summaryrefslogtreecommitdiff
path: root/source4/torture
diff options
context:
space:
mode:
Diffstat (limited to 'source4/torture')
-rw-r--r--source4/torture/ldap/cldap.c67
-rw-r--r--source4/torture/nbt/dgram.c68
-rw-r--r--source4/torture/rpc/dssync.c7
3 files changed, 60 insertions, 82 deletions
diff --git a/source4/torture/ldap/cldap.c b/source4/torture/ldap/cldap.c
index ca4d9b7705..bb77acd2d0 100644
--- a/source4/torture/ldap/cldap.c
+++ b/source4/torture/ldap/cldap.c
@@ -41,7 +41,7 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
struct cldap_socket *cldap;
NTSTATUS status;
struct cldap_netlogon search, empty_search;
- union nbt_cldap_netlogon n1;
+ struct netlogon_samlogon_response n1;
struct GUID guid;
int i;
@@ -51,7 +51,8 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
search.in.dest_address = dest;
search.in.dest_port = lp_cldap_port(tctx->lp_ctx);
search.in.acct_control = -1;
- search.in.version = 6;
+ search.in.version = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX;
+ search.in.map_response = true;
empty_search = search;
@@ -63,7 +64,7 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
n1 = search.out.netlogon;
search.in.user = "Administrator";
- search.in.realm = n1.logon5.dns_domain;
+ search.in.realm = n1.nt5_ex.dns_domain;
search.in.host = "__cldap_torture__";
printf("Scanning for netlogon levels\n");
@@ -91,8 +92,8 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
search.in.user = NULL;
status = cldap_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.logon5.user_name, "");
- CHECK_VAL(search.out.netlogon.logon5.type, NETLOGON_RESPONSE_FROM_PDC2);
+ CHECK_STRING(search.out.netlogon.nt5_ex.user_name, "");
+ CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX);
printf("Trying with User=Administrator\n");
@@ -100,8 +101,8 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
status = cldap_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.logon5.user_name, search.in.user);
- CHECK_VAL(search.out.netlogon.logon5.type, NETLOGON_RESPONSE_FROM_PDC_USER);
+ CHECK_STRING(search.out.netlogon.nt5_ex.user_name, search.in.user);
+ CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX);
search.in.version = 6;
status = cldap_netlogon(cldap, tctx, &search);
@@ -112,8 +113,8 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
search.in.user = NULL;
status = cldap_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.logon5.user_name, "");
- CHECK_VAL(search.out.netlogon.logon5.type, NETLOGON_RESPONSE_FROM_PDC2);
+ CHECK_STRING(search.out.netlogon.nt5_ex.user_name, "");
+ CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX);
printf("Trying with User=Administrator\n");
@@ -121,16 +122,16 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
status = cldap_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.logon5.user_name, search.in.user);
- CHECK_VAL(search.out.netlogon.logon5.type, NETLOGON_RESPONSE_FROM_PDC_USER);
+ CHECK_STRING(search.out.netlogon.nt5_ex.user_name, search.in.user);
+ CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX);
printf("Trying with a GUID\n");
search.in.realm = NULL;
- search.in.domain_guid = GUID_string(tctx, &n1.logon5.domain_uuid);
+ search.in.domain_guid = GUID_string(tctx, &n1.nt5_ex.domain_uuid);
status = cldap_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_VAL(search.out.netlogon.logon5.type, NETLOGON_RESPONSE_FROM_PDC_USER);
- CHECK_STRING(GUID_string(tctx, &search.out.netlogon.logon5.domain_uuid), search.in.domain_guid);
+ CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX);
+ CHECK_STRING(GUID_string(tctx, &search.out.netlogon.nt5_ex.domain_uuid), search.in.domain_guid);
