2 Unix SMB/CIFS implementation.
3 Test suite for libnet calls.
5 Copyright (C) Rafal Szczesniak 2006
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "lib/cmdline/popt_common.h"
24 #include "libnet/libnet.h"
25 #include "librpc/gen_ndr/ndr_samr_c.h"
26 #include "librpc/gen_ndr/ndr_lsa_c.h"
27 #include "torture/rpc/torture_rpc.h"
28 #include "param/param.h"
29 #include "torture/libnet/proto.h"
32 static bool test_opendomain_samr(struct torture_context
*tctx
,
33 struct dcerpc_binding_handle
*b
, TALLOC_CTX
*mem_ctx
,
34 struct policy_handle
*handle
, struct lsa_String
*domname
,
35 uint32_t *access_mask
, struct dom_sid
**sid_p
)
37 struct policy_handle h
, domain_handle
;
38 struct samr_Connect r1
;
39 struct samr_LookupDomain r2
;
40 struct dom_sid2
*sid
= NULL
;
41 struct samr_OpenDomain r3
;
43 torture_comment(tctx
, "connecting\n");
45 *access_mask
= SEC_FLAG_MAXIMUM_ALLOWED
;
47 r1
.in
.system_name
= 0;
48 r1
.in
.access_mask
= *access_mask
;
49 r1
.out
.connect_handle
= &h
;
51 torture_assert_ntstatus_ok(tctx
,
52 dcerpc_samr_Connect_r(b
, mem_ctx
, &r1
),
54 torture_assert_ntstatus_ok(tctx
, r1
.out
.result
,
57 r2
.in
.connect_handle
= &h
;
58 r2
.in
.domain_name
= domname
;
61 torture_comment(tctx
, "domain lookup on %s\n", domname
->string
);
63 torture_assert_ntstatus_ok(tctx
,
64 dcerpc_samr_LookupDomain_r(b
, mem_ctx
, &r2
),
65 "LookupDomain failed");
66 torture_assert_ntstatus_ok(tctx
, r2
.out
.result
,
67 "LookupDomain failed");
69 r3
.in
.connect_handle
= &h
;
70 r3
.in
.access_mask
= *access_mask
;
71 r3
.in
.sid
= *sid_p
= *r2
.out
.sid
;
72 r3
.out
.domain_handle
= &domain_handle
;
74 torture_comment(tctx
, "opening domain\n");
76 torture_assert_ntstatus_ok(tctx
,
77 dcerpc_samr_OpenDomain_r(b
, mem_ctx
, &r3
),
79 torture_assert_ntstatus_ok(tctx
, r3
.out
.result
,
82 *handle
= domain_handle
;
88 static bool test_opendomain_lsa(struct torture_context
*tctx
,
89 struct dcerpc_binding_handle
*b
, TALLOC_CTX
*mem_ctx
,
90 struct policy_handle
*handle
, struct lsa_String
*domname
,
91 uint32_t *access_mask
)
93 struct lsa_OpenPolicy2 open
;
94 struct lsa_ObjectAttribute attr
;
95 struct lsa_QosInfo qos
;
97 *access_mask
= SEC_FLAG_MAXIMUM_ALLOWED
;
103 qos
.impersonation_level
= 2;
104 qos
.context_mode
= 1;
105 qos
.effective_only
= 0;
109 open
.in
.system_name
= domname
->string
;
110 open
.in
.attr
= &attr
;
111 open
.in
.access_mask
= *access_mask
;
112 open
.out
.handle
= handle
;
114 torture_assert_ntstatus_ok(tctx
,
115 dcerpc_lsa_OpenPolicy2_r(b
, mem_ctx
, &open
),
116 "OpenPolicy2 failed");
117 torture_assert_ntstatus_ok(tctx
, open
.out
.result
,
118 "OpenPolicy2 failed");
123 bool torture_domain_open_lsa(struct torture_context
*torture
)
127 struct libnet_context
*ctx
;
128 struct libnet_DomainOpen r
;
129 struct lsa_Close lsa_close
;
130 struct policy_handle h
;
131 const char *domain_name
;
133 /* we're accessing domain controller so the domain name should be
134 passed (it's going to be resolved to dc name and address) instead
135 of specific server name. */
136 domain_name
= lpcfg_workgroup(torture
->lp_ctx
);
138 ctx
= libnet_context_init(torture
->ev
, torture
->lp_ctx
);
140 torture_comment(torture
, "failed to create libnet context\n");
144 ctx
->cred
= cmdline_credentials
;
147 r
.in
.type
= DOMAIN_LSA
