search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
libwbclient: Test WBC_CHANGE_PASSWORD_LEVEL_RESPONSE
[Samba/ekacnet.git] / nsswitch / libwbclient / tests / wbclient.c
blobf3f45be561760435a2afa04090d48c63bfcbdd85
1 /*
2 Unix SMB/CIFS implementation.
3 SMB torture tester
4 Copyright (C) Guenther Deschner 2009-2010
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "lib/replace/replace.h"
21 #include "libcli/util/ntstatus.h"
22 #include "libcli/util/werror.h"
23 #include "lib/util/data_blob.h"
24 #include "lib/util/time.h"
25 #include "nsswitch/libwbclient/wbclient.h"
26 #include "nsswitch/libwbclient/wbc_async.h"
27 #include "torture/smbtorture.h"
28 #include "torture/winbind/proto.h"
29 #include "lib/util/util_net.h"
30 #include "lib/util/charset/charset.h"
31 #include "libcli/auth/libcli_auth.h"
32 #include "source4/param/param.h"
33 #include "lib/util/util.h"
34 #include "lib/crypto/arcfour.h"
35
36 #define WBC_ERROR_EQUAL(x,y) (x == y)
37
38 #define torture_assert_wbc_equal(torture_ctx, got, expected, cmt) \
39 do { wbcErr __got = got, __expected = expected; \
40 if (!WBC_ERROR_EQUAL(__got, __expected)) { \
41 torture_result(torture_ctx, TORTURE_FAIL, __location__": "#got" was %s, expected %s: %s", wbcErrorString(__got), wbcErrorString(__expected), cmt); \
42 return false; \
43 } \
44 } while (0)
45
46 #define torture_assert_wbc_ok(torture_ctx,expr,cmt) \
47 torture_assert_wbc_equal(torture_ctx,expr,WBC_ERR_SUCCESS,cmt)
48
49
50 static void wbc_debug_torture(void *private_data, enum wbcDebugLevel level,
51 const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);
52 static void wbc_debug_torture(void *private_data, enum wbcDebugLevel level,
53 const char *fmt, va_list ap)
54 {
55 struct torture_context *tctx = talloc_get_type_abort(private_data,
56 struct torture_context);
57 torture_comment(tctx, "%s", talloc_vasprintf(tctx, fmt, ap));
58 }
59
60 static bool test_wbc_ping(struct torture_context *tctx)
61 {
62 torture_assert_wbc_ok(tctx, wbcPing(),
63 "wbcPing failed");
64
65 return true;
66 }
67
68 static bool test_wbc_ping_async(struct torture_context *tctx)
69 {
70 struct wb_context *wb_ctx;
71 struct tevent_req *req;
72
73 wb_ctx = wb_context_init(tctx, NULL);
74
75 req = wbcPing_send(tctx, tctx->ev, wb_ctx);
76 torture_assert(tctx, req, "wbcPing_send failed");
77
78 if(!tevent_req_poll(req, tctx->ev)) {
79 return false;
80 }
81 torture_assert_wbc_ok(tctx, wbcPing_recv(req), "wbcPing_recv failed");
82 return true;
83 }
84
85
86 static bool test_wbc_pingdc(struct torture_context *tctx)
87 {
88 torture_assert_wbc_equal(tctx, wbcPingDc("random_string", NULL), WBC_ERR_NOT_IMPLEMENTED,
89 "wbcPingDc failed");
90 torture_assert_wbc_ok(tctx, wbcPingDc(NULL, NULL),
91 "wbcPingDc failed");
92
93 return true;
94 }
95
96 static bool test_wbc_library_details(struct torture_context *tctx)
97 {
98 struct wbcLibraryDetails *details;
99
100 torture_assert_wbc_ok(tctx, wbcLibraryDetails(&details),
101 "wbcLibraryDetails failed");
102 torture_assert(tctx, details,
103 "wbcLibraryDetails returned NULL pointer");
104
105 wbcFreeMemory(details);
106
107 return true;
108 }
109
110 static bool test_wbc_interface_details(struct torture_context *tctx)
111 {
112 struct wbcInterfaceDetails *details;
113
114 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
