2 Unix SMB/CIFS implementation.
3 test suite for eventlog rpc operations
5 Copyright (C) Tim Potter 2003,2005
6 Copyright (C) Jelmer Vernooij 2004
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "torture/torture.h"
25 #include "librpc/gen_ndr/ndr_eventlog.h"
26 #include "librpc/gen_ndr/ndr_eventlog_c.h"
27 #include "librpc/gen_ndr/ndr_lsa.h"
28 #include "torture/rpc/rpc.h"
30 static void init_lsa_String(struct lsa_String
*name
, const char *s
)
33 name
->length
= 2*strlen_m(s
);
34 name
->size
= name
->length
;
37 static bool get_policy_handle(struct torture_context
*tctx
,
38 struct dcerpc_pipe
*p
,
39 struct policy_handle
*handle
)
41 struct eventlog_OpenEventLogW r
;
42 struct eventlog_OpenUnknown0 unknown0
;
44 unknown0
.unknown0
= 0x005c;
45 unknown0
.unknown1
= 0x0001;
47 r
.in
.unknown0
= &unknown0
;
48 init_lsa_String(&r
.in
.logname
, "dns server");
49 init_lsa_String(&r
.in
.servername
, NULL
);
50 r
.in
.unknown2
= 0x00000001;
51 r
.in
.unknown3
= 0x00000001;
52 r
.out
.handle
= handle
;
54 torture_assert_ntstatus_ok(tctx
,
55 dcerpc_eventlog_OpenEventLogW(p
, tctx
, &r
),
56 "OpenEventLog failed");
58 torture_assert_ntstatus_ok(tctx
, r
.out
.result
, "OpenEventLog failed");
65 static bool test_GetNumRecords(struct torture_context
*tctx
, struct dcerpc_pipe
*p
)
67 struct eventlog_GetNumRecords r
;
68 struct eventlog_CloseEventLog cr
;
69 struct policy_handle handle
;
71 if (!get_policy_handle(tctx
, p
, &handle
))
74 r
.in
.handle
= &handle
;
76 torture_assert_ntstatus_ok(tctx
,
77 dcerpc_eventlog_GetNumRecords(p
, tctx
, &r
),
78 "GetNumRecords failed");
80 torture_comment(tctx
, "%d records\n", *r
.out
.number
);
82 cr
.in
.handle
= cr
.out
.handle
= &handle
;
84 torture_assert_ntstatus_ok(tctx
,
85 dcerpc_eventlog_CloseEventLog(p
, tctx
, &cr
),
86 "CloseEventLog failed");
90 static bool test_ReadEventLog(struct torture_context
*tctx
,
91 struct dcerpc_pipe
*p
)
94 struct eventlog_ReadEventLogW r
;
95 struct eventlog_CloseEventLog cr
;
96 struct policy_handle handle
;
98 if (!get_policy_handle(tctx
, p
, &handle
))
102 r
.in
.handle
= &handle
;
103 r
.in
.flags
= EVENTLOG_BACKWARDS_READ
|EVENTLOG_SEQUENTIAL_READ
;
107 struct eventlog_Record rec
;
108 struct ndr_pull
*ndr
;
110 /* Read first for number of bytes in record */
112 r
.in
.number_of_bytes
= 0;
115 status
= dcerpc_eventlog_ReadEventLogW(p
, tctx
, &r
);
117 if (NT_STATUS_EQUAL(r
.out
.result
, NT_STATUS_END_OF_FILE
)) {
121 torture_assert_ntstatus_ok(tctx
, status
, "ReadEventLog failed");
123 torture_assert_ntstatus_equal(tctx
, r
.out
.result
, NT_STATUS_BUFFER_TOO_SMALL
,
124 "ReadEventLog failed");
126 /* Now read the actual record */
128 r
.in
.number_of_bytes
= *r
.out
.real_size
;
129 r
.out
.data
= talloc_size(tctx
, r
.in
.number_of_bytes
);
131 status
= dcerpc_eventlog_ReadEventLogW(p
, tctx
, &r
);
133 torture_assert_ntstatus_ok(tctx
, status
, "ReadEventLog failed");
135 /* Decode a user-marshalled record */
137 blob
