From 53107aed4a45f28aa1a159019ff4c3b45fbc8f02 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vlendec@samba.org>
Date: Sat, 27 May 2006 21:39:56 +0000
Subject: r15912: Run an rpc request with an invalid uid and make sure
 NT_STATUS_INVALID_HANDLE is returned.

Volker
(This used to be commit 0ef6ecda1dd009174c2c684a1dd3adabf4772daf)
---
 source4/torture/rpc/bind.c | 127 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 127 insertions(+)

(limited to 'source4/torture/rpc/bind.c')

diff --git a/source4/torture/rpc/bind.c b/source4/torture/rpc/bind.c
index 17580737f8..4c0ceb29c4 100644
--- a/source4/torture/rpc/bind.c
+++ b/source4/torture/rpc/bind.c
@@ -24,9 +24,13 @@
 #include "includes.h"
 #include "torture/torture.h"
 #include "librpc/gen_ndr/ndr_lsa.h"
+#include "librpc/gen_ndr/ndr_lsa_c.h"
 #include "lib/cmdline/popt_common.h"
 #include "librpc/rpc/dcerpc.h"
 #include "torture/rpc/rpc.h"
+#include "libcli/libcli.h"
+#include "libcli/composite/composite.h"
+#include "libcli/smb_composite/smb_composite.h"
 
 /*
   This test is 'bogus' in that it doesn't actually perform to the
@@ -78,3 +82,126 @@ BOOL torture_multi_bind(struct torture_context *torture)
 
 	return ret;
 }
+
+BOOL torture_bind_authcontext(struct torture_context *torture) 
+{
+	TALLOC_CTX *mem_ctx;
+	NTSTATUS status;
+	BOOL ret = False;
+	struct lsa_ObjectAttribute objectattr;
+	struct lsa_OpenPolicy2 openpolicy;
+	struct policy_handle handle;
+	struct lsa_Close close;
+	struct smbcli_session *tmp;
+	struct smbcli_session *session2;
+	struct smbcli_state *cli;
+	struct dcerpc_pipe *lsa_pipe;
+	struct cli_credentials *anon_creds;
+	struct smb_composite_sesssetup setup;
+
+	mem_ctx = talloc_init("torture_bind_auth");
+
+	if (mem_ctx == NULL) {
+		d_printf("talloc_init failed\n");
+		return False;
+	}
+
+	status = smbcli_full_connection(mem_ctx, &cli,
+					lp_parm_string(-1, "torture", "host"),
+					"IPC$", NULL, cmdline_credentials,
+					NULL);
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("smbcli_full_connection failed: %s\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	lsa_pipe = dcerpc_pipe_init(mem_ctx, cli->transport->socket->event.ctx);
+	if (lsa_pipe == NULL) {
+		d_printf("dcerpc_pipe_init failed\n");
+		goto done;
+	}
+
+	status = dcerpc_pipe_open_smb(lsa_pipe->conn, cli->tree, "\\lsarpc");
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("dcerpc_pipe_open_smb failed: %s\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	status = dcerpc_bind_auth_none(lsa_pipe, &dcerpc_table_lsarpc);
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("dcerpc_bind_auth_none failed: %s\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	openpolicy.in.system_name =talloc_asprintf(
+		mem_ctx, "\\\\%s", dcerpc_server_name(lsa_pipe));
+	ZERO_STRUCT(objectattr);
+	openpolicy.in.attr = &objectattr;
+	openpolicy.in.access_mask = SEC_GENERIC_WRITE;
+	openpolicy.out.handle = &handle;
+
+	status = dcerpc_lsa_OpenPolicy2(lsa_pipe, mem_ctx, &openpolicy);
+
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("dcerpc_lsa_OpenPolicy2 failed: %s\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	close.in.handle = &handle;
+	close.out.handle = &handle;
+
+	status = dcerpc_lsa_Close(lsa_pipe, mem_ctx, &close);
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("dcerpc_lsa_Close failed: %s\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	session2 = smbcli_session_init(cli->transport, mem_ctx, False);
+	if (session2 == NULL) {
+		d_printf("smbcli_session_init failed\n");
+		goto done;
+	}
+
+	anon_creds = cli_credentials_init(mem_ctx);
+	if (anon_creds == NULL) {
+		d_printf("cli_credentials_init failed\n");
+		goto done;
+	}
+
+	cli_credentials_set_conf(anon_creds);
+	cli_credentials_set_anonymous(anon_creds);
+
+	setup.in.sesskey = cli->transport->negotiate.sesskey;
+	setup.in.capabilities = cli->transport->negotiate.capabilities;
+	setup.in.workgroup = "";
+	setup.in.credentials = anon_creds;
+
+	status = smb_composite_sesssetup(session2, &setup);
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("anon session setup failed: %s\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	tmp = cli->tree->session;
+	cli->tree->session = session2;
+
+	status = dcerpc_lsa_OpenPolicy2(lsa_pipe, mem_ctx, &openpolicy);
+
+	if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_HANDLE)) {
+		d_printf("dcerpc_lsa_OpenPolicy2 with wrong vuid gave %s, "
+			 "expected NT_STATUS_INVALID_HANDLE\n",
+			 nt_errstr(status));
+		goto done;
+	}
+
+	ret = True;
+ done:
+	talloc_free(mem_ctx);
+	return ret;
+}
-- 
cgit