115 "wbcInterfaceDetails failed");
116 torture_assert(tctx, details,
117 "wbcInterfaceDetails returned NULL pointer");
118
119 wbcFreeMemory(details);
120
121 return true;
122 }
123
124 static bool test_wbc_sidtypestring(struct torture_context *tctx)
125 {
126 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_USE_NONE),
127 "SID_NONE", "SID_NONE failed");
128 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_USER),
129 "SID_USER", "SID_USER failed");
130 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_DOM_GRP),
131 "SID_DOM_GROUP", "SID_DOM_GROUP failed");
132 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_DOMAIN),
133 "SID_DOMAIN", "SID_DOMAIN failed");
134 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_ALIAS),
135 "SID_ALIAS", "SID_ALIAS failed");
136 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_WKN_GRP),
137 "SID_WKN_GROUP", "SID_WKN_GROUP failed");
138 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_DELETED),
139 "SID_DELETED", "SID_DELETED failed");
140 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_INVALID),
141 "SID_INVALID", "SID_INVALID failed");
142 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_UNKNOWN),
143 "SID_UNKNOWN", "SID_UNKNOWN failed");
144 torture_assert_str_equal(tctx, wbcSidTypeString(WBC_SID_NAME_COMPUTER),
145 "SID_COMPUTER", "SID_COMPUTER failed");
146 return true;
147 }
148
149 static bool test_wbc_sidtostring(struct torture_context *tctx)
150 {
151 struct wbcDomainSid sid;
152 const char *sid_string = "S-1-5-32";
153 char *sid_string2;
154
155 torture_assert_wbc_ok(tctx, wbcStringToSid(sid_string, &sid),
156 "wbcStringToSid failed");
157 torture_assert_wbc_ok(tctx, wbcSidToString(&sid, &sid_string2),
158 "wbcSidToString failed");
159 torture_assert_str_equal(tctx, sid_string, sid_string2,
160 "sid strings differ");
161 wbcFreeMemory(sid_string2);
162
163 return true;
164 }
165
166 static bool test_wbc_guidtostring(struct torture_context *tctx)
167 {
168 struct wbcGuid guid;
169 const char *guid_string = "f7cf07b4-1487-45c7-824d-8b18cc580811";
170 char *guid_string2;
171
172 torture_assert_wbc_ok(tctx, wbcStringToGuid(guid_string, &guid),
173 "wbcStringToGuid failed");
174 torture_assert_wbc_ok(tctx, wbcGuidToString(&guid, &guid_string2),
175 "wbcGuidToString failed");
176 torture_assert_str_equal(tctx, guid_string, guid_string2,
177 "guid strings differ");
178 wbcFreeMemory(guid_string2);
179
180 return true;
181 }
182
183 static bool test_wbc_domain_info(struct torture_context *tctx)
184 {
185 struct wbcDomainInfo *info;
186 struct wbcInterfaceDetails *details;
187
188 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
189 "wbcInterfaceDetails failed");
190 torture_assert_wbc_ok(
191 tctx, wbcDomainInfo(details->netbios_domain, &info),
192 "wbcDomainInfo failed");
193 wbcFreeMemory(details);
194
195 torture_assert(tctx, info,
196 "wbcDomainInfo returned NULL pointer");
197 wbcFreeMemory(info);
198
199 return true;
200 }
201
202 static bool test_wbc_users(struct torture_context *tctx)
203 {
204 const char *domain_name = NULL;
205 uint32_t num_users;
206 const char **users;
207 int i;
208 struct wbcInterfaceDetails *details;
209
210 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
211 "wbcInterfaceDetails failed");
212
