search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3-lsa: Fix static list of luids in our privileges implementation.
[Samba/ekacnet.git] / source4 / torture / rpc / netlogon.c
blob03de3bdc10375ff56a8a95f0261fb0de82175a69
1 /*
2 Unix SMB/CIFS implementation.
3
4 test suite for netlogon rpc operations
5
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003-2004
8 Copyright (C) Tim Potter 2003
9 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
10
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 */
24
25 #include "includes.h"
26 #include "lib/events/events.h"
27 #include "lib/cmdline/popt_common.h"
28 #include "torture/rpc/torture_rpc.h"
29 #include "../lib/crypto/crypto.h"
30 #include "libcli/auth/libcli_auth.h"
31 #include "librpc/gen_ndr/ndr_netlogon_c.h"
32 #include "librpc/gen_ndr/ndr_lsa_c.h"
33 #include "param/param.h"
34 #include "libcli/security/security.h"
35 #include "lib/ldb/include/ldb.h"
36 #include "lib/util/util_ldb.h"
37 #include "lib/ldb_wrap.h"
38 #include "lib/replace/system/network.h"
39 #include "dsdb/samdb/samdb.h"
40
41 #define TEST_MACHINE_NAME "torturetest"
42
43 static bool test_LogonUasLogon(struct torture_context *tctx,
44 struct dcerpc_pipe *p)
45 {
46 NTSTATUS status;
47 struct netr_LogonUasLogon r;
48 struct netr_UasInfo *info = NULL;
49 struct dcerpc_binding_handle *b = p->binding_handle;
50
51 r.in.server_name = NULL;
52 r.in.account_name = cli_credentials_get_username(cmdline_credentials);
53 r.in.workstation = TEST_MACHINE_NAME;
54 r.out.info = &info;
55
56 status = dcerpc_netr_LogonUasLogon_r(b, tctx, &r);
57 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogon");
58
59 return true;
60 }
61
62 static bool test_LogonUasLogoff(struct torture_context *tctx,
63 struct dcerpc_pipe *p)
64 {
65 NTSTATUS status;
66 struct netr_LogonUasLogoff r;
67 struct netr_UasLogoffInfo info;
68 struct dcerpc_binding_handle *b = p->binding_handle;
69
70 r.in.server_name = NULL;
71 r.in.account_name = cli_credentials_get_username(cmdline_credentials);
72 r.in.workstation = TEST_MACHINE_NAME;
73 r.out.info = &info;
74
75 status = dcerpc_netr_LogonUasLogoff_r(b, tctx, &r);
76 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogoff");
77
78 return true;
79 }
80
81 bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context *tctx,
82 struct cli_credentials *credentials,
83 struct netlogon_creds_CredentialState **creds_out)
84 {
85 struct netr_ServerReqChallenge r;
86 struct netr_ServerAuthenticate a;
87 struct netr_Credential credentials1, credentials2, credentials3;
88 struct netlogon_creds_CredentialState *creds;
89 const struct samr_Password *mach_password;
90 const char *machine_name;
91 struct dcerpc_binding_handle *b = p->binding_handle;
92
93 mach_password = cli_credentials_get_nt_hash(credentials, tctx);
94 machine_name = cli_credentials_get_workstation(credentials);
95
96 torture_comment(tctx, "Testing ServerReqChallenge\n");
97
98 r.in.server_name = NULL;
99 r.in.computer_name = machine_name;
100 r.in.credentials = &credentials1;
101 r.out.return_credentials = &credentials2;
102
103 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
104
105 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
106 "ServerReqChallenge failed");
107 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
108
109 a.in.server_name = NULL;
110 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
111 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(credentials);
112 a.in.computer_name = machine_name;
113 a.in.credentials = &credentials3;
114 a.out.return_credentials = &credentials3;
115
116 creds = netlogon_creds_client_init(tctx, a.in.account_name,
117 a.in.computer_name,
118 &credentials1, &credentials2,
119 mach_password, &credentials3,
120 0);
121 torture_assert(tctx, creds != NULL, "memory allocation");
122
123
124 torture_comment(tctx, "Testing ServerAuthenticate\n");
125
126 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate_r(b, tctx, &a),
127 "ServerAuthenticate failed");
128
129 /* This allows the tests to continue against the more fussy windows 2008 */
130 if (NT_STATUS_EQUAL(a.out.result, NT_STATUS_DOWNGRADE_DETECTED)) {
131 return test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
132 credentials,
133 cli_credentials_get_secure_channel_type(credentials),
134 creds_out);
135 }
136
