search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
CVE-2021-3738 s4:torture/drsuapi: maintain priv->dc_credentials
[Samba.git] / source4 / torture / rpc / drsuapi.c
blob1cd595e5d8e9a40308cab46471eed9e06eda0f72
1 /*
2 Unix SMB/CIFS implementation.
3
4 DRSUapi tests
5
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Stefan (metze) Metzmacher 2004
8 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005-2006
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
26 #include "torture/rpc/torture_rpc.h"
27 #include "param/param.h"
28
29 #define TEST_MACHINE_NAME "torturetest"
30
31 static bool test_DsBind(struct dcerpc_pipe *p,
32 struct torture_context *tctx,
33 struct policy_handle *bind_handle,
34 struct drsuapi_DsBindInfo28 *srv_info28)
35 {
36 NTSTATUS status;
37 struct drsuapi_DsBind r;
38 struct GUID bind_guid;
39 struct drsuapi_DsBindInfo28 *bind_info28;
40 struct drsuapi_DsBindInfoCtr bind_info_ctr;
41
42 ZERO_STRUCT(bind_info_ctr);
43 bind_info_ctr.length = 28;
44
45 bind_info28 = &bind_info_ctr.info.info28;
46 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_BASE;
47 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION;
48 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI;
49 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2;
50 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS;
51 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1;
52 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION;
53 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE;
54 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2;
55 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION;
56 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2;
57 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD;
58 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND;
59 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO;
60 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION;
61 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01;
62 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP;
63 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY;
64 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3;
65 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2;
66 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6;
67 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS;
68 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8;
69 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5;
70 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6;
71 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
72 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
73 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
74
75 GUID_from_string(DRSUAPI_DS_BIND_GUID, &bind_guid);
76
77 r.in.bind_guid = &bind_guid;
78 r.in.bind_info = &bind_info_ctr;
79 r.out.bind_handle = bind_handle;
80
81 torture_comment(tctx, "Testing DsBind\n");
82
83 status = dcerpc_drsuapi_DsBind_r(p->binding_handle, tctx, &r);
84 torture_drsuapi_assert_call(tctx, p, status, &r, "dcerpc_drsuapi_DsBind");
85
86 if (srv_info28 != NULL) {
87 *srv_info28 = r.out.bind_info->info.info28;
88 }
89
90 return true;
91 }
92
93 static bool test_DsGetDomainControllerInfo(struct torture_context *tctx,
94 struct DsPrivate *priv)
95 {
96 NTSTATUS status;
97 struct dcerpc_pipe *p = priv->drs_pipe;
98 struct drsuapi_DsGetDomainControllerInfo r;
99 union drsuapi_DsGetDCInfoCtr ctr;
100 union drsuapi_DsGetDCInfoRequest req;
101 int32_t level_out = 0;
102 bool found = false;
