search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
librpc: Shorten dcerpc_binding_handle_call a bit
[Samba/vl.git] / source4 / torture / rpc / netlogon.c
blobdadf8bc4f9880957a995d9d0902f49a72faa2a55
1 /*
2 Unix SMB/CIFS implementation.
3
4 test suite for netlogon rpc operations
5
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003-2004
8 Copyright (C) Tim Potter 2003
9 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
10
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 */
24
25 #include "includes.h"
26 #include "lib/events/events.h"
27 #include "lib/cmdline/popt_common.h"
28 #include "torture/rpc/torture_rpc.h"
29 #include "../lib/crypto/crypto.h"
30 #include "libcli/auth/libcli_auth.h"
31 #include "librpc/gen_ndr/ndr_netlogon_c.h"
32 #include "librpc/gen_ndr/ndr_lsa_c.h"
33 #include "param/param.h"
34 #include "libcli/security/security.h"
35 #include <ldb.h>
36 #include "lib/util/util_ldb.h"
37 #include "ldb_wrap.h"
38 #include "lib/replace/system/network.h"
39 #include "dsdb/samdb/samdb.h"
40
41 #define TEST_MACHINE_NAME "torturetest"
42
43 static bool test_netr_broken_binding_handle(struct torture_context *tctx,
44 struct dcerpc_pipe *p)
45 {
46 NTSTATUS status;
47 struct netr_DsRGetSiteName r;
48 const char *site = NULL;
49 struct dcerpc_binding_handle *b = p->binding_handle;
50
51 r.in.computer_name = talloc_asprintf(tctx, "\\\\%s",
52 dcerpc_server_name(p));
53 r.out.site = &site;
54
55 torture_comment(tctx,
56 "Testing netlogon request with correct binding handle: %s\n",
57 r.in.computer_name);
58
59 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
60 torture_assert_ntstatus_ok(tctx, status,
61 "Netlogon request with broken binding handle");
62 torture_assert_werr_ok(tctx, r.out.result,
63 "Netlogon request with broken binding handle");
64
65 if (torture_setting_bool(tctx, "samba3", false) ||
66 torture_setting_bool(tctx, "samba4", false)) {
67 torture_skip(tctx,
68 "Skipping broken binding handle check against Samba");
69 }
70
71 r.in.computer_name = talloc_asprintf(tctx, "\\\\\\\\%s",
72 dcerpc_server_name(p));
73
74 torture_comment(tctx,
75 "Testing netlogon request with broken binding handle: %s\n",
76 r.in.computer_name);
77
78 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
79 torture_assert_ntstatus_ok(tctx, status,
80 "Netlogon request with broken binding handle");
81 torture_assert_werr_equal(tctx, r.out.result,
82 WERR_INVALID_COMPUTERNAME,
83 "Netlogon request with broken binding handle");
84
85 r.in.computer_name = "\\\\\\\\THIS_IS_NOT_VALID";
86
87 torture_comment(tctx,
88 "Testing netlogon request with broken binding handle: %s\n",
89 r.in.computer_name);
90
91 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
92 torture_assert_ntstatus_ok(tctx, status,
93 "Netlogon request with broken binding handle");
94 torture_assert_werr_equal(tctx, r.out.result,
95 WERR_INVALID_COMPUTERNAME,
96 "Netlogon request with broken binding handle");
97
98 return true;
99 }
100
101 static bool test_LogonUasLogon(struct torture_context *tctx,
102 struct dcerpc_pipe *p)
103 {
104 NTSTATUS status;
105 struct netr_LogonUasLogon r;
106 struct netr_UasInfo *info = NULL;
107 struct dcerpc_binding_handle *b = p->binding_handle;
108
109 r.in.server_name = NULL;
110 r.in.account_name = cli_credentials_get_username(cmdline_credentials);
111 r.in.workstation = TEST_MACHINE_NAME;
112 r.out.info = &info;
113
114 status = dcerpc_netr_LogonUasLogon_r(b, tctx, &r);
115 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogon");
116
117 return true;
118 }
119
120 static bool test_LogonUasLogoff(struct torture_context *tctx,
121 struct dcerpc_pipe *p)
122 {
123 NTSTATUS status;
124 struct netr_LogonUasLogoff r;
125 struct netr_UasLogoffInfo info;
126 struct dcerpc_binding_handle *b = p->binding_handle;
127
128 r.in.server_name = NULL;
129 r.in.account_name = cli_credentials_get_username(cmdline_credentials);
130 r.in.workstation = TEST_MACHINE_NAME;
131 r.out.info = &info;
132
133 status = dcerpc_netr_LogonUasLogoff_r(b, tctx, &r);
134 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogoff");
135
136 return true;
137 }
138
139 bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context *tctx,
140 struct cli_credentials *credentials,
141 struct netlogon_creds_CredentialState **creds_out)
142 {
143 struct netr_ServerReqChallenge r;
144 struct netr_ServerAuthenticate a;
145 struct netr_Credential credentials1, credentials2, credentials3;
146 struct netlogon_creds_CredentialState *creds;
147 const struct samr_Password *mach_password;
148 const char *machine_name;
149 struct dcerpc_binding_handle *b = p->binding_handle;
150
151 mach_password = cli_credentials_get_nt_hash(credentials, tctx);
152 machine_name = cli_credentials_get_workstation(credentials);
153
154 torture_comment(tctx, "Testing ServerReqChallenge\n");
155
156 r.in.server_name = NULL;
157 r.in.computer_name = machine_name;
158 r.in.credentials = &credentials1;
159 r.out.return_credentials = &credentials2;
160
161 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
162
163 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
164 "ServerReqChallenge failed");
165 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
166
167 a.in.server_name = NULL;
168 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
169 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(credentials);
170 a.in.computer_name = machine_name;
171 a.in.credentials = &credentials3;
172 a.out.return_credentials = &credentials3;
173
174 creds = netlogon_creds_client_init(tctx, a.in.account_name,
175 a.in.computer_name,
176 &credentials1, &credentials2,
177 mach_password, &credentials3,
178 0);
179 torture_assert(tctx, creds != NULL, "memory allocation");
180
181
182 torture_comment(tctx, "Testing ServerAuthenticate\n");
183
184 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate_r(b, tctx, &a),
185 "ServerAuthenticate failed");
186
187 /* This allows the tests to continue against the more fussy windows 2008 */
188 if (NT_STATUS_EQUAL(a.out.result, NT_STATUS_DOWNGRADE_DETECTED)) {
189 return test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
190 credentials,
191 cli_credentials_get_secure_channel_type(credentials),
192 creds_out);
193 }
194
195 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate");
196
197 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
198 "Credential chaining failed");
199
200 *creds_out = creds;
201 return true;
202 }
203
204 bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx,
205 uint32_t negotiate_flags,
206 struct cli_credentials *machine_credentials,
207 enum netr_SchannelType sec_chan_type,
208 struct netlogon_creds_CredentialState **creds_out)
209 {
210 struct netr_ServerReqChallenge r;
211 struct netr_ServerAuthenticate2 a;
212 struct netr_Credential credentials1, credentials2, credentials3;
213 struct netlogon_creds_CredentialState *creds;
214 const struct samr_Password *mach_password;
215 const char *machine_name;
216 struct dcerpc_binding_handle *b = p->binding_handle;
217
218 mach_password = cli_credentials_get_nt_hash(machine_credentials, tctx);
219 machine_name = cli_credentials_get_workstation(machine_credentials);
220
221 torture_comment(tctx, "Testing ServerReqChallenge\n");
222
223
224 r.in.server_name = NULL;
225 r.in.computer_name = machine_name;
226 r.in.credentials = &credentials1;
227 r.out.return_credentials = &credentials2;
228
229 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
230
231 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
232 "ServerReqChallenge failed");
233 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
234
235 a.in.server_name = NULL;
236 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
237 a.in.secure_channel_type = sec_chan_type;
238 a.in.computer_name = machine_name;
239 a.in.negotiate_flags = &negotiate_flags;
240 a.out.negotiate_flags = &negotiate_flags;
241 a.in.credentials = &credentials3;
242 a.out.return_credentials = &credentials3;
243
244 creds = netlogon_creds_client_init(tctx, a.in.account_name,
245 a.in.computer_name,
246 &credentials1, &credentials2,
247 mach_password, &credentials3,
248 negotiate_flags);
249
250 torture_assert(tctx, creds != NULL, "memory allocation");
251
252 torture_comment(tctx, "Testing ServerAuthenticate2\n");
253
254 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate2_r(b, tctx, &a),
255 "ServerAuthenticate2 failed");
256 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate2 failed");
257
258 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
259 "Credential chaining failed");
260
261 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
262
263 *creds_out = creds;
264 return true;
265 }
266
267
268 bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx,
269 uint32_t negotiate_flags,
270 struct cli_credentials *machine_credentials,
271 struct netlogon_creds_CredentialState **creds_out)
272 {
273 struct netr_ServerReqChallenge r;
274 struct netr_ServerAuthenticate3 a;
275 struct netr_Credential credentials1, credentials2, credentials3;
276 struct netlogon_creds_CredentialState *creds;
277 struct samr_Password mach_password;
278 uint32_t rid;
279 const char *machine_name;
280 const char *plain_pass;
281 struct dcerpc_binding_handle *b = p->binding_handle;
282
283 machine_name = cli_credentials_get_workstation(machine_credentials);
284 plain_pass = cli_credentials_get_password(machine_credentials);
285
286 torture_comment(tctx, "Testing ServerReqChallenge\n");
287
288 r.in.server_name = NULL;
289 r.in.computer_name = machine_name;
290 r.in.credentials = &credentials1;
291 r.out.return_credentials = &credentials2;
292
293 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
294
295 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
296 "ServerReqChallenge failed");
297 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
298
299 E_md4hash(plain_pass, mach_password.hash);
300
301 a.in.server_name = NULL;
302 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
303 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
304 a.in.computer_name = machine_name;
305 a.in.negotiate_flags = &negotiate_flags;
306 a.in.credentials = &credentials3;
307 a.out.return_credentials = &credentials3;
308 a.out.negotiate_flags = &negotiate_flags;
309 a.out.rid = &rid;
310
311 creds = netlogon_creds_client_init(tctx, a.in.account_name,
312 a.in.computer_name,
313 &credentials1, &credentials2,
314 &mach_password, &credentials3,
315 negotiate_flags);
316
317 torture_assert(tctx, creds != NULL, "memory allocation");
318
319 torture_comment(tctx, "Testing ServerAuthenticate3\n");
320
321 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate3_r(b, tctx, &a),
322 "ServerAuthenticate3 failed");
323 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate3 failed");
324 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3), "Credential chaining failed");
325
326 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
327
328 /* Prove that requesting a challenge again won't break it */
329 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
330 "ServerReqChallenge failed");
331 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
332
333 *creds_out = creds;
334 return true;
335 }
336
337 /*
338 try a change password for our machine account
339 */
340 static bool test_SetPassword(struct torture_context *tctx,
341 struct dcerpc_pipe *p,
342 struct cli_credentials *machine_credentials)
343 {
344 struct netr_ServerPasswordSet r;
345 const char *password;
346 struct netlogon_creds_CredentialState *creds;
347 struct netr_Authenticator credential, return_authenticator;
348 struct samr_Password new_password;
349 struct dcerpc_binding_handle *b = p->binding_handle;
350
351 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
352 return false;
353 }
354
355 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
356 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
357 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
358 r.in.computer_name = TEST_MACHINE_NAME;
359 r.in.credential = &credential;
360 r.in.new_password = &new_password;
361 r.out.return_authenticator = &return_authenticator;
362
363 password = generate_random_password(tctx, 8, 255);
364 E_md4hash(password, new_password.hash);
365
366 netlogon_creds_des_encrypt(creds, &new_password);
367
368 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
369 torture_comment(tctx, "Changing machine account password to '%s'\n",
370 password);
371
372 netlogon_creds_client_authenticator(creds, &credential);
373
374 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
375 "ServerPasswordSet failed");
376 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet failed");
377
378 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
379 torture_comment(tctx, "Credential chaining failed\n");
380 }
381
382 /* by changing the machine password twice we test the
383 credentials chaining fully, and we verify that the server
384 allows the password to be set to the same value twice in a
385 row (match win2k3) */
386 torture_comment(tctx,
387 "Testing a second ServerPasswordSet on machine account\n");
388 torture_comment(tctx,
389 "Changing machine account password to '%s' (same as previous run)\n", password);
390
391 netlogon_creds_client_authenticator(creds, &credential);
392
393 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
394 "ServerPasswordSet (2) failed");
395 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (2) failed");
396
397 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
398 torture_comment(tctx, "Credential chaining failed\n");
399 }
400
401 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
402
403 torture_assert(tctx,
404 test_SetupCredentials(p, tctx, machine_credentials, &creds),
405 "ServerPasswordSet failed to actually change the password");
406
407 return true;
408 }
409
410 /*
411 try a change password for our machine account
412 */
413 static bool test_SetPassword_flags(struct torture_context *tctx,
414 struct dcerpc_pipe *p,
415 struct cli_credentials *machine_credentials,
416 uint32_t negotiate_flags)
417 {
418 struct netr_ServerPasswordSet r;
419 const char *password;
420 struct netlogon_creds_CredentialState *creds;
421 struct netr_Authenticator credential, return_authenticator;
422 struct samr_Password new_password;
423 struct dcerpc_binding_handle *b = p->binding_handle;
424
425 if (!test_SetupCredentials2(p, tctx, negotiate_flags,
426 machine_credentials,
427 cli_credentials_get_secure_channel_type(machine_credentials),
428 &creds)) {
429 return false;
430 }
431
432 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
433 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
434 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
435 r.in.computer_name = TEST_MACHINE_NAME;
436 r.in.credential = &credential;
437 r.in.new_password = &new_password;
438 r.out.return_authenticator = &return_authenticator;
439
440 password = generate_random_password(tctx, 8, 255);
441 E_md4hash(password, new_password.hash);
442
443 netlogon_creds_des_encrypt(creds, &new_password);
444
445 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
446 torture_comment(tctx, "Changing machine account password to '%s'\n",
447 password);
448
449 netlogon_creds_client_authenticator(creds, &credential);
450
451 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
452 "ServerPasswordSet failed");
453 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet failed");
454
455 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
456 torture_comment(tctx, "Credential chaining failed\n");
457 }
458
459 /* by changing the machine password twice we test the
460 credentials chaining fully, and we verify that the server
461 allows the password to be set to the same value twice in a
462 row (match win2k3) */
463 torture_comment(tctx,
464 "Testing a second ServerPasswordSet on machine account\n");
465 torture_comment(tctx,
466 "Changing machine account password to '%s' (same as previous run)\n", password);
467
468 netlogon_creds_client_authenticator(creds, &credential);
469
470 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
471 "ServerPasswordSet (2) failed");
472 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (2) failed");
473
474 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
475 torture_comment(tctx, "Credential chaining failed\n");
476 }
477
478 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
479
480 torture_assert(tctx,
481 test_SetupCredentials(p, tctx, machine_credentials, &creds),
482 "ServerPasswordSet failed to actually change the password");
483
484 return true;
485 }
486
487
488 /*
489 generate a random password for password change tests
490 */
491 static DATA_BLOB netlogon_very_rand_pass(TALLOC_CTX *mem_ctx, int len)
492 {
493 int i;
494 DATA_BLOB password = data_blob_talloc(mem_ctx, NULL, len * 2 /* number of unicode chars */);
495 generate_random_buffer(password.data, password.length);
496
497 for (i=0; i < len; i++) {
498 if (((uint16_t *)password.data)[i] == 0) {
499 ((uint16_t *)password.data)[i] = 1;
500 }
501 }
502
503 return password;
504 }
505
506 /*
507 try a change password for our machine account
508 */
509 static bool test_SetPassword2_with_flags(struct torture_context *tctx,
510 struct dcerpc_pipe *p,
511 struct cli_credentials *machine_credentials,
512 uint32_t flags)
513 {
514 struct netr_ServerPasswordSet2 r;
515 const char *password;
516 DATA_BLOB new_random_pass;
517 struct netlogon_creds_CredentialState *creds;
518 struct samr_CryptPassword password_buf;
