From 2d29354a355672261be356c2a8d9eff75b6a5c84 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 10 Oct 2005 09:33:06 +0000
Subject: r10865: merge branches/SOC/SAMBA_4_0 into main the main SAMBA_4_0
 tree

metze

 r8017@SERNOX:  metze | 2005-06-30 13:44:23 +0200
 create the SAMBA_4_0 branch for the Summer Of Code Project

 metze

 r8730@SERNOX:  brad | 2005-07-24 03:09:48 +0200
 Branching Samba 4
 r8731@SERNOX:  brad | 2005-07-24 06:39:00 +0200
 added 'make installmisc' to howto.txt
 added existing 'compression' option to level8 drsuapi torture test
 added new 'neighbour_writeable' option to level8 drsuapi torture test
 r8732@SERNOX:  brad | 2005-07-24 06:42:38 +0200
 added metze's dssync patch as source/torture/rpc/dssync.c
 r8739@SERNOX:  brad | 2005-07-25 00:24:46 +0200
 added a test called RPC-DSSYNC to config.mk
 hacking at dssync.c in an attempt to make it compile
 r8754@SERNOX:  brad | 2005-07-25 15:19:21 +0200
 Changing dssync.c to use ldb routines for accessing ldap rather than raw ldap calls.

 r8765@SERNOX:  brad | 2005-07-26 03:35:38 +0200
 more ldb changes to test_CompleteJoin(), it mostly kind of almost works now!

 r8766@SERNOX:  brad | 2005-07-26 03:56:00 +0200
 Trying to fix the crazy nesting in the branch
 r8769@SERNOX:  brad | 2005-07-26 04:48:29 +0200
 merging latest changes
 r8770@SERNOX:  brad | 2005-07-26 04:53:43 +0200
 removing nested branch
 r8793@SERNOX:  jerry | 2005-07-27 05:04:57 +0200
 merging on of Brad missing changes from the nested 4.0 branch debacle
 r8794@SERNOX:  jerry | 2005-07-27 05:14:42 +0200
 syncing up with the main 4_0 branch for Brad
 r8842@SERNOX:  brad | 2005-07-29 00:26:30 +0200
 merging changes from branches/SAMBA_4_0
 r8850@SERNOX:  brad | 2005-07-29 21:07:57 +0200
 Bringing my tree up to date
 r8851@SERNOX:  brad | 2005-07-30 00:48:04 +0200
 making dssync.c more ldb-centric, reverted samlogon.c from rev. 8845 to get my branch to compile again.
 r8856@SERNOX:  brad | 2005-07-30 03:20:33 +0200
 I think I have the ldb code down in test_CompleteJoin (not complete yet though)
 r8860@SERNOX:  brad | 2005-07-30 07:08:13 +0200
 Changed comments to C style /**/ (thanks Richard), some more changes to test_CompleteJoin().
 r8862@SERNOX:  brad | 2005-07-31 04:45:32 +0200
 Bringing the SOC/SAMBA_4_0 branch up to date.
 r8863@SERNOX:  brad | 2005-07-31 20:00:41 +0200
 Updated some missing files from the branch
 r8864@SERNOX:  brad | 2005-07-31 20:25:50 +0200
 Removing autogenerated files from branch
 r8865@SERNOX:  brad | 2005-07-31 20:43:58 +0200
 last of the unneeded files in SOC/SAMBA_4_0
 r9004@SERNOX:  brad | 2005-08-03 18:51:23 +0200
  r5214@buttercup:  j0j0 | 2005-08-03 10:44:30 -0600
   r@buttercup:  j0j0 | 2005-08-02 22:54:13 -0600
   creating a local branch of branches/SAMBA_4_0

 r9013@SERNOX:  brad | 2005-08-03 20:57:48 +0200
  r5228@buttercup:  j0j0 | 2005-08-03 13:00:11 -0600
  Fixing differences between this branch and /branches/SAMBA_4_0

 r9014@SERNOX:  brad | 2005-08-03 21:18:05 +0200
  r5231@buttercup:  j0j0 | 2005-08-03 13:23:12 -0600
  Updating config.mk so that smbtorture builds again

 r9061@SERNOX:  brad | 2005-08-04 18:17:36 +0200
  r5249@buttercup:  j0j0 | 2005-08-03 21:01:02 -0600
  Start using libnet_Join() for DC join.

 r9062@SERNOX:  brad | 2005-08-04 18:17:47 +0200
  r5250@buttercup:  j0j0 | 2005-08-04 10:21:34 -0600
  Some more work towards performing a dc join.

 r9064@SERNOX:  brad | 2005-08-04 18:53:51 +0200
  r5253@buttercup:  j0j0 | 2005-08-04 10:53:00 -0600
  Fixed a bug (passing a TALLOC_CTX to libnet_context_init() )

 r9069@SERNOX:  brad | 2005-08-04 21:59:55 +0200
  r5279@buttercup:  j0j0 | 2005-08-04 14:04:55 -0600
  Some more work on the domain join

 r9117@SERNOX:  brad | 2005-08-05 16:50:26 +0200
  r5281@buttercup:  j0j0 | 2005-08-05 08:55:58 -0600
  Committing minor changes before merge

 r9180@SERNOX:  brad | 2005-08-07 17:25:25 +0200
  r5314@buttercup:  j0j0 | 2005-08-07 09:30:12 -0600
  Reworked libnet_join to use two join levels, AUTOMATIC and SPECIFIED.

 r9181@SERNOX:  brad | 2005-08-07 17:25:36 +0200
  r5315@buttercup:  j0j0 | 2005-08-07 09:31:22 -0600
  Working with libnet_Join(), code cleanup needed in the near future.

 r9192@SERNOX:  brad | 2005-08-07 21:40:22 +0200
  r5373@buttercup:  j0j0 | 2005-08-07 13:46:09 -0600
  Some code cleanup to make things a little more readable.

 r9249@SERNOX:  brad | 2005-08-12 01:31:48 +0200
  r5375@buttercup:  j0j0 | 2005-08-11 17:38:44 -0600
  Split libnet_JoinDomain() into libnet_JoinDomain() and libnet_JoinADSDomain().

 r9256@SERNOX:  brad | 2005-08-12 04:55:11 +0200
  r5413@buttercup:  j0j0 | 2005-08-11 21:02:27 -0600
  Clean up libnet_JoinADSDomain() a little, added a comment to the test_join struct.

 r9314@SERNOX:  brad | 2005-08-16 03:53:20 +0200
  r5436@buttercup:  j0j0 | 2005-08-15 20:01:21 -0600
  libnet_JoinDomain() should honour LIBNET_JOIN_TORTURE now.
  torture_join_domain() should properly use libnet_JoinDomain().
  dssync.c uses torture_join_domain() again.

 r9351@SERNOX:  brad | 2005-08-17 07:15:31 +0200
  r5438@buttercup:  j0j0 | 2005-08-16 23:23:58 -0600
  Removed LIBNET_JOIN_TORTURE level, as it became unnecessary once libnet_Join_primary_domain() handled netbios names better.
  Corrected libnet_JoinDomain() and libnet_JoinADSDomain().

 r9352@SERNOX:  brad | 2005-08-17 07:24:49 +0200
  r5440@buttercup:  j0j0 | 2005-08-16 23:33:25 -0600
  Fixed a typo.

 r9354@SERNOX:  metze | 2005-08-17 10:28:25 +0200
 remove object files from svn

 metze
 r9376@SERNOX:  brad | 2005-08-18 05:15:48 +0200
  r5476@buttercup:  j0j0 | 2005-08-17 21:24:33 -0600
  Proof that I shouldn't code when i'm tired (silly bugfixes).

 r9405@SERNOX:  brad | 2005-08-19 22:50:10 +0200
  r5500@buttercup:  j0j0 | 2005-08-19 14:56:25 -0600
  Get dssync.c compiling again after merge (ldb_dn changes from rev. 9391).

 r9407@SERNOX:  brad | 2005-08-20 03:22:42 +0200
  r5502@buttercup:  j0j0 | 2005-08-19 19:28:22 -0600
  libnet/libnet_join.c
  Some more fixes so ldb uses ldb_dn's.

  torture/rpc/dssync.c
  Some debugging printf()'s.
  ldb_dn fixes.

  torture/rpc/testjoin.c
  Change torture_join_domain() to use libnet_JoinDomain() rather than libnet_Join().
  Some more debugging statements.

  I'm not sure why, but GUID_all_zero(user_handle.uuid) is returning true in torture_leave_domain() when called it from torture_destroy_context() in torture/rpc/dssync.c.
  That's what i'm working out now.

 r9427@SERNOX:  brad | 2005-08-20 18:38:29 +0200
  r5504@buttercup:  j0j0 | 2005-08-20 10:44:52 -0600
  Some bugfixes.
  Removed a bunch of debugging code.
  torture_leave_domain() works again! not 100% perfect yet though...

 r9428@SERNOX:  brad | 2005-08-20 19:09:26 +0200
  r5506@buttercup:  j0j0 | 2005-08-20 11:15:54 -0600
  Restructure torture_join_domain() so that it joins itself, removes itself, and joins itself to the domain again to ensure that its account information is all current and as expected.

 r9452@SERNOX:  brad | 2005-08-21 19:33:51 +0200
  r5508@buttercup:  j0j0 | 2005-08-21 11:40:36 -0600
  Bugfixes, trying to get things straight between contexts.

 r9467@SERNOX:  brad | 2005-08-22 04:00:48 +0200
  r5510@buttercup:  j0j0 | 2005-08-21 20:06:55 -0600
  Another round of bugfixing.

 r9521@SERNOX:  brad | 2005-08-23 15:26:44 +0200
  r5596@buttercup:  j0j0 | 2005-08-23 07:33:06 -0600
  Merging changes

 r9524@SERNOX:  metze | 2005-08-23 16:09:42 +0200
 - fix the build caused by changes in the main samba4 tree,
 - add an option "dssync:german=yes" to allow me to run against my german w2k3 server
   this should be replaces by CLDAP calls to get the Default-First-Site-Name dynamicly
 - remove some temporary comments, as DsAddEntry works now

 metze
 r9528@SERNOX:  metze | 2005-08-23 18:22:22 +0200
 the RPC-DSSYNC test is now able to fetch the whole tree,
 including the unicodePwd, ntPwdHistory fields

 metze
 r9559@SERNOX:  brad | 2005-08-24 04:11:47 +0200
  r5612@buttercup:  j0j0 | 2005-08-23 20:19:12 -0600
  Some fixes around using talloc in a hierarchical fashion.
  Still not right, but better.

 r9564@SERNOX:  brad | 2005-08-24 05:43:11 +0200
  r5614@buttercup:  j0j0 | 2005-08-23 21:50:38 -0600
  Gave libnet_JoinADSDomain() its own tmp_ctx rather than passing it from libnet_JoinDomain() as a parameter (yuk).

  As a side effect, it proves that my bug lies in libnet_JoinDomain(), not libnet_JoinADSDomain().

 r9565@SERNOX:  brad | 2005-08-24 06:09:46 +0200
  r5616@buttercup:  j0j0 | 2005-08-23 22:17:12 -0600
  Small fix, if r->out.error_string and r2->samr_handle.out.error_string weren't set to NULL, torture_join_domain() would segfault on the second join.

 r9630@SERNOX:  brad | 2005-08-26 06:42:50 +0200
 Commented out the parts of the dssync test which perform the dc join and create/remove associated ldap entries.

 Commented out the test for the 'german' dssync option, because now we detect the Site-Name using CLDAP. If cldap_netlogon() does not return ok, the code defaults to 'Default-First-Site-Name'.
 r9670@SERNOX:  brad | 2005-08-27 02:30:11 +0200
 Added a patch from metze.

 To showcase what i've learned today, i've created two new parameters which can be set at runtime, drsuapi:last_usn and drsuapi:partition.

 drsuapi:last_usn takes an integer representing the USN of the last recieved replication update for a particular partition (uses the domain dn if drsuapi:parition isn't set).

 That value is passed in the DsGetNCChanges() call so that only info which has been updated since that point in time is returned. If this option is not set, 0 is used by default, and all updates for that partition are returned.

 drsuapi:partition takes a string dn and uses that as the name of the AD partition to replicate.

 Some debugging output was also added.

 r9723@SERNOX:  brad | 2005-08-29 01:07:51 +0200
 Added some copyright notices.

 Changed some things in net_join.c to try and figure out why 'net join <domain> bdc' segfaults.
 It occurs when the last talloc_free() happens, so i'm sure it's something to do with the memory fiddling i'm doing in libnet_join.

 Added some drsuapi attribute ids that I figured out today.
 I put some (many, dry) notes together while doing that, so i'll try to put them up on a blog at samba.org a little later tonight.

 r9740@SERNOX:  metze | 2005-08-29 16:58:03 +0200
 fix up the DsGetNCchanges loop,
 and remove misleading comments

 metze
 r9743@SERNOX:  metze | 2005-08-29 17:26:45 +0200
 make the logic a bit clearer

 metze
 r9815@SERNOX:  brad | 2005-08-31 02:36:21 +0200
 Added cldap_netlogon() AD Site-Name lookup into libnet/libnet_join.c.
 Bugfixing rampage in libnet_join.c to resolve misunderstanding of talloc_steal().
 libnet_join now creates the CN=<netbios name>,CN=Servers,CN=<site name>,CN=Sites,CN=Configuration,<domain dn> container on a dc join.

 r9858@SERNOX:  brad | 2005-09-01 03:17:17 +0200
 Removed extraneous NDR_ALL subsystem requirement from torture/config.mk.
 Added lots of error checking as per metze's advice.
 Removed commented out code.
 More bug chasing.

 r9863@SERNOX:  brad | 2005-09-01 05:53:19 +0200
 Cleaned up dssync.c, removed the unneeded DsCrackNames() call, removed DC join/leave related stuff.
 It no longer looks like my house does!

 r9887@SERNOX:  metze | 2005-09-01 11:34:03 +0200
 - fix dssync:highest_usn parameter handling
 - ask for LINKED_ATTRIBUTE replication

 metze
 r9891@SERNOX:  metze | 2005-09-01 14:13:18 +0200
 make the code more readable, and fix a few bugs

 metze
 r9911@SERNOX:  brad | 2005-09-01 20:36:27 +0200
 Bugfixes in libnet_join.c.
 Cleaned up comments.
 Added domain_dn_str and account_dn_str to struct libnet_JoinDomain.
 Removed struct dcerpc_pipe *samr_pipe and struct policy_handle user_handle from struct libnet_Join.

 r9920@SERNOX:  brad | 2005-09-01 23:34:13 +0200
 Added disclaimer (I can't seem to get libnet_JoinDomain() to keep the samr_pipe and u_handle open past the function call, grrrr....).

 r9921@SERNOX:  brad | 2005-09-01 23:37:54 +0200
 Added copyright statement.
 Cleaned up unneeded variables from torture_join_domain().

 r9932@SERNOX:  brad | 2005-09-02 01:49:42 +0200
 Really rushed project notes.

 r10841@SERNOX:  metze | 2005-10-08 20:01:45 +0200
 remove diff to main SAMBA_4_0 branch

 metze
 r10862@SERNOX:  metze | 2005-10-10 10:31:52 +0200
 remove the differences between SAMBA_4_0 and SOC/SAMBA_4_0

 metze
 r10863@SERNOX:  metze | 2005-10-10 10:34:26 +0200
 fix the build

 metze
 r10864@SERNOX:  metze | 2005-10-10 11:10:08 +0200
 remove README file to reduce, diffs to main SAMBA_4_0 branch:

 metze

 README:
 This project was centered around adding a torture test to Samba 4, which used drsuapi_DsGetNCChanges() to retrieve the contents of an Active Directory in the same manner as an Active Directory DC replication event.

 As the project unfolded, I also applied some changes to the functionality of the libnet library related to joining a machine account to a domain.

 One of the first things that I implemented in this project was a 'neighbour_writeable' option for the RPC-DRSUAPI torture test. The command line to execute this torture test is as follows:

 smbtorture --option=drsuapi:neighbour_writeable=True -W <domain name> -U <admin username>%<password> ncacn_ip_tcp:<domain controller dns name> RPC-DRSUAPI

 This option provides us with runtime control over the DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE flag in the struct drsuapi_DsGetNCChanges.in.req.req<level>.replica_flags, allowing us to easily test for differences in the behaviour of AD replication with the switch on or off.

 In the course of the project, I also implemented two more flags for the RPC-DSSYNC test. dssync:last_usn takes an integer representing the USN (Universal Serial Number) of the last recieved replication update for a particular partition (uses the domain DN if drsuapi:parition isn't set).   That value is passed in the DsGetNCChanges() call so that only info which has been updated since that point in time is returned. If this option is not set, 0 is used by default, and all updates for that partition are returned.  dssync:partition takes a string DN and uses that as the name of the AD partition to replicate.

 Based initially on a patch provided to me by one of my mentors, Stephan (metze) Metzmacher, the RPC-DSSYNC test was implemented for this project. Initially functionality was included to perform a DC join prior to initiating replication, but the code was removed when it was realized that replication could indeed take place without being a member of the domain in any way. It has been recently suggested that we may need a DC join after all to get all of the information we may want from the AD replication. This is probably best added using a torture_join_domain() call once the libnet code is able to keep the user policy handle and SAMR RPC pipe open.

 The DC join code was taken out of the RPC-DSSYNC and implemented for the most part in the libnet libraries. To test this, the RPC-NETLOGON test was modified to perform a domain join, leave and rejoin. Currently, the test has a fault in that it is unable to leave the domain using the same SAMR RPC pipe and user_policy information as was used for the first join. This is because I was unable to get the code working properly in libnet to provide that functionality. Currently missing from the DC join in libnet is the code to create the CN=NTDS Settings,CN=<DC NETBIOS NAME>,CN=<Site-Name>,CN=Sites,CN=Configuration,<domain DN> container using the dcerpc_drsuapi_DsAddEntry() call. I did not want to implement this functionality in libnet while there were still problems with the code.

 I also provided the ability in libnet and the RPC-DSSYNC test to look up the proper site name using the cldap library.

 In my investigations, I was unable to find out any information regarding the UnicodePwd attribute, except that the same password is represented differently for two different users in the same directory.

 I was also able to resolve and confirm the meaning of some DRSUAPI_ATTRIBUTE ID's.
 	DRSUAPI_OBJECTCLASS_domain 	(0xA0042)
 	DRSUAPI_OBJECTCLASS_domainDNS 	(0xA0043)
 	wellKnownObjects 		(0x9026A)
 	fSMORoleOwner 			(0x90171)
 	name or dc			(0x90001)
 	whenCreated 			(0x20002)
 	instanceType 			(0x20001)
 	gPLink				(0x9037B)
 These were added to the IDL for drsuapi (source/librpc/idl/drsuapi.idl).

 I would like to thank everyone on the Samba team who worked with me and assisted me with this project, specifically all the work done by Stephan Metzmacher, Andrew Bartlett and Jerry Carter. Working on this project with the Samba team really has been a life changing experience, as corny as that sounds.

 I've realized that I was born to be a systems developer, and it has helped confirm in my mind that Open Source (specifically Samba) development is exactly what i've been missing!

 I would also like to take this opportunity to thank Chris Dibona and Google for the amazing opportunity. I don't know if I would have taken the leap in other circumstances.

 I know these notes sound a little rushed, but it is 23:55 after all! :)
(This used to be commit 55552b41cbaa8c57a30373a53176e7f3ae945290)
---
 source4/torture/rpc/dssync.c | 410 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 410 insertions(+)
 create mode 100644 source4/torture/rpc/dssync.c