103 int i, j, k;
104
105 struct {
106 const char *name;
107 WERROR expected;
108 } names[] = {
109 {
110 .name = torture_join_dom_netbios_name(priv->join),
111 .expected = WERR_OK
112 },
113 {
114 .name = torture_join_dom_dns_name(priv->join),
115 .expected = WERR_OK
116 },
117 {
118 .name = "__UNKNOWN_DOMAIN__",
119 .expected = WERR_DS_OBJ_NOT_FOUND
120 },
121 {
122 .name = "unknown.domain.samba.example.com",
123 .expected = WERR_DS_OBJ_NOT_FOUND
124 },
125 };
126 int levels[] = {1, 2};
127 int level;
128
129 for (i=0; i < ARRAY_SIZE(levels); i++) {
130 for (j=0; j < ARRAY_SIZE(names); j++) {
131 level = levels[i];
132 r.in.bind_handle = &priv->bind_handle;
133 r.in.level = 1;
134 r.in.req = &req;
135
136 r.in.req->req1.domain_name = names[j].name;
137 r.in.req->req1.level = level;
138
139 r.out.ctr = &ctr;
140 r.out.level_out = &level_out;
141
142 torture_comment(tctx,
143 "Testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
144 r.in.req->req1.level, r.in.req->req1.domain_name);
145
146 status = dcerpc_drsuapi_DsGetDomainControllerInfo_r(p->binding_handle, tctx, &r);
147 torture_assert_ntstatus_ok(tctx, status,
148 "dcerpc_drsuapi_DsGetDomainControllerInfo with dns domain failed");
149 torture_assert_werr_equal(tctx,
150 r.out.result, names[j].expected,
151 "DsGetDomainControllerInfo level with dns domain failed");
152
153 if (!W_ERROR_IS_OK(r.out.result)) {
154 /* If this was an error, we can't read the result structure */
155 continue;
156 }
157
158 torture_assert_int_equal(tctx,
159 r.in.req->req1.level, *r.out.level_out,
160 "dcerpc_drsuapi_DsGetDomainControllerInfo in/out level differs");
161
162 switch (level) {
163 case 1:
164 for (k=0; k < r.out.ctr->ctr1.count; k++) {
165 if (strcasecmp_m(r.out.ctr->ctr1.array[k].netbios_name,
166 torture_join_netbios_name(priv->join)) == 0) {
167 found = true;
168 break;
169 }
170 }
171 break;
172 case 2:
173 for (k=0; k < r.out.ctr->ctr2.count; k++) {
174 if (strcasecmp_m(r.out.ctr->ctr2.array[k].netbios_name,
175 torture_join_netbios_name(priv->join)) == 0) {
176 found = true;
177 priv->dcinfo = r.out.ctr->ctr2.array[k];
178 break;
179 }
180 }
181 break;
182 }
183 torture_assert(tctx, found,
184 "dcerpc_drsuapi_DsGetDomainControllerInfo: Failed to find the domain controller we just created during the join");
185 }
186 }
187
188 r.in.bind_handle = &priv->bind_handle;
189 r.in.level = 1;
190
191 r.out.ctr = &ctr;
192 r.out.level_out = &level_out;
193
194 r.in.req->req1.domain_name = "__UNKNOWN_DOMAIN__"; /* This is clearly ignored for this level */
195 r.in.req->req1.level = -1;
196
197 torture_comment(tctx, "Testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
198 r.in.req->req1.level, r.in.req->req1.domain_name);
199
200 status = dcerpc_drsuapi_DsGetDomainControllerInfo_r(p->binding_handle, tctx, &r);
201
202 torture_assert_ntstatus_ok(tctx, status,
203 "dcerpc_drsuapi_DsGetDomainControllerInfo with dns domain failed");
204 torture_assert_werr_ok(tctx, r.out.result,
205 "DsGetDomainControllerInfo with dns domain failed");
206
207 {
208 const char *dc_account = talloc_asprintf(tctx, "%s\\%s$",
209 torture_join_dom_netbios_name(priv->join),
210 priv->dcinfo.netbios_name);
211 torture_comment(tctx, "%s: Enum active LDAP sessions searching for %s\n", __func__, dc_account);
212 for (k=0; k < r.out.ctr->ctr01.count; k++) {
213 if (strcasecmp_m(r.out.ctr->ctr01.array[k].client_account,
214 dc_account)) {
215 found = true;
216 break;
217 }
218 }
219 torture_assert(tctx, found,