;
148 r
.in
.domain_name
= domain_name
;
149 r
.in
.access_mask
= SEC_FLAG_MAXIMUM_ALLOWED
;
151 status
= libnet_DomainOpen(ctx
, torture
, &r
);
152 if (!NT_STATUS_IS_OK(status
)) {
153 torture_comment(torture
, "failed to open domain on lsa service: %s\n", nt_errstr(status
));
158 ZERO_STRUCT(lsa_close
);
159 lsa_close
.in
.handle
= &ctx
->lsa
.handle
;
160 lsa_close
.out
.handle
= &h
;
162 torture_assert_ntstatus_ok(torture
,
163 dcerpc_lsa_Close_r(ctx
->lsa
.pipe
->binding_handle
, ctx
, &lsa_close
),
164 "failed to close domain on lsa service");
165 torture_assert_ntstatus_ok(torture
, lsa_close
.out
.result
,
166 "failed to close domain on lsa service");
174 bool torture_domain_close_lsa(struct torture_context
*torture
)
178 TALLOC_CTX
*mem_ctx
=NULL
;
179 struct libnet_context
*ctx
;
180 struct lsa_String domain_name
;
181 struct dcerpc_binding
*binding
;
182 uint32_t access_mask
;
183 struct policy_handle h
;
184 struct dcerpc_pipe
*p
;
185 struct libnet_DomainClose r
;
187 status
= torture_rpc_binding(torture
, &binding
);
188 if (!NT_STATUS_IS_OK(status
)) {
192 ctx
= libnet_context_init(torture
->ev
, torture
->lp_ctx
);
194 torture_comment(torture
, "failed to create libnet context\n");
199 ctx
->cred
= cmdline_credentials
;
201 mem_ctx
= talloc_init("torture_domain_close_lsa");
202 status
= dcerpc_pipe_connect_b(mem_ctx
, &p
, binding
, &ndr_table_lsarpc
,
203 cmdline_credentials
, torture
->ev
, torture
->lp_ctx
);
204 if (!NT_STATUS_IS_OK(status
)) {
205 torture_comment(torture
, "failed to connect to server: %s\n", nt_errstr(status
));
210 domain_name
.string
= lpcfg_workgroup(torture
->lp_ctx
);
212 if (!test_opendomain_lsa(torture
, p
->binding_handle
, torture
, &h
, &domain_name
, &access_mask
)) {
213 torture_comment(torture
, "failed to open domain on lsa service\n");
219 ctx
->lsa
.name
= domain_name
.string
;
220 ctx
->lsa
.access_mask
= access_mask
;
224 r
.in
.type
= DOMAIN_LSA
;
225 r
.in
.domain_name
= domain_name
.string
;
227 status
= libnet_DomainClose(ctx
, mem_ctx
, &r
);
228 if (!NT_STATUS_IS_OK(status
)) {
234 talloc_free(mem_ctx
);
240 bool torture_domain_open_samr(struct torture_context
*torture
)
243 struct libnet_context
*ctx
;
245 struct policy_handle domain_handle
, handle
;
246 struct libnet_DomainOpen io
;
248 const char *domain_name
;
251 mem_ctx
= talloc_init("test_domainopen_lsa");
253 ctx
= libnet_context_init(torture
->ev
, torture
->lp_ctx
);
254 ctx
->cred
= cmdline_credentials
;
256 /* we're accessing domain controller so the domain name should be
257 passed (it's going to be resolved to dc name and address) instead
258 of specific server name. */
259 domain_name
= lpcfg_workgroup(torture
->lp_ctx
);
262 * Testing synchronous version
264 torture_comment(torture
, "opening domain\n");
266 io
.in
.type
= DOMAIN_SAMR
;
267 io
.in
.domain_name
= domain_name
;
268 io
.in
.access_mask
= SEC_FLAG_MAXIMUM_ALLOWED
;
270 status
= libnet_DomainOpen(ctx
, mem_ctx
, &io
);
271 if (!NT_STATUS_IS_OK(status
)) {
272 torture_comment(torture
, "Composite domain open failed for domain '%s' - %s\n",
273 domain_name
, nt_errstr(status
));
278 domain_handle
= ctx
->samr
.handle
;
280 r
.in
.handle
= &domain_handle
;
281 r
.out
.handle
= &handle
;
283 torture_comment(torture
, "closing domain handle\n");
