diff options
Diffstat (limited to 'source4/torture')
-rw-r--r-- | source4/torture/rpc/lsa.c | 162 |
1 files changed, 52 insertions, 110 deletions
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index 27b307f2f3..4e0bfd8c4f 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -530,11 +530,7 @@ static bool test_LookupNames2(struct dcerpc_binding_handle *b, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_LookupNames2_r(b, tctx, &r), "LookupNames2 failed"); - if (!NT_STATUS_IS_OK(r.out.result)) { - torture_comment(tctx, "LookupNames2 failed - %s\n", - nt_errstr(r.out.result)); - return false; - } + torture_assert_ntstatus_ok(tctx, r.out.result, "LookupNames2 failed"); if (check_result) { torture_assert_int_equal(tctx, count, sids.count, @@ -594,11 +590,8 @@ static bool test_LookupNames3(struct dcerpc_binding_handle *b, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_LookupNames3_r(b, tctx, &r), "LookupNames3 failed"); - if (!NT_STATUS_IS_OK(r.out.result)) { - torture_comment(tctx, "LookupNames3 failed - %s\n", - nt_errstr(r.out.result)); - return false; - } + torture_assert_ntstatus_ok(tctx, r.out.result, + "LookupNames3 failed"); if (check_result) { torture_assert_int_equal(tctx, count, sids.count, @@ -665,13 +658,10 @@ static bool test_LookupNames4(struct dcerpc_binding_handle *b, return true; } - - torture_assert_ntstatus_ok(tctx, - r.out.result, - "LookupNames4 failed"); - - return false; } + torture_assert_ntstatus_ok(tctx, + r.out.result, + "LookupNames4 failed"); if (check_result) { torture_assert_int_equal(tctx, count, sids.count, @@ -743,11 +733,9 @@ static bool test_LookupNames4_fail(struct dcerpc_binding_handle *b, } } - torture_assert_ntstatus_equal(tctx, - r.out.result, - NT_STATUS_OK, - "LookupNames4 return value should be " - "ACCESS_DENIED"); + torture_fail(tctx, + "LookupNames4 return value should be " + "ACCESS_DENIED or RPC_PROTSEQ_NOT_SUPPORTED"); return false; } @@ -939,22 +927,18 @@ static bool test_LookupSids3_fail(struct dcerpc_binding_handle *b, return true; } - if (!NT_STATUS_IS_OK(r.out.result)) { - if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_ACCESS_DENIED) || - NT_STATUS_EQUAL(r.out.result, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) { - torture_comment(tctx, - "LookupNames4 correctly returned with " - "result: %s\n", - nt_errstr(r.out.result)); - return true; - } + if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_ACCESS_DENIED) || + NT_STATUS_EQUAL(r.out.result, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) { + torture_comment(tctx, + "LookupNames4 correctly returned with " + "result: %s\n", + nt_errstr(r.out.result)); + return true; } - torture_assert_ntstatus_equal(tctx, - r.out.result, - NT_STATUS_OK, - "LookupSids3 return value should be " - "ACCESS_DENIED"); + torture_fail(tctx, + "LookupSids3 return value should be " + "ACCESS_DENIED or RPC_PROTSEQ_NOT_SUPPORTED"); return false; } @@ -1150,11 +1134,8 @@ static bool test_LookupPrivValue(struct dcerpc_binding_handle *b, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_LookupPrivValue_r(b, tctx, &r), "LookupPrivValue failed"); - if (!NT_STATUS_IS_OK(r.out.result)) { - torture_comment(tctx, "\nLookupPrivValue failed - %s\n", - nt_errstr(r.out.result)); - return false; - } + torture_assert_ntstatus_ok(tctx, r.out.result, + "LookupPrivValue failed"); return true; } @@ -1173,11 +1154,7 @@ static bool test_LookupPrivName(struct