220 "dcerpc_drsuapi_DsGetDomainControllerInfo level: Failed to find the domain controller in last logon records");
221 }
222
223
224 return true;
225 }
226
227 static bool test_DsWriteAccountSpn(struct torture_context *tctx,
228 struct DsPrivate *priv)
229 {
230 NTSTATUS status;
231 struct dcerpc_pipe *p = priv->drs_pipe;
232 struct drsuapi_DsWriteAccountSpn r;
233 union drsuapi_DsWriteAccountSpnRequest req;
234 struct drsuapi_DsNameString names[2];
235 union drsuapi_DsWriteAccountSpnResult res;
236 uint32_t level_out;
237
238 r.in.bind_handle = &priv->bind_handle;
239 r.in.level = 1;
240 r.in.req = &req;
241
242 torture_comment(tctx, "Testing DsWriteAccountSpn\n");
243
244 r.in.req->req1.operation = DRSUAPI_DS_SPN_OPERATION_ADD;
245 r.in.req->req1.unknown1 = 0;
246 r.in.req->req1.object_dn = priv->dcinfo.computer_dn;
247 r.in.req->req1.count = 2;
248 r.in.req->req1.spn_names = names;
249 names[0].str = talloc_asprintf(tctx, "smbtortureSPN/%s",priv->dcinfo.netbios_name);
250 names[1].str = talloc_asprintf(tctx, "smbtortureSPN/%s",priv->dcinfo.dns_name);
251
252 r.out.res = &res;
253 r.out.level_out = &level_out;
254
255 status = dcerpc_drsuapi_DsWriteAccountSpn_r(p->binding_handle, tctx, &r);
256 torture_drsuapi_assert_call(tctx, p, status, &r, "dcerpc_drsuapi_DsWriteAccountSpn");
257
258 r.in.req->req1.operation = DRSUAPI_DS_SPN_OPERATION_DELETE;
259 r.in.req->req1.unknown1 = 0;
260
261 status = dcerpc_drsuapi_DsWriteAccountSpn_r(p->binding_handle, tctx, &r);
262 torture_drsuapi_assert_call(tctx, p, status, &r, "dcerpc_drsuapi_DsWriteAccountSpn");
263
264 return true;
265 }
266
267 static bool test_DsReplicaGetInfo(struct torture_context *tctx,
268 struct DsPrivate *priv)
269 {
270 NTSTATUS status;
271 struct dcerpc_pipe *p = priv->drs_pipe;
272 struct drsuapi_DsReplicaGetInfo r;
273 union drsuapi_DsReplicaGetInfoRequest req;
274 union drsuapi_DsReplicaInfo info;
275 enum drsuapi_DsReplicaInfoType info_type;
276 int i;
277 struct {
278 int32_t level;
279 int32_t infotype;
280 const char *obj_dn;
281 } array[] = {
282 {
283 DRSUAPI_DS_REPLICA_GET_INFO,
284 DRSUAPI_DS_REPLICA_INFO_NEIGHBORS,
285 NULL
286 },{
287 DRSUAPI_DS_REPLICA_GET_INFO,
288 DRSUAPI_DS_REPLICA_INFO_CURSORS,
289 NULL
290 },{
291 DRSUAPI_DS_REPLICA_GET_INFO,
292 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA,
293 NULL
294 },{
295 DRSUAPI_DS_REPLICA_GET_INFO,
296 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES,
297 NULL
298 },{
299 DRSUAPI_DS_REPLICA_GET_INFO,
300 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES,
301 NULL
302 },{
303 DRSUAPI_DS_REPLICA_GET_INFO,
304 DRSUAPI_DS_REPLICA_INFO_PENDING_OPS,
305 NULL
306 },{
307 DRSUAPI_DS_REPLICA_GET_INFO2,
308 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA,
309 NULL
310 },{
311 DRSUAPI_DS_REPLICA_GET_INFO2,
312 DRSUAPI_DS_REPLICA_INFO_CURSORS2,
313 NULL
314 },{
315 DRSUAPI_DS_REPLICA_GET_INFO2,
316 DRSUAPI_DS_REPLICA_INFO_CURSORS3,
317 NULL
318 },{
319 DRSUAPI_DS_REPLICA_GET_INFO2,
320 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2,
321 NULL
322 },{
323 DRSUAPI_DS_REPLICA_GET_INFO2,
324 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2,
325 NULL
326 },{
327 DRSUAPI_DS_REPLICA_GET_INFO2,
328 DRSUAPI_DS_REPLICA_INFO_REPSTO,
329 NULL
330 },{
331 DRSUAPI_DS_REPLICA_GET_INFO2,
332 DRSUAPI_DS_REPLICA_INFO_CLIENT_CONTEXTS,
333 "__IGNORED__"
334 },{
335 DRSUAPI_DS_REPLICA_GET_INFO2,
336 DRSUAPI_DS_REPLICA_INFO_UPTODATE_VECTOR_V1,
337 NULL
338 },{
339 DRSUAPI_DS_REPLICA_GET_INFO2,
340 DRSUAPI_DS_REPLICA_INFO_SERVER_OUTGOING_CALLS,
341 NULL
