diff options
Diffstat (limited to 'source4/torture')
-rw-r--r-- | source4/torture/libnet/libnet.c | 1 | ||||
-rw-r--r-- | source4/torture/libnet/libnet_user.c | 164 |
2 files changed, 165 insertions, 0 deletions
diff --git a/source4/torture/libnet/libnet.c b/source4/torture/libnet/libnet.c index 11084a382a..d886903b2d 100644 --- a/source4/torture/libnet/libnet.c +++ b/source4/torture/libnet/libnet.c @@ -33,6 +33,7 @@ NTSTATUS torture_net_init(void) register_torture_op("NET-API-LOOKUPHOST", torture_lookup_host, 0); register_torture_op("NET-API-LOOKUPPDC", torture_lookup_pdc, 0); register_torture_op("NET-API-CREATEUSER", torture_createuser, 0); + register_torture_op("NET-API-DELETEUSER", torture_deleteuser, 0); register_torture_op("NET-API-RPCCONNECT", torture_rpc_connect, 0); register_torture_op("NET-API-LISTSHARES", torture_listshares, 0); register_torture_op("NET-API-DELSHARE", torture_delshare, 0); diff --git a/source4/torture/libnet/libnet_user.c b/source4/torture/libnet/libnet_user.c index 8eadc8da9f..2c47642191 100644 --- a/source4/torture/libnet/libnet_user.c +++ b/source4/torture/libnet/libnet_user.c @@ -24,6 +24,7 @@ #include "libnet/libnet.h" #include "librpc/gen_ndr/ndr_samr_c.h" #include "torture/torture.h" +#include "torture/rpc/rpc.h" #define TEST_USERNAME "libnetusertest" @@ -94,6 +95,114 @@ static BOOL test_cleanup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, } +static BOOL test_opendomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + struct policy_handle *handle, struct lsa_String *domname) +{ + NTSTATUS status; + struct policy_handle h, domain_handle; + struct samr_Connect r1; + struct samr_LookupDomain r2; + struct samr_OpenDomain r3; + + printf("connecting\n"); + + r1.in.system_name = 0; + r1.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; + r1.out.connect_handle = &h; + + status = dcerpc_samr_Connect(p, mem_ctx, &r1); + if (!NT_STATUS_IS_OK(status)) { + printf("Connect failed - %s\n", nt_errstr(status)); + return False; + } + + r2.in.connect_handle = &h; + r2.in.domain_name = domname; + + printf("domain lookup on %s\n", domname->string); + + status = dcerpc_samr_LookupDomain(p, mem_ctx, &r2); + if (!NT_STATUS_IS_OK(status)) { + printf("LookupDomain failed - %s\n", nt_errstr(status)); + return False; + } + + r3.in.connect_handle = &h; + r3.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; + r3.in.sid = r2.out.sid; + r3.out.domain_handle = &domain_handle; + + printf("opening domain\n"); + + status = dcerpc_samr_OpenDomain(p, mem_ctx, &r3); + if (!NT_STATUS_IS_OK(status)) { + printf("OpenDomain failed - %s\n", nt_errstr(status)); + return False; + } else { + *handle = domain_handle; + } + + return True; +} + + +static BOOL test_createuser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + struct policy_handle *handle, const char* user) +{ + NTSTATUS status; + struct policy_handle user_handle; + struct lsa_String username; + struct samr_CreateUser r1; + struct samr_Close r2; + uint32_t user_rid; + + username.string = user; + + r1.in.domain_handle = handle; + r1.in.account_name = &username; + r1.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; + r1.out.user_handle = &user_handle; + r1.out.rid = &user_rid; + + printf("creating user '%s'\n", username.string); + + status = dcerpc_samr_CreateUser(p, mem_ctx, &r1); + if (!NT_STATUS_IS_OK(status)) { + printf("CreateUser failed - %s\n", nt_errstr(status)); + + if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) { + printf("User (%s) already exists - attempting to delete and recreate account again\n", user); + if (!test_cleanup(p, mem_ctx, handle, TEST_USERNAME)) { + return False; + } + + printf("creating user account\n"); + + status = dcerpc_samr_CreateUser(p, mem_ctx, &r1); + if (!NT_STATUS_IS_OK(status)) { + printf("CreateUser failed - %s\n", nt_errstr(status)); + return False; + } + return True; + } + return False; + } + + r2.in.handle = &user_handle; + r2.out.handle = &user_handle; + + printf("closing user '%s'\n", username.string); + + status = dcerpc_samr_Close(p, mem_ctx, &r2); + if (!NT_STATUS_IS_OK(status)) { + printf("Close failed - %s\n", nt_errstr(status)); + return False; + } + + return True; +} + + BOOL torture_createuser(struct torture_context *torture) { NTSTATUS status; @@ -124,3 +233,58 @@ BOOL torture_createuser(struct torture_context *torture) return True; } + + +BOOL torture_deleteuser(struct torture_context *torture) +{ + NTSTATUS status; + const char *binding; + struct dcerpc_pipe *p; + TALLOC_CTX *prep_mem_ctx, *mem_ctx; + struct policy_handle h; + struct lsa_String domain_name; + const char *name = TEST_USERNAME; + struct libnet_context *ctx; + struct libnet_DeleteUser req; + BOOL ret = True; + + prep_mem_ctx = talloc_init("prepare test_deleteuser"); + binding = lp_parm_string(-1, "torture", "binding"); + + ctx = libnet_context_init(NULL); + ctx->cred = cmdline_credentials; + + req.in.user_name = TEST_USERNAME; + req.in.domain_name = lp_workgroup(); + + status = torture_rpc_connection(prep_mem_ctx, + &p, + &dcerpc_table_samr); + if (!NT_STATUS_IS_OK(status)) { + return False; + } + + domain_name.string = lp_workgroup(); + if (!test_opendomain(p, prep_mem_ctx, &h, &domain_name)) { + ret = False; + goto done; + } + + if (!test_createuser(p, prep_mem_ctx, &h, name)) { + ret = False; + goto done; + } + + mem_ctx = talloc_init("test_deleteuser"); + + status = libnet_DeleteUser(ctx, mem_ctx, &req); + if (!NT_STATUS_IS_OK(status)) { + printf("libnet_DeleteUser call failed: %s\n", nt_errstr(status)); + return False; + } + +done: + talloc_free(prep_mem_ctx); + talloc_free(mem_ctx); + return ret; +} |