519 struct samr_Password nt_hash;
520 struct netr_Authenticator credential, return_authenticator;
521 struct netr_CryptPassword new_password;
522 struct dcerpc_binding_handle *b = p->binding_handle;
523
524 if (!test_SetupCredentials2(p, tctx, flags, machine_credentials, cli_credentials_get_secure_channel_type(machine_credentials), &creds)) {
525 return false;
526 }
527
528 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
529 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
530 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
531 r.in.computer_name = TEST_MACHINE_NAME;
532 r.in.credential = &credential;
533 r.in.new_password = &new_password;
534 r.out.return_authenticator = &return_authenticator;
535
536 password = generate_random_password(tctx, 8, 255);
537 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
538 if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
539 netlogon_creds_aes_encrypt(creds, password_buf.data, 516);
540 } else {
541 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
542 }
543
544 memcpy(new_password.data, password_buf.data, 512);
545 new_password.length = IVAL(password_buf.data, 512);
546
547 torture_comment(tctx, "Testing ServerPasswordSet2 on machine account\n");
548 torture_comment(tctx, "Changing machine account password to '%s'\n", password);
549
550 netlogon_creds_client_authenticator(creds, &credential);
551
552 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
553 "ServerPasswordSet2 failed");
554 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 failed");
555
556 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
557 torture_comment(tctx, "Credential chaining failed\n");
558 }
559
560 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
561
562 if (!torture_setting_bool(tctx, "dangerous", false)) {
563 torture_comment(tctx,
564 "Not testing ability to set password to '', enable dangerous tests to perform this test\n");
565 } else {
566 /* by changing the machine password to ""
567 * we check if the server uses password restrictions
568 * for ServerPasswordSet2
569 * (win2k3 accepts "")
570 */
571 password = "";
572 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
573 if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
574 netlogon_creds_aes_encrypt(creds, password_buf.data, 516);
575 } else {
576 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
577 }
578 memcpy(new_password.data, password_buf.data, 512);
579 new_password.length = IVAL(password_buf.data, 512);
580
581 torture_comment(tctx,
582 "Testing ServerPasswordSet2 on machine account\n");
583 torture_comment(tctx,
584 "Changing machine account password to '%s'\n", password);
585
586 netlogon_creds_client_authenticator(creds, &credential);
587
588 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
589 "ServerPasswordSet2 failed");
590 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 failed");
591
592 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
593 torture_comment(tctx, "Credential chaining failed\n");
594 }
595
596 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
597 }
598
599 torture_assert(tctx, test_SetupCredentials(p, tctx, machine_credentials, &creds),
600 "ServerPasswordSet failed to actually change the password");
601
602 /* now try a random password */
603 password = generate_random_password(tctx, 8, 255);
604 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
605 if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
606 netlogon_creds_aes_encrypt(creds, password_buf.data, 516);
607 } else {
608 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
609 }
610 memcpy(new_password.data, password_buf.data, 512);
611 new_password.length = IVAL(password_buf.data, 512);
612
613 torture_comment(tctx, "Testing second ServerPasswordSet2 on machine account\n");
614 torture_comment(tctx, "Changing machine account password to '%s'\n", password);
615
616 netlogon_creds_client_authenticator(creds, &credential);
617
618 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
619 "ServerPasswordSet2 (2) failed");
620 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 (2) failed");
621
622 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
623 torture_comment(tctx, "Credential chaining failed\n");
624 }
625
626 /* by changing the machine password twice we test the
627 credentials chaining fully, and we verify that the server
628 allows the password to be set to the same value twice in a
629 row (match win2k3) */
630 torture_comment(tctx,
631 "Testing a second ServerPasswordSet2 on machine account\n");
632 torture_comment(tctx,
633 "Changing machine account password to '%s' (same as previous run)\n", password);
634
635 netlogon_creds_client_authenticator(creds, &credential);
636
637 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
638 "ServerPasswordSet (3) failed");
639 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (3) failed");
640
641 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
642 torture_comment(tctx, "Credential chaining failed\n");
643 }
644
645 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
646
647 torture_assert (tctx,
648 test_SetupCredentials(p, tctx, machine_credentials, &creds),
649 "ServerPasswordSet failed to actually change the password");
650
651 new_random_pass = netlogon_very_rand_pass(tctx, 128);
652
653 /* now try a random stream of bytes for a password */
654 set_pw_in_buffer(password_buf.data, &new_random_pass);
655
656 if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
657 netlogon_creds_aes_encrypt(creds, password_buf.data, 516);
658 } else {
659 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
660 }
661
662 memcpy(new_password.data, password_buf.data, 512);
663 new_password.length = IVAL(password_buf.data, 512);
664
665 torture_comment(tctx,
666 "Testing a third ServerPasswordSet2 on machine account, with a completely random password\n");
667
668 netlogon_creds_client_authenticator(creds, &credential);
669
670 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
671 "ServerPasswordSet (3) failed");
672 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (3) failed");
673
674 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
675 torture_comment(tctx, "Credential chaining failed\n");
676 }
677
678 mdfour(nt_hash.hash, new_random_pass.data, new_random_pass.length);
679
680 cli_credentials_set_password(machine_credentials, NULL, CRED_UNINITIALISED);
681 cli_credentials_set_nt_hash(machine_credentials, &nt_hash, CRED_SPECIFIED);
682
683 torture_assert (tctx,
684 test_SetupCredentials(p, tctx, machine_credentials, &creds),
685 "ServerPasswordSet failed to actually change the password");
686
687 return true;
688 }
689
690 static bool test_SetPassword2(struct torture_context *tctx,
691 struct dcerpc_pipe *p,
692 struct cli_credentials *machine_credentials)
693 {
694 return test_SetPassword2_with_flags(tctx, p, machine_credentials, NETLOGON_NEG_AUTH2_ADS_FLAGS);
695 }
696
697 static bool test_SetPassword2_AES(struct torture_context *tctx,
698 struct dcerpc_pipe *p,
699 struct cli_credentials *machine_credentials)
700 {
701 return test_SetPassword2_with_flags(tctx, p, machine_credentials, NETLOGON_NEG_AUTH2_ADS_FLAGS | NETLOGON_NEG_SUPPORTS_AES);
702 }
703
704 static bool test_GetPassword(struct torture_context *tctx,
705 struct dcerpc_pipe *p,
706 struct cli_credentials *machine_credentials)
707 {
708 struct netr_ServerPasswordGet r;
709 struct netlogon_creds_CredentialState *creds;
710 struct netr_Authenticator credential;
711 NTSTATUS status;
712 struct netr_Authenticator return_authenticator;
713 struct samr_Password password;
714 struct dcerpc_binding_handle *b = p->binding_handle;
715
716 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
717 return false;
718 }
719
720 netlogon_creds_client_authenticator(creds, &credential);
721
722 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
723 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
724 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
725 r.in.computer_name = TEST_MACHINE_NAME;
726 r.in.credential = &credential;
727 r.out.return_authenticator = &return_authenticator;
728 r.out.password = &password;
729
730 status = dcerpc_netr_ServerPasswordGet_r(b, tctx, &r);
731 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordGet");
732
733 return true;
734 }
735
736 static bool test_GetTrustPasswords(struct torture_context *tctx,
737 struct dcerpc_pipe *p,
738 struct cli_credentials *machine_credentials)
739 {
740 struct netr_ServerTrustPasswordsGet r;
741 struct netlogon_creds_CredentialState *creds;
742 struct netr_Authenticator credential;
743 struct netr_Authenticator return_authenticator;
744 struct samr_Password password, password2;
745 struct dcerpc_binding_handle *b = p->binding_handle;
746
747 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
748 return false;
749 }
750
751 netlogon_creds_client_authenticator(creds, &credential);
752
753 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
754 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
755 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
756 r.in.computer_name = TEST_MACHINE_NAME;
757 r.in.credential = &credential;
758 r.out.return_authenticator = &return_authenticator;
759 r.out.password = &password;
760 r.out.password2 = &password2;
761
762 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerTrustPasswordsGet_r(b, tctx, &r),
763 "ServerTrustPasswordsGet failed");
764 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerTrustPasswordsGet failed");
765
766 return true;
767 }
768
769 /*
770 try a netlogon SamLogon
771 */
772 static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context *tctx,
773 struct cli_credentials *credentials,
774 struct netlogon_creds_CredentialState *creds,
775 bool null_domain)
776 {
777 NTSTATUS status;
778 struct netr_LogonSamLogon r;
779 struct netr_Authenticator auth, auth2;
780 static const struct netr_Authenticator auth_zero;
781 union netr_LogonLevel logon;
782 union netr_Validation validation;
783 uint8_t authoritative;
784 struct netr_NetworkInfo ninfo;
785 DATA_BLOB names_blob, chal, lm_resp, nt_resp;
786 int i;
787 struct dcerpc_binding_handle *b = p->binding_handle;
788 int flags = CLI_CRED_NTLM_AUTH;
789 if (lpcfg_client_lanman_auth(tctx->lp_ctx)) {
790 flags |= CLI_CRED_LANMAN_AUTH;
791 }
792
793 if (lpcfg_client_ntlmv2_auth(tctx->lp_ctx) && !null_domain) {
794 flags |= CLI_CRED_NTLMv2_AUTH;
795 }
796
797 cli_credentials_get_ntlm_username_domain(cmdline_credentials, tctx,
798 &ninfo.identity_info.account_name.string,
799 &ninfo.identity_info.domain_name.string);
800
801 if (null_domain) {
802 ninfo.identity_info.domain_name.string = NULL;
803 }
804
805 generate_random_buffer(ninfo.challenge,
806 sizeof(ninfo.challenge));
807 chal = data_blob_const(ninfo.challenge,
808 sizeof(ninfo.challenge));
809
810 names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(credentials),
811 cli_credentials_get_domain(credentials));
812
813 status = cli_credentials_get_ntlm_response(cmdline_credentials, tctx,
814 &flags,
815 chal,
816 names_blob,
817 &lm_resp, &nt_resp,
818 NULL, NULL);
819 torture_assert_ntstatus_ok(tctx, status, "cli_credentials_get_ntlm_response failed");
820
821 ninfo.lm.data = lm_resp.data;
822 ninfo.lm.length = lm_resp.length;
823
824 ninfo.nt.data = nt_resp.data;
825 ninfo.nt.length = nt_resp.length;
826
827 ninfo.identity_info.parameter_control = 0;
828 ninfo.identity_info.logon_id_low = 0;
829 ninfo.identity_info.logon_id_high = 0;
830 ninfo.identity_info.workstation.string = cli_credentials_get_workstation(credentials);
831
832 logon.network = &ninfo;
833
834 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
835 r.in.computer_name = cli_credentials_get_workstation(credentials);
836 r.in.credential = &auth;
837 r.in.return_authenticator = &auth2;
838 r.in.logon_level = NetlogonNetworkInformation;
839 r.in.logon = &logon;
840 r.out.validation = &validation;
841 r.out.authoritative = &authoritative;
842
843 d_printf("Testing LogonSamLogon with name %s\n", ninfo.identity_info.account_name.string);
844
845 for (i=2;i<=3;i++) {
846 ZERO_STRUCT(auth2);
847 netlogon_creds_client_authenticator(creds, &auth);
848
849 r.in.validation_level = i;
850
851 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
852 "LogonSamLogon failed");
853 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonSamLogon failed");
854
855 torture_assert(tctx, netlogon_creds_client_check(creds,
856 &r.out.return_authenticator->cred),
857 "Credential chaining failed");
858 torture_assert_int_equal(tctx, *r.out.authoritative, 1,
859 "LogonSamLogon invalid *r.out.authoritative");
860 }
861
862 /* this makes sure we get the unmarshalling right for invalid levels */
863 for (i=52;i<53;i++) {
864 ZERO_STRUCT(auth2);
865 /* the authenticator should be ignored by the server */
866 generate_random_buffer((uint8_t *) &auth, sizeof(auth));
867
868 r.in.validation_level = i;
869
870 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
871 "LogonSamLogon failed");
872 torture_assert_ntstatus_equal(tctx, r.out.result,
873 NT_STATUS_INVALID_INFO_CLASS,
874 "LogonSamLogon failed");
875
876 torture_assert_int_equal(tctx, *r.out.authoritative, 1,
877 "LogonSamLogon invalid *r.out.authoritative");
878 torture_assert(tctx,
879 memcmp(&auth2, &auth_zero, sizeof(auth2)) == 0,
880 "Return authenticator non zero");
881 }
882
883 for (i=2;i<=3;i++) {
884 ZERO_STRUCT(auth2);
885 netlogon_creds_client_authenticator(creds, &auth);
886
887 r.in.validation_level = i;
888
889 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
890 "LogonSamLogon failed");
891 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonSamLogon failed");
892
893 torture_assert(tctx, netlogon_creds_client_check(creds,
894 &r.out.return_authenticator->cred),
895 "Credential chaining failed");
896 torture_assert_int_equal(tctx, *r.out.authoritative, 1,
897 "LogonSamLogon invalid *r.out.authoritative");
898 }
899
900 r.in.logon_level = 52;
901
902 for (i=2;i<=3;i++) {
903 ZERO_STRUCT(auth2);
904 /* the authenticator should be ignored by the server */
905 generate_random_buffer((uint8_t *) &auth, sizeof(auth));
906
907 r.in.validation_level = i;
908
909 torture_comment(tctx, "Testing SamLogon with validation level %d and a NULL credential\n", i);
910
911 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
912 "LogonSamLogon failed");
913 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_PARAMETER,
914 "LogonSamLogon expected INVALID_PARAMETER");
915
916 torture_assert(tctx,
917 memcmp(&auth2, &auth_zero, sizeof(auth2)) == 0,
918 "Return authenticator non zero");
919 torture_assert_int_equal(tctx, *r.out.authoritative, 1,
920 "LogonSamLogon invalid *r.out.authoritative");
921 }
922
923 r.in.credential = NULL;
924
925 for (i=2;i<=3;i++) {
926 ZERO_STRUCT(auth2);
927
928 r.in.validation_level = i;
929
930 torture_comment(tctx, "Testing SamLogon with validation level %d and a NULL credential\n", i);
931
932 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
933 "LogonSamLogon failed");
934 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_PARAMETER,
935 "LogonSamLogon expected INVALID_PARAMETER");
936
937 torture_assert(tctx,
938 memcmp(&auth2, &auth_zero, sizeof(auth2)) == 0,
939 "Return authenticator non zero");
940 torture_assert_int_equal(tctx, *r.out.authoritative, 1,
941 "LogonSamLogon invalid *r.out.authoritative");
942 }
943
944 r.in.logon_level = NetlogonNetworkInformation;
945 r.in.credential = &auth;
946
947 for (i=2;i<=3;i++) {
948 ZERO_STRUCT(auth2);
949 netlogon_creds_client_authenticator(creds, &auth);
950
951 r.in.validation_level = i;
952
953 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
954 "LogonSamLogon failed");
955 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonSamLogon failed");
956
957 torture_assert(tctx, netlogon_creds_client_check(creds,
958 &r.out.return_authenticator->cred),
959 "Credential chaining failed");
960 torture_assert_int_equal(tctx, *r.out.authoritative, 1,
961 "LogonSamLogon invalid *r.out.authoritative");
962 }
963
964 return true;
965 }
966
967 bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
968 struct cli_credentials *credentials,
969 struct netlogon_creds_CredentialState *creds)
970 {
971 return test_netlogon_ops_args(p, tctx, credentials, creds, false);
972 }
973
974 /*
975 try a netlogon GetCapabilities
976 */
977 bool test_netlogon_capabilities(struct dcerpc_pipe *p, struct torture_context *tctx,
978 struct cli_credentials *credentials,
979 struct netlogon_creds_CredentialState *creds)
980 {
981 NTSTATUS status;
982 struct netr_LogonGetCapabilities r;
983 union netr_Capabilities capabilities;
984 struct netr_Authenticator auth, return_auth;
985 struct netlogon_creds_CredentialState tmp_creds;
986 struct dcerpc_binding_handle *b = p->binding_handle;
987
988 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
989 r.in.computer_name = cli_credentials_get_workstation(credentials);
990 r.in.credential = &auth;
991 r.in.return_authenticator = &return_auth;
992 r.in.query_level = 1;
993 r.out.capabilities = &capabilities;
994 r.out.return_authenticator = &return_auth;
995
996 torture_comment(tctx, "Testing LogonGetCapabilities\n");
997
998 ZERO_STRUCT(return_auth);
999
1000 /*
1001 * we need to operate on a temporary copy of creds
1002 * because dcerpc_netr_LogonGetCapabilities was
1003 * dcerpc_netr_DummyFunction and returns NT_STATUS_NOT_IMPLEMENTED
1004 * without looking a the authenticator.