342 }
343 };
344
345 if (torture_setting_bool(tctx, "samba4", false)) {
346 torture_comment(tctx, "skipping DsReplicaGetInfo test against Samba4\n");
347 return true;
348 }
349
350 r.in.bind_handle = &priv->bind_handle;
351 r.in.req = &req;
352
353 for (i=0; i < ARRAY_SIZE(array); i++) {
354 const char *object_dn;
355
356 torture_comment(tctx, "Testing DsReplicaGetInfo level %d infotype %d\n",
357 array[i].level, array[i].infotype);
358
359 object_dn = (array[i].obj_dn ? array[i].obj_dn : priv->domain_obj_dn);
360
361 r.in.level = array[i].level;
362 switch(r.in.level) {
363 case DRSUAPI_DS_REPLICA_GET_INFO:
364 r.in.req->req1.info_type = array[i].infotype;
365 r.in.req->req1.object_dn = object_dn;
366 ZERO_STRUCT(r.in.req->req1.source_dsa_guid);
367 break;
368 case DRSUAPI_DS_REPLICA_GET_INFO2:
369 r.in.req->req2.info_type = array[i].infotype;
370 r.in.req->req2.object_dn = object_dn;
371 ZERO_STRUCT(r.in.req->req2.source_dsa_guid);
372 r.in.req->req2.flags = 0;
373 r.in.req->req2.attribute_name = NULL;
374 r.in.req->req2.value_dn_str = NULL;
375 r.in.req->req2.enumeration_context = 0;
376 break;
377 }
378
379 r.out.info = &info;
380 r.out.info_type = &info_type;
381
382 status = dcerpc_drsuapi_DsReplicaGetInfo_r(p->binding_handle, tctx, &r);
383 torture_drsuapi_assert_call(tctx, p, status, &r, "dcerpc_drsuapi_DsReplicaGetInfo");
384 if (NT_STATUS_EQUAL(status, NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE)) {
385 torture_comment(tctx,
386 "DsReplicaGetInfo level %d and/or infotype %d not supported by server\n",
387 array[i].level, array[i].infotype);
388 } else {
389 torture_drsuapi_assert_call(tctx, p, status, &r, "dcerpc_drsuapi_DsReplicaGetInfo");
390 }
391 }
392
393 return true;
394 }
395
396 static bool test_DsReplicaSync(struct torture_context *tctx,
397 struct DsPrivate *priv)
398 {
399 NTSTATUS status;
400 struct dcerpc_pipe *p = priv->drs_pipe;
401 int i;
402 struct drsuapi_DsReplicaSync r;
403 union drsuapi_DsReplicaSyncRequest sync_req;
404 struct drsuapi_DsReplicaObjectIdentifier nc;
405 struct dom_sid null_sid;
406 struct {
407 int32_t level;
408 } array[] = {
409 {
410 1
411 }
412 };
413
414 if (!torture_setting_bool(tctx, "dangerous", false)) {
415 torture_comment(tctx, "DsReplicaSync disabled - enable dangerous tests to use\n");
416 return true;
417 }
418
419 if (torture_setting_bool(tctx, "samba4", false)) {
420 torture_comment(tctx, "skipping DsReplicaSync test against Samba4\n");
421 return true;
422 }
423
424 ZERO_STRUCT(null_sid);
425
426 r.in.bind_handle = &priv->bind_handle;
427
428 for (i=0; i < ARRAY_SIZE(array); i++) {
429 torture_comment(tctx, "Testing DsReplicaSync level %d\n",
430 array[i].level);
431
432 r.in.level = array[i].level;
433 switch(r.in.level) {
434 case 1:
435 nc.guid = GUID_zero();
436 nc.sid = null_sid;
437 nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:"";
438
439 sync_req.req1.naming_context = &nc;
440 sync_req.req1.source_dsa_guid = priv->dcinfo.ntds_guid;
441 sync_req.req1.source_dsa_dns = NULL;
442 sync_req.req1.options = 16;
443
444 r.in.req = &sync_req;
445 break;
446 }
447
448 status = dcerpc_drsuapi_DsReplicaSync_r(p->binding_handle, tctx, &r);
449 torture_drsuapi_assert_call(tctx, p, status, &r, "dcerpc_drsuapi_DsReplicaSync");
450 }
451
452 return true;
453 }
454
455 static bool test_DsReplicaUpdateRefs(struct torture_context *tctx,
456 struct DsPrivate *priv)
457 {
458 NTSTATUS status;
459 struct dcerpc_pipe *p = priv->drs_pipe;
460 struct drsuapi_DsReplicaUpdateRefs r;