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
new file mode 100644
index 0000000000..7688a0c2f1
--- /dev/null
+++ b/source4/torture/rpc/dssync.c
@@ -0,0 +1,410 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   DsGetNCChanges replication test
+
+   Copyright (C) Stefan (metze) Metzmacher 2005
+   Copyright (C) Brad Henry 2005
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+#include "lib/cmdline/popt_common.h"
+#include "libnet/libnet.h"
+#include "librpc/gen_ndr/ndr_drsuapi.h"
+#include "librpc/gen_ndr/ndr_samr.h"
+#include "libcli/ldap/ldap.h"
+#include "libcli/cldap/cldap.h"
+#include "ads.h"
+
+struct DsSyncBindInfo {
+	struct dcerpc_pipe *pipe;
+	struct drsuapi_DsBind req;
+	struct GUID bind_guid;
+	struct drsuapi_DsBindInfoCtr our_bind_info;
+	struct policy_handle bind_handle;
+};
+
+struct DsSyncLDAPInfo {
+	struct ldap_connection *conn;
+};
+
+struct DsSyncTest {
+	struct dcerpc_binding *drsuapi_binding;
+	
+	const char *ldap_url;
+	const char *site_name;
+	
+	const char *domain_dn;
+
+	/* what we need to do as 'Administrator' */
+	struct {
+		struct cli_credentials *credentials;
+		struct DsSyncBindInfo drsuapi;
+		struct DsSyncLDAPInfo ldap;
+	} admin;
+
+	/* what we need to do as the new dc machine account */
+	struct {
+		struct cli_credentials *credentials;
+		struct DsSyncBindInfo drsuapi;
+		struct drsuapi_DsGetDCInfo2 dc_info2;
+		struct GUID invocation_id;
+		struct GUID object_guid;
+	} new_dc;
+
+	/* info about the old dc */
+	struct {
+		struct drsuapi_DsGetDomainControllerInfo dc_info;
+	} old_dc;
+};
+
+static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
+{
+	NTSTATUS status;
+	struct DsSyncTest *ctx;
+	struct drsuapi_DsBindInfoCtr *our_bind_info;
+	const char *binding = lp_parm_string(-1, "torture", "binding");
+	ctx = talloc_zero(mem_ctx, struct DsSyncTest);
+	if (!ctx) return NULL;
+
+	status = dcerpc_parse_binding(ctx, binding, &ctx->drsuapi_binding);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("Bad binding string %s\n", binding);
+		return NULL;
+	}
+	ctx->drsuapi_binding->flags |= DCERPC_SIGN | DCERPC_SEAL;
+
+	ctx->ldap_url = talloc_asprintf(ctx, "ldap://%s/", ctx->drsuapi_binding->host);
+
+	/* ctx->admin ...*/
+	ctx->admin.credentials				= cmdline_credentials;
+
+	our_bind_info					= &ctx->admin.drsuapi.our_bind_info;
+	our_bind_info->length				= 28;
+	our_bind_info->info.info28.supported_extensions	= 0xFFFFFFFF;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
+	our_bind_info->info.info28.site_guid		= GUID_zero();
+	our_bind_info->info.info28.u1			= 0;
+	our_bind_info->info.info28.repl_epoch		= 1;
+
+	GUID_from_string(DRSUAPI_DS_BIND_GUID, &ctx->admin.drsuapi.bind_guid);
+
+	ctx->admin.drsuapi.req.in.bind_guid		= &ctx->admin.drsuapi.bind_guid;
+	ctx->admin.drsuapi.req.in.bind_info		= our_bind_info;
+	ctx->admin.drsuapi.req.out.bind_handle		= &ctx->admin.drsuapi.bind_handle;
+
+	/* ctx->new_dc ...*/
+
+	our_bind_info					= &ctx->new_dc.drsuapi.our_bind_info;
+	our_bind_info->length				= 28;
+	our_bind_info->info.info28.supported_extensions	= 0x1ffffb7f;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
+	our_bind_info->info.info28.site_guid		= GUID_zero();
+	our_bind_info->info.info28.u1			= 508;
+	our_bind_info->info.info28.repl_epoch		= 0;
+
+	GUID_from_string(DRSUAPI_DS_BIND_GUID_W2K3, &ctx->new_dc.drsuapi.bind_guid);
+
+	ctx->new_dc.drsuapi.req.in.bind_guid		= &ctx->new_dc.drsuapi.bind_guid;
+	ctx->new_dc.drsuapi.req.in.bind_info		= our_bind_info;
+	ctx->new_dc.drsuapi.req.out.bind_handle		= &ctx->new_dc.drsuapi.bind_handle;
+
+	/* ctx->old_dc ...*/
+
+	return ctx;
+}
+
+static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credentials, struct DsSyncBindInfo *b)
+{
+	NTSTATUS status;
+	BOOL ret = True;
+	struct event_context *event = NULL;
+
+	status = dcerpc_pipe_connect_b(ctx,
+				       &b->pipe, ctx->drsuapi_binding, 
+				       DCERPC_DRSUAPI_UUID,
+				       DCERPC_DRSUAPI_VERSION,
+				       credentials, event);
+	
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status));
+		return False;
+	}
+
+	status = dcerpc_drsuapi_DsBind(b->pipe, ctx, &b->req);
+	if (!NT_STATUS_IS_OK(status)) {
+		const char *errstr = nt_errstr(status);
+		if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
+			errstr = dcerpc_errstr(ctx, b->pipe->last_fault_code);
+		}
+		printf("dcerpc_drsuapi_DsBind failed - %s\n", errstr);
+		ret = False;
+	} else if (!W_ERROR_IS_OK(b->req.out.result)) {
+		printf("DsBind failed - %s\n", win_errstr(b->req.out.result));
+		ret = False;
+	}
+
+	return ret;
+}
+
+static BOOL test_LDAPBind(struct DsSyncTest *ctx, struct cli_credentials *credentials, struct DsSyncLDAPInfo *l)
+{
+	NTSTATUS status;
+	BOOL ret = True;
+
+	status = torture_ldap_connection(ctx, &l->conn, ctx->ldap_url);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("failed to connect to LDAP: %s\n", ctx->ldap_url);
+		return False;
+	}
+
+	printf("connected to LDAP: %s\n", ctx->ldap_url);
+
+	status = torture_ldap_bind_sasl(l->conn, credentials);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("failed to bind to LDAP:\n");
+		return False;
+	}
+	printf("bound to LDAP.\n");
+
+	return ret;
+}
+
+static BOOL test_GetInfo(struct DsSyncTest *ctx)
+{
+	NTSTATUS status;
+	struct drsuapi_DsCrackNames r;
+	struct drsuapi_DsNameString names[1];
+	BOOL ret = True;
+
+	struct cldap_socket *cldap = cldap_socket_init(ctx, NULL);
+	struct cldap_netlogon search;
+	
+	r.in.bind_handle		= &ctx->admin.drsuapi.bind_handle;
+	r.in.level			= 1;
+	r.in.req.req1.unknown1		= 0x000004e4;
+	r.in.req.req1.unknown2		= 0x00000407;
+	r.in.req.req1.count		= 1;
+	r.in.req.req1.names		= names;
+	r.in.req.req1.format_flags	= DRSUAPI_DS_NAME_FLAG_NO_FLAGS;		
+	r.in.req.req1.format_offered	= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
+	r.in.req.req1.format_desired	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
+	names[0].str = talloc_asprintf(ctx, "%s\\", lp_workgroup());
+
+	status = dcerpc_drsuapi_DsCrackNames(ctx->admin.drsuapi.pipe, ctx, &r);
+	if (!NT_STATUS_IS_OK(status)) {
+		const char *errstr = nt_errstr(status);
+		if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
+			errstr = dcerpc_errstr(ctx, ctx->admin.drsuapi.pipe->last_fault_code);
+		}
+		printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+		return False;
+	} else if (!W_ERROR_IS_OK(r.out.result)) {
+		printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
+		return False;
+	}
+
+	ctx->domain_dn = r.out.ctr.ctr1->array[0].result_name;
+	
+	ZERO_STRUCT(search);
+	search.in.dest_address = ctx->drsuapi_binding->host;
+	search.in.acct_control = -1;
+	search.in.version = 6;
+	status = cldap_netlogon(cldap, ctx, &search);
+	if (!NT_STATUS_IS_OK(status)) {
+		const char *errstr = nt_errstr(status);
+		ctx->site_name = talloc_asprintf(ctx, "%s", "Default-First-Site-Name");
+		printf("cldap_netlogon() returned %s. Defaulting to Site-Name: %s\n", errstr, ctx->site_name);		
+	} else {
+		ctx->site_name = talloc_steal(ctx, search.out.netlogon.logon5.site_name);
+		printf("cldap_netlogon() returned Site-Name: %s.\n",ctx->site_name);
+	}
+
+
+	ctx->new_dc.invocation_id = GUID_random();
+
+	return ret;
+}
+
+
+static BOOL test_FetchData(struct DsSyncTest *ctx)
+{
+	NTSTATUS status;
+	BOOL ret = True;
+	int i, y = 0;
+	uint64_t highest_usn = 0;
+	const char *partition = NULL;
+	struct drsuapi_DsGetNCChanges r;
+	struct drsuapi_DsReplicaObjectIdentifier nc;
+	struct GUID null_guid;
+	struct dom_sid null_sid;
+	struct {
+		int32_t level;
+	} array[] = {
+/*		{
+			5
+		},
+*/		{
+			8
+		}
+	};
+
+	ZERO_STRUCT(null_guid);
+	ZERO_STRUCT(null_sid);
+
+	partition = lp_parm_string(-1, "dssync", "partition");
+	if (partition == NULL) {
+		partition = ctx->domain_dn;
+		printf("dssync:partition not specified, defaulting to %s.\n", ctx->domain_dn);
+	}
+
+	highest_usn = lp_parm_int(-1, "dssync", "highest_usn", 0);
+
+	for (i=0; i < ARRAY_SIZE(array); i++) {
+		printf("testing DsGetNCChanges level %d\n",
+			array[i].level);
+
+		r.in.bind_handle	= &ctx->new_dc.drsuapi.bind_handle;
+		r.in.level		= array[i].level;
+
+		switch (r.in.level) {
+		case 5:
+			nc.guid	= null_guid;
+			nc.sid	= null_sid;
+			nc.dn	= partition; 
+
+			r.in.req.req5.destination_dsa_guid		= ctx->new_dc.invocation_id;
+			r.in.req.req5.source_dsa_guid			= null_guid;
+			r.in.req.req5.naming_context			= &nc;
+			r.in.req.req5.highwatermark.tmp_highest_usn	= highest_usn;
+			r.in.req.req5.highwatermark.reserved_usn	= 0;
+			r.in.req.req5.highwatermark.highest_usn		= highest_usn;
+			r.in.req.req5.uptodateness_vector		= NULL;
+			r.in.req.req5.replica_flags			= 0;
+			if (lp_parm_bool(-1,"dssync","compression",False)) {
+				r.in.req.req5.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
+			}
+			if (lp_parm_bool(-1,"dssync","neighbour_writeable",True)) {
+				r.in.req.req5.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
+			}
+			r.in.req.req5.replica_flags			|= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
+									| DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS
+									| DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS
+									| DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED
+									;
+			r.in.req.req5.unknown2				= 133;
+			r.in.req.req5.unknown3				= 1336770;
+			r.in.req.req5.unknown4				= 0;
+			r.in.req.req5.h1				= 0;
+
+			break;
+		case 8:
+			nc.guid	= null_guid;
+			nc.sid	= null_sid;
+			nc.dn	= partition; 
+			/* nc.dn can be set to any other ad partition */
+			
+			r.in.req.req8.destination_dsa_guid		= ctx->new_dc.invocation_id;
+			r.in.req.req8.source_dsa_guid			= null_guid;
+			r.in.req.req8.naming_context			= &nc;
+			r.in.req.req8.highwatermark.tmp_highest_usn	= highest_usn;
+			r.in.req.req8.highwatermark.reserved_usn	= 0;
+			r.in.req.req8.highwatermark.highest_usn		= highest_usn;
+			r.in.req.req8.uptodateness_vector		= NULL;
+			r.in.req.req8.replica_flags			= 0;
+			if (lp_parm_bool(-1,"dssync","compression",False)) {
+				r.in.req.req8.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
+			}
+			if (lp_parm_bool(-1,"dssync","neighbour_writeable",True)) {
+				r.in.req.req8.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
+			}
+			r.in.req.req8.replica_flags			|= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
+									| DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS
+									| DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS
+									| DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED
+									;
+			r.in.req.req8.unknown2				= 402;
+			r.in.req.req8.unknown3				= 402116;
+
+			r.in.req.req8.unknown4				= 0;
+			r.in.req.req8.h1				= 0;
+			r.in.req.req8.unique_ptr1			= 0;
+			r.in.req.req8.unique_ptr2			= 0;
+			r.in.req.req8.ctr12.count			= 0;
+			r.in.req.req8.ctr12.array			= NULL;
+
+			break;
+		}
+		
+		printf("Dumping AD partition: %s\n", nc.dn);
+		for (y=0; ;y++) {
+			ZERO_STRUCT(r.out);
+
+			if (r.in.level == 8) {
+				DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
+					r.in.req.req8.highwatermark.tmp_highest_usn,
+					r.in.req.req8.highwatermark.highest_usn));
+			}
+
+			status = dcerpc_drsuapi_DsGetNCChanges(ctx->new_dc.drsuapi.pipe, ctx, &r);
+			if (!NT_STATUS_IS_OK(status)) {
+				const char *errstr = nt_errstr(status);
+				if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
+					errstr = dcerpc_errstr(ctx, ctx->new_dc.drsuapi.pipe->last_fault_code);
+				}
+				printf("dcerpc_drsuapi_DsGetNCChanges failed - %s\n", errstr);
+				ret = False;
+			} else if (!W_ERROR_IS_OK(r.out.result)) {
+				printf("DsGetNCChanges failed - %s\n", win_errstr(r.out.result));
+				ret = False;
+			}
+
+			if (ret == True && r.out.level == 6) {
+				DEBUG(0,("end[%d] tmp_highest_usn: %llu , highest_usn: %llu\n",y,
+					r.out.ctr.ctr6.new_highwatermark.tmp_highest_usn,
+					r.out.ctr.ctr6.new_highwatermark.highest_usn));
+
+				if (r.out.ctr.ctr6.new_highwatermark.tmp_highest_usn > r.out.ctr.ctr6.new_highwatermark.highest_usn) {
+					r.in.req.req8.highwatermark = r.out.ctr.ctr6.new_highwatermark;
+					continue;
+				}
+			}
+			break;
+		}
+	}
+
+	return ret;
+}
+
+BOOL torture_rpc_dssync(void)
+{
+	BOOL ret = True;
+	TALLOC_CTX *mem_ctx;
+	struct DsSyncTest *ctx;
+	
+	mem_ctx = talloc_init("torture_rpc_dssync");
+	ctx = test_create_context(mem_ctx);
+	
+	ret &= _test_DsBind(ctx, ctx->admin.credentials, &ctx->admin.drsuapi);
+	ret &= test_LDAPBind(ctx, ctx->admin.credentials, &ctx->admin.ldap);
+	ret &= test_GetInfo(ctx);
+	ret &= _test_DsBind(ctx, ctx->admin.credentials, &ctx->new_dc.drsuapi);
+	ret &= test_FetchData(ctx);
+
+	return ret;
+}
-- 
cgit 


From af4d8e49f73b4c92e7aa31b9ce924f3104e5b24f Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 10 Oct 2005 12:31:05 +0000
Subject: r10871: make xpress compression choosable, by
 --option="dssync:xpress=yes", default is to not use it, as it's currently not
 supported

metze
(This used to be commit 2fb79e24228a47edcb7e1e12fb73def523b0400b)
---
 source4/torture/rpc/dssync.c | 30 +++++++++++++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 7688a0c2f1..757a2dcc7c 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -111,9 +111,37 @@ static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
 
 	our_bind_info					= &ctx->new_dc.drsuapi.our_bind_info;
 	our_bind_info->length				= 28;
-	our_bind_info->info.info28.supported_extensions	= 0x1ffffb7f;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_BASE;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2;
 	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6;
 	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
+	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
+	if (lp_parm_bool(-1,"dssync","xpress",False)) {
+		our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
+	}
 	our_bind_info->info.info28.site_guid		= GUID_zero();
 	our_bind_info->info.info28.u1			= 508;
 	our_bind_info->info.info28.repl_epoch		= 0;
-- 
cgit 


From 18bd47742880424f4f0621b665c47f2c26617f21 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 14 Oct 2005 06:07:23 +0000
Subject: r10986: loop also when we use mszip compression

metze
(This used to be commit e32488667c59c30d66528e8fa31c55037f36cd01)
---
 source4/torture/rpc/dssync.c | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 757a2dcc7c..77551998c3 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -279,6 +279,8 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 	const char *partition = NULL;
 	struct drsuapi_DsGetNCChanges r;
 	struct drsuapi_DsReplicaObjectIdentifier nc;
+	struct drsuapi_DsGetNCChangesCtr6 *ctr6 = NULL;
+	int32_t out_level = 0;
 	struct GUID null_guid;
 	struct dom_sid null_sid;
 	struct {
@@ -403,15 +405,26 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 			}
 
 			if (ret == True && r.out.level == 6) {
+				out_level = 6;
+				ctr6 = &r.out.ctr.ctr6;
+			} else if (ret == True && r.out.level == 7
+				   && r.out.ctr.ctr7.level == 6
+				   && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP) {
+				out_level = 6;
+				ctr6 = r.out.ctr.ctr7.ctr.mszip6.ctr6;
+			}
+
+			if (out_level == 6) {
 				DEBUG(0,("end[%d] tmp_highest_usn: %llu , highest_usn: %llu\n",y,
-					r.out.ctr.ctr6.new_highwatermark.tmp_highest_usn,
-					r.out.ctr.ctr6.new_highwatermark.highest_usn));
+					ctr6->new_highwatermark.tmp_highest_usn,
+					ctr6->new_highwatermark.highest_usn));
 
-				if (r.out.ctr.ctr6.new_highwatermark.tmp_highest_usn > r.out.ctr.ctr6.new_highwatermark.highest_usn) {
-					r.in.req.req8.highwatermark = r.out.ctr.ctr6.new_highwatermark;
+				if (ctr6->new_highwatermark.tmp_highest_usn > ctr6->new_highwatermark.highest_usn) {
+					r.in.req.req8.highwatermark = ctr6->new_highwatermark;
 					continue;
 				}
 			}
+
 			break;
 		}
 	}
-- 
cgit 


From 94473233fe8ae7f663d4872eb1d9f25f08afadb9 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 14 Oct 2005 06:58:39 +0000
Subject: r10988: print out the password blobs, with

--option="dssync:print_pwd_blobs=yes"

metze
(This used to be commit b06de6d39cd21d5096e4041e218370263d8096b0)
---
 source4/torture/rpc/dssync.c | 57 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 77551998c3..3aa2f43e6b 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -269,6 +269,61 @@ static BOOL test_GetInfo(struct DsSyncTest *ctx)
 	return ret;
 }
 
+static void test_analyse_objects(struct DsSyncTest *ctx,
+				 struct drsuapi_DsReplicaObjectListItemEx *cur)
+{
+	if (!lp_parm_bool(-1,"dssync","print_pwd_blobs",False)) {
+		return;	
+	}
+
+	for (; cur; cur = cur->next_object) {
+		const char *dn;
+		BOOL dn_printed = False;
+		uint32_t i;
+
+		if (!cur->object.identifier) continue;
+
+		dn = cur->object.identifier->dn;
+
+		for (i=0; i < cur->object.attribute_ctr.num_attributes; i++) {
+			const char *name = NULL;
+			DATA_BLOB *data = NULL;
+			struct drsuapi_DsReplicaAttribute *attr;
+			attr = &cur->object.attribute_ctr.attributes[i];
+
+			switch (attr->attid) {
+			case DRSUAPI_ATTRIBUTE_dBCSPwd:
+				name	= "dBCSPwd";
+				break;
+			case DRSUAPI_ATTRIBUTE_unicodePwd:
+				name	= "unicodePwd";
+				break;
+			case DRSUAPI_ATTRIBUTE_ntPwdHistory:
+				name	= "ntPwdHistory";
+				break;
+			case DRSUAPI_ATTRIBUTE_lmPwdHistory:
+				name	= "lmPwdHistory";
+				break;
+			default:
+				continue;
+			}
+
+			if (attr->value_ctr.data_blob.num_values != 1) continue;
+
+			if (!attr->value_ctr.data_blob.values[0].data) continue;
+
+			data = attr->value_ctr.data_blob.values[0].data;
+
+			if (!dn_printed) {
+				DEBUG(0,("DN: %s\n", dn));
+				dn_printed = True;
+			}
+			DEBUGADD(0,("ATTR: %s data_blob.length=%u\n",
+				    name, data->length));
+			dump_data(0,data->data, data->length);
+		}
+	}
+}
 
 static BOOL test_FetchData(struct DsSyncTest *ctx)
 {
@@ -419,6 +474,8 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 					ctr6->new_highwatermark.tmp_highest_usn,
 					ctr6->new_highwatermark.highest_usn));
 
+				test_analyse_objects(ctx, ctr6->first_object);
+
 				if (ctr6->new_highwatermark.tmp_highest_usn > ctr6->new_highwatermark.highest_usn) {
 					r.in.req.req8.highwatermark = ctr6->new_highwatermark;
 					continue;
-- 
cgit 


From 683910f5efc53e9523e79f8f85b84c3269783b54 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 14 Oct 2005 08:19:21 +0000
Subject: r10991: - create always a valid bind_info28 blocks, so that we don't
 need to work with unions   in the main code - loop also in level 1,2 replies

metze
(This used to be commit c3276bd169961d04f2bd541e6b73ee40df016c3d)
---
 source4/torture/rpc/dssync.c | 145 +++++++++++++++++++++++++++++--------------
 1 file changed, 100 insertions(+), 45 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 3aa2f43e6b..4ae75d7add 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -34,7 +34,9 @@ struct DsSyncBindInfo {
 	struct dcerpc_pipe *pipe;
 	struct drsuapi_DsBind req;
 	struct GUID bind_guid;
-	struct drsuapi_DsBindInfoCtr our_bind_info;
+	struct drsuapi_DsBindInfoCtr our_bind_info_ctr;
+	struct drsuapi_DsBindInfo28 our_bind_info28;
+	struct drsuapi_DsBindInfo28 peer_bind_info28;
 	struct policy_handle bind_handle;
 };
 
@@ -76,7 +78,8 @@ static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
 {
 	NTSTATUS status;
 	struct DsSyncTest *ctx;
-	struct drsuapi_DsBindInfoCtr *our_bind_info;
+	struct drsuapi_DsBindInfo28 *our_bind_info28;
+	struct drsuapi_DsBindInfoCtr *our_bind_info_ctr;
 	const char *binding = lp_parm_string(-1, "torture", "binding");
 	ctx = talloc_zero(mem_ctx, struct DsSyncTest);
 	if (!ctx) return NULL;
@@ -93,63 +96,69 @@ static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
 	/* ctx->admin ...*/
 	ctx->admin.credentials				= cmdline_credentials;
 
-	our_bind_info					= &ctx->admin.drsuapi.our_bind_info;
-	our_bind_info->length				= 28;
-	our_bind_info->info.info28.supported_extensions	= 0xFFFFFFFF;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
-	our_bind_info->info.info28.site_guid		= GUID_zero();
-	our_bind_info->info.info28.u1			= 0;
-	our_bind_info->info.info28.repl_epoch		= 1;
+	our_bind_info28				= &ctx->admin.drsuapi.our_bind_info28;
+	our_bind_info28->supported_extensions	= 0xFFFFFFFF;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
+	our_bind_info28->site_guid		= GUID_zero();
+	our_bind_info28->u1			= 0;
+	our_bind_info28->repl_epoch		= 1;
+
+	our_bind_info_ctr			= &ctx->admin.drsuapi.our_bind_info_ctr;
+	our_bind_info_ctr->length		= 28;
+	our_bind_info_ctr->info.info28		= *our_bind_info28;
 
 	GUID_from_string(DRSUAPI_DS_BIND_GUID, &ctx->admin.drsuapi.bind_guid);
 
 	ctx->admin.drsuapi.req.in.bind_guid		= &ctx->admin.drsuapi.bind_guid;
-	ctx->admin.drsuapi.req.in.bind_info		= our_bind_info;
+	ctx->admin.drsuapi.req.in.bind_info		= our_bind_info_ctr;
 	ctx->admin.drsuapi.req.out.bind_handle		= &ctx->admin.drsuapi.bind_handle;
 
 	/* ctx->new_dc ...*/
 
-	our_bind_info					= &ctx->new_dc.drsuapi.our_bind_info;
-	our_bind_info->length				= 28;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_BASE;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
-	our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
+	our_bind_info28				= &ctx->new_dc.drsuapi.our_bind_info28;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_BASE;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
 	if (lp_parm_bool(-1,"dssync","xpress",False)) {
-		our_bind_info->info.info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
+		our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
 	}
-	our_bind_info->info.info28.site_guid		= GUID_zero();
-	our_bind_info->info.info28.u1			= 508;
-	our_bind_info->info.info28.repl_epoch		= 0;
+	our_bind_info28->site_guid		= GUID_zero();
+	our_bind_info28->u1			= 508;
+	our_bind_info28->repl_epoch		= 0;
+
+	our_bind_info_ctr			= &ctx->new_dc.drsuapi.our_bind_info_ctr;
+	our_bind_info_ctr->length		= 28;
+	our_bind_info_ctr->info.info28		= *our_bind_info28;
 
 	GUID_from_string(DRSUAPI_DS_BIND_GUID_W2K3, &ctx->new_dc.drsuapi.bind_guid);
 
 	ctx->new_dc.drsuapi.req.in.bind_guid		= &ctx->new_dc.drsuapi.bind_guid;
-	ctx->new_dc.drsuapi.req.in.bind_info		= our_bind_info;
+	ctx->new_dc.drsuapi.req.in.bind_info		= our_bind_info_ctr;
 	ctx->new_dc.drsuapi.req.out.bind_handle		= &ctx->new_dc.drsuapi.bind_handle;
 
 	/* ctx->old_dc ...*/
@@ -187,6 +196,24 @@ static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credent
 		ret = False;
 	}
 
+	ZERO_STRUCT(b->peer_bind_info28);
+	if (b->req.out.bind_info) {
+		switch (b->req.out.bind_info->length) {
+		case 24: {
+			struct drsuapi_DsBindInfo24 *info24;
+			info24 = &b->req.out.bind_info->info.info24;
+			b->peer_bind_info28.supported_extensions= info24->supported_extensions;
+			b->peer_bind_info28.site_guid		= info24->site_guid;
+			b->peer_bind_info28.u1			= info24->u1;
+			b->peer_bind_info28.repl_epoch		= 0;
+			break;
+		}
+		case 28:
+			b->peer_bind_info28 = b->req.out.bind_info->info.info28;
+			break;
+		}
+	}
+
 	return ret;
 }
 
@@ -334,6 +361,7 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 	const char *partition = NULL;
 	struct drsuapi_DsGetNCChanges r;
 	struct drsuapi_DsReplicaObjectIdentifier nc;
+	struct drsuapi_DsGetNCChangesCtr1 *ctr1 = NULL;
 	struct drsuapi_DsGetNCChangesCtr6 *ctr6 = NULL;
 	int32_t out_level = 0;
 	struct GUID null_guid;
@@ -440,6 +468,12 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 		for (y=0; ;y++) {
 			ZERO_STRUCT(r.out);
 
+			if (r.in.level == 5) {
+				DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
+					r.in.req.req5.highwatermark.tmp_highest_usn,
+					r.in.req.req5.highwatermark.highest_usn));
+			}
+
 			if (r.in.level == 8) {
 				DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
 					r.in.req.req8.highwatermark.tmp_highest_usn,
@@ -459,6 +493,27 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 				ret = False;
 			}
 
+			if (ret == True && r.out.level == 1) {
+				out_level = 1;
+				ctr1 = &r.out.ctr.ctr1;
+			} else if (ret == True && r.out.level == 2) {
+				out_level = 1;
+				ctr1 = r.out.ctr.ctr2.ctr.mszip1.ctr1;
+			}
+
+			if (out_level == 1) {
+				DEBUG(0,("end[%d] tmp_highest_usn: %llu , highest_usn: %llu\n",y,
+					ctr1->new_highwatermark.tmp_highest_usn,
+					ctr1->new_highwatermark.highest_usn));
+
+				test_analyse_objects(ctx, ctr1->first_object);
+
+				if (ctr1->new_highwatermark.tmp_highest_usn > ctr1->new_highwatermark.highest_usn) {
+					r.in.req.req5.highwatermark = ctr1->new_highwatermark;
+					continue;
+				}
+			}
+
 			if (ret == True && r.out.level == 6) {
 				out_level = 6;
 				ctr6 = &r.out.ctr.ctr6;
-- 
cgit 


From b47e65692706e1d3b2388ea9d49990e692709574 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 19 Oct 2005 15:34:39 +0000
Subject: r11185: - resolve attid for "supplementalCredentials" into a name -
 print "supplementalCredentials" also when
 --option="dssync:print_pwd_blobs=yes"   is used

abartlet: this field may contain the krb5 keys...

metze
(This used to be commit 26c69348ca3ae10128df9832f8b4d9c1024631e2)
---
 source4/torture/rpc/dssync.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 4ae75d7add..25c4c3d3cb 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -331,6 +331,9 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 			case DRSUAPI_ATTRIBUTE_lmPwdHistory:
 				name	= "lmPwdHistory";
 				break;
+			case DRSUAPI_ATTRIBUTE_supplementalCredentials:
+				name	= "supplementalCredentials";
+				break;
 			default:
 				continue;
 			}
-- 
cgit 


