diff options
Diffstat (limited to 'source4/torture')
-rw-r--r-- | source4/torture/raw/openbench.c | 112 | ||||
-rw-r--r-- | source4/torture/raw/oplock.c | 333 | ||||
-rw-r--r-- | source4/torture/raw/rename.c | 6 | ||||
-rw-r--r-- | source4/torture/raw/search.c | 10 | ||||
-rw-r--r-- | source4/torture/raw/streams.c | 10 | ||||
-rw-r--r-- | source4/torture/rpc/lsa.c | 2 | ||||
-rw-r--r-- | source4/torture/rpc/samba3rpc.c | 53 | ||||
-rw-r--r-- | source4/torture/rpc/samr.c | 87 |
8 files changed, 472 insertions, 141 deletions
diff --git a/source4/torture/raw/openbench.c b/source4/torture/raw/openbench.c index 87b27d0728..e8b2f56813 100644 --- a/source4/torture/raw/openbench.c +++ b/source4/torture/raw/openbench.c @@ -37,7 +37,7 @@ static int nprocs; static int open_failed; -static int open_retries; +static int close_failed; static char **fnames; static int num_connected; static struct timed_event *report_te; @@ -49,12 +49,16 @@ struct benchopen_state { struct smbcli_state *cli; struct smbcli_tree *tree; int client_num; - int old_fnum; - int fnum; - int file_num; + int close_fnum; + int open_fnum; + int close_file_num; + int open_file_num; + int pending_file_num; + int next_file_num; int count; int lastcount; union smb_open open_parms; + int open_retries; union smb_close close_parms; struct smbcli_request *req_open; struct smbcli_request *req_close; @@ -95,11 +99,11 @@ static void reopen_connection_complete(struct composite_context *ctx) num_connected++; - DEBUG(0,("reconnect to %s finished (%u connected)\n", state->dest_host, - num_connected)); + DEBUG(0,("[%u] reconnect to %s finished (%u connected)\n", + state->client_num, state->dest_host, num_connected)); - state->fnum = -1; - state->old_fnum = -1; + state->open_fnum = -1; + state->close_fnum = -1; next_open(state); } @@ -136,7 +140,8 @@ static void reopen_connection(struct event_context *ev, struct timed_event *te, /* kill off the remnants of the old connection */ talloc_free(state->tree); state->tree = NULL; - state->fnum = -1; + state->open_fnum = -1; + state->close_fnum = -1; ctx = smb_composite_connect_send(io, state->mem_ctx, lp_resolve_context(state->tctx->lp_ctx), @@ -158,9 +163,10 @@ static void next_open(struct benchopen_state *state) { state->count++; - state->file_num = (state->file_num+1) % (3*nprocs); + state->pending_file_num = state->next_file_num; + state->next_file_num = (state->next_file_num+1) % (3*nprocs); - DEBUG(2,("[%d] opening %u\n", state->client_num, state->file_num)); + DEBUG(2,("[%d] opening %u\n", state->client_num, state->pending_file_num)); state->open_parms.ntcreatex.level = RAW_OPEN_NTCREATEX; state->open_parms.ntcreatex.in.flags = 0; state->open_parms.ntcreatex.in.root_fid = 0; @@ -172,7 +178,7 @@ static void next_open(struct benchopen_state *state) state->open_parms.ntcreatex.in.create_options = 0; state->open_parms.ntcreatex.in.impersonation = 0; state->open_parms.ntcreatex.in.security_flags = 0; - state->open_parms.ntcreatex.in.fname = fnames[state->file_num]; + state->open_parms.ntcreatex.in.fname = fnames[state->pending_file_num]; state->req_open = smb_raw_open_send(state->tree, &state->open_parms); state->req_open->async.fn = open_completed; @@ -182,18 +188,18 @@ static void next_open(struct benchopen_state *state) static void next_close(struct benchopen_state *state) { - DEBUG(2,("[%d] closing %d\n", state->client_num, state->old_fnum)); - if (state->old_fnum == -1) { + if (state->close_fnum == -1) { return; } + DEBUG(2,("[%d] closing %d (fnum[%d])\n", + state->client_num, state->close_file_num, state->close_fnum)); state->close_parms.close.level = RAW_CLOSE_CLOSE; - state->close_parms.close.in.file.fnum = state->old_fnum; + state->close_parms.close.in.file.fnum = state->close_fnum; state->close_parms.close.in.write_time = 0; state->req_close = smb_raw_close_send(state->tree, &state->close_parms); state->req_close->async.fn = close_completed; state->req_close->async.private = state; - state->old_fnum = -1; } /* @@ -218,7 +224,8 @@ static void open_completed(struct smbcli_request *req) state->tree = NULL; state->cli = NULL; num_connected--; - DEBUG(0,("reopening connection to %s\n", state->dest_host)); + DEBUG(0,("[%u] reopening connection to %s\n", + state->client_num, state->dest_host)); talloc_free(state->te); state->te = event_add_timed(state->ev, state->mem_ctx, timeval_current_ofs(1,0), @@ -227,8 +234,9 @@ static void open_completed(struct smbcli_request *req) } if (NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION)) { - DEBUG(2,("[%d] retrying open\n", state->client_num)); - open_retries++; + DEBUG(2,("[%d] retrying open %d\n", + state->client_num, state->pending_file_num)); + state->open_retries++; state->req_open = smb_raw_open_send(state->tree, &state->open_parms); state->req_open->async.fn = open_completed; state->req_open->async.private = state; @@ -237,17 +245,21 @@ static void open_completed(struct smbcli_request *req) if (!NT_STATUS_IS_OK(status)) { open_failed++; - DEBUG(0,("open failed - %s\n", nt_errstr(status))); + DEBUG(0,("[%u] open failed %d - %s\n", + state->client_num, state->pending_file_num, + nt_errstr(status))); return; } - state->old_fnum = state->fnum; - state->fnum = state->open_parms.ntcreatex.out.file.fnum; + state->close_file_num = state->open_file_num; + state->close_fnum = state->open_fnum; + state->open_file_num = state->pending_file_num; + state->open_fnum = state->open_parms.ntcreatex.out.file.fnum; - DEBUG(2,("[%d] open completed: fnum=%d old_fnum=%d\n", - state->client_num, state->fnum, state->old_fnum)); + DEBUG(2,("[%d] open completed %d (fnum[%d])\n", + state->client_num, state->open_file_num, state->open_fnum)); - if (state->old_fnum != -1) { + if (state->close_fnum != -1) { next_close(state); } @@ -271,7 +283,8 @@ static void close_completed(struct smbcli_request *req) state->tree = NULL; state->cli = NULL; num_connected--; - DEBUG(0,("reopening connection to %s\n", state->dest_host)); + DEBUG(0,("[%u] reopening connection to %s\n", + state->client_num, state->dest_host)); talloc_free(state->te); state->te = event_add_timed(state->ev, state->mem_ctx, timeval_current_ofs(1,0), @@ -280,13 +293,17 @@ static void close_completed(struct smbcli_request *req) } if (!NT_STATUS_IS_OK(status)) { - open_failed++; - DEBUG(0,("close failed - %s\n", nt_errstr(status))); + close_failed++; + DEBUG(0,("[%u] close failed %d (fnum[%d]) - %s\n", + state->client_num, state->close_file_num, + state->close_fnum, + nt_errstr(status))); return; } - DEBUG(2,("[%d] close completed: fnum=%d old_fnum=%d\n", - state->client_num, state->fnum, state->old_fnum)); + DEBUG(2,("[%d] close completed %d (fnum[%d])\n", + state->client_num, state->close_file_num, + state->close_fnum)); } static void echo_completion(struct smbcli_request *req) @@ -298,7 +315,8 @@ static void echo_completion(struct smbcli_request *req) talloc_free(state->tree); state->tree = NULL; num_connected--; - DEBUG(0,("reopening connection to %s\n", state->dest_host)); + DEBUG(0,("[%u] reopening connection to %s\n", + state->client_num, state->dest_host)); talloc_free(state->te); state->te = event_add_timed(state->ev, state->mem_ctx, timeval_current_ofs(1,0), @@ -352,7 +370,9 @@ bool torture_bench_open(struct torture_context *torture) struct timeval tv; struct event_context *ev = event_context_find(mem_ctx); struct benchopen_state *state; - int total = 0, minops=0; + int total = 0; + int total_retries = 0; + int minops = 0; bool progress=false; progress = torture_setting_bool(torture, "progress", true); @@ -397,11 +417,10 @@ bool torture_bench_open(struct torture_context *torture) } for (i=0;i<nprocs;i++) { - state[i].file_num = i; - state[i].fnum = smbcli_open(state[i].tree, - fnames[state->file_num], - O_RDWR|O_CREAT, DENY_ALL); - state[i].old_fnum = -1; + /* all connections start with the same file */ + state[i].next_file_num = 0; + state[i].open_fnum = -1; + state[i].close_fnum = -1; next_open(&state[i]); } @@ -420,17 +439,30 @@ bool torture_bench_open(struct torture_context *torture) DEBUG(0,("open failed\n")); goto failed; } + if (close_failed) { + DEBUG(0,("open failed\n")); + goto failed; + } } talloc_free(report_te); + if (progress) { + for (i=0;i<nprocs;i++) { + printf(" "); + } + printf("\r"); + } - printf("%.2f ops/second (%d retries)\n", - total/timeval_elapsed(&tv), open_retries); minops = state[0].count; for (i=0;i<nprocs;i++) { - printf("[%d] %u ops\n", i, state[i].count); + total += state[i].count; + total_retries += state[i].open_retries; + printf("[%d] %u ops (%u retries)\n", + i, state[i].count, state[i].open_retries); if (state[i].count < minops) minops = state[i].count; } + printf("%.2f ops/second (%d retries)\n", + total/timeval_elapsed(&tv), total_retries); if (minops < 0.5*total/nprocs) { printf("Failed: unbalanced open\n"); goto failed; diff --git a/source4/torture/raw/oplock.c b/source4/torture/raw/oplock.c index 1926b12128..8b2e4fb177 100644 --- a/source4/torture/raw/oplock.c +++ b/source4/torture/raw/oplock.c @@ -229,7 +229,7 @@ static bool test_raw_oplock_exclusive1(struct torture_context *tctx, struct smbc io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "open a file with an exclusive oplock (share mode: none)\n"); + torture_comment(tctx, "EXCLUSIVE1: open a file with an exclusive oplock (share mode: none)\n"); ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK; @@ -294,7 +294,7 @@ static bool test_raw_oplock_exclusive2(struct torture_context *tctx, struct smbc io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "open a file with an exclusive oplock (share mode: all)\n"); + torture_comment(tctx, "EXCLUSIVE2: open a file with an exclusive oplock (share mode: all)\n"); ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK; io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ| @@ -363,7 +363,6 @@ static bool test_raw_oplock_exclusive3(struct torture_context *tctx, struct smbc union smb_open io; union smb_setfileinfo sfi; uint16_t fnum=0; - bool s3 = torture_setting_bool(tctx, "samba3", false); if (!torture_setup_dir(cli1, BASEDIR)) { return false; @@ -389,15 +388,10 @@ static bool test_raw_oplock_exclusive3(struct torture_context *tctx, struct smbc io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "open a file with an exclusive oplock (share mode: %s)\n", - s3?"all":"none"); + torture_comment(tctx, "EXCLUSIVE3: open a file with an exclusive oplock (share mode: none)\n"); + ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK; - if (s3) { - io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ| - NTCREATEX_SHARE_ACCESS_WRITE| - NTCREATEX_SHARE_ACCESS_DELETE; - } status = smb_raw_open(cli1->tree, tctx, &io); CHECK_STATUS(tctx, status, NT_STATUS_OK); @@ -458,7 +452,7 @@ static bool test_raw_oplock_exclusive4(struct torture_context *tctx, struct smbc io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "open with exclusive oplock\n"); + torture_comment(tctx, "EXCLUSIVE4: open with exclusive oplock\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); @@ -523,7 +517,7 @@ static bool test_raw_oplock_exclusive5(struct torture_context *tctx, struct smbc io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "open with exclusive oplock\n"); + torture_comment(tctx, "EXCLUSIVE5: open with exclusive oplock\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); @@ -570,7 +564,6 @@ static bool test_raw_oplock_exclusive6(struct torture_context *tctx, struct smbc union smb_open io; union smb_rename rn; uint16_t fnum=0; - bool s3 = torture_setting_bool(tctx, "samba3", false); if (!torture_setup_dir(cli1, BASEDIR)) { return false; @@ -597,16 +590,9 @@ static bool test_raw_oplock_exclusive6(struct torture_context *tctx, struct smbc io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname1; - /* we should use no share mode, when samba3 passes this */ - torture_comment(tctx, "open a file with an exclusive oplock (share mode: %s)\n", - s3?"all":"none"); + torture_comment(tctx, "EXCLUSIVE6: open a file with an exclusive oplock (share mode: none)\n"); ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK; - if (s3) { - io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ| - NTCREATEX_SHARE_ACCESS_WRITE| - NTCREATEX_SHARE_ACCESS_DELETE; - } status = smb_raw_open(cli1->tree, tctx, &io); CHECK_STATUS(tctx, status, NT_STATUS_OK); @@ -673,7 +659,7 @@ static bool test_raw_oplock_batch1(struct torture_context *tctx, struct smbcli_s /* with a batch oplock we get a break */ - torture_comment(tctx, "open with batch oplock\n"); + torture_comment(tctx, "BATCH1: open with batch oplock\n"); ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK | @@ -754,7 +740,7 @@ static bool test_raw_oplock_batch2(struct torture_context *tctx, struct smbcli_s io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "open with batch oplock\n"); + torture_comment(tctx, "BATCH2: open with batch oplock\n"); ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK | @@ -832,7 +818,7 @@ static bool test_raw_oplock_batch3(struct torture_context *tctx, struct smbcli_s io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "if we close on break then the unlink can succeed\n"); + torture_comment(tctx, "BATCH3: if we close on break then the unlink can succeed\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_close, cli1->tree); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | @@ -896,7 +882,7 @@ static bool test_raw_oplock_batch4(struct torture_context *tctx, struct smbcli_s io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "a self read should not cause a break\n"); + torture_comment(tctx, "BATCH4: a self read should not cause a break\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); @@ -959,7 +945,7 @@ static bool test_raw_oplock_batch5(struct torture_context *tctx, struct smbcli_s io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "a 2nd open should give a break\n"); + torture_comment(tctx, "BATCH5: a 2nd open should give a break\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); @@ -1024,7 +1010,7 @@ static bool test_raw_oplock_batch6(struct torture_context *tctx, struct smbcli_s io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "a 2nd open should give a break to level II if the first open allowed shared read\n"); + torture_comment(tctx, "BATCH6: a 2nd open should give a break to level II if the first open allowed shared read\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); smbcli_oplock_handler(cli2->transport, oplock_handler_ack_to_given, cli2->tree); @@ -1104,7 +1090,7 @@ static bool test_raw_oplock_batch7(struct torture_context *tctx, struct smbcli_s io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "a 2nd open should get an oplock when we close instead of ack\n"); + torture_comment(tctx, "BATCH7: a 2nd open should get an oplock when we close instead of ack\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_close, cli1->tree); @@ -1174,7 +1160,7 @@ static bool test_raw_oplock_batch8(struct torture_context *tctx, struct smbcli_s io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "open with batch oplock\n"); + torture_comment(tctx, "BATCH8: open with batch oplock\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); @@ -1243,7 +1229,7 @@ static bool test_raw_oplock_batch9(struct torture_context *tctx, struct smbcli_s io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "open with attributes only can create file\n"); + torture_comment(tctx, "BATCH9: open with attributes only can create file\n"); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK | @@ -1348,7 +1334,7 @@ static bool test_raw_oplock_batch10(struct torture_context *tctx, struct smbcli_ io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "Open with oplock after a non-oplock open should grant level2\n"); + torture_comment(tctx, "BATCH10: Open with oplock after a non-oplock open should grant level2\n"); ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED; io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL; @@ -1458,7 +1444,7 @@ static bool test_raw_oplock_batch11(struct torture_context *tctx, struct smbcli_ io.ntcreatex.in.fname = fname; /* Test if a set-eof on pathname breaks an exclusive oplock. */ - torture_comment(tctx, "Test if setpathinfo set EOF breaks oplocks.\n"); + torture_comment(tctx, "BATCH11: Test if setpathinfo set EOF breaks oplocks.\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); @@ -1533,7 +1519,7 @@ static bool test_raw_oplock_batch12(struct torture_context *tctx, struct smbcli_ io.ntcreatex.in.fname = fname; /* Test if a set-allocation size on pathname breaks an exclusive oplock. */ - torture_comment(tctx, "Test if setpathinfo allocation size breaks oplocks.\n"); + torture_comment(tctx, "BATCH12: Test if setpathinfo allocation size breaks oplocks.