search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
messaging: Add an indirection for messaging_dgm_register_tevent_context
[Samba.git] / nsswitch / libwbclient / tests / wbclient.c
blob0412bed0f222953f62d15d77a5fd580f143dc455
1 /*
2 Unix SMB/CIFS implementation.
3 SMB torture tester
4 Copyright (C) Guenther Deschner 2009-2010
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "lib/replace/replace.h"
21 #include "libcli/util/ntstatus.h"
22 #include "libcli/util/werror.h"
23 #include "lib/util/data_blob.h"
24 #include "lib/util/time.h"
25 #include "libcli/resolve/resolve.h"
26 #include "nsswitch/libwbclient/wbclient.h"
27 #include "torture/smbtorture.h"
28 #include "torture/winbind/proto.h"
29 #include "lib/util/util_net.h"
30 #include "lib/util/charset/charset.h"
31 #include "libcli/auth/libcli_auth.h"
32 #include "lib/param/param.h"
33 #include "lib/util/samba_util.h"
34 #include "lib/crypto/arcfour.h"
35 #include "auth/credentials/credentials.h"
36 #include "lib/cmdline/popt_common.h"
37
38 #define WBC_ERROR_EQUAL(x,y) (x == y)
39
40 #define torture_assert_wbc_equal(torture_ctx, got, expected, cmt, cmt_arg) \
41 do { wbcErr __got = got, __expected = expected; \
42 if (!WBC_ERROR_EQUAL(__got, __expected)) { \
43 torture_result(torture_ctx, TORTURE_FAIL, __location__": "#got" was %s, expected %s: " cmt, wbcErrorString(__got), wbcErrorString(__expected), cmt_arg); \
44 return false; \
45 } \
46 } while (0)
47
48 #define torture_assert_wbc_ok(torture_ctx,expr,cmt,cmt_arg) \
49 torture_assert_wbc_equal(torture_ctx,expr,WBC_ERR_SUCCESS,cmt,cmt_arg)
50
51 #define torture_assert_wbc_equal_goto_fail(torture_ctx, got, expected, cmt, cmt_arg) \
52 do { wbcErr __got = got, __expected = expected; \
53 if (!WBC_ERROR_EQUAL(__got, __expected)) { \
54 torture_result(torture_ctx, TORTURE_FAIL, __location__": "#got" was %s, expected %s: " cmt, wbcErrorString(__got), wbcErrorString(__expected), cmt_arg); \
55 goto fail; \
56 } \
57 } while (0)
58
59 #define torture_assert_wbc_ok_goto_fail(torture_ctx,expr,cmt,cmt_arg) \
60 torture_assert_wbc_equal_goto_fail(torture_ctx,expr,WBC_ERR_SUCCESS,cmt,cmt_arg)
61
62 #define torture_assert_str_equal_goto_fail(torture_ctx,got,expected,cmt)\
63 do { const char *__got = (got), *__expected = (expected); \
64 if (strcmp(__got, __expected) != 0) { \
65 torture_result(torture_ctx, TORTURE_FAIL, \
66 __location__": "#got" was %s, expected %s: %s", \
67 __got, __expected, cmt); \
68 goto fail;; \
69 } \
70 } while(0)
71
72 static bool test_wbc_ping(struct torture_context *tctx)
73 {
74 torture_assert_wbc_ok(tctx, wbcPing(),
75 "%s", "wbcPing failed");
76
77 return true;
78 }
79
80 static bool test_wbc_pingdc(struct torture_context *tctx)
81 {
82 struct wbcInterfaceDetails *details = NULL;
83 wbcErr ret = false;
84
85 torture_assert_wbc_equal_goto_fail(tctx,
86 wbcPingDc("random_string", NULL),
87 WBC_ERR_DOMAIN_NOT_FOUND,
88 "%s",
89 "wbcPingDc failed");
90 torture_assert_wbc_ok_goto_fail(tctx, wbcPingDc(NULL, NULL),
91 "%s", "wbcPingDc failed");
92
93 torture_assert_wbc_ok_goto_fail(tctx, wbcInterfaceDetails(&details),
94 "%s", "wbcInterfaceDetails failed");
95 torture_assert_goto(tctx, details, ret, fail,
96 "wbcInterfaceDetails returned NULL pointer");
97 torture_assert_goto(tctx, details->netbios_domain, ret, fail,
98 "wbcInterfaceDetails returned NULL netbios_domain");
99
100 torture_assert_wbc_ok_goto_fail(tctx,
101 wbcPingDc(details->netbios_domain, NULL),
102 "wbcPingDc(%s) failed",
103 details->netbios_domain);
104
105 torture_assert_wbc_ok_goto_fail(tctx,
106 wbcPingDc("BUILTIN", NULL),
107 "%s",
108 "wbcPingDc(BUILTIN) failed");
109
110 ret = true;
111 fail:
112 wbcFreeMemory(details);
113 return ret;
114 }
115
116 static bool test_wbc_pingdc2(struct torture_context *tctx)
117 {