1005 */
1006 tmp_creds = *creds;
1007 netlogon_creds_client_authenticator(&tmp_creds, &auth);
1008
1009 status = dcerpc_netr_LogonGetCapabilities_r(b, tctx, &r);
1010 torture_assert_ntstatus_ok(tctx, status, "LogonGetCapabilities failed");
1011 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_IMPLEMENTED)) {
1012 return true;
1013 }
1014
1015 *creds = tmp_creds;
1016
1017 torture_assert(tctx, netlogon_creds_client_check(creds,
1018 &r.out.return_authenticator->cred),
1019 "Credential chaining failed");
1020
1021 torture_assert_int_equal(tctx, creds->negotiate_flags,
1022 capabilities.server_capabilities,
1023 "negotiate flags");
1024
1025 return true;
1026 }
1027
1028 /*
1029 try a netlogon SamLogon
1030 */
1031 static bool test_SamLogon(struct torture_context *tctx,
1032 struct dcerpc_pipe *p,
1033 struct cli_credentials *credentials)
1034 {
1035 struct netlogon_creds_CredentialState *creds;
1036
1037 if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
1038 return false;
1039 }
1040
1041 return test_netlogon_ops(p, tctx, credentials, creds);
1042 }
1043
1044 static bool test_SamLogon_NULL_domain(struct torture_context *tctx,
1045 struct dcerpc_pipe *p,
1046 struct cli_credentials *credentials)
1047 {
1048 struct netlogon_creds_CredentialState *creds;
1049
1050 if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
1051 return false;
1052 }
1053
1054 return test_netlogon_ops_args(p, tctx, credentials, creds, true);
1055 }
1056
1057 /* we remember the sequence numbers so we can easily do a DatabaseDelta */
1058 static uint64_t sequence_nums[3];
1059
1060 /*
1061 try a netlogon DatabaseSync
1062 */
1063 static bool test_DatabaseSync(struct torture_context *tctx,
1064 struct dcerpc_pipe *p,
1065 struct cli_credentials *machine_credentials)
1066 {
1067 struct netr_DatabaseSync r;
1068 struct netlogon_creds_CredentialState *creds;
1069 const uint32_t database_ids[] = {SAM_DATABASE_DOMAIN, SAM_DATABASE_BUILTIN, SAM_DATABASE_PRIVS};
1070 int i;
1071 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1072 struct netr_Authenticator credential, return_authenticator;
1073 struct dcerpc_binding_handle *b = p->binding_handle;
1074
1075 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1076 return false;
1077 }
1078
1079 ZERO_STRUCT(return_authenticator);
1080
1081 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1082 r.in.computername = TEST_MACHINE_NAME;
1083 r.in.preferredmaximumlength = (uint32_t)-1;
1084 r.in.return_authenticator = &return_authenticator;
1085 r.out.delta_enum_array = &delta_enum_array;
1086 r.out.return_authenticator = &return_authenticator;
1087
1088 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1089
1090 uint32_t sync_context = 0;
1091
1092 r.in.database_id = database_ids[i];
1093 r.in.sync_context = &sync_context;
1094 r.out.sync_context = &sync_context;
1095
1096 torture_comment(tctx, "Testing DatabaseSync of id %d\n", r.in.database_id);
1097
1098 do {
1099 netlogon_creds_client_authenticator(creds, &credential);
1100
1101 r.in.credential = &credential;
1102
1103 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseSync_r(b, tctx, &r),
1104 "DatabaseSync failed");
1105 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
1106 break;
1107
1108 /* Native mode servers don't do this */
1109 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
1110 return true;
1111 }
1112 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseSync");
1113
1114 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
1115 torture_comment(tctx, "Credential chaining failed\n");
1116 }
1117
1118 if (delta_enum_array &&
1119 delta_enum_array->num_deltas > 0 &&
1120 delta_enum_array->delta_enum[0].delta_type == NETR_DELTA_DOMAIN &&
1121 delta_enum_array->delta_enum[0].delta_union.domain) {
1122 sequence_nums[r.in.database_id] =
1123 delta_enum_array->delta_enum[0].delta_union.domain->sequence_num;
1124 torture_comment(tctx, "\tsequence_nums[%d]=%llu\n",
1125 r.in.database_id,
1126 (unsigned long long)sequence_nums[r.in.database_id]);
1127 }
1128 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
1129 }
1130
1131 return true;
1132 }
1133
1134
1135 /*
1136 try a netlogon DatabaseDeltas
1137 */
1138 static bool test_DatabaseDeltas(struct torture_context *tctx,
1139 struct dcerpc_pipe *p,
1140 struct cli_credentials *machine_credentials)
1141 {
1142 struct netr_DatabaseDeltas r;
1143 struct netlogon_creds_CredentialState *creds;
1144 struct netr_Authenticator credential;
1145 struct netr_Authenticator return_authenticator;
1146 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1147 const uint32_t database_ids[] = {0, 1, 2};
1148 int i;
1149 struct dcerpc_binding_handle *b = p->binding_handle;
1150
1151 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1152 return false;
1153 }
1154
1155 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1156 r.in.computername = TEST_MACHINE_NAME;
1157 r.in.preferredmaximumlength = (uint32_t)-1;
1158 ZERO_STRUCT(r.in.return_authenticator);
1159 r.out.return_authenticator = &return_authenticator;
1160 r.out.delta_enum_array = &delta_enum_array;
1161
1162 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1163 r.in.database_id = database_ids[i];
1164 r.in.sequence_num = &sequence_nums[r.in.database_id];
1165
1166 if (*r.in.sequence_num == 0) continue;
1167
1168 *r.in.sequence_num -= 1;
1169
1170 torture_comment(tctx, "Testing DatabaseDeltas of id %d at %llu\n",
1171 r.in.database_id, (unsigned long long)*r.in.sequence_num);
1172
1173 do {
1174 netlogon_creds_client_authenticator(creds, &credential);
1175
1176 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseDeltas_r(b, tctx, &r),
1177 "DatabaseDeltas failed");
1178 if (NT_STATUS_EQUAL(r.out.result,
1179 NT_STATUS_SYNCHRONIZATION_REQUIRED)) {
1180 torture_comment(tctx, "not considering %s to be an error\n",
1181 nt_errstr(r.out.result));
1182 return true;
1183 }
1184 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
1185 break;
1186
1187 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseDeltas");
1188
1189 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
1190 torture_comment(tctx, "Credential chaining failed\n");
1191 }
1192
1193 (*r.in.sequence_num)++;
1194 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
1195 }
1196
1197 return true;
1198 }
1199
1200 static bool test_DatabaseRedo(struct torture_context *tctx,
1201 struct dcerpc_pipe *p,
1202 struct cli_credentials *machine_credentials)
1203 {
1204 struct netr_DatabaseRedo r;
1205 struct netlogon_creds_CredentialState *creds;
1206 struct netr_Authenticator credential;
1207 struct netr_Authenticator return_authenticator;
1208 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1209 struct netr_ChangeLogEntry e;
1210 struct dom_sid null_sid, *sid;
1211 int i,d;
1212 struct dcerpc_binding_handle *b = p->binding_handle;
1213
1214 ZERO_STRUCT(null_sid);
1215
1216 sid = dom_sid_parse_talloc(tctx, "S-1-5-21-1111111111-2222222222-333333333-500");
1217
1218 {
1219
1220 struct {
1221 uint32_t rid;
1222 uint16_t flags;
1223 uint8_t db_index;
1224 uint8_t delta_type;
1225 struct dom_sid sid;
1226 const char *name;
1227 NTSTATUS expected_error;
1228 uint32_t expected_num_results;
1229 uint8_t expected_delta_type_1;
1230 uint8_t expected_delta_type_2;
1231 const char *comment;
1232 } changes[] = {
1233
1234 /* SAM_DATABASE_DOMAIN */
1235
1236 {
1237 .rid = 0,
1238 .flags = 0,
1239 .db_index = SAM_DATABASE_DOMAIN,
1240 .delta_type = NETR_DELTA_MODIFY_COUNT,
1241 .sid = null_sid,
1242 .name = NULL,
1243 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1244 .expected_num_results = 0,
1245 .comment = "NETR_DELTA_MODIFY_COUNT"
1246 },
1247 {
1248 .rid = 0,
1249 .flags = 0,
1250 .db_index = SAM_DATABASE_DOMAIN,
1251 .delta_type = 0,
1252 .sid = null_sid,
1253 .name = NULL,
1254 .expected_error = NT_STATUS_OK,
1255 .expected_num_results = 1,
1256 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1257 .comment = "NULL DELTA"
1258 },
1259 {
1260 .rid = 0,
1261 .flags = 0,
1262 .db_index = SAM_DATABASE_DOMAIN,
1263 .delta_type = NETR_DELTA_DOMAIN,
1264 .sid = null_sid,
1265 .name = NULL,
1266 .expected_error = NT_STATUS_OK,
1267 .expected_num_results = 1,
1268 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1269 .comment = "NETR_DELTA_DOMAIN"
1270 },
1271 {
1272 .rid = DOMAIN_RID_ADMINISTRATOR,
1273 .flags = 0,
1274 .db_index = SAM_DATABASE_DOMAIN,
1275 .delta_type = NETR_DELTA_USER,
1276 .sid = null_sid,
1277 .name = NULL,
1278 .expected_error = NT_STATUS_OK,
1279 .expected_num_results = 1,
1280 .expected_delta_type_1 = NETR_DELTA_USER,
1281 .comment = "NETR_DELTA_USER by rid 500"
1282 },
1283 {
1284 .rid = DOMAIN_RID_GUEST,
1285 .flags = 0,
1286 .db_index = SAM_DATABASE_DOMAIN,
1287 .delta_type = NETR_DELTA_USER,
1288 .sid = null_sid,
1289 .name = NULL,
1290 .expected_error = NT_STATUS_OK,
1291 .expected_num_results = 1,
1292 .expected_delta_type_1 = NETR_DELTA_USER,
1293 .comment = "NETR_DELTA_USER by rid 501"
1294 },
1295 {
1296 .rid = 0,
1297 .flags = NETR_CHANGELOG_SID_INCLUDED,
1298 .db_index = SAM_DATABASE_DOMAIN,
1299 .delta_type = NETR_DELTA_USER,
1300 .sid = *sid,
1301 .name = NULL,
1302 .expected_error = NT_STATUS_OK,
1303 .expected_num_results = 1,
1304 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1305 .comment = "NETR_DELTA_USER by sid and flags"
1306 },
1307 {
1308 .rid = 0,
1309 .flags = NETR_CHANGELOG_SID_INCLUDED,
1310 .db_index = SAM_DATABASE_DOMAIN,
1311 .delta_type = NETR_DELTA_USER,
1312 .sid = null_sid,
1313 .name = NULL,
1314 .expected_error = NT_STATUS_OK,
1315 .expected_num_results = 1,
1316 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1317 .comment = "NETR_DELTA_USER by null_sid and flags"
1318 },
1319 {
1320 .rid = 0,
1321 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1322 .db_index = SAM_DATABASE_DOMAIN,
1323 .delta_type = NETR_DELTA_USER,
1324 .sid = null_sid,
1325 .name = "administrator",
1326 .expected_error = NT_STATUS_OK,
1327 .expected_num_results = 1,
1328 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1329 .comment = "NETR_DELTA_USER by name 'administrator'"
1330 },
1331 {
1332 .rid = DOMAIN_RID_ADMINS,
1333 .flags = 0,
1334 .db_index = SAM_DATABASE_DOMAIN,
1335 .delta_type = NETR_DELTA_GROUP,
1336 .sid = null_sid,
1337 .name = NULL,
1338 .expected_error = NT_STATUS_OK,
1339 .expected_num_results = 2,
1340 .expected_delta_type_1 = NETR_DELTA_GROUP,
1341 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER,
1342 .comment = "NETR_DELTA_GROUP by rid 512"
1343 },
1344 {
1345 .rid = DOMAIN_RID_ADMINS,
1346 .flags = 0,
1347 .db_index = SAM_DATABASE_DOMAIN,
1348 .delta_type = NETR_DELTA_GROUP_MEMBER,
1349 .sid = null_sid,
1350 .name = NULL,
1351 .expected_error = NT_STATUS_OK,
1352 .expected_num_results = 2,
1353 .expected_delta_type_1 = NETR_DELTA_GROUP,
1354 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER,
1355 .comment = "NETR_DELTA_GROUP_MEMBER by rid 512"
1356 },
1357
1358
1359 /* SAM_DATABASE_BUILTIN */
1360
1361 {
1362 .rid = 0,
1363 .flags = 0,
1364 .db_index = SAM_DATABASE_BUILTIN,
1365 .delta_type = NETR_DELTA_MODIFY_COUNT,
1366 .sid = null_sid,
1367 .name = NULL,
1368 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1369 .expected_num_results = 0,
1370 .comment = "NETR_DELTA_MODIFY_COUNT"
1371 },
1372 {
1373 .rid = 0,
1374 .flags = 0,
1375 .db_index = SAM_DATABASE_BUILTIN,
1376 .delta_type = NETR_DELTA_DOMAIN,
1377 .sid = null_sid,
1378 .name = NULL,
1379 .expected_error = NT_STATUS_OK,
1380 .expected_num_results = 1,
1381 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1382 .comment = "NETR_DELTA_DOMAIN"
1383 },
1384 {
1385 .rid = DOMAIN_RID_ADMINISTRATOR,
1386 .flags = 0,
1387 .db_index = SAM_DATABASE_BUILTIN,
1388 .delta_type = NETR_DELTA_USER,
1389 .sid = null_sid,
1390 .name = NULL,
1391 .expected_error = NT_STATUS_OK,
1392 .expected_num_results = 1,
1393 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1394 .comment = "NETR_DELTA_USER by rid 500"
1395 },
1396 {
1397 .rid = 0,
1398 .flags = 0,
1399 .db_index = SAM_DATABASE_BUILTIN,
1400 .delta_type = NETR_DELTA_USER,
1401 .sid = null_sid,
1402 .name = NULL,
1403 .expected_error = NT_STATUS_OK,
1404 .expected_num_results = 1,
1405 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1406 .comment = "NETR_DELTA_USER"
1407 },
1408 {
1409 .rid = 544,
1410 .flags = 0,
1411 .db_index = SAM_DATABASE_BUILTIN,
1412 .delta_type = NETR_DELTA_ALIAS,
1413 .sid = null_sid,
1414 .name = NULL,
1415 .expected_error = NT_STATUS_OK,
1416 .expected_num_results = 2,
1417 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1418 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1419 .comment = "NETR_DELTA_ALIAS by rid 544"
1420 },
1421 {
1422 .rid = 544,
1423 .flags = 0,
1424 .db_index = SAM_DATABASE_BUILTIN,
1425 .delta_type = NETR_DELTA_ALIAS_MEMBER,
1426 .sid = null_sid,
1427 .name = NULL,
1428 .expected_error = NT_STATUS_OK,
1429 .expected_num_results = 2,
1430 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1431 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1432 .comment = "NETR_DELTA_ALIAS_MEMBER by rid 544"
1433 },
1434 {
1435 .rid = 544,
1436 .flags = 0,
1437 .db_index = SAM_DATABASE_BUILTIN,
1438 .delta_type = 0,
1439 .sid = null_sid,
1440 .name = NULL,
1441 .expected_error = NT_STATUS_OK,
1442 .expected_num_results = 1,
1443 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1444 .comment = "NULL DELTA by rid 544"
1445 },
1446 {
1447 .rid = 544,
1448 .flags = NETR_CHANGELOG_SID_INCLUDED,
1449 .db_index = SAM_DATABASE_BUILTIN,
1450 .delta_type = 0,
1451 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1452 .name = NULL,
1453 .expected_error = NT_STATUS_OK,
1454 .expected_num_results = 1,
1455 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1456 .comment = "NULL DELTA by rid 544 sid S-1-5-32-544 and flags"
1457 },
1458 {
1459 .rid = 544,
1460 .flags = NETR_CHANGELOG_SID_INCLUDED,
1461 .db_index = SAM_DATABASE_BUILTIN,
1462 .delta_type = NETR_DELTA_ALIAS,
1463 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1464 .name = NULL,
1465 .expected_error = NT_STATUS_OK,
1466 .expected_num_results = 2,
1467 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1468 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1469 .comment = "NETR_DELTA_ALIAS by rid 544 and sid S-1-5-32-544 and flags"
1470 },
1471 {
1472 .rid = 0,
1473 .flags = NETR_CHANGELOG_SID_INCLUDED,
1474 .db_index = SAM_DATABASE_BUILTIN,
1475 .delta_type = NETR_DELTA_ALIAS,
1476 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1477 .name = NULL,
1478 .expected_error = NT_STATUS_OK,
1479 .expected_num_results = 1,
1480 .expected_delta_type_1 = NETR_DELTA_DELETE_ALIAS,
1481 .comment = "NETR_DELTA_ALIAS by sid S-1-5-32-544 and flags"
1482 },
1483
1484 /* SAM_DATABASE_PRIVS */
1485
1486 {
1487 .rid = 0,
1488 .flags = 0,
1489 .db_index = SAM_DATABASE_PRIVS,
1490 .delta_type = 0,
1491 .sid = null_sid,
1492 .name = NULL,
1493 .expected_error = NT_STATUS_ACCESS_DENIED,
1494 .expected_num_results = 0,
1495 .comment = "NULL DELTA"
1496 },
1497 {
1498 .rid = 0,
1499 .flags = 0,
1500 .db_index = SAM_DATABASE_PRIVS,
1501 .delta_type = NETR_DELTA_MODIFY_COUNT,
1502 .sid = null_sid,
1503 .name = NULL,
1504 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1505 .expected_num_results = 0,
1506 .comment = "NETR_DELTA_MODIFY_COUNT"
1507 },
1508 {
1509 .rid = 0,
1510 .flags = 0,
1511 .db_index = SAM_DATABASE_PRIVS,
1512 .delta_type = NETR_DELTA_POLICY,
1513 .sid = null_sid,
1514 .name = NULL,
1515 .expected_error = NT_STATUS_OK,
1516 .expected_num_results = 1,
1517 .expected_delta_type_1 = NETR_DELTA_POLICY,
1518 .comment = "NETR_DELTA_POLICY"
1519 },
1520 {
1521 .rid = 0,
1522 .flags = NETR_CHANGELOG_SID_INCLUDED,
1523 .db_index = SAM_DATABASE_PRIVS,
1524 .delta_type = NETR_DELTA_POLICY,
1525 .sid = null_sid,
1526 .name = NULL,
1527 .expected_error = NT_STATUS_OK,
1528 .expected_num_results = 1,
1529 .expected_delta_type_1 = NETR_DELTA_POLICY,
1530 .comment = "NETR_DELTA_POLICY by null sid and flags"
1531 },
1532 {
1533 .rid = 0,
1534 .flags = NETR_CHANGELOG_SID_INCLUDED,
1535 .db_index = SAM_DATABASE_PRIVS,
1536 .delta_type = NETR_DELTA_POLICY,
1537 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32"),
1538 .name = NULL,
1539 .expected_error = NT_STATUS_OK,
1540 .expected_num_results = 1,
1541 .expected_delta_type_1 = NETR_DELTA_POLICY,
1542 .comment = "NETR_DELTA_POLICY by sid S-1-5-32 and flags"
1543 },
1544 {
1545 .rid = DOMAIN_RID_ADMINISTRATOR,
1546 .flags = 0,
1547 .db_index = SAM_DATABASE_PRIVS,
1548 .delta_type = NETR_DELTA_ACCOUNT,
1549 .sid = null_sid,
1550 .name = NULL,
1551 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED, /* strange */
1552 .expected_num_results = 0,
1553 .comment = "NETR_DELTA_ACCOUNT by rid 500"
1554 },
1555 {
1556 .rid = 0,
1557 .flags = NETR_CHANGELOG_SID_INCLUDED,