137 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate");
138
139 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
140 "Credential chaining failed");
141
142 *creds_out = creds;
143 return true;
144 }
145
146 bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx,
147 uint32_t negotiate_flags,
148 struct cli_credentials *machine_credentials,
149 enum netr_SchannelType sec_chan_type,
150 struct netlogon_creds_CredentialState **creds_out)
151 {
152 struct netr_ServerReqChallenge r;
153 struct netr_ServerAuthenticate2 a;
154 struct netr_Credential credentials1, credentials2, credentials3;
155 struct netlogon_creds_CredentialState *creds;
156 const struct samr_Password *mach_password;
157 const char *machine_name;
158 struct dcerpc_binding_handle *b = p->binding_handle;
159
160 mach_password = cli_credentials_get_nt_hash(machine_credentials, tctx);
161 machine_name = cli_credentials_get_workstation(machine_credentials);
162
163 torture_comment(tctx, "Testing ServerReqChallenge\n");
164
165
166 r.in.server_name = NULL;
167 r.in.computer_name = machine_name;
168 r.in.credentials = &credentials1;
169 r.out.return_credentials = &credentials2;
170
171 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
172
173 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
174 "ServerReqChallenge failed");
175 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
176
177 a.in.server_name = NULL;
178 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
179 a.in.secure_channel_type = sec_chan_type;
180 a.in.computer_name = machine_name;
181 a.in.negotiate_flags = &negotiate_flags;
182 a.out.negotiate_flags = &negotiate_flags;
183 a.in.credentials = &credentials3;
184 a.out.return_credentials = &credentials3;
185
186 creds = netlogon_creds_client_init(tctx, a.in.account_name,
187 a.in.computer_name,
188 &credentials1, &credentials2,
189 mach_password, &credentials3,
190 negotiate_flags);
191
192 torture_assert(tctx, creds != NULL, "memory allocation");
193
194 torture_comment(tctx, "Testing ServerAuthenticate2\n");
195
196 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate2_r(b, tctx, &a),
197 "ServerAuthenticate2 failed");
198 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate2 failed");
199
200 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
201 "Credential chaining failed");
202
203 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
204
205 *creds_out = creds;
206 return true;
207 }
208
209
210 static bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx,
211 uint32_t negotiate_flags,
212 struct cli_credentials *machine_credentials,
213 struct netlogon_creds_CredentialState **creds_out)
214 {
215 struct netr_ServerReqChallenge r;
216 struct netr_ServerAuthenticate3 a;
217 struct netr_Credential credentials1, credentials2, credentials3;
218 struct netlogon_creds_CredentialState *creds;
219 struct samr_Password mach_password;
220 uint32_t rid;
221 const char *machine_name;
222 const char *plain_pass;
223 struct dcerpc_binding_handle *b = p->binding_handle;
224
225 machine_name = cli_credentials_get_workstation(machine_credentials);
226 plain_pass = cli_credentials_get_password(machine_credentials);
227
228 torture_comment(tctx, "Testing ServerReqChallenge\n");
229
230 r.in.server_name = NULL;
231 r.in.computer_name = machine_name;
232 r.in.credentials = &credentials1;
233 r.out.return_credentials = &credentials2;
234
235 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
236
237 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
238 "ServerReqChallenge failed");
239 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
240
241 E_md4hash(plain_pass, mach_password.hash);
242
243 a.in.server_name = NULL;
244 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
245 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
246 a.in.computer_name = machine_name;
247 a.in.negotiate_flags = &negotiate_flags;
248 a.in.credentials = &credentials3;
249 a.out.return_credentials = &credentials3;
250 a.out.negotiate_flags = &negotiate_flags;
251 a.out.rid = &rid;
252
253 creds = netlogon_creds_client_init(tctx, a.in.account_name,
254 a.in.computer_name,
255 &credentials1, &credentials2,
256 &mach_password, &credentials3,
257 negotiate_flags);
258
259 torture_assert(tctx, creds != NULL, "memory allocation");
260
261 torture_comment(tctx, "Testing ServerAuthenticate3\n");
262