From c1113796ebccf73c554d153c6c4d5b1ec16cb4bd Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 19 Oct 2005 16:30:02 +0000
Subject: r11187: in case the msDS-KeyVersionNumber is replicated (I didn't
 assume this...) show the string in the debug output, and show it with
 --option="dssync:print_pwd_blobs=yes"

metze
(This used to be commit 98c1e8e3df90c05691a12bb25357fd75da419c5c)
---
 source4/torture/rpc/dssync.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 25c4c3d3cb..9e9348283a 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -334,6 +334,9 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 			case DRSUAPI_ATTRIBUTE_supplementalCredentials:
 				name	= "supplementalCredentials";
 				break;
+			case DRSUAPI_ATTRIBUTE_msDS_KeyVersionNumber:
+				name	= "msDS-KeyVersionNumber";
+				break;
 			default:
 				continue;
 			}
-- 
cgit 


From 03d301ead5f702872b8cb948b8cd01b0fa0db5f7 Mon Sep 17 00:00:00 2001
From: Tim Potter <tpot@samba.org>
Date: Wed, 30 Nov 2005 02:08:15 +0000
Subject: r11967: Fix more 64-bit warnings. (This used to be commit
 9c4436a124f874ae240feaf590141d48c33a635f)

---
 source4/torture/rpc/dssync.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 9e9348283a..84d6c39b63 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -476,14 +476,14 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 
 			if (r.in.level == 5) {
 				DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
-					r.in.req.req5.highwatermark.tmp_highest_usn,
-					r.in.req.req5.highwatermark.highest_usn));
+					(long long)r.in.req.req5.highwatermark.tmp_highest_usn,
+					(long long)r.in.req.req5.highwatermark.highest_usn));
 			}
 
 			if (r.in.level == 8) {
 				DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
-					r.in.req.req8.highwatermark.tmp_highest_usn,
-					r.in.req.req8.highwatermark.highest_usn));
+					(long long)r.in.req.req8.highwatermark.tmp_highest_usn,
+					(long long)r.in.req.req8.highwatermark.highest_usn));
 			}
 
 			status = dcerpc_drsuapi_DsGetNCChanges(ctx->new_dc.drsuapi.pipe, ctx, &r);
@@ -509,8 +509,8 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 
 			if (out_level == 1) {
 				DEBUG(0,("end[%d] tmp_highest_usn: %llu , highest_usn: %llu\n",y,
-					ctr1->new_highwatermark.tmp_highest_usn,
-					ctr1->new_highwatermark.highest_usn));
+					(long long)ctr1->new_highwatermark.tmp_highest_usn,
+					(long long)ctr1->new_highwatermark.highest_usn));
 
 				test_analyse_objects(ctx, ctr1->first_object);
 
@@ -532,8 +532,8 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 
 			if (out_level == 6) {
 				DEBUG(0,("end[%d] tmp_highest_usn: %llu , highest_usn: %llu\n",y,
-					ctr6->new_highwatermark.tmp_highest_usn,
-					ctr6->new_highwatermark.highest_usn));
+					(long long)ctr6->new_highwatermark.tmp_highest_usn,
+					(long long)ctr6->new_highwatermark.highest_usn));
 
 				test_analyse_objects(ctx, ctr6->first_object);
 
-- 
cgit 


From b9b59fa7984c4f800c177a235a984e05d59f1ef8 Mon Sep 17 00:00:00 2001
From: Tim Potter <tpot@samba.org>
Date: Wed, 30 Nov 2005 03:20:25 +0000
Subject: r11968: More warning fixes.  We're on track to getting to double
 digits for the number of warnings generated now. (This used to be commit
 d479f2d7607adc698d71c5ba26932c72a26dcaab)

---
 source4/torture/rpc/dssync.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 84d6c39b63..8daba2438b 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -351,8 +351,8 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 				DEBUG(0,("DN: %s\n", dn));
 				dn_printed = True;
 			}
-			DEBUGADD(0,("ATTR: %s data_blob.length=%u\n",
-				    name, data->length));
+			DEBUGADD(0,("ATTR: %s data_blob.length=%lu\n",
+				    name, (long)data->length));
 			dump_data(0,data->data, data->length);
 		}
 	}
-- 
cgit 


From acd6a086b341096fcbea1775ce748587fcc8020a Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Tue, 27 Dec 2005 14:28:01 +0000
Subject: r12510: Change the DCE/RPC interfaces to take a pointer to a
 dcerpc_interface_table struct rather then a tuple of interface name, UUID and
 version.

This removes the requirement for having a global list of DCE/RPC interfaces,
except for these parts of the code that use that list explicitly
(ndrdump and the scanner torture test).

This should also allow us to remove the hack that put the authservice parameter
in the dcerpc_binding struct as it can now be read directly from
dcerpc_interface_table.

I will now modify some of these functions to take a dcerpc_syntax_id
structure rather then a full dcerpc_interface_table.
(This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
---
 source4/torture/rpc/dssync.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 8daba2438b..e28ff798a8 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -174,8 +174,7 @@ static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credent
 
 	status = dcerpc_pipe_connect_b(ctx,
 				       &b->pipe, ctx->drsuapi_binding, 
-				       DCERPC_DRSUAPI_UUID,
-				       DCERPC_DRSUAPI_VERSION,
+					   &dcerpc_table_drsuapi,
 				       credentials, event);
 	
 	if (!NT_STATUS_IS_OK(status)) {
-- 
cgit 


From d4de4c2d210d2e8c9b5aedf70695594809ad6a0b Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Fri, 30 Dec 2005 13:16:54 +0000
Subject: r12608: Remove some unused #include lines. (This used to be commit
 70e7449318aa0e9d2639c76730a7d1683b2f4981)

---
 source4/torture/rpc/dssync.c | 4 ----
 1 file changed, 4 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index e28ff798a8..4079afba15 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -23,12 +23,8 @@
 
 #include "includes.h"
 #include "lib/cmdline/popt_common.h"
-#include "libnet/libnet.h"
 #include "librpc/gen_ndr/ndr_drsuapi.h"
-#include "librpc/gen_ndr/ndr_samr.h"
-#include "libcli/ldap/ldap.h"
 #include "libcli/cldap/cldap.h"
-#include "ads.h"
 
 struct DsSyncBindInfo {
 	struct dcerpc_pipe *pipe;
-- 
cgit 


From 1a53c1dc927efbc6a594ed513feb9ab9247078e8 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Sat, 4 Feb 2006 14:08:24 +0000
Subject: r13346: use private proto header files for the torture tests

metze
(This used to be commit 67837dbd2bcff8ec1917ba02884ee2eaa0776b46)
---
 source4/torture/rpc/dssync.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 4079afba15..3731f19c61 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -25,6 +25,7 @@
 #include "lib/cmdline/popt_common.h"
 #include "librpc/gen_ndr/ndr_drsuapi.h"
 #include "libcli/cldap/cldap.h"
+#include "torture/ldap/proto.h"
 
 struct DsSyncBindInfo {
 	struct dcerpc_pipe *pipe;
-- 
cgit 


From eefe30b7d8e17ed744318417954669bacf2b3ac0 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Tue, 14 Mar 2006 15:02:05 +0000
Subject: r14379: Build torture/rpc/ as a seperate smbtorture module. Move
 helper functions for rpc out of torture/torture.c (This used to be commit
 1d2d970f3b8aef3f36c2befb94b5dd72c0086639)

---
 source4/torture/rpc/dssync.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 3731f19c61..d334f162bc 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -25,6 +25,7 @@
 #include "lib/cmdline/popt_common.h"
 #include "librpc/gen_ndr/ndr_drsuapi.h"
 #include "libcli/cldap/cldap.h"
+#include "libcli/ldap/ldap_client.h"
 #include "torture/ldap/proto.h"
 
 struct DsSyncBindInfo {
-- 
cgit 


From 1060f6b3f621cb70b075a879f129e57f10fdbf8a Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Tue, 14 Mar 2006 23:35:30 +0000
Subject: r14402: Generate seperate headers for RPC client functions. (This
 used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)

---
 source4/torture/rpc/dssync.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index d334f162bc..ac28e0e222 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -24,6 +24,7 @@
 #include "includes.h"
 #include "lib/cmdline/popt_common.h"
 #include "librpc/gen_ndr/ndr_drsuapi.h"
+#include "librpc/gen_ndr/ndr_drsuapi_c.h"
 #include "libcli/cldap/cldap.h"
 #include "libcli/ldap/ldap_client.h"
 #include "torture/ldap/proto.h"
-- 
cgit 


From 4f1c8daa36a7a0372c5fd9eab51f3c16ee81c49d Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Thu, 16 Mar 2006 12:43:28 +0000
Subject: r14470: Remove some unnecessary headers. (This used to be commit
 f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a)

---
 source4/torture/rpc/dssync.c | 1 -
 1 file changed, 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index ac28e0e222..695cbb4d53 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -23,7 +23,6 @@
 
 #include "includes.h"
 #include "lib/cmdline/popt_common.h"
-#include "librpc/gen_ndr/ndr_drsuapi.h"
 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
 #include "libcli/cldap/cldap.h"
 #include "libcli/ldap/ldap_client.h"
-- 
cgit 


From 909b111f587705a45f63540b39968f1af58a9b5d Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Sat, 25 Mar 2006 16:01:28 +0000
Subject: r14720: Add torture_context argument to all torture tests (This used
 to be commit 3c7a5ce29108dd82210dc3e1f00414f545949e1d)

---
 source4/torture/rpc/dssync.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 695cbb4d53..e74f4d8b5b 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -26,6 +26,7 @@
 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
 #include "libcli/cldap/cldap.h"
 #include "libcli/ldap/ldap_client.h"
+#include "torture/torture.h"
 #include "torture/ldap/proto.h"
 
 struct DsSyncBindInfo {
@@ -547,7 +548,7 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 	return ret;
 }
 
-BOOL torture_rpc_dssync(void)
+BOOL torture_rpc_dssync(struct torture_context *torture)
 {
 	BOOL ret = True;
 	TALLOC_CTX *mem_ctx;
-- 
cgit 


From a0ff937c5f752ebd8f338467314648963beccff0 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 7 Aug 2006 17:26:51 +0000
Subject: r17442: print out credentials on the "secret" objectClass and
 "trustedDomain" objectclass

metze
(This used to be commit af1efa0c790a86f68bd7f761b22478895bfdaaea)
---
 source4/torture/rpc/dssync.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index e74f4d8b5b..00a60c1f21 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -335,6 +335,24 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 			case DRSUAPI_ATTRIBUTE_msDS_KeyVersionNumber:
 				name	= "msDS-KeyVersionNumber";
 				break;
+			case DRSUAPI_ATTRIBUTE_priorValue:
+				name	= "priorValue";
+				break;
+			case DRSUAPI_ATTRIBUTE_currentValue:
+				name	= "currentValue";
+				break;
+			case DRSUAPI_ATTRIBUTE_trustAuthOutgoing:
+				name	= "trustAuthOutgoing";
+				break;
+			case DRSUAPI_ATTRIBUTE_trustAuthIncoming:
+				name	= "trustAuthIncoming";
+				break;
+			case DRSUAPI_ATTRIBUTE_initialAuthOutgoing:
+				name	= "initialAuthOutgoing";
+				break;
+			case DRSUAPI_ATTRIBUTE_initialAuthIncoming:
+				name	= "initialAuthIncoming";
+				break;
 			default:
 				continue;
 			}
-- 
cgit 


From 614e52764e2630656d6bf85da873b48458f73e95 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 23 Oct 2006 06:05:21 +0000
Subject: r19462: This isn't an encrypted attribute.

Andrew Bartlett
(This used to be commit 12765db714de9e0fed61e6616b3671d525ee3bef)
---
 source4/torture/rpc/dssync.c | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 00a60c1f21..0573d771af 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -332,9 +332,6 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 			case DRSUAPI_ATTRIBUTE_supplementalCredentials:
 				name	= "supplementalCredentials";
 				break;
-			case DRSUAPI_ATTRIBUTE_msDS_KeyVersionNumber:
-				name	= "msDS-KeyVersionNumber";
-				break;
 			case DRSUAPI_ATTRIBUTE_priorValue:
 				name	= "priorValue";
 				break;
-- 
cgit 


From 65a50f46c829240bc1c9c6d663d8e1f7a8320012 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 13 Nov 2006 19:12:47 +0000
Subject: r19699: - use better names for the site strings - use the client_site
 when creating the server object

metze
(This used to be commit b02d0e1be343c7d609715237dc842702b6fbe231)
---
 source4/torture/rpc/dssync.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 0573d771af..6db40daf69 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -284,8 +284,9 @@ static BOOL test_GetInfo(struct DsSyncTest *ctx)
 		ctx->site_name = talloc_asprintf(ctx, "%s", "Default-First-Site-Name");
 		printf("cldap_netlogon() returned %s. Defaulting to Site-Name: %s\n", errstr, ctx->site_name);		
 	} else {
-		ctx->site_name = talloc_steal(ctx, search.out.netlogon.logon5.site_name);
-		printf("cldap_netlogon() returned Site-Name: %s.\n",ctx->site_name);
+		ctx->site_name = talloc_steal(ctx, search.out.netlogon.logon5.client_site);
+		printf("cldap_netlogon() returned Client Site-Name: %s.\n",ctx->site_name);
+		printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.logon5.server_site);
 	}
 
 
-- 
cgit 


From 99c3d9c3713369abe50bb86e7cd3b9d2fdbba565 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 30 Nov 2006 11:18:18 +0000
Subject: r19967: this unknowns are max_object_count and max_ndr_size

metze
(This used to be commit 3e6264d872e4fc39a8e0712293492ad413345de9)
---
 source4/torture/rpc/dssync.c | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 6db40daf69..e00033154e 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -160,6 +160,8 @@ static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
 	ctx->new_dc.drsuapi.req.in.bind_info		= our_bind_info_ctr;
 	ctx->new_dc.drsuapi.req.out.bind_handle		= &ctx->new_dc.drsuapi.bind_handle;
 
+	ctx->new_dc.invocation_id			= ctx->new_dc.drsuapi.bind_guid;
+
 	/* ctx->old_dc ...*/
 
 	return ctx;
@@ -289,9 +291,6 @@ static BOOL test_GetInfo(struct DsSyncTest *ctx)
 		printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.logon5.server_site);
 	}
 
-
-	ctx->new_dc.invocation_id = GUID_random();
-
 	return ret;
 }
 
@@ -440,8 +439,8 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 									| DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS
 									| DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED
 									;
-			r.in.req.req5.unknown2				= 133;
-			r.in.req.req5.unknown3				= 1336770;
+			r.in.req.req5.max_object_count			= 133;
+			r.in.req.req5.max_ndr_size			= 1336770;
 			r.in.req.req5.unknown4				= 0;
 			r.in.req.req5.h1				= 0;
 
@@ -471,8 +470,8 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 									| DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS
 									| DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED
 									;
-			r.in.req.req8.unknown2				= 402;
-			r.in.req.req8.unknown3				= 402116;
+			r.in.req.req8.max_object_count			= 402;
+			r.in.req.req8.max_ndr_size			= 402116;
 
 			r.in.req.req8.unknown4				= 0;
 			r.in.req.req8.h1				= 0;
-- 
cgit 


From d3c9737e5b8da23165d65b42d37e16549a80ce70 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 8 Dec 2006 17:34:15 +0000
Subject: r20079: the 2nd guid is the source_dsa invocation_id not the
 objectGUID, this wasn't noticed because on the 1st dc in the forest both have
 the same value

metze
(This used to be commit 527bd9a0a361e19606e25e885b92da316e740bf9)
---
 source4/torture/rpc/dssync.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index e00033154e..f07df0f7ad 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -421,7 +421,7 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 			nc.dn	= partition; 
 
 			r.in.req.req5.destination_dsa_guid		= ctx->new_dc.invocation_id;
-			r.in.req.req5.source_dsa_guid			= null_guid;
+			r.in.req.req5.source_dsa_invocation_id		= null_guid;
 			r.in.req.req5.naming_context			= &nc;
 			r.in.req.req5.highwatermark.tmp_highest_usn	= highest_usn;
 			r.in.req.req5.highwatermark.reserved_usn	= 0;
@@ -452,7 +452,7 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 			/* nc.dn can be set to any other ad partition */
 			
 			r.in.req.req8.destination_dsa_guid		= ctx->new_dc.invocation_id;
-			r.in.req.req8.source_dsa_guid			= null_guid;
+			r.in.req.req8.source_dsa_invocation_id		= null_guid;
 			r.in.req.req8.naming_context			= &nc;
 			r.in.req.req8.highwatermark.tmp_highest_usn	= highest_usn;
 			r.in.req.req8.highwatermark.reserved_usn	= 0;
-- 
cgit 


From 88ef4672826f05bd357a805673337ec22708d681 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 19 Dec 2006 13:38:42 +0000
Subject: r20251: I found out that the oid-prefix to uint32-id-prefix mapping
 is transferred in replication replies, but I don't know the exact encoding.

for example the oids are transferred as:

2.5.4			=> uint8_t v[] = { 0x55, 0x04 };
2.5.5			=> uint8_t v[] = { 0x55, 0x05 };
2.5.6			=> uint8_t v[] = { 0x55, 0x06 };
2.5.18			=> uint8_t v[] = { 0x55, 0x12 };
2.5.20			=> uint8_t v[] = { 0x55, 0x14 };
2.5.21			=> uint8_t v[] = { 0x55, 0x15 };
1.2.840.113556.1.2	=> uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x02 };
1.2.840.113556.1.3	=> uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x03 };
1.2.840.113556.1.4	=> uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x04 };
1.2.840.113556.1.5	=> uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x05 };
1.2.840.113556.1.5.7000	=> uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x05, 0xb6, 0x58 };
1.2.840.113549.1.9	=> uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09 };
2.16.840.1.113730.3	=> uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03 };
2.16.840.1.113730.3.1	=> uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03, 0x01 };
2.16.840.1.113730.3.2	=> uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03, 0x02 };
0.9.2342.19200300.100.1	=> uint8_t v[] = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01 };
0.9.2342.19200300.100.4	=> uint8_t v[] = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04 };
1.3.6.1.4.1.250.1	=> uint8_t v[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x81, 0x7a, 0x01 };
1.3.6.1.4.1.1466.101.119=> uint8_t v[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x8b, 0x3a, 0x65, 0x77 };

if someone knows how the encoding works, please tell me:-)
I assume some ASN.1 encoding...

metze
(This used to be commit aa720a15319392fee5c532959192d0df5bf4c718)
---
 source4/torture/rpc/dssync.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index f07df0f7ad..312ba87f7e 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -477,8 +477,8 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 			r.in.req.req8.h1				= 0;
 			r.in.req.req8.unique_ptr1			= 0;
 			r.in.req.req8.unique_ptr2			= 0;
-			r.in.req.req8.ctr12.count			= 0;
-			r.in.req.req8.ctr12.array			= NULL;
+			r.in.req.req8.mapping_ctr.num_mappings		= 0;
+			r.in.req.req8.mapping_ctr.mappings		= NULL;
 
 			break;
 		}
-- 
cgit 


From 11196d0907654a5dfd9d1f65573fc0e096982ea7 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 28 Dec 2006 23:32:43 +0000
Subject: r20396: Missed one user of the renamed elements.

Andrew Bartlett
(This used to be commit a7c83eb7b8e000c51790a9eae67c59c04a4a877c)
---
 source4/torture/rpc/dssync.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 312ba87f7e..63d642b64a 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -252,8 +252,8 @@ static BOOL test_GetInfo(struct DsSyncTest *ctx)
 	
 	r.in.bind_handle		= &ctx->admin.drsuapi.bind_handle;
 	r.in.level			= 1;
-	r.in.req.req1.unknown1		= 0x000004e4;
-	r.in.req.req1.unknown2		= 0x00000407;
+	r.in.req.req1.codepage		= 1252; /* western european */
+	r.in.req.req1.language		= 0x00000407; /* german */
 	r.in.req.req1.count		= 1;
 	r.in.req.req1.names		= names;
 	r.in.req.req1.format_flags	= DRSUAPI_DS_NAME_FLAG_NO_FLAGS;		
-- 
cgit 


From 536ca21c55643a06e53053c2576697bf6abef2b0 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 3 Jan 2007 09:58:14 +0000
Subject: r20504: we handle the attribute values always as DATA_BLOB's and
 don't need the union with the attribute id as switch anymore

metze
(This used to be commit d47c81923d0731edd314215c6f0b2eb3d1ee252d)
---
 source4/torture/rpc/dssync.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 63d642b64a..972c2f1ecf 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -354,11 +354,11 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 				continue;
 			}
 
-			if (attr->value_ctr.data_blob.num_values != 1) continue;
+			if (attr->value_ctr.num_values != 1) continue;
 
-			if (!attr->value_ctr.data_blob.values[0].data) continue;
+			if (!attr->value_ctr.values[0].blob) continue;
 
-			data = attr->value_ctr.data_blob.values[0].data;
+			data = attr->value_ctr.values[0].blob;
 
 			if (!dn_printed) {
 				DEBUG(0,("DN: %s\n", dn));
-- 
cgit 


From 57f5bf78fa9fc9d190c3cb25251e686a1488f790 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 3 Jan 2007 19:09:34 +0000
Subject: r20514: implement idl for DsGetNT4ChangeLog() which transferres the
 meta data for NT4 DC's in mixed mode domains.

