search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r24146: It is not an error for a Win2k3-only server not to support the NT4
[Samba.git] / source4 / torture / rpc / dssync.c
blob9546e5fd3db22a22076deb4de875d1064a1ef523
1 /*
2 Unix SMB/CIFS implementation.
3
4 DsGetNCChanges replication test
5
6 Copyright (C) Stefan (metze) Metzmacher 2005
7 Copyright (C) Brad Henry 2005
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "lib/cmdline/popt_common.h"
25 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
26 #include "libcli/cldap/cldap.h"
27 #include "libcli/ldap/ldap_client.h"
28 #include "torture/torture.h"
29 #include "torture/ldap/proto.h"
30 #include "libcli/auth/libcli_auth.h"
31 #include "lib/crypto/crypto.h"
32 #include "auth/credentials/credentials.h"
33 #include "libcli/auth/libcli_auth.h"
34 #include "auth/gensec/gensec.h"
35
36 struct DsSyncBindInfo {
37 struct dcerpc_pipe *pipe;
38 struct drsuapi_DsBind req;
39 struct GUID bind_guid;
40 struct drsuapi_DsBindInfoCtr our_bind_info_ctr;
41 struct drsuapi_DsBindInfo28 our_bind_info28;
42 struct drsuapi_DsBindInfo28 peer_bind_info28;
43 struct policy_handle bind_handle;
44 };
45
46 struct DsSyncLDAPInfo {
47 struct ldap_connection *conn;
48 };
49
50 struct DsSyncTest {
51 struct dcerpc_binding *drsuapi_binding;
52
53 const char *ldap_url;
54 const char *site_name;
55
56 const char *domain_dn;
57
58 /* what we need to do as 'Administrator' */
59 struct {
60 struct cli_credentials *credentials;
61 struct DsSyncBindInfo drsuapi;
62 struct DsSyncLDAPInfo ldap;
63 } admin;
64
65 /* what we need to do as the new dc machine account */
66 struct {
67 struct cli_credentials *credentials;
68 struct DsSyncBindInfo drsuapi;
69 struct drsuapi_DsGetDCInfo2 dc_info2;
70 struct GUID invocation_id;
71 struct GUID object_guid;
72 } new_dc;
73
74 /* info about the old dc */
75 struct {
76 struct drsuapi_DsGetDomainControllerInfo dc_info;
77 } old_dc;
78 };
79
80 static struct DsSyncTest *test_create_context(TALLOC_CTX *mem_ctx)
81 {
82 NTSTATUS status;
83 struct DsSyncTest *ctx;
84 struct drsuapi_DsBindInfo28 *our_bind_info28;
85 struct drsuapi_DsBindInfoCtr *our_bind_info_ctr;
86 const char *binding = lp_parm_string(-1, "torture", "binding");
87 ctx = talloc_zero(mem_ctx, struct DsSyncTest);
88 if (!ctx) return NULL;
89
90 status = dcerpc_parse_binding(ctx, binding, &ctx->drsuapi_binding);
91 if (!NT_STATUS_IS_OK(status)) {
92 printf("Bad binding string %s\n", binding);
93 return NULL;
94 }
95 ctx->drsuapi_binding->flags |= DCERPC_SIGN | DCERPC_SEAL;
96
97 ctx->ldap_url = talloc_asprintf(ctx, "ldap://%s/", ctx->drsuapi_binding->host);
98
99 /* ctx->admin ...*/
100 ctx->admin.credentials = cmdline_credentials;
101
102 our_bind_info28 = &ctx->admin.drsuapi.our_bind_info28;
103 our_bind_info28->supported_extensions = 0xFFFFFFFF;
104 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
105 our_bind_info28->site_guid = GUID_zero();
106 our_bind_info28->u1 = 0;
107 our_bind_info28->repl_epoch = 1;
108
109 our_bind_info_ctr = &ctx->admin.drsuapi.our_bind_info_ctr;
110 our_bind_info_ctr->length = 28;
111 our_bind_info_ctr->info.info28 = *our_bind_info28;
112
113 GUID_from_string(DRSUAPI_DS_BIND_GUID, &ctx->admin.drsuapi.bind_guid);
114
115 ctx->admin.drsuapi.req.in.bind_guid = &ctx->admin.drsuapi.bind_guid;
116 ctx->admin.drsuapi.req.in.bind_info = our_bind_info_ctr;
117 ctx->admin.drsuapi.req.out.bind_handle = &ctx->admin.drsuapi.bind_handle;
118
119 /* ctx->new_dc ...*/
120 ctx->new_dc.credentials = cmdline_credentials;
121
122 our_bind_info28 = &ctx->new_dc.drsuapi.our_bind_info28;
123 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_BASE;