213 domain_name = talloc_strdup(tctx, details->netbios_domain);
214 wbcFreeMemory(details);
215
216 torture_assert_wbc_ok(tctx, wbcListUsers(domain_name, &num_users, &users),
217 "wbcListUsers failed");
218 torture_assert(tctx, !(num_users > 0 && !users),
219 "wbcListUsers returned invalid results");
220
221 for (i=0; i < MIN(num_users,100); i++) {
222
223 struct wbcDomainSid sid, *sids;
224 enum wbcSidType name_type;
225 char *domain;
226 char *name;
227 uint32_t num_sids;
228
229 torture_assert_wbc_ok(tctx, wbcLookupName(domain_name, users[i], &sid, &name_type),
230 "wbcLookupName failed");
231 torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_USER,
232 "wbcLookupName expected WBC_SID_NAME_USER");
233 torture_assert_wbc_ok(tctx, wbcLookupSid(&sid, &domain, &name, &name_type),
234 "wbcLookupSid failed");
235 torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_USER,
236 "wbcLookupSid expected WBC_SID_NAME_USER");
237 torture_assert(tctx, name,
238 "wbcLookupSid returned no name");
239 wbcFreeMemory(domain);
240 wbcFreeMemory(name);
241 torture_assert_wbc_ok(tctx, wbcLookupUserSids(&sid, true, &num_sids, &sids),
242 "wbcLookupUserSids failed");
243 torture_assert_wbc_ok(
244 tctx, wbcGetDisplayName(&sid, &domain, &name,
245 &name_type),
246 "wbcGetDisplayName failed");
247 wbcFreeMemory(domain);
248 wbcFreeMemory(name);
249 wbcFreeMemory(sids);
250 }
251 wbcFreeMemory(users);
252
253 return true;
254 }
255
256 static bool test_wbc_users_async(struct torture_context *tctx)
257 {
258 struct wb_context *wb_ctx;
259 struct tevent_req *req;
260 const char *domain_name = NULL;
261 uint32_t num_users;
262 const char **users;
263 int i;
264 struct wbcInterfaceDetails *details;
265
266 wb_ctx = wb_context_init(tctx, NULL);
267 wbcSetDebug(wb_ctx, wbc_debug_torture, tctx);
268
269 req = wbcInterfaceDetails_send(tctx, tctx->ev, wb_ctx);
270 torture_assert(tctx, req, "wbcInterfaceDetails_send failed");
271
272 if(!tevent_req_poll(req, tctx->ev)) {
273 return false;
274 }
275 torture_assert_wbc_ok(tctx,
276 wbcInterfaceDetails_recv(req, tctx, &details),
277 "wbcInterfaceDetails_recv failed");
278
279 domain_name = talloc_strdup(tctx, details->netbios_domain);
280 wbcFreeMemory(details);
281
282 /* No async implementation of this yet. */
283 torture_assert_wbc_ok(tctx, wbcListUsers(domain_name, &num_users, &users),
284 "wbcListUsers failed");
285 torture_assert(tctx, !(num_users > 0 && !users),
286 "wbcListUsers returned invalid results");
287
288 for (i=0; i < MIN(num_users,100); i++) {
289
290 struct wbcDomainSid sid, *sids;
291 enum wbcSidType name_type;
292 char *domain;
293 char *name;
294 uint32_t num_sids;
295
296 req = wbcLookupName_send(tctx, tctx->ev, wb_ctx, domain_name,
297 users[i]);
298 torture_assert(tctx, req, "wbcLookupName_send failed");
299
300 if(!tevent_req_poll(req, tctx->ev)) {
301 return false;
302 }
303
304 torture_assert_wbc_ok(tctx,
305 wbcLookupName_recv(req, &sid, &name_type),
306 "wbcLookupName_recv failed");
307
308 torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_USER,
309 "wbcLookupName expected WBC_SID_NAME_USER");
310 torture_assert_wbc_ok(tctx, wbcLookupSid(&sid, &domain, &name, &name_type),
311 "wbcLookupSid failed");
312 torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_USER,
313 "wbcLookupSid expected WBC_SID_NAME_USER");