461 struct drsuapi_DsReplicaObjectIdentifier nc;
462 struct GUID dest_dsa_guid;
463 const char *dest_dsa_guid_str;
464 struct dom_sid null_sid;
465
466 ZERO_STRUCT(null_sid);
467 dest_dsa_guid = GUID_random();
468 dest_dsa_guid_str = GUID_string(tctx, &dest_dsa_guid);
469
470 r.in.bind_handle = &priv->bind_handle;
471 r.in.level = 1; /* Only version 1 is defined presently */
472
473 /* setup NC */
474 nc.guid = priv->domain_obj_dn ? GUID_zero():priv->domain_guid;
475 nc.sid = null_sid;
476 nc.dn = priv->domain_obj_dn ? priv->domain_obj_dn : "";
477
478 /* default setup for request */
479 r.in.req.req1.naming_context = &nc;
480 r.in.req.req1.dest_dsa_dns_name = talloc_asprintf(tctx, "%s._msdn.%s",
481 dest_dsa_guid_str,
482 priv->domain_dns_name);
483 r.in.req.req1.dest_dsa_guid = dest_dsa_guid;
484
485 /* 1. deleting replica dest should fail */
486 torture_comment(tctx, "delete: %s\n", r.in.req.req1.dest_dsa_dns_name);
487 r.in.req.req1.options = DRSUAPI_DRS_DEL_REF;
488 status = dcerpc_drsuapi_DsReplicaUpdateRefs_r(p->binding_handle, tctx, &r);
489 torture_drsuapi_assert_call_werr(tctx, p,
490 status, WERR_DS_DRA_REF_NOT_FOUND, &r,
491 "dcerpc_drsuapi_DsReplicaUpdateRefs");
492
493 /* 2. hopefully adding random replica dest should succeed */
494 torture_comment(tctx, "add : %s\n", r.in.req.req1.dest_dsa_dns_name);
495 r.in.req.req1.options = DRSUAPI_DRS_ADD_REF;
496 status = dcerpc_drsuapi_DsReplicaUpdateRefs_r(p->binding_handle, tctx, &r);
497 torture_drsuapi_assert_call_werr(tctx, p,
498 status, WERR_OK, &r,
499 "dcerpc_drsuapi_DsReplicaUpdateRefs");
500
501 /* 3. try adding same replica dest - should fail */
502 torture_comment(tctx, "add : %s\n", r.in.req.req1.dest_dsa_dns_name);
503 r.in.req.req1.options = DRSUAPI_DRS_ADD_REF;
504 status = dcerpc_drsuapi_DsReplicaUpdateRefs_r(p->binding_handle, tctx, &r);
505 torture_drsuapi_assert_call_werr(tctx, p,
506 status, WERR_DS_DRA_REF_ALREADY_EXISTS, &r,
507 "dcerpc_drsuapi_DsReplicaUpdateRefs");
508
509 /* 4. try resetting same replica dest - should succeed */
510 torture_comment(tctx, "reset : %s\n", r.in.req.req1.dest_dsa_dns_name);
511 r.in.req.req1.options = DRSUAPI_DRS_DEL_REF | DRSUAPI_DRS_ADD_REF;
512 status = dcerpc_drsuapi_DsReplicaUpdateRefs_r(p->binding_handle, tctx, &r);
513 torture_drsuapi_assert_call_werr(tctx, p,
514 status, WERR_OK, &r,
515 "dcerpc_drsuapi_DsReplicaUpdateRefs");
516
517 /* 5. delete random replicate added at step 2. */
518 torture_comment(tctx, "delete : %s\n", r.in.req.req1.dest_dsa_dns_name);
519 r.in.req.req1.options = DRSUAPI_DRS_DEL_REF;
520 status = dcerpc_drsuapi_DsReplicaUpdateRefs_r(p->binding_handle, tctx, &r);
521 torture_drsuapi_assert_call_werr(tctx, p,
522 status, WERR_OK, &r,
523 "dcerpc_drsuapi_DsReplicaUpdateRefs");
524
525 /* 6. try replace on non-existing replica dest - should succeed */
526 torture_comment(tctx, "replace: %s\n", r.in.req.req1.dest_dsa_dns_name);
527 r.in.req.req1.options = DRSUAPI_DRS_DEL_REF | DRSUAPI_DRS_ADD_REF;
528 status = dcerpc_drsuapi_DsReplicaUpdateRefs_r(p->binding_handle, tctx, &r);
529 torture_drsuapi_assert_call_werr(tctx, p,
530 status, WERR_OK, &r,
531 "dcerpc_drsuapi_DsReplicaUpdateRefs");
532
533 /* 7. delete random replicate added at step 6. */
534 torture_comment(tctx, "delete : %s\n", r.in.req.req1.dest_dsa_dns_name);
535 r.in.req.req1.options = DRSUAPI_DRS_DEL_REF;
536 status = dcerpc_drsuapi_DsReplicaUpdateRefs_r(p->binding_handle, tctx, &r);
537 torture_drsuapi_assert_call_werr(tctx, p,
538 status, WERR_OK, &r,