124 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION;
125 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI;
126 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2;
127 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS;
128 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1;
129 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION;
130 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE;
131 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2;
132 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION;
133 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2;
134 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD;
135 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND;
136 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO;
137 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION;
138 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01;
139 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP;
140 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY;
141 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3;
142 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2;
143 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6;
144 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS;
145 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8;
146 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5;
147 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6;
148 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
149 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
150 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
151 if (lp_parm_bool(-1,"dssync","xpress",False)) {
152 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
153 }
154 our_bind_info28->site_guid = GUID_zero();
155 our_bind_info28->u1 = 508;
156 our_bind_info28->repl_epoch = 0;
157
158 our_bind_info_ctr = &ctx->new_dc.drsuapi.our_bind_info_ctr;
159 our_bind_info_ctr->length = 28;
160 our_bind_info_ctr->info.info28 = *our_bind_info28;
161
162 GUID_from_string(DRSUAPI_DS_BIND_GUID_W2K3, &ctx->new_dc.drsuapi.bind_guid);
163
164 ctx->new_dc.drsuapi.req.in.bind_guid = &ctx->new_dc.drsuapi.bind_guid;
165 ctx->new_dc.drsuapi.req.in.bind_info = our_bind_info_ctr;
166 ctx->new_dc.drsuapi.req.out.bind_handle = &ctx->new_dc.drsuapi.bind_handle;
167
168 ctx->new_dc.invocation_id = ctx->new_dc.drsuapi.bind_guid;
169
170 /* ctx->old_dc ...*/
171
172 return ctx;
173 }
174
175 static BOOL _test_DsBind(struct DsSyncTest *ctx, struct cli_credentials *credentials, struct DsSyncBindInfo *b)
176 {
177 NTSTATUS status;
178 BOOL ret = True;
179 struct event_context *event = NULL;
180
181 status = dcerpc_pipe_connect_b(ctx,
182 &b->pipe, ctx->drsuapi_binding,
183 &dcerpc_table_drsuapi,
184 credentials, event);
185
186 if (!NT_STATUS_IS_OK(status)) {
187 printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status));
188 return False;
189 }
190
191 status = dcerpc_drsuapi_DsBind(b->pipe, ctx, &b->req);
192 if (!NT_STATUS_IS_OK(status)) {
193 const char *errstr = nt_errstr(status);
194 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
195 errstr = dcerpc_errstr(ctx, b->pipe->last_fault_code);
196 }
197 printf("dcerpc_drsuapi_DsBind failed - %s\n", errstr);
198 ret = False;
199 } else if (!W_ERROR_IS_OK(b->req.out.result)) {
200 printf("DsBind failed - %s\n", win_errstr(b->req.out.result));
201 ret = False;
202 }
203
204 ZERO_STRUCT(b->peer_bind_info28);
205 if (b->req.out.bind_info) {
206 switch (b->req.out.bind_info->length) {
207 case 24: {
208 struct drsuapi_DsBindInfo24 *info24;
209 info24 = &b->req.out.bind_info->info.info24;