314 torture_assert(tctx, name,
315 "wbcLookupSid returned no name");
316 wbcFreeMemory(domain);
317 wbcFreeMemory(name);
318 torture_assert_wbc_ok(tctx, wbcLookupUserSids(&sid, true, &num_sids, &sids),
319 "wbcLookupUserSids failed");
320 wbcFreeMemory(sids);
321 }
322 wbcFreeMemory(users);
323
324 return true;
325 }
326
327 static bool test_wbc_groups(struct torture_context *tctx)
328 {
329 const char *domain_name = NULL;
330 uint32_t num_groups;
331 const char **groups;
332 int i;
333 struct wbcInterfaceDetails *details;
334
335 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
336 "wbcInterfaceDetails failed");
337
338 domain_name = talloc_strdup(tctx, details->netbios_domain);
339 wbcFreeMemory(details);
340
341 torture_assert_wbc_ok(tctx, wbcListGroups(domain_name, &num_groups, &groups),
342 "wbcListGroups failed");
343 torture_assert(tctx, !(num_groups > 0 && !groups),
344 "wbcListGroups returned invalid results");
345
346 for (i=0; i < MIN(num_groups,100); i++) {
347
348 struct wbcDomainSid sid;
349 enum wbcSidType name_type;
350 char *domain;
351 char *name;
352
353 torture_assert_wbc_ok(tctx, wbcLookupName(domain_name, groups[i], &sid, &name_type),
354 "wbcLookupName failed");
355 torture_assert_wbc_ok(tctx, wbcLookupSid(&sid, &domain, &name, &name_type),
356 "wbcLookupSid failed");
357 torture_assert(tctx, name,
358 "wbcLookupSid returned no name");
359 }
360 wbcFreeMemory(groups);
361
362 return true;
363 }
364
365 static bool test_wbc_trusts(struct torture_context *tctx)
366 {
367 struct wbcDomainInfo *domains;
368 size_t num_domains;
369 int i;
370
371 torture_assert_wbc_ok(tctx, wbcListTrusts(&domains, &num_domains),
372 "wbcListTrusts failed");
373 torture_assert(tctx, !(num_domains > 0 && !domains),
374 "wbcListTrusts returned invalid results");
375
376 for (i=0; i < MIN(num_domains,100); i++) {
377
378 struct wbcAuthErrorInfo *error;
379 /*
380 struct wbcDomainSid sid;
381 enum wbcSidType name_type;
382 char *domain;
383 char *name;
384 */
385 torture_assert_wbc_ok(tctx, wbcCheckTrustCredentials(domains[i].short_name, &error),
386 "wbcCheckTrustCredentials failed");
387 /*
388 torture_assert_wbc_ok(tctx, wbcLookupName(domains[i].short_name, NULL, &sid, &name_type),
389 "wbcLookupName failed");
390 torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_DOMAIN,
391 "wbcLookupName expected WBC_SID_NAME_DOMAIN");
392 torture_assert_wbc_ok(tctx, wbcLookupSid(&sid, &domain, &name, &name_type),
393 "wbcLookupSid failed");
394 torture_assert_int_equal(tctx, name_type, WBC_SID_NAME_DOMAIN,
395 "wbcLookupSid expected WBC_SID_NAME_DOMAIN");
396 torture_assert(tctx, name,
397 "wbcLookupSid returned no name");
398 */
399 }
400 wbcFreeMemory(domains);
401
402 return true;
403 }
404
405 static bool test_wbc_lookupdc(struct torture_context *tctx)
406 {
407 const char *domain_name = NULL;
408 struct wbcInterfaceDetails *details;
409 struct wbcDomainControllerInfo *dc_info;
410
411 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
412 "wbcInterfaceDetails failed");
413
414 domain_name = talloc_strdup(tctx, details->netbios_domain);
415 wbcFreeMemory(details);
416
417 torture_assert_wbc_ok(tctx, wbcLookupDomainController(domain_name, 0, &dc_info),
418 "wbcLookupDomainController failed");
419 wbcFreeMemory(dc_info);
420