263 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate3_r(b, tctx, &a),
264 "ServerAuthenticate3 failed");
265 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate3 failed");
266 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3), "Credential chaining failed");
267
268 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
269
270 /* Prove that requesting a challenge again won't break it */
271 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
272 "ServerReqChallenge failed");
273 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
274
275 *creds_out = creds;
276 return true;
277 }
278
279 /*
280 try a change password for our machine account
281 */
282 static bool test_SetPassword(struct torture_context *tctx,
283 struct dcerpc_pipe *p,
284 struct cli_credentials *machine_credentials)
285 {
286 struct netr_ServerPasswordSet r;
287 const char *password;
288 struct netlogon_creds_CredentialState *creds;
289 struct netr_Authenticator credential, return_authenticator;
290 struct samr_Password new_password;
291 struct dcerpc_binding_handle *b = p->binding_handle;
292
293 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
294 return false;
295 }
296
297 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
298 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
299 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
300 r.in.computer_name = TEST_MACHINE_NAME;
301 r.in.credential = &credential;
302 r.in.new_password = &new_password;
303 r.out.return_authenticator = &return_authenticator;
304
305 password = generate_random_password(tctx, 8, 255);
306 E_md4hash(password, new_password.hash);
307
308 netlogon_creds_des_encrypt(creds, &new_password);
309
310 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
311 torture_comment(tctx, "Changing machine account password to '%s'\n",
312 password);
313
314 netlogon_creds_client_authenticator(creds, &credential);
315
316 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
317 "ServerPasswordSet failed");
318 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet failed");
319
320 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
321 torture_comment(tctx, "Credential chaining failed\n");
322 }
323
324 /* by changing the machine password twice we test the
325 credentials chaining fully, and we verify that the server
326 allows the password to be set to the same value twice in a
327 row (match win2k3) */
328 torture_comment(tctx,
329 "Testing a second ServerPasswordSet on machine account\n");
330 torture_comment(tctx,
331 "Changing machine account password to '%s' (same as previous run)\n", password);
332
333 netlogon_creds_client_authenticator(creds, &credential);
334
335 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
336 "ServerPasswordSet (2) failed");
337 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (2) failed");
338
339 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
340 torture_comment(tctx, "Credential chaining failed\n");
341 }
342
343 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
344
345 torture_assert(tctx,
346 test_SetupCredentials(p, tctx, machine_credentials, &creds),
347 "ServerPasswordSet failed to actually change the password");
348
349 return true;
350 }
351
352 /*
353 try a change password for our machine account
354 */
355 static bool test_SetPassword_flags(struct torture_context *tctx,
356 struct dcerpc_pipe *p,
357 struct cli_credentials *machine_credentials,
358 uint32_t negotiate_flags)
359 {
360 struct netr_ServerPasswordSet r;
361 const char *password;
362 struct netlogon_creds_CredentialState *creds;
363 struct netr_Authenticator credential, return_authenticator;
364 struct samr_Password new_password;
365 struct dcerpc_binding_handle *b = p->binding_handle;
366
367 if (!test_SetupCredentials2(p, tctx, negotiate_flags,
368 machine_credentials,
369 cli_credentials_get_secure_channel_type(machine_credentials),
370 &creds)) {
371 return false;
372 }
373
374 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
375 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
376 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
377 r.in.computer_name = TEST_MACHINE_NAME;
378 r.in.credential = &credential;
379 r.in.new_password = &new_password;
380 r.out.return_authenticator = &return_authenticator;
381
382 password = generate_random_password(tctx, 8, 255);
