summaryrefslogtreecommitdiff
path: root/source4/torture
diff options
context:
space:
mode:
Diffstat (limited to 'source4/torture')
-rw-r--r--source4/torture/rpc/netlogon.c9
-rw-r--r--source4/torture/rpc/remote_pac.c34
-rw-r--r--source4/torture/rpc/samba3rpc.c18
-rw-r--r--source4/torture/rpc/samlogon.c72
-rw-r--r--source4/torture/rpc/samsync.c11
-rw-r--r--source4/torture/rpc/schannel.c21
6 files changed, 126 insertions, 39 deletions
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 2e9800fede..38fe8b58f5 100644
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -575,6 +575,9 @@ bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
NTSTATUS status;
struct netr_LogonSamLogon r;
struct netr_Authenticator auth, auth2;
+ union netr_LogonLevel logon;
+ union netr_Validation validation;
+ uint8_t authoritative;
struct netr_NetworkInfo ninfo;
DATA_BLOB names_blob, chal, lm_resp, nt_resp;
int i;
@@ -618,12 +621,16 @@ bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
ninfo.identity_info.logon_id_high = 0;
ninfo.identity_info.workstation.string = cli_credentials_get_workstation(credentials);
+ logon.network = &ninfo;
+
r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
r.in.computer_name = cli_credentials_get_workstation(credentials);
r.in.credential = &auth;
r.in.return_authenticator = &auth2;
r.in.logon_level = 2;
- r.in.logon.network = &ninfo;
+ r.in.logon = &logon;
+ r.out.validation = &validation;
+ r.out.authoritative = &authoritative;
d_printf("Testing LogonSamLogon with name %s\n", ninfo.identity_info.account_name.string);
diff --git a/source4/torture/rpc/remote_pac.c b/source4/torture/rpc/remote_pac.c
index a4111d1c3e..1f03ad6396 100644
--- a/source4/torture/rpc/remote_pac.c
+++ b/source4/torture/rpc/remote_pac.c
@@ -47,7 +47,12 @@ static bool test_PACVerify(struct torture_context *tctx,
NTSTATUS status;
struct netr_LogonSamLogon r;
-
+
+ union netr_LogonLevel logon;
+ union netr_Validation validation;
+ uint8_t authoritative;
+ struct netr_Authenticator return_authenticator;
+
struct netr_GenericInfo generic;
struct netr_Authenticator auth, auth2;
@@ -166,15 +171,20 @@ static bool test_PACVerify(struct torture_context *tctx,
generic.package_name.string = "Kerberos";
+ logon.generic = &generic;
+
ZERO_STRUCT(auth2);
creds_client_authenticator(creds, &auth);
r.in.credential = &auth;
r.in.return_authenticator = &auth2;
+ r.in.logon = &logon;
r.in.logon_level = NetlogonGenericInformation;
- r.in.logon.generic = &generic;
r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
r.in.computer_name = cli_credentials_get_workstation(credentials);
r.in.validation_level = NetlogonValidationGenericInfo2;
+ r.out.validation = &validation;
+ r.out.authoritative = &authoritative;
+ r.out.return_authenticator = &return_authenticator;
status = dcerpc_netr_LogonSamLogon(p, tctx, &r);
@@ -183,12 +193,14 @@ static bool test_PACVerify(struct torture_context *tctx,
/* This will break the signature nicely (even in the crypto wrapping), check we get a logon failure */
generic.data[generic.length-1]++;
+ logon.generic = &generic;
+
ZERO_STRUCT(auth2);
creds_client_authenticator(creds, &auth);
r.in.credential = &auth;
r.in.return_authenticator = &auth2;
r.in.logon_level = NetlogonGenericInformation;
- r.in.logon.generic = &generic;
+ r.in.logon = &logon;
r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
r.in.computer_name = cli_credentials_get_workstation(credentials);
r.in.validation_level = NetlogonValidationGenericInfo2;
@@ -203,12 +215,14 @@ static bool test_PACVerify(struct torture_context *tctx,
/* This will break the parsing nicely (even in the crypto wrapping), check we get INVALID_PARAMETER */
generic.length--;
+ logon.generic = &generic;
+
ZERO_STRUCT(auth2);
creds_client_authenticator(creds, &auth);
r.in.credential = &auth;
r.in.return_authenticator = &auth2;
r.in.logon_level = NetlogonGenericInformation;
- r.in.logon.generic = &generic;
+ r.in.logon = &logon;
r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