210 b->peer_bind_info28.supported_extensions= info24->supported_extensions;
211 b->peer_bind_info28.site_guid = info24->site_guid;
212 b->peer_bind_info28.u1 = info24->u1;
213 b->peer_bind_info28.repl_epoch = 0;
214 break;
215 }
216 case 28:
217 b->peer_bind_info28 = b->req.out.bind_info->info.info28;
218 break;
219 }
220 }
221
222 return ret;
223 }
224
225 static BOOL test_LDAPBind(struct DsSyncTest *ctx, struct cli_credentials *credentials, struct DsSyncLDAPInfo *l)
226 {
227 NTSTATUS status;
228 BOOL ret = True;
229
230 status = torture_ldap_connection(ctx, &l->conn, ctx->ldap_url);
231 if (!NT_STATUS_IS_OK(status)) {
232 printf("failed to connect to LDAP: %s\n", ctx->ldap_url);
233 return False;
234 }
235
236 printf("connected to LDAP: %s\n", ctx->ldap_url);
237
238 status = torture_ldap_bind_sasl(l->conn, credentials);
239 if (!NT_STATUS_IS_OK(status)) {
240 printf("failed to bind to LDAP:\n");
241 return False;
242 }
243 printf("bound to LDAP.\n");
244
245 return ret;
246 }
247
248 static BOOL test_GetInfo(struct DsSyncTest *ctx)
249 {
250 NTSTATUS status;
251 struct drsuapi_DsCrackNames r;
252 struct drsuapi_DsNameString names[1];
253 BOOL ret = True;
254
255 struct cldap_socket *cldap = cldap_socket_init(ctx, NULL);
256 struct cldap_netlogon search;
257
258 r.in.bind_handle = &ctx->admin.drsuapi.bind_handle;
259 r.in.level = 1;
260 r.in.req.req1.codepage = 1252; /* western european */
261 r.in.req.req1.language = 0x00000407; /* german */
262 r.in.req.req1.count = 1;
263 r.in.req.req1.names = names;
264 r.in.req.req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
265 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
266 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
267 names[0].str = talloc_asprintf(ctx, "%s\\", lp_workgroup());
268
269 status = dcerpc_drsuapi_DsCrackNames(ctx->admin.drsuapi.pipe, ctx, &r);
270 if (!NT_STATUS_IS_OK(status)) {
271 const char *errstr = nt_errstr(status);
272 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
273 errstr = dcerpc_errstr(ctx, ctx->admin.drsuapi.pipe->last_fault_code);
274 }
275 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
276 return False;
277 } else if (!W_ERROR_IS_OK(r.out.result)) {
278 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
279 return False;
280 }
281
282 ctx->domain_dn = r.out.ctr.ctr1->array[0].result_name;
283
284 ZERO_STRUCT(search);
285 search.in.dest_address = ctx->drsuapi_binding->host;
286 search.in.acct_control = -1;
287 search.in.version = 6;
288 status = cldap_netlogon(cldap, ctx, &search);
289 if (!NT_STATUS_IS_OK(status)) {
290 const char *errstr = nt_errstr(status);
291 ctx->site_name = talloc_asprintf(ctx, "%s", "Default-First-Site-Name");
292 printf("cldap_netlogon() returned %s. Defaulting to Site-Name: %s\n", errstr, ctx->site_name);
293 } else {
294 ctx->site_name = talloc_steal(ctx, search.out.netlogon.logon5.client_site);
295 printf("cldap_netlogon() returned Client Site-Name: %s.\n",ctx->site_name);
296 printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.logon5.server_site);
297 }
298
299 return ret;
300 }
301
302 static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
303 const DATA_BLOB *gensec_skey,
304 bool rcrypt,
305 struct drsuapi_DsReplicaObjectIdentifier *id,
306 uint32_t rid,
307 const DATA_BLOB *buffer)
308 {
309 DATA_BLOB confounder;
310 DATA_BLOB enc_buffer;
311
312 struct MD5Context md5;
313 uint8_t _enc_key[16];
314 DATA_BLOB enc_key;
315
316 DATA_BLOB dec_buffer;
317
318 uint32_t crc32_given;
319 uint32_t crc32_calc;
320 DATA_BLOB checked_buffer;
321
322 DATA_BLOB plain_buffer;
323
324 /*
325 * the combination "c[3] s[1] e[1] d[0]..."