383 E_md4hash(password, new_password.hash);
384
385 netlogon_creds_des_encrypt(creds, &new_password);
386
387 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
388 torture_comment(tctx, "Changing machine account password to '%s'\n",
389 password);
390
391 netlogon_creds_client_authenticator(creds, &credential);
392
393 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
394 "ServerPasswordSet failed");
395 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet failed");
396
397 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
398 torture_comment(tctx, "Credential chaining failed\n");
399 }
400
401 /* by changing the machine password twice we test the
402 credentials chaining fully, and we verify that the server
403 allows the password to be set to the same value twice in a
404 row (match win2k3) */
405 torture_comment(tctx,
406 "Testing a second ServerPasswordSet on machine account\n");
407 torture_comment(tctx,
408 "Changing machine account password to '%s' (same as previous run)\n", password);
409
410 netlogon_creds_client_authenticator(creds, &credential);
411
412 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
413 "ServerPasswordSet (2) failed");
414 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (2) failed");
415
416 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
417 torture_comment(tctx, "Credential chaining failed\n");
418 }
419
420 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
421
422 torture_assert(tctx,
423 test_SetupCredentials(p, tctx, machine_credentials, &creds),
424 "ServerPasswordSet failed to actually change the password");
425
426 return true;
427 }
428
429
430 /*
431 generate a random password for password change tests
432 */
433 static DATA_BLOB netlogon_very_rand_pass(TALLOC_CTX *mem_ctx, int len)
434 {
435 int i;
436 DATA_BLOB password = data_blob_talloc(mem_ctx, NULL, len * 2 /* number of unicode chars */);
437 generate_random_buffer(password.data, password.length);
438
439 for (i=0; i < len; i++) {
440 if (((uint16_t *)password.data)[i] == 0) {
441 ((uint16_t *)password.data)[i] = 1;
442 }
443 }
444
445 return password;
446 }
447
448 /*
449 try a change password for our machine account
450 */
451 static bool test_SetPassword2(struct torture_context *tctx,
452 struct dcerpc_pipe *p,
453 struct cli_credentials *machine_credentials)
454 {
455 struct netr_ServerPasswordSet2 r;
456 const char *password;
457 DATA_BLOB new_random_pass;
458 struct netlogon_creds_CredentialState *creds;
459 struct samr_CryptPassword password_buf;
460 struct samr_Password nt_hash;
461 struct netr_Authenticator credential, return_authenticator;
462 struct netr_CryptPassword new_password;
463 struct dcerpc_binding_handle *b = p->binding_handle;
464
465 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
466 return false;
467 }
468
469 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
470 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
471 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
472 r.in.computer_name = TEST_MACHINE_NAME;
473 r.in.credential = &credential;
474 r.in.new_password = &new_password;
475 r.out.return_authenticator = &return_authenticator;
476
477 password = generate_random_password(tctx, 8, 255);
478 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
479 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
480
481 memcpy(new_password.data, password_buf.data, 512);
482 new_password.length = IVAL(password_buf.data, 512);
483
484 torture_comment(tctx, "Testing ServerPasswordSet2 on machine account\n");
485 torture_comment(tctx, "Changing machine account password to '%s'\n", password);
486
487 netlogon_creds_client_authenticator(creds, &credential);
488
489 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
490 "ServerPasswordSet2 failed");
491 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 failed");
492
493 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
494 torture_comment(tctx, "Credential chaining failed\n");
495 }
496
497 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
498
499 if (!torture_setting_bool(tctx, "dangerous", false)) {
500 torture_comment(tctx,
501 "Not testing ability to set password to '', enable dangerous tests to perform this test\n");
502 } else {
503 /* by changing the machine password to ""
504 * we check if the server uses password restrictions