118 struct wbcInterfaceDetails *details = NULL;
119 char *name = NULL;
120 wbcErr ret = false;
121
122 torture_assert_wbc_equal_goto_fail(tctx,
123 wbcPingDc2("random_string", NULL, &name),
124 WBC_ERR_DOMAIN_NOT_FOUND,
125 "%s",
126 "wbcPingDc2 failed");
127 torture_assert_wbc_ok_goto_fail(tctx,
128 wbcPingDc2(NULL, NULL, &name),
129 "%s",
130 "wbcPingDc2 failed");
131 wbcFreeMemory(name);
132 name = NULL;
133
134 torture_assert_wbc_ok_goto_fail(tctx,
135 wbcInterfaceDetails(&details),
136 "%s",
137 "wbcInterfaceDetails failed");
138 torture_assert_goto(tctx,
139 details,
140 ret,
141 fail,
142 "wbcInterfaceDetails returned NULL pointer");
143 torture_assert_goto(tctx,
144 details->netbios_domain,
145 ret,
146 fail,
147 "wbcInterfaceDetails returned NULL netbios_domain");
148
149 torture_assert_wbc_ok_goto_fail(tctx,
150 wbcPingDc2(details->netbios_domain, NULL, &name),
151 "wbcPingDc2(%s) failed",
152 details->netbios_domain);
153 wbcFreeMemory(name);
154 name = NULL;
155
156 torture_assert_wbc_ok_goto_fail(tctx,
157 wbcPingDc2("BUILTIN", NULL, &name),
158 "%s",
159 "wbcPingDc2(BUILTIN) failed");
160
161 ret = true;
162 fail:
163 wbcFreeMemory(name);
164 wbcFreeMemory(details);
165
166 return ret;
167 }
168
169 static bool test_wbc_library_details(struct torture_context *tctx)
170 {
171 struct wbcLibraryDetails *details;
172
173 torture_assert_wbc_ok(tctx, wbcLibraryDetails(&details),
174 "%s", "wbcLibraryDetails failed");
175 torture_assert(tctx, details,
176 "wbcLibraryDetails returned NULL pointer");
177
178 wbcFreeMemory(details);
179
180 return true;
181 }
182
183 static bool test_wbc_interface_details(struct torture_context *tctx)
184 {
185 struct wbcInterfaceDetails *details;
186
187 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
188 "%s", "wbcInterfaceDetails failed");
189 torture_assert(tctx, details,
190 "wbcInterfaceDetails returned NULL pointer");
191
192 wbcFreeMemory(details);
193
194 return true;
195 }
196
197 static bool test_wbc_sidtypestring(struct torture_context *tctx)
198 {
199 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_USE_NONE),
200 "SID_NONE", "SID_NONE failed");
201 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_USER),
202 "SID_USER", "SID_USER failed");
203 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_DOM_GRP),
204 "SID_DOM_GROUP", "SID_DOM_GROUP failed");
205 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_DOMAIN),
206 "SID_DOMAIN", "SID_DOMAIN failed");
207 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_ALIAS),
208 "SID_ALIAS", "SID_ALIAS failed");
209 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_WKN_GRP),
210 "SID_WKN_GROUP", "SID_WKN_GROUP failed");
211 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_DELETED),
212 "SID_DELETED", "SID_DELETED failed");
213 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_INVALID),
214 "SID_INVALID", "SID_INVALID failed");
215 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_UNKNOWN),
216 "SID_UNKNOWN", "SID_UNKNOWN failed");
217 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_COMPUTER),
218 "SID_COMPUTER", "SID_COMPUTER failed");
219 return true;
220 }
221
222 static bool test_wbc_sidtostring(struct torture_context *tctx)
223 {
224 struct wbcDomainSid sid;
225 const char *sid_string = "S-1-5-32";
226 char *sid_string2;
227
228 torture_assert_wbc_ok(tctx, wbcStringToSid(sid_string, &sid),
229 "wbcStringToSid of %s failed", sid_string);
230 torture_assert_wbc_ok(tctx, wbcSidToString(&sid, &sid_string2),
231 "wbcSidToString of %s failed", sid_string);
232 torture_assert_str_equal(tctx, sid_string, sid_string2,
233 "sid strings differ");
234 wbcFreeMemory(sid_string2);
235
236 return true;
237 }
238
239 static bool test_wbc_guidtostring(struct torture_context *tctx)
240 {
241 struct wbcGuid guid;