This call is triggered by tranferring the PDC FSMO Role to another DC

the real meta data is encoded in the user buffer which is just a DATA_BLOB in idl

metze
(This used to be commit d883815c8d64429e4dac26a93a15e67d31dc263e)
---
 source4/torture/rpc/dssync.c | 59 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 972c2f1ecf..a4167b3dc3 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -563,6 +563,64 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 	return ret;
 }
 
+static BOOL test_FetchNT4Data(struct DsSyncTest *ctx)
+{
+	NTSTATUS status;
+	BOOL ret = True;
+	int i, y = 0;
+	uint64_t highest_usn = 0;
+	const char *partition = NULL;
+	struct drsuapi_DsGetNT4ChangeLog r;
+	int32_t out_level = 0;
+	struct GUID null_guid;
+	struct dom_sid null_sid;
+	DATA_BLOB cookie;
+
+	ZERO_STRUCT(null_guid);
+	ZERO_STRUCT(null_sid);
+	ZERO_STRUCT(cookie);
+
+	ZERO_STRUCT(r);
+	r.in.bind_handle	= &ctx->new_dc.drsuapi.bind_handle;
+	r.in.level		= 1;
+
+	r.in.req.req1.unknown1	= lp_parm_int(-1, "dssync", "nt4-1", 3);
+	r.in.req.req1.unknown2	= lp_parm_int(-1, "dssync", "nt4-2", 0x00004000);
+
+	while (1) {
+		r.in.req.req1.length	= cookie.length;
+		r.in.req.req1.data	= cookie.data;
+
+		status = dcerpc_drsuapi_DsGetNT4ChangeLog(ctx->new_dc.drsuapi.pipe, ctx, &r);
+		if (!NT_STATUS_IS_OK(status)) {
+			const char *errstr = nt_errstr(status);
+			if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
+				errstr = dcerpc_errstr(ctx, ctx->new_dc.drsuapi.pipe->last_fault_code);
+			}
+			printf("dcerpc_drsuapi_DsGetNT4ChangeLog failed - %s\n", errstr);
+			ret = False;
+		} else if (!W_ERROR_IS_OK(r.out.result)) {
+			printf("DsGetNT4ChangeLog failed - %s\n", win_errstr(r.out.result));
+			ret = False;
+		} else if (r.out.level != 1) {
+			printf("DsGetNT4ChangeLog unknown level - %u\n", r.out.level);
+			ret = False;
+		} else if (NT_STATUS_IS_OK(r.out.info.info1.status)) {
+		} else if (NT_STATUS_EQUAL(r.out.info.info1.status, STATUS_MORE_ENTRIES)) {
+			cookie.length	= r.out.info.info1.length1;
+			cookie.data	= r.out.info.info1.data1;
+			continue;
+		} else {
+			printf("DsGetNT4ChangeLog failed - %s\n", nt_errstr(r.out.info.info1.status));
+			ret = False;
+		}
+
+		break;
+	}
+
+	return ret;
+}
+
 BOOL torture_rpc_dssync(struct torture_context *torture)
 {
 	BOOL ret = True;
@@ -577,6 +635,7 @@ BOOL torture_rpc_dssync(struct torture_context *torture)
 	ret &= test_GetInfo(ctx);
 	ret &= _test_DsBind(ctx, ctx->admin.credentials, &ctx->new_dc.drsuapi);
 	ret &= test_FetchData(ctx);
+	ret &= test_FetchNT4Data(ctx);
 
 	return ret;
 }
-- 
cgit 


From e8d2437cd570d8cbfaca7c07305831c29e260450 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Thu, 11 Jan 2007 04:12:35 +0000
Subject: r20676: Add ref pointer to fix warning. (This used to be commit
 1afcf850679b6752935455a8f9198679649922b8)

---
 source4/torture/rpc/dssync.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index a4167b3dc3..b86b746816 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -412,9 +412,9 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 			array[i].level);
 
 		r.in.bind_handle	= &ctx->new_dc.drsuapi.bind_handle;
-		r.in.level		= array[i].level;
+		r.in.level		= &array[i].level;
 
-		switch (r.in.level) {
+		switch (*r.in.level) {
 		case 5:
 			nc.guid	= null_guid;
 			nc.sid	= null_sid;
@@ -487,13 +487,13 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 		for (y=0; ;y++) {
 			ZERO_STRUCT(r.out);
 
-			if (r.in.level == 5) {
+			if (*r.in.level == 5) {
 				DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
 					(long long)r.in.req.req5.highwatermark.tmp_highest_usn,
 					(long long)r.in.req.req5.highwatermark.highest_usn));
 			}
 
-			if (r.in.level == 8) {
+			if (*r.in.level == 8) {
 				DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
 					(long long)r.in.req.req8.highwatermark.tmp_highest_usn,
 					(long long)r.in.req.req8.highwatermark.highest_usn));
@@ -512,10 +512,10 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 				ret = False;
 			}
 
-			if (ret == True && r.out.level == 1) {
+			if (ret == True && *r.out.level == 1) {
 				out_level = 1;
 				ctr1 = &r.out.ctr.ctr1;
-			} else if (ret == True && r.out.level == 2) {
+			} else if (ret == True && *r.out.level == 2) {
 				out_level = 1;
 				ctr1 = r.out.ctr.ctr2.ctr.mszip1.ctr1;
 			}
@@ -533,10 +533,10 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 				}
 			}
 
-			if (ret == True && r.out.level == 6) {
+			if (ret == True && *r.out.level == 6) {
 				out_level = 6;
 				ctr6 = &r.out.ctr.ctr6;
-			} else if (ret == True && r.out.level == 7
+			} else if (ret == True && *r.out.level == 7
 				   && r.out.ctr.ctr7.level == 6
 				   && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP) {
 				out_level = 6;
-- 
cgit 


From 03640456e6421d7ff409cd33c811d419f3c94a72 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 8 Feb 2007 09:10:59 +0000
Subject: r21235: fix crash bug

metze
(This used to be commit 29c44957a0ea16af3e5e3717d2cb0c9180d394c2)
---
 source4/torture/rpc/dssync.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index b86b746816..90fe2bcfe1 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -485,7 +485,9 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 		
 		printf("Dumping AD partition: %s\n", nc.dn);
 		for (y=0; ;y++) {
+			int32_t _level = 0;
 			ZERO_STRUCT(r.out);
+			r.out.level = &_level;
 
 			if (*r.in.level == 5) {
 				DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
-- 
cgit 


From 08de2da4ea6f58467343afb8cac843fa3835e573 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 8 Feb 2007 10:44:54 +0000
Subject: r21236: store and orint the dcerpc session key, gensec session key
 and user nthash values for each drsuapi connection in RPC-DSSYNC

metze
(This used to be commit df74c4a88108bd4387d9be4f64619c46c23493e6)
---
 source4/torture/rpc/dssync.c | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 90fe2bcfe1..ee2d265cd7 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -28,6 +28,11 @@
 #include "libcli/ldap/ldap_client.h"
 #include "torture/torture.h"
 #include "torture/ldap/proto.h"
+#include "libcli/auth/libcli_auth.h"
+#include "lib/crypto/crypto.h"
+#include "auth/credentials/credentials.h"
+#include "libcli/auth/libcli_auth.h"
+#include "auth/gensec/gensec.h"
 
 struct DsSyncBindInfo {
 	struct dcerpc_pipe *pipe;
@@ -37,6 +42,9 @@ struct DsSyncBindInfo {
 	struct drsuapi_DsBindInfo28 our_bind_info28;
 	struct drsuapi_DsBindInfo28 peer_bind_info28;
 	struct policy_handle bind_handle;
+	DATA_BLOB dce_key;
+	DATA_BLOB gen_key;
+	struct samr_Password nthash;
 };
 
 struct DsSyncLDAPInfo {
@@ -113,6 +121,7 @@ static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
 	ctx->admin.drsuapi.req.out.bind_handle		= &ctx->admin.drsuapi.bind_handle;
 
 	/* ctx->new_dc ...*/
+	ctx->new_dc.credentials			= cmdline_credentials;
 
 	our_bind_info28				= &ctx->new_dc.drsuapi.our_bind_info28;
 	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_BASE;
@@ -172,6 +181,7 @@ static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credent
 	NTSTATUS status;
 	BOOL ret = True;
 	struct event_context *event = NULL;
+	const struct samr_Password *nthash;
 
 	status = dcerpc_pipe_connect_b(ctx,
 				       &b->pipe, ctx->drsuapi_binding, 
@@ -214,6 +224,20 @@ static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credent
 		}
 	}
 
+	dcerpc_fetch_session_key(b->pipe, &b->dce_key);
+	gensec_session_key(b->pipe->conn->security_state.generic_state, &b->gen_key);
+	nthash = cli_credentials_get_nt_hash(credentials, NULL);
+	if (nthash) b->nthash = *nthash;
+
+	if (lp_parm_bool(-1,"dssync","print_pwd_blobs",False)) {
+		DEBUG(0,("DCERPC session key:\n"));
+		dump_data(0, b->dce_key.data, b->dce_key.length);
+		DEBUG(0,("GENSEC session key:\n"));
+		dump_data(0, b->gen_key.data, b->gen_key.length);
+		DEBUG(0,("CREDENTIALS nthash:\n"));
+		dump_data(0, b->nthash.hash, sizeof(b->nthash.hash));
+	}
+
 	return ret;
 }
 
@@ -635,7 +659,7 @@ BOOL torture_rpc_dssync(struct torture_context *torture)
 	ret &= _test_DsBind(ctx, ctx->admin.credentials, &ctx->admin.drsuapi);
 	ret &= test_LDAPBind(ctx, ctx->admin.credentials, &ctx->admin.ldap);
 	ret &= test_GetInfo(ctx);
-	ret &= _test_DsBind(ctx, ctx->admin.credentials, &ctx->new_dc.drsuapi);
+	ret &= _test_DsBind(ctx, ctx->new_dc.credentials, &ctx->new_dc.drsuapi);
 	ret &= test_FetchData(ctx);
 	ret &= test_FetchNT4Data(ctx);
 
-- 
cgit 


From cf123e67d5ad162d6225a2ab5d7b252cf6333784 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 8 Feb 2007 18:15:44 +0000
Subject: r21242: prepare trying to decrypt the encrypted attributes

metze
(This used to be commit 65a55c8fdecbc212ba2fc2a01c580f30dcc7b54a)
---
 source4/torture/rpc/dssync.c | 33 ++++++++++++++++++++++++++++-----
 1 file changed, 28 insertions(+), 5 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index ee2d265cd7..ac63d57f05 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -318,6 +318,15 @@ static BOOL test_GetInfo(struct DsSyncTest *ctx)
 	return ret;
 }
 
+static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
+			      struct DsSyncBindInfo *b,
+			      struct drsuapi_DsReplicaObjectIdentifier *id,
+			      uint32_t rid,
+			      const DATA_BLOB *buffer)
+{
+	return data_blob(NULL,0);
+}
+
 static void test_analyse_objects(struct DsSyncTest *ctx,
 				 struct drsuapi_DsReplicaObjectListItemEx *cur)
 {
@@ -327,16 +336,23 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 
 	for (; cur; cur = cur->next_object) {
 		const char *dn;
+		struct dom_sid *sid = NULL;
+		uint32_t rid = 0;
 		BOOL dn_printed = False;
 		uint32_t i;
 
 		if (!cur->object.identifier) continue;
 
 		dn = cur->object.identifier->dn;
+		if (cur->object.identifier->sid.num_auths > 0) {
+			sid = &cur->object.identifier->sid;
+			rid = sid->sub_auths[sid->num_auths - 1];
+		}
 
 		for (i=0; i < cur->object.attribute_ctr.num_attributes; i++) {
 			const char *name = NULL;
-			DATA_BLOB *data = NULL;
+			DATA_BLOB *enc_data = NULL;
+			DATA_BLOB plain_data;
 			struct drsuapi_DsReplicaAttribute *attr;
 			attr = &cur->object.attribute_ctr.attributes[i];
 
@@ -382,15 +398,22 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 
 			if (!attr->value_ctr.values[0].blob) continue;
 
-			data = attr->value_ctr.values[0].blob;
+			enc_data = attr->value_ctr.values[0].blob;
+			ZERO_STRUCT(plain_data);
 
+			plain_data = decrypt_blob(ctx, &ctx->new_dc.drsuapi,
+						  cur->object.identifier, rid,
+						  enc_data);
 			if (!dn_printed) {
 				DEBUG(0,("DN: %s\n", dn));
 				dn_printed = True;
 			}
-			DEBUGADD(0,("ATTR: %s data_blob.length=%lu\n",
-				    name, (long)data->length));
-			dump_data(0,data->data, data->length);
+			DEBUGADD(0,("ATTR: %s enc.length=%lu plain.length=%lu\n",
+				    name, (long)enc_data->length, (long)plain_data.length));
+			dump_data(0, enc_data->data, enc_data->length);
+			if (plain_data.length) {
+				dump_data(0, plain_data.data, plain_data.length);
+			}
 		}
 	}
 }
-- 
cgit 


From 2bf68b496409a6962b4fadb2a219f30c22cb5680 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 8 Feb 2007 18:23:32 +0000
Subject: r21243: create the infrastructure to test a lot of crypto
 combinations to solve the drsuapi password encryption automaticly.

metze
(This used to be commit 7b331b95bf43384e571ecc88ac827f46acd8c20c)
---
 source4/torture/rpc/dssync.c | 249 ++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 248 insertions(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index ac63d57f05..81ebc63d94 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -318,13 +318,260 @@ static BOOL test_GetInfo(struct DsSyncTest *ctx)
 	return ret;
 }
 
+static void choose_confounder_v01(TALLOC_CTX *mem_ctx,
+				  struct DsSyncBindInfo *b,
+				  struct drsuapi_DsReplicaObjectIdentifier *id,
+				  uint32_t rid,
+				  const DATA_BLOB *buffer,
+				  uint32_t confounder_len,
+				  DATA_BLOB *confounder,
+				  DATA_BLOB *enc_buffer)
+{
+	*confounder = data_blob_talloc(mem_ctx, buffer->data, confounder_len);
+	*enc_buffer = data_blob_talloc(mem_ctx, buffer->data+confounder_len, buffer->length - confounder_len);
+}
+
+static void choose_confounder_v02(TALLOC_CTX *mem_ctx,
+				  struct DsSyncBindInfo *b,
+				  struct drsuapi_DsReplicaObjectIdentifier *id,
+				  uint32_t rid,
+				  const DATA_BLOB *buffer,
+				  uint32_t confounder_len,
+				  DATA_BLOB *confounder,
+				  DATA_BLOB *enc_buffer)
+{
+	*confounder = data_blob_talloc(mem_ctx, buffer->data + buffer->length - confounder_len, confounder_len);
+	*enc_buffer = data_blob_talloc(mem_ctx, buffer->data, buffer->length - confounder_len);
+}
+
+static const struct {
+	uint32_t len;
+	void (*fn)(TALLOC_CTX *mem_ctx,
+		   struct DsSyncBindInfo *b,
+		   struct drsuapi_DsReplicaObjectIdentifier *id,
+		   uint32_t rid,
+		   const DATA_BLOB *buffer,
+		   uint32_t confounder_len,
+		   DATA_BLOB *confounder,
+		   DATA_BLOB *enc_buffer);
+} choose_confounder_fns[] = {
+	{
+		.len	= 4,
+		.fn	= choose_confounder_v01,
+	},
+	{
+		.len	= 8,
+		.fn	= choose_confounder_v01,
+	},
+	{
+		.len	= 12,
+		.fn	= choose_confounder_v01,
+	},
+	{
+		.len	= 16,
+		.fn	= choose_confounder_v01,
+	},
+	{
+		.len	= 4,
+		.fn	= choose_confounder_v02,
+	},
+	{
+		.len	= 8,
+		.fn	= choose_confounder_v02,
+	},
+	{
+		.len	= 12,
+		.fn	= choose_confounder_v02,
+	},
+	{
+		.len	= 16,
+		.fn	= choose_confounder_v02,
+	},
+};
+
+static void choose_session_key_v01(TALLOC_CTX *mem_ctx,
+				   struct DsSyncBindInfo *b,
+				   struct drsuapi_DsReplicaObjectIdentifier *id,
+				   uint32_t rid,
+				   const DATA_BLOB *buffer,
+				   DATA_BLOB *session_key)
+{
+	*session_key = data_blob_talloc(mem_ctx, b->dce_key.data, b->dce_key.length);
+}
+
+static void choose_session_key_v02(TALLOC_CTX *mem_ctx,
+				   struct DsSyncBindInfo *b,
+				   struct drsuapi_DsReplicaObjectIdentifier *id,
+				   uint32_t rid,
+				   const DATA_BLOB *buffer,
+				   DATA_BLOB *session_key)
+{
+	*session_key = data_blob_talloc(mem_ctx, b->gen_key.data, b->gen_key.length);
+}
+
+static const struct {
+	void (*fn)(TALLOC_CTX *mem_ctx,
+		   struct DsSyncBindInfo *b,
+		   struct drsuapi_DsReplicaObjectIdentifier *id,
+		   uint32_t rid,
+		   const DATA_BLOB *buffer,
+		   DATA_BLOB *session_key);
+} choose_session_key_fns[] = {
+	{
+		.fn	= choose_session_key_v01,
+	},
+	{
+		.fn	= choose_session_key_v02,
+	},
+};
+
+static void create_enc_key_v01(TALLOC_CTX *mem_ctx,
+			       struct DsSyncBindInfo *b,
+			       struct drsuapi_DsReplicaObjectIdentifier *id,
+			       uint32_t rid,
+			       const DATA_BLOB *buffer,
+			       const DATA_BLOB *confounder,
+			       const DATA_BLOB *session_key,
+			       DATA_BLOB *_enc_key)
+{
+	struct MD5Context md5;
+	DATA_BLOB enc_key;
+
+	enc_key = data_blob_talloc(mem_ctx, NULL, 16);
+	MD5Init(&md5);
+	MD5Update(&md5, confounder->data, confounder->length);
+	MD5Update(&md5, session_key->data, session_key->length);
+	MD5Final(enc_key.data, &md5);
+
+	*_enc_key = enc_key;
+}
+
+static void create_enc_key_v02(TALLOC_CTX *mem_ctx,
+			       struct DsSyncBindInfo *b,
+			       struct drsuapi_DsReplicaObjectIdentifier *id,
+			       uint32_t rid,
+			       const DATA_BLOB *buffer,
+			       const DATA_BLOB *confounder,
+			       const DATA_BLOB *session_key,
+			       DATA_BLOB *_enc_key)
+{
+	struct MD5Context md5;
+	DATA_BLOB enc_key;
+
+	enc_key = data_blob_talloc(mem_ctx, NULL, 16);
+	MD5Init(&md5);
+	MD5Update(&md5, session_key->data, session_key->length);
+	MD5Update(&md5, confounder->data, confounder->length);
+	MD5Final(enc_key.data, &md5);
+
+	*_enc_key = enc_key;
+}
+
+static const struct {
+	void (*fn)(TALLOC_CTX *mem_ctx,
+		   struct DsSyncBindInfo *b,
+		   struct drsuapi_DsReplicaObjectIdentifier *id,
+		   uint32_t rid,
+		   const DATA_BLOB *buffer,
+		   const DATA_BLOB *confounder,
+		   const DATA_BLOB *session_key,
+		   DATA_BLOB *_enc_key);
+} create_enc_key_fns[] = {
+	{
+		.fn	= create_enc_key_v01,
+	},
+	{
+		.fn	= create_enc_key_v02,
+	},
+};
+
+static void do_decryption_v01(TALLOC_CTX *mem_ctx,
+			      struct DsSyncBindInfo *b,
+			      struct drsuapi_DsReplicaObjectIdentifier *id,
+			      uint32_t rid,
+			      const DATA_BLOB *buffer,
+			      const DATA_BLOB *enc_key,
+			      const DATA_BLOB *enc_buffer,
+			      DATA_BLOB *_plain_buffer)
+{
+	DATA_BLOB plain_buffer;
+
+	plain_buffer = data_blob_talloc(mem_ctx, enc_buffer->data, enc_buffer->length);
+
+	arcfour_crypt_blob(plain_buffer.data, plain_buffer.length, enc_buffer);
+
+	*_plain_buffer = plain_buffer;
+}
+
+static const struct {
+	void (*fn)(TALLOC_CTX *mem_ctx,
+		   struct DsSyncBindInfo *b,
+		   struct drsuapi_DsReplicaObjectIdentifier *id,
+		   uint32_t rid,
+		   const DATA_BLOB *buffer,
+		   const DATA_BLOB *enc_key,
+		   const DATA_BLOB *enc_buffer,
+		   DATA_BLOB *plain_buffer);
+} do_decryption_fns[] = {
+	{
+		.fn	= do_decryption_v01,
+	},
+};
+
 static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 			      struct DsSyncBindInfo *b,
 			      struct drsuapi_DsReplicaObjectIdentifier *id,
 			      uint32_t rid,
 			      const DATA_BLOB *buffer)
 {
-	return data_blob(NULL,0);
+	uint32_t conf_i;
+	uint32_t skey_i;
+	uint32_t ekey_i;
+	uint32_t crypt_i;
+
+
+	for (conf_i = 0; conf_i < ARRAY_SIZE(choose_confounder_fns); conf_i++) {
+		DATA_BLOB confounder;
+		DATA_BLOB enc_buffer;
+
+		choose_confounder_fns[conf_i].fn(mem_ctx, b, id, rid, buffer,
+						 choose_confounder_fns[conf_i].len,
+						 &confounder, &enc_buffer);
+
+		for (skey_i = 0; skey_i < ARRAY_SIZE(choose_session_key_fns); skey_i++) {
+			DATA_BLOB session_key;
+
+			choose_session_key_fns[skey_i].fn(mem_ctx, b, id, rid, buffer,
+							  &session_key);
+
+			for (ekey_i = 0; ekey_i < ARRAY_SIZE(create_enc_key_fns); ekey_i++) {
+				DATA_BLOB enc_key;
+
+				create_enc_key_fns[ekey_i].fn(mem_ctx, b, id, rid, buffer,
+							      &confounder, &session_key,
+							      &enc_key);
+
+				for (crypt_i = 0; crypt_i < ARRAY_SIZE(do_decryption_fns); crypt_i++) {
+					DATA_BLOB plain_buffer;
+
+					do_decryption_fns[crypt_i].fn(mem_ctx, b, id, rid, buffer,
+								      &enc_key, &enc_buffer,
+								      &plain_buffer);
+
+					DEBUGADD(0,("c[%u] s[%u] e[%u] d[%u] len[%u]:\n",
+						 conf_i, skey_i, ekey_i, crypt_i,
+						 plain_buffer.length));
+					dump_data(0, confounder.data, confounder.length);
+					dump_data(0, session_key.data, session_key.length);
+					dump_data(0, enc_key.data, enc_key.length);
+					dump_data(0, enc_buffer.data, enc_buffer.length);
+					dump_data(0, plain_buffer.data, plain_buffer.length);
+				}
+			}
+		}
+	}
+
+	return data_blob(NULL, 0);
 }
 
 static void test_analyse_objects(struct DsSyncTest *ctx,
-- 
cgit 


From f7959890d4e0e91f6e11cd1d2d0a209bca098800 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 8 Feb 2007 18:24:48 +0000
Subject: r21244: fix typo...

I was wondering why I got allways 4 times the same decrypted buffer...

metze
(This used to be commit ba168479d5c5710de4252d9b8970ab41b7979411)
---
 source4/torture/rpc/dssync.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 81ebc63d94..9f171c4a00 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -498,7 +498,7 @@ static void do_decryption_v01(TALLOC_CTX *mem_ctx,
 
 	plain_buffer = data_blob_talloc(mem_ctx, enc_buffer->data, enc_buffer->length);
 
-	arcfour_crypt_blob(plain_buffer.data, plain_buffer.length, enc_buffer);
+	arcfour_crypt_blob(plain_buffer.data, plain_buffer.length, enc_key);
 
 	*_plain_buffer = plain_buffer;
 }
-- 
cgit 


From 2d3eea45312f3cb0121ea403eb5a809a4e6c062e Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 8 Feb 2007 19:40:54 +0000
Subject: r21245: combination "c[3] s[1] e[1] d[0]..." was
 successful!!!!!!!!!!!!!!!!!!!!!!!!!!

we now support the session depended password attribute encryption
used in DsGetNCChanges()

the static encryption (something like sam_rid_crypt() is assumed for some attributes
and the format of the attribute values isn't known yet, but some contain
some unicode strings...

metze
(This used to be commit daee739ebba38e54fbdbd7e53d16fd30bc0dd54e)
---
 source4/torture/rpc/dssync.c | 341 ++++++++++---------------------------------
 1 file changed, 75 insertions(+), 266 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 9f171c4a00..79172e366c 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -42,9 +42,6 @@ struct DsSyncBindInfo {
 	struct drsuapi_DsBindInfo28 our_bind_info28;
 	struct drsuapi_DsBindInfo28 peer_bind_info28;
 	struct policy_handle bind_handle;
-	DATA_BLOB dce_key;
-	DATA_BLOB gen_key;
-	struct samr_Password nthash;
 };
 
 struct DsSyncLDAPInfo {
@@ -181,11 +178,10 @@ static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credent
 	NTSTATUS status;
 	BOOL ret = True;
 	struct event_context *event = NULL;
-	const struct samr_Password *nthash;
 
 	status = dcerpc_pipe_connect_b(ctx,
 				       &b->pipe, ctx->drsuapi_binding, 
-					   &dcerpc_table_drsuapi,
+				       &dcerpc_table_drsuapi,
 				       credentials, event);
 	
 	if (!NT_STATUS_IS_OK(status)) {
@@ -224,20 +220,6 @@ static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credent
 		}
 	}
 
-	dcerpc_fetch_session_key(b->pipe, &b->dce_key);
-	gensec_session_key(b->pipe->conn->security_state.generic_state, &b->gen_key);
-	nthash = cli_credentials_get_nt_hash(credentials, NULL);
-	if (nthash) b->nthash = *nthash;
-
-	if (lp_parm_bool(-1,"dssync","print_pwd_blobs",False)) {
-		DEBUG(0,("DCERPC session key:\n"));
-		dump_data(0, b->dce_key.data, b->dce_key.length);
-		DEBUG(0,("GENSEC session key:\n"));
-		dump_data(0, b->gen_key.data, b->gen_key.length);
-		DEBUG(0,("CREDENTIALS nthash:\n"));
-		dump_data(0, b->nthash.hash, sizeof(b->nthash.hash));
-	}
-
 	return ret;
 }
 
@@ -318,263 +300,81 @@ static BOOL test_GetInfo(struct DsSyncTest *ctx)
 	return ret;
 }
 