r.in.computer_name = cli_credentials_get_workstation(credentials);
r.in.validation_level = NetlogonValidationGenericInfo2;
@@ -247,13 +261,15 @@ static bool test_PACVerify(struct torture_context *tctx,
generic.length = pac_wrapped.length;
generic.data = pac_wrapped.data;
-
+
+ logon.generic = &generic;
+
ZERO_STRUCT(auth2);
creds_client_authenticator(creds, &auth);
r.in.credential = &auth;
r.in.return_authenticator = &auth2;
r.in.logon_level = NetlogonGenericInformation;
- r.in.logon.generic = &generic;
+ r.in.logon = &logon;
r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
r.in.computer_name = cli_credentials_get_workstation(credentials);
r.in.validation_level = NetlogonValidationGenericInfo2;
@@ -292,13 +308,15 @@ static bool test_PACVerify(struct torture_context *tctx,
generic.length = pac_wrapped.length;
generic.data = pac_wrapped.data;
-
+
+ logon.generic = &generic;
+
ZERO_STRUCT(auth2);
creds_client_authenticator(creds, &auth);
r.in.credential = &auth;
r.in.return_authenticator = &auth2;
r.in.logon_level = NetlogonGenericInformation;
- r.in.logon.generic = &generic;
+ r.in.logon = &logon;
r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
r.in.computer_name = cli_credentials_get_workstation(credentials);
r.in.validation_level = NetlogonValidationGenericInfo2;
diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c
index a45397de46..5f8225cb33 100644
--- a/source4/torture/rpc/samba3rpc.c
+++ b/source4/torture/rpc/samba3rpc.c
@@ -1033,6 +1033,10 @@ static bool schan(struct smbcli_state *cli,
struct netr_NetworkInfo ninfo;
struct netr_PasswordInfo pinfo;
struct netr_LogonSamLogon r;
+ union netr_LogonLevel logon;
+ union netr_Validation validation;
+ uint8_t authoritative;
+ struct netr_Authenticator return_authenticator;
flags = CLI_CRED_LANMAN_AUTH | CLI_CRED_NTLM_AUTH |
CLI_CRED_NTLMv2_AUTH;
@@ -1075,6 +1079,8 @@ static bool schan(struct smbcli_state *cli,
ninfo.lm.length = lm_resp.length;
ninfo.lm.data = lm_resp.data;
+ logon.network = &ninfo;
+
r.in.server_name = talloc_asprintf(
mem_ctx, "\\\\%s", dcerpc_server_name(net_pipe));
ZERO_STRUCT(netr_auth2);
@@ -1084,8 +1090,10 @@ static bool schan(struct smbcli_state *cli,
r.in.return_authenticator = &netr_auth2;
r.in.logon_level = 2;
r.in.validation_level = i;
- r.in.logon.network = &ninfo;
- r.out.return_authenticator = NULL;
+ r.in.logon = &logon;
+ r.out.validation = &validation;
+ r.out.authoritative = &authoritative;
+ r.out.return_authenticator = &return_authenticator;
status = dcerpc_netr_LogonSamLogon(net_pipe, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -1113,9 +1121,11 @@ static bool schan(struct smbcli_state *cli,
sizeof(pinfo.ntpassword.hash),
&session_key);
+ logon.password = &pinfo;
+
r.in.logon_level = 1;
- r.in.logon.password = &pinfo;
- r.out.return_authenticator = NULL;
+ r.in.logon = &logon;
+ r.out.return_authenticator = &return_authenticator;
status = dcerpc_netr_LogonSamLogon(net_pipe, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source4/torture/rpc/samlogon.c b/source4/torture/rpc/samlogon.c
index fc47a86730..9a707605e6 100644
--- a/source4/torture/rpc/samlogon.c
+++ b/source4/torture/rpc/samlogon.c
@@ -92,9 +92,9 @@ static NTSTATUS check_samlogon(struct samlogon_state *samlogon_state,
struct netr_SamBaseInfo *base = NULL;
uint16_t validation_level = 0;
- samlogon_state->r.in.logon.network = &ninfo;
- samlogon_state->r_ex.in.logon.network = &ninfo;
- samlogon_state->r_flags.in.logon.network = &ninfo;
+ samlogon_state->r.in.logon->network = &ninfo;
+ samlogon_state->r_ex.in.logon->network = &ninfo;
+ samlogon_state->r_flags.in.logon->network = &ninfo;
ninfo.identity_info.domain_name.string = samlogon_state->account_domain;
ninfo.identity_info.parameter_control = parameter_control;
@@ -170,17 +170,17 @@ static NTSTATUS check_samlogon(struct samlogon_state *samlogon_state,
validation_level = r->in.validation_level;
- creds_decrypt_samlogon(samlogon_state->creds, validation_level, &r->out.validation);