285 torture_assert_ntstatus_ok(torture
,
286 dcerpc_samr_Close_r(ctx
->samr
.pipe
->binding_handle
, mem_ctx
, &r
),
288 torture_assert_ntstatus_ok(torture
, r
.out
.result
,
292 talloc_free(mem_ctx
);
299 bool torture_domain_close_samr(struct torture_context
*torture
)
303 TALLOC_CTX
*mem_ctx
= NULL
;
304 struct libnet_context
*ctx
;
305 struct lsa_String domain_name
;
306 struct dcerpc_binding
*binding
;
307 uint32_t access_mask
;
308 struct policy_handle h
;
309 struct dcerpc_pipe
*p
;
310 struct libnet_DomainClose r
;
313 status
= torture_rpc_binding(torture
, &binding
);
314 if (!NT_STATUS_IS_OK(status
)) {
318 ctx
= libnet_context_init(torture
->ev
, torture
->lp_ctx
);
320 torture_comment(torture
, "failed to create libnet context\n");
325 ctx
->cred
= cmdline_credentials
;
327 mem_ctx
= talloc_init("torture_domain_close_samr");
328 status
= dcerpc_pipe_connect_b(mem_ctx
, &p
, binding
, &ndr_table_samr
,
329 ctx
->cred
, torture
->ev
, torture
->lp_ctx
);
330 if (!NT_STATUS_IS_OK(status
)) {
331 torture_comment(torture
, "failed to connect to server: %s\n", nt_errstr(status
));
336 domain_name
.string
= talloc_strdup(mem_ctx
, lpcfg_workgroup(torture
->lp_ctx
));
338 if (!test_opendomain_samr(torture
, p
->binding_handle
, torture
, &h
, &domain_name
, &access_mask
, &sid
)) {
339 torture_comment(torture
, "failed to open domain on samr service\n");
345 ctx
->samr
.name
= talloc_steal(ctx
, domain_name
.string
);
346 ctx
->samr
.access_mask
= access_mask
;
347 ctx
->samr
.handle
= h
;
348 ctx
->samr
.sid
= talloc_steal(ctx
, sid
);
351 r
.in
.type
= DOMAIN_SAMR
;
352 r
.in
.domain_name
= domain_name
.string
;
354 status
= libnet_DomainClose(ctx
, mem_ctx
, &r
);
355 if (!NT_STATUS_IS_OK(status
)) {
361 talloc_free(mem_ctx
);
367 bool torture_domain_list(struct torture_context
*torture
)
371 TALLOC_CTX
*mem_ctx
= NULL
;
372 struct dcerpc_binding
*binding
;
373 struct libnet_context
*ctx
;
374 struct libnet_DomainList r
;
377 status
= torture_rpc_binding(torture
, &binding
);
378 if (!NT_STATUS_IS_OK(status
)) {
382 ctx
= libnet_context_init(torture
->ev
, torture
->lp_ctx
);
384 torture_comment(torture
, "failed to create libnet context\n");
389 ctx
->cred
= cmdline_credentials
;
391 mem_ctx
= talloc_init("torture_domain_close_samr");
394 * querying the domain list using default buffer size
398 r
.in
.hostname
= dcerpc_binding_get_string_option(binding
, "host");
400 status
= libnet_DomainList(ctx
, mem_ctx
, &r
);
401 if (!NT_STATUS_IS_OK(status
)) {
406 torture_comment(torture
, "Received list or domains (everything in one piece):\n");
408 for (i
= 0; i
< r
.out
.count
; i
++) {
409 torture_comment(torture
, "Name[%d]: %s\n", i
, r
.out
.domains
[i
].name
);
413 * querying the domain list using specified (much smaller) buffer size
416 ctx
->samr
.buf_size
= 32;
419 r
.in
.hostname
= dcerpc_binding_get_string_option(binding
, "host");
421 status
= libnet_DomainList(ctx
, mem_ctx
, &r
);
422 if (!NT_STATUS_IS_OK(status
)) {
427 torture_comment(torture
, "Received list or domains (collected in more than one round):\n");
429 for (i
= 0; i
< r
.out
.count
; i
++) {
430 torture_comment(torture
, "Name[%d]: %s\n", i
, r
.out
.domains
[i
].name
);
434 torture_comment(torture
, "\nStatus: %s\n", nt_errstr(status
));
436 talloc_free(mem_ctx
);