421 return true;
422 }
423
424 static bool test_wbc_lookupdcex(struct torture_context *tctx)
425 {
426 const char *domain_name = NULL;
427 struct wbcInterfaceDetails *details;
428 struct wbcDomainControllerInfoEx *dc_info;
429
430 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
431 "wbcInterfaceDetails failed");
432
433 domain_name = talloc_strdup(tctx, details->netbios_domain);
434 wbcFreeMemory(details);
435
436 torture_assert_wbc_ok(tctx, wbcLookupDomainControllerEx(domain_name, NULL, NULL, 0, &dc_info),
437 "wbcLookupDomainControllerEx failed");
438 wbcFreeMemory(dc_info);
439
440 return true;
441 }
442
443 static bool test_wbc_resolve_winsbyname(struct torture_context *tctx)
444 {
445 const char *name;
446 char *ip;
447 wbcErr ret;
448
449 name = torture_setting_string(tctx, "host", NULL);
450
451 ret = wbcResolveWinsByName(name, &ip);
452
453 if (is_ipaddress(name)) {
454 torture_assert_wbc_equal(tctx, ret, WBC_ERR_DOMAIN_NOT_FOUND, "wbcResolveWinsByName failed");
455 } else {
456 torture_assert_wbc_ok(tctx, ret, "wbcResolveWinsByName failed");
457 }
458
459 return true;
460 }
461
462 static bool test_wbc_resolve_winsbyip(struct torture_context *tctx)
463 {
464 const char *ip;
465 char *name;
466 wbcErr ret;
467
468 ip = torture_setting_string(tctx, "host", NULL);
469
470 ret = wbcResolveWinsByIP(ip, &name);
471
472 torture_assert_wbc_ok(tctx, ret, "wbcResolveWinsByIP failed");
473
474 wbcFreeMemory(name);
475
476 return true;
477 }
478
479 static bool test_wbc_lookup_rids(struct torture_context *tctx)
480 {
481 struct wbcDomainSid builtin;
482 uint32_t rids[2] = { 544, 545 };
483 const char *domain_name, **names;
484 enum wbcSidType *types;
485 wbcErr ret;
486
487 wbcStringToSid("S-1-5-32", &builtin);
488
489 ret = wbcLookupRids(&builtin, 2, rids, &domain_name, &names,
490 &types);
491 torture_assert_wbc_ok(tctx, ret, "wbcLookupRids failed");
492
493 torture_assert_str_equal(
494 tctx, names[0], "Administrators",
495 "S-1-5-32-544 not mapped to 'Administrators'");
496 torture_assert_str_equal(
497 tctx, names[1], "Users", "S-1-5-32-545 not mapped to 'Users'");
498
499 wbcFreeMemory((char *)domain_name);
500 wbcFreeMemory(names);
501 wbcFreeMemory(types);
502
503 return true;
504 }
505
506 static bool test_wbc_get_sidaliases(struct torture_context *tctx)
507 {
508 struct wbcDomainSid builtin;
509 struct wbcDomainInfo *info;
510 struct wbcInterfaceDetails *details;
511 struct wbcDomainSid sids[2];
512 uint32_t *rids;
513 uint32_t num_rids;
514 wbcErr ret;
515
516 torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
517 "wbcInterfaceDetails failed");
518 torture_assert_wbc_ok(
519 tctx, wbcDomainInfo(details->netbios_domain, &info),
520 "wbcDomainInfo failed");
521 wbcFreeMemory(details);
522
523 sids[0] = info->sid;
524 sids[0].sub_auths[sids[0].num_auths++] = 500;
525 sids[1] = info->sid;
526 sids[1].sub_auths[sids[1].num_auths++] = 512;
527 wbcFreeMemory(info);
528
529 torture_assert_wbc_ok(
530 tctx, wbcStringToSid("S-1-5-32", &builtin),
531 "wbcStringToSid failed");
532
533 ret = wbcGetSidAliases(&builtin, sids, 2, &rids, &num_rids);
534 torture_assert_wbc_ok(tctx, ret, "wbcGetSidAliases failed");
535
536 wbcFreeMemory(rids);
537
538 return true;
539 }
540
541 static bool test_wbc_authenticate_user_int(struct torture_context *tctx,