242 const char *guid_string = "f7cf07b4-1487-45c7-824d-8b18cc580811";
243 char *guid_string2;
244
245 torture_assert_wbc_ok(tctx, wbcStringToGuid(guid_string, &guid),
246 "wbcStringToGuid of %s failed", guid_string);
247 torture_assert_wbc_ok(tctx, wbcGuidToString(&guid, &guid_string2),
248 "wbcGuidToString of %s failed", guid_string);
249 torture_assert_str_equal(tctx, guid_string, guid_string2,
250 "guid strings differ");
251 wbcFreeMemory(guid_string2);
252
253 return true;
254 }
255
256 static bool test_wbc_domain_info(struct torture_context *tctx)
257 {
258 struct wbcDomainInfo *info = NULL;
259 struct wbcInterfaceDetails *details = NULL;
260 wbcErr ret = false;
261
262 torture_assert_wbc_ok_goto_fail(tctx,
263 wbcInterfaceDetails(&details),
264 "%s",
265 "wbcInterfaceDetails failed");
266 torture_assert_wbc_ok_goto_fail(tctx,
267 wbcDomainInfo(details->netbios_domain, &info),
268 "%s",
269 "wbcDomainInfo failed");
270
271 torture_assert_goto(tctx,
272 info,
273 ret,
274 fail,
275 "wbcDomainInfo returned NULL pointer");
276
277 ret = true;
278 fail:
279 wbcFreeMemory(details);
280 wbcFreeMemory(info);
281
282 return ret;
283 }
284
285 static bool test_wbc_users(struct torture_context *tctx)
286 {
287 const char *domain_name = NULL;
288 uint32_t num_users;
289 const char **users = NULL;
290 uint32_t i;
291 struct wbcInterfaceDetails *details = NULL;
292 struct wbcDomainSid *sids = NULL;
293 char *domain = NULL;
294 char *name = NULL;
295 char *sid_string = NULL;
296 wbcErr ret = false;
297
298 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
299 "%s", "wbcInterfaceDetails failed");
300
301 domain_name = talloc_strdup(tctx, details->netbios_domain);
302 torture_assert_goto(tctx,
303 domain_name != NULL,
304 ret,
305 fail,
306 "Failed to allocate domain_name");
307 wbcFreeMemory(details);
308 details = NULL;
309
310 torture_assert_wbc_ok_goto_fail(tctx,
311 wbcListUsers(domain_name, &num_users, &users),
312 "%s",
313 "wbcListUsers failed");
314 torture_assert_goto(tctx,
315 !(num_users > 0 && !users),
316 ret,
317 fail,
318 "wbcListUsers returned invalid results");
319
320 for (i = 0; i < MIN(num_users, 100); i++) {
321 struct wbcDomainSid sid;
322 enum wbcSidType name_type;
323 uint32_t num_sids;
324
325 torture_assert_wbc_ok_goto_fail(tctx,
326 wbcLookupName(domain_name, users[i], &sid, &name_type),
327 "wbcLookupName of %s failed",
328 users[i]);
329 torture_assert_int_equal_goto(tctx,
330 name_type, WBC_SID_NAME_USER,
331 ret,
332 fail,
333 "wbcLookupName expected WBC_SID_NAME_USER");
334 wbcSidToString(&sid, &sid_string);
335 torture_assert_wbc_ok_goto_fail(tctx,
336 wbcLookupSid(&sid,
337 &domain,
338 &name,
339 &name_type),
340 "wbcLookupSid of %s failed",
341 sid_string);
342 torture_assert_int_equal_goto(tctx,
343 name_type, WBC_SID_NAME_USER,
344 ret,
345 fail,
346 "wbcLookupSid of expected WBC_SID_NAME_USER");
347 torture_assert_goto(tctx,
348 name,
349 ret,
350 fail,
351 "wbcLookupSid returned no name");
352 wbcFreeMemory(domain);
353 domain = NULL;
354 wbcFreeMemory(name);
355 name = NULL;
356
357 torture_assert_wbc_ok_goto_fail(tctx,
358 wbcLookupUserSids(&sid, true, &num_sids, &sids),
359 "wbcLookupUserSids of %s failed", sid_string);
360 torture_assert_wbc_ok_goto_fail(tctx,
361 wbcGetDisplayName(&sid,
362 &domain,
363 &name,
364 &name_type),
365 "wbcGetDisplayName of %s failed",
366 sid_string);
367 wbcFreeMemory(domain);
368 domain = NULL;
369 wbcFreeMemory(name);
370 name = NULL;
371 wbcFreeMemory(sids);
372 sids = NULL;
373 wbcFreeMemory(sid_string);
374 sid_string = NULL;
375 }
376
377 ret = true;
378 fail:
379 wbcFreeMemory(details);
380 wbcFreeMemory(users);
381 wbcFreeMemory(domain);
382 wbcFreeMemory(name);
383 wbcFreeMemory(sids);
384 wbcFreeMemory(sid_string);
385
386 return ret;
387 }
388
389 static bool test_wbc_groups(struct torture_context *tctx)