\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); @@ -1607,7 +1593,7 @@ static bool test_raw_oplock_batch13(struct torture_context *tctx, struct smbcli_ io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "open with batch oplock\n"); + torture_comment(tctx, "BATCH13: open with batch oplock\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); @@ -1684,7 +1670,7 @@ static bool test_raw_oplock_batch14(struct torture_context *tctx, struct smbcli_ io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "open with batch oplock\n"); + torture_comment(tctx, "BATCH14: open with batch oplock\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); @@ -1761,7 +1747,7 @@ static bool test_raw_oplock_batch15(struct torture_context *tctx, struct smbcli_ io.ntcreatex.in.fname = fname; /* Test if a qpathinfo all info on pathname breaks a batch oplock. */ - torture_comment(tctx, "Test if qpathinfo all info breaks a batch oplock (should not).\n"); + torture_comment(tctx, "BATCH15: Test if qpathinfo all info breaks a batch oplock (should not).\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); @@ -1833,7 +1819,7 @@ static bool test_raw_oplock_batch16(struct torture_context *tctx, struct smbcli_ io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "open with batch oplock\n"); + torture_comment(tctx, "BATCH16: open with batch oplock\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); @@ -1887,7 +1873,6 @@ static bool test_raw_oplock_batch17(struct torture_context *tctx, struct smbcli_ union smb_open io; union smb_rename rn; uint16_t fnum=0; - bool s3 = torture_setting_bool(tctx, "samba3", false); if (!torture_setup_dir(cli1, BASEDIR)) { return false; @@ -1914,18 +1899,12 @@ static bool test_raw_oplock_batch17(struct torture_context *tctx, struct smbcli_ io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname1; - /* we should use no share mode, when samba3 passes this */ - torture_comment(tctx, "open a file with an batch oplock (share mode: %s)\n", - s3?"all":"none"); + torture_comment(tctx, "BATCH17: open a file with an batch oplock (share mode: none)\n"); + ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK | NTCREATEX_FLAGS_REQUEST_BATCH_OPLOCK; - if (s3) { - io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ| - NTCREATEX_SHARE_ACCESS_WRITE| - NTCREATEX_SHARE_ACCESS_DELETE; - } status = smb_raw_open(cli1->tree, tctx, &io); CHECK_STATUS(tctx, status, NT_STATUS_OK); @@ -1965,7 +1944,6 @@ static bool test_raw_oplock_batch18(struct torture_context *tctx, struct smbcli_ union smb_open io; union smb_rename rn; uint16_t fnum=0; - bool s3 = torture_setting_bool(tctx, "samba3", false); if (!torture_setup_dir(cli1, BASEDIR)) { return false; @@ -1992,18 +1970,12 @@ static bool test_raw_oplock_batch18(struct torture_context *tctx, struct smbcli_ io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname1; - /* we should use no share mode, when samba3 passes this */ - torture_comment(tctx, "open a file with an batch oplock (share mode: %s)\n", - s3?"all":"none"); + torture_comment(tctx, "BATCH18: open a file with an batch oplock (share mode: none)\n"); + ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK | NTCREATEX_FLAGS_REQUEST_BATCH_OPLOCK; - if (s3) { - io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_READ| - NTCREATEX_SHARE_ACCESS_WRITE| - NTCREATEX_SHARE_ACCESS_DELETE; - } status = smb_raw_open(cli1->tree, tctx, &io); CHECK_STATUS(tctx, status, NT_STATUS_OK); @@ -2046,10 +2018,6 @@ static bool test_raw_oplock_batch19(struct torture_context *tctx, struct smbcli_ union smb_setfileinfo sfi; uint16_t fnum=0; - if (torture_setting_bool(tctx, "samba3", false)) { - torture_skip(tctx, "BACHT19 disabled against samba3\n"); - } - if (!torture_setup_dir(cli1, BASEDIR)) { return false; } @@ -2076,7 +2044,7 @@ static bool test_raw_oplock_batch19(struct torture_context *tctx, struct smbcli_ io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname1; - torture_comment(tctx, "open a file with an batch oplock (share mode: none)\n"); + torture_comment(tctx, "BATCH19: open a file with an batch oplock (share mode: none)\n"); ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK | @@ -2136,6 +2104,232 @@ done: return ret; } +/**************************************************** + Called from raw-rename - we need oplock handling for + this test so this is why it's in oplock.c, not rename.c +****************************************************/ + +bool test_trans2rename(struct torture_context *tctx, struct smbcli_state *cli1, struct smbcli_state *cli2) +{ + const char *fname1 = BASEDIR "\\test_trans2rename_1.dat"; + const char *fname2 = BASEDIR "\\test_trans2rename_2.dat"; + const char *fname3 = BASEDIR "\\test_trans2rename_3.dat"; + NTSTATUS status; + bool ret = true; + union smb_open io; + union smb_fileinfo qfi; + union smb_setfileinfo sfi; + uint16_t fnum=0; + + if (!torture_setup_dir(cli1, BASEDIR)) { + return false; + } + + /* cleanup */ + smbcli_unlink(cli1->tree, fname1); + smbcli_unlink(cli1->tree, fname2); + smbcli_unlink(cli1->tree, fname3); + + smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); + + /* + base ntcreatex parms + */ + io.generic.level = RAW_OPEN_NTCREATEX; + io.ntcreatex.in.root_fid = 0; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL; + io.ntcreatex.in.alloc_size = 0; + io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; + io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_NONE; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF; + io.ntcreatex.in.create_options = 0; + io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS; + io.ntcreatex.in.security_flags = 0; + io.ntcreatex.in.fname = fname1; + + torture_comment(tctx, "open a file with an exclusive oplock (share mode: none)\n"); + ZERO_STRUCT(break_info); + io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | + NTCREATEX_FLAGS_REQUEST_OPLOCK; + status = smb_raw_open(cli1->tree, tctx, &io); + CHECK_STATUS(tctx, status, NT_STATUS_OK); + fnum = io.ntcreatex.out.file.fnum; + CHECK_VAL(io.ntcreatex.out.oplock_level, EXCLUSIVE_OPLOCK_RETURN); + + torture_comment(tctx, "setpathinfo rename info should not trigger a break nor a violation\n"); + ZERO_STRUCT(sfi); + sfi.generic.level = RAW_SFILEINFO_RENAME_INFORMATION; + sfi.generic.in.file.path = fname1; + sfi.rename_information.in.overwrite = 0; + sfi.rename_information.in.root_fid = 0; + sfi.rename_information.in.new_name = fname2+strlen(BASEDIR)+1; + + status = smb_raw_setpathinfo(cli2->tree, &sfi); + + CHECK_STATUS(tctx, status, NT_STATUS_OK); + CHECK_VAL(break_info.count, 0); + + ZERO_STRUCT(qfi); + qfi.generic.level = RAW_FILEINFO_ALL_INFORMATION; + qfi.generic.in.file.fnum = fnum; + + status = smb_raw_fileinfo(cli1->tree, tctx, &qfi); + CHECK_STATUS(tctx, status, NT_STATUS_OK); + CHECK_STRMATCH(qfi.all_info.out.fname.s, fname2); + + torture_comment(tctx, "setfileinfo rename info should not trigger a break nor a violation\n"); + ZERO_STRUCT(sfi); + sfi.generic.level = RAW_SFILEINFO_RENAME_INFORMATION; + sfi.generic.in.file.fnum = fnum; + sfi.rename_information.in.overwrite = 0; + sfi.rename_information.in.root_fid = 0; + sfi.rename_information.in.new_name = fname3+strlen(BASEDIR)+1; + + status = smb_raw_setfileinfo(cli1->tree, &sfi); + CHECK_STATUS(tctx, status, NT_STATUS_OK); + CHECK_VAL(break_info.count, 0); + + ZERO_STRUCT(qfi); + qfi.generic.level = RAW_FILEINFO_ALL_INFORMATION; + qfi.generic.in.file.fnum = fnum; + + status = smb_raw_fileinfo(cli1->tree, tctx, &qfi); + CHECK_STATUS(tctx, status, NT_STATUS_OK); + CHECK_STRMATCH(qfi.all_info.out.fname.s, fname3); + + smbcli_close(cli1->tree, fnum); + +done: + smb_raw_exit(cli1->session); + smb_raw_exit(cli2->session); + smbcli_deltree(cli1->tree, BASEDIR); + return ret; +} + +/**************************************************** + Called from raw-rename - we need oplock handling for + this test so this is why it's in oplock.c, not rename.c +****************************************************/ + +bool test_nttransrename(struct torture_context *tctx, struct smbcli_state *cli1) +{ + const char *fname1 = BASEDIR "\\test_nttransrename_1.dat"; + const char *fname2 = BASEDIR "\\test_nttransrename_2.dat"; + NTSTATUS status; + bool ret = true; + union smb_open io; + union smb_fileinfo qfi, qpi; + union smb_rename rn; + uint16_t fnum=0; + + if (!torture_setup_dir(cli1, BASEDIR)) { + return false; + } + + /* cleanup */ + smbcli_unlink(cli1->tree, fname1); + smbcli_unlink(cli1->tree, fname2); + + smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); + + /* + base ntcreatex parms + */ + io.generic.level = RAW_OPEN_NTCREATEX; + io.ntcreatex.in.root_fid = 0; + io.ntcreatex.in.access_mask = 0;/* ask for no access at all */; + io.ntcreatex.in.alloc_size = 0; + io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; + io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_NONE; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN_IF; + io.ntcreatex.in.create_options = 0; + io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS; + io.ntcreatex.in.security_flags = 0; + io.ntcreatex.in.fname = fname1; + + torture_comment(tctx, "nttrans_rename: open a file with an exclusive oplock (share mode: none)\n"); + ZERO_STRUCT(break_info); + io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | + NTCREATEX_FLAGS_REQUEST_OPLOCK; + status = smb_raw_open(cli1->tree, tctx, &io); + CHECK_STATUS(tctx, status, NT_STATUS_OK); + fnum = io.ntcreatex.out.file.fnum; + CHECK_VAL(io.ntcreatex.out.oplock_level, EXCLUSIVE_OPLOCK_RETURN); + + torture_comment(tctx, "nttrans_rename: should not trigger a break nor a share mode violation\n"); + ZERO_STRUCT(rn); + rn.generic.level = RAW_RENAME_NTTRANS; + rn.nttrans.in.file.fnum = fnum; + rn.nttrans.in.flags = 0; + rn.nttrans.in.new_name = fname2+strlen(BASEDIR)+1; + + status = smb_raw_rename(cli1->tree, &rn); + + CHECK_STATUS(tctx, status, NT_STATUS_OK); + CHECK_VAL(break_info.count, 0); + + /* w2k3 does nothing, it doesn't rename the file */ + torture_comment(tctx, "nttrans_rename: the server should have done nothing\n"); + ZERO_STRUCT(qfi); + qfi.generic.level = RAW_FILEINFO_ALL_INFORMATION; + qfi.generic.in.file.fnum = fnum; + + status = smb_raw_fileinfo(cli1->tree, tctx, &qfi); + CHECK_STATUS(tctx, status, NT_STATUS_OK); + CHECK_STRMATCH(qfi.all_info.out.fname.s, fname1); + + ZERO_STRUCT(qpi); + qpi.generic.level = RAW_FILEINFO_ALL_INFORMATION; + qpi.generic.in.file.path = fname1; + + status = smb_raw_pathinfo(cli1->tree, tctx, &qpi); + CHECK_STATUS(tctx, status, NT_STATUS_OK); + CHECK_STRMATCH(qpi.all_info.out.fname.s, fname1); + + ZERO_STRUCT(qpi); + qpi.generic.level = RAW_FILEINFO_ALL_INFORMATION; + qpi.generic.in.file.path = fname2; + + status = smb_raw_pathinfo(cli1->tree, tctx, &qpi); + CHECK_STATUS(tctx, status, NT_STATUS_OBJECT_NAME_NOT_FOUND); + + torture_comment(tctx, "nttrans_rename: after closing the file the file is still not renamed\n"); + status = smbcli_close(cli1->tree, fnum); + CHECK_STATUS(tctx, status, NT_STATUS_OK); + + ZERO_STRUCT(qpi); + qpi.generic.level = RAW_FILEINFO_ALL_INFORMATION; + qpi.generic.in.file.path = fname1; + + status = smb_raw_pathinfo(cli1->tree, tctx, &qpi); + CHECK_STATUS(tctx, status, NT_STATUS_OK); + CHECK_STRMATCH(qpi.all_info.out.fname.s, fname1); + + ZERO_STRUCT(qpi); + qpi.generic.level = RAW_FILEINFO_ALL_INFORMATION; + qpi.generic.in.file.path = fname2; + + status = smb_raw_pathinfo(cli1->tree, tctx, &qpi); + CHECK_STATUS(tctx, status, NT_STATUS_OBJECT_NAME_NOT_FOUND); + + torture_comment(tctx, "nttrans_rename: rename with an invalid handle gives