-static void choose_confounder_v01(TALLOC_CTX *mem_ctx,
-				  struct DsSyncBindInfo *b,
-				  struct drsuapi_DsReplicaObjectIdentifier *id,
-				  uint32_t rid,
-				  const DATA_BLOB *buffer,
-				  uint32_t confounder_len,
-				  DATA_BLOB *confounder,
-				  DATA_BLOB *enc_buffer)
-{
-	*confounder = data_blob_talloc(mem_ctx, buffer->data, confounder_len);
-	*enc_buffer = data_blob_talloc(mem_ctx, buffer->data+confounder_len, buffer->length - confounder_len);
-}
-
-static void choose_confounder_v02(TALLOC_CTX *mem_ctx,
-				  struct DsSyncBindInfo *b,
-				  struct drsuapi_DsReplicaObjectIdentifier *id,
-				  uint32_t rid,
-				  const DATA_BLOB *buffer,
-				  uint32_t confounder_len,
-				  DATA_BLOB *confounder,
-				  DATA_BLOB *enc_buffer)
-{
-	*confounder = data_blob_talloc(mem_ctx, buffer->data + buffer->length - confounder_len, confounder_len);
-	*enc_buffer = data_blob_talloc(mem_ctx, buffer->data, buffer->length - confounder_len);
-}
-
-static const struct {
-	uint32_t len;
-	void (*fn)(TALLOC_CTX *mem_ctx,
-		   struct DsSyncBindInfo *b,
-		   struct drsuapi_DsReplicaObjectIdentifier *id,
-		   uint32_t rid,
-		   const DATA_BLOB *buffer,
-		   uint32_t confounder_len,
-		   DATA_BLOB *confounder,
-		   DATA_BLOB *enc_buffer);
-} choose_confounder_fns[] = {
-	{
-		.len	= 4,
-		.fn	= choose_confounder_v01,
-	},
-	{
-		.len	= 8,
-		.fn	= choose_confounder_v01,
-	},
-	{
-		.len	= 12,
-		.fn	= choose_confounder_v01,
-	},
-	{
-		.len	= 16,
-		.fn	= choose_confounder_v01,
-	},
-	{
-		.len	= 4,
-		.fn	= choose_confounder_v02,
-	},
-	{
-		.len	= 8,
-		.fn	= choose_confounder_v02,
-	},
-	{
-		.len	= 12,
-		.fn	= choose_confounder_v02,
-	},
-	{
-		.len	= 16,
-		.fn	= choose_confounder_v02,
-	},
-};
-
-static void choose_session_key_v01(TALLOC_CTX *mem_ctx,
-				   struct DsSyncBindInfo *b,
-				   struct drsuapi_DsReplicaObjectIdentifier *id,
-				   uint32_t rid,
-				   const DATA_BLOB *buffer,
-				   DATA_BLOB *session_key)
-{
-	*session_key = data_blob_talloc(mem_ctx, b->dce_key.data, b->dce_key.length);
-}
-
-static void choose_session_key_v02(TALLOC_CTX *mem_ctx,
-				   struct DsSyncBindInfo *b,
-				   struct drsuapi_DsReplicaObjectIdentifier *id,
-				   uint32_t rid,
-				   const DATA_BLOB *buffer,
-				   DATA_BLOB *session_key)
-{
-	*session_key = data_blob_talloc(mem_ctx, b->gen_key.data, b->gen_key.length);
-}
-
-static const struct {
-	void (*fn)(TALLOC_CTX *mem_ctx,
-		   struct DsSyncBindInfo *b,
-		   struct drsuapi_DsReplicaObjectIdentifier *id,
-		   uint32_t rid,
-		   const DATA_BLOB *buffer,
-		   DATA_BLOB *session_key);
-} choose_session_key_fns[] = {
-	{
-		.fn	= choose_session_key_v01,
-	},
-	{
-		.fn	= choose_session_key_v02,
-	},
-};
-
-static void create_enc_key_v01(TALLOC_CTX *mem_ctx,
-			       struct DsSyncBindInfo *b,
-			       struct drsuapi_DsReplicaObjectIdentifier *id,
-			       uint32_t rid,
-			       const DATA_BLOB *buffer,
-			       const DATA_BLOB *confounder,
-			       const DATA_BLOB *session_key,
-			       DATA_BLOB *_enc_key)
-{
-	struct MD5Context md5;
-	DATA_BLOB enc_key;
-
-	enc_key = data_blob_talloc(mem_ctx, NULL, 16);
-	MD5Init(&md5);
-	MD5Update(&md5, confounder->data, confounder->length);
-	MD5Update(&md5, session_key->data, session_key->length);
-	MD5Final(enc_key.data, &md5);
-
-	*_enc_key = enc_key;
-}
-
-static void create_enc_key_v02(TALLOC_CTX *mem_ctx,
-			       struct DsSyncBindInfo *b,
-			       struct drsuapi_DsReplicaObjectIdentifier *id,
-			       uint32_t rid,
-			       const DATA_BLOB *buffer,
-			       const DATA_BLOB *confounder,
-			       const DATA_BLOB *session_key,
-			       DATA_BLOB *_enc_key)
-{
-	struct MD5Context md5;
-	DATA_BLOB enc_key;
-
-	enc_key = data_blob_talloc(mem_ctx, NULL, 16);
-	MD5Init(&md5);
-	MD5Update(&md5, session_key->data, session_key->length);
-	MD5Update(&md5, confounder->data, confounder->length);
-	MD5Final(enc_key.data, &md5);
-
-	*_enc_key = enc_key;
-}
-
-static const struct {
-	void (*fn)(TALLOC_CTX *mem_ctx,
-		   struct DsSyncBindInfo *b,
-		   struct drsuapi_DsReplicaObjectIdentifier *id,
-		   uint32_t rid,
-		   const DATA_BLOB *buffer,
-		   const DATA_BLOB *confounder,
-		   const DATA_BLOB *session_key,
-		   DATA_BLOB *_enc_key);
-} create_enc_key_fns[] = {
-	{
-		.fn	= create_enc_key_v01,
-	},
-	{
-		.fn	= create_enc_key_v02,
-	},
-};
-
-static void do_decryption_v01(TALLOC_CTX *mem_ctx,
-			      struct DsSyncBindInfo *b,
-			      struct drsuapi_DsReplicaObjectIdentifier *id,
-			      uint32_t rid,
-			      const DATA_BLOB *buffer,
-			      const DATA_BLOB *enc_key,
-			      const DATA_BLOB *enc_buffer,
-			      DATA_BLOB *_plain_buffer)
-{
-	DATA_BLOB plain_buffer;
-
-	plain_buffer = data_blob_talloc(mem_ctx, enc_buffer->data, enc_buffer->length);
-
-	arcfour_crypt_blob(plain_buffer.data, plain_buffer.length, enc_key);
-
-	*_plain_buffer = plain_buffer;
-}
-
-static const struct {
-	void (*fn)(TALLOC_CTX *mem_ctx,
-		   struct DsSyncBindInfo *b,
-		   struct drsuapi_DsReplicaObjectIdentifier *id,
-		   uint32_t rid,
-		   const DATA_BLOB *buffer,
-		   const DATA_BLOB *enc_key,
-		   const DATA_BLOB *enc_buffer,
-		   DATA_BLOB *plain_buffer);
-} do_decryption_fns[] = {
-	{
-		.fn	= do_decryption_v01,
-	},
-};
-
 static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
-			      struct DsSyncBindInfo *b,
+			      const DATA_BLOB *gensec_skey,
 			      struct drsuapi_DsReplicaObjectIdentifier *id,
 			      uint32_t rid,
 			      const DATA_BLOB *buffer)
 {
-	uint32_t conf_i;
-	uint32_t skey_i;
-	uint32_t ekey_i;
-	uint32_t crypt_i;
-
-
-	for (conf_i = 0; conf_i < ARRAY_SIZE(choose_confounder_fns); conf_i++) {
-		DATA_BLOB confounder;
-		DATA_BLOB enc_buffer;
+	DATA_BLOB confounder;
+	DATA_BLOB enc_buffer;
 
-		choose_confounder_fns[conf_i].fn(mem_ctx, b, id, rid, buffer,
-						 choose_confounder_fns[conf_i].len,
-						 &confounder, &enc_buffer);
-
-		for (skey_i = 0; skey_i < ARRAY_SIZE(choose_session_key_fns); skey_i++) {
-			DATA_BLOB session_key;
-
-			choose_session_key_fns[skey_i].fn(mem_ctx, b, id, rid, buffer,
-							  &session_key);
-
-			for (ekey_i = 0; ekey_i < ARRAY_SIZE(create_enc_key_fns); ekey_i++) {
-				DATA_BLOB enc_key;
-
-				create_enc_key_fns[ekey_i].fn(mem_ctx, b, id, rid, buffer,
-							      &confounder, &session_key,
-							      &enc_key);
+	struct MD5Context md5;
+	uint8_t _enc_key[16];
+	DATA_BLOB enc_key;
 
-				for (crypt_i = 0; crypt_i < ARRAY_SIZE(do_decryption_fns); crypt_i++) {
-					DATA_BLOB plain_buffer;
+	DATA_BLOB plain_buffer;
 
-					do_decryption_fns[crypt_i].fn(mem_ctx, b, id, rid, buffer,
-								      &enc_key, &enc_buffer,
-								      &plain_buffer);
+	/*
+	 * the combination "c[3] s[1] e[1] d[0]..."
+	 * was successful!!!!!!!!!!!!!!!!!!!!!!!!!!
+	 */
 
-					DEBUGADD(0,("c[%u] s[%u] e[%u] d[%u] len[%u]:\n",
-						 conf_i, skey_i, ekey_i, crypt_i,
-						 plain_buffer.length));
-					dump_data(0, confounder.data, confounder.length);
-					dump_data(0, session_key.data, session_key.length);
-					dump_data(0, enc_key.data, enc_key.length);
-					dump_data(0, enc_buffer.data, enc_buffer.length);
-					dump_data(0, plain_buffer.data, plain_buffer.length);
-				}
-			}
-		}
+	/* the first 16 bytes at the beginning are the confounder */
+	if (buffer->length <= 16) {
+		return data_blob_const(NULL, 0);
 	}
+	confounder = data_blob_const(buffer->data, 16);
+	enc_buffer = data_blob_const(buffer->data + 16, buffer->length - 16);
+
+	/* 
+	 * build the encryption key md5 over the session key followed
+	 * by the confounder
+	 * 
+	 * here the gensec session key is used and
+	 * not the dcerpc ncacn_ip_tcp "SystemLibraryDTC" key!
+	 */
+	enc_key = data_blob_const(_enc_key, sizeof(_enc_key));
+	MD5Init(&md5);
+	MD5Update(&md5, gensec_skey->data, gensec_skey->length);
+	MD5Update(&md5, confounder.data, confounder.length);
+	MD5Final(enc_key.data, &md5);
 
-	return data_blob(NULL, 0);
+	/*
+	 * copy the encrypted buffer part and 
+	 * decrypt it using the created encryption key using arcfour
+	 */
+	plain_buffer = data_blob_talloc(mem_ctx, enc_buffer.data, enc_buffer.length);
+	if (!plain_buffer.data) {
+		return data_blob_const(NULL, 0);
+	}
+	arcfour_crypt_blob(plain_buffer.data, plain_buffer.length, &enc_key);
+
+	/*
+	 * some attributes seem to be in a usable form after this decryption
+	 * (supplementalCredentials, priorValue, currentValue, trustAuthOutgoing,
+	 *  trustAuthIncoming, initialAuthOutgoing, initialAuthIncoming)
+	 * At least supplementalCredentials contains plaintext
+	 * like "Primary:Kerberos" (in unicode form)
+	 *
+	 * some attributes seem to have some additional encryption
+	 * dBCSPwd, unicodePwd, ntPwdHistory, lmPwdHistory
+	 *
+	 * it's assumed it's something like this sam_rid_crypt()
+	 * function, as the value is constant, so it doesn't depend
+	 * on sessionkeys. But for the unicodePwd attribute which contains
+	 * the nthash be have 20 bytes at this point, but the ntnash only
+	 * is 16 bytes long, so using the current sam_rid_crypt() function
+	 * doesn't work.
+	 *
+	 * sam_rid_crypt(rid, crypt_nt_hash.hash, plain_nt_hash.hash, 0);
+	 */
+
+	return plain_buffer;
 }
 
 static void test_analyse_objects(struct DsSyncTest *ctx,
+				 const DATA_BLOB *gensec_skey,
 				 struct drsuapi_DsReplicaObjectListItemEx *cur)
 {
 	if (!lp_parm_bool(-1,"dssync","print_pwd_blobs",False)) {
@@ -648,7 +448,7 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 			enc_data = attr->value_ctr.values[0].blob;
 			ZERO_STRUCT(plain_data);
 
-			plain_data = decrypt_blob(ctx, &ctx->new_dc.drsuapi,
+			plain_data = decrypt_blob(ctx, gensec_skey,
 						  cur->object.identifier, rid,
 						  enc_data);
 			if (!dn_printed) {
@@ -657,9 +457,10 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 			}
 			DEBUGADD(0,("ATTR: %s enc.length=%lu plain.length=%lu\n",
 				    name, (long)enc_data->length, (long)plain_data.length));
-			dump_data(0, enc_data->data, enc_data->length);
 			if (plain_data.length) {
 				dump_data(0, plain_data.data, plain_data.length);
+			} else {
+				dump_data(0, enc_data->data, enc_data->length);
 			}
 		}
 	}
@@ -679,6 +480,7 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 	int32_t out_level = 0;
 	struct GUID null_guid;
 	struct dom_sid null_sid;
+	DATA_BLOB gensec_skey;
 	struct {
 		int32_t level;
 	} array[] = {
@@ -701,6 +503,13 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 
 	highest_usn = lp_parm_int(-1, "dssync", "highest_usn", 0);
 
+	status = gensec_session_key(ctx->new_dc.drsuapi.pipe->conn->security_state.generic_state,
+				    &gensec_skey);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("failed to get gensec session key: %s\n", nt_errstr(status));
+		return False;
+	}
+
 	for (i=0; i < ARRAY_SIZE(array); i++) {
 		printf("testing DsGetNCChanges level %d\n",
 			array[i].level);
@@ -821,7 +630,7 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 					(long long)ctr1->new_highwatermark.tmp_highest_usn,
 					(long long)ctr1->new_highwatermark.highest_usn));
 
-				test_analyse_objects(ctx, ctr1->first_object);
+				test_analyse_objects(ctx, &gensec_skey, ctr1->first_object);
 
 				if (ctr1->new_highwatermark.tmp_highest_usn > ctr1->new_highwatermark.highest_usn) {
 					r.in.req.req5.highwatermark = ctr1->new_highwatermark;
@@ -844,7 +653,7 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 					(long long)ctr6->new_highwatermark.tmp_highest_usn,
 					(long long)ctr6->new_highwatermark.highest_usn));
 
-				test_analyse_objects(ctx, ctr6->first_object);
+				test_analyse_objects(ctx, &gensec_skey, ctr6->first_object);
 
 				if (ctr6->new_highwatermark.tmp_highest_usn > ctr6->new_highwatermark.highest_usn) {
 					r.in.req.req8.highwatermark = ctr6->new_highwatermark;
-- 
cgit 


From 714052a68c9f64bbfebb01fc50868bf96f3b5ada Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 9 Feb 2007 17:35:32 +0000
Subject: r21261: add support for getting to the plain nthash (and I assume
 others too)

I wonder what the first 4 bytes are, but the last 16 bytes of the 20 bytes
are the rid crypted hash. The lmhash and the history fields are not verified
yet. But I get the administrators nthash in plain.

metze
(This used to be commit 7726d4a0272b29a4eade26c9ae3d929df50897da)
---
 source4/torture/rpc/dssync.c | 86 +++++++++++++++++++++++++++++++++++++-------
 1 file changed, 74 insertions(+), 12 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 79172e366c..063b37c617 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -300,8 +300,39 @@ static BOOL test_GetInfo(struct DsSyncTest *ctx)
 	return ret;
 }
 
+static void sam_rid_crypt_len(uint_t rid, uint32_t len, const uint8_t *in, uint8_t *out, int forw)
+{
+	uint8_t s[14];
+	uint8_t in_pad[8], out_pad[8];
+	uint32_t b_off, s_off = 0;
+
+	s[0] = s[4] = s[8] = s[12] = (uint8_t)(rid & 0xFF);
+	s[1] = s[5] = s[9] = s[13] = (uint8_t)((rid >> 8) & 0xFF);
+	s[2] = s[6] = s[10]        = (uint8_t)((rid >> 16) & 0xFF);
+	s[3] = s[7] = s[11]        = (uint8_t)((rid >> 24) & 0xFF);
+
+	for (b_off=0; b_off < len; b_off += 8) {
+		uint32_t left = len - b_off;
+		if (left >= 8) {
+			des_crypt56(out + b_off, in + b_off, s + s_off, forw);
+		} else {
+			ZERO_STRUCT(in_pad);
+			memcpy(in_pad, in + b_off, left);
+			des_crypt56(out_pad, in + b_off, s + s_off, forw);
+			memcpy(out + b_off, out_pad, left);
+			ZERO_STRUCT(out_pad);
+		}
+		if (s_off == 0) {
+			s_off = 7;
+		} else {
+			s_off--;
+		}
+	}
+}
+
 static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 			      const DATA_BLOB *gensec_skey,
+			      bool rcrypt,
 			      struct drsuapi_DsReplicaObjectIdentifier *id,
 			      uint32_t rid,
 			      const DATA_BLOB *buffer)
@@ -313,6 +344,7 @@ static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 	uint8_t _enc_key[16];
 	DATA_BLOB enc_key;
 
+	DATA_BLOB dec_buffer;
 	DATA_BLOB plain_buffer;
 
 	/*
@@ -344,11 +376,11 @@ static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 	 * copy the encrypted buffer part and 
 	 * decrypt it using the created encryption key using arcfour
 	 */
-	plain_buffer = data_blob_talloc(mem_ctx, enc_buffer.data, enc_buffer.length);
-	if (!plain_buffer.data) {
+	dec_buffer = data_blob_talloc(mem_ctx, enc_buffer.data, enc_buffer.length);
+	if (!dec_buffer.data) {
 		return data_blob_const(NULL, 0);
 	}
-	arcfour_crypt_blob(plain_buffer.data, plain_buffer.length, &enc_key);
+	arcfour_crypt_blob(dec_buffer.data, dec_buffer.length, &enc_key);
 
 	/*
 	 * some attributes seem to be in a usable form after this decryption
@@ -360,15 +392,32 @@ static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 	 * some attributes seem to have some additional encryption
 	 * dBCSPwd, unicodePwd, ntPwdHistory, lmPwdHistory
 	 *
-	 * it's assumed it's something like this sam_rid_crypt()
-	 * function, as the value is constant, so it doesn't depend
-	 * on sessionkeys. But for the unicodePwd attribute which contains
-	 * the nthash be have 20 bytes at this point, but the ntnash only
-	 * is 16 bytes long, so using the current sam_rid_crypt() function
-	 * doesn't work.
-	 *
-	 * sam_rid_crypt(rid, crypt_nt_hash.hash, plain_nt_hash.hash, 0);
+	 * it's the sam_rid_crypt() function, as the value is constant,
+	 * so it doesn't depend on sessionkeys. But for the unicodePwd attribute
+	 * which contains the nthash has 20 bytes at this point.
+	 * 
+	 * the first 4 byte are unknown yet, but the last 16 byte are the
+	 * rid crypted hash.
 	 */
+	if (rcrypt) {
+		plain_buffer = data_blob_talloc(mem_ctx, dec_buffer.data, dec_buffer.length);
+		if (!plain_buffer.data) {
+			return data_blob_const(NULL, 0);
+		}
+		if (plain_buffer.length < 20) {
+			return data_blob_const(NULL, 0);
+		}
+		/*
+		 * TODO: check if that's correct for the history fields,
+		 *       which can be larger than 16 bytes (but in 16 byte steps)
+		 *       maybe we need to call the 16 byte sam_rid_crypt() function
+		 *       for each hash, but here we assume the rid des key is shifted
+		 *	 by one for each 8 byte block.
+		 */
+		sam_rid_crypt_len(rid, dec_buffer.length - 4, dec_buffer.data + 4, plain_buffer.data + 4, 0);
+	} else {
+		plain_buffer = dec_buffer;
+	}
 
 	return plain_buffer;
 }
@@ -398,6 +447,7 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 
 		for (i=0; i < cur->object.attribute_ctr.num_attributes; i++) {
 			const char *name = NULL;
+			bool rcrypt = false;
 			DATA_BLOB *enc_data = NULL;
 			DATA_BLOB plain_data;
 			struct drsuapi_DsReplicaAttribute *attr;
@@ -406,15 +456,19 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 			switch (attr->attid) {
 			case DRSUAPI_ATTRIBUTE_dBCSPwd:
 				name	= "dBCSPwd";
+				rcrypt	= true;
 				break;
 			case DRSUAPI_ATTRIBUTE_unicodePwd:
 				name	= "unicodePwd";
+				rcrypt	= true;
 				break;
 			case DRSUAPI_ATTRIBUTE_ntPwdHistory:
 				name	= "ntPwdHistory";
+				rcrypt	= true;
 				break;
 			case DRSUAPI_ATTRIBUTE_lmPwdHistory:
 				name	= "lmPwdHistory";
+				rcrypt	= true;
 				break;
 			case DRSUAPI_ATTRIBUTE_supplementalCredentials:
 				name	= "supplementalCredentials";
@@ -448,7 +502,7 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 			enc_data = attr->value_ctr.values[0].blob;
 			ZERO_STRUCT(plain_data);
 
-			plain_data = decrypt_blob(ctx, gensec_skey,
+			plain_data = decrypt_blob(ctx, gensec_skey, rcrypt,
 						  cur->object.identifier, rid,
 						  enc_data);
 			if (!dn_printed) {
@@ -503,6 +557,14 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 
 	highest_usn = lp_parm_int(-1, "dssync", "highest_usn", 0);
 
+	if (lp_parm_bool(-1,"dssync","print_pwd_blobs",False)) {
+		const struct samr_Password *nthash;
+		nthash = cli_credentials_get_nt_hash(ctx->new_dc.credentials, ctx);
+		if (nthash) {
+			DEBUG(0,("CREDENTIALS nthash:\n"));
+			dump_data(0, nthash->hash, sizeof(nthash->hash));
+		}
+	}
 	status = gensec_session_key(ctx->new_dc.drsuapi.pipe->conn->security_state.generic_state,
 				    &gensec_skey);
 	if (!NT_STATUS_IS_OK(status)) {
-- 
cgit 


From e2821c42385d67ea3d57e442000d008e66e96dd7 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Sat, 10 Feb 2007 09:46:28 +0000
Subject: r21267: the first 4 bytes in each encrypted attribute is the crc32
 checksum over the remaining bytes

metze
(This used to be commit c9fe6a867c7e23a60e0f9200b04c31e48ccc11a2)
---
 source4/torture/rpc/dssync.c | 39 ++++++++++++++++++++++++++++++---------
 1 file changed, 30 insertions(+), 9 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 063b37c617..0f07c51516 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -345,6 +345,11 @@ static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 	DATA_BLOB enc_key;
 
 	DATA_BLOB dec_buffer;
+
+	uint32_t crc32_given;
+	uint32_t crc32_calc;
+	DATA_BLOB checked_buffer;
+
 	DATA_BLOB plain_buffer;
 
 	/*
@@ -382,6 +387,26 @@ static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 	}
 	arcfour_crypt_blob(dec_buffer.data, dec_buffer.length, &enc_key);
 
+	/* 
+	 * the first 4 byte are the crc32 checksum
+	 * of the remaining bytes
+	 */
+	if (dec_buffer.length < 4) {
+		return data_blob_const(NULL, 0);
+	}
+
+	crc32_given = IVAL(dec_buffer.data, 0);
+	crc32_calc = crc32_calc_buffer(dec_buffer.data + 4 , dec_buffer.length - 4);
+	if (crc32_given != crc32_calc) {
+		DEBUG(0,("CRC32: given[0x%08X] calc[0x%08X]\n",
+		      crc32_given, crc32_calc));
+		return data_blob_const(NULL, 0);
+	}
+	checked_buffer = data_blob_talloc(mem_ctx, dec_buffer.data + 4, dec_buffer.length - 4);
+	if (!checked_buffer.data) {
+		return data_blob_const(NULL, 0);
+	}
+
 	/*
 	 * some attributes seem to be in a usable form after this decryption
 	 * (supplementalCredentials, priorValue, currentValue, trustAuthOutgoing,
@@ -393,18 +418,14 @@ static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 	 * dBCSPwd, unicodePwd, ntPwdHistory, lmPwdHistory
 	 *
 	 * it's the sam_rid_crypt() function, as the value is constant,
-	 * so it doesn't depend on sessionkeys. But for the unicodePwd attribute
-	 * which contains the nthash has 20 bytes at this point.
-	 * 
-	 * the first 4 byte are unknown yet, but the last 16 byte are the
-	 * rid crypted hash.
+	 * so it doesn't depend on sessionkeys.
 	 */
 	if (rcrypt) {
-		plain_buffer = data_blob_talloc(mem_ctx, dec_buffer.data, dec_buffer.length);
+		plain_buffer = data_blob_talloc(mem_ctx, checked_buffer.data, checked_buffer.length);
 		if (!plain_buffer.data) {
 			return data_blob_const(NULL, 0);
 		}
-		if (plain_buffer.length < 20) {
+		if (plain_buffer.length < 16) {
 			return data_blob_const(NULL, 0);
 		}
 		/*
@@ -414,9 +435,9 @@ static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 		 *       for each hash, but here we assume the rid des key is shifted
 		 *	 by one for each 8 byte block.
 		 */
-		sam_rid_crypt_len(rid, dec_buffer.length - 4, dec_buffer.data + 4, plain_buffer.data + 4, 0);
+		sam_rid_crypt_len(rid, checked_buffer.length, checked_buffer.data, plain_buffer.data, 0);
 	} else {
-		plain_buffer = dec_buffer;
+		plain_buffer = checked_buffer;
 	}
 
 	return plain_buffer;
-- 
cgit 


From 9e2b78b96aa8e9ae8200578bd1b31c542e59788b Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Sat, 10 Feb 2007 19:44:16 +0000
Subject: r21272: in the history fields each hash is rid crypted on its own

metze
(This used to be commit 922cfacde4dcf27829040e12c7fae083bd5b44c2)
---
 source4/torture/rpc/dssync.c | 62 ++++++++++++--------------------------------
 1 file changed, 16 insertions(+), 46 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 0f07c51516..c601b08248 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -300,36 +300,6 @@ static BOOL test_GetInfo(struct DsSyncTest *ctx)
 	return ret;
 }
 