390 {
391 wbcErr ret = false;
392 const char *domain_name = NULL;
393 uint32_t num_groups;
394 const char **groups = NULL;
395 uint32_t i;
396 struct wbcInterfaceDetails *details = NULL;
397 char *domain = NULL;
398 char *name = NULL;
399 char *sid_string = NULL;
400
401 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
402 "%s", "wbcInterfaceDetails failed");
403
404 domain_name = talloc_strdup(tctx, details->netbios_domain);
405 torture_assert_goto(tctx,
406 domain_name != NULL,
407 ret,
408 fail,
409 "Failed to allocate domain_name");
410 wbcFreeMemory(details);
411 details = NULL;
412
413 torture_assert_wbc_ok_goto_fail(tctx,
414 wbcListGroups(domain_name, &num_groups, &groups),
415 "wbcListGroups in %s failed",
416 domain_name);
417 torture_assert_goto(tctx,
418 !(num_groups > 0 && !groups),
419 ret,
420 fail,
421 "wbcListGroups returned invalid results");
422
423 for (i=0; i < MIN(num_groups,100); i++) {
424 struct wbcDomainSid sid;
425 enum wbcSidType name_type;
426
427 torture_assert_wbc_ok_goto_fail(tctx,
428 wbcLookupName(domain_name,
429 groups[i],
430 &sid,
431 &name_type),
432 "wbcLookupName for %s failed",
433 domain_name);
434 wbcSidToString(&sid, &sid_string);
435 torture_assert_wbc_ok_goto_fail(tctx,
436 wbcLookupSid(&sid,
437 &domain,
438 &name,
439 &name_type),
440 "wbcLookupSid of %s failed",
441 sid_string);
442 torture_assert_goto(tctx,
443 name,
444 ret,
445 fail,
446 "wbcLookupSid returned no name");
447
448 wbcFreeMemory(domain);
449 domain = NULL;
450 wbcFreeMemory(name);
451 name = NULL;
452 wbcFreeMemory(sid_string);
453 sid_string = NULL;
454 }
455
456 ret = true;
457 fail:
458 wbcFreeMemory(details);
459 wbcFreeMemory(groups);
460 wbcFreeMemory(domain);
461 wbcFreeMemory(name);
462 wbcFreeMemory(sid_string);
463
464 return ret;
465 }
466
467 static bool test_wbc_trusts(struct torture_context *tctx)
468 {
469 struct wbcDomainInfo *domains = NULL;
470 struct wbcAuthErrorInfo *error = NULL;
471 size_t num_domains;
472 uint32_t i;
473 wbcErr ret = false;
474
475 torture_assert_wbc_ok_goto_fail(tctx,
476 wbcListTrusts(&domains, &num_domains),
477 "%s",
478 "wbcListTrusts failed");
479 torture_assert_goto(tctx,
480 !(num_domains > 0 && !domains),
481 ret,
482 fail,
483 "wbcListTrusts returned invalid results");
484
485 for (i=0; i < MIN(num_domains,100); i++) {
486
487 /*
488 struct wbcDomainSid sid;
489 enum wbcSidType name_type;
490 char *domain;
491 char *name;
492 */
493 torture_assert_wbc_ok_goto_fail(tctx,
494 wbcCheckTrustCredentials(domains[i].short_name,
495 &error),
496 "%s",
497 "wbcCheckTrustCredentials failed");
498 /*
499 torture_assert_wbc_ok(tctx, wbcLookupName(domains[i].short_name, NULL, &sid, &name_type),
500 "wbcLookupName failed");
501 torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_DOMAIN,
502 "wbcLookupName expected WBC_SID_NAME_DOMAIN");
503 torture_assert_wbc_ok(tctx, wbcLookupSid(&sid, &domain, &name, &name_type),
504 "wbcLookupSid failed");
505 torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_DOMAIN,
506 "wbcLookupSid expected WBC_SID_NAME_DOMAIN");
507 torture_assert(tctx, name,
508 "wbcLookupSid returned no name");
509 */
510 wbcFreeMemory(error);
511 error = NULL;
512 }
513
514 ret = true;
515 fail:
516 wbcFreeMemory(domains);
517 wbcFreeMemory(error);
518
519 return ret;
520 }
521
522 static bool test_wbc_lookupdc(struct torture_context *tctx)
523 {
524 const char *domain_name = NULL;
525 struct wbcInterfaceDetails *details;
526 struct wbcDomainControllerInfo *dc_info;
527
528 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
529 "%s", "wbcInterfaceDetails failed");
530
531 domain_name = talloc_strdup(tctx, details->netbios_domain);
532 wbcFreeMemory(details);
533
534 torture_assert_wbc_ok(tctx, wbcLookupDomainController(domain_name, 0, &dc_info),