539 "dcerpc_drsuapi_DsReplicaUpdateRefs");
540
541 return true;
542 }
543
544 static bool test_DsGetNCChanges(struct torture_context *tctx,
545 struct DsPrivate *priv)
546 {
547 NTSTATUS status;
548 struct dcerpc_pipe *p = priv->drs_pipe;
549 int i;
550 struct drsuapi_DsGetNCChanges r;
551 union drsuapi_DsGetNCChangesRequest req;
552 union drsuapi_DsGetNCChangesCtr ctr;
553 struct drsuapi_DsReplicaObjectIdentifier nc;
554 struct dom_sid null_sid;
555 uint32_t level_out;
556 struct {
557 uint32_t level;
558 } array[] = {
559 {
560 5
561 },
562 {
563 8
564 }
565 };
566
567 if (torture_setting_bool(tctx, "samba4", false)) {
568 torture_comment(tctx, "skipping DsGetNCChanges test against Samba4\n");
569 return true;
570 }
571
572 ZERO_STRUCT(null_sid);
573
574 for (i=0; i < ARRAY_SIZE(array); i++) {
575 torture_comment(tctx,
576 "Testing DsGetNCChanges level %d\n",
577 array[i].level);
578
579 r.in.bind_handle = &priv->bind_handle;
580 r.in.level = array[i].level;
581 r.out.level_out = &level_out;
582 r.out.ctr = &ctr;
583
584 switch (r.in.level) {
585 case 5:
586 nc.guid = GUID_zero();
587 nc.sid = null_sid;
588 nc.dn = priv->domain_obj_dn ? priv->domain_obj_dn : "";
589
590 r.in.req = &req;
591 r.in.req->req5.destination_dsa_guid = GUID_random();
592 r.in.req->req5.source_dsa_invocation_id = GUID_zero();
593 r.in.req->req5.naming_context = &nc;
594 r.in.req->req5.highwatermark.tmp_highest_usn = 0;
595 r.in.req->req5.highwatermark.reserved_usn = 0;
596 r.in.req->req5.highwatermark.highest_usn = 0;
597 r.in.req->req5.uptodateness_vector = NULL;
598 r.in.req->req5.replica_flags = 0;
599 if (lpcfg_parm_bool(tctx->lp_ctx, NULL, "drsuapi", "compression", false)) {
600 r.in.req->req5.replica_flags |= DRSUAPI_DRS_USE_COMPRESSION;
601 }
602 r.in.req->req5.max_object_count = 0;
603 r.in.req->req5.max_ndr_size = 0;
604 r.in.req->req5.extended_op = DRSUAPI_EXOP_NONE;
605 r.in.req->req5.fsmo_info = 0;
606
607 break;
608 case 8:
609 nc.guid = GUID_zero();
610 nc.sid = null_sid;
611 nc.dn = priv->domain_obj_dn ? priv->domain_obj_dn : "";
612
613 r.in.req = &req;
614 r.in.req->req8.destination_dsa_guid = GUID_random();
615 r.in.req->req8.source_dsa_invocation_id = GUID_zero();
616 r.in.req->req8.naming_context = &nc;
617 r.in.req->req8.highwatermark.tmp_highest_usn = 0;
618 r.in.req->req8.highwatermark.reserved_usn = 0;
619 r.in.req->req8.highwatermark.highest_usn = 0;
620 r.in.req->req8.uptodateness_vector = NULL;
621 r.in.req->req8.replica_flags = 0;
622 if (lpcfg_parm_bool(tctx->lp_ctx, NULL, "drsuapi", "compression", false)) {
623 r.in.req->req8.replica_flags |= DRSUAPI_DRS_USE_COMPRESSION;
624 }
625 if (lpcfg_parm_bool(tctx->lp_ctx, NULL, "drsuapi", "neighbour_writeable", true)) {
626 r.in.req->req8.replica_flags |= DRSUAPI_DRS_WRIT_REP;
627 }
628 r.in.req->req8.replica_flags |= DRSUAPI_DRS_INIT_SYNC
629 | DRSUAPI_DRS_PER_SYNC
630 | DRSUAPI_DRS_GET_ANC
631 | DRSUAPI_DRS_NEVER_SYNCED
632 ;
633 r.in.req->req8.max_object_count = 402;
634 r.in.req->req8.max_ndr_size = 402116;
635 r.in.req->req8.extended_op = DRSUAPI_EXOP_NONE;
636 r.in.req->req8.fsmo_info = 0;
637 r.in.req->req8.partial_attribute_set = NULL;
638 r.in.req->req8.partial_attribute_set_ex = NULL;
639 r.in.req->req8.mapping_ctr.num_mappings = 0;
640 r.in.req->req8.mapping_ctr.mappings = NULL;
641
642 break;
643 }
644
645 status = dcerpc_drsuapi_DsGetNCChanges_r(p->binding_handle, tctx, &r);
646 torture_drsuapi_assert_call(tctx, p, status, &r, "dcerpc_drsuapi_DsGetNCChanges");
647 }
648
649 return true;
650 }
651
