4 files changed, 89 insertions, 27 deletions

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 053f78e99b..2930a9b1f9 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -23,6 +23,7 @@
 #include "includes.h"
 #include "lib/cmdline/popt_common.h"
 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
+#include "librpc/gen_ndr/ndr_drsblobs.h"
 #include "libcli/cldap/cldap.h"
 #include "libcli/ldap/ldap_client.h"
 #include "torture/torture.h"
@@ -104,7 +105,7 @@ static struct DsSyncTest *test_create_context(struct torture_context *tctx)
 	our_bind_info28->supported_extensions	= 0xFFFFFFFF;
 	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
 	our_bind_info28->site_guid		= GUID_zero();
-	our_bind_info28->u1			= 0;
+	our_bind_info28->pid			= 0;
 	our_bind_info28->repl_epoch		= 1;
 
 	our_bind_info_ctr			= &ctx->admin.drsuapi.our_bind_info_ctr;
@@ -153,7 +154,7 @@ static struct DsSyncTest *test_create_context(struct torture_context *tctx)
 		our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
 	}
 	our_bind_info28->site_guid		= GUID_zero();
-	our_bind_info28->u1			= 508;
+	our_bind_info28->pid			= 0;
 	our_bind_info28->repl_epoch		= 0;
 
 	our_bind_info_ctr			= &ctx->new_dc.drsuapi.our_bind_info_ctr;
@@ -210,13 +211,25 @@ static bool _test_DsBind(struct torture_context *tctx,
 			info24 = &b->req.out.bind_info->info.info24;
 			b->peer_bind_info28.supported_extensions= info24->supported_extensions;
 			b->peer_bind_info28.site_guid		= info24->site_guid;
-			b->peer_bind_info28.u1			= info24->u1;
+			b->peer_bind_info28.pid			= info24->pid;
 			b->peer_bind_info28.repl_epoch		= 0;
 			break;
 		}
+		case 48: {
+			struct drsuapi_DsBindInfo48 *info48;
+			info48 = &b->req.out.bind_info->info.info48;
+			b->peer_bind_info28.supported_extensions= info48->supported_extensions;
+			b->peer_bind_info28.site_guid		= info48->site_guid;
+			b->peer_bind_info28.pid			= info48->pid;
+			b->peer_bind_info28.repl_epoch		= info48->repl_epoch;
+			break;
+		}
 		case 28:
 			b->peer_bind_info28 = b->req.out.bind_info->info.info28;
 			break;
+		default:
+			printf("DsBind - warning: unknown BindInfo length: %u\n",
+			       b->req.out.bind_info->length);
 		}
 	}
 
@@ -514,6 +527,8 @@ static void test_analyse_objects(struct torture_context *tctx,
 			DEBUGADD(0,("ATTR: %s enc.length=%lu plain.length=%lu\n",
 				    name, (long)enc_data->length, (long)plain_data.length));
 			if (plain_data.length) {
+				enum ndr_err_code ndr_err;
+				struct supplementalCredentialsBlob scb;
 				dump_data(0, plain_data.data, plain_data.length);
 				if (save_values_dir) {
 					char *fname;
@@ -529,6 +544,13 @@ static void test_analyse_objects(struct torture_context *tctx,
 					}
 					talloc_free(fname);
 				}
+
+				ndr_err = ndr_pull_struct_blob_all(&plain_data, tctx,
+					   lp_iconv_convenience(tctx->lp_ctx), &scb,
+					   (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob);
+				if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+					NDR_PRINT_DEBUG(supplementalCredentialsBlob, &scb);
+				}
 			} else {
 				dump_data(0, enc_data->data, enc_data->length);
 			}
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index a4e702f759..e6102f0a82 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -1822,6 +1822,19 @@ static bool test_EnumTrustDom(struct dcerpc_pipe *p,
 
 	printf("\nTesting EnumTrustDom\n");
 
+	r.in.handle = handle;
+	r.in.resume_handle = &resume_handle;
+	r.in.max_size = 0;
+	r.out.domains = &domains;
+	r.out.resume_handle = &resume_handle;
+	
+	enum_status = dcerpc_lsa_EnumTrustDom(p, mem_ctx, &r);
+	
+	if (!(NT_STATUS_EQUAL(enum_status, STATUS_MORE_ENTRIES) || NT_STATUS_EQUAL(enum_status, NT_STATUS_NO_MORE_ENTRIES))) {
+		printf("EnumTrustDom of zero size failed - %s\n", nt_errstr(enum_status));
+		return false;
+	}
+		
 	do {
 		r.in.handle = handle;
 		r.in.resume_handle = &resume_handle;
@@ -1848,12 +1861,30 @@ static bool test_EnumTrustDom(struct dcerpc_pipe *p,
 			return false;
 		}
 		