1558 .db_index = SAM_DATABASE_PRIVS,
1559 .delta_type = NETR_DELTA_ACCOUNT,
1560 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1561 .name = NULL,
1562 .expected_error = NT_STATUS_OK,
1563 .expected_num_results = 1,
1564 .expected_delta_type_1 = NETR_DELTA_ACCOUNT,
1565 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and flags"
1566 },
1567 {
1568 .rid = 0,
1569 .flags = NETR_CHANGELOG_SID_INCLUDED |
1570 NETR_CHANGELOG_IMMEDIATE_REPL_REQUIRED,
1571 .db_index = SAM_DATABASE_PRIVS,
1572 .delta_type = NETR_DELTA_ACCOUNT,
1573 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1574 .name = NULL,
1575 .expected_error = NT_STATUS_OK,
1576 .expected_num_results = 1,
1577 .expected_delta_type_1 = NETR_DELTA_ACCOUNT,
1578 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and 2 flags"
1579 },
1580 {
1581 .rid = 0,
1582 .flags = NETR_CHANGELOG_SID_INCLUDED |
1583 NETR_CHANGELOG_NAME_INCLUDED,
1584 .db_index = SAM_DATABASE_PRIVS,
1585 .delta_type = NETR_DELTA_ACCOUNT,
1586 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1587 .name = NULL,
1588 .expected_error = NT_STATUS_INVALID_PARAMETER,
1589 .expected_num_results = 0,
1590 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and invalid flags"
1591 },
1592 {
1593 .rid = DOMAIN_RID_ADMINISTRATOR,
1594 .flags = NETR_CHANGELOG_SID_INCLUDED,
1595 .db_index = SAM_DATABASE_PRIVS,
1596 .delta_type = NETR_DELTA_ACCOUNT,
1597 .sid = *sid,
1598 .name = NULL,
1599 .expected_error = NT_STATUS_OK,
1600 .expected_num_results = 1,
1601 .expected_delta_type_1 = NETR_DELTA_DELETE_ACCOUNT,
1602 .comment = "NETR_DELTA_ACCOUNT by rid 500, sid and flags"
1603 },
1604 {
1605 .rid = 0,
1606 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1607 .db_index = SAM_DATABASE_PRIVS,
1608 .delta_type = NETR_DELTA_SECRET,
1609 .sid = null_sid,
1610 .name = "IsurelydontexistIhope",
1611 .expected_error = NT_STATUS_OK,
1612 .expected_num_results = 1,
1613 .expected_delta_type_1 = NETR_DELTA_DELETE_SECRET,
1614 .comment = "NETR_DELTA_SECRET by name 'IsurelydontexistIhope' and flags"
1615 },
1616 {
1617 .rid = 0,
1618 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1619 .db_index = SAM_DATABASE_PRIVS,
1620 .delta_type = NETR_DELTA_SECRET,
1621 .sid = null_sid,
1622 .name = "G$BCKUPKEY_P",
1623 .expected_error = NT_STATUS_OK,
1624 .expected_num_results = 1,
1625 .expected_delta_type_1 = NETR_DELTA_SECRET,
1626 .comment = "NETR_DELTA_SECRET by name 'G$BCKUPKEY_P' and flags"
1627 }
1628 };
1629
1630 ZERO_STRUCT(return_authenticator);
1631
1632 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1633 r.in.computername = TEST_MACHINE_NAME;
1634 r.in.return_authenticator = &return_authenticator;
1635 r.out.return_authenticator = &return_authenticator;
1636 r.out.delta_enum_array = &delta_enum_array;
1637
1638 for (d=0; d<3; d++) {
1639 const char *database = NULL;
1640
1641 switch (d) {
1642 case 0:
1643 database = "SAM";
1644 break;
1645 case 1:
1646 database = "BUILTIN";
1647 break;
1648 case 2:
1649 database = "LSA";
1650 break;
1651 default:
1652 break;
1653 }
1654
1655 torture_comment(tctx, "Testing DatabaseRedo\n");
1656
1657 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1658 return false;
1659 }
1660
1661 for (i=0;i<ARRAY_SIZE(changes);i++) {
1662
1663 if (d != changes[i].db_index) {
1664 continue;
1665 }
1666
1667 netlogon_creds_client_authenticator(creds, &credential);
1668
1669 r.in.credential = &credential;
1670
1671 e.serial_number1 = 0;
1672 e.serial_number2 = 0;
1673 e.object_rid = changes[i].rid;
1674 e.flags = changes[i].flags;
1675 e.db_index = changes[i].db_index;
1676 e.delta_type = changes[i].delta_type;
1677
1678 switch (changes[i].flags & (NETR_CHANGELOG_NAME_INCLUDED | NETR_CHANGELOG_SID_INCLUDED)) {
1679 case NETR_CHANGELOG_SID_INCLUDED:
1680 e.object.object_sid = changes[i].sid;
1681 break;
1682 case NETR_CHANGELOG_NAME_INCLUDED:
1683 e.object.object_name = changes[i].name;
1684 break;
1685 default:
1686 break;
1687 }
1688
1689 r.in.change_log_entry = e;
1690
1691 torture_comment(tctx, "Testing DatabaseRedo with database %s and %s\n",
1692 database, changes[i].comment);
1693
1694 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseRedo_r(b, tctx, &r),
1695 "DatabaseRedo failed");
1696 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
1697 return true;
1698 }
1699
1700 torture_assert_ntstatus_equal(tctx, r.out.result, changes[i].expected_error, changes[i].comment);
1701 if (delta_enum_array) {
1702 torture_assert_int_equal(tctx,
1703 delta_enum_array->num_deltas,
1704 changes[i].expected_num_results,
1705 changes[i].comment);
1706 if (delta_enum_array->num_deltas > 0) {
1707 torture_assert_int_equal(tctx,
1708 delta_enum_array->delta_enum[0].delta_type,
1709 changes[i].expected_delta_type_1,
1710 changes[i].comment);
1711 }
1712 if (delta_enum_array->num_deltas > 1) {
1713 torture_assert_int_equal(tctx,
1714 delta_enum_array->delta_enum[1].delta_type,
1715 changes[i].expected_delta_type_2,
1716 changes[i].comment);
1717 }
1718 }
1719
1720 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
1721 torture_comment(tctx, "Credential chaining failed\n");
1722 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1723 return false;
1724 }
1725 }
1726 }
1727 }
1728 }
1729
1730 return true;
1731 }
1732
1733 /*
1734 try a netlogon AccountDeltas
1735 */
1736 static bool test_AccountDeltas(struct torture_context *tctx,
1737 struct dcerpc_pipe *p,
1738 struct cli_credentials *machine_credentials)
1739 {
1740 struct netr_AccountDeltas r;
1741 struct netlogon_creds_CredentialState *creds;
1742
1743 struct netr_AccountBuffer buffer;
1744 uint32_t count_returned = 0;
1745 uint32_t total_entries = 0;
1746 struct netr_UAS_INFO_0 recordid;
1747 struct netr_Authenticator return_authenticator;
1748 struct dcerpc_binding_handle *b = p->binding_handle;
1749
1750 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1751 return false;
1752 }
1753
1754 ZERO_STRUCT(return_authenticator);
1755
1756 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1757 r.in.computername = TEST_MACHINE_NAME;
1758 r.in.return_authenticator = &return_authenticator;
1759 netlogon_creds_client_authenticator(creds, &r.in.credential);
1760 ZERO_STRUCT(r.in.uas);
1761 r.in.count=10;
1762 r.in.level=0;
1763 r.in.buffersize=100;
1764 r.out.buffer = &buffer;
1765 r.out.count_returned = &count_returned;
1766 r.out.total_entries = &total_entries;
1767 r.out.recordid = &recordid;
1768 r.out.return_authenticator = &return_authenticator;
1769
1770 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1771 torture_assert_ntstatus_ok(tctx, dcerpc_netr_AccountDeltas_r(b, tctx, &r),
1772 "AccountDeltas failed");
1773 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_NOT_IMPLEMENTED, "AccountDeltas");
1774
1775 return true;
1776 }
1777
1778 /*
1779 try a netlogon AccountSync
1780 */
1781 static bool test_AccountSync(struct torture_context *tctx, struct dcerpc_pipe *p,
1782 struct cli_credentials *machine_credentials)
1783 {
1784 struct netr_AccountSync r;
1785 struct netlogon_creds_CredentialState *creds;
1786
1787 struct netr_AccountBuffer buffer;
1788 uint32_t count_returned = 0;
1789 uint32_t total_entries = 0;
1790 uint32_t next_reference = 0;
1791 struct netr_UAS_INFO_0 recordid;
1792 struct netr_Authenticator return_authenticator;
1793 struct dcerpc_binding_handle *b = p->binding_handle;
1794
1795 ZERO_STRUCT(recordid);
1796 ZERO_STRUCT(return_authenticator);
1797
1798 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1799 return false;
1800 }
1801
1802 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1803 r.in.computername = TEST_MACHINE_NAME;
1804 r.in.return_authenticator = &return_authenticator;
1805 netlogon_creds_client_authenticator(creds, &r.in.credential);
1806 r.in.recordid = &recordid;
1807 r.in.reference=0;
1808 r.in.level=0;
1809 r.in.buffersize=100;
1810 r.out.buffer = &buffer;
1811 r.out.count_returned = &count_returned;
1812 r.out.total_entries = &total_entries;
1813 r.out.next_reference = &next_reference;
1814 r.out.recordid = &recordid;
1815 r.out.return_authenticator = &return_authenticator;
1816
1817 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1818 torture_assert_ntstatus_ok(tctx, dcerpc_netr_AccountSync_r(b, tctx, &r),
1819 "AccountSync failed");
1820 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_NOT_IMPLEMENTED, "AccountSync");
1821
1822 return true;
1823 }
1824
1825 /*
1826 try a netlogon GetDcName
1827 */
1828 static bool test_GetDcName(struct torture_context *tctx,
1829 struct dcerpc_pipe *p)
1830 {
1831 struct netr_GetDcName r;
1832 const char *dcname = NULL;
1833 struct dcerpc_binding_handle *b = p->binding_handle;
1834
1835 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1836 r.in.domainname = lpcfg_workgroup(tctx->lp_ctx);
1837 r.out.dcname = &dcname;
1838
1839 torture_assert_ntstatus_ok(tctx, dcerpc_netr_GetDcName_r(b, tctx, &r),
1840 "GetDcName failed");
1841 torture_assert_werr_ok(tctx, r.out.result, "GetDcName failed");
1842
1843 torture_comment(tctx, "\tDC is at '%s'\n", dcname);
1844
1845 return true;
1846 }
1847
1848 static const char *function_code_str(TALLOC_CTX *mem_ctx,
1849 enum netr_LogonControlCode function_code)
1850 {
1851 switch (function_code) {
1852 case NETLOGON_CONTROL_QUERY:
1853 return "NETLOGON_CONTROL_QUERY";
1854 case NETLOGON_CONTROL_REPLICATE:
1855 return "NETLOGON_CONTROL_REPLICATE";
1856 case NETLOGON_CONTROL_SYNCHRONIZE:
1857 return "NETLOGON_CONTROL_SYNCHRONIZE";
1858 case NETLOGON_CONTROL_PDC_REPLICATE:
1859 return "NETLOGON_CONTROL_PDC_REPLICATE";
1860 case NETLOGON_CONTROL_REDISCOVER:
1861 return "NETLOGON_CONTROL_REDISCOVER";
1862 case NETLOGON_CONTROL_TC_QUERY:
1863 return "NETLOGON_CONTROL_TC_QUERY";
1864 case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1865 return "NETLOGON_CONTROL_TRANSPORT_NOTIFY";
1866 case NETLOGON_CONTROL_FIND_USER:
1867 return "NETLOGON_CONTROL_FIND_USER";
1868 case NETLOGON_CONTROL_CHANGE_PASSWORD:
1869 return "NETLOGON_CONTROL_CHANGE_PASSWORD";
1870 case NETLOGON_CONTROL_TC_VERIFY:
1871 return "NETLOGON_CONTROL_TC_VERIFY";
1872 case NETLOGON_CONTROL_FORCE_DNS_REG:
1873 return "NETLOGON_CONTROL_FORCE_DNS_REG";
1874 case NETLOGON_CONTROL_QUERY_DNS_REG:
1875 return "NETLOGON_CONTROL_QUERY_DNS_REG";
1876 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1877 return "NETLOGON_CONTROL_BACKUP_CHANGE_LOG";
1878 case NETLOGON_CONTROL_TRUNCATE_LOG:
1879 return "NETLOGON_CONTROL_TRUNCATE_LOG";
1880 case NETLOGON_CONTROL_SET_DBFLAG:
1881 return "NETLOGON_CONTROL_SET_DBFLAG";
1882 case NETLOGON_CONTROL_BREAKPOINT:
1883 return "NETLOGON_CONTROL_BREAKPOINT";
1884 default:
1885 return talloc_asprintf(mem_ctx, "unknown function code: %d",
1886 function_code);
1887 }
1888 }
1889
1890
1891 /*
1892 try a netlogon LogonControl
1893 */
1894 static bool test_LogonControl(struct torture_context *tctx,
1895 struct dcerpc_pipe *p,
1896 struct cli_credentials *machine_credentials)
1897
1898 {
1899 NTSTATUS status;
1900 struct netr_LogonControl r;
1901 union netr_CONTROL_QUERY_INFORMATION query;
1902 int i,f;
1903 enum netr_SchannelType secure_channel_type = SEC_CHAN_NULL;
1904 struct dcerpc_binding_handle *b = p->binding_handle;
1905
1906 uint32_t function_codes[] = {
1907 NETLOGON_CONTROL_QUERY,
1908 NETLOGON_CONTROL_REPLICATE,
1909 NETLOGON_CONTROL_SYNCHRONIZE,
1910 NETLOGON_CONTROL_PDC_REPLICATE,
1911 NETLOGON_CONTROL_REDISCOVER,
1912 NETLOGON_CONTROL_TC_QUERY,
1913 NETLOGON_CONTROL_TRANSPORT_NOTIFY,
1914 NETLOGON_CONTROL_FIND_USER,
1915 NETLOGON_CONTROL_CHANGE_PASSWORD,
1916 NETLOGON_CONTROL_TC_VERIFY,
1917 NETLOGON_CONTROL_FORCE_DNS_REG,
1918 NETLOGON_CONTROL_QUERY_DNS_REG,
1919 NETLOGON_CONTROL_BACKUP_CHANGE_LOG,
1920 NETLOGON_CONTROL_TRUNCATE_LOG,
1921 NETLOGON_CONTROL_SET_DBFLAG,
1922 NETLOGON_CONTROL_BREAKPOINT
1923 };
1924
1925 if (machine_credentials) {
1926 secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
1927 }
1928
1929 torture_comment(tctx, "Testing LogonControl with secure channel type: %d\n",
1930 secure_channel_type);
1931
1932 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1933 r.in.function_code = 1;
1934 r.out.query = &query;
1935
1936 for (f=0;f<ARRAY_SIZE(function_codes); f++) {
1937 for (i=1;i<5;i++) {
1938
1939 r.in.function_code = function_codes[f];
1940 r.in.level = i;
1941
1942 torture_comment(tctx, "Testing LogonControl function code %s (%d) level %d\n",
1943 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
1944
1945 status = dcerpc_netr_LogonControl_r(b, tctx, &r);
1946 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1947
1948 switch (r.in.level) {
1949 case 1:
1950 switch (r.in.function_code) {
1951 case NETLOGON_CONTROL_REPLICATE:
1952 case NETLOGON_CONTROL_SYNCHRONIZE:
1953 case NETLOGON_CONTROL_PDC_REPLICATE:
1954 case NETLOGON_CONTROL_BREAKPOINT:
1955 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1956 if ((secure_channel_type == SEC_CHAN_BDC) ||
1957 (secure_channel_type == SEC_CHAN_WKSTA)) {
1958 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1959 "LogonControl returned unexpected error code");
1960 } else {
1961 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1962 "LogonControl returned unexpected error code");
1963 }
1964 break;
1965
1966 case NETLOGON_CONTROL_REDISCOVER:
1967 case NETLOGON_CONTROL_TC_QUERY:
1968 case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1969 case NETLOGON_CONTROL_FIND_USER:
1970 case NETLOGON_CONTROL_CHANGE_PASSWORD:
1971 case NETLOGON_CONTROL_TC_VERIFY:
1972 case NETLOGON_CONTROL_FORCE_DNS_REG:
1973 case NETLOGON_CONTROL_QUERY_DNS_REG:
1974 case NETLOGON_CONTROL_SET_DBFLAG:
1975 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1976 "LogonControl returned unexpected error code");
1977 break;
1978 case NETLOGON_CONTROL_TRUNCATE_LOG:
1979 if ((secure_channel_type == SEC_CHAN_BDC) ||
1980 (secure_channel_type == SEC_CHAN_WKSTA)) {
1981 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1982 "LogonControl returned unexpected error code");
1983 } else {
1984 torture_assert_werr_ok(tctx, r.out.result,
1985 "LogonControl returned unexpected result");
1986 }
1987 break;
1988 default:
1989 torture_assert_werr_ok(tctx, r.out.result,
1990 "LogonControl returned unexpected result");
1991 break;
1992 }
1993 break;
1994 case 2:
1995 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1996 "LogonControl returned unexpected error code");
1997 break;
1998 default:
1999 torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL,
2000 "LogonControl returned unexpected error code");
2001 break;
2002 }
2003 }
2004 }
2005
2006 r.in.level = 52;
2007 torture_comment(tctx, "Testing LogonControl function code %s (%d) level %d\n",
2008 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
2009 status = dcerpc_netr_LogonControl_r(b, tctx, &r);
2010 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2011 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_LEVEL, "LogonControl");
2012
2013 return true;
2014 }
2015
2016
2017 /*
2018 try a netlogon GetAnyDCName
2019 */
2020 static bool test_GetAnyDCName(struct torture_context *tctx,
2021 struct dcerpc_pipe *p)
2022 {
2023 NTSTATUS status;
2024 struct netr_GetAnyDCName r;
2025 const char *dcname = NULL;
2026 struct dcerpc_binding_handle *b = p->binding_handle;
2027
2028 r.in.domainname = lpcfg_workgroup(tctx->lp_ctx);
2029 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2030 r.out.dcname = &dcname;
2031
2032 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
2033 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
2034 if ((!W_ERROR_IS_OK(r.out.result)) &&
2035 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
2036 return false;
2037 }
2038
2039 if (dcname) {
2040 torture_comment(tctx, "\tDC is at '%s'\n", dcname);
2041 }
2042
2043 r.in.domainname = NULL;
2044
2045 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
2046 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
2047 if ((!W_ERROR_IS_OK(r.out.result)) &&
2048 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
2049 return false;
2050 }
2051
2052 r.in.domainname = "";
2053
2054 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
2055 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
2056 if ((!W_ERROR_IS_OK(r.out.result)) &&
2057 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
2058 return false;
2059 }
2060
2061 return true;
2062 }
2063
2064
2065 /*
2066 try a netlogon LogonControl2
2067 */
2068 static bool test_LogonControl2(struct torture_context *tctx,
2069 struct dcerpc_pipe *p,
2070 struct cli_credentials *machine_credentials)
2071
2072 {
2073 NTSTATUS status;
2074 struct netr_LogonControl2 r;
2075 union netr_CONTROL_DATA_INFORMATION data;
2076 union netr_CONTROL_QUERY_INFORMATION query;
2077 int i;
2078 struct dcerpc_binding_handle *b = p->binding_handle;
2079
2080 data.domain = lpcfg_workgroup(tctx->lp_ctx);
2081