542 const char *correct_password)
543 {
544 struct wbcAuthUserParams params;
545 struct wbcAuthUserInfo *info = NULL;
546 struct wbcAuthErrorInfo *error = NULL;
547 wbcErr ret;
548
549 ret = wbcAuthenticateUser(getenv("USERNAME"), correct_password);
550 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
551 "wbcAuthenticateUser failed");
552
553 ZERO_STRUCT(params);
554 params.account_name = getenv("USERNAME");
555 params.level = WBC_AUTH_USER_LEVEL_PLAIN;
556 params.password.plaintext = correct_password;
557
558 ret = wbcAuthenticateUserEx(&params, &info, &error);
559 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
560 "wbcAuthenticateUserEx failed");
561 wbcFreeMemory(info);
562 info = NULL;
563
564 wbcFreeMemory(error);
565 error = NULL;
566
567 params.password.plaintext = "wrong";
568 ret = wbcAuthenticateUserEx(&params, &info, &error);
569 torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR,
570 "wbcAuthenticateUserEx succeeded where it "
571 "should have failed");
572 wbcFreeMemory(info);
573 info = NULL;
574
575 wbcFreeMemory(error);
576 error = NULL;
577
578 return true;
579 }
580
581 static bool test_wbc_authenticate_user(struct torture_context *tctx)
582 {
583 return test_wbc_authenticate_user_int(tctx, getenv("PASSWORD"));
584 }
585
586 static bool test_wbc_change_password(struct torture_context *tctx)
587 {
588 wbcErr ret;
589 const char *oldpass = getenv("PASSWORD");
590 const char *newpass = "Koo8irei";
591
592 struct samr_CryptPassword new_nt_password;
593 struct samr_CryptPassword new_lm_password;
594 struct samr_Password old_nt_hash_enc;
595 struct samr_Password old_lanman_hash_enc;
596
597 uint8_t old_nt_hash[16];
598 uint8_t old_lanman_hash[16];
599 uint8_t new_nt_hash[16];
600 uint8_t new_lanman_hash[16];
601
602 struct wbcChangePasswordParams params;
603
604 ZERO_STRUCT(params);
605
606 E_md4hash(oldpass, old_nt_hash);
607 E_md4hash(newpass, new_nt_hash);
608
609 if (lp_client_lanman_auth(tctx->lp_ctx) &&
610 E_deshash(newpass, new_lanman_hash) &&
611 E_deshash(oldpass, old_lanman_hash)) {
612
613 /* E_deshash returns false for 'long' passwords (> 14
614 DOS chars). This allows us to match Win2k, which
615 does not store a LM hash for these passwords (which
616 would reduce the effective password length to 14) */
617
618 encode_pw_buffer(new_lm_password.data, newpass, STR_UNICODE);
619 arcfour_crypt(new_lm_password.data, old_nt_hash, 516);
620 E_old_pw_hash(new_nt_hash, old_lanman_hash,
621 old_lanman_hash_enc.hash);
622
623 params.old_password.response.old_lm_hash_enc_length =
624 sizeof(old_lanman_hash_enc.hash);
625 params.old_password.response.old_lm_hash_enc_data =
626 old_lanman_hash_enc.hash;
627 params.new_password.response.lm_length =
628 sizeof(new_lm_password.data);
629 params.new_password.response.lm_data =
630 new_lm_password.data;
631 } else {
632 ZERO_STRUCT(new_lm_password);
633 ZERO_STRUCT(old_lanman_hash_enc);
634 }
635
636 encode_pw_buffer(new_nt_password.data, newpass, STR_UNICODE);
637
638 arcfour_crypt(new_nt_password.data, old_nt_hash, 516);
639 E_old_pw_hash(new_nt_hash, old_nt_hash, old_nt_hash_enc.hash);
640
641 params.old_password.response.old_nt_hash_enc_length =
642 sizeof(old_nt_hash_enc.hash);
643 params.old_password.response.old_nt_hash_enc_data =
644 old_nt_hash_enc.hash;