652 bool test_QuerySitesByCost(struct torture_context *tctx,
653 struct DsPrivate *priv)
654 {
655 NTSTATUS status;
656 struct dcerpc_pipe *p = priv->drs_pipe;
657 struct drsuapi_QuerySitesByCost r;
658 union drsuapi_QuerySitesByCostRequest req;
659
660 const char *my_site = "Default-First-Site-Name";
661 const char *remote_site1 = "smbtorture-nonexisting-site1";
662 const char *remote_site2 = "smbtorture-nonexisting-site2";
663
664 req.req1.site_from = talloc_strdup(tctx, my_site);
665 req.req1.num_req = 2;
666 req.req1.site_to = talloc_zero_array(tctx, const char *, 2);
667 req.req1.site_to[0] = talloc_strdup(tctx, remote_site1);
668 req.req1.site_to[1] = talloc_strdup(tctx, remote_site2);
669 req.req1.flags = 0;
670
671 r.in.bind_handle = &priv->bind_handle;
672 r.in.level = 1;
673 r.in.req = &req;
674
675 status = dcerpc_drsuapi_QuerySitesByCost_r(p->binding_handle, tctx, &r);
676 torture_drsuapi_assert_call(tctx, p, status, &r, "dcerpc_drsuapi_QuerySitesByCost");
677
678 if (W_ERROR_IS_OK(r.out.result)) {
679 torture_assert_werr_equal(tctx,
680 r.out.ctr->ctr1.info[0].error_code, WERR_DS_OBJ_NOT_FOUND,
681 "dcerpc_drsuapi_QuerySitesByCost");
682 torture_assert_werr_equal(tctx,
683 r.out.ctr->ctr1.info[1].error_code, WERR_DS_OBJ_NOT_FOUND,
684 "dcerpc_drsuapi_QuerySitesByCost expected error_code WERR_DS_OBJ_NOT_FOUND");
685
686 torture_assert_int_equal(tctx,
687 r.out.ctr->ctr1.info[0].site_cost, -1,
688 "dcerpc_drsuapi_QuerySitesByCost");
689 torture_assert_int_equal(tctx,
690 r.out.ctr->ctr1.info[1].site_cost, -1,
691 "dcerpc_drsuapi_QuerySitesByCost exptected site cost");
692 }
693
694 return true;
695
696
697 }
698
699 bool test_DsUnbind(struct dcerpc_pipe *p,
700 struct torture_context *tctx,
701 struct DsPrivate *priv)
702 {
703 NTSTATUS status;
704 struct drsuapi_DsUnbind r;
705
706 r.in.bind_handle = &priv->bind_handle;
707 r.out.bind_handle = &priv->bind_handle;
708
709 torture_comment(tctx, "Testing DsUnbind\n");
710
711 status = dcerpc_drsuapi_DsUnbind_r(p->binding_handle, tctx, &r);
712 torture_drsuapi_assert_call(tctx, p, status, &r, "dcerpc_drsuapi_DsUnbind");
713
714 return true;
715 }
716
717
718 /**
719 * Helper func to collect DC information for testing purposes.
720 * This function is almost identical to test_DsGetDomainControllerInfo
721 */
722 bool torture_rpc_drsuapi_get_dcinfo(struct torture_context *torture,
723 struct DsPrivate *priv)
724 {
725 NTSTATUS status;
726 int32_t level_out = 0;
727 struct drsuapi_DsGetDomainControllerInfo r;
728 union drsuapi_DsGetDCInfoCtr ctr;
729 int j, k;
730 const char *names[] = {
731 torture_join_dom_netbios_name(priv->join),
732 torture_join_dom_dns_name(priv->join)};
733
734 for (j=0; j < ARRAY_SIZE(names); j++) {
735 union drsuapi_DsGetDCInfoRequest req;
736 struct dcerpc_binding_handle *b = priv->drs_pipe->binding_handle;
737 r.in.bind_handle = &priv->bind_handle;
738 r.in.level = 1;
739 r.in.req = &req;
740
741 r.in.req->req1.domain_name = names[j];
742 r.in.req->req1.level = 2;
743
744 r.out.ctr = &ctr;
745 r.out.level_out = &level_out;
746
747 status = dcerpc_drsuapi_DsGetDomainControllerInfo_r(b, torture, &r);
748 if (!NT_STATUS_IS_OK(status)) {
749 continue;
750 }
751 if (!W_ERROR_IS_OK(r.out.result)) {
752 /* If this was an error, we can't read the result structure */
753 continue;
754 }
755
756 for (k=0; k < r.out.ctr->ctr2.count; k++) {
757 if (strcasecmp_m(r.out.ctr->ctr2.array[k].netbios_name,
758 torture_join_netbios_name(priv->join)) == 0) {
759 priv->dcinfo = r.out.ctr->ctr2.array[k];