2082 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2083
2084 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
2085 r.in.data = &data;
2086 r.out.query = &query;
2087
2088 for (i=1;i<4;i++) {
2089 r.in.level = i;
2090
2091 torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
2092 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
2093
2094 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
2095 torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
2096 }
2097
2098 data.domain = lpcfg_workgroup(tctx->lp_ctx);
2099
2100 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
2101 r.in.data = &data;
2102
2103 for (i=1;i<4;i++) {
2104 r.in.level = i;
2105
2106 torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
2107 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
2108
2109 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
2110 torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
2111 }
2112
2113 data.domain = lpcfg_workgroup(tctx->lp_ctx);
2114
2115 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
2116 r.in.data = &data;
2117
2118 for (i=1;i<4;i++) {
2119 r.in.level = i;
2120
2121 torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
2122 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
2123
2124 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
2125 torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
2126 }
2127
2128 data.debug_level = ~0;
2129
2130 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
2131 r.in.data = &data;
2132
2133 for (i=1;i<4;i++) {
2134 r.in.level = i;
2135
2136 torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
2137 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
2138
2139 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
2140 torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
2141 }
2142
2143 ZERO_STRUCT(data);
2144 r.in.function_code = 52;
2145 r.in.data = &data;
2146
2147 torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
2148 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
2149
2150 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
2151 torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
2152 torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL, "LogonControl2");
2153
2154 data.debug_level = ~0;
2155
2156 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
2157 r.in.data = &data;
2158
2159 r.in.level = 52;
2160 torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
2161 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
2162
2163 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
2164 torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
2165 torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL, "LogonControl2");
2166
2167 return true;
2168 }
2169
2170 /*
2171 try a netlogon DatabaseSync2
2172 */
2173 static bool test_DatabaseSync2(struct torture_context *tctx,
2174 struct dcerpc_pipe *p,
2175 struct cli_credentials *machine_credentials)
2176 {
2177 struct netr_DatabaseSync2 r;
2178 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
2179 struct netr_Authenticator return_authenticator, credential;
2180
2181 struct netlogon_creds_CredentialState *creds;
2182 const uint32_t database_ids[] = {0, 1, 2};
2183 int i;
2184 struct dcerpc_binding_handle *b = p->binding_handle;
2185
2186 if (!test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_FLAGS,
2187 machine_credentials,
2188 cli_credentials_get_secure_channel_type(machine_credentials),
2189 &creds)) {
2190 return false;
2191 }
2192
2193 ZERO_STRUCT(return_authenticator);
2194
2195 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2196 r.in.computername = TEST_MACHINE_NAME;
2197 r.in.preferredmaximumlength = (uint32_t)-1;
2198 r.in.return_authenticator = &return_authenticator;
2199 r.out.return_authenticator = &return_authenticator;
2200 r.out.delta_enum_array = &delta_enum_array;
2201
2202 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
2203
2204 uint32_t sync_context = 0;
2205
2206 r.in.database_id = database_ids[i];
2207 r.in.sync_context = &sync_context;
2208 r.out.sync_context = &sync_context;
2209 r.in.restart_state = 0;
2210
2211 torture_comment(tctx, "Testing DatabaseSync2 of id %d\n", r.in.database_id);
2212
2213 do {
2214 netlogon_creds_client_authenticator(creds, &credential);
2215
2216 r.in.credential = &credential;
2217
2218 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseSync2_r(b, tctx, &r),
2219 "DatabaseSync2 failed");
2220 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
2221 break;
2222
2223 /* Native mode servers don't do this */
2224 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
2225 return true;
2226 }
2227
2228 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseSync2");
2229
2230 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
2231 torture_comment(tctx, "Credential chaining failed\n");
2232 }
2233
2234 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
2235 }
2236
2237 return true;
2238 }
2239
2240
2241 /*
2242 try a netlogon LogonControl2Ex
2243 */
2244 static bool test_LogonControl2Ex(struct torture_context *tctx,
2245 struct dcerpc_pipe *p,
2246 struct cli_credentials *machine_credentials)
2247
2248 {
2249 NTSTATUS status;
2250 struct netr_LogonControl2Ex r;
2251 union netr_CONTROL_DATA_INFORMATION data;
2252 union netr_CONTROL_QUERY_INFORMATION query;
2253 int i;
2254 struct dcerpc_binding_handle *b = p->binding_handle;
2255
2256 data.domain = lpcfg_workgroup(tctx->lp_ctx);
2257
2258 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2259
2260 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
2261 r.in.data = &data;
2262 r.out.query = &query;
2263
2264 for (i=1;i<4;i++) {
2265 r.in.level = i;
2266
2267 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2268 i, r.in.function_code);
2269
2270 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2271 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2272 }
2273
2274 data.domain = lpcfg_workgroup(tctx->lp_ctx);
2275
2276 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
2277 r.in.data = &data;
2278
2279 for (i=1;i<4;i++) {
2280 r.in.level = i;
2281
2282 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2283 i, r.in.function_code);
2284
2285 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2286 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2287 }
2288
2289 data.domain = lpcfg_workgroup(tctx->lp_ctx);
2290
2291 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
2292 r.in.data = &data;
2293
2294 for (i=1;i<4;i++) {
2295 r.in.level = i;
2296
2297 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2298 i, r.in.function_code);
2299
2300 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2301 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2302 }
2303
2304 data.debug_level = ~0;
2305
2306 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
2307 r.in.data = &data;
2308
2309 for (i=1;i<4;i++) {
2310 r.in.level = i;
2311
2312 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2313 i, r.in.function_code);
2314
2315 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2316 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2317 }
2318
2319 return true;
2320 }
2321
2322 static bool test_netr_GetForestTrustInformation(struct torture_context *tctx,
2323 struct dcerpc_pipe *p,
2324 struct cli_credentials *machine_credentials)
2325 {
2326 struct netr_GetForestTrustInformation r;
2327 struct netlogon_creds_CredentialState *creds;
2328 struct netr_Authenticator a;
2329 struct netr_Authenticator return_authenticator;
2330 struct lsa_ForestTrustInformation *forest_trust_info;
2331 struct dcerpc_binding_handle *b = p->binding_handle;
2332
2333 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2334 machine_credentials, &creds)) {
2335 return false;
2336 }
2337
2338 netlogon_creds_client_authenticator(creds, &a);
2339
2340 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2341 r.in.computer_name = TEST_MACHINE_NAME;
2342 r.in.credential = &a;
2343 r.in.flags = 0;
2344 r.out.return_authenticator = &return_authenticator;
2345 r.out.forest_trust_info = &forest_trust_info;
2346
2347 torture_assert_ntstatus_ok(tctx,
2348 dcerpc_netr_GetForestTrustInformation_r(b, tctx, &r),
2349 "netr_GetForestTrustInformation failed");
2350 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_IMPLEMENTED)) {
2351 torture_comment(tctx, "not considering NT_STATUS_NOT_IMPLEMENTED as an error\n");
2352 } else {
2353 torture_assert_ntstatus_ok(tctx, r.out.result,
2354 "netr_GetForestTrustInformation failed");
2355 }
2356
2357 torture_assert(tctx,
2358 netlogon_creds_client_check(creds, &return_authenticator.cred),
2359 "Credential chaining failed");
2360
2361 return true;
2362 }
2363
2364 static bool test_netr_DsRGetForestTrustInformation(struct torture_context *tctx,
2365 struct dcerpc_pipe *p, const char *trusted_domain_name)
2366 {
2367 NTSTATUS status;
2368 struct netr_DsRGetForestTrustInformation r;
2369 struct lsa_ForestTrustInformation info, *info_ptr;
2370 struct dcerpc_binding_handle *b = p->binding_handle;
2371
2372 info_ptr = &info;
2373
2374 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2375 r.in.trusted_domain_name = trusted_domain_name;
2376 r.in.flags = 0;
2377 r.out.forest_trust_info = &info_ptr;
2378
2379 torture_comment(tctx ,"Testing netr_DsRGetForestTrustInformation\n");
2380
2381 status = dcerpc_netr_DsRGetForestTrustInformation_r(b, tctx, &r);
2382 torture_assert_ntstatus_ok(tctx, status, "DsRGetForestTrustInformation");
2383 torture_assert_werr_ok(tctx, r.out.result, "DsRGetForestTrustInformation");
2384
2385 return true;
2386 }
2387
2388 /*
2389 try a netlogon netr_DsrEnumerateDomainTrusts
2390 */
2391 static bool test_DsrEnumerateDomainTrusts(struct torture_context *tctx,
2392 struct dcerpc_pipe *p)
2393 {
2394 NTSTATUS status;
2395 struct netr_DsrEnumerateDomainTrusts r;
2396 struct netr_DomainTrustList trusts;
2397 int i;
2398 struct dcerpc_binding_handle *b = p->binding_handle;
2399
2400 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2401 r.in.trust_flags = 0x3f;
2402 r.out.trusts = &trusts;
2403
2404 status = dcerpc_netr_DsrEnumerateDomainTrusts_r(b, tctx, &r);
2405 torture_assert_ntstatus_ok(tctx, status, "DsrEnumerateDomaintrusts");
2406 torture_assert_werr_ok(tctx, r.out.result, "DsrEnumerateDomaintrusts");
2407
2408 /* when trusted_domain_name is NULL, netr_DsRGetForestTrustInformation
2409 * will show non-forest trusts and all UPN suffixes of the own forest
2410 * as LSA_FOREST_TRUST_TOP_LEVEL_NAME types */
2411
2412 if (r.out.trusts->count) {
2413 if (!test_netr_DsRGetForestTrustInformation(tctx, p, NULL)) {
2414 return false;
2415 }
2416 }
2417
2418 for (i=0; i<r.out.trusts->count; i++) {
2419
2420 /* get info for transitive forest trusts */
2421
2422 if (r.out.trusts->array[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
2423 if (!test_netr_DsRGetForestTrustInformation(tctx, p,
2424 r.out.trusts->array[i].dns_name)) {
2425 return false;
2426 }
2427 }
2428 }
2429
2430 return true;
2431 }
2432
2433 static bool test_netr_NetrEnumerateTrustedDomains(struct torture_context *tctx,
2434 struct dcerpc_pipe *p)
2435 {
2436 NTSTATUS status;
2437 struct netr_NetrEnumerateTrustedDomains r;
2438 struct netr_Blob trusted_domains_blob;
2439 struct dcerpc_binding_handle *b = p->binding_handle;
2440
2441 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2442 r.out.trusted_domains_blob = &trusted_domains_blob;
2443
2444 status = dcerpc_netr_NetrEnumerateTrustedDomains_r(b, tctx, &r);
2445 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomains");
2446 torture_assert_ntstatus_ok(tctx, r.out.result, "NetrEnumerateTrustedDomains");
2447
2448 return true;
2449 }
2450
2451 static bool test_netr_NetrEnumerateTrustedDomainsEx(struct torture_context *tctx,
2452 struct dcerpc_pipe *p)
2453 {
2454 NTSTATUS status;
2455 struct netr_NetrEnumerateTrustedDomainsEx r;
2456 struct netr_DomainTrustList dom_trust_list;
2457 struct dcerpc_binding_handle *b = p->binding_handle;
2458
2459 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2460 r.out.dom_trust_list = &dom_trust_list;
2461
2462 status = dcerpc_netr_NetrEnumerateTrustedDomainsEx_r(b, tctx, &r);
2463 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomainsEx");
2464 torture_assert_werr_ok(tctx, r.out.result, "NetrEnumerateTrustedDomainsEx");
2465
2466 return true;
2467 }
2468
2469
2470 static bool test_netr_DsRGetSiteName(struct dcerpc_pipe *p, struct torture_context *tctx,
2471 const char *computer_name,
2472 const char *expected_site)
2473 {
2474 NTSTATUS status;
2475 struct netr_DsRGetSiteName r;
2476 const char *site = NULL;
2477 struct dcerpc_binding_handle *b = p->binding_handle;
2478
2479 r.in.computer_name = computer_name;
2480 r.out.site = &site;
2481 torture_comment(tctx, "Testing netr_DsRGetSiteName\n");
2482
2483 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
2484 torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
2485 torture_assert_werr_ok(tctx, r.out.result, "DsRGetSiteName");
2486 torture_assert_str_equal(tctx, expected_site, site, "netr_DsRGetSiteName");
2487
2488 return true;
2489 }
2490
2491 /*
2492 try a netlogon netr_DsRGetDCName
2493 */
2494 static bool test_netr_DsRGetDCName(struct torture_context *tctx,
2495 struct dcerpc_pipe *p)
2496 {
2497 NTSTATUS status;
2498 struct netr_DsRGetDCName r;
2499 struct netr_DsRGetDCNameInfo *info = NULL;
2500 struct dcerpc_binding_handle *b = p->binding_handle;
2501
2502 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2503 r.in.domain_name = lpcfg_dnsdomain(tctx->lp_ctx);
2504 r.in.domain_guid = NULL;
2505 r.in.site_guid = NULL;
2506 r.in.flags = DS_RETURN_DNS_NAME;
2507 r.out.info = &info;
2508
2509 status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
2510 torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
2511 torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
2512
2513 torture_assert_int_equal(tctx,
2514 (info->dc_flags & (DS_DNS_CONTROLLER)),
2515 DS_DNS_CONTROLLER,
2516 "DsRGetDCName");
2517 torture_assert_int_equal(tctx,
2518 (info->dc_flags & (DS_DNS_DOMAIN)),
2519 DS_DNS_DOMAIN,
2520 "DsRGetDCName");
2521 torture_assert_int_equal(tctx,
2522 (info->dc_flags & (DS_DNS_FOREST_ROOT)),
2523 DS_DNS_FOREST_ROOT,
2524 "DsRGetDCName");
2525
2526 r.in.domain_name = lpcfg_workgroup(tctx->lp_ctx);
2527 r.in.flags = 0;
2528
2529 status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
2530 torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
2531 torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
2532
2533 torture_assert_int_equal(tctx,
2534 (info->dc_flags & (DS_DNS_CONTROLLER)), 0,
2535 "DsRGetDCName");
2536 torture_assert_int_equal(tctx,
2537 (info->dc_flags & (DS_DNS_DOMAIN)), 0,
2538 "DsRGetDCName");
2539 torture_assert_int_equal(tctx,
2540 (info->dc_flags & (DS_DNS_FOREST_ROOT)),
2541 DS_DNS_FOREST_ROOT,
2542 "DsRGetDCName");
2543
2544 if (strcasecmp(info->dc_site_name, info->client_site_name) == 0) {
2545 torture_assert_int_equal(tctx,
2546 (info->dc_flags & (DS_SERVER_CLOSEST)),
2547 DS_SERVER_CLOSEST,
2548 "DsRGetDCName");
2549 }
2550
2551 return test_netr_DsRGetSiteName(p, tctx,
2552 info->dc_unc,
2553 info->dc_site_name);
2554 }
2555
2556 /*
2557 try a netlogon netr_DsRGetDCNameEx
2558 */
2559 static bool test_netr_DsRGetDCNameEx(struct torture_context *tctx,
2560 struct dcerpc_pipe *p)
2561 {
2562 NTSTATUS status;
2563 struct netr_DsRGetDCNameEx r;
2564 struct netr_DsRGetDCNameInfo *info = NULL;
2565 struct dcerpc_binding_handle *b = p->binding_handle;
2566
2567 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2568 r.in.domain_name = lpcfg_dnsdomain(tctx->lp_ctx);
2569 r.in.domain_guid = NULL;
2570 r.in.site_name = NULL;
2571 r.in.flags = DS_RETURN_DNS_NAME;
2572 r.out.info = &info;
2573
2574 status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
2575 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
2576 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
2577
2578 torture_assert_int_equal(tctx,
2579 (info->dc_flags & (DS_DNS_CONTROLLER)),
2580 DS_DNS_CONTROLLER,
2581 "DsRGetDCNameEx");
2582 torture_assert_int_equal(tctx,
2583 (info->dc_flags & (DS_DNS_DOMAIN)),
2584 DS_DNS_DOMAIN,
2585 "DsRGetDCNameEx");
2586 torture_assert_int_equal(tctx,
2587 (info->dc_flags & (DS_DNS_FOREST_ROOT)),
2588 DS_DNS_FOREST_ROOT,
2589 "DsRGetDCNameEx");
2590
2591 r.in.domain_name = lpcfg_workgroup(tctx->lp_ctx);
2592 r.in.flags = 0;
2593
2594 status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
2595 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
2596 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
2597
2598 torture_assert_int_equal(tctx,
2599 (info->dc_flags & (DS_DNS_CONTROLLER)), 0,
2600 "DsRGetDCNameEx");
2601 torture_assert_int_equal(tctx,
2602 (info->dc_flags & (DS_DNS_DOMAIN)), 0,
2603 "DsRGetDCNameEx");
2604 torture_assert_int_equal(tctx,