645 params.new_password.response.nt_length = sizeof(new_nt_password.data);
646 params.new_password.response.nt_data = new_nt_password.data;
647
648 params.level = WBC_CHANGE_PASSWORD_LEVEL_RESPONSE;
649 params.account_name = getenv("USERNAME");
650 params.domain_name = "SAMBA-TEST";
651
652 ret = wbcChangeUserPasswordEx(&params, NULL, NULL, NULL);
653 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
654 "wbcChangeUserPassword failed");
655
656 if (!test_wbc_authenticate_user_int(tctx, "Koo8irei")) {
657 return false;
658 }
659
660 ret = wbcChangeUserPassword(getenv("USERNAME"), "Koo8irei",
661 getenv("PASSWORD"));
662 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
663 "wbcChangeUserPassword failed");
664
665 return test_wbc_authenticate_user_int(tctx, getenv("PASSWORD"));
666 }
667
668 static bool test_wbc_logon_user(struct torture_context *tctx)
669 {
670 struct wbcLogonUserParams params;
671 struct wbcLogonUserInfo *info = NULL;
672 struct wbcAuthErrorInfo *error = NULL;
673 struct wbcUserPasswordPolicyInfo *policy = NULL;
674 struct wbcInterfaceDetails *iface;
675 struct wbcDomainSid sid;
676 enum wbcSidType sidtype;
677 char *sidstr;
678 wbcErr ret;
679
680 ZERO_STRUCT(params);
681
682 ret = wbcLogonUser(&params, &info, &error, &policy);
683 torture_assert_wbc_equal(tctx, ret, WBC_ERR_INVALID_PARAM,
684 "wbcLogonUser succeeded where it should "
685 "have failed");
686
687 params.username = getenv("USERNAME");
688 params.password = getenv("PASSWORD");
689
690 ret = wbcAddNamedBlob(&params.num_blobs, &params.blobs,
691 "foo", 0, discard_const_p(uint8_t, "bar"), 4);
692 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
693 "wbcAddNamedBlob failed");
694
695 ret = wbcLogonUser(&params, &info, &error, &policy);
696 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
697 "wbcLogonUser failed");
698 wbcFreeMemory(info); info = NULL;
699 wbcFreeMemory(error); error = NULL;
700 wbcFreeMemory(policy); policy = NULL;
701
702 params.password = "wrong";
703
704 ret = wbcLogonUser(&params, &info, &error, &policy);
705 torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR,
706 "wbcLogonUser should have failed with "
707 "WBC_ERR_AUTH_ERROR");
708 wbcFreeMemory(info); info = NULL;
709 wbcFreeMemory(error); error = NULL;
710 wbcFreeMemory(policy); policy = NULL;
711
712 ret = wbcAddNamedBlob(&params.num_blobs, &params.blobs,
713 "membership_of", 0,
714 discard_const_p(uint8_t, "S-1-2-3-4"),
715 strlen("S-1-2-3-4")+1);
716 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
717 "wbcAddNamedBlob failed");
718 params.password = getenv("PASSWORD");
719 ret = wbcLogonUser(&params, &info, &error, &policy);
720 torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR,
721 "wbcLogonUser should have failed with "
722 "WBC_ERR_AUTH_ERROR");
723 wbcFreeMemory(info); info = NULL;
724 wbcFreeMemory(error); error = NULL;
725 wbcFreeMemory(policy); policy = NULL;
726 wbcFreeMemory(params.blobs);
727 params.blobs = NULL; params.num_blobs = 0;
728
729 ret = wbcInterfaceDetails(&iface);
730 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
731 "wbcInterfaceDetails failed");
732
733 ret = wbcLookupName(iface->netbios_domain, getenv("USERNAME"), &sid,
734 &sidtype);
735 wbcFreeMemory(iface);
736 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