760 return true;
761 }
762 }
763 }
764
765 return false;
766 }
767
768 /**
769 * Common test case setup function to be used
770 * in DRS suit of test when appropriate
771 */
772 bool torture_drsuapi_tcase_setup_common(struct torture_context *tctx, struct DsPrivate *priv)
773 {
774 NTSTATUS status;
775 int rnd = rand() % 1000;
776 char *name = talloc_asprintf(tctx, "%s%d", TEST_MACHINE_NAME, rnd);
777
778 torture_assert(tctx, priv, "Invalid argument");
779
780 torture_comment(tctx, "Create DRSUAPI pipe\n");
781 status = torture_rpc_connection(tctx,
782 &priv->drs_pipe,
783 &ndr_table_drsuapi);
784 torture_assert(tctx, NT_STATUS_IS_OK(status), "Unable to connect to DRSUAPI pipe");
785
786 torture_comment(tctx, "About to join domain with name %s\n", name);
787 priv->join = torture_join_domain(tctx, name, ACB_SVRTRUST,
788 &priv->dc_credentials);
789 torture_assert(tctx, priv->join, "Failed to join as BDC");
790
791 if (!test_DsBind(priv->drs_pipe, tctx,
792 &priv->bind_handle,
793 &priv->srv_bind_info))
794 {
795 /* clean up */
796 torture_drsuapi_tcase_teardown_common(tctx, priv);
797 torture_fail(tctx, "Failed execute test_DsBind()");
798 }
799
800 /* try collect some information for testing */
801 torture_rpc_drsuapi_get_dcinfo(tctx, priv);
802
803 return true;
804 }
805
806 /**
807 * Common test case teardown function to be used
808 * in DRS suit of test when appropriate
809 */
810 bool torture_drsuapi_tcase_teardown_common(struct torture_context *tctx, struct DsPrivate *priv)
811 {
812 if (priv->join) {
813 torture_leave_domain(tctx, priv->join);
814 }
815
816 return true;
817 }
818
819 /**
820 * Test case setup for DRSUAPI test case
821 */
822 static bool torture_drsuapi_tcase_setup(struct torture_context *tctx, void **data)
823 {
824 struct DsPrivate *priv;
825
826 *data = priv = talloc_zero(tctx, struct DsPrivate);
827
828 return torture_drsuapi_tcase_setup_common(tctx, priv);
829 }
830
831 /**
832 * Test case tear-down for DRSUAPI test case
833 */
834 static bool torture_drsuapi_tcase_teardown(struct torture_context *tctx, void *data)
835 {
836 bool ret;
837 struct DsPrivate *priv = talloc_get_type(data, struct DsPrivate);
838
839 ret = torture_drsuapi_tcase_teardown_common(tctx, priv);
840
841 talloc_free(priv);
842 return ret;
843 }
844
845 /**
846 * DRSUAPI test case implementation
847 */
848 void torture_rpc_drsuapi_tcase(struct torture_suite *suite)
849 {
850 typedef bool (*run_func) (struct torture_context *test, void *tcase_data);
851
852 struct torture_tcase *tcase = torture_suite_add_tcase(suite, "drsuapi");
853
854 torture_tcase_set_fixture(tcase, torture_drsuapi_tcase_setup,
855 torture_drsuapi_tcase_teardown);
856
857 #if 0
858 test = torture_tcase_add_simple_test(tcase, "QuerySitesByCost", (run_func)test_QuerySitesByCost);
859 #endif
860
861 torture_tcase_add_simple_test(tcase, "DsGetDomainControllerInfo", (run_func)test_DsGetDomainControllerInfo);
862
863 torture_tcase_add_simple_test(tcase, "DsCrackNames", (run_func)test_DsCrackNames);
864
865 torture_tcase_add_simple_test(tcase, "DsWriteAccountSpn", (run_func)test_DsWriteAccountSpn);
866
867 torture_tcase_add_simple_test(tcase, "DsReplicaGetInfo", (run_func)test_DsReplicaGetInfo);
868
869 torture_tcase_add_simple_test(tcase, "DsReplicaSync", (run_func)test_DsReplicaSync);
870
871 torture_tcase_add_simple_test(tcase, "DsReplicaUpdateRefs", (run_func)test_DsReplicaUpdateRefs);
872
873 torture_tcase_add_simple_test(tcase, "DsGetNCChanges", (run_func)test_DsGetNCChanges);
874 }
Samba GIT mirror