2605 (info->dc_flags & (DS_DNS_FOREST_ROOT)),
2606 DS_DNS_FOREST_ROOT,
2607 "DsRGetDCNameEx");
2608
2609 if (strcasecmp(info->dc_site_name, info->client_site_name) == 0) {
2610 torture_assert_int_equal(tctx,
2611 (info->dc_flags & (DS_SERVER_CLOSEST)),
2612 DS_SERVER_CLOSEST,
2613 "DsRGetDCNameEx");
2614 }
2615
2616 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2617 info->dc_site_name);
2618 }
2619
2620 /*
2621 try a netlogon netr_DsRGetDCNameEx2
2622 */
2623 static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx,
2624 struct dcerpc_pipe *p)
2625 {
2626 NTSTATUS status;
2627 struct netr_DsRGetDCNameEx2 r;
2628 struct netr_DsRGetDCNameInfo *info = NULL;
2629 struct dcerpc_binding_handle *b = p->binding_handle;
2630
2631 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with no inputs\n");
2632 ZERO_STRUCT(r.in);
2633 r.in.flags = DS_RETURN_DNS_NAME;
2634 r.out.info = &info;
2635
2636 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2637 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2638 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2639
2640 torture_assert_int_equal(tctx,
2641 (info->dc_flags & (DS_DNS_CONTROLLER)),
2642 DS_DNS_CONTROLLER,
2643 "DsRGetDCNameEx2");
2644 torture_assert_int_equal(tctx,
2645 (info->dc_flags & (DS_DNS_DOMAIN)),
2646 DS_DNS_DOMAIN,
2647 "DsRGetDCNameEx2");
2648 torture_assert_int_equal(tctx,
2649 (info->dc_flags & (DS_DNS_FOREST_ROOT)),
2650 DS_DNS_FOREST_ROOT,
2651 "DsRGetDCNameEx2");
2652
2653 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2654 r.in.client_account = NULL;
2655 r.in.mask = 0x00000000;
2656 r.in.domain_name = lpcfg_dnsdomain(tctx->lp_ctx);
2657 r.in.domain_guid = NULL;
2658 r.in.site_name = NULL;
2659 r.in.flags = DS_RETURN_DNS_NAME;
2660 r.out.info = &info;
2661
2662 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 without client account\n");
2663
2664 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2665 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2666 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2667
2668 r.in.domain_name = lpcfg_workgroup(tctx->lp_ctx);
2669 r.in.flags = 0;
2670
2671 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2672 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2673 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2674
2675 torture_assert_int_equal(tctx,
2676 (info->dc_flags & (DS_DNS_CONTROLLER)), 0,
2677 "DsRGetDCNameEx2");
2678 torture_assert_int_equal(tctx,
2679 (info->dc_flags & (DS_DNS_DOMAIN)), 0,
2680 "DsRGetDCNameEx2");
2681 torture_assert_int_equal(tctx,
2682 (info->dc_flags & (DS_DNS_FOREST_ROOT)),
2683 DS_DNS_FOREST_ROOT,
2684 "DsRGetDCNameEx2");
2685
2686 if (strcasecmp(info->dc_site_name, info->client_site_name) == 0) {
2687 torture_assert_int_equal(tctx,
2688 (info->dc_flags & (DS_SERVER_CLOSEST)),
2689 DS_SERVER_CLOSEST,
2690 "DsRGetDCNameEx2");
2691 }
2692
2693 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with client account\n");
2694 r.in.client_account = TEST_MACHINE_NAME"$";
2695 r.in.mask = ACB_SVRTRUST;
2696 r.in.flags = DS_RETURN_FLAT_NAME;
2697 r.out.info = &info;
2698
2699 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2700 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2701 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2702
2703 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2704 info->dc_site_name);
2705 }
2706
2707 /* This is a substitution for "samdb_server_site_name" which relies on the
2708 * correct "lp_ctx" and therefore can't be used here. */
2709 static const char *server_site_name(struct torture_context *tctx,
2710 struct ldb_context *ldb)
2711 {
2712 TALLOC_CTX *tmp_ctx;
2713 struct ldb_dn *dn, *server_dn;
2714 const struct ldb_val *site_name_val;
2715 const char *server_dn_str, *site_name;
2716
2717 tmp_ctx = talloc_new(ldb);
2718 if (tmp_ctx == NULL) {
2719 goto failed;
2720 }
2721
2722 dn = ldb_dn_new(tmp_ctx, ldb, "");
2723 if (dn == NULL) {
2724 goto failed;
2725 }
2726
2727 server_dn_str = samdb_search_string(ldb, tmp_ctx, dn, "serverName",
2728 NULL);
2729 if (server_dn_str == NULL) {
2730 goto failed;
2731 }
2732
2733 server_dn = ldb_dn_new(tmp_ctx, ldb, server_dn_str);
2734 if (server_dn == NULL) {
2735 goto failed;
2736 }
2737
2738 /* CN=<Server name>, CN=Servers, CN=<Site name>, CN=Sites, ... */
2739 site_name_val = ldb_dn_get_component_val(server_dn, 2);
2740 if (site_name_val == NULL) {
2741 goto failed;
2742 }
2743
2744 site_name = (const char *) site_name_val->data;
2745
2746 talloc_steal(tctx, site_name);
2747 talloc_free(tmp_ctx);
2748
2749 return site_name;
2750
2751 failed:
2752 talloc_free(tmp_ctx);
2753 return NULL;
2754 }
2755
2756 static bool test_netr_DsrGetDcSiteCoverageW(struct torture_context *tctx,
2757 struct dcerpc_pipe *p)
2758 {
2759 char *url;
2760 struct ldb_context *sam_ctx = NULL;
2761 NTSTATUS status;
2762 struct netr_DsrGetDcSiteCoverageW r;
2763 struct DcSitesCtr *ctr = NULL;
2764 struct dcerpc_binding_handle *b = p->binding_handle;
2765
2766 torture_comment(tctx, "This does only pass with the default site\n");
2767
2768 /* We won't double-check this when we are over 'local' transports */
2769 if (dcerpc_server_name(p)) {
2770 /* Set up connection to SAMDB on DC */
2771 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2772 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2773 NULL,
2774 cmdline_credentials,
2775 0);
2776
2777 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2778 }
2779
2780 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2781 r.out.ctr = &ctr;
2782
2783 status = dcerpc_netr_DsrGetDcSiteCoverageW_r(b, tctx, &r);
2784 torture_assert_ntstatus_ok(tctx, status, "failed");
2785 torture_assert_werr_ok(tctx, r.out.result, "failed");
2786
2787 torture_assert(tctx, ctr->num_sites == 1,
2788 "we should per default only get the default site");
2789 if (sam_ctx != NULL) {
2790 torture_assert_casestr_equal(tctx, ctr->sites[0].string,
2791 server_site_name(tctx, sam_ctx),
2792 "didn't return default site");
2793 }
2794
2795 return true;
2796 }
2797
2798 static bool test_netr_DsRAddressToSitenamesW(struct torture_context *tctx,
2799 struct dcerpc_pipe *p)
2800 {
2801 char *url;
2802 struct ldb_context *sam_ctx = NULL;
2803 NTSTATUS status;
2804 struct netr_DsRAddressToSitenamesW r;
2805 struct netr_DsRAddress addrs[6];
2806 struct sockaddr_in *addr;
2807 #ifdef HAVE_IPV6
2808 struct sockaddr_in6 *addr6;
2809 #endif
2810 struct netr_DsRAddressToSitenamesWCtr *ctr;
2811 struct dcerpc_binding_handle *b = p->binding_handle;
2812 uint32_t i;
2813 int ret;
2814
2815 torture_comment(tctx, "This does only pass with the default site\n");
2816
2817 /* We won't double-check this when we are over 'local' transports */
2818 if (dcerpc_server_name(p)) {
2819 /* Set up connection to SAMDB on DC */
2820 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2821 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2822 NULL,
2823 cmdline_credentials,
2824 0);
2825
2826 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2827 }
2828
2829 /* First try valid IP addresses */
2830
2831 addrs[0].size = sizeof(struct sockaddr_in);
2832 addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
2833 addr = (struct sockaddr_in *) addrs[0].buffer;
2834 addrs[0].buffer[0] = AF_INET;
2835 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2836 torture_assert(tctx, ret > 0, "inet_pton failed");
2837
2838 addrs[1].size = sizeof(struct sockaddr_in);
2839 addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
2840 addr = (struct sockaddr_in *) addrs[1].buffer;
2841 addrs[1].buffer[0] = AF_INET;
2842 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2843 torture_assert(tctx, ret > 0, "inet_pton failed");
2844
2845 addrs[2].size = sizeof(struct sockaddr_in);
2846 addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
2847 addr = (struct sockaddr_in *) addrs[2].buffer;
2848 addrs[2].buffer[0] = AF_INET;
2849 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2850 torture_assert(tctx, ret > 0, "inet_pton failed");
2851
2852 #ifdef HAVE_IPV6
2853 addrs[3].size = sizeof(struct sockaddr_in6);
2854 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2855 addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
2856 addrs[3].buffer[0] = AF_INET6;
2857 ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
2858 torture_assert(tctx, ret > 0, "inet_pton failed");
2859
2860 addrs[4].size = sizeof(struct sockaddr_in6);
2861 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2862 addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
2863 addrs[4].buffer[0] = AF_INET6;
2864 ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
2865 torture_assert(tctx, ret > 0, "inet_pton failed");
2866
2867 addrs[5].size = sizeof(struct sockaddr_in6);
2868 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2869 addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
2870 addrs[5].buffer[0] = AF_INET6;
2871 ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
2872 torture_assert(tctx, ret > 0, "inet_pton failed");
2873 #else
2874 /* the test cases are repeated to have exactly 6. This is for
2875 * compatibility with IPv4-only machines */
2876 addrs[3].size = sizeof(struct sockaddr_in);
2877 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2878 addr = (struct sockaddr_in *) addrs[3].buffer;
2879 addrs[3].buffer[0] = AF_INET;
2880 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2881 torture_assert(tctx, ret > 0, "inet_pton failed");
2882
2883 addrs[4].size = sizeof(struct sockaddr_in);
2884 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2885 addr = (struct sockaddr_in *) addrs[4].buffer;
2886 addrs[4].buffer[0] = AF_INET;
2887 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2888 torture_assert(tctx, ret > 0, "inet_pton failed");
2889
2890 addrs[5].size = sizeof(struct sockaddr_in);
2891 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2892 addr = (struct sockaddr_in *) addrs[5].buffer;
2893 addrs[5].buffer[0] = AF_INET;
2894 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2895 torture_assert(tctx, ret > 0, "inet_pton failed");
2896 #endif
2897
2898 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesWCtr);
2899
2900 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2901 r.in.count = 6;
2902 r.in.addresses = addrs;
2903 r.out.ctr = &ctr;
2904
2905 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2906 torture_assert_ntstatus_ok(tctx, status, "failed");
2907 torture_assert_werr_ok(tctx, r.out.result, "failed");
2908
2909 if (sam_ctx != NULL) {
2910 for (i = 0; i < 3; i++) {
2911 torture_assert_casestr_equal(tctx,
2912 ctr->sitename[i].string,
2913 server_site_name(tctx, sam_ctx),
2914 "didn't return default site");
2915 }
2916 for (i = 3; i < 6; i++) {
2917 /* Windows returns "NULL" for the sitename if it isn't
2918 * IPv6 configured */
2919 if (torture_setting_bool(tctx, "samba4", false)) {
2920 torture_assert_casestr_equal(tctx,
2921 ctr->sitename[i].string,
2922 server_site_name(tctx, sam_ctx),
2923 "didn't return default site");
2924 }
2925 }
2926 }
2927
2928 /* Now try invalid ones (too short buffers) */
2929
2930 addrs[0].size = 0;
2931 addrs[1].size = 1;
2932 addrs[2].size = 4;
2933
2934 addrs[3].size = 0;
2935 addrs[4].size = 1;
2936 addrs[5].size = 4;
2937
2938 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2939 torture_assert_ntstatus_ok(tctx, status, "failed");
2940 torture_assert_werr_ok(tctx, r.out.result, "failed");
2941
2942 for (i = 0; i < 6; i++) {
2943 torture_assert(tctx, ctr->sitename[i].string == NULL,
2944 "sitename should be null");
2945 }
2946
2947 /* Now try invalid ones (wrong address types) */
2948
2949 addrs[0].size = 10;
2950 addrs[0].buffer[0] = AF_UNSPEC;
2951 addrs[1].size = 10;
2952 addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
2953 addrs[2].size = 10;
2954 addrs[2].buffer[0] = AF_UNIX;
2955
2956 addrs[3].size = 10;
2957 addrs[3].buffer[0] = 250;
2958 addrs[4].size = 10;
2959 addrs[4].buffer[0] = 251;
2960 addrs[5].size = 10;
2961 addrs[5].buffer[0] = 252;
2962
2963 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2964 torture_assert_ntstatus_ok(tctx, status, "failed");
2965 torture_assert_werr_ok(tctx, r.out.result, "failed");
2966
2967 for (i = 0; i < 6; i++) {
2968 torture_assert(tctx, ctr->sitename[i].string == NULL,
2969 "sitename should be null");
2970 }
2971
2972 return true;
2973 }
2974
2975 static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx,
2976 struct dcerpc_pipe *p)
2977 {
2978 char *url;
2979 struct ldb_context *sam_ctx = NULL;
2980 NTSTATUS status;
2981 struct netr_DsRAddressToSitenamesExW r;
2982 struct netr_DsRAddress addrs[6];
2983 struct sockaddr_in *addr;
2984 #ifdef HAVE_IPV6
2985 struct sockaddr_in6 *addr6;
2986 #endif
2987 struct netr_DsRAddressToSitenamesExWCtr *ctr;
2988 struct dcerpc_binding_handle *b = p->binding_handle;
2989 uint32_t i;
2990 int ret;
2991
2992 torture_comment(tctx, "This does pass with the default site\n");
2993
2994 /* We won't double-check this when we are over 'local' transports */
2995 if (dcerpc_server_name(p)) {
2996 /* Set up connection to SAMDB on DC */
2997 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2998 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2999 NULL,
3000 cmdline_credentials,
3001 0);
3002
3003 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
3004 }
3005
3006 /* First try valid IP addresses */
3007
3008 addrs[0].size = sizeof(struct sockaddr_in);
3009 addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
3010 addr = (struct sockaddr_in *) addrs[0].buffer;
3011 addrs[0].buffer[0] = AF_INET;
3012 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
3013 torture_assert(tctx, ret > 0, "inet_pton failed");
3014
3015 addrs[1].size = sizeof(struct sockaddr_in);
3016 addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
3017 addr = (struct sockaddr_in *) addrs[1].buffer;
3018 addrs[1].buffer[0] = AF_INET;
3019 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
3020 torture_assert(tctx, ret > 0, "inet_pton failed");
3021
3022 addrs[2].size = sizeof(struct sockaddr_in);
3023 addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
3024 addr = (struct sockaddr_in *) addrs[2].buffer;
3025 addrs[2].buffer[0] = AF_INET;
3026 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
3027 torture_assert(tctx, ret > 0, "inet_pton failed");
3028
3029 #ifdef HAVE_IPV6
3030 addrs[3].size = sizeof(struct sockaddr_in6);
3031 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
3032 addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
3033 addrs[3].buffer[0] = AF_INET6;
3034 ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
3035 torture_assert(tctx, ret > 0, "inet_pton failed");
3036
3037 addrs[4].size = sizeof(struct sockaddr_in6);
3038 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
3039 addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
3040 addrs[4].buffer[0] = AF_INET6;
3041 ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
3042 torture_assert(tctx, ret > 0, "inet_pton failed");
3043
3044 addrs[5].size = sizeof(struct sockaddr_in6);
3045 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
3046 addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
3047 addrs[5].buffer[0] = AF_INET6;
3048 ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
3049 torture_assert(tctx, ret > 0, "inet_pton failed");
3050 #else
3051 /* the test cases are repeated to have exactly 6. This is for
3052 * compatibility with IPv4-only machines */
3053 addrs[3].size = sizeof(struct sockaddr_in);
3054 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
3055 addr = (struct sockaddr_in *) addrs[3].buffer;
3056 addrs[3].buffer[0] = AF_INET;
3057 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
3058 torture_assert(tctx, ret > 0, "inet_pton failed");
3059
3060 addrs[4].size = sizeof(struct sockaddr_in);
3061 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
3062 addr = (struct sockaddr_in *) addrs[4].buffer;
3063 addrs[4].buffer[0] = AF_INET;
3064 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
3065 torture_assert(tctx, ret > 0, "inet_pton failed");
3066
3067 addrs[5].size = sizeof(struct sockaddr_in);
3068 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
3069 addr = (struct sockaddr_in *) addrs[5].buffer;
3070 addrs[5].buffer[0] = AF_INET;
3071 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
3072 torture_assert(tctx, ret > 0, "inet_pton failed");
3073 #endif
3074
3075 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesExWCtr);
3076
3077 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
3078 r.in.count = 6;
3079 r.in.addresses = addrs;
3080 r.out.ctr = &ctr;
3081
3082 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
3083 torture_assert_ntstatus_ok(tctx, status, "failed");
3084 torture_assert_werr_ok(tctx, r.out.result, "failed");
3085
3086 if (sam_ctx != NULL) {