505 * for ServerPasswordSet2
506 * (win2k3 accepts "")
507 */
508 password = "";
509 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
510 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
511
512 memcpy(new_password.data, password_buf.data, 512);
513 new_password.length = IVAL(password_buf.data, 512);
514
515 torture_comment(tctx,
516 "Testing ServerPasswordSet2 on machine account\n");
517 torture_comment(tctx,
518 "Changing machine account password to '%s'\n", password);
519
520 netlogon_creds_client_authenticator(creds, &credential);
521
522 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
523 "ServerPasswordSet2 failed");
524 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 failed");
525
526 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
527 torture_comment(tctx, "Credential chaining failed\n");
528 }
529
530 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
531 }
532
533 torture_assert(tctx, test_SetupCredentials(p, tctx, machine_credentials, &creds),
534 "ServerPasswordSet failed to actually change the password");
535
536 /* now try a random password */
537 password = generate_random_password(tctx, 8, 255);
538 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
539 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
540
541 memcpy(new_password.data, password_buf.data, 512);
542 new_password.length = IVAL(password_buf.data, 512);
543
544 torture_comment(tctx, "Testing second ServerPasswordSet2 on machine account\n");
545 torture_comment(tctx, "Changing machine account password to '%s'\n", password);
546
547 netlogon_creds_client_authenticator(creds, &credential);
548
549 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
550 "ServerPasswordSet2 (2) failed");
551 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 (2) failed");
552
553 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
554 torture_comment(tctx, "Credential chaining failed\n");
555 }
556
557 /* by changing the machine password twice we test the
558 credentials chaining fully, and we verify that the server
559 allows the password to be set to the same value twice in a
560 row (match win2k3) */
561 torture_comment(tctx,
562 "Testing a second ServerPasswordSet2 on machine account\n");
563 torture_comment(tctx,
564 "Changing machine account password to '%s' (same as previous run)\n", password);
565
566 netlogon_creds_client_authenticator(creds, &credential);
567
568 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
569 "ServerPasswordSet (3) failed");
570 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (3) failed");
571
572 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
573 torture_comment(tctx, "Credential chaining failed\n");
574 }
575
576 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
577
578 torture_assert (tctx,
579 test_SetupCredentials(p, tctx, machine_credentials, &creds),
580 "ServerPasswordSet failed to actually change the password");
581
582 new_random_pass = netlogon_very_rand_pass(tctx, 128);
583
584 /* now try a random stream of bytes for a password */
585 set_pw_in_buffer(password_buf.data, &new_random_pass);
586
587 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
588
589 memcpy(new_password.data, password_buf.data, 512);
590 new_password.length = IVAL(password_buf.data, 512);
591
592 torture_comment(tctx,
593 "Testing a third ServerPasswordSet2 on machine account, with a compleatly random password\n");
594
595 netlogon_creds_client_authenticator(creds, &credential);
596
597 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
598 "ServerPasswordSet (3) failed");
599 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (3) failed");
600
601 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
602 torture_comment(tctx, "Credential chaining failed\n");
603 }
604
605 mdfour(nt_hash.hash, new_random_pass.data, new_random_pass.length);
606
607 cli_credentials_set_password(machine_credentials, NULL, CRED_UNINITIALISED);
608 cli_credentials_set_nt_hash(machine_credentials, &nt_hash, CRED_SPECIFIED);
609
610 torture_assert (tctx,
611 test_SetupCredentials(p, tctx, machine_credentials, &creds),
612 "ServerPasswordSet failed to actually change the password");
613
614 return true;
615 }
616
617 static bool test_GetPassword(struct torture_context *tctx,
618 struct dcerpc_pipe *p,
619 struct cli_credentials *machine_credentials)