326 * was successful!!!!!!!!!!!!!!!!!!!!!!!!!!
327 */
328
329 /*
330 * the first 16 bytes at the beginning are the confounder
331 * followed by the 4 byte crc32 checksum
332 */
333 if (buffer->length < 20) {
334 return data_blob_const(NULL, 0);
335 }
336 confounder = data_blob_const(buffer->data, 16);
337 enc_buffer = data_blob_const(buffer->data + 16, buffer->length - 16);
338
339 /*
340 * build the encryption key md5 over the session key followed
341 * by the confounder
342 *
343 * here the gensec session key is used and
344 * not the dcerpc ncacn_ip_tcp "SystemLibraryDTC" key!
345 */
346 enc_key = data_blob_const(_enc_key, sizeof(_enc_key));
347 MD5Init(&md5);
348 MD5Update(&md5, gensec_skey->data, gensec_skey->length);
349 MD5Update(&md5, confounder.data, confounder.length);
350 MD5Final(enc_key.data, &md5);
351
352 /*
353 * copy the encrypted buffer part and
354 * decrypt it using the created encryption key using arcfour
355 */
356 dec_buffer = data_blob_talloc(mem_ctx, enc_buffer.data, enc_buffer.length);
357 if (!dec_buffer.data) {
358 return data_blob_const(NULL, 0);
359 }
360 arcfour_crypt_blob(dec_buffer.data, dec_buffer.length, &enc_key);
361
362 /*
363 * the first 4 byte are the crc32 checksum
364 * of the remaining bytes
365 */
366 crc32_given = IVAL(dec_buffer.data, 0);
367 crc32_calc = crc32_calc_buffer(dec_buffer.data + 4 , dec_buffer.length - 4);
368 if (crc32_given != crc32_calc) {
369 DEBUG(0,("CRC32: given[0x%08X] calc[0x%08X]\n",
370 crc32_given, crc32_calc));
371 return data_blob_const(NULL, 0);
372 }
373 checked_buffer = data_blob_talloc(mem_ctx, dec_buffer.data + 4, dec_buffer.length - 4);
374 if (!checked_buffer.data) {
375 return data_blob_const(NULL, 0);
376 }
377
378 /*
379 * some attributes seem to be in a usable form after this decryption
380 * (supplementalCredentials, priorValue, currentValue, trustAuthOutgoing,
381 * trustAuthIncoming, initialAuthOutgoing, initialAuthIncoming)
382 * At least supplementalCredentials contains plaintext
383 * like "Primary:Kerberos" (in unicode form)
384 *
385 * some attributes seem to have some additional encryption
386 * dBCSPwd, unicodePwd, ntPwdHistory, lmPwdHistory
387 *
388 * it's the sam_rid_crypt() function, as the value is constant,
389 * so it doesn't depend on sessionkeys.
390 */
391 if (rcrypt) {
392 uint32_t i, num_hashes;
393
394 if ((checked_buffer.length % 16) != 0) {
395 return data_blob_const(NULL, 0);
396 }
397
398 plain_buffer = data_blob_talloc(mem_ctx, checked_buffer.data, checked_buffer.length);
399 if (!plain_buffer.data) {
400 return data_blob_const(NULL, 0);
401 }
402
403 num_hashes = plain_buffer.length / 16;
404 for (i = 0; i < num_hashes; i++) {
405 uint32_t offset = i * 16;
406 sam_rid_crypt(rid, checked_buffer.data + offset, plain_buffer.data + offset, 0);
407 }
408 } else {
409 plain_buffer = checked_buffer;
410 }
411
412 return plain_buffer;
413 }
414
415 static void test_analyse_objects(struct DsSyncTest *ctx,
416 const DATA_BLOB *gensec_skey,
417 struct drsuapi_DsReplicaObjectListItemEx *cur)
418 {
419 static uint32_t object_id;
420 const char *save_values_dir;
421