3087 for (i = 0; i < 3; i++) {
3088 torture_assert_casestr_equal(tctx,
3089 ctr->sitename[i].string,
3090 server_site_name(tctx, sam_ctx),
3091 "didn't return default site");
3092 torture_assert(tctx, ctr->subnetname[i].string == NULL,
3093 "subnet should be null");
3094 }
3095 for (i = 3; i < 6; i++) {
3096 /* Windows returns "NULL" for the sitename if it isn't
3097 * IPv6 configured */
3098 if (torture_setting_bool(tctx, "samba4", false)) {
3099 torture_assert_casestr_equal(tctx,
3100 ctr->sitename[i].string,
3101 server_site_name(tctx, sam_ctx),
3102 "didn't return default site");
3103 }
3104 torture_assert(tctx, ctr->subnetname[i].string == NULL,
3105 "subnet should be null");
3106 }
3107 }
3108
3109 /* Now try invalid ones (too short buffers) */
3110
3111 addrs[0].size = 0;
3112 addrs[1].size = 1;
3113 addrs[2].size = 4;
3114
3115 addrs[3].size = 0;
3116 addrs[4].size = 1;
3117 addrs[5].size = 4;
3118
3119 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
3120 torture_assert_ntstatus_ok(tctx, status, "failed");
3121 torture_assert_werr_ok(tctx, r.out.result, "failed");
3122
3123 for (i = 0; i < 6; i++) {
3124 torture_assert(tctx, ctr->sitename[i].string == NULL,
3125 "sitename should be null");
3126 torture_assert(tctx, ctr->subnetname[i].string == NULL,
3127 "subnet should be null");
3128 }
3129
3130 addrs[0].size = 10;
3131 addrs[0].buffer[0] = AF_UNSPEC;
3132 addrs[1].size = 10;
3133 addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
3134 addrs[2].size = 10;
3135 addrs[2].buffer[0] = AF_UNIX;
3136
3137 addrs[3].size = 10;
3138 addrs[3].buffer[0] = 250;
3139 addrs[4].size = 10;
3140 addrs[4].buffer[0] = 251;
3141 addrs[5].size = 10;
3142 addrs[5].buffer[0] = 252;
3143
3144 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
3145 torture_assert_ntstatus_ok(tctx, status, "failed");
3146 torture_assert_werr_ok(tctx, r.out.result, "failed");
3147
3148 for (i = 0; i < 6; i++) {
3149 torture_assert(tctx, ctr->sitename[i].string == NULL,
3150 "sitename should be null");
3151 torture_assert(tctx, ctr->subnetname[i].string == NULL,
3152 "subnet should be null");
3153 }
3154
3155 return true;
3156 }
3157
3158 static bool test_netr_ServerGetTrustInfo_flags(struct torture_context *tctx,
3159 struct dcerpc_pipe *p,
3160 struct cli_credentials *machine_credentials,
3161 uint32_t negotiate_flags)
3162 {
3163 struct netr_ServerGetTrustInfo r;
3164
3165 struct netr_Authenticator a;
3166 struct netr_Authenticator return_authenticator;
3167 struct samr_Password new_owf_password;
3168 struct samr_Password old_owf_password;
3169 struct netr_TrustInfo *trust_info;
3170
3171 struct netlogon_creds_CredentialState *creds;
3172 struct dcerpc_binding_handle *b = p->binding_handle;
3173
3174 struct samr_Password nt_hash;
3175
3176 if (!test_SetupCredentials3(p, tctx, negotiate_flags,
3177 machine_credentials, &creds)) {
3178 return false;
3179 }
3180
3181 netlogon_creds_client_authenticator(creds, &a);
3182
3183 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
3184 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
3185 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
3186 r.in.computer_name = TEST_MACHINE_NAME;
3187 r.in.credential = &a;
3188
3189 r.out.return_authenticator = &return_authenticator;
3190 r.out.new_owf_password = &new_owf_password;
3191 r.out.old_owf_password = &old_owf_password;
3192 r.out.trust_info = &trust_info;
3193
3194 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerGetTrustInfo_r(b, tctx, &r),
3195 "ServerGetTrustInfo failed");
3196 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerGetTrustInfo failed");
3197 torture_assert(tctx, netlogon_creds_client_check(creds, &return_authenticator.cred), "Credential chaining failed");
3198
3199 E_md4hash(cli_credentials_get_password(machine_credentials), nt_hash.hash);
3200
3201 netlogon_creds_des_decrypt(creds, &new_owf_password);
3202
3203 dump_data(1, new_owf_password.hash, 16);
3204 dump_data(1, nt_hash.hash, 16);
3205
3206 torture_assert_mem_equal(tctx, new_owf_password.hash, nt_hash.hash, 16,
3207 "received unexpected owf password\n");
3208
3209 return true;
3210 }
3211
3212 static bool test_netr_ServerGetTrustInfo(struct torture_context *tctx,
3213 struct dcerpc_pipe *p,
3214 struct cli_credentials *machine_credentials)
3215 {
3216 return test_netr_ServerGetTrustInfo_flags(tctx, p, machine_credentials,
3217 NETLOGON_NEG_AUTH2_ADS_FLAGS);
3218 }
3219
3220 static bool test_netr_ServerGetTrustInfo_AES(struct torture_context *tctx,
3221 struct dcerpc_pipe *p,
3222 struct cli_credentials *machine_credentials)
3223 {
3224 return test_netr_ServerGetTrustInfo_flags(tctx, p, machine_credentials,
3225 NETLOGON_NEG_AUTH2_ADS_FLAGS | NETLOGON_NEG_SUPPORTS_AES);
3226 }
3227
3228 static bool test_GetDomainInfo(struct torture_context *tctx,
3229 struct dcerpc_pipe *p,
3230 struct cli_credentials *machine_credentials)
3231 {
3232 struct netr_LogonGetDomainInfo r;
3233 struct netr_WorkstationInformation q1;
3234 struct netr_Authenticator a;
3235 struct netlogon_creds_CredentialState *creds;
3236 struct netr_OsVersion os;
3237 union netr_WorkstationInfo query;
3238 union netr_DomainInfo info;
3239 const char* const attrs[] = { "dNSHostName", "operatingSystem",
3240 "operatingSystemServicePack", "operatingSystemVersion",
3241 "servicePrincipalName", NULL };
3242 char *url;
3243 struct ldb_context *sam_ctx = NULL;
3244 struct ldb_message **res;
3245 struct ldb_message_element *spn_el;
3246 int ret, i;
3247 char *version_str;
3248 const char *old_dnsname = NULL;
3249 char **spns = NULL;
3250 int num_spns = 0;
3251 char *temp_str;
3252 struct dcerpc_binding_handle *b = p->binding_handle;
3253
3254 torture_comment(tctx, "Testing netr_LogonGetDomainInfo\n");
3255
3256 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
3257 machine_credentials, &creds)) {
3258 return false;
3259 }
3260
3261 /* We won't double-check this when we are over 'local' transports */
3262 if (dcerpc_server_name(p)) {
3263 /* Set up connection to SAMDB on DC */
3264 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
3265 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
3266 NULL,
3267 cmdline_credentials,
3268 0);
3269
3270 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
3271 }
3272
3273 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 1st call (no variation of DNS hostname)\n");
3274 netlogon_creds_client_authenticator(creds, &a);
3275
3276 ZERO_STRUCT(r);
3277 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
3278 r.in.computer_name = TEST_MACHINE_NAME;
3279 r.in.credential = &a;
3280 r.in.level = 1;
3281 r.in.return_authenticator = &a;
3282 r.in.query = &query;
3283 r.out.return_authenticator = &a;
3284 r.out.info = &info;
3285
3286 ZERO_STRUCT(os);
3287 os.os.MajorVersion = 123;
3288 os.os.MinorVersion = 456;
3289 os.os.BuildNumber = 789;
3290 os.os.CSDVersion = "Service Pack 10";
3291 os.os.ServicePackMajor = 10;
3292 os.os.ServicePackMinor = 1;
3293 os.os.SuiteMask = NETR_VER_SUITE_SINGLEUSERTS;
3294 os.os.ProductType = NETR_VER_NT_SERVER;
3295 os.os.Reserved = 0;
3296
3297 version_str = talloc_asprintf(tctx, "%d.%d (%d)", os.os.MajorVersion,
3298 os.os.MinorVersion, os.os.BuildNumber);
3299
3300 ZERO_STRUCT(q1);
3301 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3302 lpcfg_dnsdomain(tctx->lp_ctx));
3303 q1.sitename = "Default-First-Site-Name";
3304 q1.os_version.os = &os;
3305 q1.os_name.string = talloc_asprintf(tctx,
3306 "Tortured by Samba4 RPC-NETLOGON: %s",
3307 timestring(tctx, time(NULL)));
3308
3309 /* The workstation handles the "servicePrincipalName" and DNS hostname
3310 updates */
3311 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
3312
3313 query.workstation_info = &q1;
3314
3315 if (sam_ctx) {
3316 /* Gets back the old DNS hostname in AD */
3317 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3318 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3319 old_dnsname =
3320 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL);
3321
3322 /* Gets back the "servicePrincipalName"s in AD */
3323 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3324 if (spn_el != NULL) {
3325 for (i=0; i < spn_el->num_values; i++) {
3326 spns = talloc_realloc(tctx, spns, char *, i + 1);
3327 spns[i] = (char *) spn_el->values[i].data;
3328 }
3329 num_spns = i;
3330 }
3331 }
3332
3333 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3334 "LogonGetDomainInfo failed");
3335 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3336 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3337
3338 smb_msleep(250);
3339
3340 if (sam_ctx) {
3341 /* AD workstation infos entry check */
3342 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3343 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3344 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
3345 torture_assert_str_equal(tctx,
3346 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
3347 q1.os_name.string, "'operatingSystem' wrong!");
3348 torture_assert_str_equal(tctx,
3349 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL),
3350 os.os.CSDVersion, "'operatingSystemServicePack' wrong!");
3351 torture_assert_str_equal(tctx,
3352 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL),
3353 version_str, "'operatingSystemVersion' wrong!");
3354
3355 if (old_dnsname != NULL) {
3356 /* If before a DNS hostname was set then it should remain
3357 the same in combination with the "servicePrincipalName"s.
3358 The DNS hostname should also be returned by our
3359 "LogonGetDomainInfo" call (in the domain info structure). */
3360
3361 torture_assert_str_equal(tctx,
3362 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
3363 old_dnsname, "'DNS hostname' was not set!");
3364
3365 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3366 torture_assert(tctx, ((spns != NULL) && (spn_el != NULL)),
3367 "'servicePrincipalName's not set!");
3368 torture_assert(tctx, spn_el->num_values == num_spns,
3369 "'servicePrincipalName's incorrect!");
3370 for (i=0; (i < spn_el->num_values) && (i < num_spns); i++)
3371 torture_assert_str_equal(tctx,
3372 (char *) spn_el->values[i].data,
3373 spns[i], "'servicePrincipalName's incorrect!");
3374
3375 torture_assert_str_equal(tctx,
3376 info.domain_info->dns_hostname.string,
3377 old_dnsname,
3378 "Out 'DNS hostname' doesn't match the old one!");
3379 } else {
3380 /* If no DNS hostname was set then also now none should be set,
3381 the "servicePrincipalName"s should remain empty and no DNS
3382 hostname should be returned by our "LogonGetDomainInfo"
3383 call (in the domain info structure). */
3384
3385 torture_assert(tctx,
3386 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL) == NULL,
3387 "'DNS hostname' was set!");
3388
3389 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3390 torture_assert(tctx, ((spns == NULL) && (spn_el == NULL)),
3391 "'servicePrincipalName's were set!");
3392
3393 torture_assert(tctx,
3394 info.domain_info->dns_hostname.string == NULL,
3395 "Out 'DNS host name' was set!");
3396 }
3397 }
3398
3399 /* Checks "workstation flags" */
3400 torture_assert(tctx,
3401 info.domain_info->workstation_flags
3402 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3403 "Out 'workstation flags' don't match!");
3404
3405
3406 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 2nd call (variation of DNS hostname doesn't work)\n");
3407 netlogon_creds_client_authenticator(creds, &a);
3408
3409 /* Wipe out the osVersion, and prove which values still 'stick' */
3410 q1.os_version.os = NULL;
3411
3412 /* Change also the DNS hostname to test differences in behaviour */
3413 talloc_free(discard_const_p(char, q1.dns_hostname));
3414 q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
3415 lpcfg_dnsdomain(tctx->lp_ctx));
3416
3417 /* The workstation handles the "servicePrincipalName" and DNS hostname
3418 updates */
3419 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
3420
3421 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3422 "LogonGetDomainInfo failed");
3423 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3424
3425 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3426
3427 smb_msleep(250);
3428
3429 if (sam_ctx) {
3430 /* AD workstation infos entry check */
3431 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3432 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3433 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
3434
3435 torture_assert_str_equal(tctx,
3436 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
3437 q1.os_name.string, "'operatingSystem' should stick!");
3438 torture_assert(tctx,
3439 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
3440 "'operatingSystemServicePack' shouldn't stick!");
3441 torture_assert(tctx,
3442 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
3443 "'operatingSystemVersion' shouldn't stick!");
3444
3445 /* The DNS host name shouldn't have been updated by the server */
3446
3447 torture_assert_str_equal(tctx,
3448 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
3449 old_dnsname, "'DNS host name' did change!");
3450
3451 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
3452 updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
3453 3.5.4.3.9 */
3454 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3455 torture_assert(tctx, spn_el != NULL,
3456 "There should exist 'servicePrincipalName's in AD!");
3457 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
3458 for (i=0; i < spn_el->num_values; i++)
3459 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3460 break;
3461 torture_assert(tctx, i != spn_el->num_values,
3462 "'servicePrincipalName' HOST/<Netbios name> not found!");
3463 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
3464 for (i=0; i < spn_el->num_values; i++)
3465 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3466 break;
3467 torture_assert(tctx, i != spn_el->num_values,
3468 "'servicePrincipalName' HOST/<FQDN name> not found!");
3469
3470 /* Check that the out DNS hostname was set properly */
3471 torture_assert_str_equal(tctx, info.domain_info->dns_hostname.string,
3472 old_dnsname, "Out 'DNS hostname' doesn't match the old one!");
3473 }
3474
3475 /* Checks "workstation flags" */
3476 torture_assert(tctx,
3477 info.domain_info->workstation_flags == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3478 "Out 'workstation flags' don't match!");
3479
3480
3481 /* Now try the same but the workstation flags set to 0 */
3482
3483 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 3rd call (variation of DNS hostname doesn't work)\n");
3484 netlogon_creds_client_authenticator(creds, &a);
3485
3486 /* Change also the DNS hostname to test differences in behaviour */
3487 talloc_free(discard_const_p(char, q1.dns_hostname));
3488 q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
3489 lpcfg_dnsdomain(tctx->lp_ctx));
3490
3491 /* Wipe out the osVersion, and prove which values still 'stick' */
3492 q1.os_version.os = NULL;
3493
3494 /* Let the DC handle the "servicePrincipalName" and DNS hostname
3495 updates */
3496 q1.workstation_flags = 0;
3497
3498 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3499 "LogonGetDomainInfo failed");
3500 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3501 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3502
3503 smb_msleep(250);
3504
3505 if (sam_ctx) {
3506 /* AD workstation infos entry check */
3507 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3508 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3509 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
3510
3511 torture_assert_str_equal(tctx,
3512 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
3513 q1.os_name.string, "'operatingSystem' should stick!");
3514 torture_assert(tctx,
3515 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
3516 "'operatingSystemServicePack' shouldn't stick!");
3517 torture_assert(tctx,
3518 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
3519 "'operatingSystemVersion' shouldn't stick!");
3520
3521 /* The DNS host name shouldn't have been updated by the server */
3522
3523 torture_assert_str_equal(tctx,
3524 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
3525 old_dnsname, "'DNS host name' did change!");
3526
3527 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
3528 updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
3529 3.5.4.3.9 */
3530 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3531 torture_assert(tctx, spn_el != NULL,
3532 "There should exist 'servicePrincipalName's in AD!");
3533 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
3534 for (i=0; i < spn_el->num_values; i++)
3535 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3536 break;
3537 torture_assert(tctx, i != spn_el->num_values,
3538 "'servicePrincipalName' HOST/<Netbios name> not found!");
3539 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