printf("Trying with a incorrect GUID\n");
guid = GUID_random();
@@ -141,15 +142,15 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
printf("Trying with a AAC\n");
search.in.acct_control = 0x180;
- search.in.realm = n1.logon5.dns_domain;
+ search.in.realm = n1.nt5_ex.dns_domain;
status = cldap_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_VAL(search.out.netlogon.logon5.type, NETLOGON_RESPONSE_FROM_PDC2);
- CHECK_STRING(search.out.netlogon.logon5.user_name, "");
+ CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX);
+ CHECK_STRING(search.out.netlogon.nt5_ex.user_name, "");
printf("Trying with a bad AAC\n");
search.in.acct_control = 0xFF00FF00;
- search.in.realm = n1.logon5.dns_domain;
+ search.in.realm = n1.nt5_ex.dns_domain;
status = cldap_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
@@ -158,15 +159,15 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
search.in.user = "Administrator";
status = cldap_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.logon5.dns_domain, n1.logon5.dns_domain);
- CHECK_STRING(search.out.netlogon.logon5.user_name, search.in.user);
+ CHECK_STRING(search.out.netlogon.nt5_ex.dns_domain, n1.nt5_ex.dns_domain);
+ CHECK_STRING(search.out.netlogon.nt5_ex.user_name, search.in.user);
printf("Trying with just a bad username\n");
search.in.user = "___no_such_user___";
status = cldap_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.logon5.user_name, search.in.user);
- CHECK_STRING(search.out.netlogon.logon5.dns_domain, n1.logon5.dns_domain);
+ CHECK_STRING(search.out.netlogon.nt5_ex.user_name, search.in.user);
+ CHECK_STRING(search.out.netlogon.nt5_ex.dns_domain, n1.nt5_ex.dns_domain);
printf("Trying with just a bad domain\n");
search = empty_search;
@@ -175,29 +176,29 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
CHECK_STATUS(status, NT_STATUS_NOT_FOUND);
printf("Trying with a incorrect domain and correct guid\n");
- search.in.domain_guid = GUID_string(tctx, &n1.logon5.domain_uuid);
+ search.in.domain_guid = GUID_string(tctx, &n1.nt5_ex.domain_uuid);
status = cldap_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.logon5.dns_domain, n1.logon5.dns_domain);
- CHECK_STRING(search.out.netlogon.logon5.user_name, "");
- CHECK_VAL(search.out.netlogon.logon5.type, NETLOGON_RESPONSE_FROM_PDC2);
+ CHECK_STRING(search.out.netlogon.nt5_ex.dns_domain, n1.nt5_ex.dns_domain);
+ CHECK_STRING(search.out.netlogon.nt5_ex.user_name, "");
+ CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX);
printf("Trying with a incorrect domain and incorrect guid\n");
search.in.domain_guid = GUID_string(tctx, &guid);
status = cldap_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_NOT_FOUND);
- CHECK_STRING(search.out.netlogon.logon5.dns_domain, n1.logon5.dns_domain);
- CHECK_STRING(search.out.netlogon.logon5.user_name, "");
- CHECK_VAL(search.out.netlogon.logon5.type, NETLOGON_RESPONSE_FROM_PDC2);
+ CHECK_STRING(search.out.netlogon.nt5_ex.dns_domain, n1.nt5_ex.dns_domain);
+ CHECK_STRING(search.out.netlogon.nt5_ex.user_name, "");
+ CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX);
printf("Trying with a incorrect GUID and correct domain\n");
search.in.domain_guid = GUID_string(tctx, &guid);
- search.in.realm = n1.logon5.dns_domain;
+ search.in.realm = n1.nt5_ex.dns_domain;
status = cldap_netlogon(cldap, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.logon5.dns_domain, n1.logon5.dns_domain);
- CHECK_STRING(search.out.netlogon.logon5.user_name, "");
- CHECK_VAL(search.out.netlogon.logon5.type, NETLOGON_RESPONSE_FROM_PDC2);
+ CHECK_STRING(search.out.netlogon.nt5_ex.dns_domain, n1.nt5_ex.dns_domain);
