summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rw-r--r--source4/torture/rpc/drsuapi.c51
-rw-r--r--source4/torture/rpc/drsuapi.h1
-rw-r--r--source4/torture/rpc/drsuapi_cracknames.c36
3 files changed, 74 insertions, 14 deletions
diff --git a/source4/torture/rpc/drsuapi.c b/source4/torture/rpc/drsuapi.c
index ffef717489..bcfb12de75 100644
--- a/source4/torture/rpc/drsuapi.c
+++ b/source4/torture/rpc/drsuapi.c
@@ -27,6 +27,8 @@
#include "librpc/gen_ndr/ndr_drsuapi_c.h"
#include "torture/rpc/rpc.h"
+#define TEST_MACHINE_NAME "torturetest"
+
BOOL test_DsBind(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct DsPrivate *priv)
{
@@ -65,6 +67,11 @@ static BOOL test_DsGetDCInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct drsuapi_DsGetDomainControllerInfo r;
BOOL ret = True;
+ if (lp_parm_bool(-1, "torture", "samba4", False)) {
+ printf("skipping DsGetDCInfo test against Samba4\n");
+ return True;
+ }
+
r.in.bind_handle = &priv->bind_handle;
r.in.level = 1;
@@ -189,7 +196,7 @@ static BOOL test_DsGetDCInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
}
static BOOL test_DsWriteAccountSpn(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
- struct DsPrivate *priv)
+ struct DsPrivate *priv)
{
NTSTATUS status;
struct drsuapi_DsWriteAccountSpn r;
@@ -316,6 +323,11 @@ static BOOL test_DsReplicaGetInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
}
};
+ if (lp_parm_bool(-1, "torture", "samba4", False)) {
+ printf("skipping DsGetDCInfo test against Samba4\n");
+ return True;
+ }
+
r.in.bind_handle = &priv->bind_handle;
for (i=0; i < ARRAY_SIZE(array); i++) {
@@ -389,6 +401,11 @@ static BOOL test_DsReplicaSync(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return True;
}
+ if (lp_parm_bool(-1, "torture", "samba4", False)) {
+ printf("skipping DsReplicaSync test against Samba4\n");
+ return True;
+ }
+
ZERO_STRUCT(null_guid);
ZERO_STRUCT(null_sid);
@@ -447,6 +464,11 @@ static BOOL test_DsReplicaUpdateRefs(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
}
};
+ if (lp_parm_bool(-1, "torture", "samba4", False)) {
+ printf("skipping DsReplicaUpdateRefs test against Samba4\n");
+ return True;
+ }
+
ZERO_STRUCT(null_guid);
ZERO_STRUCT(null_sid);
@@ -509,6 +531,11 @@ static BOOL test_DsGetNCChanges(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
}
};
+ if (lp_parm_bool(-1, "torture", "samba4", False)) {
+ printf("skipping DsGetNCChanges test against Samba4\n");
+ return True;
+ }
+
ZERO_STRUCT(null_guid);
ZERO_STRUCT(null_sid);
@@ -630,26 +657,36 @@ BOOL torture_rpc_drsuapi(struct torture_context *torture)
TALLOC_CTX *mem_ctx;
BOOL ret = True;
struct DsPrivate priv;
+ struct cli_credentials *machine_credentials;
mem_ctx = talloc_init("torture_rpc_drsuapi");
+ printf("Connected to DRAUAPI pipe\n");
+
+ ZERO_STRUCT(priv);
+
+ priv.join = torture_join_domain(TEST_MACHINE_NAME, ACB_SVRTRUST,
+ &machine_credentials);
+ if (!priv.join) {
+ talloc_free(mem_ctx);
+ printf("Failed to join as BDC\n");
+ return False;
+ }
+
status = torture_rpc_connection(mem_ctx,
&p,
&dcerpc_table_drsuapi);
if (!NT_STATUS_IS_OK(status)) {
+ torture_leave_domain(priv.join);
talloc_free(mem_ctx);
return False;
}
- printf("Connected to DRAUAPI pipe\n");
-
- ZERO_STRUCT(priv);
-
ret &= test_DsBind(p, mem_ctx, &priv);
ret &= test_DsGetDCInfo(p, mem_ctx, &priv);
- ret &= test_DsCrackNames(p, mem_ctx, &priv, priv.dcinfo.netbios_name);
+ ret &= test_DsCrackNames(p, mem_ctx, &priv, TEST_MACHINE_NAME);
ret &= test_DsWriteAccountSpn(p, mem_ctx, &priv);
@@ -665,6 +702,8 @@ BOOL torture_rpc_drsuapi(struct torture_context *torture)
talloc_free(mem_ctx);
+ torture_leave_domain(priv.join);
+
return ret;
}
diff --git a/source4/torture/rpc/drsuapi.h b/source4/torture/rpc/drsuapi.h
index 4914d0a272..e9d625674f 100644
