From b1a80dcec0056fbbdcca74e6a4b686ff764c1f50 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 28 Feb 2007 17:06:01 +0000 Subject: r21590: add RPC-HANDLES-MIXED-SHARED test, which shows that assoc_groups are shared between idl-interfaces and connections. But you can't close a samr policy handle on a lsa pipe. add RPC-HANDLES-RANDOM-ASSOC test, which shows that you can't bind with an invalid assoc_group_id metze (This used to be commit 26b0e03a776fbac4e93fef585dcfec5962f40387) --- source4/torture/rpc/handles.c | 136 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 136 insertions(+) (limited to 'source4/torture/rpc') diff --git a/source4/torture/rpc/handles.c b/source4/torture/rpc/handles.c index 2dd9350dd7..1ef99e6132 100644 --- a/source4/torture/rpc/handles.c +++ b/source4/torture/rpc/handles.c @@ -385,6 +385,140 @@ static bool test_handles_samr(struct torture_context *torture) return true; } +static bool test_handles_mixed_shared(struct torture_context *torture) +{ + NTSTATUS status; + struct dcerpc_pipe *p1, *p2, *p3, *p4, *p5, *p6; + struct policy_handle handle; + struct policy_handle handle2; + struct samr_Connect r; + struct lsa_Close lc; + struct samr_Close sc; + TALLOC_CTX *mem_ctx = talloc_new(torture); + enum dcerpc_transport_t transport; + uint32_t assoc_group_id; + + torture_comment(torture, "RPC-HANDLE-MIXED-SHARED\n"); + + if (lp_parm_bool(-1, "torture", "samba4", False)) { + torture_comment(torture, "Mixed shared-policy-handle test against Samba4 - skipping\n"); + return true; + } + + torture_comment(torture, "connect samr pipe1\n"); + status = torture_rpc_connection(mem_ctx, &p1, &dcerpc_table_samr); + torture_assert_ntstatus_ok(torture, status, "opening samr pipe1"); + + transport = p1->conn->transport.transport, + assoc_group_id = p1->assoc_group_id; + + torture_comment(torture, "use assoc_group_id[0x%08X] for new connections\n", assoc_group_id); + + torture_comment(torture, "connect lsa pipe2\n"); + status = torture_rpc_connection_transport(mem_ctx, &p2, &dcerpc_table_lsarpc, + transport, + assoc_group_id); + torture_assert_ntstatus_ok(torture, status, "opening lsa pipe2"); + + r.in.system_name = 0; + r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; + r.out.connect_handle = &handle; + + torture_comment(torture, "samr_Connect to open a policy handle on samr p1\n"); + status = dcerpc_samr_Connect(p1, mem_ctx, &r); + torture_assert_ntstatus_ok(torture, status, "opening policy handle on p1"); + + lc.in.handle = &handle; + lc.out.handle = &handle2; + sc.in.handle = &handle; + sc.out.handle = &handle2; + + torture_comment(torture, "use policy handle on lsa p2 - should fail\n"); + status = dcerpc_lsa_Close(p2, mem_ctx, &lc); + torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT, + "closing handle on lsa p2"); + torture_assert_int_equal(torture, p2->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH, + "closing handle on lsa p2"); + + torture_comment(torture, "closing policy handle on samr p1\n"); + status = dcerpc_samr_Close(p1, mem_ctx, &sc); + torture_assert_ntstatus_ok(torture, status, "closing policy handle on p1"); + + talloc_free(p1); + talloc_free(p2); + msleep(10); + + torture_comment(torture, "connect samr pipe3 - should fail\n"); + status = torture_rpc_connection_transport(mem_ctx, &p3, &dcerpc_table_samr, + transport, + assoc_group_id); + torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL, + "opening samr pipe3"); + + torture_comment(torture, "connect lsa pipe4 - should fail\n"); + status = torture_rpc_connection_transport(mem_ctx, &p4, &dcerpc_table_lsarpc, + transport, + assoc_group_id); + torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL, + "opening lsa pipe4"); + + torture_comment(torture, "connect samr pipe5 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id); + status = torture_rpc_connection_transport(mem_ctx, &p5, &dcerpc_table_samr, + transport, + assoc_group_id); + torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL, + "opening samr pipe5"); + + torture_comment(torture, "connect lsa pipe6 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id); + status = torture_rpc_connection_transport(mem_ctx, &p6, &dcerpc_table_lsarpc, + transport, + assoc_group_id); + torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL, + "opening lsa pipe6"); + + talloc_free(mem_ctx); + + return true; +} + +static bool test_handles_random_assoc(struct torture_context *torture) +{ + NTSTATUS status; + struct dcerpc_pipe *p1, *p2, *p3; + TALLOC_CTX *mem_ctx = talloc_new(torture); + enum dcerpc_transport_t transport; + uint32_t assoc_group_id; + + torture_comment(torture, "RPC-HANDLE-RANDOM-ASSOC\n"); + + torture_comment(torture, "connect samr pipe1\n"); + status = torture_rpc_connection(mem_ctx, &p1, &dcerpc_table_samr); + torture_assert_ntstatus_ok(torture, status, "opening samr pipe1"); + + transport = p1->conn->transport.transport, + assoc_group_id = p1->assoc_group_id; + + torture_comment(torture, "pip1 use assoc_group_id[0x%08X]\n", assoc_group_id); + + torture_comment(torture, "connect samr pipe2 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id); + status = torture_rpc_connection_transport(mem_ctx, &p2, &dcerpc_table_samr, + transport, + assoc_group_id); + torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL, + "opening samr pipe2"); + + torture_comment(torture, "connect samr pipe3 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id); + status = torture_rpc_connection_transport(mem_ctx, &p3, &dcerpc_table_samr, + transport, + assoc_group_id); + torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL, + "opening samr pipe3"); + + talloc_free(mem_ctx); + + return true; +} + static bool test_handles_drsuapi(struct torture_context *torture) { @@ -450,6 +584,8 @@ struct torture_suite *torture_rpc_handles(void) torture_suite_add_simple_test(suite, "lsarpc", test_handles_lsa); torture_suite_add_simple_test(suite, "lsarpc-shared", test_handles_lsa_shared); torture_suite_add_simple_test(suite, "samr", test_handles_samr); + torture_suite_add_simple_test(suite, "mixed-shared", test_handles_mixed_shared); + torture_suite_add_simple_test(suite, "random-assoc", test_handles_random_assoc); torture_suite_add_simple_test(suite, "drsuapi", test_handles_drsuapi); return suite; } -- cgit