summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rw-r--r--source4/torture/rpc/lsa.c162
1 files changed, 52 insertions, 110 deletions
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index 27b307f2f3..4e0bfd8c4f 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -530,11 +530,7 @@ static bool test_LookupNames2(struct dcerpc_binding_handle *b,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_LookupNames2_r(b, tctx, &r),
"LookupNames2 failed");
- if (!NT_STATUS_IS_OK(r.out.result)) {
- torture_comment(tctx, "LookupNames2 failed - %s\n",
- nt_errstr(r.out.result));
- return false;
- }
+ torture_assert_ntstatus_ok(tctx, r.out.result, "LookupNames2 failed");
if (check_result) {
torture_assert_int_equal(tctx, count, sids.count,
@@ -594,11 +590,8 @@ static bool test_LookupNames3(struct dcerpc_binding_handle *b,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_LookupNames3_r(b, tctx, &r),
"LookupNames3 failed");
- if (!NT_STATUS_IS_OK(r.out.result)) {
- torture_comment(tctx, "LookupNames3 failed - %s\n",
- nt_errstr(r.out.result));
- return false;
- }
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "LookupNames3 failed");
if (check_result) {
torture_assert_int_equal(tctx, count, sids.count,
@@ -665,13 +658,10 @@ static bool test_LookupNames4(struct dcerpc_binding_handle *b,
return true;
}
-
- torture_assert_ntstatus_ok(tctx,
- r.out.result,
- "LookupNames4 failed");
-
- return false;
}
+ torture_assert_ntstatus_ok(tctx,
+ r.out.result,
+ "LookupNames4 failed");
if (check_result) {
torture_assert_int_equal(tctx, count, sids.count,
@@ -743,11 +733,9 @@ static bool test_LookupNames4_fail(struct dcerpc_binding_handle *b,
}
}
- torture_assert_ntstatus_equal(tctx,
- r.out.result,
- NT_STATUS_OK,
- "LookupNames4 return value should be "
- "ACCESS_DENIED");
+ torture_fail(tctx,
+ "LookupNames4 return value should be "
+ "ACCESS_DENIED or RPC_PROTSEQ_NOT_SUPPORTED");
return false;
}
@@ -939,22 +927,18 @@ static bool test_LookupSids3_fail(struct dcerpc_binding_handle *b,
return true;
}
- if (!NT_STATUS_IS_OK(r.out.result)) {
- if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_ACCESS_DENIED) ||
- NT_STATUS_EQUAL(r.out.result, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) {
- torture_comment(tctx,
- "LookupNames4 correctly returned with "
- "result: %s\n",
- nt_errstr(r.out.result));
- return true;
- }
+ if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_ACCESS_DENIED) ||
+ NT_STATUS_EQUAL(r.out.result, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) {
+ torture_comment(tctx,
+ "LookupNames4 correctly returned with "
+ "result: %s\n",
+ nt_errstr(r.out.result));
+ return true;
}
- torture_assert_ntstatus_equal(tctx,
- r.out.result,
- NT_STATUS_OK,
- "LookupSids3 return value should be "
- "ACCESS_DENIED");
+ torture_fail(tctx,
+ "LookupSids3 return value should be "
+ "ACCESS_DENIED or RPC_PROTSEQ_NOT_SUPPORTED");
return false;
}
@@ -1150,11 +1134,8 @@ static bool test_LookupPrivValue(struct dcerpc_binding_handle *b,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_LookupPrivValue_r(b, tctx, &r),
"LookupPrivValue failed");
- if (!NT_STATUS_IS_OK(r.out.result)) {
- torture_comment(tctx, "\nLookupPrivValue failed - %s\n",
- nt_errstr(r.out.result));
- return false;
- }
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "LookupPrivValue failed");
return true;
}
@@ -1173,11 +1154,7 @@ static bool test_LookupPrivName(struct dcerpc_binding_handle *b,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_LookupPrivName_r(b, tctx, &r),
