diff options
Diffstat (limited to 'source4/torture/rpc')
| -rw-r--r-- | source4/torture/rpc/async_bind.c | 7 | ||||
| -rw-r--r-- | source4/torture/rpc/dfs.c | 4 | ||||
| -rw-r--r-- | source4/torture/rpc/dssync.c | 17 | ||||
| -rw-r--r-- | source4/torture/rpc/join.c | 4 | ||||
| -rw-r--r-- | source4/torture/rpc/rpc.c | 11 | ||||
| -rw-r--r-- | source4/torture/rpc/rpc.h | 2 | ||||
| -rw-r--r-- | source4/torture/rpc/samba3rpc.c | 26 | ||||
| -rw-r--r-- | source4/torture/rpc/samlogon.c | 2 | ||||
| -rw-r--r-- | source4/torture/rpc/samsync.c | 4 | ||||
| -rw-r--r-- | source4/torture/rpc/schannel.c | 365 | ||||
| -rw-r--r-- | source4/torture/rpc/session_key.c | 6 | ||||
| -rw-r--r-- | source4/torture/rpc/spoolss_notify.c | 1 | ||||
| -rw-r--r-- | source4/torture/rpc/spoolss_win.c | 1 | ||||
| -rw-r--r-- | source4/torture/rpc/testjoin.c | 6 |
14 files changed, 403 insertions, 53 deletions
diff --git a/source4/torture/rpc/async_bind.c b/source4/torture/rpc/async_bind.c index 1ca3c62df0..0ebbef1ce6 100644 --- a/source4/torture/rpc/async_bind.c +++ b/source4/torture/rpc/async_bind.c @@ -39,7 +39,6 @@ bool torture_async_bind(struct torture_context *torture) { NTSTATUS status; TALLOC_CTX *mem_ctx; - struct event_context *evt_ctx; int i; const char *binding_string; struct cli_credentials *creds; @@ -70,15 +69,11 @@ bool torture_async_bind(struct torture_context *torture) /* credentials */ creds = cmdline_credentials; - /* event context */ - evt_ctx = cli_credentials_get_event_context(creds); - if (evt_ctx == NULL) return false; - /* send bind requests */ for (i = 0; i < torture_numasync; i++) { table[i] = &ndr_table_lsarpc; bind_req[i] = dcerpc_pipe_connect_send(mem_ctx, binding_string, - table[i], creds, evt_ctx, torture->lp_ctx); + table[i], creds, torture->ev, torture->lp_ctx); } /* recv bind requests */ diff --git a/source4/torture/rpc/dfs.c b/source4/torture/rpc/dfs.c index 5656476922..1c81766ebe 100644 --- a/source4/torture/rpc/dfs.c +++ b/source4/torture/rpc/dfs.c @@ -124,7 +124,7 @@ static bool test_CreateDir(TALLOC_CTX *mem_ctx, { printf("Creating directory %s\n", dir); - if (!torture_open_connection_share(mem_ctx, cli, tctx, host, share, NULL)) { + if (!torture_open_connection_share(mem_ctx, cli, tctx, host, share, tctx->ev)) { return false; } @@ -494,7 +494,7 @@ static void test_cleanup_stdroot(struct dcerpc_pipe *p, test_RemoveStdRoot(p, mem_ctx, host, sharename); test_NetShareDel(mem_ctx, tctx, host, sharename); - torture_open_connection_share(mem_ctx, &cli, tctx, host, "C$", NULL); + torture_open_connection_share(mem_ctx, &cli, tctx, host, "C$", tctx->ev); test_DeleteDir(cli, dir); torture_close_connection(cli); } diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c index b28e429a75..989a1faf27 100644 --- a/source4/torture/rpc/dssync.c +++ b/source4/torture/rpc/dssync.c @@ -178,12 +178,11 @@ static bool _test_DsBind(struct torture_context *tctx, { NTSTATUS status; bool ret = true; - struct event_context *event = NULL; status = dcerpc_pipe_connect_b(ctx, &b->pipe, ctx->drsuapi_binding, &ndr_table_drsuapi, - credentials, event, tctx->lp_ctx); + credentials, tctx->ev, tctx->lp_ctx); if (!NT_STATUS_IS_OK(status)) { printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status)); @@ -254,10 +253,11 @@ static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx) struct drsuapi_DsCrackNames r; struct drsuapi_DsNameString names[1]; bool ret = true; - - struct cldap_socket *cldap = cldap_socket_init(ctx, NULL, lp_iconv_convenience(tctx->lp_ctx)); + struct cldap_socket *cldap; struct cldap_netlogon search; - + + cldap = cldap_socket_init(ctx, tctx->ev, lp_iconv_convenience(tctx->lp_ctx)); + r.in.bind_handle = &ctx->admin.drsuapi.bind_handle; r.in.level = 1; r.in.req.req1.codepage = 1252; /* western european */ @@ -288,16 +288,17 @@ static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx) search.in.dest_address = ctx->drsuapi_binding->host; search.in.dest_port = lp_cldap_port(tctx->lp_ctx); search.in.acct_control = -1; - search.in.version = 6; + search.in.version = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX; + search.in.map_response = true; status = cldap_netlogon(cldap, ctx, &search); if (!NT_STATUS_IS_OK(status)) { const char *errstr = nt_errstr(status); ctx->site_name = talloc_asprintf(ctx, "%s", "Default-First-Site-Name"); printf("cldap_netlogon() returned %s. Defaulting to Site-Name: %s\n", errstr, ctx->site_name); } else { - ctx->site_name = talloc_steal(ctx, search.out.netlogon.logon5.client_site); + ctx->site_name = talloc_steal(ctx, search.out.netlogon.nt5_ex.client_site); printf("cldap_netlogon() returned Client Site-Name: %s.\n",ctx->site_name); - printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.logon5.server_site); + printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.nt5_ex.server_site); } return ret; diff --git a/source4/torture/rpc/join.c b/source4/torture/rpc/join.c index 849b9fd1e9..cd5eb32fa8 100644 --- a/source4/torture/rpc/join.c +++ b/source4/torture/rpc/join.c @@ -39,7 +39,7 @@ bool torture_rpc_join(struct torture_context *torture) "IPC$", NULL, machine_account, lp_resolve_context(torture->lp_ctx), - NULL, &options); + torture->ev, &options); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("%s failed to connect to IPC$ with workstation credentials\n", TORTURE_NETBIOS_NAME)); @@ -65,7 +65,7 @@ bool torture_rpc_join(struct torture_context *torture) "IPC$", NULL, machine_account, lp_resolve_context(torture->lp_ctx), - NULL, &options); + torture->ev, &options); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("%s failed to connect to IPC$ with workstation credentials\n", TORTURE_NETBIOS_NAME)); diff --git a/source4/torture/rpc/rpc.c b/source4/torture/rpc/rpc.c index 6e38d0465a..acc1220ccc 100644 --- a/source4/torture/rpc/rpc.c +++ b/source4/torture/rpc/rpc.c @@ -23,7 +23,7 @@ #include "lib/cmdline/popt_common.h" #include "librpc/rpc/dcerpc.h" #include "torture/rpc/rpc.h" -#include "torture/torture.h" +#include "torture/smbtorture.h" #include "librpc/ndr/ndr_table.h" #include "lib/util/dlinklist.h" @@ -83,7 +83,7 @@ _PUBLIC_ NTSTATUS torture_rpc_connection(struct torture_context *tctx, status = dcerpc_pipe_connect_b(tctx, p, binding, table, - cmdline_credentials, NULL, tctx->lp_ctx); + cmdline_credentials, tctx->ev, tctx->lp_ctx); if (NT_STATUS_IS_ERR(status)) { printf("Failed to connect to remote server: %s %s\n", @@ -113,7 +113,7 @@ NTSTATUS torture_rpc_connection_transport(struct torture_context *tctx, binding->assoc_group_id = assoc_group_id; status = dcerpc_pipe_connect_b(tctx, p, binding, table, - cmdline_credentials, NULL, tctx->lp_ctx); + cmdline_credentials, tctx->ev, tctx->lp_ctx); if (NT_STATUS_IS_ERR(status)) { *p = NULL; @@ -147,7 +147,7 @@ static bool torture_rpc_setup_machine(struct torture_context *tctx, &(tcase_data->pipe), binding, tcase->table, - tcase_data->credentials, NULL, tctx->lp_ctx); + tcase_data->credentials, tctx->ev, tctx->lp_ctx); torture_assert_ntstatus_ok(tctx, status, "Error connecting to server"); @@ -205,7 +205,7 @@ static bool torture_rpc_setup_anonymous(struct torture_context *tctx, &(tcase_data->pipe), binding, tcase->table, - tcase_data->credentials, NULL, tctx->lp_ctx); + tcase_data->credentials, tctx->ev, tctx->lp_ctx); torture_assert_ntstatus_ok(tctx, status, "Error connecting to server"); @@ -399,6 +399,7 @@ NTSTATUS torture_rpc_init(void) torture_suite_add_simple_test(suite, "SAMSYNC", torture_rpc_samsync); torture_suite_add_simple_test(suite, "SCHANNEL", torture_rpc_schannel); torture_suite_add_simple_test(suite, "SCHANNEL2", torture_rpc_schannel2); + torture_suite_add_simple_test(suite, "BENCH-SCHANNEL1", torture_rpc_schannel_bench1); torture_suite_add_suite(suite, torture_rpc_srvsvc(suite)); torture_suite_add_suite(suite, torture_rpc_svcctl(suite)); torture_suite_add_suite(suite, torture_rpc_samr_accessmask(suite)); diff --git a/source4/torture/rpc/rpc.h b/source4/torture/rpc/rpc.h index d0a0727787..48db814b7a 100644 --- a/source4/torture/rpc/rpc.h +++ b/source4/torture/rpc/rpc.h @@ -28,7 +28,7 @@ #include "librpc/rpc/dcerpc.h" #include "libcli/raw/libcliraw.h" #include "torture/rpc/proto.h" -#include "torture/ui.h" +#include "torture/torture.h" struct torture_rpc_tcase { struct torture_tcase tcase; diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c index 8eb1f54b4f..17342f9b86 100644 --- a/source4/torture/rpc/samba3rpc.c +++ b/source4/torture/rpc/samba3rpc.c @@ -89,7 +89,7 @@ bool torture_bind_authcontext(struct torture_context *torture) lp_smb_ports(torture->lp_ctx), "IPC$", NULL, cmdline_credentials, lp_resolve_context(torture->lp_ctx), - NULL, &options); + torture->ev, &options); if (!NT_STATUS_IS_OK(status)) { d_printf("smbcli_full_connection failed: %s\n", nt_errstr(status)); @@ -303,7 +303,7 @@ bool torture_bind_samba3(struct torture_context *torture) lp_smb_ports(torture->lp_ctx), "IPC$", NULL, cmdline_credentials, lp_resolve_context(torture->lp_ctx), - NULL, &options); + torture->ev, &options); if (!NT_STATUS_IS_OK(status)) { d_printf("smbcli_full_connection failed: %s\n", nt_errstr(status)); @@ -426,7 +426,7 @@ static NTSTATUS get_usr_handle(struct smbcli_state *cli, "builtin") ? 1:0; l.in.connect_handle = &conn_handle; - domain_name.string = enumdom.out.sam->entries[0].name.string; + domain_name.string = enumdom.out.sam->entries[dom_idx].name.string; *domain = talloc_strdup(mem_ctx, domain_name.string); l.in.domain_name = &domain_name; @@ -1220,7 +1220,7 @@ bool torture_netlogon_samba3(struct torture_context *torture) lp_smb_ports(torture->lp_ctx), "IPC$", NULL, anon_creds, lp_resolve_context(torture->lp_ctx), - NULL, &options); + torture->ev, &options); if (!NT_STATUS_IS_OK(status)) { d_printf("smbcli_full_connection failed: %s\n", nt_errstr(status)); @@ -1307,7 +1307,7 @@ static bool test_join3(struct torture_context *tctx, lp_smb_ports(tctx->lp_ctx), "IPC$", NULL, smb_creds, lp_resolve_context(tctx->lp_ctx), - NULL, &options); + tctx->ev, &options); if (!NT_STATUS_IS_OK(status)) { d_printf("smbcli_full_connection failed: %s\n", nt_errstr(status)); @@ -1682,7 +1682,7 @@ bool torture_samba3_rpc_getusername(struct torture_context *torture) lp_smb_ports(torture->lp_ctx), "IPC$", NULL, cmdline_credentials, lp_resolve_context(torture->lp_ctx), - NULL, &options); + torture->ev, &options); if (!NT_STATUS_IS_OK(status)) { d_printf("(%s) smbcli_full_connection failed: %s\n", __location__, nt_errstr(status)); @@ -1709,7 +1709,7 @@ bool torture_samba3_rpc_getusername(struct torture_context *torture) lp_smb_ports(torture->lp_ctx), "IPC$", NULL, anon_creds, lp_resolve_context(torture->lp_ctx), - NULL, &options); + torture->ev, &options); if (!NT_STATUS_IS_OK(status)) { d_printf("(%s) anon smbcli_full_connection failed: %s\n", __location__, nt_errstr(status)); @@ -1924,7 +1924,7 @@ bool torture_samba3_rpc_srvsvc(struct torture_context *torture) if (!(torture_open_connection_share( mem_ctx, &cli, torture, torture_setting_string(torture, "host", NULL), - "IPC$", NULL))) { + "IPC$", torture->ev))) { talloc_free(mem_ctx); return false; } @@ -1986,7 +1986,7 @@ bool torture_samba3_rpc_randomauth2(struct torture_context *torture) if (!(torture_open_connection_share( mem_ctx, &cli, torture, torture_setting_string(torture, "host", NULL), - "IPC$", NULL))) { + "IPC$", torture->ev))) { d_printf("IPC$ connection failed\n"); goto done; } @@ -2281,7 +2281,7 @@ bool torture_samba3_rpc_sharesec(struct torture_context *torture) if (!