+ creds_decrypt_samlogon(samlogon_state->creds, validation_level, r->out.validation);
switch (validation_level) {
case 2:
- base = &r->out.validation.sam2->base;
+ base = &r->out.validation->sam2->base;
break;
case 3:
- base = &r->out.validation.sam3->base;
+ base = &r->out.validation->sam3->base;
break;
case 6:
- base = &r->out.validation.sam6->base;
+ base = &r->out.validation->sam6->base;
break;
}
break;
@@ -195,17 +195,17 @@ static NTSTATUS check_samlogon(struct samlogon_state *samlogon_state,
validation_level = r_ex->in.validation_level;
- creds_decrypt_samlogon(samlogon_state->creds, validation_level, &r_ex->out.validation);
+ creds_decrypt_samlogon(samlogon_state->creds, validation_level, r_ex->out.validation);
switch (validation_level) {
case 2:
- base = &r_ex->out.validation.sam2->base;
+ base = &r_ex->out.validation->sam2->base;
break;
case 3:
- base = &r_ex->out.validation.sam3->base;
+ base = &r_ex->out.validation->sam3->base;
break;
case 6:
- base = &r_ex->out.validation.sam6->base;
+ base = &r_ex->out.validation->sam6->base;
break;
}
break;
@@ -228,17 +228,17 @@ static NTSTATUS check_samlogon(struct samlogon_state *samlogon_state,
validation_level = r_flags->in.validation_level;
- creds_decrypt_samlogon(samlogon_state->creds, validation_level, &r_flags->out.validation);
+ creds_decrypt_samlogon(samlogon_state->creds, validation_level, r_flags->out.validation);
switch (validation_level) {
case 2:
- base = &r_flags->out.validation.sam2->base;
+ base = &r_flags->out.validation->sam2->base;
break;
case 3:
- base = &r_flags->out.validation.sam3->base;
+ base = &r_flags->out.validation->sam3->base;
break;
case 6:
- base = &r_flags->out.validation.sam6->base;
+ base = &r_flags->out.validation->sam6->base;
break;
}
break;
@@ -1331,7 +1331,14 @@ static bool test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
NDR_NETR_LOGONSAMLOGONEX,
NDR_NETR_LOGONSAMLOGONWITHFLAGS };
struct samlogon_state samlogon_state;
-
+
+ union netr_LogonLevel logon;
+ union netr_Validation validation;
+ uint8_t authoritative = 0;
+ uint32_t flags = 0;
+
+ ZERO_STRUCT(logon);
+
d_printf("testing netr_LogonSamLogon and netr_LogonSamLogonWithFlags\n");
samlogon_state.comment = comment;
@@ -1353,16 +1360,28 @@ static bool test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
samlogon_state.r_flags.in.computer_name = TEST_MACHINE_NAME;
samlogon_state.r_flags.in.credential = &samlogon_state.auth;
samlogon_state.r_flags.in.return_authenticator = &samlogon_state.auth2;
- samlogon_state.r_flags.in.flags = 0;
+ samlogon_state.r_flags.in.flags = &flags;
+ samlogon_state.r_flags.in.logon = &logon;
+ samlogon_state.r_flags.out.validation = &validation;
+ samlogon_state.r_flags.out.authoritative = &authoritative;
+ samlogon_state.r_flags.out.flags = &flags;
samlogon_state.r_ex.in.server_name = talloc_asprintf(fn_ctx, "\\\\%s", dcerpc_server_name(p));
samlogon_state.r_ex.in.computer_name = TEST_MACHINE_NAME;
- samlogon_state.r_ex.in.flags = 0;
+ samlogon_state.r_ex.in.flags = &flags;
+ samlogon_state.r_ex.in.logon = &logon;
+ samlogon_state.r_ex.out.validation = &validation;
+ samlogon_state.r_ex.out.authoritative = &authoritative;
+ samlogon_state.r_ex.out.flags = &flags;
samlogon_state.r.in.server_name = talloc_asprintf(fn_ctx, "\\\\%s", dcerpc_server_name(p));
samlogon_state.r.in.computer_name = TEST_MACHINE_NAME;
samlogon_state.r.in.credential = &samlogon_state.auth;
samlogon_state.r.in.return_authenticator = &samlogon_state.auth2;
+ samlogon_state.r.in.logon = &logon;
+ samlogon_state.r.out.validation = &validation;
+ samlogon_state.r.out.authoritative = &authoritative;
+
for (f=0;f<ARRAY_SIZE(function_levels);f++) {
for (i=0; test_table[i].fn; i++) {
@@ -1422,21 +1441,34 @@ bool test_InteractiveLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct netr_LogonSamLogonWithFlags r;
struct netr_Authenticator a, ra;
struct netr_PasswordInfo pinfo;
+ uint32_t flags = 0;
+
+ union netr_LogonLevel logon;
+ union netr_Validation validation;
+ uint8_t authoritative = 0;