535 "wbcLookupDomainController for %s failed", domain_name);
536 wbcFreeMemory(dc_info);
537
538 return true;
539 }
540
541 static bool test_wbc_lookupdcex(struct torture_context *tctx)
542 {
543 const char *domain_name = NULL;
544 struct wbcInterfaceDetails *details;
545 struct wbcDomainControllerInfoEx *dc_info;
546
547 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
548 "%s", "wbcInterfaceDetails failed");
549
550 domain_name = talloc_strdup(tctx, details->netbios_domain);
551 wbcFreeMemory(details);
552
553 torture_assert_wbc_ok(tctx, wbcLookupDomainControllerEx(domain_name, NULL, NULL, 0, &dc_info),
554 "wbcLookupDomainControllerEx for %s failed", domain_name);
555 wbcFreeMemory(dc_info);
556
557 return true;
558 }
559
560 static bool test_wbc_resolve_winsbyname(struct torture_context *tctx)
561 {
562 const char *name;
563 char *ip;
564 wbcErr ret;
565
566 name = torture_setting_string(tctx, "host", NULL);
567
568 torture_comment(tctx, "test-WinsByName: host='%s'\n", name);
569
570 ret = wbcResolveWinsByName(name, &ip);
571
572 if (is_ipaddress(name)) {
573 torture_assert_wbc_equal(tctx, ret, WBC_ERR_DOMAIN_NOT_FOUND, "wbcResolveWinsByName of %s failed", name);
574 } else {
575 torture_assert_wbc_ok(tctx, ret, "wbcResolveWinsByName for %s failed", name);
576 }
577
578 return true;
579 }
580
581 static bool test_wbc_resolve_winsbyip(struct torture_context *tctx)
582 {
583 const char *ip;
584 const char *host;
585 struct nbt_name nbt_name;
586 char *name;
587 wbcErr ret;
588 NTSTATUS status;
589
590 host = torture_setting_string(tctx, "host", NULL);
591
592 torture_comment(tctx, "test-WinsByIp: host='%s'\n", host);
593
594 make_nbt_name_server(&nbt_name, host);
595
596 status = resolve_name_ex(lpcfg_resolve_context(tctx->lp_ctx),
597 0, 0, &nbt_name, tctx, &ip, tctx->ev);
598 torture_assert_ntstatus_ok(tctx, status,
599 talloc_asprintf(tctx,"Failed to resolve %s: %s",
600 nbt_name.name, nt_errstr(status)));
601
602 torture_comment(tctx, "test-WinsByIp: ip='%s'\n", ip);
603
604 ret = wbcResolveWinsByIP(ip, &name);
605
606 torture_assert_wbc_ok(tctx, ret, "wbcResolveWinsByIP for %s failed", ip);
607
608 wbcFreeMemory(name);
609
610 return true;
611 }
612
613 static bool test_wbc_lookup_rids(struct torture_context *tctx)
614 {
615 struct wbcDomainSid builtin;
616 uint32_t rids[2] = { 544, 545 };
617 const char *domain_name = NULL;
618 const char **names = NULL;
619 enum wbcSidType *types;
620 wbcErr ret = false;
621
622 wbcStringToSid("S-1-5-32", &builtin);
623
624 ret = wbcLookupRids(&builtin, 2, rids, &domain_name, &names,
625 &types);
626 torture_assert_wbc_ok_goto_fail(
627 tctx, ret, "%s", "wbcLookupRids for 544 and 545 failed");
628
629 torture_assert_str_equal(
630 tctx, names[0], "Administrators",
631 "S-1-5-32-544 not mapped to 'Administrators'");
632 torture_assert_str_equal_goto_fail(
633 tctx, names[1], "Users", "S-1-5-32-545 not mapped to 'Users'");
634
635 ret = true;
636 fail:
637 wbcFreeMemory(discard_const_p(char ,domain_name));
638 wbcFreeMemory(names);
639 wbcFreeMemory(types);
640 return ret;
641 }
642
643 static bool test_wbc_get_sidaliases(struct torture_context *tctx)
644 {
645 struct wbcDomainSid builtin;
646 struct wbcDomainInfo *info = NULL;
647 struct wbcInterfaceDetails *details = NULL;
648 struct wbcDomainSid sids[2];
649 uint32_t *rids = NULL;
650 uint32_t num_rids;
651 wbcErr ret = false;
652
653 torture_assert_wbc_ok_goto_fail(tctx,
654 wbcInterfaceDetails(&details),
655 "%s",
656 "wbcInterfaceDetails failed");
657 torture_assert_wbc_ok_goto_fail(tctx,
658 wbcDomainInfo(details->netbios_domain, &info),
659 "wbcDomainInfo of %s failed",
660 details->netbios_domain);
661
662 sids[0] = info->sid;
663 sids[0].sub_auths[sids[0].num_auths++] = 500;
664 sids[1] = info->sid;