.length
= *r
.out
.sent_size
;
138 blob
.data
= talloc_steal(tctx
, r
.out
.data
);
140 ndr
= ndr_pull_init_blob(&blob
, tctx
);
142 status
= ndr_pull_eventlog_Record(
143 ndr
, NDR_SCALARS
|NDR_BUFFERS
, &rec
);
145 NDR_PRINT_DEBUG(eventlog_Record
, &rec
);
147 torture_assert_ntstatus_ok(tctx
, status
,
148 "ReadEventLog failed parsing event log record");
153 cr
.in
.handle
= cr
.out
.handle
= &handle
;
155 torture_assert_ntstatus_ok(tctx
,
156 dcerpc_eventlog_CloseEventLog(p
, tctx
, &cr
),
157 "CloseEventLog failed");
162 static bool test_FlushEventLog(struct torture_context
*tctx
,
163 struct dcerpc_pipe
*p
)
165 struct eventlog_FlushEventLog r
;
166 struct eventlog_CloseEventLog cr
;
167 struct policy_handle handle
;
169 if (!get_policy_handle(tctx
, p
, &handle
))
172 r
.in
.handle
= &handle
;
174 /* Huh? Does this RPC always return access denied? */
175 torture_assert_ntstatus_equal(tctx
,
176 dcerpc_eventlog_FlushEventLog(p
, tctx
, &r
),
177 NT_STATUS_ACCESS_DENIED
,
178 "FlushEventLog failed");
180 cr
.in
.handle
= cr
.out
.handle
= &handle
;
182 torture_assert_ntstatus_ok(tctx
,
183 dcerpc_eventlog_CloseEventLog(p
, tctx
, &cr
),
184 "CloseEventLog failed");
189 static bool test_ClearEventLog(struct torture_context
*tctx
,
190 struct dcerpc_pipe
*p
)
192 struct eventlog_ClearEventLogW r
;
193 struct eventlog_CloseEventLog cr
;
194 struct policy_handle handle
;
196 if (!torture_setting_bool(tctx
, "dangerous", false)) {
197 torture_skip(tctx
, "ClearEventLog test disabled - enable dangerous tests to use");
200 if (!get_policy_handle(tctx
, p
, &handle
))
203 r
.in
.handle
= &handle
;
206 torture_assert_ntstatus_ok(tctx
,
207 dcerpc_eventlog_ClearEventLogW(p
, tctx
, &r
),
208 "ClearEventLog failed");
210 cr
.in
.handle
= cr
.out
.handle
= &handle
;
212 torture_assert_ntstatus_ok(tctx
,
213 dcerpc_eventlog_CloseEventLog(p
, tctx
, &cr
),
214 "CloseEventLog failed");
219 static bool test_OpenEventLog(struct torture_context
*tctx
,
220 struct dcerpc_pipe
*p
)
222 struct policy_handle handle
;
223 struct eventlog_CloseEventLog cr
;
225 if (!get_policy_handle(tctx
, p
, &handle
))
228 cr
.in
.handle
= cr
.out
.handle
= &handle
;
230 torture_assert_ntstatus_ok(tctx
,
231 dcerpc_eventlog_CloseEventLog(p
, tctx
, &cr
),
232 "CloseEventLog failed");
237 struct torture_suite
*torture_rpc_eventlog(void)
239 struct torture_suite
*suite
;
240 struct torture_tcase
*tcase
;
242 suite
= torture_suite_create(talloc_autofree_context(), "EVENTLOG");
243 tcase
= torture_suite_add_rpc_iface_tcase(suite
, "eventlog",
244 &dcerpc_table_eventlog
);
246 torture_rpc_tcase_add_test(tcase
, "OpenEventLog", test_OpenEventLog
);
247 torture_rpc_tcase_add_test(tcase
, "ClearEventLog", test_ClearEventLog
);
248 torture_rpc_tcase_add_test(tcase
, "GetNumRecords", test_GetNumRecords
);
249 torture_rpc_tcase_add_test(tcase
, "ReadEventLog", test_ReadEventLog
);
250 torture_rpc_tcase_add_test(tcase
, "FlushEventLog", test_FlushEventLog
);