422 if (!lp_parm_bool(-1,"dssync","print_pwd_blobs", false)) {
423 return;
424 }
425
426 save_values_dir = lp_parm_string(-1,"dssync","save_pwd_blobs_dir");
427
428 for (; cur; cur = cur->next_object) {
429 const char *dn;
430 struct dom_sid *sid = NULL;
431 uint32_t rid = 0;
432 BOOL dn_printed = False;
433 uint32_t i;
434
435 if (!cur->object.identifier) continue;
436
437 dn = cur->object.identifier->dn;
438 if (cur->object.identifier->sid.num_auths > 0) {
439 sid = &cur->object.identifier->sid;
440 rid = sid->sub_auths[sid->num_auths - 1];
441 }
442
443 for (i=0; i < cur->object.attribute_ctr.num_attributes; i++) {
444 const char *name = NULL;
445 bool rcrypt = false;
446 DATA_BLOB *enc_data = NULL;
447 DATA_BLOB plain_data;
448 struct drsuapi_DsReplicaAttribute *attr;
449 attr = &cur->object.attribute_ctr.attributes[i];
450
451 switch (attr->attid) {
452 case DRSUAPI_ATTRIBUTE_dBCSPwd:
453 name = "dBCSPwd";
454 rcrypt = true;
455 break;
456 case DRSUAPI_ATTRIBUTE_unicodePwd:
457 name = "unicodePwd";
458 rcrypt = true;
459 break;
460 case DRSUAPI_ATTRIBUTE_ntPwdHistory:
461 name = "ntPwdHistory";
462 rcrypt = true;
463 break;
464 case DRSUAPI_ATTRIBUTE_lmPwdHistory:
465 name = "lmPwdHistory";
466 rcrypt = true;
467 break;
468 case DRSUAPI_ATTRIBUTE_supplementalCredentials:
469 name = "supplementalCredentials";
470 break;
471 case DRSUAPI_ATTRIBUTE_priorValue:
472 name = "priorValue";
473 break;
474 case DRSUAPI_ATTRIBUTE_currentValue:
475 name = "currentValue";
476 break;
477 case DRSUAPI_ATTRIBUTE_trustAuthOutgoing:
478 name = "trustAuthOutgoing";
479 break;
480 case DRSUAPI_ATTRIBUTE_trustAuthIncoming:
481 name = "trustAuthIncoming";
482 break;
483 case DRSUAPI_ATTRIBUTE_initialAuthOutgoing:
484 name = "initialAuthOutgoing";
485 break;
486 case DRSUAPI_ATTRIBUTE_initialAuthIncoming:
487 name = "initialAuthIncoming";
488 break;
489 default:
490 continue;
491 }
492
493 if (attr->value_ctr.num_values != 1) continue;
494
495 if (!attr->value_ctr.values[0].blob) continue;
496
497 enc_data = attr->value_ctr.values[0].blob;
498 ZERO_STRUCT(plain_data);
499
500 plain_data = decrypt_blob(ctx, gensec_skey, rcrypt,
501 cur->object.identifier, rid,
502 enc_data);
503 if (!dn_printed) {
504 object_id++;
505 DEBUG(0,("DN[%u] %s\n", object_id, dn));
506 dn_printed = True;
507 }
508 DEBUGADD(0,("ATTR: %s enc.length=%lu plain.length=%lu\n",
509 name, (long)enc_data->length, (long)plain_data.length));
510 if (plain_data.length) {
511 dump_data(0, plain_data.data, plain_data.length);
512 if (save_values_dir) {
513 char *fname;
514 fname = talloc_asprintf(ctx, "%s/%s%02d",
515 save_values_dir,
516 name, object_id);
517 if (fname) {
518 bool ok;
519 ok = file_save(fname, plain_data.data, plain_data.length);
520 if (!ok) {
521 DEBUGADD(0,("Failed to save '%s'\n", fname));
522 }
523 }
524 talloc_free(fname);
525 }
526 } else {
527 dump_data(0, enc_data->data, enc_data->length);
528 }
529 }
530 }
531 }
532
533 static BOOL test_FetchData(struct DsSyncTest *ctx)
534 {
535 NTSTATUS status;
536 BOOL ret = True;
537 int i, y = 0;
538 uint64_t highest_usn = 0;
539 const char *partition = NULL;