665 sids[1].sub_auths[sids[1].num_auths++] = 512;
666
667 torture_assert_wbc_ok_goto_fail(tctx,
668 wbcStringToSid("S-1-5-32", &builtin),
669 "wbcStringToSid of %s failed",
670 "S-1-5-32");
671
672 ret = wbcGetSidAliases(&builtin, sids, 2, &rids, &num_rids);
673 torture_assert_wbc_ok_goto_fail(tctx,
674 ret,
675 "%s",
676 "wbcGetSidAliases failed");
677
678 ret = true;
679 fail:
680 wbcFreeMemory(details);
681 wbcFreeMemory(info);
682 wbcFreeMemory(rids);
683 return ret;
684 }
685
686 static bool test_wbc_authenticate_user_int(struct torture_context *tctx,
687 const char *correct_password)
688 {
689 struct wbcAuthUserParams params;
690 struct wbcAuthUserInfo *info = NULL;
691 struct wbcAuthErrorInfo *error = NULL;
692 wbcErr ret;
693
694 ret = wbcAuthenticateUser(cli_credentials_get_username(cmdline_credentials), correct_password);
695 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
696 "wbcAuthenticateUser of %s failed",
697 cli_credentials_get_username(cmdline_credentials));
698
699 ZERO_STRUCT(params);
700 params.account_name = cli_credentials_get_username(cmdline_credentials);
701 params.level = WBC_AUTH_USER_LEVEL_PLAIN;
702 params.password.plaintext = correct_password;
703
704 ret = wbcAuthenticateUserEx(&params, &info, &error);
705 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
706 "wbcAuthenticateUserEx of %s failed", params.account_name);
707 wbcFreeMemory(info);
708 info = NULL;
709
710 wbcFreeMemory(error);
711 error = NULL;
712
713 params.password.plaintext = "wrong";
714 ret = wbcAuthenticateUserEx(&params, &info, &error);
715 torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR,
716 "wbcAuthenticateUserEx for %s succeeded where it "
717 "should have failed", params.account_name);
718 wbcFreeMemory(info);
719 info = NULL;
720
721 wbcFreeMemory(error);
722 error = NULL;
723
724 return true;
725 }
726
727 static bool test_wbc_authenticate_user(struct torture_context *tctx)
728 {
729 return test_wbc_authenticate_user_int(tctx, cli_credentials_get_password(cmdline_credentials));
730 }
731
732 static bool test_wbc_change_password(struct torture_context *tctx)
733 {
734 wbcErr ret;
735 const char *oldpass = cli_credentials_get_password(cmdline_credentials);
736 const char *newpass = "Koo8irei%$";
737
738 struct samr_CryptPassword new_nt_password;
739 struct samr_CryptPassword new_lm_password;
740 struct samr_Password old_nt_hash_enc;
741 struct samr_Password old_lanman_hash_enc;
742
743 uint8_t old_nt_hash[16];
744 uint8_t old_lanman_hash[16];
745 uint8_t new_nt_hash[16];
746 uint8_t new_lanman_hash[16];
747
748 struct wbcChangePasswordParams params;
749
750 if (oldpass == NULL) {
751 torture_skip(tctx,
752 "skipping wbcChangeUserPassword test as old password cannot be retrieved\n");
753 }
754
755 ZERO_STRUCT(params);
756
757 E_md4hash(oldpass, old_nt_hash);
758 E_md4hash(newpass, new_nt_hash);
759
760 if (lpcfg_client_lanman_auth(tctx->lp_ctx) &&
761 E_deshash(newpass, new_lanman_hash) &&
762 E_deshash(oldpass, old_lanman_hash)) {
763
764 /* E_deshash returns false for 'long' passwords (> 14
765 DOS chars). This allows us to match Win2k, which
766 does not store a LM hash for these passwords (which
767 would reduce the effective password length to 14) */
768
769 encode_pw_buffer(new_lm_password.data, newpass, STR_UNICODE);
770 arcfour_crypt(new_lm_password.data, old_nt_hash, 516);
771 E_old_pw_hash(new_nt_hash, old_lanman_hash,
772 old_lanman_hash_enc.hash);
773
774 params.old_password.response.old_lm_hash_enc_length =
775 sizeof(old_lanman_hash_enc.hash);
776 params.old_password.response.old_lm_hash_enc_data =
777 old_lanman_hash_enc.hash;
778 params.new_password.response.lm_length =
779 sizeof(new_lm_password.data);
780 params.new_password.response.lm_data =
781 new_lm_password.data;
782 } else {
783 ZERO_STRUCT(new_lm_password);