620 {
621 struct netr_ServerPasswordGet r;
622 struct netlogon_creds_CredentialState *creds;
623 struct netr_Authenticator credential;
624 NTSTATUS status;
625 struct netr_Authenticator return_authenticator;
626 struct samr_Password password;
627 struct dcerpc_binding_handle *b = p->binding_handle;
628
629 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
630 return false;
631 }
632
633 netlogon_creds_client_authenticator(creds, &credential);
634
635 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
636 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
637 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
638 r.in.computer_name = TEST_MACHINE_NAME;
639 r.in.credential = &credential;
640 r.out.return_authenticator = &return_authenticator;
641 r.out.password = &password;
642
643 status = dcerpc_netr_ServerPasswordGet_r(b, tctx, &r);
644 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordGet");
645
646 return true;
647 }
648
649 static bool test_GetTrustPasswords(struct torture_context *tctx,
650 struct dcerpc_pipe *p,
651 struct cli_credentials *machine_credentials)
652 {
653 struct netr_ServerTrustPasswordsGet r;
654 struct netlogon_creds_CredentialState *creds;
655 struct netr_Authenticator credential;
656 struct netr_Authenticator return_authenticator;
657 struct samr_Password password, password2;
658 struct dcerpc_binding_handle *b = p->binding_handle;
659
660 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
661 return false;
662 }
663
664 netlogon_creds_client_authenticator(creds, &credential);
665
666 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
667 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
668 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
669 r.in.computer_name = TEST_MACHINE_NAME;
670 r.in.credential = &credential;
671 r.out.return_authenticator = &return_authenticator;
672 r.out.password = &password;
673 r.out.password2 = &password2;
674
675 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerTrustPasswordsGet_r(b, tctx, &r),
676 "ServerTrustPasswordsGet failed");
677 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerTrustPasswordsGet failed");
678
679 return true;
680 }
681
682 /*
683 try a netlogon SamLogon
684 */
685 static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context *tctx,
686 struct cli_credentials *credentials,
687 struct netlogon_creds_CredentialState *creds,
688 bool null_domain)
689 {
690 NTSTATUS status;
691 struct netr_LogonSamLogon r;
692 struct netr_Authenticator auth, auth2;
693 union netr_LogonLevel logon;
694 union netr_Validation validation;
695 uint8_t authoritative;
696 struct netr_NetworkInfo ninfo;
697 DATA_BLOB names_blob, chal, lm_resp, nt_resp;
698 int i;
699 struct dcerpc_binding_handle *b = p->binding_handle;
700 int flags = CLI_CRED_NTLM_AUTH;
701 if (lp_client_lanman_auth(tctx->lp_ctx)) {
702 flags |= CLI_CRED_LANMAN_AUTH;
703 }
704
705 if (lp_client_ntlmv2_auth(tctx->lp_ctx)) {
706 flags |= CLI_CRED_NTLMv2_AUTH;
707 }
708
709 cli_credentials_get_ntlm_username_domain(cmdline_credentials, tctx,
710 &ninfo.identity_info.account_name.string,
711 &ninfo.identity_info.domain_name.string);
712
713 if (null_domain) {
714 ninfo.identity_info.domain_name.string = NULL;
715 }
716
717 generate_random_buffer(ninfo.challenge,
718 sizeof(ninfo.challenge));
719 chal = data_blob_const(ninfo.challenge,
720 sizeof(ninfo.challenge));
721
722 names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(credentials),
723 cli_credentials_get_domain(credentials));
724
725 status = cli_credentials_get_ntlm_response(cmdline_credentials, tctx,
726 &flags,
727 chal,
728 names_blob,
729 &lm_resp, &nt_resp,
730 NULL, NULL);
731 torture_assert_ntstatus_ok(tctx, status, "cli_credentials_get_ntlm_response failed");
732
733 ninfo.lm.data = lm_resp.data;
734 ninfo.lm.length = lm_resp.length;
735
736 ninfo.nt.data = nt_resp.data;
737 ninfo.nt.length = nt_resp.length;
738
739 ninfo.identity_info.parameter_control = 0;
740 ninfo.identity_info.logon_id_low = 0;
741 ninfo.identity_info.logon_id_high = 0;
742 ninfo.identity_info.workstation.string = cli_credentials_get_workstation(credentials);
743
744 logon.network = &ninfo;
745
746 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
747 r.in.computer_name = cli_credentials_get_workstation(credentials);
748 r.in.credential = &auth;