ZERO_STRUCT(a);
ZERO_STRUCT(r);
ZERO_STRUCT(ra);
+ ZERO_STRUCT(logon);
+ ZERO_STRUCT(validation);
+
creds_client_authenticator(creds, &a);
+ logon.password = &pinfo;
+
r.in.server_name = talloc_asprintf(fn_ctx, "\\\\%s", dcerpc_server_name(p));
r.in.computer_name = TEST_MACHINE_NAME;
r.in.credential = &a;
r.in.return_authenticator = &ra;
r.in.logon_level = 5;
- r.in.logon.password = &pinfo;
+ r.in.logon = &logon;
r.in.validation_level = 6;
- r.in.flags = 0;
+ r.in.flags = &flags;
+ r.out.validation = &validation;
+ r.out.authoritative = &authoritative;
+ r.out.flags = &flags;
pinfo.identity_info.domain_name.string = account_domain;
pinfo.identity_info.parameter_control = parameter_control;
diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index 88101912e6..e1129435a0 100644
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -58,6 +58,9 @@ static NTSTATUS test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct netr_LogonSamLogon r;
struct netr_Authenticator auth, auth2;
struct netr_NetworkInfo ninfo;
+ union netr_LogonLevel logon;
+ union netr_Validation validation;
+ uint8_t authoritative;
ninfo.identity_info.domain_name.string = domain;
ninfo.identity_info.parameter_control = 0;
@@ -85,12 +88,16 @@ static NTSTATUS test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
ninfo.lm.data = NULL;
}
+ logon.network = &ninfo;
+
r.in.server_name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
r.in.computer_name = workstation;
r.in.credential = &auth;
r.in.return_authenticator = &auth2;
r.in.logon_level = 2;
- r.in.logon.network = &ninfo;
+ r.in.logon = &logon;
+ r.out.validation = &validation;
+ r.out.authoritative = &authoritative;
ZERO_STRUCT(auth2);
creds_client_authenticator(creds, &auth);
@@ -104,7 +111,7 @@ static NTSTATUS test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
}
if (info3) {
- *info3 = r.out.validation.sam3;
+ *info3 = validation.sam3;
}
return status;
diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c
index a8aa046280..81c3ecf878 100644
--- a/source4/torture/rpc/schannel.c
+++ b/source4/torture/rpc/schannel.c
@@ -48,6 +48,10 @@ bool test_netlogon_ex_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
NTSTATUS status;
struct netr_LogonSamLogonEx r;
struct netr_NetworkInfo ninfo;
+ union netr_LogonLevel logon;
+ union netr_Validation validation;
+ uint8_t authoritative = 0;
+ uint32_t _flags = 0;
DATA_BLOB names_blob, chal, lm_resp, nt_resp;
int i;
int flags = CLI_CRED_NTLM_AUTH;
@@ -91,11 +95,16 @@ bool test_netlogon_ex_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
ninfo.identity_info.logon_id_high = 0;
ninfo.identity_info.workstation.string = cli_credentials_get_workstation(credentials);
+ logon.network = &ninfo;
+
r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
r.in.computer_name = cli_credentials_get_workstation(credentials);
r.in.logon_level = 2;
- r.in.logon.network = &ninfo;
- r.in.flags = 0;
+ r.in.logon= &logon;
+ r.in.flags = &_flags;
+ r.out.validation = &validation;
+ r.out.authoritative = &authoritative;
+ r.out.flags = &_flags;
torture_comment(tctx,
"Testing LogonSamLogonEx with name %s\n",
@@ -603,9 +612,13 @@ static bool torture_schannel_bench_start(struct torture_schannel_bench_conn *con
conn->r.in.server_name = talloc_asprintf(conn->tmp, "\\\\%s", dcerpc_server_name(conn->pipe));
conn->r.in.computer_name = cli_credentials_get_workstation(conn->wks_creds);
conn->r.in.logon_level = 2;
- conn->r.in.logon.network = &conn->ninfo;
- conn->r.in.flags = 0;
+ conn->r.in.logon = talloc(conn->tmp, union netr_LogonLevel);
+ conn->r.in.logon->network = &conn->ninfo;
+ conn->r.in.flags = talloc(conn->tmp, uint32_t);
conn->r.in.validation_level = 2;
+ conn->r.out.validation = talloc(conn->tmp, union netr_Validation);
+ conn->r.out.authoritative = talloc(conn->tmp, uint8_t);
+ conn->r.out.flags = conn->r.in.flags;
req = dcerpc_netr_LogonSamLogonEx_send(conn->pipe, conn->tmp, &conn->r);
torture_assert(s->tctx, req, "Failed to setup LogonSamLogonEx request");