784 ZERO_STRUCT(old_lanman_hash_enc);
785 }
786
787 encode_pw_buffer(new_nt_password.data, newpass, STR_UNICODE);
788
789 arcfour_crypt(new_nt_password.data, old_nt_hash, 516);
790 E_old_pw_hash(new_nt_hash, old_nt_hash, old_nt_hash_enc.hash);
791
792 params.old_password.response.old_nt_hash_enc_length =
793 sizeof(old_nt_hash_enc.hash);
794 params.old_password.response.old_nt_hash_enc_data =
795 old_nt_hash_enc.hash;
796 params.new_password.response.nt_length = sizeof(new_nt_password.data);
797 params.new_password.response.nt_data = new_nt_password.data;
798
799 params.level = WBC_CHANGE_PASSWORD_LEVEL_RESPONSE;
800 params.account_name = cli_credentials_get_username(cmdline_credentials);
801 params.domain_name = cli_credentials_get_domain(cmdline_credentials);
802
803 ret = wbcChangeUserPasswordEx(&params, NULL, NULL, NULL);
804 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
805 "wbcChangeUserPassword for %s failed", params.account_name);
806
807 if (!test_wbc_authenticate_user_int(tctx, newpass)) {
808 return false;
809 }
810
811 ret = wbcChangeUserPassword(cli_credentials_get_username(cmdline_credentials), newpass,
812 cli_credentials_get_password(cmdline_credentials));
813 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
814 "wbcChangeUserPassword for %s failed", params.account_name);
815
816 return test_wbc_authenticate_user_int(tctx, cli_credentials_get_password(cmdline_credentials));
817 }
818
819 static bool test_wbc_logon_user(struct torture_context *tctx)
820 {
821 struct wbcLogonUserParams params;
822 struct wbcLogonUserInfo *info = NULL;
823 struct wbcAuthErrorInfo *error = NULL;
824 struct wbcUserPasswordPolicyInfo *policy = NULL;
825 struct wbcInterfaceDetails *iface;
826 struct wbcDomainSid sid;
827 enum wbcSidType sidtype;
828 char *sidstr;
829 wbcErr ret;
830
831 ZERO_STRUCT(params);
832
833 ret = wbcLogonUser(&params, &info, &error, &policy);
834 torture_assert_wbc_equal(tctx, ret, WBC_ERR_INVALID_PARAM,
835 "%s", "wbcLogonUser succeeded for NULL where it should "
836 "have failed");
837
838 params.username = cli_credentials_get_username(cmdline_credentials);
839 params.password = cli_credentials_get_password(cmdline_credentials);
840
841 ret = wbcAddNamedBlob(&params.num_blobs, &params.blobs,
842 "foo", 0, discard_const_p(uint8_t, "bar"), 4);
843 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
844 "%s", "wbcAddNamedBlob failed");
845
846 ret = wbcLogonUser(&params, &info, &error, &policy);
847 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
848 "wbcLogonUser for %s failed", params.username);
849 wbcFreeMemory(info); info = NULL;
850 wbcFreeMemory(error); error = NULL;
851 wbcFreeMemory(policy); policy = NULL;
852
853 params.password = "wrong";
854
855 ret = wbcLogonUser(&params, &info, &error, &policy);
856 torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR,
857 "wbcLogonUser for %s should have failed with "
858 "WBC_ERR_AUTH_ERROR", params.username);
859 wbcFreeMemory(info); info = NULL;
860 wbcFreeMemory(error); error = NULL;
861 wbcFreeMemory(policy); policy = NULL;
862
863 ret = wbcAddNamedBlob(&params.num_blobs, &params.blobs,
864 "membership_of", 0,
865 discard_const_p(uint8_t, "S-1-2-3-4"),
866 strlen("S-1-2-3-4")+1);
867 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
868 "%s", "wbcAddNamedBlob failed");
869 params.password = cli_credentials_get_password(cmdline_credentials);
870 ret = wbcLogonUser(&params, &info, &error, &policy);
871 torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR,
872 "wbcLogonUser for %s should have failed with "
873 "WBC_ERR_AUTH_ERROR", params.username);
874 wbcFreeMemory(info); info = NULL;
875 wbcFreeMemory(error); error = NULL;
876 wbcFreeMemory(policy); policy = NULL;
877 wbcFreeMemory(params.blobs);
878 params.blobs = NULL; params.num_blobs = 0;