540 struct drsuapi_DsGetNCChanges r;
541 struct drsuapi_DsReplicaObjectIdentifier nc;
542 struct drsuapi_DsGetNCChangesCtr1 *ctr1 = NULL;
543 struct drsuapi_DsGetNCChangesCtr6 *ctr6 = NULL;
544 int32_t out_level = 0;
545 struct GUID null_guid;
546 struct dom_sid null_sid;
547 DATA_BLOB gensec_skey;
548 struct {
549 int32_t level;
550 } array[] = {
551 /* {
552 5
553 },
554 */ {
555 8
556 }
557 };
558
559 ZERO_STRUCT(null_guid);
560 ZERO_STRUCT(null_sid);
561
562 partition = lp_parm_string(-1, "dssync", "partition");
563 if (partition == NULL) {
564 partition = ctx->domain_dn;
565 printf("dssync:partition not specified, defaulting to %s.\n", ctx->domain_dn);
566 }
567
568 highest_usn = lp_parm_int(-1, "dssync", "highest_usn", 0);
569
570 array[0].level = lp_parm_int(-1, "dssync", "get_nc_changes_level", array[0].level);
571
572 if (lp_parm_bool(-1,"dssync","print_pwd_blobs",False)) {
573 const struct samr_Password *nthash;
574 nthash = cli_credentials_get_nt_hash(ctx->new_dc.credentials, ctx);
575 if (nthash) {
576 DEBUG(0,("CREDENTIALS nthash:\n"));
577 dump_data(0, nthash->hash, sizeof(nthash->hash));
578 }
579 }
580 status = gensec_session_key(ctx->new_dc.drsuapi.pipe->conn->security_state.generic_state,
581 &gensec_skey);
582 if (!NT_STATUS_IS_OK(status)) {
583 printf("failed to get gensec session key: %s\n", nt_errstr(status));
584 return False;
585 }
586
587 for (i=0; i < ARRAY_SIZE(array); i++) {
588 printf("testing DsGetNCChanges level %d\n",
589 array[i].level);
590
591 r.in.bind_handle = &ctx->new_dc.drsuapi.bind_handle;
592 r.in.level = &array[i].level;
593
594 switch (*r.in.level) {
595 case 5:
596 nc.guid = null_guid;
597 nc.sid = null_sid;
598 nc.dn = partition;
599
600 r.in.req.req5.destination_dsa_guid = ctx->new_dc.invocation_id;
601 r.in.req.req5.source_dsa_invocation_id = null_guid;
602 r.in.req.req5.naming_context = &nc;
603 r.in.req.req5.highwatermark.tmp_highest_usn = highest_usn;
604 r.in.req.req5.highwatermark.reserved_usn = 0;
605 r.in.req.req5.highwatermark.highest_usn = highest_usn;
606 r.in.req.req5.uptodateness_vector = NULL;
607 r.in.req.req5.replica_flags = 0;
608 if (lp_parm_bool(-1,"dssync","compression",False)) {
609 r.in.req.req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
610 }
611 if (lp_parm_bool(-1,"dssync","neighbour_writeable",True)) {
612 r.in.req.req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
613 }
614 r.in.req.req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
615 | DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS
616 | DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS
617 | DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED
618 ;
619 r.in.req.req5.max_object_count = 133;
620 r.in.req.req5.max_ndr_size = 1336770;
621 r.in.req.req5.unknown4 = 0;
622 r.in.req.req5.h1 = 0;
623
624 break;
625 case 8:
626 nc.guid = null_guid;
627 nc.sid = null_sid;
628 nc.dn = partition;
629 /* nc.dn can be set to any other ad partition */
630
631 r.in.req.req8.destination_dsa_guid = ctx->new_dc.invocation_id;
632 r.in.req.req8.source_dsa_invocation_id = null_guid;
633 r.in.req.req8.naming_context = &nc;