3540 for (i=0; i < spn_el->num_values; i++)
3541 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3542 break;
3543 torture_assert(tctx, i != spn_el->num_values,
3544 "'servicePrincipalName' HOST/<FQDN name> not found!");
3545
3546 /* Here the server gives us NULL as the out DNS hostname */
3547 torture_assert(tctx, info.domain_info->dns_hostname.string == NULL,
3548 "Out 'DNS hostname' should be NULL!");
3549 }
3550
3551 /* Checks "workstation flags" */
3552 torture_assert(tctx,
3553 info.domain_info->workstation_flags == 0,
3554 "Out 'workstation flags' don't match!");
3555
3556
3557 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 4th call (verification of DNS hostname and check for trusted domains)\n");
3558 netlogon_creds_client_authenticator(creds, &a);
3559
3560 /* Put the DNS hostname back */
3561 talloc_free(discard_const_p(char, q1.dns_hostname));
3562 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3563 lpcfg_dnsdomain(tctx->lp_ctx));
3564
3565 /* The workstation handles the "servicePrincipalName" and DNS hostname
3566 updates */
3567 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
3568
3569 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3570 "LogonGetDomainInfo failed");
3571 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3572 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3573
3574 smb_msleep(250);
3575
3576 /* Now the in/out DNS hostnames should be the same */
3577 torture_assert_str_equal(tctx,
3578 info.domain_info->dns_hostname.string,
3579 query.workstation_info->dns_hostname,
3580 "In/Out 'DNS hostnames' don't match!");
3581 old_dnsname = info.domain_info->dns_hostname.string;
3582
3583 /* Checks "workstation flags" */
3584 torture_assert(tctx,
3585 info.domain_info->workstation_flags
3586 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3587 "Out 'workstation flags' don't match!");
3588
3589 /* Checks for trusted domains */
3590 torture_assert(tctx,
3591 (info.domain_info->trusted_domain_count != 0)
3592 && (info.domain_info->trusted_domains != NULL),
3593 "Trusted domains have been requested!");
3594
3595
3596 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 5th call (check for trusted domains)\n");
3597 netlogon_creds_client_authenticator(creds, &a);
3598
3599 /* The workstation handles the "servicePrincipalName" and DNS hostname
3600 updates and requests inbound trusts */
3601 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE
3602 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS;
3603
3604 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3605 "LogonGetDomainInfo failed");
3606 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3607 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3608
3609 smb_msleep(250);
3610
3611 /* Checks "workstation flags" */
3612 torture_assert(tctx,
3613 info.domain_info->workstation_flags
3614 == (NETR_WS_FLAG_HANDLES_SPN_UPDATE
3615 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS),
3616 "Out 'workstation flags' don't match!");
3617
3618 /* Checks for trusted domains */
3619 torture_assert(tctx,
3620 (info.domain_info->trusted_domain_count != 0)
3621 && (info.domain_info->trusted_domains != NULL),
3622 "Trusted domains have been requested!");
3623
3624
3625 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 6th call (no DNS hostname)\n");
3626 netlogon_creds_client_authenticator(creds, &a);
3627
3628 query.workstation_info->dns_hostname = NULL;
3629
3630 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3631 "LogonGetDomainInfo failed");
3632 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3633 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3634
3635 /* The old DNS hostname should stick */
3636 torture_assert_str_equal(tctx,
3637 info.domain_info->dns_hostname.string,
3638 old_dnsname,
3639 "'DNS hostname' changed!");
3640
3641 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 7th call (extra workstation flags)\n");
3642 netlogon_creds_client_authenticator(creds, &a);
3643
3644 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE
3645 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS | 0x4;
3646
3647 /* Put the DNS hostname back */
3648 talloc_free(discard_const_p(char, q1.dns_hostname));
3649 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3650 lpcfg_dnsdomain(tctx->lp_ctx));
3651
3652 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3653 "LogonGetDomainInfo failed");
3654 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3655 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3656
3657 /* Checks "workstation flags" */
3658 torture_assert(tctx,
3659 info.domain_info->workstation_flags
3660 == (NETR_WS_FLAG_HANDLES_SPN_UPDATE
3661 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS),
3662 "Out 'workstation flags' don't match!");
3663
3664 if (!torture_setting_bool(tctx, "dangerous", false)) {
3665 torture_comment(tctx, "Not testing netr_LogonGetDomainInfo 8th call (no workstation info) - enable dangerous tests in order to do so\n");
3666 } else {
3667 /* Try a call without the workstation information structure */
3668
3669 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 8th call (no workstation info)\n");
3670 netlogon_creds_client_authenticator(creds, &a);
3671
3672 query.workstation_info = NULL;
3673
3674 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3675 "LogonGetDomainInfo failed");
3676 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3677 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3678 }
3679
3680 return true;
3681 }
3682
3683 static bool test_GetDomainInfo_async(struct torture_context *tctx,
3684 struct dcerpc_pipe *p,
3685 struct cli_credentials *machine_credentials)
3686 {
3687 NTSTATUS status;
3688 struct netr_LogonGetDomainInfo r;
3689 struct netr_WorkstationInformation q1;
3690 struct netr_Authenticator a;
3691 #define ASYNC_COUNT 100
3692 struct netlogon_creds_CredentialState *creds;
3693 struct netlogon_creds_CredentialState *creds_async[ASYNC_COUNT];
3694 struct tevent_req *req[ASYNC_COUNT];
3695 int i;
3696 union netr_WorkstationInfo query;
3697 union netr_DomainInfo info;
3698
3699 torture_comment(tctx, "Testing netr_LogonGetDomainInfo - async count %d\n", ASYNC_COUNT);
3700
3701 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
3702 machine_credentials, &creds)) {
3703 return false;
3704 }
3705
3706 ZERO_STRUCT(r);
3707 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
3708 r.in.computer_name = TEST_MACHINE_NAME;
3709 r.in.credential = &a;
3710 r.in.level = 1;
3711 r.in.return_authenticator = &a;
3712 r.in.query = &query;
3713 r.out.return_authenticator = &a;
3714 r.out.info = &info;
3715
3716 ZERO_STRUCT(q1);
3717 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3718 lpcfg_dnsdomain(tctx->lp_ctx));
3719 q1.sitename = "Default-First-Site-Name";
3720 q1.os_name.string = "UNIX/Linux or similar";
3721
3722 query.workstation_info = &q1;
3723
3724 for (i=0;i<ASYNC_COUNT;i++) {
3725 netlogon_creds_client_authenticator(creds, &a);
3726
3727 creds_async[i] = (struct netlogon_creds_CredentialState *)talloc_memdup(creds, creds, sizeof(*creds));
3728 req[i] = dcerpc_netr_LogonGetDomainInfo_r_send(tctx, tctx->ev, p->binding_handle, &r);
3729
3730 /* even with this flush per request a w2k3 server seems to
3731 clag with multiple outstanding requests. bleergh. */
3732 torture_assert_int_equal(tctx, tevent_loop_once(dcerpc_event_context(p)), 0,
3733 "tevent_loop_once failed");
3734 }
3735
3736 for (i=0;i<ASYNC_COUNT;i++) {
3737 torture_assert_int_equal(tctx, tevent_req_poll(req[i], tctx->ev), true,
3738 "tevent_req_poll() failed");
3739
3740 status = dcerpc_netr_LogonGetDomainInfo_r_recv(req[i], tctx);
3741
3742 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo_async");
3743 torture_assert_ntstatus_ok(tctx, r.out.result, "netr_LogonGetDomainInfo_async");
3744
3745 torture_assert(tctx, netlogon_creds_client_check(creds_async[i], &a.cred),
3746 "Credential chaining failed at async");
3747 }
3748
3749 torture_comment(tctx,
3750 "Testing netr_LogonGetDomainInfo - async count %d OK\n", ASYNC_COUNT);
3751
3752 return true;
3753 }
3754
3755 static bool test_ManyGetDCName(struct torture_context *tctx,
3756 struct dcerpc_pipe *p)
3757 {
3758 NTSTATUS status;
3759 struct dcerpc_pipe *p2;
3760 struct lsa_ObjectAttribute attr;
3761 struct lsa_QosInfo qos;
3762 struct lsa_OpenPolicy2 o;
3763 struct policy_handle lsa_handle;
3764 struct lsa_DomainList domains;
3765
3766 struct lsa_EnumTrustDom t;
3767 uint32_t resume_handle = 0;
3768 struct netr_GetAnyDCName d;
3769 const char *dcname = NULL;
3770 struct dcerpc_binding_handle *b = p->binding_handle;
3771 struct dcerpc_binding_handle *b2;
3772
3773 int i;
3774
3775 if (p->conn->transport.transport != NCACN_NP) {
3776 return true;
3777 }
3778
3779 torture_comment(tctx, "Torturing GetDCName\n");
3780
3781 status = dcerpc_secondary_connection(p, &p2, p->binding);
3782 torture_assert_ntstatus_ok(tctx, status, "Failed to create secondary connection");
3783
3784 status = dcerpc_bind_auth_none(p2, &ndr_table_lsarpc);
3785 torture_assert_ntstatus_ok(tctx, status, "Failed to create bind on secondary connection");
3786 b2 = p2->binding_handle;
3787
3788 qos.len = 0;
3789 qos.impersonation_level = 2;
3790 qos.context_mode = 1;
3791 qos.effective_only = 0;
3792
3793 attr.len = 0;
3794 attr.root_dir = NULL;
3795 attr.object_name = NULL;
3796 attr.attributes = 0;
3797 attr.sec_desc = NULL;
3798 attr.sec_qos = &qos;
3799
3800 o.in.system_name = "\\";
3801 o.in.attr = &attr;
3802 o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3803 o.out.handle = &lsa_handle;
3804
3805 torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenPolicy2_r(b2, tctx, &o),
3806 "OpenPolicy2 failed");
3807 torture_assert_ntstatus_ok(tctx, o.out.result, "OpenPolicy2 failed");
3808
3809 t.in.handle = &lsa_handle;
3810 t.in.resume_handle = &resume_handle;
3811 t.in.max_size = 1000;
3812 t.out.domains = &domains;
3813 t.out.resume_handle = &resume_handle;
3814
3815 torture_assert_ntstatus_ok(tctx, dcerpc_lsa_EnumTrustDom_r(b2, tctx, &t),
3816 "EnumTrustDom failed");
3817
3818 if ((!NT_STATUS_IS_OK(t.out.result) &&
3819 (!NT_STATUS_EQUAL(t.out.result, NT_STATUS_NO_MORE_ENTRIES))))
3820 torture_fail(tctx, "Could not list domains");
3821
3822 talloc_free(p2);
3823
3824 d.in.logon_server = talloc_asprintf(tctx, "\\\\%s",
3825 dcerpc_server_name(p));
3826 d.out.dcname = &dcname;
3827
3828 for (i=0; i<domains.count * 4; i++) {
3829 struct lsa_DomainInfo *info =
3830 &domains.domains[rand()%domains.count];
3831
3832 d.in.domainname = info->name.string;
3833
3834 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &d);
3835 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
3836
3837 torture_comment(tctx, "\tDC for domain %s is %s\n", info->name.string,
3838 dcname ? dcname : "unknown");
3839 }
3840
3841 return true;
3842 }
3843
3844 static bool test_SetPassword_with_flags(struct torture_context *tctx,
3845 struct dcerpc_pipe *p,
3846 struct cli_credentials *machine_credentials)
3847 {
3848 uint32_t flags[] = { 0, NETLOGON_NEG_STRONG_KEYS };
3849 struct netlogon_creds_CredentialState *creds;
3850 int i;
3851
3852 if (!test_SetupCredentials2(p, tctx, 0,
3853 machine_credentials,
3854 cli_credentials_get_secure_channel_type(machine_credentials),
3855 &creds)) {
3856 torture_skip(tctx, "DC does not support negotiation of 64bit session keys");
3857 }
3858
3859 for (i=0; i < ARRAY_SIZE(flags); i++) {
3860 torture_assert(tctx,
3861 test_SetPassword_flags(tctx, p, machine_credentials, flags[i]),
3862 talloc_asprintf(tctx, "failed to test SetPassword negotiating with 0x%08x flags", flags[i]));
3863 }
3864
3865 return true;
3866 }
3867
3868 struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx)
3869 {
3870 struct torture_suite *suite = torture_suite_create(mem_ctx, "netlogon");
3871 struct torture_rpc_tcase *tcase;
3872 struct torture_test *test;
3873
3874 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3875 &ndr_table_netlogon, TEST_MACHINE_NAME);
3876
3877 torture_rpc_tcase_add_test(tcase, "Broken RPC binding handle",
3878 test_netr_broken_binding_handle);
3879
3880 torture_rpc_tcase_add_test(tcase, "LogonUasLogon", test_LogonUasLogon);
3881 torture_rpc_tcase_add_test(tcase, "LogonUasLogoff", test_LogonUasLogoff);
3882 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
3883 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
3884 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
3885 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2_AES", test_SetPassword2_AES);
3886 torture_rpc_tcase_add_test_creds(tcase, "GetPassword", test_GetPassword);
3887 torture_rpc_tcase_add_test_creds(tcase, "GetTrustPasswords", test_GetTrustPasswords);
3888 torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo", test_GetDomainInfo);
3889 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync", test_DatabaseSync);
3890 torture_rpc_tcase_add_test_creds(tcase, "DatabaseDeltas", test_DatabaseDeltas);
3891 torture_rpc_tcase_add_test_creds(tcase, "DatabaseRedo", test_DatabaseRedo);
3892 torture_rpc_tcase_add_test_creds(tcase, "AccountDeltas", test_AccountDeltas);
3893 torture_rpc_tcase_add_test_creds(tcase, "AccountSync", test_AccountSync);
3894 torture_rpc_tcase_add_test(tcase, "GetDcName", test_GetDcName);
3895 torture_rpc_tcase_add_test(tcase, "ManyGetDCName", test_ManyGetDCName);
3896 torture_rpc_tcase_add_test(tcase, "GetAnyDCName", test_GetAnyDCName);
3897 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync2", test_DatabaseSync2);
3898 torture_rpc_tcase_add_test(tcase, "DsrEnumerateDomainTrusts", test_DsrEnumerateDomainTrusts);
3899 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
3900 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomainsEx", test_netr_NetrEnumerateTrustedDomainsEx);
3901 test = torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo_async", test_GetDomainInfo_async);
3902 test->dangerous = true;
3903 torture_rpc_tcase_add_test(tcase, "DsRGetDCName", test_netr_DsRGetDCName);
3904 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx", test_netr_DsRGetDCNameEx);
3905 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx2", test_netr_DsRGetDCNameEx2);
3906 torture_rpc_tcase_add_test(tcase, "DsrGetDcSiteCoverageW", test_netr_DsrGetDcSiteCoverageW);
3907 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesW", test_netr_DsRAddressToSitenamesW);
3908 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesExW", test_netr_DsRAddressToSitenamesExW);
3909 torture_rpc_tcase_add_test_creds(tcase, "ServerGetTrustInfo", test_netr_ServerGetTrustInfo);
3910 torture_rpc_tcase_add_test_creds(tcase, "ServerGetTrustInfo_AES", test_netr_ServerGetTrustInfo_AES);
3911 torture_rpc_tcase_add_test_creds(tcase, "GetForestTrustInformation", test_netr_GetForestTrustInformation);
3912
3913 return suite;
3914 }
3915
3916 struct torture_suite *torture_rpc_netlogon_s3(TALLOC_CTX *mem_ctx)
3917 {
3918 struct torture_suite *suite = torture_suite_create(mem_ctx, "netlogon-s3");
3919 struct torture_rpc_tcase *tcase;
3920
3921 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3922 &ndr_table_netlogon, TEST_MACHINE_NAME);
3923
3924 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
3925 torture_rpc_tcase_add_test_creds(tcase, "SamLogon_NULL_domain", test_SamLogon_NULL_domain);
3926 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
3927 torture_rpc_tcase_add_test_creds(tcase, "SetPassword_with_flags", test_SetPassword_with_flags);
3928 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
3929 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2_AES", test_SetPassword2_AES);
3930 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
3931
3932 return suite;
3933 }
3934
3935 struct torture_suite *torture_rpc_netlogon_admin(TALLOC_CTX *mem_ctx)
3936 {
3937 struct torture_suite *suite = torture_suite_create(mem_ctx, "netlogon.admin");
3938 struct torture_rpc_tcase *tcase;
3939
3940 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3941 &ndr_table_netlogon, TEST_MACHINE_NAME);
3942 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3943 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3944 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3945
3946 tcase = torture_suite_add_machine_workstation_rpc_iface_tcase(suite, "netlogon",
3947 &ndr_table_netlogon, TEST_MACHINE_NAME);
3948 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3949 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3950 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3951
3952 tcase = torture_suite_add_rpc_iface_tcase(suite, "netlogon",
3953 &ndr_table_netlogon);
3954 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3955 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3956 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3957
3958 return suite;
3959 }