"LookupPrivName failed");
- if (!NT_STATUS_IS_OK(r.out.result)) {
- torture_comment(tctx, "\nLookupPrivName failed - %s\n",
- nt_errstr(r.out.result));
- return false;
- }
+ torture_assert_ntstatus_ok(tctx, r.out.result, "LookupPrivName failed");
return true;
}
@@ -1258,12 +1235,8 @@ static bool test_AddPrivilegesToAccount(struct dcerpc_binding_handle *b,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_AddPrivilegesToAccount_r(b, tctx, &r),
"AddPrivilegesToAccount failed");
- if (!NT_STATUS_IS_OK(r.out.result)) {
- torture_comment(tctx, "AddPrivilegesToAccount failed - %s\n",
- nt_errstr(r.out.result));
- return false;
- }
-
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "AddPrivilegesToAccount failed");
return ret;
}
@@ -1283,11 +1256,8 @@ static bool test_EnumPrivsAccount(struct dcerpc_binding_handle *b,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_EnumPrivsAccount_r(b, tctx, &r),
"EnumPrivsAccount failed");
- if (!NT_STATUS_IS_OK(r.out.result)) {
- torture_comment(tctx, "EnumPrivsAccount failed - %s\n",
- nt_errstr(r.out.result));
- return false;
- }
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "EnumPrivsAccount failed");
if (privs && privs->count > 0) {
int i;
@@ -1320,11 +1290,8 @@ static bool test_GetSystemAccessAccount(struct dcerpc_binding_handle *b,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_GetSystemAccessAccount_r(b, tctx, &r),
"GetSystemAccessAccount failed");
- if (!NT_STATUS_IS_OK(r.out.result)) {
- torture_comment(tctx, "GetSystemAccessAccount failed - %s\n",
- nt_errstr(r.out.result));
- return false;
- }
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "GetSystemAccessAccount failed");
if (r.out.access_mask != NULL) {
torture_comment(tctx, "Rights:");
@@ -1391,11 +1358,8 @@ static bool test_DeleteObject(struct dcerpc_binding_handle *b,
r.out.handle = handle;
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_DeleteObject_r(b, tctx, &r),
"DeleteObject failed");
- if (!NT_STATUS_IS_OK(r.out.result)) {
- torture_comment(tctx, "DeleteObject failed - %s\n",
- nt_errstr(r.out.result));
- return false;
- }
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "DeleteObject failed");
return true;
}
@@ -1429,15 +1393,11 @@ static bool test_CreateAccount(struct dcerpc_binding_handle *b,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenAccount_r(b, tctx, &r_o),
"OpenAccount failed");
- if (!NT_STATUS_IS_OK(r_o.out.result)) {
- torture_comment(tctx, "OpenAccount failed - %s\n",
- nt_errstr(r_o.out.result));
- return false;
- }
- } else if (!NT_STATUS_IS_OK(r.out.result)) {
- torture_comment(tctx, "CreateAccount failed - %s\n",
- nt_errstr(r.out.result));
- return false;
+ torture_assert_ntstatus_ok(tctx, r_o.out.result,
+ "OpenAccount failed");
+ } else {
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "CreateAccount failed");
}
if (!test_Delete(b, tctx, &acct_handle)) {
@@ -1466,10 +1426,8 @@ static bool test_DeleteTrustedDomain(struct dcerpc_binding_handle *b,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenTrustedDomainByName_r(b, tctx, &r),
"OpenTrustedDomainByName failed");
- if (!NT_STATUS_IS_OK(r.out.result)) {
- torture_comment(tctx, "OpenTrustedDomainByName failed - %s\n", nt_errstr(r.out.result));
- return false;
- }
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "OpenTrustedDomainByName failed");
if (!test_Delete(b, tctx, &trustdom_handle)) {
return false;