879
880 ret = wbcInterfaceDetails(&iface);
881 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
882 "%s", "wbcInterfaceDetails failed");
883
884 ret = wbcLookupName(iface->netbios_domain, cli_credentials_get_username(cmdline_credentials), &sid,
885 &sidtype);
886 wbcFreeMemory(iface);
887 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
888 "wbcLookupName for %s failed", cli_credentials_get_username(cmdline_credentials));
889
890 ret = wbcSidToString(&sid, &sidstr);
891 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
892 "%s", "wbcSidToString failed");
893
894 ret = wbcAddNamedBlob(&params.num_blobs, &params.blobs,
895 "membership_of", 0,
896 (uint8_t *)sidstr, strlen(sidstr)+1);
897 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
898 "%s", "wbcAddNamedBlob failed");
899 wbcFreeMemory(sidstr);
900 params.password = cli_credentials_get_password(cmdline_credentials);
901 ret = wbcLogonUser(&params, &info, &error, &policy);
902 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
903 "wbcLogonUser for %s failed", params.username);
904 wbcFreeMemory(info); info = NULL;
905 wbcFreeMemory(error); error = NULL;
906 wbcFreeMemory(policy); policy = NULL;
907 wbcFreeMemory(params.blobs);
908 params.blobs = NULL; params.num_blobs = 0;
909
910 return true;
911 }
912
913 static bool test_wbc_getgroups(struct torture_context *tctx)
914 {
915 wbcErr ret;
916 uint32_t num_groups;
917 gid_t *groups;
918
919 ret = wbcGetGroups(cli_credentials_get_username(cmdline_credentials), &num_groups, &groups);
920 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
921 "wbcGetGroups for %s failed", cli_credentials_get_username(cmdline_credentials));
922 wbcFreeMemory(groups);
923 return true;
924 }
925
926 struct torture_suite *torture_wbclient(void)
927 {
928 struct torture_suite *suite = torture_suite_create(talloc_autofree_context(), "wbclient");
929
930 torture_suite_add_simple_test(suite, "wbcPing", test_wbc_ping);
931 torture_suite_add_simple_test(suite, "wbcPingDc", test_wbc_pingdc);
932 torture_suite_add_simple_test(suite, "wbcPingDc2", test_wbc_pingdc2);
933 torture_suite_add_simple_test(suite, "wbcLibraryDetails", test_wbc_library_details);
934 torture_suite_add_simple_test(suite, "wbcInterfaceDetails", test_wbc_interface_details);
935 torture_suite_add_simple_test(suite, "wbcSidTypeString", test_wbc_sidtypestring);
936 torture_suite_add_simple_test(suite, "wbcSidToString", test_wbc_sidtostring);
937 torture_suite_add_simple_test(suite, "wbcGuidToString", test_wbc_guidtostring);
938 torture_suite_add_simple_test(suite, "wbcDomainInfo", test_wbc_domain_info);
939 torture_suite_add_simple_test(suite, "wbcListUsers", test_wbc_users);
940 torture_suite_add_simple_test(suite, "wbcListGroups", test_wbc_groups);
941 torture_suite_add_simple_test(suite, "wbcListTrusts", test_wbc_trusts);
942 torture_suite_add_simple_test(suite, "wbcLookupDomainController", test_wbc_lookupdc);
943 torture_suite_add_simple_test(suite, "wbcLookupDomainControllerEx", test_wbc_lookupdcex);
944 torture_suite_add_simple_test(suite, "wbcResolveWinsByName", test_wbc_resolve_winsbyname);
945 torture_suite_add_simple_test(suite, "wbcResolveWinsByIP", test_wbc_resolve_winsbyip);
946 torture_suite_add_simple_test(suite, "wbcLookupRids",
947 test_wbc_lookup_rids);
948 torture_suite_add_simple_test(suite, "wbcGetSidAliases",
949 test_wbc_get_sidaliases);
950 torture_suite_add_simple_test(suite, "wbcAuthenticateUser",
951 test_wbc_authenticate_user);
952 torture_suite_add_simple_test(suite, "wbcLogonUser",
953 test_wbc_logon_user);
954 torture_suite_add_simple_test(suite, "wbcChangeUserPassword",
955 test_wbc_change_password);
956 torture_suite_add_simple_test(suite, "wbcGetGroups",
957 test_wbc_getgroups);
958
959 return suite;
960 }
Samba GIT mirror