+ CHECK_STRING(search.out.netlogon.nt5_ex.user_name, "");
+ CHECK_VAL(search.out.netlogon.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX);
return true;
}
diff --git a/source4/torture/nbt/dgram.c b/source4/torture/nbt/dgram.c
index a3585896eb..e039aac509 100644
--- a/source4/torture/nbt/dgram.c
+++ b/source4/torture/nbt/dgram.c
@@ -42,7 +42,7 @@ static void netlogon_handler(struct dgram_mailslot_handler *dgmslot,
struct socket_address *src)
{
NTSTATUS status;
- struct nbt_netlogon_packet netlogon;
+ struct nbt_netlogon_response netlogon;
int *replies = (int *)dgmslot->private;
printf("netlogon reply from %s:%d\n", src->addr, src->port);
@@ -54,8 +54,6 @@ static void netlogon_handler(struct dgram_mailslot_handler *dgmslot,
return;
}
- NDR_PRINT_DEBUG(nbt_netlogon_packet, &netlogon);
-
(*replies)++;
}
@@ -101,7 +99,7 @@ static bool nbt_test_netlogon(struct torture_context *tctx)
/* try receiving replies on port 138 first, which will only
work if we are root and smbd/nmbd are not running - fall
back to listening on any port, which means replies from
- some windows versions won't be seen */
+ most windows versions won't be seen */
status = socket_listen(dgmsock->sock, socket_address, 0, 0);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(socket_address);
@@ -117,7 +115,7 @@ static bool nbt_test_netlogon(struct torture_context *tctx)
netlogon_handler, &replies);
ZERO_STRUCT(logon);
- logon.command = NETLOGON_QUERY_FOR_PDC;
+ logon.command = LOGON_PRIMARY_QUERY;
logon.req.pdc.computer_name = TEST_NAME;
logon.req.pdc.mailslot_name = dgmslot->mailslot_name;
logon.req.pdc.unicode_name = TEST_NAME;
@@ -132,6 +130,7 @@ static bool nbt_test_netlogon(struct torture_context *tctx)
torture_assert(tctx, dest != NULL, "Error getting address");
status = dgram_mailslot_netlogon_send(dgmsock, &name, dest,
+ NBT_MAILSLOT_NETLOGON,
&myname, &logon);
torture_assert_ntstatus_ok(tctx, status, "Failed to send netlogon request");
@@ -200,14 +199,14 @@ static bool nbt_test_netlogon2(struct torture_context *tctx)
ZERO_STRUCT(logon);
- logon.command = NETLOGON_QUERY_FOR_PDC2;
- logon.req.pdc2.request_count = 0;
- logon.req.pdc2.computer_name = TEST_NAME;
- logon.req.pdc2.user_name = "";
- logon.req.pdc2.mailslot_name = dgmslot->mailslot_name;
- logon.req.pdc2.nt_version = 11;
- logon.req.pdc2.lmnt_token = 0xFFFF;
- logon.req.pdc2.lm20_token = 0xFFFF;
+ logon.command = LOGON_SAM_LOGON_REQUEST;
+ logon.req.logon.request_count = 0;
+ logon.req.logon.computer_name = TEST_NAME;
+ logon.req.logon.user_name = "";
+ logon.req.logon.mailslot_name = dgmslot->mailslot_name;
+ logon.req.logon.nt_version = 11;
+ logon.req.logon.lmnt_token = 0xFFFF;
+ logon.req.logon.lm20_token = 0xFFFF;
make_nbt_name_client(&myname, TEST_NAME);
@@ -216,6 +215,7 @@ static bool nbt_test_netlogon2(struct torture_context *tctx)
torture_assert(tctx, dest != NULL, "Error getting address");
status = dgram_mailslot_netlogon_send(dgmsock, &name, dest,
+ NBT_MAILSLOT_NETLOGON,
&myname, &logon);
torture_assert_ntstatus_ok(tctx, status, "Failed to send netlogon request");
@@ -227,32 +227,6 @@ static bool nbt_test_netlogon2(struct torture_context *tctx)
}
-/*
- reply handler for ntlogon request
-*/
-static void ntlogon_handler(struct dgram_mailslot_handler *dgmslot,
- struct nbt_dgram_packet *packet,
- struct socket_address *src)
-{
- NTSTATUS status;
- struct nbt_ntlogon_packet ntlogon;
- int *replies = (int *)dgmslot->private;
-
- printf("ntlogon reply from %s:%d\n", src->addr, src->port);
-
- status = dgram_mailslot_ntlogon_parse(dgmslot, dgmslot, packet, &ntlogon);