+		if (domains.count == 0) {
+			printf("EnumTrustDom failed - should have returned 'NT_STATUS_NO_MORE_ENTRIES' for 0 trusted domains\n");
+			return false;
+		}
+
 		ret &= test_query_each_TrustDom(p, mem_ctx, handle, &domains);
 		
 	} while ((NT_STATUS_EQUAL(enum_status, STATUS_MORE_ENTRIES)));
 
 	printf("\nTesting EnumTrustedDomainsEx\n");
 
+	r_ex.in.handle = handle;
+	r_ex.in.resume_handle = &resume_handle;
+	r_ex.in.max_size = LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER * 3;
+	r_ex.out.domains = &domains_ex;
+	r_ex.out.resume_handle = &resume_handle;
+	
+	enum_status = dcerpc_lsa_EnumTrustedDomainsEx(p, mem_ctx, &r_ex);
+	
+	if (!(NT_STATUS_EQUAL(enum_status, STATUS_MORE_ENTRIES) || NT_STATUS_EQUAL(enum_status, NT_STATUS_NO_MORE_ENTRIES))) {
+		printf("EnumTrustedDomainEx of zero size failed - %s\n", nt_errstr(enum_status));
+		return false;
+	}
+		
 	resume_handle = 0;
 	do {
 		r_ex.in.handle = handle;
@@ -1884,6 +1915,11 @@ static bool test_EnumTrustDom(struct dcerpc_pipe *p,
 			return false;
 		}
 
+		if (domains_ex.count == 0) {
+			printf("EnumTrustDomainEx failed - should have returned 'NT_STATUS_NO_MORE_ENTRIES' for 0 trusted domains\n");
+			return false;
+		}
+
 		ret &= test_query_each_TrustDomEx(p, mem_ctx, handle, &domains_ex);
 		
 	} while ((NT_STATUS_EQUAL(enum_status, STATUS_MORE_ENTRIES)));
@@ -1906,6 +1942,10 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p,
 
 	printf("Testing CreateTrustedDomain for 12 domains\n");
 
+	if (!test_EnumTrustDom(p, mem_ctx, handle)) {
+		ret = false;
+	}
+	
 	for (i=0; i< 12; i++) {
 		char *trust_name = talloc_asprintf(mem_ctx, "torturedom%02d", i);
 		char *trust_sid = talloc_asprintf(mem_ctx, "S-1-5-21-97398-379795-100%02d", i);
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index 55c75ba270..6afda6e9b5 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -3595,17 +3595,17 @@ static bool test_QueryDisplayInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		switch (r.in.level) {
 		case 1:
 		case 4:
-			if (dom_info.out.info->info2.num_users < r.in.start_idx) {
+			if (dom_info.out.info->general.num_users < r.in.start_idx) {
 				printf("QueryDomainInfo indicates that QueryDisplayInfo returned more users (%d/%d) than the domain %s is said to contain!\n",
-				       r.in.start_idx, dom_info.out.info->info2.num_groups,
-				       dom_info.out.info->info2.domain_name.string);
+				       r.in.start_idx, dom_info.out.info->general.num_groups,
+				       dom_info.out.info->general.domain_name.string);
 				ret = false;
 			}
 			if (!seen_testuser) {
 				struct policy_handle user_handle;
 				if (NT_STATUS_IS_OK(test_OpenUser_byname(p, mem_ctx, handle, TEST_ACCOUNT_NAME, &user_handle))) {
 					printf("Didn't find test user " TEST_ACCOUNT_NAME " in enumeration of %s\n", 
-					       dom_info.out.info->info2.domain_name.string);
+					       dom_info.out.info->general.domain_name.string);
 					ret = false;
 					test_samr_handle_Close(p, mem_ctx, &user_handle);
 				}
@@ -3613,10 +3613,10 @@ static bool test_QueryDisplayInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 			break;
 		case 3:
 		case 5:
-			if (dom_info.out.info->info2.num_groups != r.in.start_idx) {
+			if (dom_info.out.info->general.num_groups != r.in.start_idx) {
 				printf("QueryDomainInfo indicates that QueryDisplayInfo didn't return all (%d/%d) the groups in %s\n",
-				       r.in.start_idx, dom_info.out.info->info2.num_groups,
-				       dom_info.out.info->info2.domain_name.string);
+				       r.in.start_idx, dom_info.out.info->general.num_groups,
+				       dom_info.out.info->general.domain_name.string);
 				ret = false;
 			}
 			
@@ -3745,7 +3745,7 @@ static bool test_QueryDomainInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 	s.in.level = 4;
 	s.in.info = talloc(mem_ctx, union samr_DomainInfo);
 	