749 r.in.return_authenticator = &auth2;
750 r.in.logon_level = 2;
751 r.in.logon = &logon;
752 r.out.validation = &validation;
753 r.out.authoritative = &authoritative;
754
755 d_printf("Testing LogonSamLogon with name %s\n", ninfo.identity_info.account_name.string);
756
757 for (i=2;i<3;i++) {
758 ZERO_STRUCT(auth2);
759 netlogon_creds_client_authenticator(creds, &auth);
760
761 r.in.validation_level = i;
762
763 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
764 "LogonSamLogon failed");
765 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonSamLogon failed");
766
767 torture_assert(tctx, netlogon_creds_client_check(creds,
768 &r.out.return_authenticator->cred),
769 "Credential chaining failed");
770 }
771
772 r.in.credential = NULL;
773
774 for (i=2;i<=3;i++) {
775
776 r.in.validation_level = i;
777
778 torture_comment(tctx, "Testing SamLogon with validation level %d and a NULL credential\n", i);
779
780 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
781 "LogonSamLogon failed");
782 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_PARAMETER,
783 "LogonSamLogon expected INVALID_PARAMETER");
784
785 }
786
787 return true;
788 }
789
790 bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
791 struct cli_credentials *credentials,
792 struct netlogon_creds_CredentialState *creds)
793 {
794 return test_netlogon_ops_args(p, tctx, credentials, creds, false);
795 }
796
797 /*
798 try a netlogon SamLogon
799 */
800 static bool test_SamLogon(struct torture_context *tctx,
801 struct dcerpc_pipe *p,
802 struct cli_credentials *credentials)
803 {
804 struct netlogon_creds_CredentialState *creds;
805
806 if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
807 return false;
808 }
809
810 return test_netlogon_ops(p, tctx, credentials, creds);
811 }
812
813 static bool test_SamLogon_NULL_domain(struct torture_context *tctx,
814 struct dcerpc_pipe *p,
815 struct cli_credentials *credentials)
816 {
817 struct netlogon_creds_CredentialState *creds;
818
819 if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
820 return false;
821 }
822
823 return test_netlogon_ops_args(p, tctx, credentials, creds, true);
824 }
825
826 /* we remember the sequence numbers so we can easily do a DatabaseDelta */
827 static uint64_t sequence_nums[3];
828
829 /*
830 try a netlogon DatabaseSync
831 */
832 static bool test_DatabaseSync(struct torture_context *tctx,
833 struct dcerpc_pipe *p,
834 struct cli_credentials *machine_credentials)
835 {
836 struct netr_DatabaseSync r;
837 struct netlogon_creds_CredentialState *creds;
838 const uint32_t database_ids[] = {SAM_DATABASE_DOMAIN, SAM_DATABASE_BUILTIN, SAM_DATABASE_PRIVS};
839 int i;
840 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
841 struct netr_Authenticator credential, return_authenticator;
842 struct dcerpc_binding_handle *b = p->binding_handle;
843
844 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
845 return false;
846 }
847
848 ZERO_STRUCT(return_authenticator);
849
850 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
851 r.in.computername = TEST_MACHINE_NAME;
852 r.in.preferredmaximumlength = (uint32_t)-1;
853 r.in.return_authenticator = &return_authenticator;
854 r.out.delta_enum_array = &delta_enum_array;
855 r.out.return_authenticator = &return_authenticator;
856
857 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
858
859 uint32_t sync_context = 0;
860
861 r.in.database_id = database_ids[i];
862 r.in.sync_context = &sync_context;
863 r.out.sync_context = &sync_context;
864
865 torture_comment(tctx, "Testing DatabaseSync of id %d\n", r.in.database_id);
866
867 do {
868 netlogon_creds_client_authenticator(creds, &credential);
869
870 r.in.credential = &credential;
871
872 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseSync_r(b, tctx, &r),
873 "DatabaseSync failed");
874 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
875 break;
876
877 /* Native mode servers don't do this */
878 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
879 return true;
880 }
881 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseSync");
882
883 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
884 torture_comment(tctx, "Credential chaining failed\n");
885 }
886
887 if (delta_enum_array &&
888 delta_enum_array->num_deltas > 0 &&
889 delta_enum_array->delta_enum[0].delta_type == NETR_DELTA_DOMAIN &&