- if (!NT_STATUS_IS_OK(status)) {
- printf("Failed to parse ntlogon packet from %s:%d\n",
- src->addr, src->port);
- return;
- }
-
- NDR_PRINT_DEBUG(nbt_ntlogon_packet, &ntlogon);
-
- (*replies)++;
-}
-
-
/* test UDP/138 ntlogon requests */
static bool nbt_test_ntlogon(struct torture_context *tctx)
{
@@ -265,7 +239,7 @@ static bool nbt_test_ntlogon(struct torture_context *tctx)
const struct dom_sid *dom_sid;
const char *myaddress;
- struct nbt_ntlogon_packet logon;
+ struct nbt_netlogon_packet logon;
struct nbt_name myname;
NTSTATUS status;
struct timeval tv = timeval_current();
@@ -296,7 +270,7 @@ static bool nbt_test_ntlogon(struct torture_context *tctx)
/* try receiving replies on port 138 first, which will only
work if we are root and smbd/nmbd are not running - fall
back to listening on any port, which means replies from
- some windows versions won't be seen */
+ most windows versions won't be seen */
status = socket_listen(dgmsock->sock, socket_address, 0, 0);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(socket_address);
@@ -317,17 +291,17 @@ static bool nbt_test_ntlogon(struct torture_context *tctx)
/* setup a temporary mailslot listener for replies */
dgmslot = dgram_mailslot_temp(dgmsock, NBT_MAILSLOT_GETDC,
- ntlogon_handler, &replies);
+ netlogon_handler, &replies);
ZERO_STRUCT(logon);
- logon.command = NTLOGON_SAM_LOGON;
+ logon.command = LOGON_SAM_LOGON_REQUEST;
logon.req.logon.request_count = 0;
logon.req.logon.computer_name = TEST_NAME;
logon.req.logon.user_name = TEST_NAME"$";
logon.req.logon.mailslot_name = dgmslot->mailslot_name;
logon.req.logon.acct_control = ACB_WSTRUST;
- logon.req.logon.sid = *dom_sid;
+ /* Leave sid as all zero */
logon.req.logon.nt_version = 1;
logon.req.logon.lmnt_token = 0xFFFF;
logon.req.logon.lm20_token = 0xFFFF;
@@ -337,8 +311,10 @@ static bool nbt_test_ntlogon(struct torture_context *tctx)
dest = socket_address_from_strings(dgmsock, dgmsock->sock->backend_name,
address, lp_dgram_port(tctx->lp_ctx));
torture_assert(tctx, dest != NULL, "Error getting address");
- status = dgram_mailslot_ntlogon_send(dgmsock, DGRAM_DIRECT_UNIQUE,
- &name, dest, &myname, &logon);
+ status = dgram_mailslot_netlogon_send(dgmsock,
+ &name, dest,
+ NBT_MAILSLOT_NTLOGON,
+ &myname, &logon);
torture_assert_ntstatus_ok(tctx, status, "Failed to send ntlogon request");
while (timeval_elapsed(&tv) < 5 && replies == 0) {
diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 00617f4072..989a1faf27 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -288,16 +288,17 @@ static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx)
search.in.dest_address = ctx->drsuapi_binding->host;
search.in.dest_port = lp_cldap_port(tctx->lp_ctx);
search.in.acct_control = -1;
- search.in.version = 6;
+ search.in.version = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX;
+ search.in.map_response = true;
status = cldap_netlogon(cldap, ctx, &search);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
ctx->site_name = talloc_asprintf(ctx, "%s", "Default-First-Site-Name");
printf("cldap_netlogon() returned %s. Defaulting to Site-Name: %s\n", errstr, ctx->site_name);
} else {
- ctx->site_name = talloc_steal(ctx, search.out.netlogon.logon5.client_site);
+ ctx->site_name = talloc_steal(ctx, search.out.netlogon.nt5_ex.client_site);
printf("cldap_netlogon() returned Client Site-Name: %s.\n",ctx->site_name);
- printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.logon5.server_site);
+ printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.nt5_ex.server_site);
}
return ret;
generated by cgit (git 2.34.1) at 2024-07-20 17:19:32 +0000