634 r.in.req.req8.highwatermark.tmp_highest_usn = highest_usn;
635 r.in.req.req8.highwatermark.reserved_usn = 0;
636 r.in.req.req8.highwatermark.highest_usn = highest_usn;
637 r.in.req.req8.uptodateness_vector = NULL;
638 r.in.req.req8.replica_flags = 0;
639 if (lp_parm_bool(-1,"dssync","compression",False)) {
640 r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
641 }
642 if (lp_parm_bool(-1,"dssync","neighbour_writeable",True)) {
643 r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
644 }
645 r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
646 | DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS
647 | DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS
648 | DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED
649 ;
650 r.in.req.req8.max_object_count = 402;
651 r.in.req.req8.max_ndr_size = 402116;
652
653 r.in.req.req8.unknown4 = 0;
654 r.in.req.req8.h1 = 0;
655 r.in.req.req8.unique_ptr1 = 0;
656 r.in.req.req8.unique_ptr2 = 0;
657 r.in.req.req8.mapping_ctr.num_mappings = 0;
658 r.in.req.req8.mapping_ctr.mappings = NULL;
659
660 break;
661 }
662
663 printf("Dumping AD partition: %s\n", nc.dn);
664 for (y=0; ;y++) {
665 int32_t _level = 0;
666 ZERO_STRUCT(r.out);
667 r.out.level = &_level;
668
669 if (*r.in.level == 5) {
670 DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
671 (long long)r.in.req.req5.highwatermark.tmp_highest_usn,
672 (long long)r.in.req.req5.highwatermark.highest_usn));
673 }
674
675 if (*r.in.level == 8) {
676 DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
677 (long long)r.in.req.req8.highwatermark.tmp_highest_usn,
678 (long long)r.in.req.req8.highwatermark.highest_usn));
679 }
680
681 status = dcerpc_drsuapi_DsGetNCChanges(ctx->new_dc.drsuapi.pipe, ctx, &r);
682 if (!NT_STATUS_IS_OK(status)) {
683 const char *errstr = nt_errstr(status);
684 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
685 errstr = dcerpc_errstr(ctx, ctx->new_dc.drsuapi.pipe->last_fault_code);
686 }
687 printf("dcerpc_drsuapi_DsGetNCChanges failed - %s\n", errstr);
688 ret = False;
689 } else if (!W_ERROR_IS_OK(r.out.result)) {
690 printf("DsGetNCChanges failed - %s\n", win_errstr(r.out.result));
691 ret = False;
692 }
693
694 if (ret == True && *r.out.level == 1) {
695 out_level = 1;
696 ctr1 = &r.out.ctr.ctr1;
697 } else if (ret == True && *r.out.level == 2) {
698 out_level = 1;
699 ctr1 = r.out.ctr.ctr2.ctr.mszip1.ctr1;
700 }
701
702 if (out_level == 1) {
703 DEBUG(0,("end[%d] tmp_highest_usn: %llu , highest_usn: %llu\n",y,
704 (long long)ctr1->new_highwatermark.tmp_highest_usn,
705 (long long)ctr1->new_highwatermark.highest_usn));
706
707 test_analyse_objects(ctx, &gensec_skey, ctr1->first_object);
708
709 if (ctr1->new_highwatermark.tmp_highest_usn > ctr1->new_highwatermark.highest_usn) {
710 r.in.req.req5.highwatermark = ctr1->new_highwatermark;
711 continue;
712 }
713 }
714
715 if (ret == True && *r.out.level == 6) {
716 out_level = 6;
717 ctr6 = &r.out.ctr.ctr6;
718 } else if (ret == True && *r.out.level == 7
719 && r.out.ctr.ctr7.level == 6
720 && r.out.ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP) {
721 out_level = 6;