(torture_open_connection_share( mem_ctx, &cli, torture, torture_setting_string(torture, "host", NULL), - "IPC$", NULL))) { + "IPC$", torture->ev))) { d_printf("IPC$ connection failed\n"); talloc_free(mem_ctx); return false; @@ -2329,7 +2329,7 @@ bool torture_samba3_rpc_lsa(struct torture_context *torture) if (!(torture_open_connection_share( mem_ctx, &cli, torture, torture_setting_string(torture, "host", NULL), - "IPC$", NULL))) { + "IPC$", torture->ev))) { d_printf("IPC$ connection failed\n"); talloc_free(mem_ctx); return false; @@ -2611,7 +2611,7 @@ bool torture_samba3_rpc_spoolss(struct torture_context *torture) if (!(torture_open_connection_share( mem_ctx, &cli, torture, torture_setting_string(torture, "host", NULL), - "IPC$", NULL))) { + "IPC$", torture->ev))) { d_printf("IPC$ connection failed\n"); talloc_free(mem_ctx); return false; @@ -2797,7 +2797,7 @@ bool torture_samba3_rpc_wkssvc(struct torture_context *torture) if (!(torture_open_connection_share( mem_ctx, &cli, torture, torture_setting_string(torture, "host", NULL), - "IPC$", NULL))) { + "IPC$", torture->ev))) { d_printf("IPC$ connection failed\n"); talloc_free(mem_ctx); return false; diff --git a/source4/torture/rpc/samlogon.c b/source4/torture/rpc/samlogon.c index 24b2511bc7..ab3283a952 100644 --- a/source4/torture/rpc/samlogon.c +++ b/source4/torture/rpc/samlogon.c @@ -1602,7 +1602,7 @@ bool torture_rpc_samlogon(struct torture_context *torture) status = dcerpc_pipe_connect_b(mem_ctx, &p, b, &ndr_table_netlogon, - machine_credentials, NULL, torture->lp_ctx); + machine_credentials, torture->ev, torture->lp_ctx); if (!NT_STATUS_IS_OK(status)) { d_printf("RPC pipe connect as domain member failed: %s\n", nt_errstr(status)); diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c index 3b152d92aa..9705f7b0de 100644 --- a/source4/torture/rpc/samsync.c +++ b/source4/torture/rpc/samsync.c @@ -1560,7 +1560,7 @@ bool torture_rpc_samsync(struct torture_context *torture) status = dcerpc_pipe_connect_b(samsync_state, &samsync_state->p, b, &ndr_table_netlogon, - credentials, NULL, torture->lp_ctx); + credentials, torture->ev, torture->lp_ctx); if (!NT_STATUS_IS_OK(status)) { printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status)); @@ -1598,7 +1598,7 @@ bool torture_rpc_samsync(struct torture_context *torture) &samsync_state->p_netlogon_wksta, b_netlogon_wksta, &ndr_table_netlogon, - credentials_wksta, NULL, torture->lp_ctx); + credentials_wksta, torture->ev, torture->lp_ctx); if (!NT_STATUS_IS_OK(status)) { printf("Failed to connect to server as a Workstation: %s\n", nt_errstr(status)); diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c index 19b871f9c0..a8f70b2ea9 100644 --- a/source4/torture/rpc/schannel.c +++ b/source4/torture/rpc/schannel.c @@ -33,6 +33,8 @@ #include "param/param.h" #include "librpc/rpc/dcerpc_proto.h" #include "auth/gensec/gensec.h" +#include "libcli/composite/composite.h" +#include "lib/events/events.h" #define TEST_MACHINE_NAME "schannel" @@ -258,7 +260,7 @@ static bool test_schannel(struct torture_context *tctx, b->flags |= dcerpc_flags; status = dcerpc_pipe_connect_b(tctx, &p, b, &ndr_table_samr, - credentials, NULL, tctx->lp_ctx); + credentials, tctx->ev, tctx->lp_ctx); torture_assert_ntstatus_ok(tctx, status, "Failed to connect with schannel"); @@ -270,7 +272,7 @@ static bool test_schannel(struct torture_context *tctx, * the second */ /* Swap the binding details from SAMR to NETLOGON */ - status = dcerpc_epm_map_binding(tctx, b, &ndr_table_netlogon, NULL, tctx->lp_ctx); + status = dcerpc_epm_map_binding(tctx, b, &ndr_table_netlogon, tctx->ev, tctx->lp_ctx); torture_assert_ntstatus_ok(tctx, status, "epm map"); status = dcerpc_secondary_connection(p, &p_netlogon, @@ -296,7 +298,7 @@ static bool test_schannel(struct torture_context *tctx, "Failed to process schannel secured NETLOGON EX ops"); /* Swap