NT_STATUS_INVALID_HANDLE\n"); + ZERO_STRUCT(rn); + rn.generic.level = RAW_RENAME_NTTRANS; + rn.nttrans.in.file.fnum = fnum+1; + rn.nttrans.in.flags = 0; + rn.nttrans.in.new_name = fname2+strlen(BASEDIR)+1; + + status = smb_raw_rename(cli1->tree, &rn); + + CHECK_STATUS(tctx, status, NT_STATUS_INVALID_HANDLE); + +done: + smb_raw_exit(cli1->session); + smbcli_deltree(cli1->tree, BASEDIR); + return ret; +} + + static bool test_raw_oplock_batch20(struct torture_context *tctx, struct smbcli_state *cli1, struct smbcli_state *cli2) { const char *fname1 = BASEDIR "\\test_batch20_1.dat"; @@ -2148,10 +2342,6 @@ static bool test_raw_oplock_batch20(struct torture_context *tctx, struct smbcli_ union smb_setfileinfo sfi; uint16_t fnum=0,fnum2=0; - if (torture_setting_bool(tctx, "samba3", false)) { - torture_skip(tctx, "BACHT20 disabled against samba3\n"); - } - if (!torture_setup_dir(cli1, BASEDIR)) { return false; } @@ -2178,7 +2368,7 @@ static bool test_raw_oplock_batch20(struct torture_context *tctx, struct smbcli_ io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname1; - torture_comment(tctx, "open a file with an batch oplock (share mode: all)\n"); + torture_comment(tctx, "BATCH20: open a file with an batch oplock (share mode: all)\n"); ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK | @@ -2212,7 +2402,6 @@ static bool test_raw_oplock_batch20(struct torture_context *tctx, struct smbcli_ CHECK_STATUS(tctx, status, NT_STATUS_OK); CHECK_STRMATCH(qfi.all_info.out.fname.s, fname2); - /* we should use no share mode, when samba3 passes this */ torture_comment(tctx, "open a file with the new name an batch oplock (share mode: all)\n"); ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | @@ -2307,7 +2496,7 @@ static bool test_raw_oplock_batch21(struct torture_context *tctx, struct smbcli_ /* with a batch oplock we get a break */ - torture_comment(tctx, "open with batch oplock\n"); + torture_comment(tctx, "BATCH21: open with batch oplock\n"); ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK | @@ -2350,7 +2539,7 @@ static bool test_raw_oplock_batch22(struct torture_context *tctx, struct smbcli_ int te; if (torture_setting_bool(tctx, "samba3", false)) { - torture_skip(tctx, "BACHT22 disabled against samba3\n"); + torture_skip(tctx, "BATCH22 disabled against samba3\n"); } if (!torture_setup_dir(cli1, BASEDIR)) { @@ -2380,7 +2569,7 @@ static bool test_raw_oplock_batch22(struct torture_context *tctx, struct smbcli_ /* with a batch oplock we get a break */ - torture_comment(tctx, "open with batch oplock\n"); + torture_comment(tctx, "BATCH22: open with batch oplock\n"); ZERO_STRUCT(break_info); io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED | NTCREATEX_FLAGS_REQUEST_OPLOCK | @@ -2440,7 +2629,7 @@ static bool test_raw_oplock_batch23(struct torture_context *tctx, struct smbcli_ struct smbcli_state *cli3 = NULL; if (torture_setting_bool(tctx, "samba3", false)) { - torture_skip(tctx, "BACHT23 disabled against samba3\n"); + torture_skip(tctx, "BATCH23 disabled against samba3\n"); } if (!torture_setup_dir(cli1, BASEDIR)) { @@ -2470,7 +2659,7 @@ static bool test_raw_oplock_batch23(struct torture_context *tctx, struct smbcli_ io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "a open and ask for a batch oplock\n"); + torture_comment(tctx, "BATCH23: a open and ask for a batch oplock\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); smbcli_oplock_handler(cli2->transport, oplock_handler_ack_to_given, cli2->tree); @@ -2557,7 +2746,7 @@ static bool test_raw_oplock_batch24(struct torture_context *tctx, struct smbcli_ io.ntcreatex.in.security_flags = 0; io.ntcreatex.in.fname = fname; - torture_comment(tctx, "a open without level support and ask for a batch oplock\n"); + torture_comment(tctx, "BATCH24: a open without level support and ask for a batch oplock\n"); ZERO_STRUCT(break_info); smbcli_oplock_handler(cli1->transport, oplock_handler_ack_to_given, cli1->tree); smbcli_oplock_handler(cli2->transport, oplock_handler_ack_to_given, cli2->tree); diff --git a/source4/torture/raw/rename.c b/source4/torture/raw/rename.c index 4b0d986659..9765c04101 100644 --- a/source4/torture/raw/rename.c +++ b/source4/torture/raw/rename.c @@ -434,6 +434,8 @@ done: return ret; } +extern bool test_trans2rename(struct torture_context *tctx, struct smbcli_state *cli1, struct smbcli_state *cli2); +extern bool test_nttransrename(struct torture_context *tctx, struct smbcli_state *cli1); /* basic testing of rename calls @@ -443,6 +445,10 @@ struct torture_suite *torture_raw_rename(TALLOC_CTX *mem_ctx) struct torture_suite *suite = torture_suite_create(mem_ctx, "RENAME"); torture_suite_add_1smb_test(suite, "mv", test_mv); + /* test_trans2rename and test_nttransrename are actually in torture/raw/oplock.c to + use the handlers and macros there. */ + torture_suite_add_2smb_test(suite, "trans2rename", test_trans2rename); + torture_suite_add_1smb_test(suite, "nttransrename", test_nttransrename); torture_suite_add_1smb_test(suite, "ntrename", test_ntrename); return suite; diff --git a/source4/torture/raw/search.c b/source4/torture/raw/search.c index 0242b9c545..725ed261aa 100644 --- a/source4/torture/raw/search.c +++ b/source4/torture/raw/search.c @@ -708,6 +708,16 @@ static bool test_many_files(struct torture_context *tctx, for (t=0;t<ARRAY_SIZE(search_types);t++) { ZERO_STRUCT(result); + + if ((search_types[t].cont_type == CONT_RESUME_KEY) && + (search_types[t].data_level != RAW_SEARCH_DATA_SEARCH) && + torture_setting_bool(tctx, "samba3", false)) { + torture_comment(tctx, + "SKIP: Continue %s via %s\n", + search_types[t].name, search_types[t].cont_name); + continue; + } + result.tctx = talloc_new(tctx); torture_comment(tctx, diff --git a/source4/torture/raw/streams.c b/source4/torture/raw/streams.c index ca6b488af5..1dab36c28b 100644 --- a/source4/torture/raw/streams.c +++ b/source4/torture/raw/streams.c @@ -356,22 +356,24 @@ static bool test_stream_sharemodes(struct torture_context *tctx, * A different stream does not give a sharing violation */ + io.ntcreatex.in.fname = sname2; + status = smb_raw_open(cli->tree, mem_ctx, &io); CHECK_STATUS(status, NT_STATUS_OK); - fnum1 = io.ntcreatex.out.file.fnum; + fnum2 = io.ntcreatex.out.file.fnum; /* * ... whereas the same stream does with unchanged access/share_access * flags */ + io.ntcreatex.in.fname = sname1; io.ntcreatex.in.open_disposition = 0; status = smb_raw_open(cli->tree, mem_ctx, &io); CHECK_STATUS(status, NT_STATUS_SHARING_VIOLATION); io.ntcreatex.in.fname = sname2; status = smb_raw_open(cli->tree, mem_ctx, &io); - CHECK_STATUS(status, NT_STATUS_OK); - fnum2 = io.ntcreatex.out.file.fnum; + CHECK_STATUS(status, NT_STATUS_SHARING_VIOLATION); done: if (fnum1 != -1) smbcli_close(cli->tree, fnum1); @@ -558,7 +560,9 @@ bool torture_raw_streams(struct torture_context *torture, } ret &= test_stream_io(torture, cli, torture); + smb_raw_exit(cli->session); ret &= test_stream_sharemodes(torture, cli, torture); + smb_raw_exit(cli->session); if (!torture_setting_bool(torture, "samba4", false)) { ret &= test_stream_delete(torture, cli, torture); } diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index 60d022fbea..04d13a97c1 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -295,8 +295,8 @@ static bool test_LookupNames_wellknown(struct dcerpc_pipe *p, ret &= test_LookupNames(p, mem_ctx, handle, &tnames); name.name.string = "BUILTIN\\Administrators"; - ret &= test_LookupNames(p, mem_ctx, handle, &tnames); name.sid_type = SID_NAME_ALIAS; + ret &= test_LookupNames(p, mem_ctx, handle, &tnames); name.name.string = "SYSTEM"; name.sid_type = SID_NAME_WKN_GRP; diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c index 95252e7397..204a9f2865 100644 --- a/source4/torture/rpc/samba3rpc.c +++ b/source4/torture/rpc/samba3rpc.c @@ -47,6 +47,7 @@ #include "libcli/smb_composite/smb_composite.h" #include "libcli/auth/libcli_auth.h" #include "lib/crypto/crypto.h" +#include "auth/ntlmssp/ntlmssp.h" #include "libcli/security/proto.h" #include "param/param.h" #include "lib/registry/registry.h" @@ -682,6 +683,7 @@ static bool join3(struct smbcli_state *cli, struct dcerpc_pipe *samr_pipe; struct policy_handle *wks_handle; bool ret = false; + NTTIME last_password_change; if ((mem_ctx = talloc_init("join3")) == NULL) { d_printf("talloc_init failed\n"); @@ -701,6 +703,22 @@ static bool join3(struct smbcli_state *cli, goto done; } + { + struct samr_QueryUserInfo q; + + q.in.user_handle = wks_handle; + q.in.level = 21; + + status = dcerpc_samr_QueryUserInfo(samr_pipe, mem_ctx, &q); + if (!NT_STATUS_IS_OK(status)) { + d_printf("(%s) QueryUserInfo failed: %s\n", + __location__, nt_errstr(status)); + goto done; + } + + last_password_change = q.out.info->info21.last_password_change; + } + cli_credentials_set_domain(wks_creds, dom_name, CRED_SPECIFIED); if (use_level25) { @@ -794,6 +812,39 @@ static bool join3(struct smbcli_state *cli, } } + { + struct samr_QueryUserInfo q; + + q.in.user_handle = wks_handle; + q.in.level = 21; + + status = dcerpc_samr_QueryUserInfo(samr_pipe, mem_ctx, &q); + if (!NT_STATUS_IS_OK(status)) { + d_printf("(%s) QueryUserInfo failed: %s\n", + __location__, nt_errstr(status)); + goto done; + } + + if (use_level25) { + if (last_password_change + == q.out.info->info21.last_password_change) { + d_printf("(%s) last_password_change unchanged " + "during join, level25 must change " + "it\n", __location__); + goto done; + } + } + else { + if (last_password_change + != q.out.info->info21.last_password_change) { + d_printf("(%s) last_password_change changed " + "during join, level24 doesn't " + "change it\n", __location__); + goto done; + } + } + } + ret = true; done: @@ -1321,6 +1372,8 @@ bool torture_samba3_sessionkey(struct torture_context *torture) goto done; } + cli_credentials_set_workstation(anon_creds, wks_name, CRED_SPECIFIED); + ret = true; if (!torture_setting_bool(torture, "samba3", false)) { diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 1d6ec43399..55c75ba270 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -2332,9 +2332,15 @@ static bool test_CreateAlias(struct dcerpc_pipe *p, struct torture_context *tctx status = dcerpc_samr_CreateDomAlias(p, tctx, &r); - if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { - printf("Server refused create of '%s'\n", r.in.alias_name->string); - return true; + if (dom_sid_equal(domain_sid, dom_sid_parse_talloc(tctx, SID_BUILTIN))) { + if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { + printf("Server correctly refused create of '%s'\n", r.in.alias_name->string); + return true; + } else { + printf("Server should have refused create of '%s', got %s instead\n", r.in.alias_name->string, + nt_errstr(status)); + return false; + } } if (NT_STATUS_EQUAL(status, NT_STATUS_ALIAS_EXISTS)) { @@ -2515,7 +2521,8 @@ static bool test_ChangePassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, static bool test_CreateUser(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *domain_handle, - struct policy_handle *user_handle_out, + struct policy_handle *user_handle_out, + struct dom_sid *domain_sid, enum torture_samr_choice which_ops) { @@ -2546,10 +2553,15 @@ static bool test_CreateUser(struct dcerpc_pipe *p, struct torture_context *tctx, status = dcerpc_samr_CreateUser(p, user_ctx, &r); - if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { - printf("Server refused create of '%s': %s\n", r.in.account_name->string, nt_errstr(status)); - talloc_free(user_ctx); - return true; + if (dom_sid_equal(domain_sid, dom_sid_parse_talloc(tctx, SID_BUILTIN))) { + if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { + printf("Server correctly refused create of '%s'\n", r.in.account_name->string); + return true; + } else { + printf("Server should have refused create of '%s', got %s instead\n", r.in.account_name->string, + nt_errstr(status)); + return false; + } } if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) { @@ -2610,7 +2622,9 @@ static bool test_CreateUser(struct dcerpc_pipe *p, struct torture_context *tctx, static bool test_CreateUser2(struct dcerpc_pipe *p, struct torture_context *tctx, - struct policy_handle *domain_handle, enum torture_samr_choice which_ops) + struct policy_handle *domain_handle, + struct dom_sid *domain_sid, + enum torture_samr_choice which_ops) { NTSTATUS status; struct samr_CreateUser2 r; @@ -2663,12 +2677,19 @@ static bool test_CreateUser2(struct dcerpc_pipe *p, struct torture_context *tctx status = dcerpc_samr_CreateUser2(p, user_ctx, &r); - if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { - talloc_free(user_ctx); - printf("Server refused create of '%s'\n", r.in.account_name->string); - continue; + if (dom_sid_equal(domain_sid, dom_sid_parse_talloc(tctx, SID_BUILTIN))) { + if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { + printf("Server correctly refused create of '%s'\n", r.in.account_name->string); + continue; + } else { + printf("Server should have refused create of '%s', got %s instead\n", r.in.account_name->string, + nt_errstr(status)); + ret = false; + continue; + } + } - } else if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) { + if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) { if (!test_DeleteUser_byname(p, user_ctx, domain_handle, r.in.account_name->string)) { talloc_free(user_ctx); ret = false; @@ -3893,6 +3914,7 @@ static bool test_GroupList(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, } if (!q1.out.sam) { + printf("EnumDomainGroups failed to return q1.out.sam\n"); return false; } @@ -4138,7 +4160,9 @@ static bool test_AddGroupMember(struct dcerpc_pipe *p, struct torture_context *t static bool test_CreateDomainGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, - struct policy_handle *domain_handle, struct policy_handle *group_handle) + struct policy_handle *domain_handle, + struct policy_handle *group_handle, + struct dom_sid *domain_sid) { NTSTATUS status; struct samr_CreateDomainGroup r; @@ -4158,15 +4182,19 @@ static bool test_CreateDomainGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r); - if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { - printf("Server refused create of '%s'\n", r.in.name->string); - ZERO_STRUCTP(group_handle); - return true; + if (dom_sid_equal(domain_sid, dom_sid_parse_talloc(mem_ctx, SID_BUILTIN))) { + if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { + printf("Server correctly refused create of '%s'\n", r.in.name->string); + return true; + } else { + printf("Server should have refused create of '%s', got %s instead\n", r.in.name->string, + nt_errstr(status)); + return false; + } } if (NT_STATUS_EQUAL(status, NT_STATUS_GROUP_EXISTS)) { if (!test_DeleteGroup_byname(p, mem_ctx, domain_handle, r.in.name->string)) { - printf("CreateDomainGroup failed: Could not delete domain group %s - %s\n", r.in.name->string, nt_errstr(status)); return false; @@ -4244,7 +4272,7 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, ZERO_STRUCT(group_handle); ZERO_STRUCT(domain_handle); - printf("Testing OpenDomain\n"); + printf("Testing OpenDomain of %s\n", dom_sid_string(tctx, sid)); r.in.connect_handle = handle; r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; @@ -4264,17 +4292,23 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, switch (which_ops) { case TORTURE_SAMR_USER_ATTRIBUTES: case TORTURE_SAMR_PASSWORDS: - ret &= test_CreateUser2(p, tctx, &domain_handle, which_ops); - ret &= test_CreateUser(p, tctx, &domain_handle, &user_handle, which_ops); + ret &= test_CreateUser2(p, tctx, &domain_handle, sid, which_ops); + ret &= test_CreateUser(p, tctx, &domain_handle, &user_handle, sid, which_ops); /* This test needs 'complex' users to validate */ ret &= test_QueryDisplayInfo(p, tctx, &domain_handle); + if (!ret) { + printf("Testing PASSWORDS or ATTRIBUTES on domain %s failed!\n", dom_sid_string(tctx, sid)); + } break; case TORTURE_SAMR_OTHER: - ret &= test_CreateUser(p, tctx, &domain_handle, &user_handle, which_ops); + ret &= test_CreateUser(p, tctx, &domain_handle, &user_handle, sid, which_ops); + if (!ret) { + printf("Failed to CreateUser in SAMR-OTHER on domain %s!\n", dom_sid_string(tctx, sid)); + } ret &= test_QuerySecurity(p, tctx, &domain_handle); ret &= test_RemoveMemberFromForeignDomain(p, tctx, &domain_handle); ret &= test_CreateAlias(p, tctx, &domain_handle, &alias_handle, sid); - ret &= test_CreateDomainGroup(p, tctx, &domain_handle, &group_handle); + ret &= test_CreateDomainGroup(p, tctx, &domain_handle, &group_handle, sid); ret &= test_QueryDomainInfo(p, tctx, &domain_handle); ret &= test_QueryDomainInfo2(p, tctx, &domain_handle); ret &= test_EnumDomainUsers(p, tctx, &domain_handle); @@ -4295,6 +4329,9 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, ret &= test_TestPrivateFunctionsDomain(p, tctx, &domain_handle); ret &= test_RidToSid(p, tctx, sid, &domain_handle); ret &= test_GetBootKeyInformation(p, tctx, &domain_handle); + if (!ret) { + printf("Testing SAMR-OTHER on domain %s failed!\n", dom_sid_string(tctx, sid)); + } break; } |