-static void sam_rid_crypt_len(uint_t rid, uint32_t len, const uint8_t *in, uint8_t *out, int forw)
-{
-	uint8_t s[14];
-	uint8_t in_pad[8], out_pad[8];
-	uint32_t b_off, s_off = 0;
-
-	s[0] = s[4] = s[8] = s[12] = (uint8_t)(rid & 0xFF);
-	s[1] = s[5] = s[9] = s[13] = (uint8_t)((rid >> 8) & 0xFF);
-	s[2] = s[6] = s[10]        = (uint8_t)((rid >> 16) & 0xFF);
-	s[3] = s[7] = s[11]        = (uint8_t)((rid >> 24) & 0xFF);
-
-	for (b_off=0; b_off < len; b_off += 8) {
-		uint32_t left = len - b_off;
-		if (left >= 8) {
-			des_crypt56(out + b_off, in + b_off, s + s_off, forw);
-		} else {
-			ZERO_STRUCT(in_pad);
-			memcpy(in_pad, in + b_off, left);
-			des_crypt56(out_pad, in + b_off, s + s_off, forw);
-			memcpy(out + b_off, out_pad, left);
-			ZERO_STRUCT(out_pad);
-		}
-		if (s_off == 0) {
-			s_off = 7;
-		} else {
-			s_off--;
-		}
-	}
-}
-
 static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 			      const DATA_BLOB *gensec_skey,
 			      bool rcrypt,
@@ -357,8 +327,11 @@ static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 	 * was successful!!!!!!!!!!!!!!!!!!!!!!!!!!
 	 */
 
-	/* the first 16 bytes at the beginning are the confounder */
-	if (buffer->length <= 16) {
+	/* 
+	 * the first 16 bytes at the beginning are the confounder
+	 * followed by the 4 byte crc32 checksum
+	 */
+	if (buffer->length < 20) {
 		return data_blob_const(NULL, 0);
 	}
 	confounder = data_blob_const(buffer->data, 16);
@@ -391,10 +364,6 @@ static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 	 * the first 4 byte are the crc32 checksum
 	 * of the remaining bytes
 	 */
-	if (dec_buffer.length < 4) {
-		return data_blob_const(NULL, 0);
-	}
-
 	crc32_given = IVAL(dec_buffer.data, 0);
 	crc32_calc = crc32_calc_buffer(dec_buffer.data + 4 , dec_buffer.length - 4);
 	if (crc32_given != crc32_calc) {
@@ -421,21 +390,22 @@ static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 	 * so it doesn't depend on sessionkeys.
 	 */
 	if (rcrypt) {
+		uint32_t i, num_hashes;
+
+		if ((checked_buffer.length % 16) != 0) {
+			return data_blob_const(NULL, 0);
+		}
+
 		plain_buffer = data_blob_talloc(mem_ctx, checked_buffer.data, checked_buffer.length);
 		if (!plain_buffer.data) {
 			return data_blob_const(NULL, 0);
 		}
-		if (plain_buffer.length < 16) {
-			return data_blob_const(NULL, 0);
+			
+		num_hashes = plain_buffer.length / 16;
+		for (i = 0; i < num_hashes; i++) {
+			uint32_t offset = i * 16;
+			sam_rid_crypt(rid, checked_buffer.data + offset, plain_buffer.data + offset, 0);
 		}
-		/*
-		 * TODO: check if that's correct for the history fields,
-		 *       which can be larger than 16 bytes (but in 16 byte steps)
-		 *       maybe we need to call the 16 byte sam_rid_crypt() function
-		 *       for each hash, but here we assume the rid des key is shifted
-		 *	 by one for each 8 byte block.
-		 */
-		sam_rid_crypt_len(rid, checked_buffer.length, checked_buffer.data, plain_buffer.data, 0);
 	} else {
 		plain_buffer = checked_buffer;
 	}
-- 
cgit 


From 93690e31c358322e53e4110610476016d1b6f88c Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 14 Feb 2007 13:35:53 +0000
Subject: r21335: add dssync:save_pwd_blobs_dir=path/ option to store the
 password blobs in files for inspection with ndrdump

metze
(This used to be commit 54748ef5860ee59b5f84855965c84aa8787fb4b6)
---
 source4/torture/rpc/dssync.c | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index c601b08248..eb90871c0e 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -417,10 +417,15 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 				 const DATA_BLOB *gensec_skey,
 				 struct drsuapi_DsReplicaObjectListItemEx *cur)
 {
-	if (!lp_parm_bool(-1,"dssync","print_pwd_blobs",False)) {
+	static uint32_t object_id;
+	const char *save_values_dir;
+
+	if (!lp_parm_bool(-1,"dssync","print_pwd_blobs", false)) {
 		return;	
 	}
 
+	save_values_dir = lp_parm_string(-1,"dssync","save_pwd_blobs_dir");
+
 	for (; cur; cur = cur->next_object) {
 		const char *dn;
 		struct dom_sid *sid = NULL;
@@ -497,13 +502,28 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 						  cur->object.identifier, rid,
 						  enc_data);
 			if (!dn_printed) {
-				DEBUG(0,("DN: %s\n", dn));
+				object_id++;
+				DEBUG(0,("DN[%u] %s\n", object_id, dn));
 				dn_printed = True;
 			}
 			DEBUGADD(0,("ATTR: %s enc.length=%lu plain.length=%lu\n",
 				    name, (long)enc_data->length, (long)plain_data.length));
 			if (plain_data.length) {
 				dump_data(0, plain_data.data, plain_data.length);
+				if (save_values_dir) {
+					char *fname;
+					fname = talloc_asprintf(ctx, "%s/%s%02d",
+								save_values_dir,
+								name, object_id);
+					if (fname) {
+						bool ok;
+						ok = file_save(fname, plain_data.data, plain_data.length);
+						if (!ok) {
+							DEBUGADD(0,("Failed to save '%s'\n", fname));
+						}
+					}
+					talloc_free(fname);
+				}
 			} else {
 				dump_data(0, enc_data->data, enc_data->length);
 			}
-- 
cgit 


From 98fce3d3b5b5ef07540922d1952c899676015973 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 14 Feb 2007 14:01:50 +0000
Subject: r21337: add hack option to use DsGetNCChanges level 5 against w2k

metze
(This used to be commit 66c8499e5f2f139995be8cb5770d238f383059d6)
---
 source4/torture/rpc/dssync.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index eb90871c0e..31f9c602c7 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -568,6 +568,8 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 
 	highest_usn = lp_parm_int(-1, "dssync", "highest_usn", 0);
 
+	array[0].level = lp_parm_int(-1, "dssync", "get_nc_changes_level", array[0].level);
+
 	if (lp_parm_bool(-1,"dssync","print_pwd_blobs",False)) {
 		const struct samr_Password *nthash;
 		nthash = cli_credentials_get_nt_hash(ctx->new_dc.credentials, ctx);
-- 
cgit 


From e936efb26f52dd1d8f90ea4754abc567491c01f1 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 5 Apr 2007 06:00:44 +0000
Subject: r22086: Bail out early on some of these failures. (This used to be
 commit 8311bdfde92a9efe7730ed4a0f5f70f8e0d25ef6)

---
 source4/torture/rpc/dssync.c | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 31f9c602c7..3d9accf4fe 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -811,9 +811,18 @@ BOOL torture_rpc_dssync(struct torture_context *torture)
 	ctx = test_create_context(mem_ctx);
 	
 	ret &= _test_DsBind(ctx, ctx->admin.credentials, &ctx->admin.drsuapi);
+	if (!ret) {
+		return ret;
+	}
 	ret &= test_LDAPBind(ctx, ctx->admin.credentials, &ctx->admin.ldap);
+	if (!ret) {
+		return ret;
+	}
 	ret &= test_GetInfo(ctx);
 	ret &= _test_DsBind(ctx, ctx->new_dc.credentials, &ctx->new_dc.drsuapi);
+	if (!ret) {
+		return ret;
+	}
 	ret &= test_FetchData(ctx);
 	ret &= test_FetchNT4Data(ctx);
 
-- 
cgit 


From 4194a55726ebd04902e820b811f71dfb38ad01a2 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 20 Apr 2007 05:56:22 +0000
Subject: r22396: remove unused vars

metze
(This used to be commit ff3ad7e5db64a27ec95475c40be094c7d69ae008)
---
 source4/torture/rpc/dssync.c | 4 ----
 1 file changed, 4 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 3d9accf4fe..d4afdf8e58 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -747,11 +747,7 @@ static BOOL test_FetchNT4Data(struct DsSyncTest *ctx)
 {
 	NTSTATUS status;
 	BOOL ret = True;
-	int i, y = 0;
-	uint64_t highest_usn = 0;
-	const char *partition = NULL;
 	struct drsuapi_DsGetNT4ChangeLog r;
-	int32_t out_level = 0;
 	struct GUID null_guid;
 	struct dom_sid null_sid;
 	DATA_BLOB cookie;
-- 
cgit 


From 0479a2f1cbae51fcd8dbdc3c148c808421fb4d25 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Tue, 10 Jul 2007 02:07:03 +0000
Subject: r23792: convert Samba4 to GPLv3

There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
---
 source4/torture/rpc/dssync.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index d4afdf8e58..8f22622846 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -8,7 +8,7 @@
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 2 of the License, or
+   the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.
    
    This program is distributed in the hope that it will be useful,
@@ -17,8 +17,7 @@
    GNU General Public License for more details.
    
    You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
 #include "includes.h"
-- 
cgit 


From 5f6b501f217bf95522e2d1fe63ee1298feb1abd7 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Fri, 3 Aug 2007 08:25:15 +0000
Subject: r24146: It is not an error for a Win2k3-only server not to support
 the NT4 replication call.

Andrew Bartlett
(This used to be commit 59cba32c09f5b014788e4fb0479ed31f26a3d7e2)
---
 source4/torture/rpc/dssync.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 8f22622846..9546e5fd3d 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -774,6 +774,9 @@ static BOOL test_FetchNT4Data(struct DsSyncTest *ctx)
 			}
 			printf("dcerpc_drsuapi_DsGetNT4ChangeLog failed - %s\n", errstr);
 			ret = False;
+		} else if (W_ERROR_EQUAL(r.out.result, WERR_INVALID_DOMAIN_ROLE)) {
+			printf("DsGetNT4ChangeLog not supported by target server\n");
+			break;
 		} else if (!W_ERROR_IS_OK(r.out.result)) {
 			printf("DsGetNT4ChangeLog failed - %s\n", win_errstr(r.out.result));
 			ret = False;
-- 
cgit 


From f14bd1a90ab47a418c0ec2492990a417a0bb3bf6 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Sun, 19 Aug 2007 21:23:03 +0000
Subject: r24557: rename 'dcerpc_table_' -> 'ndr_table_'

metze
(This used to be commit 84651aee81aaabbebf52ffc3fbcbabb2eec6eed5)
---
 source4/torture/rpc/dssync.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 9546e5fd3d..6357fa9ee5 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -180,7 +180,7 @@ static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credent
 
 	status = dcerpc_pipe_connect_b(ctx,
 				       &b->pipe, ctx->drsuapi_binding, 
-				       &dcerpc_table_drsuapi,
+				       &ndr_table_drsuapi,
 				       credentials, event);
 	
 	if (!NT_STATUS_IS_OK(status)) {
-- 
cgit 


From ffeee68e4b72dd94fee57366bd8d38b8c284c3d4 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Sat, 8 Sep 2007 12:42:09 +0000
Subject: r25026: Move param/param.h out of includes.h (This used to be commit
 abe8349f9b4387961ff3665d8c589d61cd2edf31)

---
 source4/torture/rpc/dssync.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 6357fa9ee5..bf3e59c380 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -32,6 +32,7 @@
 #include "auth/credentials/credentials.h"
 #include "libcli/auth/libcli_auth.h"
 #include "auth/gensec/gensec.h"
+#include "param/param.h"
 
 struct DsSyncBindInfo {
 	struct dcerpc_pipe *pipe;
-- 
cgit 


From 98b57d5eb61094a9c88e2f7d90d3e21b7e74e9d8 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Sat, 8 Sep 2007 16:46:30 +0000
Subject: r25035: Fix some more warnings, use service pointer rather than
 service number in more places. (This used to be commit
 df9cebcb97e20564359097148665bd519f31bc6f)

---
 source4/torture/rpc/dssync.c | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index bf3e59c380..5ea578e041 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -84,7 +84,7 @@ static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
 	struct DsSyncTest *ctx;
 	struct drsuapi_DsBindInfo28 *our_bind_info28;
 	struct drsuapi_DsBindInfoCtr *our_bind_info_ctr;
-	const char *binding = lp_parm_string(-1, "torture", "binding");
+	const char *binding = lp_parm_string(NULL, "torture", "binding");
 	ctx = talloc_zero(mem_ctx, struct DsSyncTest);
 	if (!ctx) return NULL;
 
@@ -149,7 +149,7 @@ static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
 	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
 	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
 	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
-	if (lp_parm_bool(-1,"dssync","xpress",False)) {
+	if (lp_parm_bool(NULL, "dssync", "xpress", false)) {
 		our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
 	}
 	our_bind_info28->site_guid		= GUID_zero();
@@ -420,11 +420,11 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 	static uint32_t object_id;
 	const char *save_values_dir;
 
-	if (!lp_parm_bool(-1,"dssync","print_pwd_blobs", false)) {
+	if (!lp_parm_bool(NULL,"dssync","print_pwd_blobs", false)) {
 		return;	
 	}
 
-	save_values_dir = lp_parm_string(-1,"dssync","save_pwd_blobs_dir");
+	save_values_dir = lp_parm_string(NULL, "dssync", "save_pwd_blobs_dir");
 
 	for (; cur; cur = cur->next_object) {
 		const char *dn;
@@ -560,17 +560,17 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 	ZERO_STRUCT(null_guid);
 	ZERO_STRUCT(null_sid);
 
-	partition = lp_parm_string(-1, "dssync", "partition");
+	partition = lp_parm_string(NULL, "dssync", "partition");
 	if (partition == NULL) {
 		partition = ctx->domain_dn;
 		printf("dssync:partition not specified, defaulting to %s.\n", ctx->domain_dn);
 	}
 
-	highest_usn = lp_parm_int(-1, "dssync", "highest_usn", 0);
+	highest_usn = lp_parm_int(NULL, "dssync", "highest_usn", 0);
 
-	array[0].level = lp_parm_int(-1, "dssync", "get_nc_changes_level", array[0].level);
+	array[0].level = lp_parm_int(NULL, "dssync", "get_nc_changes_level", array[0].level);
 
-	if (lp_parm_bool(-1,"dssync","print_pwd_blobs",False)) {
+	if (lp_parm_bool(NULL, "dssync", "print_pwd_blobs", false)) {
 		const struct samr_Password *nthash;
 		nthash = cli_credentials_get_nt_hash(ctx->new_dc.credentials, ctx);
 		if (nthash) {
@@ -606,10 +606,10 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 			r.in.req.req5.highwatermark.highest_usn		= highest_usn;
 			r.in.req.req5.uptodateness_vector		= NULL;
 			r.in.req.req5.replica_flags			= 0;
-			if (lp_parm_bool(-1,"dssync","compression",False)) {
+			if (lp_parm_bool(NULL, "dssync", "compression", false)) {
 				r.in.req.req5.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
 			}
-			if (lp_parm_bool(-1,"dssync","neighbour_writeable",True)) {
+			if (lp_parm_bool(NULL, "dssync", "neighbour_writeable", true)) {
 				r.in.req.req5.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
 			}
 			r.in.req.req5.replica_flags			|= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
@@ -637,10 +637,10 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 			r.in.req.req8.highwatermark.highest_usn		= highest_usn;
 			r.in.req.req8.uptodateness_vector		= NULL;
 			r.in.req.req8.replica_flags			= 0;
-			if (lp_parm_bool(-1,"dssync","compression",False)) {
+			if (lp_parm_bool(NULL, "dssync", "compression", false)) {
 				r.in.req.req8.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
 			}
-			if (lp_parm_bool(-1,"dssync","neighbour_writeable",True)) {
+			if (lp_parm_bool(NULL, "dssync", "neighbour_writeable", true)) {
 				r.in.req.req8.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
 			}
 			r.in.req.req8.replica_flags			|= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
@@ -760,8 +760,8 @@ static BOOL test_FetchNT4Data(struct DsSyncTest *ctx)
 	r.in.bind_handle	= &ctx->new_dc.drsuapi.bind_handle;
 	r.in.level		= 1;
 
-	r.in.req.req1.unknown1	= lp_parm_int(-1, "dssync", "nt4-1", 3);
-	r.in.req.req1.unknown2	= lp_parm_int(-1, "dssync", "nt4-2", 0x00004000);
+	r.in.req.req1.unknown1	= lp_parm_int(NULL, "dssync", "nt4-1", 3);
+	r.in.req.req1.unknown2	= lp_parm_int(NULL, "dssync", "nt4-2", 0x00004000);
 
 	while (1) {
 		r.in.req.req1.length	= cookie.length;
@@ -800,9 +800,9 @@ static BOOL test_FetchNT4Data(struct DsSyncTest *ctx)
 	return ret;
 }
 
-BOOL torture_rpc_dssync(struct torture_context *torture)
+bool torture_rpc_dssync(struct torture_context *torture)
 {
-	BOOL ret = True;
+	bool ret = true;
 	TALLOC_CTX *mem_ctx;
 	struct DsSyncTest *ctx;
 	
-- 
cgit 


From 37d53832a4623653f706e77985a79d84bd7c6694 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Fri, 28 Sep 2007 01:17:46 +0000
Subject: r25398: Parse loadparm context to all lp_*() functions. (This used to
 be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)

---
 source4/torture/rpc/dssync.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 5ea578e041..79063e86da 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -265,7 +265,7 @@ static BOOL test_GetInfo(struct DsSyncTest *ctx)
 	r.in.req.req1.format_flags	= DRSUAPI_DS_NAME_FLAG_NO_FLAGS;		
 	r.in.req.req1.format_offered	= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
 	r.in.req.req1.format_desired	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
-	names[0].str = talloc_asprintf(ctx, "%s\\", lp_workgroup());
+	names[0].str = talloc_asprintf(ctx, "%s\\", lp_workgroup(global_loadparm));
 
 	status = dcerpc_drsuapi_DsCrackNames(ctx->admin.drsuapi.pipe, ctx, &r);
 	if (!NT_STATUS_IS_OK(status)) {
-- 
cgit 


From 60a1046c5c5783799bd64fe18e03534670f83d82 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Sat, 29 Sep 2007 18:00:19 +0000
Subject: r25430: Add the loadparm context to all parametric options. (This
 used to be commit fd697d77c9fe67a00939a1f04b35c451316fff58)

---
 source4/torture/rpc/dssync.c | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 79063e86da..347b1a5bc7 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -84,7 +84,7 @@ static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
 	struct DsSyncTest *ctx;
 	struct drsuapi_DsBindInfo28 *our_bind_info28;
 	struct drsuapi_DsBindInfoCtr *our_bind_info_ctr;
-	const char *binding = lp_parm_string(NULL, "torture", "binding");
+	const char *binding = lp_parm_string(global_loadparm, NULL, "torture", "binding");
 	ctx = talloc_zero(mem_ctx, struct DsSyncTest);
 	if (!ctx) return NULL;
 
@@ -149,7 +149,7 @@ static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
 	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
 	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
 	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
-	if (lp_parm_bool(NULL, "dssync", "xpress", false)) {
+	if (lp_parm_bool(global_loadparm, NULL, "dssync", "xpress", false)) {
 		our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
 	}
 	our_bind_info28->site_guid		= GUID_zero();
@@ -420,11 +420,11 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 	static uint32_t object_id;
 	const char *save_values_dir;
 
-	if (!lp_parm_bool(NULL,"dssync","print_pwd_blobs", false)) {
+	if (!lp_parm_bool(global_loadparm, NULL,"dssync","print_pwd_blobs", false)) {
 		return;	
 	}
 
-	save_values_dir = lp_parm_string(NULL, "dssync", "save_pwd_blobs_dir");
+	save_values_dir = lp_parm_string(global_loadparm, NULL, "dssync", "save_pwd_blobs_dir");
 
 	for (; cur; cur = cur->next_object) {
 		const char *dn;
@@ -560,17 +560,17 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 	ZERO_STRUCT(null_guid);
 	ZERO_STRUCT(null_sid);
 
-	partition = lp_parm_string(NULL, "dssync", "partition");
+	partition = lp_parm_string(global_loadparm, NULL, "dssync", "partition");
 	if (partition == NULL) {
 		partition = ctx->domain_dn;
 		printf("dssync:partition not specified, defaulting to %s.\n", ctx->domain_dn);
 	}
 
-	highest_usn = lp_parm_int(NULL, "dssync", "highest_usn", 0);
+	highest_usn = lp_parm_int(global_loadparm, NULL, "dssync", "highest_usn", 0);
 
-	array[0].level = lp_parm_int(NULL, "dssync", "get_nc_changes_level", array[0].level);
+	array[0].level = lp_parm_int(global_loadparm, NULL, "dssync", "get_nc_changes_level", array[0].level);
 
-	if (lp_parm_bool(NULL, "dssync", "print_pwd_blobs", false)) {
+	if (lp_parm_bool(global_loadparm, NULL, "dssync", "print_pwd_blobs", false)) {
 		const struct samr_Password *nthash;
 		nthash = cli_credentials_get_nt_hash(ctx->new_dc.credentials, ctx);
 		if (nthash) {
@@ -606,10 +606,10 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 			r.in.req.req5.highwatermark.highest_usn		= highest_usn;
 			r.in.req.req5.uptodateness_vector		= NULL;
 			r.in.req.req5.replica_flags			= 0;
-			if (lp_parm_bool(NULL, "dssync", "compression", false)) {
+			if (lp_parm_bool(global_loadparm, NULL, "dssync", "compression", false)) {
 				r.in.req.req5.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
 			}
-			if (lp_parm_bool(NULL, "dssync", "neighbour_writeable", true)) {
+			if (lp_parm_bool(global_loadparm, NULL, "dssync", "neighbour_writeable", true)) {
 				r.in.req.req5.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
 			}
 			r.in.req.req5.replica_flags			|= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
@@ -637,10 +637,10 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 			r.in.req.req8.highwatermark.highest_usn		= highest_usn;
 			r.in.req.req8.uptodateness_vector		= NULL;
 			r.in.req.req8.replica_flags			= 0;
-			if (lp_parm_bool(NULL, "dssync", "compression", false)) {
+			if (lp_parm_bool(global_loadparm, NULL, "dssync", "compression", false)) {
 				r.in.req.req8.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
 			}
-			if (lp_parm_bool(NULL, "dssync", "neighbour_writeable", true)) {
+			if (lp_parm_bool(global_loadparm, NULL, "dssync", "neighbour_writeable", true)) {
 				r.in.req.req8.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
 			}
 			r.in.req.req8.replica_flags			|= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
@@ -760,8 +760,8 @@ static BOOL test_FetchNT4Data(struct DsSyncTest *ctx)
 	r.in.bind_handle	= &ctx->new_dc.drsuapi.bind_handle;
 	r.in.level		= 1;
 
-	r.in.req.req1.unknown1	= lp_parm_int(NULL, "dssync", "nt4-1", 3);
-	r.in.req.req1.unknown2	= lp_parm_int(NULL, "dssync", "nt4-2", 0x00004000);
+	r.in.req.req1.unknown1	= lp_parm_int(global_loadparm, NULL, "dssync", "nt4-1", 3);
+	r.in.req.req1.unknown2	= lp_parm_int(global_loadparm, NULL, "dssync", "nt4-2", 0x00004000);
 
 	while (1) {
 		r.in.req.req1.length	= cookie.length;
-- 
cgit 


From 2151cde58014ea2e822c13d2f8a369b45dc19ca8 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Sat, 6 Oct 2007 22:28:14 +0000
Subject: r25554: Convert last instances of BOOL, True and False to the
 standard types. (This used to be commit
 566aa14139510788548a874e9213d91317f83ca9)

---
 source4/torture/rpc/dssync.c | 60 ++++++++++++++++++++++----------------------
 1 file changed, 30 insertions(+), 30 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 347b1a5bc7..15125ac365 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -173,10 +173,10 @@ static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
 	return ctx;
 }
 
