.req.req1.spn_names = names; + r.in.req->req1.operation = DRSUAPI_DS_SPN_OPERATION_ADD; + r.in.req->req1.unknown1 = 0; + r.in.req->req1.object_dn = priv->dcinfo.computer_dn; + r.in.req->req1.count = 2; + r.in.req->req1.spn_names = names; names[0].str = talloc_asprintf(mem_ctx, "smbtortureSPN/%s",priv->dcinfo.netbios_name); names[1].str = talloc_asprintf(mem_ctx, "smbtortureSPN/%s",priv->dcinfo.dns_name); + r.out.res = &res; + r.out.level_out = &level_out; + status = dcerpc_drsuapi_DsWriteAccountSpn(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { const char *errstr = nt_errstr(status); @@ -213,8 +230,8 @@ static bool test_DsWriteAccountSpn(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, ret = false; } - r.in.req.req1.operation = DRSUAPI_DS_SPN_OPERATION_DELETE; - r.in.req.req1.unknown1 = 0; + r.in.req->req1.operation = DRSUAPI_DS_SPN_OPERATION_DELETE; + r.in.req->req1.unknown1 = 0; status = dcerpc_drsuapi_DsWriteAccountSpn(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -237,6 +254,9 @@ static bool test_DsReplicaGetInfo(struct dcerpc_pipe *p, struct torture_context { NTSTATUS status; struct drsuapi_DsReplicaGetInfo r; + union drsuapi_DsReplicaGetInfoRequest req; + union drsuapi_DsReplicaInfo info; + enum drsuapi_DsReplicaInfoType info_type; bool ret = true; int i; struct { @@ -313,6 +333,7 @@ static bool test_DsReplicaGetInfo(struct dcerpc_pipe *p, struct torture_context } r.in.bind_handle = &priv->bind_handle; + r.in.req = &req; for (i=0; i < ARRAY_SIZE(array); i++) { const char *object_dn; @@ -325,21 +346,24 @@ static bool test_DsReplicaGetInfo(struct dcerpc_pipe *p, struct torture_context r.in.level = array[i].level; switch(r.in.level) { case DRSUAPI_DS_REPLICA_GET_INFO: - r.in.req.req1.info_type = array[i].infotype; - r.in.req.req1.object_dn = object_dn; - ZERO_STRUCT(r.in.req.req1.guid1); + r.in.req->req1.info_type = array[i].infotype; + r.in.req->req1.object_dn = object_dn; + ZERO_STRUCT(r.in.req->req1.guid1); break; case DRSUAPI_DS_REPLICA_GET_INFO2: - r.in.req.req2.info_type = array[i].infotype; - r.in.req.req2.object_dn = object_dn; - ZERO_STRUCT(r.in.req.req1.guid1); - r.in.req.req2.unknown1 = 0; - r.in.req.req2.string1 = NULL; - r.in.req.req2.string2 = NULL; - r.in.req.req2.unknown2 = 0; + r.in.req->req2.info_type = array[i].infotype; + r.in.req->req2.object_dn = object_dn; + ZERO_STRUCT(r.in.req->req2.guid1); + r.in.req->req2.unknown1 = 0; + r.in.req->req2.string1 = NULL; + r.in.req->req2.string2 = NULL; + r.in.req->req2.unknown2 = 0; break; } + r.out.info = &info; + r.out.info_type = &info_type; + status = dcerpc_drsuapi_DsReplicaGetInfo(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { const char *errstr = nt_errstr(status); @@ -501,9 +525,12 @@ static bool test_DsGetNCChanges(struct dcerpc_pipe *p, struct torture_context *t bool ret = true; int i; struct drsuapi_DsGetNCChanges r; + union drsuapi_DsGetNCChangesRequest req; + union drsuapi_DsGetNCChangesCtr ctr; struct drsuapi_DsReplicaObjectIdentifier nc; struct GUID null_guid; struct dom_sid null_sid; + int32_t level_out; struct { int32_t level; } array[] = { @@ -528,29 +555,32 @@ static bool test_DsGetNCChanges(struct dcerpc_pipe *p, struct torture_context *t array[i].level); r.in.bind_handle = &priv->bind_handle; - r.in.level = &array[i].level; + r.in.level = array[i].level; + r.out.level_out = &level_out; + r.out.ctr = &ctr; - switch (*r.in.level) { + switch (r.in.level) { case 5: nc.guid = null_guid; nc.sid = null_sid; nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:""; - r.in.req.req5.destination_dsa_guid = GUID_random(); - r.in.req.req5.source_dsa_invocation_id = null_guid; - r.in.req.req5.naming_context = &nc; - r.in.req.req5.highwatermark.tmp_highest_usn = 0; - r.in.req.req5.highwatermark.reserved_usn = 0; - r.in.req.req5.highwatermark.highest_usn = 0; - r.in.req.req5.uptodateness_vector = NULL; - r.in.req.req5.replica_flags = 0; + r.in.req = &req; + r.in.req->req5.destination_dsa_guid = GUID_random(); + r.in.req->req5.source_dsa_invocation_id = null_guid; + r.in.req->req5.naming_context = &nc; + r.in.req->req5.highwatermark.tmp_highest_usn = 0; + r.in.req->req5.highwatermark.reserved_usn = 0; + r.in.req->req5.highwatermark.highest_usn = 0; + r.in.req->req5.uptodateness_vector = NULL; + r.in.req->req5.replica_flags = 0; if (lp_parm_bool(tctx->lp_ctx, NULL, "drsuapi","compression", false)) { - r.in.req.req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES; + r.in.req->req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES; } - r.in.req.req5.max_object_count = 0; - r.in.req.req5.max_ndr_size = 0; - r.in.req.req5.extended_op = DRSUAPI_EXOP_NONE; - r.in.req.req5.fsmo_info = 0; + r.in.req->req5.max_object_count = 0; + r.in.req->req5.max_ndr_size = 0; + r.in.req->req5.extended_op = DRSUAPI_EXOP_NONE; + r.in.req->req5.fsmo_info = 0; break; case 8: @@ -558,33 +588,34 @@ static bool test_DsGetNCChanges(struct dcerpc_pipe *p, struct torture_context *t nc.sid = null_sid; nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:""; - r.in.req.req8.destination_dsa_guid = GUID_random(); - r.in.req.req8.source_dsa_invocation_id = null_guid; - r.in.req.req8.naming_context = &nc; - r.in.req.req8.highwatermark.tmp_highest_usn = 0; - r.in.req.req8.highwatermark.reserved_usn = 0; - r.in.req.req8.highwatermark.highest_usn = 0; - r.in.req.req8.uptodateness_vector = NULL; - r.in.req.req8.replica_flags = 0; + r.in.req = &req; + r.in.req->req8.destination_dsa_guid = GUID_random(); + r.in.req->req8.source_dsa_invocation_id = null_guid; + r.in.req->req8.naming_context = &nc; + r.in.req->req8.highwatermark.tmp_highest_usn = 0; + r.in.req->req8.highwatermark.reserved_usn = 0; + r.in.req->req8.highwatermark.highest_usn = 0; + r.in.req->req8.uptodateness_vector = NULL; + r.in.req->req8.replica_flags = 0; if (lp_parm_bool(tctx->lp_ctx, NULL, "drsuapi", "compression", false)) { - r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES; + r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES; } if (lp_parm_bool(tctx->lp_ctx, NULL, "drsuapi", "neighbour_writeable", true)) { - r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE; + r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE; } - r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP + r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP | DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS | DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS | DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED ; - r.in.req.req8.max_object_count = 402; - r.in.req.req8.max_ndr_size = 402116; - r.in.req.req8.extended_op = DRSUAPI_EXOP_NONE; - r.in.req.req8.fsmo_info = 0; - r.in.req.req8.partial_attribute_set = NULL; - r.in.req.req8.partial_attribute_set_ex = NULL; - r.in.req.req8.mapping_ctr.num_mappings = 0; - r.in.req.req8.mapping_ctr.mappings = NULL; + r.in.req->req8.max_object_count = 402; + r.in.req->req8.max_ndr_size = 402116; + r.in.req->req8.extended_op = DRSUAPI_EXOP_NONE; + r.in.req->req8.fsmo_info = 0; + r.in.req->req8.partial_attribute_set = NULL; + r.in.req->req8.partial_attribute_set_ex = NULL; + r.in.req->req8.mapping_ctr.num_mappings = 0; + r.in.req->req8.mapping_ctr.mappings = NULL; break; } @@ -611,20 +642,23 @@ bool test_QuerySitesByCost(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, { NTSTATUS status; struct drsuapi_QuerySitesByCost r; + union drsuapi_QuerySitesByCostRequest req; bool ret = true; const char *my_site = "Default-First-Site-Name"; const char *remote_site1 = "smbtorture-nonexisting-site1"; const char *remote_site2 = "smbtorture-nonexisting-site2"; + req.req1.site_from = talloc_strdup(mem_ctx, my_site); + req.req1.num_req = 2; + req.req1.site_to = talloc_zero_array(mem_ctx, const char *, 2); + req.req1.site_to[0] = talloc_strdup(mem_ctx, remote_site1); + req.req1.site_to[1] = talloc_strdup(mem_ctx, remote_site2); + req.req1.flags = 0; + r.in.bind_handle = &priv->bind_handle; r.in.level = 1; - r.in.req.req1.site_from = talloc_strdup(mem_ctx, my_site); - r.in.req.req1.num_req = 2; - r.in.req.req1.site_to = talloc_zero_array(mem_ctx, const char *, r.in.req.req1.num_req); - r.in.req.req1.site_to[0] = talloc_strdup(mem_ctx, remote_site1); - r.in.req.req1.site_to[1] = talloc_strdup(mem_ctx, remote_site2); - r.in.req.req1.flags = 0; + r.in.req = &req; status = dcerpc_drsuapi_QuerySitesByCost(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -641,17 +675,17 @@ bool test_QuerySitesByCost(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, if (W_ERROR_IS_OK(r.out.result)) { - if (!W_ERROR_EQUAL(r.out.ctr.ctr1.info[0].error_code, WERR_DS_OBJ_NOT_FOUND) || - !W_ERROR_EQUAL(r.out.ctr.ctr1.info[1].error_code, WERR_DS_OBJ_NOT_FOUND)) { + if (!W_ERROR_EQUAL(r.out.ctr->ctr1.info[0].error_code, WERR_DS_OBJ_NOT_FOUND) || + !W_ERROR_EQUAL(r.out.ctr->ctr1.info[1].error_code, WERR_DS_OBJ_NOT_FOUND)) { printf("expected error_code WERR_DS_OBJ_NOT_FOUND, got %s\n", - win_errstr(r.out.ctr.ctr1.info[0].error_code)); + win_errstr(r.out.ctr->ctr1.info[0].error_code)); ret = false; } - if ((r.out.ctr.ctr1.info[0].site_cost != (uint32_t) -1) || - (r.out.ctr.ctr1.info[1].site_cost != (uint32_t) -1)) { + if ((r.out.ctr->ctr1.info[0].site_cost != (uint32_t) -1) || + (r.out.ctr->ctr1.info[1].site_cost != (uint32_t) -1)) { printf("expected site_cost %d, got %d\n", - (uint32_t) -1, r.out.ctr.ctr1.info[0].site_cost); + (uint32_t) -1, r.out.ctr->ctr1.info[0].site_cost); ret = false; } } diff --git a/source4/torture/rpc/drsuapi_cracknames.c b/source4/torture/rpc/drsuapi_cracknames.c index fbda69df57..dabd4125c7 100644 --- a/source4/torture/rpc/drsuapi_cracknames.c +++ b/source4/torture/rpc/drsuapi_cracknames.c @@ -38,7 +38,12 @@ static bool test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, NTSTATUS status; bool ret = true; struct drsuapi_DsCrackNames r; + union drsuapi_DsNameRequest req; + int32_t level_out; + union drsuapi_DsNameCtr ctr; + enum drsuapi_DsNameFormat formats[] = { + DRSUAPI_DS_NAME_FORMAT_UNKNOWN, DRSUAPI_DS_NAME_FORMAT_FQDN_1779, DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT, DRSUAPI_DS_NAME_FORMAT_DISPLAY, @@ -59,17 +64,21 @@ static bool test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, ZERO_STRUCT(r); r.in.bind_handle = &priv->bind_handle; r.in.level = 1; - r.in.req.req1.codepage = 1252; /* german */ - r.in.req.req1.language = 0x00000407; /* german */ - r.in.req.req1.count = 1; - r.in.req.req1.names = names; - r.in.req.req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS; + r.in.req = &req; + r.in.req->req1.codepage = 1252; /* german */ + r.in.req->req1.language = 0x00000407; /* german */ + r.in.req->req1.count = 1; + r.in.req->req1.names = names; + r.in.req->req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS; + + r.out.level_out = &level_out; + r.out.ctr = &ctr; n_matrix[0][0] = dn; for (i = 0; i < ARRAY_SIZE(formats); i++) { - r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779; - r.in.req.req1.format_desired = formats[i]; + r.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779; + r.in.req->req1.format_desired = formats[i]; names[0].str = dn; status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -78,13 +87,13 @@ static bool test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, errstr = dcerpc_errstr(mem_ctx, p->last_fault_code); } printf("testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d ", - names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired); + names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired); printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr); ret = false; } else if (!W_ERROR_IS_OK(r.out.result)) { printf("testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d ", - names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired); + names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired); printf("DsCrackNames failed - %s\n", win_errstr(r.out.result)); ret = false; @@ -95,33 +104,33 @@ static bool test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, } switch (formats[i]) { case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL: - if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE) { + if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE) { printf(__location__ ": Unexpected error (%d): This name lookup should fail\n", - r.out.ctr.ctr1->array[0].status); + r.out.ctr->ctr1->array[0].status); return false; } printf ("(expected) error\n"); break; case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL: - if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NO_MAPPING) { + if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NO_MAPPING) { printf(__location__ ": Unexpected error (%d): This name lookup should fail\n", - r.out.ctr.ctr1->array[0].status); + r.out.ctr->ctr1->array[0].status); return false; } printf ("(expected) error\n"); break; case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN: case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY: - if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR) { + if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR) { printf(__location__ ": Unexpected error (%d): This name lookup should