--- a/source4/torture/rpc/drsuapi.h
+++ b/source4/torture/rpc/drsuapi.h
@@ -32,5 +32,6 @@ struct DsPrivate {
const char *domain_dns_name;
struct GUID domain_guid;
struct drsuapi_DsGetDCInfo2 dcinfo;
+ struct test_join *join;
};
diff --git a/source4/torture/rpc/drsuapi_cracknames.c b/source4/torture/rpc/drsuapi_cracknames.c
index c38045621a..e6ff33d58d 100644
--- a/source4/torture/rpc/drsuapi_cracknames.c
+++ b/source4/torture/rpc/drsuapi_cracknames.c
@@ -27,6 +27,7 @@
#include "librpc/gen_ndr/ndr_drsuapi_c.h"
#include "torture/rpc/rpc.h"
#include "ldb/include/ldb.h"
+#include "libcli/security/security.h"
static BOOL test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct DsPrivate *priv, const char *dn,
@@ -220,6 +221,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
const char *service_principal_name;
const char *canonical_name;
const char *canonical_ex_name;
+ const char *dc_sid;
ZERO_STRUCT(r);
r.in.bind_handle = &priv->bind_handle;
@@ -230,9 +232,12 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
r.in.req.req1.names = names;
r.in.req.req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
- r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_CANONICAL;
+ r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY;
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
- names[0].str = talloc_asprintf(mem_ctx, "%s/", lp_realm());
+
+ dc_sid = dom_sid_string(mem_ctx, torture_join_sid(priv->join));
+
+ names[0].str = dc_sid;
printf("testing DsCrackNames with name '%s' desired format:%d\n",
names[0].str, r.in.req.req1.format_desired);
@@ -319,20 +324,20 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
realm_canonical = ldb_dn_canonical_string(mem_ctx, realm_dn);
if (strcmp(realm_canonical,
- talloc_asprintf(mem_ctx, "%s/", lp_realm()))!= 0) {
+ talloc_asprintf(mem_ctx, "%s/", dns_domain))!= 0) {
printf("local Round trip on canonical name failed: %s != %s!\n",
realm_canonical,
- talloc_asprintf(mem_ctx, "%s/", lp_realm()));
+ talloc_asprintf(mem_ctx, "%s/", dns_domain));
return False;
};
realm_canonical_ex = ldb_dn_canonical_ex_string(mem_ctx, realm_dn);
if (strcmp(realm_canonical_ex,
- talloc_asprintf(mem_ctx, "%s\n", lp_realm()))!= 0) {
+ talloc_asprintf(mem_ctx, "%s\n", dns_domain))!= 0) {
printf("local Round trip on canonical ex name failed: %s != %s!\n",
realm_canonical,
- talloc_asprintf(mem_ctx, "%s\n", lp_realm()));
+ talloc_asprintf(mem_ctx, "%s\n", dns_domain));
return False;
};
@@ -560,7 +565,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
.format_offered = DRSUAPI_DS_NAME_FORMAT_DISPLAY,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
.str = test_dc,
- .comment = "DISPAY NAME search for DC short name",
+ .comment = "DISLPAY NAME search for DC short name",
.status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
},
{
@@ -693,7 +698,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
.comment = "Realm as an NT4 domain lookup",
- .str = talloc_asprintf(mem_ctx, "%s\\", lp_realm()),
+ .str = talloc_asprintf(mem_ctx, "%s\\", dns_domain),
.status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
},
{
@@ -716,6 +721,21 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
.status = DRSUAPI_DS_NAME_STATUS_OK
},
{
+ .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
+ .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
+ .comment = "DC SID -> DN",
+ .str = dc_sid,
+ .expected_str = FQDN_1779_name,
+ .status = DRSUAPI_DS_NAME_STATUS_OK
+ },
+ {
+ .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
+ .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
+ .comment = "DC SID -> NT4 account",
+ .str = dc_sid,
+ .status = DRSUAPI_DS_NAME_STATUS_OK
+ },
+ {
.format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
.str = "foo@bar",