-static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credentials, struct DsSyncBindInfo *b)
+static bool _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credentials, struct DsSyncBindInfo *b)
 {
 	NTSTATUS status;
-	BOOL ret = True;
+	bool ret = true;
 	struct event_context *event = NULL;
 
 	status = dcerpc_pipe_connect_b(ctx,
@@ -186,7 +186,7 @@ static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credent
 	
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status));
-		return False;
+		return false;
 	}
 
 	status = dcerpc_drsuapi_DsBind(b->pipe, ctx, &b->req);
@@ -196,10 +196,10 @@ static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credent
 			errstr = dcerpc_errstr(ctx, b->pipe->last_fault_code);
 		}
 		printf("dcerpc_drsuapi_DsBind failed - %s\n", errstr);
-		ret = False;
+		ret = false;
 	} else if (!W_ERROR_IS_OK(b->req.out.result)) {
 		printf("DsBind failed - %s\n", win_errstr(b->req.out.result));
-		ret = False;
+		ret = false;
 	}
 
 	ZERO_STRUCT(b->peer_bind_info28);
@@ -223,15 +223,15 @@ static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credent
 	return ret;
 }
 
-static BOOL test_LDAPBind(struct DsSyncTest *ctx, struct cli_credentials *credentials, struct DsSyncLDAPInfo *l)
+static bool test_LDAPBind(struct DsSyncTest *ctx, struct cli_credentials *credentials, struct DsSyncLDAPInfo *l)
 {
 	NTSTATUS status;
-	BOOL ret = True;
+	bool ret = true;
 
 	status = torture_ldap_connection(ctx, &l->conn, ctx->ldap_url);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("failed to connect to LDAP: %s\n", ctx->ldap_url);
-		return False;
+		return false;
 	}
 
 	printf("connected to LDAP: %s\n", ctx->ldap_url);
@@ -239,19 +239,19 @@ static BOOL test_LDAPBind(struct DsSyncTest *ctx, struct cli_credentials *creden
 	status = torture_ldap_bind_sasl(l->conn, credentials);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("failed to bind to LDAP:\n");
-		return False;
+		return false;
 	}
 	printf("bound to LDAP.\n");
 
 	return ret;
 }
 
-static BOOL test_GetInfo(struct DsSyncTest *ctx)
+static bool test_GetInfo(struct DsSyncTest *ctx)
 {
 	NTSTATUS status;
 	struct drsuapi_DsCrackNames r;
 	struct drsuapi_DsNameString names[1];
-	BOOL ret = True;
+	bool ret = true;
 
 	struct cldap_socket *cldap = cldap_socket_init(ctx, NULL);
 	struct cldap_netlogon search;
@@ -274,10 +274,10 @@ static BOOL test_GetInfo(struct DsSyncTest *ctx)
 			errstr = dcerpc_errstr(ctx, ctx->admin.drsuapi.pipe->last_fault_code);
 		}
 		printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
-		return False;
+		return false;
 	} else if (!W_ERROR_IS_OK(r.out.result)) {
 		printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
-		return False;
+		return false;
 	}
 
 	ctx->domain_dn = r.out.ctr.ctr1->array[0].result_name;
@@ -430,7 +430,7 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 		const char *dn;
 		struct dom_sid *sid = NULL;
 		uint32_t rid = 0;
-		BOOL dn_printed = False;
+		bool dn_printed = false;
 		uint32_t i;
 
 		if (!cur->object.identifier) continue;
@@ -504,7 +504,7 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 			if (!dn_printed) {
 				object_id++;
 				DEBUG(0,("DN[%u] %s\n", object_id, dn));
-				dn_printed = True;
+				dn_printed = true;
 			}
 			DEBUGADD(0,("ATTR: %s enc.length=%lu plain.length=%lu\n",
 				    name, (long)enc_data->length, (long)plain_data.length));
@@ -531,10 +531,10 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 	}
 }
 
-static BOOL test_FetchData(struct DsSyncTest *ctx)
+static bool test_FetchData(struct DsSyncTest *ctx)
 {
 	NTSTATUS status;
-	BOOL ret = True;
+	bool ret = true;
 	int i, y = 0;
 	uint64_t highest_usn = 0;
 	const char *partition = NULL;
@@ -582,7 +582,7 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 				    &gensec_skey);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("failed to get gensec session key: %s\n", nt_errstr(status));
-		return False;
+		return false;
 	}
 
 	for (i=0; i < ARRAY_SIZE(array); i++) {
@@ -686,16 +686,16 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 					errstr = dcerpc_errstr(ctx, ctx->new_dc.drsuapi.pipe->last_fault_code);
 				}
 				printf("dcerpc_drsuapi_DsGetNCChanges failed - %s\n", errstr);
-				ret = False;
+				ret = false;
 			} else if (!W_ERROR_IS_OK(r.out.result)) {
 				printf("DsGetNCChanges failed - %s\n", win_errstr(r.out.result));
-				ret = False;
+				ret = false;
 			}
 
-			if (ret == True && *r.out.level == 1) {
+			if (ret == true && *r.out.level == 1) {
 				out_level = 1;
 				ctr1 = &r.out.ctr.ctr1;
-			} else if (ret == True && *r.out.level == 2) {
+			} else if (ret == true && *r.out.level == 2) {
 				out_level = 1;
 				ctr1 = r.out.ctr.ctr2.ctr.mszip1.ctr1;
 			}
@@ -713,10 +713,10 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 				}
 			}
 
-			if (ret == True && *r.out.level == 6) {
+			if (ret == true && *r.out.level == 6) {
 				out_level = 6;
 				ctr6 = &r.out.ctr.ctr6;
-			} else if (ret == True && *r.out.level == 7
+			} else if (ret == true && *r.out.level == 7
 				   && r.out.ctr.ctr7.level == 6
 				   && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP) {
 				out_level = 6;
@@ -743,10 +743,10 @@ static BOOL test_FetchData(struct DsSyncTest *ctx)
 	return ret;
 }
 
-static BOOL test_FetchNT4Data(struct DsSyncTest *ctx)
+static bool test_FetchNT4Data(struct DsSyncTest *ctx)
 {
 	NTSTATUS status;
-	BOOL ret = True;
+	bool ret = true;
 	struct drsuapi_DsGetNT4ChangeLog r;
 	struct GUID null_guid;
 	struct dom_sid null_sid;
@@ -774,16 +774,16 @@ static BOOL test_FetchNT4Data(struct DsSyncTest *ctx)
 				errstr = dcerpc_errstr(ctx, ctx->new_dc.drsuapi.pipe->last_fault_code);
 			}
 			printf("dcerpc_drsuapi_DsGetNT4ChangeLog failed - %s\n", errstr);
-			ret = False;
+			ret = false;
 		} else if (W_ERROR_EQUAL(r.out.result, WERR_INVALID_DOMAIN_ROLE)) {
 			printf("DsGetNT4ChangeLog not supported by target server\n");
 			break;
 		} else if (!W_ERROR_IS_OK(r.out.result)) {
 			printf("DsGetNT4ChangeLog failed - %s\n", win_errstr(r.out.result));
-			ret = False;
+			ret = false;
 		} else if (r.out.level != 1) {
 			printf("DsGetNT4ChangeLog unknown level - %u\n", r.out.level);
-			ret = False;
+			ret = false;
 		} else if (NT_STATUS_IS_OK(r.out.info.info1.status)) {
 		} else if (NT_STATUS_EQUAL(r.out.info.info1.status, STATUS_MORE_ENTRIES)) {
 			cookie.length	= r.out.info.info1.length1;
@@ -791,7 +791,7 @@ static BOOL test_FetchNT4Data(struct DsSyncTest *ctx)
 			continue;
 		} else {
 			printf("DsGetNT4ChangeLog failed - %s\n", nt_errstr(r.out.info.info1.status));
-			ret = False;
+			ret = false;
 		}
 
 		break;
-- 
cgit 


From dda00fedd4df2353b171a9594efafa335b15230b Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 5 Nov 2007 02:26:42 +0100
Subject: r25825: Don't print the user's password hash at level 0.

Andrew Bartlett
(This used to be commit 495271588c5ef8ce88826961fa3883506d74ad33)
---
 source4/torture/rpc/dssync.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 15125ac365..4403a64a36 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -574,8 +574,7 @@ static bool test_FetchData(struct DsSyncTest *ctx)
 		const struct samr_Password *nthash;
 		nthash = cli_credentials_get_nt_hash(ctx->new_dc.credentials, ctx);
 		if (nthash) {
-			DEBUG(0,("CREDENTIALS nthash:\n"));
-			dump_data(0, nthash->hash, sizeof(nthash->hash));
+			dump_data_pw("CREDENTIALS nthash:", nthash->hash, sizeof(nthash->hash));
 		}
 	}
 	status = gensec_session_key(ctx->new_dc.drsuapi.pipe->conn->security_state.generic_state,
-- 
cgit 


From bbdfbf8d9d486aee51117976b8f825759a4c4a37 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Mon, 3 Dec 2007 00:28:22 +0100
Subject: r26238: Add a loadparm context parameter to torture_context, remove
 more uses of global_loadparm. (This used to be commit
 a33a5530545086b81a3b205aa109dff11c546926)

---
 source4/torture/rpc/dssync.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 4403a64a36..7c56a52203 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -420,7 +420,7 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 	static uint32_t object_id;
 	const char *save_values_dir;
 
-	if (!lp_parm_bool(global_loadparm, NULL,"dssync","print_pwd_blobs", false)) {
+	if (!lp_parm_bool(global_loadparm, NULL, "dssync", "print_pwd_blobs", false)) {
 		return;	
 	}
 
-- 
cgit 


From 1fbdd6ef1dfb8704de0524fc6f5c33e1418858cd Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Mon, 3 Dec 2007 18:47:35 +0100
Subject: r26264: pass name resolve order explicitly, use torture context for
 settings in dssync tests. (This used to be commit
 c7eae1c7842f9ff8b70cce9e5d6f3ebbbe78e83b)

---
 source4/torture/rpc/dssync.c | 56 +++++++++++++++++++++++---------------------
 1 file changed, 29 insertions(+), 27 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 7c56a52203..738a049e73 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -78,14 +78,14 @@ struct DsSyncTest {
 	} old_dc;
 };
 
-static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
+static struct DsSyncTest *test_create_context(struct torture_context *tctx)
 {
 	NTSTATUS status;
 	struct DsSyncTest *ctx;
 	struct drsuapi_DsBindInfo28 *our_bind_info28;
 	struct drsuapi_DsBindInfoCtr *our_bind_info_ctr;
-	const char *binding = lp_parm_string(global_loadparm, NULL, "torture", "binding");
-	ctx = talloc_zero(mem_ctx, struct DsSyncTest);
+	const char *binding = torture_setting_string(tctx, "binding", NULL);
+	ctx = talloc_zero(tctx, struct DsSyncTest);
 	if (!ctx) return NULL;
 
 	status = dcerpc_parse_binding(ctx, binding, &ctx->drsuapi_binding);
@@ -149,7 +149,7 @@ static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
 	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
 	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
 	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
-	if (lp_parm_bool(global_loadparm, NULL, "dssync", "xpress", false)) {
+	if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "xpress", false)) {
 		our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
 	}
 	our_bind_info28->site_guid		= GUID_zero();
@@ -246,7 +246,7 @@ static bool test_LDAPBind(struct DsSyncTest *ctx, struct cli_credentials *creden
 	return ret;
 }
 
-static bool test_GetInfo(struct DsSyncTest *ctx)
+static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx)
 {
 	NTSTATUS status;
 	struct drsuapi_DsCrackNames r;
@@ -265,7 +265,7 @@ static bool test_GetInfo(struct DsSyncTest *ctx)
 	r.in.req.req1.format_flags	= DRSUAPI_DS_NAME_FLAG_NO_FLAGS;		
 	r.in.req.req1.format_offered	= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
 	r.in.req.req1.format_desired	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
-	names[0].str = talloc_asprintf(ctx, "%s\\", lp_workgroup(global_loadparm));
+	names[0].str = talloc_asprintf(ctx, "%s\\", lp_workgroup(tctx->lp_ctx));
 
 	status = dcerpc_drsuapi_DsCrackNames(ctx->admin.drsuapi.pipe, ctx, &r);
 	if (!NT_STATUS_IS_OK(status)) {
@@ -413,18 +413,19 @@ static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
 	return plain_buffer;
 }
 
-static void test_analyse_objects(struct DsSyncTest *ctx,
+static void test_analyse_objects(struct torture_context *tctx, 
+				 struct DsSyncTest *ctx,
 				 const DATA_BLOB *gensec_skey,
 				 struct drsuapi_DsReplicaObjectListItemEx *cur)
 {
 	static uint32_t object_id;
 	const char *save_values_dir;
 
-	if (!lp_parm_bool(global_loadparm, NULL, "dssync", "print_pwd_blobs", false)) {
+	if (!lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "print_pwd_blobs", false)) {
 		return;	
 	}
 
-	save_values_dir = lp_parm_string(global_loadparm, NULL, "dssync", "save_pwd_blobs_dir");
+	save_values_dir = lp_parm_string(tctx->lp_ctx, NULL, "dssync", "save_pwd_blobs_dir");
 
 	for (; cur; cur = cur->next_object) {
 		const char *dn;
@@ -531,7 +532,7 @@ static void test_analyse_objects(struct DsSyncTest *ctx,
 	}
 }
 
-static bool test_FetchData(struct DsSyncTest *ctx)
+static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx)
 {
 	NTSTATUS status;
 	bool ret = true;
@@ -560,17 +561,17 @@ static bool test_FetchData(struct DsSyncTest *ctx)
 	ZERO_STRUCT(null_guid);
 	ZERO_STRUCT(null_sid);
 
-	partition = lp_parm_string(global_loadparm, NULL, "dssync", "partition");
+	partition = lp_parm_string(tctx->lp_ctx, NULL, "dssync", "partition");
 	if (partition == NULL) {
 		partition = ctx->domain_dn;
 		printf("dssync:partition not specified, defaulting to %s.\n", ctx->domain_dn);
 	}
 
-	highest_usn = lp_parm_int(global_loadparm, NULL, "dssync", "highest_usn", 0);
+	highest_usn = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "highest_usn", 0);
 
-	array[0].level = lp_parm_int(global_loadparm, NULL, "dssync", "get_nc_changes_level", array[0].level);
+	array[0].level = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "get_nc_changes_level", array[0].level);
 
-	if (lp_parm_bool(global_loadparm, NULL, "dssync", "print_pwd_blobs", false)) {
+	if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "print_pwd_blobs", false)) {
 		const struct samr_Password *nthash;
 		nthash = cli_credentials_get_nt_hash(ctx->new_dc.credentials, ctx);
 		if (nthash) {
@@ -605,10 +606,10 @@ static bool test_FetchData(struct DsSyncTest *ctx)
 			r.in.req.req5.highwatermark.highest_usn		= highest_usn;
 			r.in.req.req5.uptodateness_vector		= NULL;
 			r.in.req.req5.replica_flags			= 0;
-			if (lp_parm_bool(global_loadparm, NULL, "dssync", "compression", false)) {
+			if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "compression", false)) {
 				r.in.req.req5.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
 			}
-			if (lp_parm_bool(global_loadparm, NULL, "dssync", "neighbour_writeable", true)) {
+			if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "neighbour_writeable", true)) {
 				r.in.req.req5.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
 			}
 			r.in.req.req5.replica_flags			|= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
@@ -636,10 +637,10 @@ static bool test_FetchData(struct DsSyncTest *ctx)
 			r.in.req.req8.highwatermark.highest_usn		= highest_usn;
 			r.in.req.req8.uptodateness_vector		= NULL;
 			r.in.req.req8.replica_flags			= 0;
-			if (lp_parm_bool(global_loadparm, NULL, "dssync", "compression", false)) {
+			if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "compression", false)) {
 				r.in.req.req8.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
 			}
-			if (lp_parm_bool(global_loadparm, NULL, "dssync", "neighbour_writeable", true)) {
+			if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "neighbour_writeable", true)) {
 				r.in.req.req8.replica_flags		|= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
 			}
 			r.in.req.req8.replica_flags			|= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
@@ -704,7 +705,7 @@ static bool test_FetchData(struct DsSyncTest *ctx)
 					(long long)ctr1->new_highwatermark.tmp_highest_usn,
 					(long long)ctr1->new_highwatermark.highest_usn));
 
-				test_analyse_objects(ctx, &gensec_skey, ctr1->first_object);
+				test_analyse_objects(tctx, ctx, &gensec_skey, ctr1->first_object);
 
 				if (ctr1->new_highwatermark.tmp_highest_usn > ctr1->new_highwatermark.highest_usn) {
 					r.in.req.req5.highwatermark = ctr1->new_highwatermark;
@@ -727,7 +728,7 @@ static bool test_FetchData(struct DsSyncTest *ctx)
 					(long long)ctr6->new_highwatermark.tmp_highest_usn,
 					(long long)ctr6->new_highwatermark.highest_usn));
 
-				test_analyse_objects(ctx, &gensec_skey, ctr6->first_object);
+				test_analyse_objects(tctx, ctx, &gensec_skey, ctr6->first_object);
 
 				if (ctr6->new_highwatermark.tmp_highest_usn > ctr6->new_highwatermark.highest_usn) {
 					r.in.req.req8.highwatermark = ctr6->new_highwatermark;
@@ -742,7 +743,8 @@ static bool test_FetchData(struct DsSyncTest *ctx)
 	return ret;
 }
 
-static bool test_FetchNT4Data(struct DsSyncTest *ctx)
+static bool test_FetchNT4Data(struct torture_context *tctx, 
+			      struct DsSyncTest *ctx)
 {
 	NTSTATUS status;
 	bool ret = true;
@@ -759,8 +761,8 @@ static bool test_FetchNT4Data(struct DsSyncTest *ctx)
 	r.in.bind_handle	= &ctx->new_dc.drsuapi.bind_handle;
 	r.in.level		= 1;
 
-	r.in.req.req1.unknown1	= lp_parm_int(global_loadparm, NULL, "dssync", "nt4-1", 3);
-	r.in.req.req1.unknown2	= lp_parm_int(global_loadparm, NULL, "dssync", "nt4-2", 0x00004000);
+	r.in.req.req1.unknown1	= lp_parm_int(tctx->lp_ctx, NULL, "dssync", "nt4-1", 3);
+	r.in.req.req1.unknown2	= lp_parm_int(tctx->lp_ctx, NULL, "dssync", "nt4-2", 0x00004000);
 
 	while (1) {
 		r.in.req.req1.length	= cookie.length;
@@ -806,7 +808,7 @@ bool torture_rpc_dssync(struct torture_context *torture)
 	struct DsSyncTest *ctx;
 	
 	mem_ctx = talloc_init("torture_rpc_dssync");
-	ctx = test_create_context(mem_ctx);
+	ctx = test_create_context(torture);
 	
 	ret &= _test_DsBind(ctx, ctx->admin.credentials, &ctx->admin.drsuapi);
 	if (!ret) {
@@ -816,13 +818,13 @@ bool torture_rpc_dssync(struct torture_context *torture)
 	if (!ret) {
 		return ret;
 	}
-	ret &= test_GetInfo(ctx);
+	ret &= test_GetInfo(torture, ctx);
 	ret &= _test_DsBind(ctx, ctx->new_dc.credentials, &ctx->new_dc.drsuapi);
 	if (!ret) {
 		return ret;
 	}
-	ret &= test_FetchData(ctx);
-	ret &= test_FetchNT4Data(ctx);
+	ret &= test_FetchData(torture, ctx);
+	ret &= test_FetchNT4Data(torture, ctx);
 
 	return ret;
 }
-- 
cgit 


From da0f222f432c4fc8bf5da80baf849ca32b315ca0 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Mon, 3 Dec 2007 23:33:16 +0100
Subject: r26271: Remove some more uses of global_loadparm. (This used to be
 commit e9875fcd56de0748ed78d7e3c9cdb4919cd96d3c)

---
 source4/torture/rpc/dssync.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 738a049e73..14164321b9 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -284,6 +284,7 @@ static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx)
 	
 	ZERO_STRUCT(search);
 	search.in.dest_address = ctx->drsuapi_binding->host;
+	search.in.dest_port = lp_cldap_port(tctx->lp_ctx);
 	search.in.acct_control = -1;
 	search.in.version = 6;
 	status = cldap_netlogon(cldap, ctx, &search);
-- 
cgit 


From 4c4323009fa83f00ed319de59a3aad48fcd65994 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Fri, 7 Dec 2007 02:37:04 +0100
Subject: r26327: Explicit loadparm_context for RPC client functions. (This
 used to be commit eeb2251d22b3d6e0379444a73af69d1014692b07)

---
 source4/torture/rpc/dssync.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 14164321b9..c0deb13570 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -182,7 +182,7 @@ static bool _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credent
 	status = dcerpc_pipe_connect_b(ctx,
 				       &b->pipe, ctx->drsuapi_binding, 
 				       &ndr_table_drsuapi,
-				       credentials, event);
+				       credentials, event, global_loadparm);
 	
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status));
-- 
cgit 


From a72c5053c587f0ed6113ef514fe3739cb81e7abf Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Sat, 8 Dec 2007 23:32:43 +0100
Subject: r26353: Remove use of global_loadparm. (This used to be commit
 17637e4490e42db6cdef619286c4d5a0982e9d1a)

---
 source4/torture/rpc/dssync.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index c0deb13570..8f15f6f096 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -236,7 +236,7 @@ static bool test_LDAPBind(struct DsSyncTest *ctx, struct cli_credentials *creden
 
 	printf("connected to LDAP: %s\n", ctx->ldap_url);
 
-	status = torture_ldap_bind_sasl(l->conn, credentials);
+	status = torture_ldap_bind_sasl(l->conn, credentials, global_loadparm);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("failed to bind to LDAP:\n");
 		return false;
-- 
cgit 


From b65dba2245bf382c47d65c95ac9b1efa43918fc0 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Mon, 10 Dec 2007 04:33:16 +0100
Subject: r26355: Eliminate global_loadparm in more places. (This used to be
 commit 5d589a0d94bd76a9b4c9fc748854e8098ea43c4d)

---
 source4/torture/rpc/dssync.c | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 8f15f6f096..4417285e04 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -173,7 +173,8 @@ static struct DsSyncTest *test_create_context(struct torture_context *tctx)
 	return ctx;
 }
 
-static bool _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credentials, struct DsSyncBindInfo *b)
+static bool _test_DsBind(struct torture_context *tctx,
+			 struct DsSyncTest *ctx, struct cli_credentials *credentials, struct DsSyncBindInfo *b)
 {
 	NTSTATUS status;
 	bool ret = true;
@@ -182,7 +183,7 @@ static bool _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credent
 	status = dcerpc_pipe_connect_b(ctx,
 				       &b->pipe, ctx->drsuapi_binding, 
 				       &ndr_table_drsuapi,
-				       credentials, event, global_loadparm);
+				       credentials, event, tctx->lp_ctx);
 	
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status));
@@ -223,12 +224,13 @@ static bool _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credent
 	return ret;
 }
 
-static bool test_LDAPBind(struct DsSyncTest *ctx, struct cli_credentials *credentials, struct DsSyncLDAPInfo *l)
+static bool test_LDAPBind(struct torture_context *tctx, struct DsSyncTest *ctx, 
+			  struct cli_credentials *credentials, struct DsSyncLDAPInfo *l)
 {
 	NTSTATUS status;
 	bool ret = true;
 
-	status = torture_ldap_connection(ctx, &l->conn, ctx->ldap_url);
+	status = torture_ldap_connection(tctx, &l->conn, ctx->ldap_url);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("failed to connect to LDAP: %s\n", ctx->ldap_url);
 		return false;
@@ -236,7 +238,7 @@ static bool test_LDAPBind(struct DsSyncTest *ctx, struct cli_credentials *creden
 
 	printf("connected to LDAP: %s\n", ctx->ldap_url);
 
-	status = torture_ldap_bind_sasl(l->conn, credentials, global_loadparm);
+	status = torture_ldap_bind_sasl(l->conn, credentials, tctx->lp_ctx);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("failed to bind to LDAP:\n");
 		return false;
@@ -811,16 +813,16 @@ bool torture_rpc_dssync(struct torture_context *torture)
 	mem_ctx = talloc_init("torture_rpc_dssync");
 	ctx = test_create_context(torture);
 	
-	ret &= _test_DsBind(ctx, ctx->admin.credentials, &ctx->admin.drsuapi);
+	ret &= _test_DsBind(torture, ctx, ctx->admin.credentials, &ctx->admin.drsuapi);
 	if (!ret) {
 		return ret;
 	}
-	ret &= test_LDAPBind(ctx, ctx->admin.credentials, &ctx->admin.ldap);
+	ret &= test_LDAPBind(torture, ctx, ctx->admin.credentials, &ctx->admin.ldap);
 	if (!ret) {
 		return ret;
 	}
 	ret &= test_GetInfo(torture, ctx);
-	ret &= _test_DsBind(ctx, ctx->new_dc.credentials, &ctx->new_dc.drsuapi);
+	ret &= _test_DsBind(torture, ctx, ctx->new_dc.credentials, &ctx->new_dc.drsuapi);
 	if (!ret) {
 		return ret;
 	}
-- 
cgit 


From c38c2765d1059b33f044a42c6555f3d10d339911 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Thu, 21 Feb 2008 17:17:37 +0100
Subject: Remove yet more uses of global_loadparm. (This used to be commit
 e01c1e87c0fe9709df7eb5b863f7ce85564174cd)

---
 source4/torture/rpc/dssync.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 4417285e04..b28e429a75 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -255,7 +255,7 @@ static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx)
 	struct drsuapi_DsNameString names[1];
 	bool ret = true;
 
-	struct cldap_socket *cldap = cldap_socket_init(ctx, NULL);
+	struct cldap_socket *cldap = cldap_socket_init(ctx, NULL, lp_iconv_convenience(tctx->lp_ctx));
 	struct cldap_netlogon search;
 	
 	r.in.bind_handle		= &ctx->admin.drsuapi.bind_handle;
-- 
cgit 


From 4e83011f72ba3df387512755a17760b42a7bf2f2 Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Mon, 21 Apr 2008 17:58:23 -0400
Subject: Remove more event_context_init() uses from function calls within deep
 down the code. Make sure we pass around the event_context where we need it
 instead. All test but a few python ones fail. Jelmer promised to fix them.
 (This used to be commit 3045d391626fba169aa26be52174883e18d323e9)

---
 source4/torture/rpc/dssync.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index b28e429a75..00617f4072 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -178,12 +178,11 @@ static bool _test_DsBind(struct torture_context *tctx,
 {
 	NTSTATUS status;
 	bool ret = true;
-	struct event_context *event = NULL;
 
 	status = dcerpc_pipe_connect_b(ctx,
 				       &b->pipe, ctx->drsuapi_binding, 
 				       &ndr_table_drsuapi,
-				       credentials, event, tctx->lp_ctx);
+				       credentials, tctx->ev, tctx->lp_ctx);
 	
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status));
@@ -254,10 +253,11 @@ static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx)
 	struct drsuapi_DsCrackNames r;
 	struct drsuapi_DsNameString names[1];
 	bool ret = true;
-
-	struct cldap_socket *cldap = cldap_socket_init(ctx, NULL, lp_iconv_convenience(tctx->lp_ctx));
+	struct cldap_socket *cldap;
 	struct cldap_netlogon search;
-	
+
+	cldap = cldap_socket_init(ctx, tctx->ev, lp_iconv_convenience(tctx->lp_ctx));
+
 	r.in.bind_handle		= &ctx->admin.drsuapi.bind_handle;
 	r.in.level			= 1;
 	r.in.req.req1.codepage		= 1252; /* western european */
-- 
cgit 


From 58e7f253eafecca6934162034e88ee19b103c6ee Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Fri, 16 May 2008 13:03:01 +1000
Subject: Rework the CLDAP and NBT netlogon requests and responses.