-	s.in.info->info4.comment.string = domain_comment;
+	s.in.info->oem.oem_information.string = domain_comment;
 	status = dcerpc_samr_SetDomainInfo(p, mem_ctx, &s);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("SetDomainInfo level %u (set comment) failed - %s\n", 
@@ -3769,26 +3769,26 @@ static bool test_QueryDomainInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 
 		switch (levels[i]) {
 		case 2:
-			if (strcmp(r.out.info->info2.comment.string, domain_comment) != 0) {
-				printf("QueryDomainInfo level %u returned different comment (%s, expected %s)\n",
-				       levels[i], r.out.info->info2.comment.string, domain_comment);
+			if (strcmp(r.out.info->general.oem_information.string, domain_comment) != 0) {
+				printf("QueryDomainInfo level %u returned different oem_information (comment) (%s, expected %s)\n",
+				       levels[i], r.out.info->general.oem_information.string, domain_comment);
 				ret = false;
 			}
-			if (!r.out.info->info2.primary.string) {
+			if (!r.out.info->general.primary.string) {
 				printf("QueryDomainInfo level %u returned no PDC name\n",
 				       levels[i]);
 				ret = false;
-			} else if (r.out.info->info2.role == SAMR_ROLE_DOMAIN_PDC) {
-				if (dcerpc_server_name(p) && strcasecmp_m(dcerpc_server_name(p), r.out.info->info2.primary.string) != 0) {
+			} else if (r.out.info->general.role == SAMR_ROLE_DOMAIN_PDC) {
+				if (dcerpc_server_name(p) && strcasecmp_m(dcerpc_server_name(p), r.out.info->general.primary.string) != 0) {
 					printf("QueryDomainInfo level %u returned different PDC name (%s) compared to server name (%s), despite claiming to be the PDC\n",
-					       levels[i], r.out.info->info2.primary.string, dcerpc_server_name(p));
+					       levels[i], r.out.info->general.primary.string, dcerpc_server_name(p));
 				}
 			}
 			break;
 		case 4:
-			if (strcmp(r.out.info->info4.comment.string, domain_comment) != 0) {
-				printf("QueryDomainInfo level %u returned different comment (%s, expected %s)\n",
-				       levels[i], r.out.info->info4.comment.string, domain_comment);
+			if (strcmp(r.out.info->oem.oem_information.string, domain_comment) != 0) {
+				printf("QueryDomainInfo level %u returned different oem_information (comment) (%s, expected %s)\n",
+				       levels[i], r.out.info->oem.oem_information.string, domain_comment);
 				ret = false;
 			}
 			break;
@@ -3800,9 +3800,9 @@ static bool test_QueryDomainInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 			}
 			break;
 		case 11:
-			if (strcmp(r.out.info->info11.info2.comment.string, domain_comment) != 0) {
+			if (strcmp(r.out.info->general2.general.oem_information.string, domain_comment) != 0) {
 				printf("QueryDomainInfo level %u returned different comment (%s, expected %s)\n",
-				       levels[i], r.out.info->info11.info2.comment.string, domain_comment);
+				       levels[i], r.out.info->general2.general.oem_information.string, domain_comment);
 				ret = false;
 			}
 			break;
diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index 7114756460..1e76de1dd2 100644
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -346,9 +346,9 @@ static bool samsync_handle_domain(TALLOC_CTX *mem_ctx, struct samsync_state *sam
 
 	TEST_STRING_EQUAL(q[5].out.info->info5.domain_name, domain->domain_name);
 	
-	TEST_STRING_EQUAL(q[2].out.info->info2.comment, domain->comment);
-	TEST_STRING_EQUAL(q[4].out.info->info4.comment, domain->comment);
-	TEST_TIME_EQUAL(q[2].out.info->info2.force_logoff_time, domain->force_logoff_time);
+	TEST_STRING_EQUAL(q[2].out.info->general.oem_information, domain->oem_information);
+	TEST_STRING_EQUAL(q[4].out.info->oem.oem_information, domain->oem_information);
+	TEST_TIME_EQUAL(q[2].out.info->general.force_logoff_time, domain->force_logoff_time);
 	TEST_TIME_EQUAL(q[3].out.info->info3.force_logoff_time, domain->force_logoff_time);
 
 	TEST_TIME_EQUAL(q[1].out.info->info1.min_password_length, domain->min_password_length);
@@ -1487,7 +1487,7 @@ bool torture_rpc_samsync(struct torture_context *torture)
 	s.in.level = 4;
 	s.in.info = talloc(mem_ctx, union samr_DomainInfo);
 	
-	s.in.info->info4.comment.string
+	s.in.info->oem.oem_information.string
 		= talloc_asprintf(mem_ctx, 
 				  "Tortured by Samba4: %s", 
 				  timestring(mem_ctx, time(NULL)));