737 "wbcLookupName failed");
738
739 ret = wbcSidToString(&sid, &sidstr);
740 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
741 "wbcSidToString failed");
742
743 ret = wbcAddNamedBlob(&params.num_blobs, &params.blobs,
744 "membership_of", 0,
745 (uint8_t *)sidstr, strlen(sidstr)+1);
746 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
747 "wbcAddNamedBlob failed");
748 wbcFreeMemory(sidstr);
749 params.password = getenv("PASSWORD");
750 ret = wbcLogonUser(&params, &info, &error, &policy);
751 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
752 "wbcLogonUser failed");
753 wbcFreeMemory(info); info = NULL;
754 wbcFreeMemory(error); error = NULL;
755 wbcFreeMemory(policy); policy = NULL;
756 wbcFreeMemory(params.blobs);
757 params.blobs = NULL; params.num_blobs = 0;
758
759 return true;
760 }
761
762 static bool test_wbc_getgroups(struct torture_context *tctx)
763 {
764 wbcErr ret;
765 uint32_t num_groups;
766 gid_t *groups;
767
768 ret = wbcGetGroups(getenv("USERNAME"), &num_groups, &groups);
769 torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
770 "wbcGetGroups failed");
771 wbcFreeMemory(groups);
772 return true;
773 }
774
775 struct torture_suite *torture_wbclient(void)
776 {
777 struct torture_suite *suite = torture_suite_create(talloc_autofree_context(), "WBCLIENT");
778
779 torture_suite_add_simple_test(suite, "wbcPing", test_wbc_ping);
780 torture_suite_add_simple_test(suite, "wbcPing_async", test_wbc_ping_async);
781 torture_suite_add_simple_test(suite, "wbcPingDc", test_wbc_pingdc);
782 torture_suite_add_simple_test(suite, "wbcLibraryDetails", test_wbc_library_details);
783 torture_suite_add_simple_test(suite, "wbcInterfaceDetails", test_wbc_interface_details);
784 torture_suite_add_simple_test(suite, "wbcSidTypeString", test_wbc_sidtypestring);
785 torture_suite_add_simple_test(suite, "wbcSidToString", test_wbc_sidtostring);
786 torture_suite_add_simple_test(suite, "wbcGuidToString", test_wbc_guidtostring);
787 torture_suite_add_simple_test(suite, "wbcDomainInfo", test_wbc_domain_info);
788 torture_suite_add_simple_test(suite, "wbcListUsers", test_wbc_users);
789 torture_suite_add_simple_test(suite, "wbcListUsers_async", test_wbc_users_async);
790 torture_suite_add_simple_test(suite, "wbcListGroups", test_wbc_groups);
791 torture_suite_add_simple_test(suite, "wbcListTrusts", test_wbc_trusts);
792 torture_suite_add_simple_test(suite, "wbcLookupDomainController", test_wbc_lookupdc);
793 torture_suite_add_simple_test(suite, "wbcLookupDomainControllerEx", test_wbc_lookupdcex);
794 torture_suite_add_simple_test(suite, "wbcResolveWinsByName", test_wbc_resolve_winsbyname);
795 torture_suite_add_simple_test(suite, "wbcResolveWinsByIP", test_wbc_resolve_winsbyip);
796 torture_suite_add_simple_test(suite, "wbcLookupRids",
797 test_wbc_lookup_rids);
798 torture_suite_add_simple_test(suite, "wbcGetSidAliases",
799 test_wbc_get_sidaliases);
800 torture_suite_add_simple_test(suite, "wbcAuthenticateUser",
801 test_wbc_authenticate_user);
802 torture_suite_add_simple_test(suite, "wbcLogonUser",
803 test_wbc_logon_user);
804 torture_suite_add_simple_test(suite, "wbcChangeUserPassword",
805 test_wbc_change_password);
806 torture_suite_add_simple_test(suite, "wbcGetGroups",
807 test_wbc_getgroups);
808
809 return suite;
810 }