This now matches section 7.3.3 of the MS-ATDS specification, and all
our current tests pass against windows.  There is still more testing
to do, and the server implementation to complete.

Andrew Bartlett
(This used to be commit 431d0c03965cbee85691cd0dc1e2a509c1a2b717)
---
 source4/torture/rpc/dssync.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 00617f4072..989a1faf27 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -288,16 +288,17 @@ static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx)
 	search.in.dest_address = ctx->drsuapi_binding->host;
 	search.in.dest_port = lp_cldap_port(tctx->lp_ctx);
 	search.in.acct_control = -1;
-	search.in.version = 6;
+	search.in.version		= NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX;
+	search.in.map_response = true;
 	status = cldap_netlogon(cldap, ctx, &search);
 	if (!NT_STATUS_IS_OK(status)) {
 		const char *errstr = nt_errstr(status);
 		ctx->site_name = talloc_asprintf(ctx, "%s", "Default-First-Site-Name");
 		printf("cldap_netlogon() returned %s. Defaulting to Site-Name: %s\n", errstr, ctx->site_name);		
 	} else {
-		ctx->site_name = talloc_steal(ctx, search.out.netlogon.logon5.client_site);
+		ctx->site_name = talloc_steal(ctx, search.out.netlogon.nt5_ex.client_site);
 		printf("cldap_netlogon() returned Client Site-Name: %s.\n",ctx->site_name);
-		printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.logon5.server_site);
+		printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.nt5_ex.server_site);
 	}
 
 	return ret;
-- 
cgit 


From c88ec856bd88a22e281cd9cf99ad2828d4bbbe2b Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 30 Jun 2008 13:03:17 +0200
Subject: drsuapi.idl: remove some unknows from DsGetNCChanges() (update samba4
 callers)

metze
(This used to be commit d41b3dd6ffc4fd894bc05798dbc2ff4b53933a06)
---
 source4/torture/rpc/dssync.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 989a1faf27..ec527687c0 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -623,8 +623,8 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx)
 									;
 			r.in.req.req5.max_object_count			= 133;
 			r.in.req.req5.max_ndr_size			= 1336770;
-			r.in.req.req5.unknown4				= 0;
-			r.in.req.req5.h1				= 0;
+			r.in.req.req5.extended_op			= DRSUAPI_EXOP_NONE;
+			r.in.req.req5.fsmo_info				= 0;
 
 			break;
 		case 8:
@@ -655,10 +655,10 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx)
 			r.in.req.req8.max_object_count			= 402;
 			r.in.req.req8.max_ndr_size			= 402116;
 
-			r.in.req.req8.unknown4				= 0;
-			r.in.req.req8.h1				= 0;
-			r.in.req.req8.unique_ptr1			= 0;
-			r.in.req.req8.unique_ptr2			= 0;
+			r.in.req.req8.extended_op			= DRSUAPI_EXOP_NONE;
+			r.in.req.req8.fsmo_info				= 0;
+			r.in.req.req8.partial_attribute_set		= NULL;
+			r.in.req.req8.partial_attribute_set_ex		= NULL;
 			r.in.req.req8.mapping_ctr.num_mappings		= 0;
 			r.in.req.req8.mapping_ctr.mappings		= NULL;
 
-- 
cgit 


From a24fb2b537a57c308385de9fe5149e29740d1d1b Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 16 Jul 2008 12:58:29 +0200
Subject: drsuapi: get ctr6 out of xpress compressed level

metze
(This used to be commit 4e0708148a121bd41a12abf6122d5d6f3f09667a)
---
 source4/torture/rpc/dssync.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index ec527687c0..9c07e5f532 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -725,6 +725,11 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx)
 				   && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP) {
 				out_level = 6;
 				ctr6 = r.out.ctr.ctr7.ctr.mszip6.ctr6;
+			} else if (ret == true && *r.out.level == 7
+				   && r.out.ctr.ctr7.level == 6
+				   && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_XPRESS) {
+				out_level = 6;
+				ctr6 = r.out.ctr.ctr7.ctr.xpress6.ctr6;
 			}
 
 			if (out_level == 6) {
-- 
cgit 


From f0e44c35afce5ceec5d247dbd4205301251e403c Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 16 Jul 2008 13:01:56 +0200
Subject: drsuapi: make use of the 'more_data' field in DsGetNCChangesCtr[1|6]

metze
(This used to be commit 35c7fa470a7433d081403b2b57a331c7dc287aef)
---
 source4/torture/rpc/dssync.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 9c07e5f532..053f78e99b 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -711,7 +711,7 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx)
 
 				test_analyse_objects(tctx, ctx, &gensec_skey, ctr1->first_object);
 
-				if (ctr1->new_highwatermark.tmp_highest_usn > ctr1->new_highwatermark.highest_usn) {
+				if (ctr1->more_data) {
 					r.in.req.req5.highwatermark = ctr1->new_highwatermark;
 					continue;
 				}
@@ -739,7 +739,7 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx)
 
 				test_analyse_objects(tctx, ctx, &gensec_skey, ctr6->first_object);
 
-				if (ctr6->new_highwatermark.tmp_highest_usn > ctr6->new_highwatermark.highest_usn) {
+				if (ctr6->more_data) {
 					r.in.req.req8.highwatermark = ctr6->new_highwatermark;
 					continue;
 				}
-- 
cgit 


From 7fba6c649ba36ca5b76dcfed7b773567c9933077 Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox@samba.org>
Date: Tue, 22 Jul 2008 15:35:23 +0200
Subject: Change occurrences of the u1 member of DsBindInfo* to pid after idl
 change.

Michael
(This used to be commit b91bbc5fe4a47e5823be6be5f2f203f1f14105de)
---
 source4/torture/rpc/dssync.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 053f78e99b..35fd4df845 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -104,7 +104,7 @@ static struct DsSyncTest *test_create_context(struct torture_context *tctx)
 	our_bind_info28->supported_extensions	= 0xFFFFFFFF;
 	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
 	our_bind_info28->site_guid		= GUID_zero();
-	our_bind_info28->u1			= 0;
+	our_bind_info28->pid			= 0;
 	our_bind_info28->repl_epoch		= 1;
 
 	our_bind_info_ctr			= &ctx->admin.drsuapi.our_bind_info_ctr;
@@ -153,7 +153,7 @@ static struct DsSyncTest *test_create_context(struct torture_context *tctx)
 		our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
 	}
 	our_bind_info28->site_guid		= GUID_zero();
-	our_bind_info28->u1			= 508;
+	our_bind_info28->pid			= 508;
 	our_bind_info28->repl_epoch		= 0;
 
 	our_bind_info_ctr			= &ctx->new_dc.drsuapi.our_bind_info_ctr;
@@ -210,7 +210,7 @@ static bool _test_DsBind(struct torture_context *tctx,
 			info24 = &b->req.out.bind_info->info.info24;
 			b->peer_bind_info28.supported_extensions= info24->supported_extensions;
 			b->peer_bind_info28.site_guid		= info24->site_guid;
-			b->peer_bind_info28.u1			= info24->u1;
+			b->peer_bind_info28.pid			= info24->pid;
 			b->peer_bind_info28.repl_epoch		= 0;
 			break;
 		}
-- 
cgit 


From 935a7b3389615cadce4defa610b74072a286eac4 Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox@samba.org>
Date: Wed, 23 Jul 2008 11:05:24 +0200
Subject: smbtorture: add support for the DSBindInfo48 to the RPC-DSSYNC test.

Michael
(This used to be commit 67a99e445871861945fd0a45784cffb358bdccf3)
---
 source4/torture/rpc/dssync.c | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 35fd4df845..6b82b6bf0f 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -214,6 +214,15 @@ static bool _test_DsBind(struct torture_context *tctx,
 			b->peer_bind_info28.repl_epoch		= 0;
 			break;
 		}
+		case 48: {
+			struct drsuapi_DsBindInfo48 *info48;
+			info48 = &b->req.out.bind_info->info.info48;
+			b->peer_bind_info28.supported_extensions= info48->supported_extensions;
+			b->peer_bind_info28.site_guid		= info48->site_guid;
+			b->peer_bind_info28.pid			= info48->pid;
+			b->peer_bind_info28.repl_epoch		= info48->repl_epoch;
+			break;
+		}
 		case 28:
 			b->peer_bind_info28 = b->req.out.bind_info->info.info28;
 			break;
-- 
cgit 


From a9c3f4700c16e50b963b83bed9b9699f4e37322c Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox@samba.org>
Date: Wed, 23 Jul 2008 11:06:50 +0200
Subject: smbtorture: add a warning for unknown BindInfo length to the
 RPC-DSSYNC test

Michael
(This used to be commit 7ee99105ea3a50d8ee2c83ecd39e834ed9efb98c)
---
 source4/torture/rpc/dssync.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 6b82b6bf0f..3279047c6a 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -226,6 +226,9 @@ static bool _test_DsBind(struct torture_context *tctx,
 		case 28:
 			b->peer_bind_info28 = b->req.out.bind_info->info.info28;
 			break;
+		default:
+			printf("DsBind - warning: unknown BindInfo length: %u\n",
+			       b->req.out.bind_info->length);
 		}
 	}
 
-- 
cgit 


From 734d0c0a5def566ad8a8167c81e06bd9b31b4645 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 22 Jul 2008 14:06:36 +0200
Subject: RPC-DSSYNC: print 'supplementalCredentials' more verbosely

metze
(This used to be commit 6a7637b12e4a34915a53e81a0f47571da21fdc5a)
---
 source4/torture/rpc/dssync.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 3279047c6a..822cd088f1 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -23,6 +23,7 @@
 #include "includes.h"
 #include "lib/cmdline/popt_common.h"
 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
+#include "librpc/gen_ndr/ndr_drsblobs.h"
 #include "libcli/cldap/cldap.h"
 #include "libcli/ldap/ldap_client.h"
 #include "torture/torture.h"
@@ -526,6 +527,8 @@ static void test_analyse_objects(struct torture_context *tctx,
 			DEBUGADD(0,("ATTR: %s enc.length=%lu plain.length=%lu\n",
 				    name, (long)enc_data->length, (long)plain_data.length));
 			if (plain_data.length) {
+				enum ndr_err_code ndr_err;
+				struct supplementalCredentialsBlob scb;
 				dump_data(0, plain_data.data, plain_data.length);
 				if (save_values_dir) {
 					char *fname;
@@ -541,6 +544,13 @@ static void test_analyse_objects(struct torture_context *tctx,
 					}
 					talloc_free(fname);
 				}
+
+				ndr_err = ndr_pull_struct_blob_all(&plain_data, tctx,
+					   lp_iconv_convenience(tctx->lp_ctx), &scb,
+					   (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob);
+				if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+					NDR_PRINT_DEBUG(supplementalCredentialsBlob, &scb);
+				}
 			} else {
 				dump_data(0, enc_data->data, enc_data->length);
 			}
-- 
cgit 


From 1f20ca14cc1a2604a7af41e6ca03852f0398d88a Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox@samba.org>
Date: Wed, 23 Jul 2008 15:34:45 +0200
Subject: drsuapi: always set the pid field of the outgoing DsBindInfo to 0.

This is for debugging and informational purposes only.
The assignment is implementation specific.
(WSPP docs, sec. 5.35).

Michael
(This used to be commit 1f5704e2dee5900e8d1d87699b76f67c0e12854e)
---
 source4/torture/rpc/dssync.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 822cd088f1..2930a9b1f9 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -154,7 +154,7 @@ static struct DsSyncTest *test_create_context(struct torture_context *tctx)
 		our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
 	}
 	our_bind_info28->site_guid		= GUID_zero();
-	our_bind_info28->pid			= 508;
+	our_bind_info28->pid			= 0;
 	our_bind_info28->repl_epoch		= 0;
 
 	our_bind_info_ctr			= &ctx->new_dc.drsuapi.our_bind_info_ctr;
-- 
cgit 


From 2cc32c4988e69b3a8c6254cc34e66370f220d60d Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 31 Jul 2008 10:51:59 +1000
Subject: Use the cldap reply to avoid segfaulting in RPC-DSSYNC

Also don't fail the test if the server does not implement the NT4
changelog.

Andrew Bartlett
(This used to be commit 514d88580bee3bb17f1032262f5518e3ab2a349a)
---
 source4/torture/rpc/dssync.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 2930a9b1f9..e8c67b46c1 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -34,6 +34,7 @@
 #include "libcli/auth/libcli_auth.h"
 #include "auth/gensec/gensec.h"
 #include "param/param.h"
+#include "dsdb/samdb/samdb.h"
 
 struct DsSyncBindInfo {
 	struct dcerpc_pipe *pipe;
@@ -314,6 +315,14 @@ static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx)
 		printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.nt5_ex.server_site);
 	}
 
+	if (!ctx->domain_dn) {
+		struct ldb_context *ldb = ldb_init(ctx, tctx->ev);
+		struct ldb_dn *dn = samdb_dns_domain_to_dn(ldb, ctx, search.out.netlogon.nt5_ex.dns_domain);
+		ctx->domain_dn = ldb_dn_alloc_linearized(ctx, dn);
+		talloc_free(dn);
+		talloc_free(ldb);
+	}
+
 	return ret;
 }
 
@@ -800,7 +809,10 @@ static bool test_FetchNT4Data(struct torture_context *tctx,
 		r.in.req.req1.data	= cookie.data;
 
 		status = dcerpc_drsuapi_DsGetNT4ChangeLog(ctx->new_dc.drsuapi.pipe, ctx, &r);
-		if (!NT_STATUS_IS_OK(status)) {
+		if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
+			printf("DsGetNT4ChangeLog not supported by target server\n");
+			break;
+		} else if (!NT_STATUS_IS_OK(status)) {
 			const char *errstr = nt_errstr(status);
 			if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
 				errstr = dcerpc_errstr(ctx, ctx->new_dc.drsuapi.pipe->last_fault_code);
-- 
cgit 


From 358a11c6f3c8d063b1f25bf27191811ff82d91ec Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 31 Jul 2008 21:23:48 +1000
Subject: Print trustAuthOutgoing and trustAuthIncoming in RPC-DSSYNC (This
 used to be commit 6673a6e62399c4956a44a06685aa91ce8145b92a)

---
 source4/torture/rpc/dssync.c | 28 ++++++++++++++++++++++------
 1 file changed, 22 insertions(+), 6 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index e8c67b46c1..d340543f0a 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -474,6 +474,9 @@ static void test_analyse_objects(struct torture_context *tctx,
 			DATA_BLOB *enc_data = NULL;
 			DATA_BLOB plain_data;
 			struct drsuapi_DsReplicaAttribute *attr;
+			ndr_pull_flags_fn_t pull_fn = NULL;
+			ndr_print_fn_t print_fn = NULL;
+			void *ptr = NULL;
 			attr = &cur->object.attribute_ctr.attributes[i];
 
 			switch (attr->attid) {
@@ -495,6 +498,9 @@ static void test_analyse_objects(struct torture_context *tctx,
 				break;
 			case DRSUAPI_ATTRIBUTE_supplementalCredentials:
 				name	= "supplementalCredentials";
+				pull_fn = (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob;
+				print_fn = (ndr_print_fn_t)ndr_print_supplementalCredentialsBlob;
+				ptr = talloc(ctx, struct supplementalCredentialsBlob);
 				break;
 			case DRSUAPI_ATTRIBUTE_priorValue:
 				name	= "priorValue";
@@ -504,9 +510,15 @@ static void test_analyse_objects(struct torture_context *tctx,
 				break;
 			case DRSUAPI_ATTRIBUTE_trustAuthOutgoing:
 				name	= "trustAuthOutgoing";
+				pull_fn = (ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob;
+				print_fn = (ndr_print_fn_t)ndr_print_trustAuthInOutBlob;
+				ptr = talloc(ctx, struct trustAuthInOutBlob);
 				break;
 			case DRSUAPI_ATTRIBUTE_trustAuthIncoming:
 				name	= "trustAuthIncoming";
+				pull_fn = (ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob;
+				print_fn = (ndr_print_fn_t)ndr_print_trustAuthInOutBlob;
+				ptr = talloc(ctx, struct trustAuthInOutBlob);
 				break;
 			case DRSUAPI_ATTRIBUTE_initialAuthOutgoing:
 				name	= "initialAuthOutgoing";
@@ -537,7 +549,6 @@ static void test_analyse_objects(struct torture_context *tctx,
 				    name, (long)enc_data->length, (long)plain_data.length));
 			if (plain_data.length) {
 				enum ndr_err_code ndr_err;
-				struct supplementalCredentialsBlob scb;
 				dump_data(0, plain_data.data, plain_data.length);
 				if (save_values_dir) {
 					char *fname;
@@ -554,15 +565,20 @@ static void test_analyse_objects(struct torture_context *tctx,
 					talloc_free(fname);
 				}
 
-				ndr_err = ndr_pull_struct_blob_all(&plain_data, tctx,
-					   lp_iconv_convenience(tctx->lp_ctx), &scb,
-					   (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob);
-				if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-					NDR_PRINT_DEBUG(supplementalCredentialsBlob, &scb);
+				if (pull_fn) {
+					ndr_err = ndr_pull_struct_blob_all(&plain_data, ptr,
+									   lp_iconv_convenience(tctx->lp_ctx), ptr,
+									   pull_fn);
+					if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+						ndr_print_debug(print_fn, name, ptr);
+					} else {
+						DEBUG(0, ("Failed to decode %s\n", name));
+					}
 				}
 			} else {
 				dump_data(0, enc_data->data, enc_data->length);
 			}
+			talloc_free(ptr);
 		}
 	}
 }
-- 
cgit 


From 8275d511bc3ea79a14a4704b7d914222adc2d321 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 7 Aug 2008 19:15:30 +0200
Subject: drsuapi: fix callers after idl change

metze
(This used to be commit 7dee6fb62d5adbd2eaaaf4d8ba9e87a72ef9f94b)
---
 source4/torture/rpc/dssync.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index d340543f0a..97c3b3f3c3 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -748,7 +748,7 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx)
 				ctr1 = &r.out.ctr.ctr1;
 			} else if (ret == true && *r.out.level == 2) {
 				out_level = 1;
-				ctr1 = r.out.ctr.ctr2.ctr.mszip1.ctr1;
+				ctr1 = r.out.ctr.ctr2.mszip1.ctr1;
 			}
 
 			if (out_level == 1) {
-- 
cgit 


From a0b5ec7797aa213da4fc62c40f5a94b88f153967 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Fri, 8 Aug 2008 10:32:21 +1000
Subject: We can't use ndr_pull_struct_blob_all in combinatin with relative
 pointers (This used to be commit d0a128f35b259d4891edc68fc24aa04a6da7aab7)

---
 source4/torture/rpc/dssync.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 97c3b3f3c3..2739081246 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -566,9 +566,10 @@ static void test_analyse_objects(struct torture_context *tctx,
 				}
 
 				if (pull_fn) {
-					ndr_err = ndr_pull_struct_blob_all(&plain_data, ptr,
-									   lp_iconv_convenience(tctx->lp_ctx), ptr,
-									   pull_fn);
+					/* Can't use '_all' because of PIDL bugs with relative pointers */
+					ndr_err = ndr_pull_struct_blob(&plain_data, ptr,
+								       lp_iconv_convenience(tctx->lp_ctx), ptr,
+								       pull_fn);
 					if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
 						ndr_print_debug(print_fn, name, ptr);
 					} else {
-- 
cgit 


From 75f594b285df4200369e1f767ffd4be5746fdd00 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 19 Aug 2008 10:36:24 +0200
Subject: drsuapi: fix samba4 callers after drsuapi.idl changes

metze
(This used to be commit 4b054cee51c39c5430bcadd5c06a94dc3e6b0d8f)
---
 source4/torture/rpc/dssync.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

(limited to 'source4/torture/rpc/dssync.c')

diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c
index 2739081246..e9346f9605 100644
--- a/source4/torture/rpc/dssync.c
+++ b/source4/torture/rpc/dssync.c
@@ -747,9 +747,10 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx)
 			if (ret == true && *r.out.level == 1) {
 				out_level = 1;
 				ctr1 = &r.out.ctr.ctr1;
-			} else if (ret == true && *r.out.level == 2) {
+			} else if (ret == true && *r.out.level == 2 &&
+				   r.out.ctr.ctr2.mszip1.ts) {
 				out_level = 1;
-				ctr1 = r.out.ctr.ctr2.mszip1.ctr1;
+				ctr1 = &r.out.ctr.ctr2.mszip1.ts->ctr1;
 			}
 
 			if (out_level == 1) {
@@ -770,14 +771,16 @@ static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx)
 				ctr6 = &r.out.ctr.ctr6;
 			} else if (ret == true && *r.out.level == 7
 				   && r.out.ctr.ctr7.level == 6
-				   && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP) {
+				   && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP
+				   && r.out.ctr.ctr7.ctr.mszip6.ts) {
 				out_level = 6;
-				ctr6 = r.out.ctr.ctr7.ctr.mszip6.ctr6;
+				ctr6 = &r.out.ctr.ctr7.ctr.mszip6.ts->ctr6;
 			} else if (ret == true && *r.out.level == 7
 				   && r.out.ctr.ctr7.level == 6
-				   && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_XPRESS) {
+				   && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_XPRESS
+				   && r.out.ctr.ctr7.ctr.xpress6.ts) {
 				out_level = 6;
-				ctr6 = r.out.ctr.ctr7.ctr.xpress6.ctr6;
+				ctr6 = &r.out.ctr.ctr7.ctr.xpress6.ts->ctr6;
 			}
 
 			if (out_level == 6) {
-- 
cgit