fail\n", - r.out.ctr.ctr1->array[0].status); + r.out.ctr->ctr1->array[0].status); return false; } printf ("(expected) error\n"); break; default: - if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { - printf("Error: %d\n", r.out.ctr.ctr1->array[0].status); + if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { + printf("Error: %d\n", r.out.ctr->ctr1->array[0].status); return false; } } @@ -138,15 +147,15 @@ static bool test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, n_from[i] = NULL; break; default: - n_from[i] = r.out.ctr.ctr1->array[0].result_name; + n_from[i] = r.out.ctr->ctr1->array[0].result_name; printf("%s\n", n_from[i]); } } for (i = 0; i < ARRAY_SIZE(formats); i++) { for (j = 0; j < ARRAY_SIZE(formats); j++) { - r.in.req.req1.format_offered = formats[i]; - r.in.req.req1.format_desired = formats[j]; + r.in.req->req1.format_offered = formats[i]; + r.in.req->req1.format_desired = formats[j]; if (!n_from[i]) { n_matrix[i][j] = NULL; continue; @@ -159,11 +168,11 @@ static bool test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, errstr = dcerpc_errstr(mem_ctx, p->last_fault_code); } printf("testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s", - names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired, errstr); + names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired, errstr); ret = false; } else if (!W_ERROR_IS_OK(r.out.result)) { printf("testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s", - names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired, + names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired, win_errstr(r.out.result)); ret = false; } @@ -171,8 +180,8 @@ static bool test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, if (!ret) { return ret; } - if (r.out.ctr.ctr1->array[0].status == DRSUAPI_DS_NAME_STATUS_OK) { - n_matrix[i][j] = r.out.ctr.ctr1->array[0].result_name; + if (r.out.ctr->ctr1->array[0].status == DRSUAPI_DS_NAME_STATUS_OK) { + n_matrix[i][j] = r.out.ctr->ctr1->array[0].result_name; } else { n_matrix[i][j] = NULL; } @@ -210,6 +219,9 @@ bool test_DsCrackNames(struct torture_context *tctx, { NTSTATUS status; struct drsuapi_DsCrackNames r; + union drsuapi_DsNameRequest req; + int32_t level_out; + union drsuapi_DsNameCtr ctr; struct drsuapi_DsNameString names[1]; bool ret = true; const char *dns_domain; @@ -232,21 +244,25 @@ bool test_DsCrackNames(struct torture_context *tctx, ZERO_STRUCT(r); r.in.bind_handle = &priv->bind_handle; r.in.level = 1; - r.in.req.req1.codepage = 1252; /* german */ - r.in.req.req1.language = 0x00000407; /* german */ - r.in.req.req1.count = 1; - r.in.req.req1.names = names; - r.in.req.req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS; + r.in.req = &req; + r.in.req->req1.codepage = 1252; /* german */ + r.in.req->req1.language = 0x00000407; /* german */ + r.in.req->req1.count = 1; + r.in.req->req1.names = names; + r.in.req->req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS; + + r.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY; + r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT; - r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY; - r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT; + r.out.level_out = &level_out; + r.out.ctr = &ctr; dom_sid = dom_sid_string(mem_ctx, torture_join_sid(priv->join)); names[0].str = dom_sid; printf("testing DsCrackNames with name '%s' desired format:%d\n", - names[0].str, r.in.req.req1.format_desired); + names[0].str, r.in.req->req1.format_desired); status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -259,8 +275,8 @@ bool test_DsCrackNames(struct torture_context *tctx, } else if (!W_ERROR_IS_OK(r.out.result)) { printf("DsCrackNames failed - %s\n", win_errstr(r.out.result)); ret = false; - } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { - printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status); + } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { + printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status); ret = false; } @@ -268,13 +284,13 @@ bool test_DsCrackNames(struct torture_context *tctx, return ret; } - dns_domain = r.out.ctr.ctr1->array[0].dns_domain_name; - nt4_domain = r.out.ctr.ctr1->array[0].result_name; + dns_domain = r.out.ctr->ctr1->array[0].dns_domain_name; + nt4_domain = r.out.ctr->ctr1->array[0].result_name; - r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_GUID; + r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_GUID; printf("testing DsCrackNames with name '%s' desired format:%d\n", - names[0].str, r.in.req.req1.format_desired); + names[0].str, r.in.req->req1.format_desired); status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -287,8 +303,8 @@ bool test_DsCrackNames(struct torture_context *tctx, } else if (!W_ERROR_IS_OK(r.out.result)) { printf("DsCrackNames failed - %s\n", win_errstr(r.out.result)); ret = false; - } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { - printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status); + } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { + printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status); ret = false; } @@ -296,14 +312,14 @@ bool test_DsCrackNames(struct torture_context *tctx, return ret; } - priv->domain_dns_name = r.out.ctr.ctr1->array[0].dns_domain_name; - priv->domain_guid_str = r.out.ctr.ctr1->array[0].result_name; + priv->domain_dns_name = r.out.ctr->ctr1->array[0].dns_domain_name; + priv->domain_guid_str = r.out.ctr->ctr1->array[0].result_name; GUID_from_string(priv->domain_guid_str, &priv->domain_guid); - r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779; + r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779; printf("testing DsCrackNames with name '%s' desired format:%d\n", - names[0].str, r.in.req.req1.format_desired); + names[0].str, r.in.req->req1.format_desired); status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -316,8 +332,8 @@ bool test_DsCrackNames(struct torture_context *tctx, } else if (!W_ERROR_IS_OK(r.out.result)) { printf("DsCrackNames failed - %s\n", win_errstr(r.out.result)); ret = false; - } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { - printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status); + } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { + printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status); ret = false; } @@ -327,7 +343,7 @@ bool test_DsCrackNames(struct torture_context *tctx, ldb = ldb_init(mem_ctx, tctx->ev); - realm_dn_str = r.out.ctr.ctr1->array[0].result_name; + realm_dn_str = r.out.ctr->ctr1->array[0].result_name; realm_dn = ldb_dn_new(mem_ctx, ldb, realm_dn_str); realm_canonical = ldb_dn_canonical_string(mem_ctx, realm_dn); @@ -349,12 +365,12 @@ bool test_DsCrackNames(struct torture_context *tctx, return false; }; - r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT; - r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779; + r.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT; + r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779; names[0].str = nt4_domain; printf("testing DsCrackNames with name '%s' desired format:%d\n", - names[0].str, r.in.req.req1.format_desired); + names[0].str, r.in.req->req1.format_desired); status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -367,8 +383,8 @@ bool test_DsCrackNames(struct torture_context *tctx, } else if (!W_ERROR_IS_OK(r.out.result)) { printf("DsCrackNames failed - %s\n", win_errstr(r.out.result)); ret = false; - } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { - printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status); + } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { + printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status); ret = false; } @@ -376,14 +392,14 @@ bool test_DsCrackNames(struct torture_context *tctx, return ret; } - priv->domain_obj_dn = r.out.ctr.ctr1->array[0].result_name; + priv->domain_obj_dn = r.out.ctr->ctr1->array[0].result_name; - r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT; - r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779; + r.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT; + r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779; names[0].str = talloc_asprintf(mem_ctx, "%s%s$", nt4_domain, test_dc); printf("testing DsCrackNames with name '%s' desired format:%d\n", - names[0].str, r.in.req.req1.format_desired); + names[0].str, r.in.req->req1.format_desired); status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -396,8 +412,8 @@ bool test_DsCrackNames(struct torture_context *tctx, } else if (!W_ERROR_IS_OK(r.out.result)) { printf("DsCrackNames failed - %s\n", win_errstr(r.out.result)); ret = false; - } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { - printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status); + } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { + printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status); ret = false; } @@ -405,14 +421,14 @@ bool test_DsCrackNames(struct torture_context *tctx, return ret; } - FQDN_1779_name = r.out.ctr.ctr1->array[0].result_name; + FQDN_1779_name = r.out.ctr->ctr1->array[0].result_name; - r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID; - r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779; + r.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID; + r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779; names[0].str = priv->domain_guid_str; printf("testing DsCrackNames with name '%s' desired format:%d\n", - names[0].str, r.in.req.req1.format_desired); + names[0].str, r.in.req->req1.format_desired); status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -425,8 +441,8 @@ bool test_DsCrackNames(struct torture_context *tctx, } else if (!W_ERROR_IS_OK(r.out.result)) { printf("DsCrackNames failed - %s\n", win_errstr(r.out.result)); ret = false; - } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { - printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status); + } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) { + printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status); ret = false; } @@ -434,8 +450,8 @@ bool test_DsCrackNames(struct torture_context *tctx, return ret; } - if (strcmp(priv->domain_dns_name, r.out.ctr.ctr1->array[0].dns_domain_name) != 0) { - printf("DsCrackNames failed to return same DNS name - expected %s got %s\n", priv->domain_dns_name, r.out.ctr.ctr1->array[0].dns_domain_name); + if (strcmp(priv->domain_dns_name, r.out.ctr->ctr1->array[0].dns_domain_name) != 0) { + printf("DsCrackNames failed to return same DNS name - expected %s got %s\n", priv->domain_dns_name, r.out.ctr->ctr1->array[0].dns_domain_name); return false; } @@ -919,17 +935,17 @@ bool test_DsCrackNames(struct torture_context *tctx, for (i=0; i < ARRAY_SIZE(crack); i++) { const char *comment; - r.in.req.req1.format_flags = crack[i].flags; - r.in.req.req1.format_offered = crack[i].format_offered; - r.in.req.req1.format_desired = crack[i].format_desired; + r.in.req->req1.format_flags = crack[i].flags; + r.in.req->req1.format_offered = crack[i].format_offered; + r.in.req->req1.format_desired = crack[i].format_desired; names[0].str = crack[i].str; if (crack[i].comment) { comment = talloc_asprintf(mem_ctx, "'%s' with name '%s' desired format:%d\n", - crack[i].comment, names[0].str, r.in.req.req1.format_desired); + crack[i].comment, names[0].str, r.in.req->req1.format_desired); } else { comment = talloc_asprintf(mem_ctx, "'%s' desired format:%d\n", - names[0].str, r.in.req.req1.format_desired); + names[0].str, r.in.req->req1.format_desired); } if (crack[i].skip) { printf("skipping: %s", comment); @@ -946,11 +962,11 @@ bool test_DsCrackNames(struct torture_context *tctx, } else if (!W_ERROR_IS_OK(r.out.result)) { printf("DsCrackNames failed - %s\n", win_errstr(r.out.result)); ret = false; - } else if (r.out.ctr.ctr1->array[0].status != crack[i].status) { + } else if (r.out.ctr->ctr1->array[0].status != crack[i].status) { if (crack[i].alternate_status) { - if (r.out.ctr.ctr1->array[0].status != crack[i].alternate_status) { + if (r.out.ctr->ctr1->array[0].status != crack[i].alternate_status) { printf("DsCrackNames unexpected status %d, wanted %d or %d on: %s\n", - r.out.ctr.ctr1->array[0].status, + r.out.ctr->ctr1->array[0].status, crack[i].status, crack[i].alternate_status, comment); @@ -958,30 +974,30 @@ bool test_DsCrackNames(struct torture_context *tctx, } } else { printf("DsCrackNames unexpected status %d, wanted %d on: %s\n", - r.out.ctr.ctr1->array[0].status, + r.out.ctr->ctr1->array[0].status, crack[i].status, comment); ret = false; } } else if (crack[i].expected_str - && (strcmp(r.out.ctr.ctr1->array[0].result_name, + && (strcmp(r.out.ctr->ctr1->array[0].result_name, crack[i].expected_str) != 0)) { - if (strcasecmp(r.out.ctr.ctr1->array[0].result_name, + if (strcasecmp(r.out.ctr->ctr1->array[0].result_name, crack[i].expected_str) != 0) { printf("DsCrackNames failed - got %s, expected %s on %s\n", - r.out.ctr.ctr1->array[0].result_name, + r.out.ctr->ctr1->array[0].result_name, crack[i].expected_str, comment); ret = false; } else { printf("(warning) DsCrackNames returned different case - got %s, expected %s on %s\n", - r.out.ctr.ctr1->array[0].result_name, + r.out.ctr->ctr1->array[0].result_name, crack[i].expected_str, comment); } } else if (crack[i].expected_dns - && (strcmp(r.out.ctr.ctr1->array[0].dns_domain_name, + && (strcmp(r.out.ctr->ctr1->array[0].dns_domain_name, crack[i].expected_dns) != 0)) { printf("DsCrackNames failed - got DNS name %s, expected %s on %s\n", - r.out.ctr.ctr1->array[0].result_name, + r.out.ctr->ctr1->array[0].result_name, crack[i].expected_str, comment); ret = false; } diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c index e9346f9605..bee2658816 100644 --- a/source4/torture/rpc/dssync.c +++ b/source4/torture/rpc/dssync.c @@ -29,7 +29,7 @@ #include "torture/torture.h" #include "torture/ldap/proto.h" #include "libcli/auth/libcli_auth.h" -#include "lib/crypto/crypto.h" +#include "../lib/crypto/crypto.h" #include "auth/credentials/credentials.h" #include "libcli/auth/libcli_auth.h" #include "auth/gensec/gensec.h" @@ -265,6 +265,9 @@ static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx) { NTSTATUS status; struct drsuapi_DsCrackNames r; + union drsuapi_DsNameRequest req; + union drsuapi_DsNameCtr ctr; + int32_t level_out = 0; struct drsuapi_DsNameString names[1]; bool ret = true; struct cldap_socket *cldap; @@ -274,15 +277,19 @@ static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx) r.in.bind_handle = &ctx->admin.drsuapi.bind_handle; r.in.level = 1; - r.in.req.req1.codepage = 1252; /* western european */ - r.in.req.req1.language = 0x00000407; /* german */ - r.in.req.req1.count = 1; - r.in.req.req1.names = names; - r.in.req.req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS; - r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT; - r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779; + r.in.req = &req; + r.in.req->req1.codepage = 1252; /* western european */ + r.in.req->req1.language = 0x00000407; /* german */ + r.in.req->req1.count = 1; + r.in.req->req1.names = names; + r.in.req->req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS; + r.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT; + r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779; names[0].str = talloc_asprintf(ctx, "%s\\", lp_workgroup(tctx->lp_ctx)); + r.out.level_out = &level_out; + r.out.ctr = &ctr; + status = dcerpc_drsuapi_DsCrackNames(ctx->admin.drsuapi.pipe, ctx, &r); if (!NT_STATUS_IS_OK(status)) { const char *errstr = nt_errstr(status); @@ -296,7 +303,7 @@ static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx) return false; } - ctx->domain_dn = r.out.ctr.ctr1->array[0].result_name; + ctx->domain_dn = r.out.ctr->ctr1->array[0].result_name; ZERO_STRUCT(search); search.in.dest_address = ctx->drsuapi_binding->host; @@ -310,14 +317,14 @@ static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx) ctx->site_name = talloc_asprintf(ctx, "%s", "Default-First-Site-Name"); printf("cldap_netlogon() returned %s. Defaulting to Site-Name: %s\n", errstr, ctx->site_name); } else { - ctx->site_name = talloc_steal(ctx, search.out.netlogon.nt5_ex.client_site); + ctx->site_name = talloc_steal(ctx, search.out.netlogon.data.nt5_ex.client_site); printf("cldap_netlogon() returned Client Site-Name: %s.\n",ctx->site_name); - printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.nt5_ex.server_site); + printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.data.nt5_ex.server_site); } if (!ctx->domain_dn) { struct ldb_context *ldb = ldb_init(ctx, tctx->ev); - struct ldb_dn *dn = samdb_dns_domain_to_dn(ldb, ctx, search.out.netlogon.nt5_ex.dns_domain); + struct ldb_dn *dn = samdb_dns_domain_to_dn(ldb, ctx, search.out.netlogon.data.nt5_ex.dns_domain); ctx->domain_dn = ldb_dn_alloc_linearized(ctx, dn); talloc_free(dn); talloc_free(ldb); @@ -592,6 +599,7 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx) uint64_t highest_usn = 0; const char *partition = NULL; struct drsuapi_DsGetNCChanges r; + union drsuapi_DsGetNCChangesRequest req; struct drsuapi_DsReplicaObjectIdentifier nc; struct drsuapi_DsGetNCChangesCtr1 *ctr1 = NULL; struct drsuapi_DsGetNCChangesCtr6 *ctr6 = NULL; @@ -642,37 +650,38 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx) array[i].level); r.in.bind_handle = &ctx->new_dc.drsuapi.bind_handle; - r.in.level = &array[i].level; + r.in.level = array[i].level; - switch (*r.in.level) { + switch (r.in.level) { case 5: nc.guid = null_guid; nc.sid = null_sid; nc.dn = partition; - r.in.req.req5.destination_dsa_guid = ctx->new_dc.invocation_id; - r.in.req.req5.source_dsa_invocation_id = null_guid; - r.in.req.req5.naming_context = &nc; - r.in.req.req5.highwatermark.tmp_highest_usn = highest_usn; - r.in.req.req5.highwatermark.reserved_usn = 0; - r.in.req.req5.highwatermark.highest_usn = highest_usn; - r.in.req.req5.uptodateness_vector = NULL; - r.in.req.req5.replica_flags = 0; + r.in.req = &req; + r.in.req->req5.destination_dsa_guid = ctx->new_dc.invocation_id; + r.in.req->req5.source_dsa_invocation_id = null_guid; + r.in.req->req5.naming_context = &nc; + r.in.req->req5.highwatermark.tmp_highest_usn = highest_usn; + r.in.req->req5.highwatermark.reserved_usn = 0; + r.in.req->req5.highwatermark.highest_usn = highest_usn; + r.in.req->req5.uptodateness_vector = NULL; + r.in.req->req5.replica_flags = 0; if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "compression", false)) { - r.in.req.req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES; + r.in.req->req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES; } if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "neighbour_writeable", true)) { - r.in.req.req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE; + r.in.req->req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE; } - r.in.req.req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP + r.in.req->req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP | DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS | DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS | DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED ; - r.in.req.req5.max_object_count = 133; - r.in.req.req5.max_ndr_size = 1336770; - r.in.req.req5.extended_op = DRSUAPI_EXOP_NONE; - r.in.req.req5.fsmo_info = 0; + r.in.req->req5.max_object_count = 133; + r.in.req->req5.max_ndr_size = 1336770; + r.in.req->req5.extended_op = DRSUAPI_EXOP_NONE; + r.in.req->req5.fsmo_info = 0; break; case 8: @@ -680,35 +689,36 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx) nc.sid = null_sid; nc.dn = partition; /* nc.dn can be set to any other ad partition */ - - r.in.req.req8.destination_dsa_guid = ctx->new_dc.invocation_id; - r.in.req.req8.source_dsa_invocation_id = null_guid; - r.in.req.req8.naming_context = &nc; - r.in.req.req8.highwatermark.tmp_highest_usn = highest_usn; - r.in.req.req8.highwatermark.reserved_usn = 0; - r.in.req.req8.highwatermark.highest_usn = highest_usn; - r.in.req.req8.uptodateness_vector = NULL; - r.in.req.req8.replica_flags = 0; + + r.in.req = &req; + r.in.req->req8.destination_dsa_guid = ctx->new_dc.invocation_id; + r.in.req->req8.source_dsa_invocation_id = null_guid; + r.in.req->req8.naming_context = &nc; + r.in.req->req8.highwatermark.tmp_highest_usn = highest_usn; + r.in.req->req8.highwatermark.reserved_usn = 0; + r.in.req->req8.highwatermark.highest_usn = highest_usn; + r.in.req->req8.uptodateness_vector = NULL; + r.in.req->req8.replica_flags = 0; if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "compression", false)) { - r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES; + r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES; } if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "neighbour_writeable", true)) { - r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE; + r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE; } - r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP + r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP | DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS | DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS | DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED ; - r.in.req.req8.max_object_count = 402; - r.in.req.req8.max_ndr_size = 402116; + r.in.req->req8.max_object_count = 402; + r.in.req->req8.max_ndr_size = 402116; - r.in.req.req8.extended_op = DRSUAPI_EXOP_NONE; - r.in.req.req8.fsmo_info = 0; - r.in.req.req8.partial_attribute_set = NULL; - r.in.req.req8.partial_attribute_set_ex = NULL; - r.in.req.req8.mapping_ctr.num_mappings = 0; - r.in.req.req8.mapping_ctr.mappings = NULL; + r.in.req->req8.extended_op = DRSUAPI_EXOP_NONE; + r.in.req->req8.fsmo_info = 0; + r.in.req->req8.partial_attribute_set = NULL; + r.in.req->req8.partial_attribute_set_ex = NULL; + r.in.req->req8.mapping_ctr.num_mappings = 0; + r.in.req->req8.mapping_ctr.mappings = NULL; break; } @@ -716,19 +726,23 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx) printf("Dumping AD partition: %s\n", nc.dn); for (y=0; ;y++) { int32_t _level = 0; + union drsuapi_DsGetNCChangesCtr ctr; + ZERO_STRUCT(r.out); - r.out.level = &_level; - if (*r.in.level == 5) { + r.out.level_out = &_level; + r.out.ctr = &ctr; + + if (r.in.level == 5) { DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y, - (long long)r.in.req.req5.highwatermark.tmp_highest_usn, - (long long)r.in.req.req5.highwatermark.highest_usn)); + (long long)r.in.req->req5.highwatermark.tmp_highest_usn, + (long long)r.in.req->req5.highwatermark.highest_usn)); } - if (*r.in.level == 8) { + if (r.in.level == 8) { DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y, - (long long)r.in.req.req8.highwatermark.tmp_highest_usn, - (long long)r.in.req.req8.highwatermark.highest_usn)); + (long long)r.in.req->req8.highwatermark.tmp_highest_usn, + (long long)r.in.req->req8.highwatermark.highest_usn)); } status = dcerpc_drsuapi_DsGetNCChanges(ctx->new_dc.drsuapi.pipe, ctx, &r); @@ -744,13 +758,13 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx) ret = false; } - if (ret == true && *r.out.level == 1) { + if (ret == true && *r.out.level_out == 1) { out_level = 1; - ctr1 = &r.out.ctr.ctr1; - } else if (ret == true && *r.out.level == 2 && - r.out.ctr.ctr2.mszip1.ts) { + ctr1 = &r.out.ctr->ctr1; + } else if (ret == true && *r.out.level_out == 2 && + r.out.ctr->ctr2.mszip1.ts) { out_level = 1; - ctr1 = &r.out.ctr.ctr2.mszip1.ts->ctr1; + ctr1 = &r.out.ctr->ctr2.mszip1.ts->ctr1; } if (out_level == 1) { @@ -761,26 +775,26 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx) test_analyse_objects(tctx, ctx, &gensec_skey, ctr1->first_object); if (ctr1->more_data) { - r.in.req.req5.highwatermark = ctr1->new_highwatermark; + r.in.req->req5.highwatermark = ctr1->new_highwatermark; continue; } } - if (ret == true && *r.out.level == 6) { + if (ret == true && *r.out.level_out == 6) { out_level = 6; - ctr6 = &r.out.ctr.ctr6; - } else if (ret == true && *r.out.level == 7 - && r.out.ctr.ctr7.level == 6 - && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP - && r.out.ctr.ctr7.ctr.mszip6.ts) { + ctr6 = &r.out.ctr->ctr6; + } else if (ret == true && *r.out.level_out == 7 + && r.out.ctr->ctr7.level == 6 + && r.out.ctr->ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP + && r.out.ctr->ctr7.ctr.mszip6.ts) { out_level = 6; - ctr6 = &r.out.ctr.ctr7.ctr.mszip6.ts->ctr6; - } else if (ret == true && *r.out.level == 7 - && r.out.ctr.ctr7.level == 6 - && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_XPRESS - && r.out.ctr.ctr7.ctr.xpress6.ts) { + ctr6 = &r.out.ctr->ctr7.ctr.mszip6.ts->ctr6; + } else if (ret == true && *r.out.level_out == 7 + && r.out.ctr->ctr7.level == 6 + && r.out.ctr->ctr7.type == DRSUAPI_COMPRESSION_TYPE_XPRESS + && r.out.ctr->ctr7.ctr.xpress6.ts) { out_level = 6; - ctr6 = &r.out.ctr.ctr7.ctr.xpress6.ts->ctr6; + ctr6 = &r.out.ctr->ctr7.ctr.xpress6.ts->ctr6; } if (out_level == 6) { @@ -791,7 +805,7 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx) test_analyse_objects(tctx, ctx, &gensec_skey, ctr6->first_object); if (ctr6->more_data) { - r.in.req.req8.highwatermark = ctr6->new_highwatermark; + r.in.req->req8.highwatermark = ctr6->new_highwatermark; continue; } } @@ -809,6 +823,9 @@ static bool test_FetchNT4Data(struct torture_context *tctx, NTSTATUS status; bool ret = true; struct drsuapi_DsGetNT4ChangeLog r; + union drsuapi_DsGetNT4ChangeLogRequest req; + union drsuapi_DsGetNT4ChangeLogInfo info; + int32_t level_out = 0; struct GUID null_guid; struct dom_sid null_sid; DATA_BLOB cookie; @@ -820,13 +837,17 @@ static bool test_FetchNT4Data(struct torture_context *tctx, ZERO_STRUCT(r); r.in.bind_handle = &ctx->new_dc.drsuapi.bind_handle; r.in.level = 1; + r.out.info = &info; + r.out.level_out = &level_out; - r.in.req.req1.unknown1 = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "nt4-1", 3); - r.in.req.req1.unknown2 = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "nt4-2", 0x00004000); + req.req1.unknown1 = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "nt4-1", 3); + req.req1.unknown2 = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "nt4-2", 0x00004000); while (1) { - r.in.req.req1.length = cookie.length; - r.in.req.req1.data = cookie.data; + req.req1.length = cookie.length; + req.req1.data = cookie.data; + + r.in.req = &req; status = dcerpc_drsuapi_DsGetNT4ChangeLog(ctx->new_dc.drsuapi.pipe, ctx, &r); if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) { @@ -845,16 +866,16 @@ static bool test_FetchNT4Data(struct torture_context *tctx, } else if (!W_ERROR_IS_OK(r.out.result)) { printf("DsGetNT4ChangeLog failed - %s\n", win_errstr(r.out.result)); ret = false; - } else if (r.out.level != 1) { - printf("DsGetNT4ChangeLog unknown level - %u\n", r.out.level); + } else if (*r.out.level_out != 1) { + printf("DsGetNT4ChangeLog unknown level - %u\n", *r.out.level_out); ret = false; - } else if (NT_STATUS_IS_OK(r.out.info.info1.status)) { - } else if (NT_STATUS_EQUAL(r.out.info.info1.status, STATUS_MORE_ENTRIES)) { - cookie.length = r.out.info.info1.length1; - cookie.data = r.out.info.info1.data1; + } else if (NT_STATUS_IS_OK(r.out.info->info1.status)) { + } else if (NT_STATUS_EQUAL(r.out.info->info1.status, STATUS_MORE_ENTRIES)) { + cookie.length = r.out.info->info1.length1; + cookie.data = r.out.info->info1.data1; continue; } else { - printf("DsGetNT4ChangeLog failed - %s\n", nt_errstr(r.out.info.info1.status)); + printf("DsGetNT4ChangeLog failed - %s\n", nt_errstr(r.out.info->info1.status)); ret = false; } diff --git a/source4/torture/rpc/eventlog.c b/source4/torture/rpc/eventlog.c index feeeb9330b..d5665ad07d 100644 --- a/source4/torture/rpc/eventlog.c +++ b/source4/torture/rpc/eventlog.c @@ -40,13 +40,16 @@ static bool get_policy_handle(struct torture_context *tctx, { struct eventlog_OpenEventLogW r; struct eventlog_OpenUnknown0 unknown0; + struct lsa_String logname, servername; unknown0.unknown0 = 0x005c; unknown0.unknown1 = 0x0001; r.in.unknown0 = &unknown0; - init_lsa_String(&r.in.logname, "dns server"); - init_lsa_String(&r.in.servername, NULL); + init_lsa_String(r.in.logname, "dns server"); + init_lsa_String(r.in.servername, NULL); + r.in.logname = &logname; + r.in.servername = &servername; r.in.unknown2 = 0x00000001; r.in.unknown3 = 0x00000001; r.out.handle = handle; @@ -205,7 +208,7 @@ static bool test_ClearEventLog(struct torture_context *tctx, return false; r.in.handle = &handle; - r.in.unknown = NULL; + r.in.backupfile = NULL; torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_ClearEventLogW(p, tctx, &r), diff --git a/source4/torture/rpc/initshutdown.c b/source4/torture/rpc/initshutdown.c index 92fec5be0c..149fae6c26 100644 --- a/source4/torture/rpc/initshutdown.c +++ b/source4/torture/rpc/initshutdown.c @@ -61,7 +61,7 @@ static bool test_Init(struct torture_context *tctx, init_lsa_StringLarge(r.in.message, "spottyfood"); r.in.force_apps = 1; r.in.timeout = 30; - r.in.reboot = 1; + r.in.do_reboot = 1; status = dcerpc_initshutdown_Init(p, tctx, &r); @@ -83,7 +83,7 @@ static bool test_InitEx(struct torture_context *tctx, init_lsa_StringLarge(r.in.message, "spottyfood"); r.in.force_apps = 1; r.in.timeout = 30; - r.in.reboot = 1; + r.in.do_reboot = 1; r.in.reason = 0; status = dcerpc_initshutdown_InitEx(p, tctx, &r); diff --git a/source4/torture/rpc/join.c b/source4/torture/rpc/join.c index 77da32d572..ee0c05360f 100644 --- a/source4/torture/rpc/join.c +++ b/source4/torture/rpc/join.c @@ -19,6 +19,7 @@ bool torture_rpc_join(struct torture_context *torture) struct smbcli_state *cli; const char *host = torture_setting_string(torture, "host", NULL); struct smbcli_options options; + struct smbcli_session_options session_options; /* Join domain as a member server. */ tj = torture_join_domain(torture, @@ -33,13 +34,14 @@ bool torture_rpc_join(struct torture_context *torture) } lp_smbcli_options(torture->lp_ctx, &options); + lp_smbcli_session_options(torture->lp_ctx, &session_options); status = smbcli_full_connection(tj, &cli, host, lp_smb_ports(torture->lp_ctx), "IPC$", NULL, machine_account, lp_resolve_context(torture->lp_ctx), - torture->ev, &options); + torture->ev, &options, &session_options); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("%s failed to connect to IPC$ with workstation credentials\n", TORTURE_NETBIOS_NAME)); @@ -65,7 +67,7 @@ bool torture_rpc_join(struct torture_context *torture) "IPC$", NULL, machine_account, lp_resolve_context(torture->lp_ctx), - torture->ev, &options); + torture->ev, &options, &session_options); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("%s failed to connect to IPC$ with workstation credentials\n", TORTURE_NETBIOS_NAME)); diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index a13a8d8818..69df965f19 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -29,7 +29,7 @@ #include "libcli/auth/libcli_auth.h" #include "torture/rpc/rpc.h" #include "param/param.h" -#include "lib/crypto/crypto.h" +#include "../lib/crypto/crypto.h" #define TEST_MACHINENAME "lsatestmach" static void init_lsa_String(struct lsa_String *name, const char *s) @@ -46,7 +46,7 @@ static bool test_OpenPolicy(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) NTSTATUS status; uint16_t system_name = '\\'; - printf("\ntesting OpenPolicy\n"); + printf("\nTesting OpenPolicy\n"); qos.len = 0; qos.impersonation_level = 2; @@ -88,7 +88,7 @@ bool test_lsa_OpenPolicy2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct lsa_OpenPolicy2 r; NTSTATUS status; - printf("\ntesting OpenPolicy2\n"); + printf("\nTesting OpenPolicy2\n"); *handle = talloc(mem_ctx, struct policy_handle); if (!*handle) { @@ -222,12 +222,13 @@ static bool test_LookupNames_bogus(struct dcerpc_pipe *p, NTSTATUS status; int i; - struct lsa_TranslatedName name; + struct lsa_TranslatedName name[2]; struct lsa_TransNameArray tnames; - tnames.names = &name; - tnames.count = 1; - name.name.string = "NT AUTHORITY\\BOGUS"; + tnames.names = name; + tnames.count = 2; + name[0].name.string = "NT AUTHORITY\\BOGUS"; + name[1].name.string = NULL; printf("\nTesting LookupNames with bogus names\n"); @@ -337,8 +338,8 @@ static bool test_LookupNames2(struct dcerpc_pipe *p, r.in.sids = &sids; r.in.level = 1; r.in.count = &count; - r.in.unknown1 = 0; - r.in.unknown2 = 0; + r.in.lookup_options = 0; + r.in.client_revision = 0; r.out.count = &count; r.out.sids = &sids; @@ -382,8 +383,8 @@ static bool test_LookupNames3(struct dcerpc_pipe *p, r.in.sids = &sids; r.in.level = 1; r.in.count = &count; - r.in.unknown1 = 0; - r.in.unknown2 = 0; + r.in.lookup_options = 0; + r.in.client_revision = 0; r.out.count = &count; r.out.sids = &sids; @@ -424,8 +425,8 @@ static bool test_LookupNames4(struct dcerpc_pipe *p, r.in.sids = &sids; r.in.level = 1; r.in.count = &count; - r.in.unknown1 = 0; - r.in.unknown2 = 0; + r.in.lookup_options = 0; + r.in.client_revision = 0; r.out.count = &count; r.out.sids = &sids; @@ -780,7 +781,7 @@ static bool test_LookupPrivName(struct dcerpc_pipe *p, } static bool test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + TALLOC_CTX *mem_ctx, struct policy_handle *handle, struct policy_handle *acct_handle, struct lsa_LUID *luid) @@ -790,7 +791,7 @@ static bool test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p, struct lsa_PrivilegeSet privs; bool ret = true; - printf("Testing RemovePrivilegesFromAccount\n"); + printf("\nTesting RemovePrivilegesFromAccount\n"); r.in.handle = acct_handle; r.in.remove_all = 0; @@ -830,7 +831,7 @@ static bool test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p, } static bool test_AddPrivilegesToAccount(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + TALLOC_CTX *mem_ctx, struct policy_handle *acct_handle, struct lsa_LUID *luid) { @@ -839,7 +840,7 @@ static bool test_AddPrivilegesToAccount(struct dcerpc_pipe *p, struct lsa_PrivilegeSet privs; bool ret = true; - printf("Testing AddPrivilegesToAccount\n"); + printf("\nTesting AddPrivilegesToAccount\n"); r.in.handle = acct_handle; r.in.privs = &privs; @@ -860,7 +861,7 @@ static bool test_AddPrivilegesToAccount(struct dcerpc_pipe *p, } static bool test_EnumPrivsAccount(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, + TALLOC_CTX *mem_ctx, struct policy_handle *handle, struct policy_handle *acct_handle) { @@ -868,7 +869,7 @@ static bool test_EnumPrivsAccount(struct dcerpc_pipe *p, struct lsa_EnumPrivsAccount r; bool ret = true; - printf("Testing EnumPrivsAccount\n"); + printf("\nTesting EnumPrivsAccount\n"); r.in.handle = acct_handle; @@ -894,6 +895,60 @@ static bool test_EnumPrivsAccount(struct dcerpc_pipe *p, return ret; } +static bool test_GetSystemAccessAccount(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + struct policy_handle *acct_handle) +{ + NTSTATUS status; + uint32_t access_mask; + struct lsa_GetSystemAccessAccount r; + + printf("\nTesting GetSystemAccessAccount\n"); + + r.in.handle = acct_handle; + r.out.access_mask = &access_mask; + + status = dcerpc_lsa_GetSystemAccessAccount(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("GetSystemAccessAccount failed - %s\n", nt_errstr(status)); + return false; + } + + if (r.out.access_mask != NULL) { + printf("Rights:"); + if (*(r.out.access_mask) & LSA_POLICY_MODE_INTERACTIVE) + printf(" LSA_POLICY_MODE_INTERACTIVE"); + if (*(r.out.access_mask) & LSA_POLICY_MODE_NETWORK) + printf(" LSA_POLICY_MODE_NETWORK"); + if (*(r.out.access_mask) & LSA_POLICY_MODE_BATCH) + printf(" LSA_POLICY_MODE_BATCH"); + if (*(r.out.access_mask) & LSA_POLICY_MODE_SERVICE) + printf(" LSA_POLICY_MODE_SERVICE"); + if (*(r.out.access_mask) & LSA_POLICY_MODE_PROXY) + printf(" LSA_POLICY_MODE_PROXY"); + if (*(r.out.access_mask) & LSA_POLICY_MODE_DENY_INTERACTIVE) + printf(" LSA_POLICY_MODE_DENY_INTERACTIVE"); + if (*(r.out.access_mask) & LSA_POLICY_MODE_DENY_NETWORK) + printf(" LSA_POLICY_MODE_DENY_NETWORK"); + if (*(r.out.access_mask) & LSA_POLICY_MODE_DENY_BATCH) + printf(" LSA_POLICY_MODE_DENY_BATCH"); + if (*(r.out.access_mask) & LSA_POLICY_MODE_DENY_SERVICE) + printf(" LSA_POLICY_MODE_DENY_SERVICE"); + if (*(r.out.access_mask) & LSA_POLICY_MODE_REMOTE_INTERACTIVE) + printf(" LSA_POLICY_MODE_REMOTE_INTERACTIVE"); + if (*(r.out.access_mask) & LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE) + printf(" LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE"); + if (*(r.out.access_mask) & LSA_POLICY_MODE_ALL) + printf(" LSA_POLICY_MODE_ALL"); + if (*(r.out.access_mask) & LSA_POLICY_MODE_ALL_NT4) + printf(" LSA_POLICY_MODE_ALL_NT4"); + printf("\n"); + } + + return true; +} + static bool test_Delete(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle) @@ -901,7 +956,7 @@ static bool test_Delete(struct dcerpc_pipe *p, NTSTATUS status; struct lsa_Delete r; - printf("testing Delete\n"); + printf("\nTesting Delete\n"); r.in.handle = handle; status = dcerpc_lsa_Delete(p, mem_ctx, &r); @@ -920,13 +975,13 @@ static bool test_DeleteObject(struct dcerpc_pipe *p, NTSTATUS status; struct lsa_DeleteObject r; - printf("testing DeleteObject\n"); + printf("\nTesting DeleteObject\n"); r.in.handle = handle; r.out.handle = handle; status = dcerpc_lsa_DeleteObject(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { - printf("Delete failed - %s\n", nt_errstr(status)); + printf("DeleteObject failed - %s\n", nt_errstr(status)); return false; } @@ -945,7 +1000,7 @@ static bool test_CreateAccount(struct dcerpc_pipe *p, newsid = dom_sid_parse_talloc(mem_ctx, "S-1-5-12349876-4321-2854"); - printf("Testing CreateAccount\n"); + printf("\nTesting CreateAccount\n"); r.in.handle = handle; r.in.sid = newsid; @@ -997,7 +1052,7 @@ static bool test_DeleteTrustedDomain(struct dcerpc_pipe *p, status = dcerpc_lsa_OpenTrustedDomainByName(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { - printf("lsa_OpenTrustedDomainByName failed - %s\n", nt_errstr(status)); + printf("OpenTrustedDomainByName failed - %s\n", nt_errstr(status)); return false; } @@ -1025,7 +1080,7 @@ static bool test_DeleteTrustedDomainBySid(struct dcerpc_pipe *p, status = dcerpc_lsa_DeleteTrustedDomain(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { - printf("lsa_DeleteTrustedDomain failed - %s\n", nt_errstr(status)); + printf("DeleteTrustedDomain failed - %s\n", nt_errstr(status)); return false; } @@ -1071,7 +1126,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, secname[GLOBAL] = talloc_asprintf(mem_ctx, "G$torturesecret-%u", (uint_t)random()); for (i=0; i< 2; i++) { - printf("Testing CreateSecret of %s\n", secname[i]); + printf("\nTesting CreateSecret of %s\n", secname[i]); init_lsa_String(&r.in.name, secname[i]); @@ -1383,7 +1438,7 @@ static bool test_EnumAccountRights(struct dcerpc_pipe *p, struct lsa_EnumAccountRights r; struct lsa_RightSet rights; - printf("Testing EnumAccountRights\n"); + printf("\nTesting EnumAccountRights\n"); r.in.handle = acct_handle; r.in.sid = sid; @@ -1409,11 +1464,11 @@ static bool test_QuerySecurity(struct dcerpc_pipe *p, struct lsa_QuerySecurity r; if (torture_setting_bool(tctx, "samba4", false)) { - printf("skipping QuerySecurity test against Samba4\n"); + printf("\nskipping QuerySecurity test against Samba4\n"); return true; } - printf("Testing QuerySecurity\n"); + printf("\nTesting QuerySecurity\n"); r.in.handle = acct_handle; r.in.sec_info = 7; @@ -1436,7 +1491,7 @@ static bool test_OpenAccount(struct dcerpc_pipe *p, struct lsa_OpenAccount r; struct policy_handle acct_handle; - printf("Testing OpenAccount\n"); + printf("\nTesting OpenAccount\n"); r.in.handle = handle; r.in.sid = sid; @@ -1453,6 +1508,10 @@ static bool test_OpenAccount(struct dcerpc_pipe *p, return false; } + if (!test_GetSystemAccessAccount(p, mem_ctx, handle, &acct_handle)) { + return false; + } + if (!test_QuerySecurity(p, mem_ctx, handle, &acct_handle)) { return false; } @@ -1471,7 +1530,7 @@ static bool test_EnumAccounts(struct dcerpc_pipe *p, int i; bool ret = true; - printf("\ntesting EnumAccounts\n"); + printf("\nTesting EnumAccounts\n"); r.in.handle = handle; r.in.resume_handle = &resume_handle; @@ -1502,7 +1561,7 @@ static bool test_EnumAccounts(struct dcerpc_pipe *p, * be on schannel, or we would not be able to do the * rest */ - printf("testing all accounts\n"); + printf("Testing all accounts\n"); for (i=0;i<sids1.num_sids;i++) { ret &= test_OpenAccount(p, mem_ctx, handle, sids1.sids[i].sid); ret &= test_EnumAccountRights(p, mem_ctx, handle, sids1.sids[i].sid); @@ -1514,7 +1573,7 @@ static bool test_EnumAccounts(struct dcerpc_pipe *p, return ret; } - printf("trying EnumAccounts partial listing (asking for 1 at 2)\n"); + printf("Trying EnumAccounts partial listing (asking for 1 at 2)\n"); resume_handle = 2; r.in.num_entries = 1; r.out.sids = &sids2; @@ -1544,7 +1603,7 @@ static bool test_LookupPrivDisplayName(struct dcerpc_pipe *p, terminals */ uint16_t language_id = (random() % 4) + 0x409; - printf("testing LookupPrivDisplayName(%s)\n", priv_name->string); + printf("\nTesting LookupPrivDisplayName(%s)\n", priv_name->string); r.in.handle = handle; r.in.name = priv_name; @@ -1575,7 +1634,7 @@ static bool test_EnumAccountsWithUserRight(struct dcerpc_pipe *p, ZERO_STRUCT(sids); - printf("testing EnumAccountsWithUserRight(%s)\n", priv_name->string); + printf("\nTesting EnumAccountsWithUserRight(%s)\n", priv_name->string); r.in.handle = handle; r.in.name = priv_name; @@ -1608,7 +1667,7 @@ static bool test_EnumPrivs(struct dcerpc_pipe *p, int i; bool ret = true; - printf("\ntesting EnumPrivs\n"); + printf("\nTesting EnumPrivs\n"); r.in.handle = handle; r.in.resume_handle = &resume_handle; @@ -1668,7 +1727,7 @@ static bool test_QueryForestTrustInformation(struct dcerpc_pipe *p, status = dcerpc_lsa_lsaRQueryForestTrustInformation(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { - printf("lsaRQueryForestTrustInformation failed - %s\n", nt_errstr(status)); + printf("lsaRQueryForestTrustInformation of %s failed - %s\n", trusted_domain_name, nt_errstr(status)); ret = false; } @@ -1898,7 +1957,11 @@ static bool test_EnumTrustDom(struct dcerpc_pipe *p, /* NO_MORE_ENTRIES is allowed */ if (NT_STATUS_EQUAL(enum_status, NT_STATUS_NO_MORE_ENTRIES)) { - return true; + if (domains.count == 0) { + return true; + } + printf("EnumTrustDom failed - should have returned 0 trusted domains with 'NT_STATUS_NO_MORE_ENTRIES'\n"); + return false; } else if (NT_STATUS_EQUAL(enum_status, STATUS_MORE_ENTRIES)) { /* Windows 2003 gets this off by one on the first run */ if (r.out.domains->count < 3 || r.out.domains->count > 4) { @@ -1949,7 +2012,11 @@ static bool test_EnumTrustDom(struct dcerpc_pipe *p, /* NO_MORE_ENTRIES is allowed */ if (NT_STATUS_EQUAL(enum_status, NT_STATUS_NO_MORE_ENTRIES)) { - return true; + if (domains_ex.count == 0) { + return true; + } + printf("EnumTrustDomainsEx failed - should have returned 0 trusted domains with 'NT_STATUS_NO_MORE_ENTRIES'\n"); + return false; } else if (NT_STATUS_EQUAL(enum_status, STATUS_MORE_ENTRIES)) { /* Windows 2003 gets this off by one on the first run */ if (r_ex.out.domains->count < 3 || r_ex.out.domains->count > 4) { @@ -1990,7 +2057,7 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p, struct lsa_QueryTrustedDomainInfo q; int i; - printf("Testing CreateTrustedDomain for 12 domains\n"); + printf("\nTesting CreateTrustedDomain for 12 domains\n"); if (!test_EnumTrustDom(p, mem_ctx, handle)) { ret = false; @@ -2077,7 +2144,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, struct lsa_CreateTrustedDomainEx2 r; struct lsa_TrustDomainInfoInfoEx trustinfo; struct lsa_TrustDomainInfoAuthInfoInternal authinfo; - struct trustAuthInAndOutBlob auth_struct; + struct trustDomainPasswords auth_struct; DATA_BLOB auth_blob; struct dom_sid *domsid[12]; struct policy_handle trustdom_handle[12]; @@ -2086,7 +2153,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, enum ndr_err_code ndr_err; int i; - printf("Testing CreateTrustedDomainEx2 for 12 domains\n"); + printf("\nTesting CreateTrustedDomainEx2 for 12 domains\n"); status = dcerpc_fetch_session_key(p, &session_key); if (!NT_STATUS_IS_OK(status)) { @@ -2114,7 +2181,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, /* Try different trust types too */ - /* 1 == downleven (NT4), 2 == uplevel (ADS), 3 == MIT (kerberos but not AD) */ + /* 1 == downlevel (NT4), 2 == uplevel (ADS), 3 == MIT (kerberos but not AD) */ trustinfo.trust_type = (((i / 3) + 1) % 3) + 1; trustinfo.trust_attributes = LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION; @@ -2125,9 +2192,9 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, auth_struct.incoming.count = 0; ndr_err = ndr_push_struct_blob(&auth_blob, mem_ctx, lp_iconv_convenience(tctx->lp_ctx), &auth_struct, - (ndr_push_flags_fn_t)ndr_push_trustAuthInAndOutBlob); + (ndr_push_flags_fn_t)ndr_push_trustDomainPasswords); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - printf("ndr_push_struct_blob of trustAuthInAndOutBlob structure failed"); + printf("ndr_push_struct_blob of trustDomainPasswords structure failed"); ret = false; } @@ -2159,6 +2226,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, printf("QueryTrustedDomainInfo level 1 failed - %s\n", nt_errstr(status)); ret = false; } else if (!q.out.info) { + printf("QueryTrustedDomainInfo level 1 failed to return an info pointer\n"); ret = false; } else { if (strcmp(q.out.info->info_ex.netbios_name.string, trustinfo.netbios_name.string) != 0) { @@ -2187,11 +2255,13 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, /* now that we have some domains to look over, we can test the enum calls */ if (!test_EnumTrustDom(p, mem_ctx, handle)) { + printf("test_EnumTrustDom failed\n"); ret = false; } for (i=0; i<12; i++) { if (!test_DeleteTrustedDomainBySid(p, mem_ctx, handle, domsid[i])) { + printf("test_DeleteTrustedDomainBySid failed\n"); ret = false; } } @@ -2214,7 +2284,7 @@ static bool test_QueryDomainInfoPolicy(struct dcerpc_pipe *p, r.in.handle = handle; r.in.level = i; - printf("\ntrying QueryDomainInformationPolicy level %d\n", i); + printf("\nTrying QueryDomainInformationPolicy level %d\n", i); status = dcerpc_lsa_QueryDomainInformationPolicy(p, tctx, &r); @@ -2232,38 +2302,63 @@ static bool test_QueryDomainInfoPolicy(struct dcerpc_pipe *p, } -static bool test_QueryInfoPolicy(struct dcerpc_pipe *p, - struct torture_context *tctx, - struct policy_handle *handle) +static bool test_QueryInfoPolicyCalls( bool version2, + struct dcerpc_pipe *p, + struct torture_context *tctx, + struct policy_handle *handle) { struct lsa_QueryInfoPolicy r; NTSTATUS status; int i; bool ret = true; - printf("\nTesting QueryInfoPolicy\n"); - for (i=1;i<13;i++) { + if (version2) + printf("\nTesting QueryInfoPolicy2\n"); + else + printf("\nTesting QueryInfoPolicy\n"); + + for (i=1;i<=14;i++) { r.in.handle = handle; r.in.level = i; - printf("\ntrying QueryInfoPolicy level %d\n", i); + if (version2) + printf("\nTrying QueryInfoPolicy2 level %d\n", i); + else + printf("\nTrying QueryInfoPolicy level %d\n", i); - status = dcerpc_lsa_QueryInfoPolicy(p, tctx, &r); + if (version2) + /* We can perform the cast, because both types are + structurally equal */ + status = dcerpc_lsa_QueryInfoPolicy2(p, tctx, + (struct lsa_QueryInfoPolicy2*) &r); + else + status = dcerpc_lsa_QueryInfoPolicy(p, tctx, &r); switch (i) { - case LSA_POLICY_INFO_DB: + case LSA_POLICY_INFO_MOD: case LSA_POLICY_INFO_AUDIT_FULL_SET: case LSA_POLICY_INFO_AUDIT_FULL_QUERY: if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) { - printf("server should have failed level %u: %s\n", i, nt_errstr(status)); + printf("Server should have failed level %u: %s\n", i, nt_errstr(status)); ret = false; } break; case LSA_POLICY_INFO_DOMAIN: case LSA_POLICY_INFO_ACCOUNT_DOMAIN: + case LSA_POLICY_INFO_L_ACCOUNT_DOMAIN: + case LSA_POLICY_INFO_DNS_INT: case LSA_POLICY_INFO_DNS: + case LSA_POLICY_INFO_REPLICA: + case LSA_POLICY_INFO_QUOTA: + case LSA_POLICY_INFO_ROLE: + case LSA_POLICY_INFO_AUDIT_LOG: + case LSA_POLICY_INFO_AUDIT_EVENTS: + case LSA_POLICY_INFO_PD: if (!NT_STATUS_IS_OK(status)) { - printf("QueryInfoPolicy failed - %s\n", nt_errstr(status)); + if (version2) + printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status)); + else + printf("QueryInfoPolicy failed - %s\n", nt_errstr(status)); ret = false; } break; @@ -2271,17 +2366,24 @@ static bool test_QueryInfoPolicy(struct dcerpc_pipe *p, if (torture_setting_bool(tctx, "samba4", false)) { /* Other levels not implemented yet */ if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS)) { - printf("QueryInfoPolicy failed - %s\n", nt_errstr(status)); + if (version2) + printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status)); + else + printf("QueryInfoPolicy failed - %s\n", nt_errstr(status)); ret = false; } } else if (!NT_STATUS_IS_OK(status)) { - printf("QueryInfoPolicy failed - %s\n", nt_errstr(status)); + if (version2) + printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status)); + else + printf("QueryInfoPolicy failed - %s\n", nt_errstr(status)); ret = false; } break; } - if (NT_STATUS_IS_OK(status) && i == LSA_POLICY_INFO_DNS) { + if (NT_STATUS_IS_OK(status) && (i == LSA_POLICY_INFO_DNS + || i == LSA_POLICY_INFO_DNS_INT)) { /* Let's look up some of these names */ struct lsa_TransNameArray tnames; @@ -2323,56 +2425,18 @@ static bool test_QueryInfoPolicy(struct dcerpc_pipe *p, return ret; } +static bool test_QueryInfoPolicy(struct dcerpc_pipe *p, + struct torture_context *tctx, + struct policy_handle *handle) +{ + return test_QueryInfoPolicyCalls(false, p, tctx, handle); +} + static bool test_QueryInfoPolicy2(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *handle) { - struct lsa_QueryInfoPolicy2 r; - NTSTATUS status; - int i; - bool ret = true; - printf("\nTesting QueryInfoPolicy2\n"); - for (i=1;i<13;i++) { - r.in.handle = handle; - r.in.level = i; - - printf("\ntrying QueryInfoPolicy2 level %d\n", i); - - status = dcerpc_lsa_QueryInfoPolicy2(p, tctx, &r); - - switch (i) { - case LSA_POLICY_INFO_DB: - case LSA_POLICY_INFO_AUDIT_FULL_SET: - case LSA_POLICY_INFO_AUDIT_FULL_QUERY: - if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) { - printf("server should have failed level %u: %s\n", i, nt_errstr(status)); - ret = false; - } - break; - case LSA_POLICY_INFO_DOMAIN: - case LSA_POLICY_INFO_ACCOUNT_DOMAIN: - case LSA_POLICY_INFO_DNS: - if (!NT_STATUS_IS_OK(status)) { - printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status)); - ret = false; - } - break; - default: - if (torture_setting_bool(tctx, "samba4", false)) { - /* Other levels not implemented yet */ - if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS)) { - printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status)); - ret = false; - } - } else if (!NT_STATUS_IS_OK(status)) { - printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status)); - ret = false; - } - break; - } - } - - return ret; + return test_QueryInfoPolicyCalls(true, p, tctx, handle); } static bool test_GetUserName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) @@ -2407,7 +2471,7 @@ bool test_lsa_Close(struct dcerpc_pipe *p, struct lsa_Close r; struct policy_handle handle2; - printf("\ntesting Close\n"); + printf("\nTesting Close\n"); r.in.handle = handle; r.out.handle = &handle2; @@ -2457,7 +2521,6 @@ bool torture_rpc_lsa(struct torture_context *tctx) if (!join) { ret = false; } - if (!test_LookupNames_wellknown(p, tctx, handle)) { ret = false; } @@ -2481,7 +2544,6 @@ bool torture_rpc_lsa(struct torture_context *tctx) if (!test_CreateSecret(p, tctx, handle)) { ret = false; } - if (!test_CreateTrustedDomain(p, tctx, handle)) { ret = false; } diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c index 5ec2c29a20..f4ae5b35eb 100644 --- a/source4/torture/rpc/netlogon.c +++ b/source4/torture/rpc/netlogon.c @@ -29,6 +29,7 @@ #include "lib/cmdline/popt_common.h" #include "torture/rpc/rpc.h" #include "torture/rpc/netlogon.h" +#include "../lib/crypto/crypto.h" #include "libcli/auth/libcli_auth.h" #include "librpc/gen_ndr/ndr_netlogon_c.h" #include "librpc/gen_ndr/ndr_lsa_c.h" @@ -77,11 +78,10 @@ static bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context struct netr_ServerAuthenticate a; struct netr_Credential credentials1, credentials2, credentials3; struct creds_CredentialState *creds; - struct samr_Password mach_password; - const char *plain_pass; - const char *machine_name; + const struct samr_Password *mach_password; + const char *machine_name; - plain_pass = cli_credentials_get_password(credentials); + mach_password = cli_credentials_get_nt_hash(credentials, tctx); machine_name = cli_credentials_get_workstation(credentials); torture_comment(tctx, "Testing ServerReqChallenge\n"); @@ -99,8 +99,6 @@ static bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context status = dcerpc_netr_ServerReqChallenge(p, tctx, &r); torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge"); - E_md4hash(plain_pass, mach_password.hash); - a.in.server_name = NULL; a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name); a.in.secure_channel_type = SEC_CHAN_BDC; @@ -109,7 +107,7 @@ static bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context a.out.credentials = &credentials3; creds_client_init(creds, &credentials1, &credentials2, - &mach_password, &credentials3, + mach_password, &credentials3, 0); torture_comment(tctx, "Testing ServerAuthenticate\n"); @@ -142,12 +140,12 @@ bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx, struct netr_ServerAuthenticate2 a; struct netr_Credential credentials1, credentials2, credentials3; struct creds_CredentialState *creds; - struct samr_Password mach_password; + const struct samr_Password *mach_password; const char *machine_name; const char *plain_pass; + mach_password = cli_credentials_get_nt_hash(machine_credentials, tctx); machine_name = cli_credentials_get_workstation(machine_credentials); - plain_pass = cli_credentials_get_password(machine_credentials); torture_comment(tctx, "Testing ServerReqChallenge\n"); @@ -164,8 +162,6 @@ bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx, status = dcerpc_netr_ServerReqChallenge(p, tctx, &r); torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge"); - E_md4hash(plain_pass, mach_password.hash); - a.in.server_name = NULL; a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name); a.in.secure_channel_type = sec_chan_type; @@ -176,7 +172,7 @@ bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx, a.out.credentials = &credentials3; creds_client_init(creds, &credentials1, &credentials2, - &mach_password, &credentials3, + mach_password, &credentials3, negotiate_flags); torture_comment(tctx, "Testing ServerAuthenticate2\n"); @@ -250,6 +246,10 @@ static bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context torture_assert(tctx, creds_client_check(creds, &credentials3), "Credential chaining failed"); torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags); + + /* Prove that requesting a challenge again won't break it */ + status = dcerpc_netr_ServerReqChallenge(p, tctx, &r); + torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge"); *creds_out = creds; return true; @@ -322,6 +322,24 @@ static bool test_SetPassword(struct torture_context *tctx, } /* + generate a random password for password change tests +*/ +static DATA_BLOB netlogon_very_rand_pass(TALLOC_CTX *mem_ctx, int len) +{ + int i; + DATA_BLOB password = data_blob_talloc(mem_ctx, NULL, len * 2 /* number of unicode chars */); + generate_random_buffer(password.data, password.length); + + for (i=0; i < len; i++) { + if (((uint16_t *)password.data)[i] == 0) { + ((uint16_t *)password.data)[i] = 1; + } + } + + return password; +} + +/* try a change password for our machine account */ static bool test_SetPassword2(struct torture_context *tctx, @@ -331,8 +349,10 @@ static bool test_SetPassword2(struct torture_context *tctx, NTSTATUS status; struct netr_ServerPasswordSet2 r; const char *password; + DATA_BLOB new_random_pass; struct creds_CredentialState *creds; struct samr_CryptPassword password_buf; + struct samr_Password nt_hash; if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) { return false; @@ -444,6 +464,37 @@ static bool test_SetPassword2(struct torture_context *tctx, test_SetupCredentials(p, tctx, machine_credentials, &creds), "ServerPasswordSet failed to actually change the password"); + new_random_pass = netlogon_very_rand_pass(tctx, 128); + + /* now try a random stream of bytes for a password */ + set_pw_in_buffer(password_buf.data, &new_random_pass); + + creds_arcfour_crypt(creds, password_buf.data, 516); + + memcpy(r.in.new_password.data, password_buf.data, 512); + r.in.new_password.length = IVAL(password_buf.data, 512); + + torture_comment(tctx, + "Testing a third ServerPasswordSet2 on machine account, with a compleatly random password\n"); + + creds_client_authenticator(creds, &r.in.credential); + + status = dcerpc_netr_ServerPasswordSet2(p, tctx, &r); + torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet (3)"); + + if (!creds_client_check(creds, &r.out.return_authenticator.cred)) { + torture_comment(tctx, "Credential chaining failed\n"); + } + + mdfour(nt_hash.hash, new_random_pass.data, new_random_pass.length); + + cli_credentials_set_password(machine_credentials, NULL, CRED_UNINITIALISED); + cli_credentials_set_nt_hash(machine_credentials, &nt_hash, CRED_SPECIFIED); + + torture_assert (tctx, + test_SetupCredentials(p, tctx, machine_credentials, &creds), + "ServerPasswordSet failed to actually change the password"); + return true; } @@ -1393,7 +1444,14 @@ static bool test_GetDomainInfo(struct torture_context *tctx, q1.blob2.data = NULL; q1.product.string = "product string"; - torture_comment(tctx, "Testing netr_uogonGetDomainInfo\n"); + torture_comment(tctx, "Testing netr_LogonGetDomainInfo\n"); + + status = dcerpc_netr_LogonGetDomainInfo(p, tctx, &r); + torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo"); + torture_assert(tctx, creds_client_check(creds, &a.cred), "Credential chaining failed"); + + torture_comment(tctx, "Testing netr_LogonGetDomainInfo 2nd call\n"); + creds_client_authenticator(creds, &a); status = dcerpc_netr_LogonGetDomainInfo(p, tctx, &r); torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo"); @@ -1577,6 +1635,7 @@ struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx) tcase = torture_suite_add_machine_rpc_iface_tcase(suite, "netlogon", &ndr_table_netlogon, TEST_MACHINE_NAME); + torture_rpc_tcase_add_test(tcase, "LogonUasLogon", test_LogonUasLogon); torture_rpc_tcase_add_test(tcase, "LogonUasLogoff", test_LogonUasLogoff); torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon); diff --git a/source4/torture/rpc/object_uuid.c b/source4/torture/rpc/object_uuid.c new file mode 100644 index 0000000000..5a77bd1c29 --- /dev/null +++ b/source4/torture/rpc/object_uuid.c @@ -0,0 +1,87 @@ +/* + Unix SMB/CIFS implementation. + + test suite for behaviour of object uuids in rpc requests + + Copyright (C) Stefan Metzmacher 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "torture/torture.h" +#include "librpc/gen_ndr/ndr_dssetup.h" +#include "librpc/gen_ndr/ndr_dssetup_c.h" +#include "librpc/gen_ndr/ndr_lsa.h" +#include "librpc/gen_ndr/ndr_lsa_c.h" +#include "torture/rpc/rpc.h" + +/* + this tests the send object uuids in the dcerpc request +*/ + +static bool test_random_uuid(struct torture_context *torture) +{ + NTSTATUS status; + struct dcerpc_pipe *p1, *p2; + struct rpc_request *req; + struct GUID uuid; + struct dssetup_DsRoleGetPrimaryDomainInformation r1; + struct lsa_GetUserName r2; + struct lsa_StringPointer authority_name_p; + + torture_comment(torture, "RPC-OBJECTUUID-RANDOM\n"); + + status = torture_rpc_connection(torture, &p1, &ndr_table_dssetup); + torture_assert_ntstatus_ok(torture, status, "opening dsetup pipe1"); + + status = torture_rpc_connection(torture, &p2, &ndr_table_lsarpc); + torture_assert_ntstatus_ok(torture, status, "opening lsa pipe1"); + + uuid = GUID_random(); + + r1.in.level = DS_ROLE_BASIC_INFORMATION; + req = dcerpc_ndr_request_send(p1, &uuid, + &ndr_table_dssetup, + NDR_DSSETUP_DSROLEGETPRIMARYDOMAININFORMATION, + torture, &r1); + status = dcerpc_ndr_request_recv(req); + torture_assert_ntstatus_ok(torture, status, "DsRoleGetPrimaryDomainInformation failed"); + torture_assert_werr_ok(torture, r1.out.result, "DsRoleGetPrimaryDomainInformation failed"); + + uuid = GUID_random(); + + r2.in.system_name = "\\"; + r2.in.account_name = NULL; + r2.in.authority_name = &authority_name_p; + authority_name_p.string = NULL; + + req = dcerpc_ndr_request_send(p2, &uuid, + &ndr_table_lsarpc, + NDR_LSA_GETUSERNAME, + torture, &r2); + status = dcerpc_ndr_request_recv(req); + torture_assert_ntstatus_ok(torture, status, "lsaClose failed"); + torture_assert_ntstatus_ok(torture, r2.out.result, "lsaClose failed"); + + return true; +} + +struct torture_suite *torture_rpc_object_uuid(TALLOC_CTX *mem_ctx) +{ + struct torture_suite *suite; + suite = torture_suite_create(mem_ctx, "OBJECTUUID"); + torture_suite_add_simple_test(suite, "random-uuid", test_random_uuid); + return suite; +} diff --git a/source4/torture/rpc/remote_pac.c b/source4/torture/rpc/remote_pac.c index 6419e40014..a4111d1c3e 100644 --- a/source4/torture/rpc/remote_pac.c +++ b/source4/torture/rpc/remote_pac.c @@ -68,8 +68,6 @@ static bool test_PACVerify(struct torture_context *tctx, TALLOC_CTX *tmp_ctx = talloc_new(tctx); - int i; - torture_assert(tctx, tmp_ctx != NULL, "talloc_new() failed"); if (!test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS, @@ -118,16 +116,12 @@ static bool test_PACVerify(struct torture_context *tctx, torture_assert_ntstatus_ok(tctx, status, "gensec_update (client) failed"); } - if (client_to_server.length == 0) { - break; - } - status = gensec_update(gensec_server_context, tmp_ctx, client_to_server, &server_to_client); if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {; torture_assert_ntstatus_ok(tctx, status, "gensec_update (server) failed"); } - if (server_to_client.length == 0) { + if (NT_STATUS_IS_OK(status)) { break; } } while (1); @@ -137,7 +131,6 @@ static bool test_PACVerify(struct torture_context *tctx, status = gensec_session_info(gensec_server_context, &session_info); torture_assert_ntstatus_ok(tctx, status, "gensec_session_info failed"); - pac_wrapped_struct.MessageType = 0x3; pac_wrapped_struct.ChecksumLength = session_info->server_info->pac_srv_sig.signature.length; pac_wrapped_struct.SignatureType = session_info->server_info->pac_kdc_sig.type; pac_wrapped_struct.SignatureLength = session_info->server_info->pac_kdc_sig.signature.length; @@ -207,51 +200,6 @@ static bool test_PACVerify(struct torture_context *tctx, torture_assert(tctx, creds_client_check(creds, &r.out.return_authenticator->cred), "Credential chaining failed"); - /* This will break message type, check that however we still get NT_STATUS_OK */ - for (i=0; i < 256; i++) { - pac_wrapped_struct.MessageType = i; - pac_wrapped_struct.ChecksumLength = session_info->server_info->pac_srv_sig.signature.length; - pac_wrapped_struct.SignatureType = session_info->server_info->pac_kdc_sig.type; - pac_wrapped_struct.SignatureLength = session_info->server_info->pac_kdc_sig.signature.length; - pac_wrapped_struct.ChecksumAndSignature = payload - = data_blob_talloc(tmp_ctx, NULL, - pac_wrapped_struct.ChecksumLength - + pac_wrapped_struct.SignatureLength); - memcpy(&payload.data[0], - session_info->server_info->pac_srv_sig.signature.data, - pac_wrapped_struct.ChecksumLength); - memcpy(&payload.data[pac_wrapped_struct.ChecksumLength], - session_info->server_info->pac_kdc_sig.signature.data, - pac_wrapped_struct.SignatureLength); - - ndr_err = ndr_push_struct_blob(&pac_wrapped, tmp_ctx, lp_iconv_convenience(tctx->lp_ctx), &pac_wrapped_struct, - (ndr_push_flags_fn_t)ndr_push_PAC_Validate); - torture_assert(tctx, NDR_ERR_CODE_IS_SUCCESS(ndr_err), "ndr_push_struct_blob of PACValidate structure failed"); - - torture_assert(tctx, (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR), "not willing to even try a PACValidate without RC4 encryption"); - creds_arcfour_crypt(creds, pac_wrapped.data, pac_wrapped.length); - - generic.length = pac_wrapped.length; - generic.data = pac_wrapped.data; - - ZERO_STRUCT(auth2); - creds_client_authenticator(creds, &auth); - r.in.credential = &auth; - r.in.return_authenticator = &auth2; - r.in.logon_level = NetlogonGenericInformation; - r.in.logon.generic = &generic; - r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); - r.in.computer_name = cli_credentials_get_workstation(credentials); - r.in.validation_level = NetlogonValidationGenericInfo2; - - status = dcerpc_netr_LogonSamLogon(p, tctx, &r); - - torture_assert_ntstatus_ok(tctx, status, "LogonSamLogon failed"); - - torture_assert(tctx, creds_client_check(creds, &r.out.return_authenticator->cred), - "Credential chaining failed"); - } - /* This will break the parsing nicely (even in the crypto wrapping), check we get INVALID_PARAMETER */ generic.length--; @@ -272,7 +220,6 @@ static bool test_PACVerify(struct torture_context *tctx, torture_assert(tctx, creds_client_check(creds, &r.out.return_authenticator->cred), "Credential chaining failed"); - pac_wrapped_struct.MessageType = 0x3; pac_wrapped_struct.ChecksumLength = session_info->server_info->pac_srv_sig.signature.length; pac_wrapped_struct.SignatureType = session_info->server_info->pac_kdc_sig.type; @@ -318,8 +265,6 @@ static bool test_PACVerify(struct torture_context *tctx, torture_assert(tctx, creds_client_check(creds, &r.out.return_authenticator->cred), "Credential chaining failed"); - - pac_wrapped_struct.MessageType = 0x3; pac_wrapped_struct.ChecksumLength = session_info->server_info->pac_srv_sig.signature.length; pac_wrapped_struct.SignatureType = session_info->server_info->pac_kdc_sig.type; pac_wrapped_struct.SignatureLength = session_info->server_info->pac_kdc_sig.signature.length; diff --git a/source4/torture/rpc/rpc.c b/source4/torture/rpc/rpc.c index 85f7bde16c..3e5d2d4323 100644 --- a/source4/torture/rpc/rpc.c +++ b/source4/torture/rpc/rpc.c @@ -25,7 +25,7 @@ #include "torture/rpc/rpc.h" #include "torture/smbtorture.h" #include "librpc/ndr/ndr_table.h" -#include "lib/util/dlinklist.h" +#include "../lib/util/dlinklist.h" static bool torture_rpc_teardown (struct torture_context *tcase, void *data) @@ -387,6 +387,7 @@ NTSTATUS torture_rpc_init(void) torture_suite_add_suite(suite, torture_rpc_atsvc(suite)); torture_suite_add_suite(suite, torture_rpc_wkssvc(suite)); torture_suite_add_suite(suite, torture_rpc_handles(suite)); + torture_suite_add_suite(suite, torture_rpc_object_uuid(suite)); torture_suite_add_suite(suite, torture_rpc_winreg(suite)); torture_suite_add_simple_test(suite, "SPOOLSS", torture_rpc_spoolss); torture_suite_add_suite(suite, torture_rpc_spoolss_notify(suite)); diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c index 17342f9b86..260c1cc149 100644 --- a/source4/torture/rpc/samba3rpc.c +++ b/source4/torture/rpc/samba3rpc.c @@ -47,7 +47,7 @@ #include "libcli/composite/composite.h" #include "libcli/smb_composite/smb_composite.h" #include "libcli/auth/libcli_auth.h" -#include "lib/crypto/crypto.h" +#include "../lib/crypto/crypto.h" #include "auth/ntlmssp/ntlmssp.h" #include "libcli/security/proto.h" #include "param/param.h" @@ -74,6 +74,7 @@ bool torture_bind_authcontext(struct torture_context *torture) struct cli_credentials *anon_creds; struct smb_composite_sesssetup setup; struct smbcli_options options; + struct smbcli_session_options session_options; mem_ctx = talloc_init("torture_bind_authcontext"); @@ -83,13 +84,14 @@ bool torture_bind_authcontext(struct torture_context *torture) } lp_smbcli_options(torture->lp_ctx, &options); + lp_smbcli_session_options(torture->lp_ctx, &session_options); status = smbcli_full_connection(mem_ctx, &cli, torture_setting_string(torture, "host", NULL), lp_smb_ports(torture->lp_ctx), "IPC$", NULL, cmdline_credentials, lp_resolve_context(torture->lp_ctx), - torture->ev, &options); + torture->ev, &options, &session_options); if (!NT_STATUS_IS_OK(status)) { d_printf("smbcli_full_connection failed: %s\n", nt_errstr(status)); @@ -142,7 +144,7 @@ bool torture_bind_authcontext(struct torture_context *torture) goto done; } - session2 = smbcli_session_init(cli->transport, mem_ctx, false); + session2 = smbcli_session_init(cli->transport, mem_ctx, false, session_options); if (session2 == NULL) { d_printf("smbcli_session_init failed\n"); goto done; @@ -288,6 +290,7 @@ bool torture_bind_samba3(struct torture_context *torture) bool ret = false; struct smbcli_state *cli; struct smbcli_options options; + struct smbcli_session_options session_options; mem_ctx = talloc_init("torture_bind_authcontext"); @@ -297,13 +300,14 @@ bool torture_bind_samba3(struct torture_context *torture) } lp_smbcli_options(torture->lp_ctx, &options); + lp_smbcli_session_options(torture->lp_ctx, &session_options); status = smbcli_full_connection(mem_ctx, &cli, torture_setting_string(torture, "host", NULL), lp_smb_ports(torture->lp_ctx), "IPC$", NULL, cmdline_credentials, lp_resolve_context(torture->lp_ctx), - torture->ev, &options); + torture->ev, &options, &session_options); if (!NT_STATUS_IS_OK(status)) { d_printf("smbcli_full_connection failed: %s\n", nt_errstr(status)); @@ -1195,6 +1199,7 @@ bool torture_netlogon_samba3(struct torture_context *torture) const char *wks_name; int i; struct smbcli_options options; + struct smbcli_session_options session_options; wks_name = torture_setting_string(torture, "wksname", NULL); if (wks_name == NULL) { @@ -1214,13 +1219,14 @@ bool torture_netlogon_samba3(struct torture_context *torture) } lp_smbcli_options(torture->lp_ctx, &options); + lp_smbcli_session_options(torture->lp_ctx, &session_options); status = smbcli_full_connection(mem_ctx, &cli, torture_setting_string(torture, "host", NULL), lp_smb_ports(torture->lp_ctx), "IPC$", NULL, anon_creds, lp_resolve_context(torture->lp_ctx), - torture->ev, &options); + torture->ev, &options, &session_options); if (!NT_STATUS_IS_OK(status)) { d_printf("smbcli_full_connection failed: %s\n", nt_errstr(status)); @@ -1299,15 +1305,17 @@ static bool test_join3(struct torture_context *tctx, struct smbcli_state *cli; struct cli_credentials *wks_creds; struct smbcli_options options; + struct smbcli_session_options session_options; lp_smbcli_options(tctx->lp_ctx, &options); + lp_smbcli_session_options(tctx->lp_ctx, &session_options); status = smbcli_full_connection(tctx, &cli, torture_setting_string(tctx, "host", NULL), lp_smb_ports(tctx->lp_ctx), "IPC$", NULL, smb_creds, lp_resolve_context(tctx->lp_ctx), - tctx->ev, &options); + tctx->ev, &options, &session_options); if (!NT_STATUS_IS_OK(status)) { d_printf("smbcli_full_connection failed: %s\n", nt_errstr(status)); @@ -1670,19 +1678,21 @@ bool torture_samba3_rpc_getusername(struct torture_context *torture) struct cli_credentials *user_creds; char *domain_name; struct smbcli_options options; + struct smbcli_session_options session_options; if (!(mem_ctx = talloc_new(torture))) { return false; } lp_smbcli_options(torture->lp_ctx, &options); + lp_smbcli_session_options(torture->lp_ctx, &session_options); status = smbcli_full_connection( mem_ctx, &cli, torture_setting_string(torture, "host", NULL), lp_smb_ports(torture->lp_ctx), "IPC$", NULL, cmdline_credentials, lp_resolve_context(torture->lp_ctx), - torture->ev, &options); + torture->ev, &options, &session_options); if (!NT_STATUS_IS_OK(status)) { d_printf("(%s) smbcli_full_connection failed: %s\n", __location__, nt_errstr(status)); @@ -1709,7 +1719,7 @@ bool torture_samba3_rpc_getusername(struct torture_context *torture) lp_smb_ports(torture->lp_ctx), "IPC$", NULL, anon_creds, lp_resolve_context(torture->lp_ctx), - torture->ev, &options); + torture->ev, &options, &session_options); if (!NT_STATUS_IS_OK(status)) { d_printf("(%s) anon smbcli_full_connection failed: %s\n", __location__, nt_errstr(status)); @@ -1762,7 +1772,7 @@ bool torture_samba3_rpc_getusername(struct torture_context *torture) struct smb_composite_sesssetup setup; struct smbcli_tree *tree; - session2 = smbcli_session_init(cli->transport, mem_ctx, false); + session2 = smbcli_session_init(cli->transport, mem_ctx, false, session_options); if (session2 == NULL) { d_printf("(%s) smbcli_session_init failed\n", __location__); diff --git a/source4/torture/rpc/samlogon.c b/source4/torture/rpc/samlogon.c index e2558ff0a9..b7028e6609 100644 --- a/source4/torture/rpc/samlogon.c +++ b/source4/torture/rpc/samlogon.c @@ -26,7 +26,7 @@ #include "librpc/gen_ndr/ndr_netlogon_c.h" #include "librpc/gen_ndr/ndr_samr_c.h" #include "auth/auth.h" -#include "lib/crypto/crypto.h" +#include "../lib/crypto/crypto.h" #include "lib/cmdline/popt_common.h" #include "torture/rpc/rpc.h" #include "auth/gensec/schannel_proto.h" @@ -53,7 +53,9 @@ struct samlogon_state { const char *comment; const char *account_name; const char *account_domain; + const char *netbios_name; const char *password; + const char *workgroup; struct dcerpc_pipe *p; int function_level; uint32_t parameter_control; @@ -593,7 +595,7 @@ static bool test_lmv2_ntlmv2_broken(struct samlogon_state *samlogon_state, DATA_BLOB lmv2_response = data_blob(NULL, 0); DATA_BLOB lmv2_session_key = data_blob(NULL, 0); DATA_BLOB ntlmv2_session_key = data_blob(NULL, 0); - DATA_BLOB names_blob = NTLMv2_generate_names_blob(samlogon_state->mem_ctx, samlogon_state->iconv_convenience, TEST_MACHINE_NAME, lp_workgroup(global_loadparm)); + DATA_BLOB names_blob = NTLMv2_generate_names_blob(samlogon_state->mem_ctx, samlogon_state->iconv_convenience, TEST_MACHINE_NAME, samlogon_state->workgroup); uint8_t lm_session_key[8]; uint8_t user_session_key[16]; @@ -741,7 +743,7 @@ static bool test_lmv2_ntlm_broken(struct samlogon_state *samlogon_state, DATA_BLOB lmv2_response = data_blob(NULL, 0); DATA_BLOB lmv2_session_key = data_blob(NULL, 0); DATA_BLOB ntlmv2_session_key = data_blob(NULL, 0); - DATA_BLOB names_blob = NTLMv2_generate_names_blob(samlogon_state->mem_ctx, samlogon_state->iconv_convenience, lp_netbios_name(global_loadparm), lp_workgroup(global_loadparm)); + DATA_BLOB names_blob = NTLMv2_generate_names_blob(samlogon_state->mem_ctx, samlogon_state->iconv_convenience, samlogon_state->netbios_name, samlogon_state->workgroup); DATA_BLOB ntlm_response = data_blob_talloc(samlogon_state->mem_ctx, NULL, 24); DATA_BLOB ntlm_session_key = data_blob_talloc(samlogon_state->mem_ctx, NULL, 16); @@ -1337,6 +1339,8 @@ static bool test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, samlogon_state.account_name = account_name; samlogon_state.account_domain = account_domain; samlogon_state.password = plain_pass; + samlogon_state.workgroup = lp_workgroup(tctx->lp_ctx); + samlogon_state.netbios_name = lp_netbios_name(tctx->lp_ctx); samlogon_state.p = p; samlogon_state.creds = creds; samlogon_state.expected_error = expected_error; diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 6afda6e9b5..1f19b8ec3f 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -24,7 +24,7 @@ #include "system/time.h" #include "librpc/gen_ndr/lsa.h" #include "librpc/gen_ndr/ndr_samr_c.h" -#include "lib/crypto/crypto.h" +#include "../lib/crypto/crypto.h" #include "libcli/auth/libcli_auth.h" #include "libcli/security/security.h" #include "torture/rpc/rpc.h" @@ -498,6 +498,24 @@ static char *samr_rand_pass(TALLOC_CTX *mem_ctx, int min_len) } /* + generate a random password for password change tests +*/ +static DATA_BLOB samr_very_rand_pass(TALLOC_CTX *mem_ctx, int len) +{ + int i; + DATA_BLOB password = data_blob_talloc(mem_ctx, NULL, len * 2 /* number of unicode chars */); + generate_random_buffer(password.data, password.length); + + for (i=0; i < len; i++) { + if (((uint16_t *)password.data)[i] == 0) { + ((uint16_t *)password.data)[i] = 1; + } + } + + return password; +} + +/* generate a random password for password change tests (fixed length) */ static char *samr_rand_pass_fixed_len(TALLOC_CTX *mem_ctx, int len) @@ -1841,6 +1859,156 @@ bool test_ChangePasswordUser3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return ret; } +bool test_ChangePasswordRandomBytes(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + const char *account_string, + struct policy_handle *handle, + char **password) +{ + NTSTATUS status; + struct samr_ChangePasswordUser3 r; + struct samr_SetUserInfo s; + union samr_UserInfo u; + DATA_BLOB session_key; + DATA_BLOB confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16); + uint8_t confounder[16]; + struct MD5Context ctx; + + bool ret = true; + struct lsa_String server, account; + struct samr_CryptPassword nt_pass; + struct samr_Password nt_verifier; + DATA_BLOB new_random_pass; + char *newpass; + char *oldpass; + uint8_t old_nt_hash[16], new_nt_hash[16]; + NTTIME t; + + new_random_pass = samr_very_rand_pass(mem_ctx, 128); + + if (!*password) { + printf("Failing ChangePasswordUser3 as old password was NULL. Previous test failed?\n"); + return false; + } + + oldpass = *password; + server.string = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p)); + init_lsa_String(&account, account_string); + + s.in.user_handle = handle; + s.in.info = &u; + s.in.level = 25; + + ZERO_STRUCT(u); + + u.info25.info.fields_present = SAMR_FIELD_PASSWORD; + + set_pw_in_buffer(u.info25.password.data, &new_random_pass); + + status = dcerpc_fetch_session_key(p, &session_key); + if (!NT_STATUS_IS_OK(status)) { + printf("SetUserInfo level %u - no session key - %s\n", + s.in.level, nt_errstr(status)); + return false; + } + + generate_random_buffer((uint8_t *)confounder, 16); + + MD5Init(&ctx); + MD5Update(&ctx, confounder, 16); + MD5Update(&ctx, session_key.data, session_key.length); + MD5Final(confounded_session_key.data, &ctx); + + arcfour_crypt_blob(u.info25.password.data, 516, &confounded_session_key); + memcpy(&u.info25.password.data[516], confounder, 16); + + printf("Testing SetUserInfo level 25 (set password ex) with a password made up of only random bytes\n"); + + status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s); + if (!NT_STATUS_IS_OK(status)) { + printf("SetUserInfo level %u failed - %s\n", + s.in.level, nt_errstr(status)); + ret = false; + } + + printf("Testing ChangePasswordUser3 with a password made up of only random bytes\n"); + + mdfour(old_nt_hash, new_random_pass.data, new_random_pass.length); + + new_random_pass = samr_very_rand_pass(mem_ctx, 128); + + mdfour(new_nt_hash, new_random_pass.data, new_random_pass.length); + + set_pw_in_buffer(nt_pass.data, &new_random_pass); + arcfour_crypt(nt_pass.data, old_nt_hash, 516); + E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash); + + r.in.server = &server; + r.in.account = &account; + r.in.nt_password = &nt_pass; + r.in.nt_verifier = &nt_verifier; + r.in.lm_change = 0; + r.in.lm_password = NULL; + r.in.lm_verifier = NULL; + r.in.password3 = NULL; + + unix_to_nt_time(&t, time(NULL)); + + status = dcerpc_samr_ChangePasswordUser3(p, mem_ctx, &r); + + if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION)) { + if (r.out.reject && r.out.reject->reason != SAMR_REJECT_OTHER) { + printf("expected SAMR_REJECT_OTHER (%d), got %d\n", + SAMR_REJECT_OTHER, r.out.reject->reason); + return false; + } + /* Perhaps the server has a 'min password age' set? */ + + } else if (!NT_STATUS_IS_OK(status)) { + printf("ChangePasswordUser3 failed - %s\n", nt_errstr(status)); + ret = false; + } + + newpass = samr_rand_pass(mem_ctx, 128); + + mdfour(old_nt_hash, new_random_pass.data, new_random_pass.length); + + E_md4hash(newpass, new_nt_hash); + + encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE); + arcfour_crypt(nt_pass.data, old_nt_hash, 516); + E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash); + + r.in.server = &server; + r.in.account = &account; + r.in.nt_password = &nt_pass; + r.in.nt_verifier = &nt_verifier; + r.in.lm_change = 0; + r.in.lm_password = NULL; + r.in.lm_verifier = NULL; + r.in.password3 = NULL; + + unix_to_nt_time(&t, time(NULL)); + + status = dcerpc_samr_ChangePasswordUser3(p, mem_ctx, &r); + + if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION)) { + if (r.out.reject && r.out.reject->reason != SAMR_REJECT_OTHER) { + printf("expected SAMR_REJECT_OTHER (%d), got %d\n", + SAMR_REJECT_OTHER, r.out.reject->reason); + return false; + } + /* Perhaps the server has a 'min password age' set? */ + + } else if (!NT_STATUS_IS_OK(status)) { + printf("ChangePasswordUser3 (on second random password) failed - %s\n", nt_errstr(status)); + ret = false; + } else { + *password = talloc_strdup(mem_ctx, newpass); + } + + return ret; +} + static bool test_GetMembersInAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *alias_handle) @@ -2061,7 +2229,11 @@ static bool test_user_ops(struct dcerpc_pipe *p, if (!test_ChangePasswordUser2(p, tctx, base_acct_name, &password, samr_rand_pass(tctx, 4), false)) { ret = false; } - + + /* Try a compleatly random password */ + if (!test_ChangePasswordRandomBytes(p, tctx, base_acct_name, user_handle, &password)) { + ret = false; + } } for (i = 0; password_fields[i]; i++) { @@ -2554,7 +2726,7 @@ static bool test_CreateUser(struct dcerpc_pipe *p, struct torture_context *tctx, status = dcerpc_samr_CreateUser(p, user_ctx, &r); if (dom_sid_equal(domain_sid, dom_sid_parse_talloc(tctx, SID_BUILTIN))) { - if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { + if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) || NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) { printf("Server correctly refused create of '%s'\n", r.in.account_name->string); return true; } else { @@ -2678,7 +2850,7 @@ static bool test_CreateUser2(struct dcerpc_pipe *p, struct torture_context *tctx status = dcerpc_samr_CreateUser2(p, user_ctx, &r); if (dom_sid_equal(domain_sid, dom_sid_parse_talloc(tctx, SID_BUILTIN))) { - if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { + if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) || NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) { printf("Server correctly refused create of '%s'\n", r.in.account_name->string); continue; } else { @@ -4525,7 +4697,7 @@ static bool test_Connect(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, printf("testing samr_Connect4\n"); r4.in.system_name = ""; - r4.in.unknown = 0; + r4.in.client_version = 0; r4.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r4.out.connect_handle = &h; @@ -4543,7 +4715,7 @@ static bool test_Connect(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, printf("testing samr_Connect5\n"); - info.info1.unknown1 = 0; + info.info1.client_version = 0; info.info1.unknown2 = 0; r5.in.system_name = ""; diff --git a/source4/torture/rpc/samr_accessmask.c b/source4/torture/rpc/samr_accessmask.c index f496f6300c..bfff8c9267 100644 --- a/source4/torture/rpc/samr_accessmask.c +++ b/source4/torture/rpc/samr_accessmask.c @@ -53,7 +53,7 @@ static NTSTATUS torture_samr_Connect5(struct torture_context *tctx, struct samr_Connect5 r5; union samr_ConnectInfo info; - info.info1.unknown1 = 0; + info.info1.client_version = 0; info.info1.unknown2 = 0; r5.in.system_name = ""; r5.in.level = 1; diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c index 1e76de1dd2..2d2aaa80d6 100644 --- a/source4/torture/rpc/samsync.c +++ b/source4/torture/rpc/samsync.c @@ -24,8 +24,8 @@ #include "includes.h" #include "torture/torture.h" #include "auth/auth.h" -#include "lib/util/dlinklist.h" -#include "lib/crypto/crypto.h" +#include "../lib/util/dlinklist.h" +#include "../lib/crypto/crypto.h" #include "system/time.h" #include "torture/rpc/rpc.h" #include "auth/gensec/schannel_proto.h" diff --git a/source4/torture/rpc/spoolss_notify.c b/source4/torture/rpc/spoolss_notify.c index ab6309d55f..dc2a82414b 100644 --- a/source4/torture/rpc/spoolss_notify.c +++ b/source4/torture/rpc/spoolss_notify.c @@ -29,7 +29,7 @@ #include "smb_server/smb_server.h" #include "librpc/rpc/dcerpc_proto.h" #include "lib/socket/netif.h" -#include "util/dlinklist.h" +#include "../lib/util/dlinklist.h" #include "ntvfs/ntvfs.h" #include "param/param.h" diff --git a/source4/torture/rpc/testjoin.c b/source4/torture/rpc/testjoin.c index 2af8c4f872..3408a1924c 100644 --- a/source4/torture/rpc/testjoin.c +++ b/source4/torture/rpc/testjoin.c @@ -27,7 +27,7 @@ #include "includes.h" #include "torture/torture.h" #include "system/time.h" -#include "lib/crypto/crypto.h" +#include "../lib/crypto/crypto.h" #include "libnet/libnet.h" #include "lib/cmdline/popt_common.h" #include "lib/ldb/include/ldb.h" @@ -472,6 +472,7 @@ static NTSTATUS torture_leave_ads_domain(struct torture_context *torture, } ldb_set_opaque(ldb_ctx, "credentials", cmdline_credentials); + ldb_set_opaque(ldb_ctx, "loadparm", cmdline_lp_ctx); rtn = ldb_connect(ldb_ctx, remote_ldb_url, 0, NULL); if (rtn != 0) { diff --git a/source4/torture/rpc/winreg.c b/source4/torture/rpc/winreg.c index 8b602ef652..08ec8f5ea1 100644 --- a/source4/torture/rpc/winreg.c +++ b/source4/torture/rpc/winreg.c @@ -80,6 +80,7 @@ static bool test_NotifyChangeKeyValue(struct dcerpc_pipe *p, { struct winreg_NotifyChangeKeyValue r; + ZERO_STRUCT(r); r.in.handle = handle; r.in.watch_subtree = true; r.in.notify_filter = 0; @@ -109,6 +110,7 @@ static bool test_CreateKey(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle newhandle; enum winreg_CreateAction action_taken = 0; + ZERO_STRUCT(r); r.in.handle = handle; r.out.new_handle = &newhandle; init_winreg_String(&r.in.name, name); @@ -163,6 +165,7 @@ static bool test_CreateKey_sd(struct dcerpc_pipe *p, secbuf.length = sdblob.length-10; secbuf.inherit = 0; + ZERO_STRUCT(r); r.in.handle = handle; r.out.new_handle = newhandle; init_winreg_String(&r.in.name, name); @@ -317,6 +320,7 @@ static bool test_CloseKey(struct dcerpc_pipe *p, struct torture_context *tctx, { struct winreg_CloseKey r; + ZERO_STRUCT(r); r.in.handle = r.out.handle = handle; torture_assert_ntstatus_ok(tctx, dcerpc_winreg_CloseKey(p, tctx, &r), @@ -332,6 +336,7 @@ static bool test_FlushKey(struct dcerpc_pipe *p, struct torture_context *tctx, { struct winreg_FlushKey r; + ZERO_STRUCT(r); r.in.handle = handle; torture_assert_ntstatus_ok(tctx, dcerpc_winreg_FlushKey(p, tctx, &r), @@ -351,6 +356,7 @@ static bool _test_OpenKey(struct dcerpc_pipe *p, struct torture_context *tctx, { struct winreg_OpenKey r; + ZERO_STRUCT(r); r.in.parent_handle = hive_handle; init_winreg_String(&r.in.keyname, keyname); r.in.unknown = 0x00000000; @@ -384,6 +390,7 @@ static bool test_Cleanup(struct dcerpc_pipe *p, struct torture_context *tctx, { struct winreg_DeleteKey r; + ZERO_STRUCT(r); r.in.handle = handle; init_winreg_String(&r.in.key, key); @@ -1389,7 +1396,7 @@ static bool test_QueryInfoKey(struct dcerpc_pipe *p, struct policy_handle *handle, char *class) { struct winreg_QueryInfoKey r; - uint32_t num_subkeys, max_subkeylen, max_subkeysize, + uint32_t num_subkeys, max_subkeylen, max_classlen, num_values, max_valnamelen, max_valbufsize, secdescsize; NTTIME last_changed_time; @@ -1398,7 +1405,7 @@ static bool test_QueryInfoKey(struct dcerpc_pipe *p, r.in.handle = handle; r.out.num_subkeys = &num_subkeys; r.out.max_subkeylen = &max_subkeylen; - r.out.max_subkeysize = &max_subkeysize; + r.out.max_classlen = &max_classlen; r.out.num_values = &num_values; r.out.max_valnamelen = &max_valnamelen; r.out.max_valbufsize = &max_valbufsize; @@ -1435,6 +1442,7 @@ static bool test_EnumKey(struct dcerpc_pipe *p, struct torture_context *tctx, class.name = ""; class.size = 1024; + ZERO_STRUCT(r); r.in.handle = handle; r.in.enum_index = 0; r.in.name = &name; @@ -1486,6 +1494,7 @@ static bool test_QueryMultipleValues(struct dcerpc_pipe *p, NTSTATUS status; uint32_t bufsize=0; + ZERO_STRUCT(r); r.in.key_handle = handle; r.in.values = r.out.values = talloc_array(tctx, struct QueryMultipleValue, 1); r.in.values[0].name = talloc(tctx, struct winreg_String); @@ -1527,12 +1536,14 @@ static bool test_QueryValue(struct dcerpc_pipe *p, uint32_t offered = 0xfff; uint32_t zero = 0; + ZERO_STRUCT(r); r.in.handle = handle; r.in.data = NULL; - r.in.value_name.name = valuename; + r.in.value_name = talloc_zero(tctx, struct winreg_String); + r.in.value_name->name = valuename; r.in.type = &zero_type; - r.in.size = &offered; - r.in.length = &zero; + r.in.data_size = &offered; + r.in.data_length = &zero; status = dcerpc_winreg_QueryValue(p, tctx, &r); if (NT_STATUS_IS_ERR(status)) { @@ -1558,6 +1569,7 @@ static bool test_EnumValue(struct dcerpc_pipe *p, struct torture_context *tctx, name.name = ""; name.size = 1024; + ZERO_STRUCT(r); r.in.handle = handle; r.in.enum_index = 0; r.in.name = &name; @@ -1594,6 +1606,7 @@ static bool test_AbortSystemShutdown(struct dcerpc_pipe *p, struct winreg_AbortSystemShutdown r; uint16_t server = 0x0; + ZERO_STRUCT(r); r.in.server = &server; torture_assert_ntstatus_ok(tctx, @@ -1612,12 +1625,13 @@ static bool test_InitiateSystemShutdown(struct torture_context *tctx, struct winreg_InitiateSystemShutdown r; uint16_t hostname = 0x0; + ZERO_STRUCT(r); r.in.hostname = &hostname; r.in.message = talloc(tctx, struct lsa_StringLarge); init_lsa_StringLarge(r.in.message, "spottyfood"); r.in.force_apps = 1; r.in.timeout = 30; - r.in.reboot = 1; + r.in.do_reboot = 1; torture_assert_ntstatus_ok(tctx, dcerpc_winreg_InitiateSystemShutdown(p, tctx, &r), @@ -1636,12 +1650,13 @@ static bool test_InitiateSystemShutdownEx(struct torture_context *tctx, struct winreg_InitiateSystemShutdownEx r; uint16_t hostname = 0x0; + ZERO_STRUCT(r); r.in.hostname = &hostname; r.in.message = talloc(tctx, struct lsa_StringLarge); init_lsa_StringLarge(r.in.message, "spottyfood"); r.in.force_apps = 1; r.in.timeout = 30; - r.in.reboot = 1; + r.in.do_reboot = 1; r.in.reason = 0; torture_assert_ntstatus_ok(tctx, @@ -1694,6 +1709,7 @@ static bool test_Open_Security(struct torture_context *tctx, winreg_open_fn open_fn = userdata; + ZERO_STRUCT(r); r.in.system_name = 0; r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.handle = &handle; @@ -1767,6 +1783,7 @@ static bool test_Open(struct torture_context *tctx, struct dcerpc_pipe *p, winreg_open_fn open_fn = userdata; + ZERO_STRUCT(r); r.in.system_name = 0; r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.handle = &handle; diff --git a/source4/torture/rpc/wkssvc.c b/source4/torture/rpc/wkssvc.c index b212a44b33..015f20f6e2 100644 --- a/source4/torture/rpc/wkssvc.c +++ b/source4/torture/rpc/wkssvc.c @@ -25,7 +25,7 @@ #include "torture/rpc/rpc.h" #include "lib/cmdline/popt_common.h" #include "param/param.h" -#include "lib/crypto/crypto.h" +#include "../lib/crypto/crypto.h" #include "libcli/auth/libcli_auth.h" #define SMBTORTURE_MACHINE_NAME "smbtrt_name" @@ -1218,12 +1218,12 @@ static bool test_NetrJoinDomain2(struct torture_context *tctx, } switch (join_status) { - case NetSetupDomainName: + case NET_SETUP_DOMAIN_NAME: expected_err = WERR_SETUP_ALREADY_JOINED; break; - case NetSetupUnknownStatus: - case NetSetupUnjoined: - case NetSetupWorkgroupName: + case NET_SETUP_UNKNOWN_STATUS: + case NET_SETUP_UNJOINED: + case NET_SETUP_WORKGROUP_NAME: default: expected_err = WERR_OK; break; @@ -1271,7 +1271,7 @@ static bool test_NetrJoinDomain2(struct torture_context *tctx, return false; } - if (join_status != NetSetupDomainName) { + if (join_status != NET_SETUP_DOMAIN_NAME) { torture_comment(tctx, "Join verify failed: got %d\n", join_status); return false; @@ -1302,12 +1302,12 @@ static bool test_NetrUnjoinDomain2(struct torture_context *tctx, } switch (join_status) { - case NetSetupUnjoined: + case NET_SETUP_UNJOINED: expected_err = WERR_SETUP_NOT_JOINED; break; - case NetSetupDomainName: - case NetSetupUnknownStatus: - case NetSetupWorkgroupName: + case NET_SETUP_DOMAIN_NAME: + case NET_SETUP_UNKNOWN_STATUS: + case NET_SETUP_WORKGROUP_NAME: default: expected_err = WERR_OK; break; @@ -1350,11 +1350,11 @@ static bool test_NetrUnjoinDomain2(struct torture_context *tctx, } switch (join_status) { - case NetSetupUnjoined: - case NetSetupWorkgroupName: + case NET_SETUP_UNJOINED: + case NET_SETUP_WORKGROUP_NAME: break; - case NetSetupUnknown: - case NetSetupDomainName: + case NET_SETUP_UNKNOWN_STATUS: + case NET_SETUP_DOMAIN_NAME: default: torture_comment(tctx, "Unjoin verify failed: got %d\n", join_status); |