/* 
   Unix SMB/CIFS implementation.

   scanner for rpc calls

   Copyright (C) Andrew Tridgell 2003
   
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.
   
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
   
   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/

#include "includes.h"
#include "librpc/gen_ndr/ndr_mgmt.h"

/*
  work out how many calls there are for an interface
 */
static BOOL test_num_calls(const struct dcerpc_interface_table *iface,
			   TALLOC_CTX *mem_ctx,
			   struct dcerpc_syntax_id *id)
{
	struct dcerpc_pipe *p;
	NTSTATUS status;
	const char *uuid;
	int i;
	DATA_BLOB stub_in, stub_out;
	int idl_calls;

	uuid = GUID_string(mem_ctx, &id->uuid);

	status = torture_rpc_connection(mem_ctx, 
					&p, iface->name,
					uuid, id->if_version);
	if (!NT_STATUS_IS_OK(status)) {
		printf("Failed to connect to '%s' on '%s' - %s\n", 
		       uuid, iface->name, nt_errstr(status));
		return False;
	}

	/* make null calls */
	stub_in = data_blob(NULL, 1000);
	memset(stub_in.data, 0xFF, stub_in.length);

	for (i=0;i<200;i++) {
		status = dcerpc_request(p, NULL, i, mem_ctx, &stub_in, &stub_out);
		if (!NT_STATUS_IS_OK(status) &&
		    p->last_fault_code == DCERPC_FAULT_OP_RNG_ERROR) {
			break;
		}

		if (!NT_STATUS_IS_OK(status) && p->last_fault_code == 5) {
			printf("\tpipe disconnected at %d\n", i);
			goto done;
		}

		if (!NT_STATUS_IS_OK(status) && p->last_fault_code == 0x80010111) {
			printf("\terr 0x80010111 at %d\n", i);
			goto done;
		}
	}

	printf("\t%d calls available\n", i);
	idl_calls = idl_num_calls(uuid, id->if_version);
	if (idl_calls == -1) {
		printf("\tinterface not known in local IDL\n");
	} else if (i != idl_calls) {
		printf("\tWARNING: local IDL defines %u calls\n", idl_calls);
	} else {
		printf("\tOK: matches num_calls in local IDL\n");
	}

done:
	talloc_free(p);
	return True;
}

/*
  ask the server what interface IDs are available on this endpoint
*/
static BOOL test_inq_if_ids(struct dcerpc_pipe *p, 
			    TALLOC_CTX *mem_ctx,
			    const struct dcerpc_interface_table *iface)
{
	NTSTATUS status;
	struct mgmt_inq_if_ids r;
	int i;
	
	status = dcerpc_mgmt_inq_if_ids(p, mem_ctx, &r);
	if (!NT_STATUS_IS_OK(status)) {
		printf("inq_if_ids failed - %s\n", nt_errstr(status));
		return False;
	}

	if (!W_ERROR_IS_OK(r.out.result)) {
		printf("inq_if_ids gave error code %s\n", win_errstr(r.out.result));
		return False;
	}

	if (!r.out.if_id_vector) {
		printf("inq_if_ids gave NULL if_id_vector\n");
		return False;
	}

	for (i=0;i<r.out.if_id_vector->count;i++) {
		const char *uuid;
		struct dcerpc_syntax_id *id = r.out.if_id_vector->if_id[i].id;
		if (!id) continue;

		uuid = GUID_string(mem_ctx, &id->uuid),

		printf("\n\tuuid %s  version 0x%08x '%s'\n",
		       uuid,
		       id->if_version, idl_pipe_name(uuid, id->if_version));
		test_num_calls(iface, mem_ctx, id);
	}

	return True;
}


BOOL torture_rpc_scanner(void)
{
        NTSTATUS status;
        struct dcerpc_pipe *p;
	TALLOC_CTX *mem_ctx, *loop_ctx;
	BOOL ret = True;
	const struct dcerpc_interface_list *l;
	const char *binding = lp_parm_string(-1, "torture", "binding");
	struct dcerpc_binding *b;

	mem_ctx = talloc_init("torture_rpc_scanner");

	if (!binding) {
		talloc_free(mem_ctx);
		printf("You must supply a ncacn binding string\n");
		return False;
	}
	
	status = dcerpc_parse_binding(mem_ctx, binding, &b);
	if (!NT_STATUS_IS_OK(status)) {
		talloc_free(mem_ctx);
		printf("Failed to parse binding '%s'\n", binding);
		return False;
	}

	for (l=librpc_dcerpc_pipes();l;l=l->next) {		
		loop_ctx = talloc_named(mem_ctx, 0, "torture_rpc_scanner loop context");
		/* some interfaces are not mappable */
		if (l->table->num_calls == 0 ||
		    strcmp(l->table->name, "mgmt") == 0) {
			talloc_free(loop_ctx);
			continue;
		}

		printf("\nTesting pipe '%s'\n", l->table->name);

		if (b->transport == NCACN_IP_TCP) {
			status = dcerpc_epm_map_binding(mem_ctx, b, 
							 l->table->uuid,
							 l->table->if_version, NULL);
			if (!NT_STATUS_IS_OK(status)) {
				talloc_free(loop_ctx);
				printf("Failed to map port for uuid %s\n", l->table->uuid);
				continue;
			}
		} else {
			b->endpoint = talloc_strdup(b, l->table->name);
		}

		lp_set_cmdline("torture:binding", dcerpc_binding_string(mem_ctx, b));

		status = torture_rpc_connection(loop_ctx, 
						&p, 
						l->table->name,
						DCERPC_MGMT_UUID,
						DCERPC_MGMT_VERSION);
		if (!NT_STATUS_IS_OK(status)) {
			talloc_free(loop_ctx);
			ret = False;
			continue;
		}
	
		if (!test_inq_if_ids(p, mem_ctx, l->table)) {
			ret = False;
		}
	}

	return ret;
}