722 ctr6 = r.out.ctr.ctr7.ctr.mszip6.ctr6;
723 }
724
725 if (out_level == 6) {
726 DEBUG(0,("end[%d] tmp_highest_usn: %llu , highest_usn: %llu\n",y,
727 (long long)ctr6->new_highwatermark.tmp_highest_usn,
728 (long long)ctr6->new_highwatermark.highest_usn));
729
730 test_analyse_objects(ctx, &gensec_skey, ctr6->first_object);
731
732 if (ctr6->new_highwatermark.tmp_highest_usn > ctr6->new_highwatermark.highest_usn) {
733 r.in.req.req8.highwatermark = ctr6->new_highwatermark;
734 continue;
735 }
736 }
737
738 break;
739 }
740 }
741
742 return ret;
743 }
744
745 static BOOL test_FetchNT4Data(struct DsSyncTest *ctx)
746 {
747 NTSTATUS status;
748 BOOL ret = True;
749 struct drsuapi_DsGetNT4ChangeLog r;
750 struct GUID null_guid;
751 struct dom_sid null_sid;
752 DATA_BLOB cookie;
753
754 ZERO_STRUCT(null_guid);
755 ZERO_STRUCT(null_sid);
756 ZERO_STRUCT(cookie);
757
758 ZERO_STRUCT(r);
759 r.in.bind_handle = &ctx->new_dc.drsuapi.bind_handle;
760 r.in.level = 1;
761
762 r.in.req.req1.unknown1 = lp_parm_int(-1, "dssync", "nt4-1", 3);
763 r.in.req.req1.unknown2 = lp_parm_int(-1, "dssync", "nt4-2", 0x00004000);
764
765 while (1) {
766 r.in.req.req1.length = cookie.length;
767 r.in.req.req1.data = cookie.data;
768
769 status = dcerpc_drsuapi_DsGetNT4ChangeLog(ctx->new_dc.drsuapi.pipe, ctx, &r);
770 if (!NT_STATUS_IS_OK(status)) {
771 const char *errstr = nt_errstr(status);
772 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
773 errstr = dcerpc_errstr(ctx, ctx->new_dc.drsuapi.pipe->last_fault_code);
774 }
775 printf("dcerpc_drsuapi_DsGetNT4ChangeLog failed - %s\n", errstr);
776 ret = False;
777 } else if (W_ERROR_EQUAL(r.out.result, WERR_INVALID_DOMAIN_ROLE)) {
778 printf("DsGetNT4ChangeLog not supported by target server\n");
779 break;
780 } else if (!W_ERROR_IS_OK(r.out.result)) {
781 printf("DsGetNT4ChangeLog failed - %s\n", win_errstr(r.out.result));
782 ret = False;
783 } else if (r.out.level != 1) {
784 printf("DsGetNT4ChangeLog unknown level - %u\n", r.out.level);
785 ret = False;
786 } else if (NT_STATUS_IS_OK(r.out.info.info1.status)) {
787 } else if (NT_STATUS_EQUAL(r.out.info.info1.status, STATUS_MORE_ENTRIES)) {
788 cookie.length = r.out.info.info1.length1;
789 cookie.data = r.out.info.info1.data1;
790 continue;
791 } else {
792 printf("DsGetNT4ChangeLog failed - %s\n", nt_errstr(r.out.info.info1.status));
793 ret = False;
794 }
795
796 break;
797 }
798
799 return ret;
800 }
801
802 BOOL torture_rpc_dssync(struct torture_context *torture)
803 {
804 BOOL ret = True;
805 TALLOC_CTX *mem_ctx;
806 struct DsSyncTest *ctx;
807
808 mem_ctx = talloc_init("torture_rpc_dssync");
809 ctx = test_create_context(mem_ctx);
810
811 ret &= _test_DsBind(ctx, ctx->admin.credentials, &ctx->admin.drsuapi);
812 if (!ret) {
813 return ret;
814 }
815 ret &= test_LDAPBind(ctx, ctx->admin.credentials, &ctx->admin.ldap);
816 if (!ret) {
817 return ret;
818 }
819 ret &= test_GetInfo(ctx);
820 ret &= _test_DsBind(ctx, ctx->new_dc.credentials, &ctx->new_dc.drsuapi);
821 if (!ret) {
822 return ret;
823 }
824 ret &= test_FetchData(ctx);
825 ret &= test_FetchNT4Data(ctx);
826
827 return ret;
828 }
Samba GIT mirror