dcerpc_binding_handle *b, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_LookupPrivName_r(b, tctx, &r), "LookupPrivName failed"); - if (!NT_STATUS_IS_OK(r.out.result)) { - torture_comment(tctx, "\nLookupPrivName failed - %s\n", - nt_errstr(r.out.result)); - return false; - } + torture_assert_ntstatus_ok(tctx, r.out.result, "LookupPrivName failed"); return true; } @@ -1258,12 +1235,8 @@ static bool test_AddPrivilegesToAccount(struct dcerpc_binding_handle *b, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_AddPrivilegesToAccount_r(b, tctx, &r), "AddPrivilegesToAccount failed"); - if (!NT_STATUS_IS_OK(r.out.result)) { - torture_comment(tctx, "AddPrivilegesToAccount failed - %s\n", - nt_errstr(r.out.result)); - return false; - } - + torture_assert_ntstatus_ok(tctx, r.out.result, + "AddPrivilegesToAccount failed"); return ret; } @@ -1283,11 +1256,8 @@ static bool test_EnumPrivsAccount(struct dcerpc_binding_handle *b, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_EnumPrivsAccount_r(b, tctx, &r), "EnumPrivsAccount failed"); - if (!NT_STATUS_IS_OK(r.out.result)) { - torture_comment(tctx, "EnumPrivsAccount failed - %s\n", - nt_errstr(r.out.result)); - return false; - } + torture_assert_ntstatus_ok(tctx, r.out.result, + "EnumPrivsAccount failed"); if (privs && privs->count > 0) { int i; @@ -1320,11 +1290,8 @@ static bool test_GetSystemAccessAccount(struct dcerpc_binding_handle *b, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_GetSystemAccessAccount_r(b, tctx, &r), "GetSystemAccessAccount failed"); - if (!NT_STATUS_IS_OK(r.out.result)) { - torture_comment(tctx, "GetSystemAccessAccount failed - %s\n", - nt_errstr(r.out.result)); - return false; - } + torture_assert_ntstatus_ok(tctx, r.out.result, + "GetSystemAccessAccount failed"); if (r.out.access_mask != NULL) { torture_comment(tctx, "Rights:"); @@ -1391,11 +1358,8 @@ static bool test_DeleteObject(struct dcerpc_binding_handle *b, r.out.handle = handle; torture_assert_ntstatus_ok(tctx, dcerpc_lsa_DeleteObject_r(b, tctx, &r), "DeleteObject failed"); - if (!NT_STATUS_IS_OK(r.out.result)) { - torture_comment(tctx, "DeleteObject failed - %s\n", - nt_errstr(r.out.result)); - return false; - } + torture_assert_ntstatus_ok(tctx, r.out.result, + "DeleteObject failed"); return true; } @@ -1429,15 +1393,11 @@ static bool test_CreateAccount(struct dcerpc_binding_handle *b, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenAccount_r(b, tctx, &r_o), "OpenAccount failed"); - if (!NT_STATUS_IS_OK(r_o.out.result)) { - torture_comment(tctx, "OpenAccount failed - %s\n", - nt_errstr(r_o.out.result)); - return false; - } - } else if (!NT_STATUS_IS_OK(r.out.result)) { - torture_comment(tctx, "CreateAccount failed - %s\n", - nt_errstr(r.out.result)); - return false; + torture_assert_ntstatus_ok(tctx, r_o.out.result, + "OpenAccount failed"); + } else { + torture_assert_ntstatus_ok(tctx, r.out.result, + "CreateAccount failed"); } if (!test_Delete(b, tctx, &acct_handle)) { @@ -1466,10 +1426,8 @@ static bool test_DeleteTrustedDomain(struct dcerpc_binding_handle *b, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenTrustedDomainByName_r(b, tctx, &r), "OpenTrustedDomainByName failed"); - if (!NT_STATUS_IS_OK(r.out.result)) { - torture_comment(tctx, "OpenTrustedDomainByName failed - %s\n", nt_errstr(r.out.result)); - return false; - } + torture_assert_ntstatus_ok(tctx, r.out.result, + "OpenTrustedDomainByName failed"); if (!test_Delete(b, tctx, &trustdom_handle)) { return false; @@ -1494,10 +1452,8 @@ static bool test_DeleteTrustedDomainBySid(struct dcerpc_binding_handle *b, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_DeleteTrustedDomain_r(b, tctx, &r), "DeleteTrustedDomain failed"); - if (!NT_STATUS_IS_OK(r.out.result)) { - torture_comment(tctx, "DeleteTrustedDomain failed - %s\n", nt_errstr(r.out.result)); - return false; - } + torture_assert_ntstatus_ok(tctx, r.out.result, + "DeleteTrustedDomain failed"); return true; } @@ -1507,7 +1463,6 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *handle) { - NTSTATUS status; struct lsa_CreateSecret r; struct lsa_OpenSecret r2; struct lsa_SetSecret r3; @@ -1552,10 +1507,8 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_CreateSecret_r(b, tctx, &r), "CreateSecret failed"); - if (!NT_STATUS_IS_OK(r.out.result)) { - torture_comment(tctx, "CreateSecret failed - %s\n", nt_errstr(r.out.result)); - return false; - } + torture_assert_ntstatus_ok(tctx, r.out.result, + "CreateSecret failed"); r.in.handle = handle; r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; @@ -1563,10 +1516,8 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_CreateSecret_r(b, tctx, &r), "CreateSecret failed"); - if (!NT_STATUS_EQUAL(r.out.result, NT_STATUS_OBJECT_NAME_COLLISION)) { - torture_comment(tctx, "CreateSecret should have failed OBJECT_NAME_COLLISION - %s\n", nt_errstr(r.out.result)); - return false; - } + torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_OBJECT_NAME_COLLISION, + "CreateSecret should have failed OBJECT_NAME_COLLISION"); r2.in.handle = handle; r2.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; @@ -1577,16 +1528,11 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenSecret_r(b, tctx, &r2), "OpenSecret failed"); - if (!NT_STATUS_IS_OK(r2.out.result)) { - torture_comment(tctx, "OpenSecret failed - %s\n", nt_errstr(r2.out.result)); - return false; - } + torture_assert_ntstatus_ok(tctx, r2.out.result, + "OpenSecret failed"); - status = dcerpc_fetch_session_key(p, &session_key); - if (!NT_STATUS_IS_OK(status)) { - torture_comment(tctx, "dcerpc_fetch_session_key failed - %s\n", nt_errstr(status)); - return false; - } + torture_assert_ntstatus_ok(tctx, dcerpc_fetch_session_key(p, &session_key), + "dcerpc_fetch_session_key failed"); enc_key = sess_encrypt_string(secret1, &session_key); @@ -1601,10 +1547,8 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, torture_assert_ntstatus_ok(tctx, dcerpc_lsa_SetSecret_r(b, tctx, &r3), "SetSecret failed"); - if (!NT_STATUS_IS_OK(r3.out.result)) { - torture_comment(tctx, "SetSecret failed - %s\n", nt_errstr(r3.out.result)); - return false; - } + torture_assert_ntstatus_ok(tctx, r3.out.result, + "SetSecret failed"); r3.in.sec_handle = &sec_handle; r3.in.new_val = &buf1; @@ -1619,11 +1563,9 @@ static bool test_CreateSecret(struct dcerpc_pipe *p, torture_comment(tctx, "Testing SetSecret with broken key\n"); torture_assert_ntstatus_ok(tctx, dcerpc_lsa_SetSecret_r(b, tctx, &r3), - "SetSecret failed"); - if (!NT_STATUS_EQUAL(r3.out.result, NT_STATUS_UNKNOWN_REVISION)) { - torture_comment(tctx, "SetSecret should have failed UNKNOWN_REVISION - %s\n", nt_errstr(r3.out.result)); - ret = false; - } + "SetSecret failed"); + torture_assert_ntstatus_equal(tctx, r3.out.result, NT_STATUS_UNKNOWN_REVISION, + "SetSecret should have failed UNKNOWN_REVISION"); data_blob_free(&enc_key); |