the binding details from SAMR to LSARPC */ - status = dcerpc_epm_map_binding(tctx, b, &ndr_table_lsarpc, NULL, tctx->lp_ctx); + status = dcerpc_epm_map_binding(tctx, b, &ndr_table_lsarpc, tctx->ev, tctx->lp_ctx); torture_assert_ntstatus_ok(tctx, status, "epm map"); status = dcerpc_secondary_connection(p, &p_lsa, @@ -328,7 +330,7 @@ static bool test_schannel(struct torture_context *tctx, b->flags |= dcerpc_flags; status = dcerpc_pipe_connect_b(tctx, &p_samr2, b, &ndr_table_samr, - credentials, NULL, tctx->lp_ctx); + credentials, tctx->ev, tctx->lp_ctx); torture_assert_ntstatus_ok(tctx, status, "Failed to connect with schannel"); @@ -337,7 +339,7 @@ static bool test_schannel(struct torture_context *tctx, "Failed to process schannel secured SAMR ops (on fresh connection)"); /* Swap the binding details from SAMR to NETLOGON */ - status = dcerpc_epm_map_binding(tctx, b, &ndr_table_netlogon, NULL, tctx->lp_ctx); + status = dcerpc_epm_map_binding(tctx, b, &ndr_table_netlogon, tctx->ev, tctx->lp_ctx); torture_assert_ntstatus_ok(tctx, status, "epm"); status = dcerpc_secondary_connection(p_samr2, &p_netlogon2, @@ -370,7 +372,7 @@ static bool test_schannel(struct torture_context *tctx, b->flags &= ~DCERPC_AUTH_OPTIONS; status = dcerpc_pipe_connect_b(tctx, &p_netlogon3, b, &ndr_table_netlogon, - credentials, NULL, tctx->lp_ctx); + credentials, tctx->ev, tctx->lp_ctx); torture_assert_ntstatus_ok(tctx, status, "Failed to connect without schannel"); torture_assert(tctx, !test_netlogon_ex_ops(p_netlogon3, tctx, credentials, creds), @@ -453,12 +455,12 @@ bool torture_rpc_schannel2(struct torture_context *torture) printf("Opening first connection\n"); status = dcerpc_pipe_connect_b(torture, &p1, b, &ndr_table_netlogon, - credentials1, NULL, torture->lp_ctx); + credentials1, torture->ev, torture->lp_ctx); torture_assert_ntstatus_ok(torture, status, "Failed to connect with schannel"); torture_comment(torture, "Opening second connection\n"); status = dcerpc_pipe_connect_b(torture, &p2, b, &ndr_table_netlogon, - credentials2, NULL, torture->lp_ctx); + credentials2, torture->ev, torture->lp_ctx); torture_assert_ntstatus_ok(torture, status, "Failed to connect with schannel"); credentials1->netlogon_creds = NULL; @@ -484,3 +486,350 @@ bool torture_rpc_schannel2(struct torture_context *torture) return true; } +struct torture_schannel_bench; + +struct torture_schannel_bench_conn { + struct torture_schannel_bench *s; + int index; + struct cli_credentials *wks_creds; + struct dcerpc_pipe *pipe; + struct netr_LogonSamLogonEx r; + struct netr_NetworkInfo ninfo; + TALLOC_CTX *tmp; + uint64_t total; + uint32_t count; +}; + +struct torture_schannel_bench { + struct torture_context *tctx; + bool progress; + int timelimit; + int nprocs; + int nconns; + struct torture_schannel_bench_conn *conns; + struct test_join *join_ctx1; + struct cli_credentials *wks_creds1; + struct test_join *join_ctx2; + struct cli_credentials *wks_creds2; + struct cli_credentials *user1_creds; + struct cli_credentials *user2_creds; + struct dcerpc_binding *b; + NTSTATUS error; + uint64_t total; + uint32_t count; + bool stopped; +}; + +static void torture_schannel_bench_connected(struct composite_context *c) +{ + struct torture_schannel_bench_conn *conn = + (struct torture_schannel_bench_conn *)c->async.private_data; + struct torture_schannel_bench *s = talloc_get_type(conn->s, + struct torture_schannel_bench); + + s->error = dcerpc_pipe_connect_b_recv(c, s->conns, &conn->pipe); + torture_comment(s->tctx, "conn[%u]: %s\n", conn->index, nt_errstr(s->error)); + if (NT_STATUS_IS_OK(s->error)) { + s->nconns++; + } +} + +static void torture_schannel_bench_recv(struct rpc_request *req); + +static bool torture_schannel_bench_start(struct torture_schannel_bench_conn *conn) +{ + struct torture_schannel_bench *s = conn->s; + NTSTATUS status; + DATA_BLOB names_blob, chal, lm_resp, nt_resp; + int flags = CLI_CRED_NTLM_AUTH; + struct rpc_request *req; + struct cli_credentials *user_creds; + + if (conn->total % 2) { + user_creds = s->user1_creds; + } else { + user_creds = s->user2_creds; + } + + if (lp_client_lanman_auth(s->tctx->lp_ctx)) { + flags |= CLI_CRED_LANMAN_AUTH; + } + + if (lp_client_ntlmv2_auth(s->tctx->lp_ctx)) { + flags |= CLI_CRED_NTLMv2_AUTH; + } + + talloc_free(conn->tmp); + conn->tmp = talloc_new(s); + ZERO_STRUCT(conn->ninfo); + ZERO_STRUCT(conn->r); + + cli_credentials_get_ntlm_username_domain(user_creds, conn->tmp, + &conn->ninfo.identity_info.account_name.string, + &conn->ninfo.identity_info.domain_name.string); + + generate_random_buffer(conn->ninfo.challenge, + sizeof(conn->ninfo.challenge)); + chal = data_blob_const(conn->ninfo.challenge, + sizeof(conn->ninfo.challenge)); + + names_blob = NTLMv2_generate_names_blob(conn->tmp, lp_iconv_convenience(s->tctx->lp_ctx), + cli_credentials_get_workstation(conn->wks_creds), + cli_credentials_get_domain(conn->wks_creds)); + + status = cli_credentials_get_ntlm_response(user_creds, conn->tmp, + &flags, + chal, + names_blob, + &lm_resp, &nt_resp, + NULL, NULL); + torture_assert_ntstatus_ok(s->tctx, status, + "cli_credentials_get_ntlm_response failed"); + + conn->ninfo.lm.data = lm_resp.data; + conn->ninfo.lm.length = lm_resp.length; + + conn->ninfo.nt.data = nt_resp.data; + conn->ninfo.nt.length = nt_resp.length; + + conn->ninfo.identity_info.parameter_control = 0; + conn->ninfo.identity_info.logon_id_low = 0; + conn->ninfo.identity_info.logon_id_high = 0; + conn->ninfo.identity_info.workstation.string = cli_credentials_get_workstation(conn->wks_creds); + + conn->r.in.server_name = talloc_asprintf(conn->tmp, "\\\\%s", dcerpc_server_name(conn->pipe)); + conn->r.in.computer_name = cli_credentials_get_workstation(conn->wks_creds); + conn->r.in.logon_level = 2; + conn->r.in.logon.network = &conn->ninfo; + conn->r.in.flags = 0; + conn->r.in.validation_level = 2; + + req = dcerpc_netr_LogonSamLogonEx_send(conn->pipe, conn->tmp, &conn->r); + torture_assert(s->tctx, req, "Failed to setup LogonSamLogonEx request"); + + req->async.callback = torture_schannel_bench_recv; + req->async.private_data = conn; + + return true; +} + +static void torture_schannel_bench_recv(struct rpc_request *req) +{ + bool ret; + struct torture_schannel_bench_conn *conn = + (struct torture_schannel_bench_conn *)req->async.private_data; + struct torture_schannel_bench *s = talloc_get_type(conn->s, + struct torture_schannel_bench); + + s->error = dcerpc_ndr_request_recv(req); + if (!NT_STATUS_IS_OK(s->error)) { + return; + } + + conn->total++; + conn->count++; + + if (s->stopped) { + return; + } + + ret = torture_schannel_bench_start(conn); + if (!ret) { + s->error = NT_STATUS_INTERNAL_ERROR; + } +} + +/* + test multiple schannel connection in parallel + */ +bool torture_rpc_schannel_bench1(struct torture_context *torture) +{ + bool ret = true; + NTSTATUS status; + const char *binding = torture_setting_string(torture, "binding", NULL); + struct torture_schannel_bench *s; + struct timeval start; + struct timeval end; + int i; + const char *tmp; + + s = talloc_zero(torture, struct torture_schannel_bench); + s->tctx = torture; + s->progress = torture_setting_bool(torture, "progress", true); + s->timelimit = torture_setting_int(torture, "timelimit", 10); + s->nprocs = torture_setting_int(torture, "nprocs", 4); + s->conns = talloc_zero_array(s, struct torture_schannel_bench_conn, s->nprocs); + + s->user1_creds = (struct cli_credentials *)talloc_memdup(s, + cmdline_credentials, + sizeof(*s->user1_creds)); + tmp = torture_setting_string(s->tctx, "extra_user1", NULL); + if (tmp) { + cli_credentials_parse_string(s->user1_creds, tmp, CRED_SPECIFIED); + } + s->user2_creds = (struct cli_credentials *)talloc_memdup(s, + cmdline_credentials, + sizeof(*s->user1_creds)); + tmp = torture_setting_string(s->tctx, "extra_user2", NULL); + if (tmp) { + cli_credentials_parse_string(s->user1_creds, tmp, CRED_SPECIFIED); + } + + s->join_ctx1 = torture_join_domain(s->tctx, talloc_asprintf(s, "%sb", TEST_MACHINE_NAME), + ACB_WSTRUST, &s->wks_creds1); + torture_assert(torture, s->join_ctx1 != NULL, + "Failed to join domain with acct_flags=ACB_WSTRUST"); + s->join_ctx2 = torture_join_domain(s->tctx, talloc_asprintf(s, "%sc", TEST_MACHINE_NAME), + ACB_WSTRUST, &s->wks_creds2); + torture_assert(torture, s->join_ctx2 != NULL, + "Failed to join domain with acct_flags=ACB_WSTRUST"); + + cli_credentials_set_kerberos_state(s->wks_creds1, CRED_DONT_USE_KERBEROS); + cli_credentials_set_kerberos_state(s->wks_creds2, CRED_DONT_USE_KERBEROS); + + for (i=0; i < s->nprocs; i++) { + s->conns[i].s = s; + s->conns[i].index = i; + s->conns[i].wks_creds = (struct cli_credentials *)talloc_memdup( + s->conns, s->wks_creds1,sizeof(*s->wks_creds1)); + if ((i % 2) && (torture_setting_bool(torture, "multijoin", false))) { + memcpy(s->conns[i].wks_creds, s->wks_creds2, + talloc_get_size(s->conns[i].wks_creds)); + } + s->conns[i].wks_creds->netlogon_creds = NULL; + } + + status = dcerpc_parse_binding(s, binding, &s->b); + torture_assert_ntstatus_ok(torture, status, "Bad binding string"); + s->b->flags &= ~DCERPC_AUTH_OPTIONS; + s->b->flags |= DCERPC_SCHANNEL | DCERPC_SIGN; + + torture_comment(torture, "Opening %d connections in parallel\n", s->nprocs); + for (i=0; i < s->nprocs; i++) { +#if 1 + s->error = dcerpc_pipe_connect_b(s->conns, &s->conns[i].pipe, s->b, + &ndr_table_netlogon, + s->conns[i].wks_creds, + torture->ev, torture->lp_ctx); + torture_assert_ntstatus_ok(torture, s->error, "Failed to connect with schannel"); +#else + /* + * This path doesn't work against windows, + * because of windows drops the connections + * which haven't reached a session setup yet + * + * The same as the reset on zero vc stuff. + */ + struct composite_context *c; + c = dcerpc_pipe_connect_b_send(s->conns, s->b, + &ndr_table_netlogon, + s->conns[i].wks_creds, + torture->ev, + torture->lp_ctx); + torture_assert(torture, c != NULL, "Failed to setup connect"); + c->async.fn = torture_schannel_bench_connected; + c->async.private_data = &s->conns[i]; + } + + while (NT_STATUS_IS_OK(s->error) && s->nprocs != s->nconns) { + int ev_ret = event_loop_once(torture->ev); + torture_assert(torture, ev_ret == 0, "event_loop_once failed"); +#endif + } + torture_assert_ntstatus_ok(torture, s->error, "Failed establish a connect"); + + /* + * Change the workstation password after establishing the netlogon + * schannel connections to prove that existing connections are not + * affected by a wks pwchange. + */ + + { + struct netr_ServerPasswordSet pwset; + char *password = generate_random_str(s->join_ctx1, 8); + struct creds_CredentialState *creds_state; + struct dcerpc_pipe *net_pipe; + + status = dcerpc_pipe_connect_b(s, &net_pipe, s->b, + &ndr_table_netlogon, + s->wks_creds1, + torture->ev, torture->lp_ctx); + + torture_assert_ntstatus_ok(torture, status, + "dcerpc_pipe_connect_b failed"); + + pwset.in.server_name = talloc_asprintf( + net_pipe, "\\\\%s", dcerpc_server_name(net_pipe)); + pwset.in.computer_name = + cli_credentials_get_workstation(s->wks_creds1); + pwset.in.account_name = talloc_asprintf( + net_pipe, "%s$", pwset.in.computer_name); + pwset.in.secure_channel_type = SEC_CHAN_WKSTA; + E_md4hash(password, pwset.in.new_password.hash); + + creds_state = cli_credentials_get_netlogon_creds( + s->wks_creds1); + creds_des_encrypt(creds_state, &pwset.in.new_password); + creds_client_authenticator(creds_state, &pwset.in.credential); + + status = dcerpc_netr_ServerPasswordSet(net_pipe, torture, &pwset); + torture_assert_ntstatus_ok(torture, status, + "ServerPasswordSet failed"); + + if (!creds_client_check(creds_state, + &pwset.out.return_authenticator.cred)) { + printf("Credential chaining failed\n"); + } + + cli_credentials_set_password(s->wks_creds1, password, + CRED_SPECIFIED); + + talloc_free(net_pipe); + + /* Just as a test, connect with the new creds */ + + talloc_free(s->wks_creds1->netlogon_creds); + s->wks_creds1->netlogon_creds = NULL; + + status = dcerpc_pipe_connect_b(s, &net_pipe, s->b, + &ndr_table_netlogon, + s->wks_creds1, + torture->ev, torture->lp_ctx); + + torture_assert_ntstatus_ok(torture, status, + "dcerpc_pipe_connect_b failed"); + + talloc_free(net_pipe); + } + + torture_comment(torture, "Start looping LogonSamLogonEx on %d connections for %d secs\n", + s->nprocs, s->timelimit); + for (i=0; i < s->nprocs; i++) { + ret = torture_schannel_bench_start(&s->conns[i]); + torture_assert(torture, ret, "Failed to setup LogonSamLogonEx"); + } + + start = timeval_current(); + end = timeval_add(&start, s->timelimit, 0); + + while (NT_STATUS_IS_OK(s->error) && !timeval_expired(&end)) { + int ev_ret = event_loop_once(torture->ev); + torture_assert(torture, ev_ret == 0, "event_loop_once failed"); + } + torture_assert_ntstatus_ok(torture, s->error, "Failed some request"); + s->stopped = true; + talloc_free(s->conns); + + for (i=0; i < s->nprocs; i++) { + s->total += s->conns[i].total; + } + + torture_comment(torture, + "Total ops[%llu] (%u ops/s)\n", + (unsigned long long)s->total, + (unsigned)s->total/s->timelimit); + + torture_leave_domain(s->join_ctx1); + torture_leave_domain(s->join_ctx2); + return true; +} diff --git a/source4/torture/rpc/session_key.c b/source4/torture/rpc/session_key.c index fcb828ddb2..0df7e576ee 100644 --- a/source4/torture/rpc/session_key.c +++ b/source4/torture/rpc/session_key.c @@ -158,7 +158,11 @@ static bool test_secrets(struct torture_context *torture, const void *_data) binding->flags |= settings->bindoptions; torture_assert_ntstatus_ok(torture, - dcerpc_pipe_connect_b(torture, &p, binding, &ndr_table_lsarpc, cmdline_credentials, NULL, torture->lp_ctx), + dcerpc_pipe_connect_b(torture, &p, binding, + &ndr_table_lsarpc, + cmdline_credentials, + torture->ev, + torture->lp_ctx), "connect"); if (!test_lsa_OpenPolicy2(p, torture, &handle)) { diff --git a/source4/torture/rpc/spoolss_notify.c b/source4/torture/rpc/spoolss_notify.c index 19cff53d84..ab6309d55f 100644 --- a/source4/torture/rpc/spoolss_notify.c +++ b/source4/torture/rpc/spoolss_notify.c @@ -21,7 +21,6 @@ #include "includes.h" #include "torture/torture.h" -#include "torture/ui.h" #include "torture/rpc/rpc.h" #include "librpc/gen_ndr/ndr_spoolss_c.h" #include "rpc_server/dcerpc_server.h" diff --git a/source4/torture/rpc/spoolss_win.c b/source4/torture/rpc/spoolss_win.c index 9e2921d406..9ce9fb7526 100644 --- a/source4/torture/rpc/spoolss_win.c +++ b/source4/torture/rpc/spoolss_win.c @@ -20,7 +20,6 @@ #include "includes.h" #include "torture/torture.h" -#include "torture/ui.h" #include "torture/rpc/rpc.h" #include "librpc/gen_ndr/ndr_spoolss_c.h" #include "rpc_server/dcerpc_server.h" diff --git a/source4/torture/rpc/testjoin.c b/source4/torture/rpc/testjoin.c index 100e7cead2..51efd99bd8 100644 --- a/source4/torture/rpc/testjoin.c +++ b/source4/torture/rpc/testjoin.c @@ -508,9 +508,11 @@ _PUBLIC_ void torture_leave_domain(struct test_join *join) /* Delete machine account */ status = dcerpc_samr_DeleteUser(join->p, join, &d); if (!NT_STATUS_IS_OK(status)) { - printf("Delete of machine account failed\n"); + printf("Delete of machine account %s failed\n", + join->netbios_name); } else { - printf("Delete of machine account was successful.\n"); + printf("Delete of machine account %s was successful.\n", + join->netbios_name); } if (join->libnet_r) { |