@@ -1494,10 +1452,8 @@ static bool test_DeleteTrustedDomainBySid(struct dcerpc_binding_handle *b,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_DeleteTrustedDomain_r(b, tctx, &r),
"DeleteTrustedDomain failed");
- if (!NT_STATUS_IS_OK(r.out.result)) {
- torture_comment(tctx, "DeleteTrustedDomain failed - %s\n", nt_errstr(r.out.result));
- return false;
- }
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "DeleteTrustedDomain failed");
return true;
}
@@ -1507,7 +1463,6 @@ static bool test_CreateSecret(struct dcerpc_pipe *p,
struct torture_context *tctx,
struct policy_handle *handle)
{
- NTSTATUS status;
struct lsa_CreateSecret r;
struct lsa_OpenSecret r2;
struct lsa_SetSecret r3;
@@ -1552,10 +1507,8 @@ static bool test_CreateSecret(struct dcerpc_pipe *p,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_CreateSecret_r(b, tctx, &r),
"CreateSecret failed");
- if (!NT_STATUS_IS_OK(r.out.result)) {
- torture_comment(tctx, "CreateSecret failed - %s\n", nt_errstr(r.out.result));
- return false;
- }
+ torture_assert_ntstatus_ok(tctx, r.out.result,
+ "CreateSecret failed");
r.in.handle = handle;
r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
@@ -1563,10 +1516,8 @@ static bool test_CreateSecret(struct dcerpc_pipe *p,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_CreateSecret_r(b, tctx, &r),
"CreateSecret failed");
- if (!NT_STATUS_EQUAL(r.out.result, NT_STATUS_OBJECT_NAME_COLLISION)) {
- torture_comment(tctx, "CreateSecret should have failed OBJECT_NAME_COLLISION - %s\n", nt_errstr(r.out.result));
- return false;
- }
+ torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_OBJECT_NAME_COLLISION,
+ "CreateSecret should have failed OBJECT_NAME_COLLISION");
r2.in.handle = handle;
r2.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
@@ -1577,16 +1528,11 @@ static bool test_CreateSecret(struct dcerpc_pipe *p,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenSecret_r(b, tctx, &r2),
"OpenSecret failed");
- if (!NT_STATUS_IS_OK(r2.out.result)) {
- torture_comment(tctx, "OpenSecret failed - %s\n", nt_errstr(r2.out.result));
- return false;
- }
+ torture_assert_ntstatus_ok(tctx, r2.out.result,
+ "OpenSecret failed");
- status = dcerpc_fetch_session_key(p, &session_key);
- if (!NT_STATUS_IS_OK(status)) {
- torture_comment(tctx, "dcerpc_fetch_session_key failed - %s\n", nt_errstr(status));
- return false;
- }
+ torture_assert_ntstatus_ok(tctx, dcerpc_fetch_session_key(p, &session_key),
+ "dcerpc_fetch_session_key failed");
enc_key = sess_encrypt_string(secret1, &session_key);
@@ -1601,10 +1547,8 @@ static bool test_CreateSecret(struct dcerpc_pipe *p,
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_SetSecret_r(b, tctx, &r3),
"SetSecret failed");
- if (!NT_STATUS_IS_OK(r3.out.result)) {
- torture_comment(tctx, "SetSecret failed - %s\n", nt_errstr(r3.out.result));
- return false;
- }
+ torture_assert_ntstatus_ok(tctx, r3.out.result,
+ "SetSecret failed");
r3.in.sec_handle = &sec_handle;
r3.in.new_val = &buf1;
@@ -1619,11 +1563,9 @@ static bool test_CreateSecret(struct dcerpc_pipe *p,
torture_comment(tctx, "Testing SetSecret with broken key\n");
torture_assert_ntstatus_ok(tctx, dcerpc_lsa_SetSecret_r(b, tctx, &r3),
- "SetSecret failed");
- if (!NT_STATUS_EQUAL(r3.out.result, NT_STATUS_UNKNOWN_REVISION)) {
- torture_comment(tctx, "SetSecret should have failed UNKNOWN_REVISION - %s\n", nt_errstr(r3.out.result));
- ret = false;
- }
+ "SetSecret failed");
+ torture_assert_ntstatus_equal(tctx, r3.out.result, NT_STATUS_UNKNOWN_REVISION,
+ "SetSecret should have failed UNKNOWN_REVISION");
data_blob_free(&enc_key);