890 delta_enum_array->delta_enum[0].delta_union.domain) {
891 sequence_nums[r.in.database_id] =
892 delta_enum_array->delta_enum[0].delta_union.domain->sequence_num;
893 torture_comment(tctx, "\tsequence_nums[%d]=%llu\n",
894 r.in.database_id,
895 (unsigned long long)sequence_nums[r.in.database_id]);
896 }
897 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
898 }
899
900 return true;
901 }
902
903
904 /*
905 try a netlogon DatabaseDeltas
906 */
907 static bool test_DatabaseDeltas(struct torture_context *tctx,
908 struct dcerpc_pipe *p,
909 struct cli_credentials *machine_credentials)
910 {
911 struct netr_DatabaseDeltas r;
912 struct netlogon_creds_CredentialState *creds;
913 struct netr_Authenticator credential;
914 struct netr_Authenticator return_authenticator;
915 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
916 const uint32_t database_ids[] = {0, 1, 2};
917 int i;
918 struct dcerpc_binding_handle *b = p->binding_handle;
919
920 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
921 return false;
922 }
923
924 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
925 r.in.computername = TEST_MACHINE_NAME;
926 r.in.preferredmaximumlength = (uint32_t)-1;
927 ZERO_STRUCT(r.in.return_authenticator);
928 r.out.return_authenticator = &return_authenticator;
929 r.out.delta_enum_array = &delta_enum_array;
930
931 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
932 r.in.database_id = database_ids[i];
933 r.in.sequence_num = &sequence_nums[r.in.database_id];
934
935 if (*r.in.sequence_num == 0) continue;
936
937 *r.in.sequence_num -= 1;
938
939 torture_comment(tctx, "Testing DatabaseDeltas of id %d at %llu\n",
940 r.in.database_id, (unsigned long long)*r.in.sequence_num);
941
942 do {
943 netlogon_creds_client_authenticator(creds, &credential);
944
945 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseDeltas_r(b, tctx, &r),
946 "DatabaseDeltas failed");
947 if (NT_STATUS_EQUAL(r.out.result,
948 NT_STATUS_SYNCHRONIZATION_REQUIRED)) {
949 torture_comment(tctx, "not considering %s to be an error\n",
950 nt_errstr(r.out.result));
951 return true;
952 }
953 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
954 break;
955
956 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseDeltas");
957
958 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
959 torture_comment(tctx, "Credential chaining failed\n");
960 }
961
962 (*r.in.sequence_num)++;
963 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
964 }
965
966 return true;
967 }
968
969 static bool test_DatabaseRedo(struct torture_context *tctx,
970 struct dcerpc_pipe *p,
971 struct cli_credentials *machine_credentials)
972 {
973 struct netr_DatabaseRedo r;
974 struct netlogon_creds_CredentialState *creds;
975 struct netr_Authenticator credential;
976 struct netr_Authenticator return_authenticator;
977 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
978 struct netr_ChangeLogEntry e;
979 struct dom_sid null_sid, *sid;
980 int i,d;
981 struct dcerpc_binding_handle *b = p->binding_handle;
982
983 ZERO_STRUCT(null_sid);
984
985 sid = dom_sid_parse_talloc(tctx, "S-1-5-21-1111111111-2222222222-333333333-500");
986
987 {
988
989 struct {
990 uint32_t rid;
991 uint16_t flags;
992 uint8_t db_index;
993 uint8_t delta_type;
994 struct dom_sid sid;
995 const char *name;
996 NTSTATUS expected_error;
997 uint32_t expected_num_results;
998 uint8_t expected_delta_type_1;
999 uint8_t expected_delta_type_2;
1000 const char *comment;
1001 } changes[] = {
1002
1003 /* SAM_DATABASE_DOMAIN */
1004
1005 {
1006 .rid = 0,
1007 .flags = 0,
1008 .db_index = SAM_DATABASE_DOMAIN,
1009 .delta_type = NETR_DELTA_MODIFY_COUNT,
1010 .sid = null_sid,
1011 .name = NULL,
1012 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1013 .expected_num_results = 0,
1014 .comment = "NETR_DELTA_MODIFY_COUNT"
1015 },
1016 {
1017 .rid = 0,
1018 .flags = 0,
1019 .db_index = SAM_DATABASE_DOMAIN,
1020 .delta_type = 0,
1021 .sid = null_sid,
1022 .name = NULL,
1023 .expected_error = NT_STATUS_OK,
1024 .expected_num_results = 1,
1025 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1026 .comment = "NULL DELTA"
1027 },
1028 {
1029 .rid = 0,
1030 .flags = 0,
1031 .db_index = SAM_DATABASE_DOMAIN,
1032 .delta_type = NETR_DELTA_DOMAIN,
1033 .sid = null_sid,
1034 .name = NULL,
1035 .expected_error = NT_STATUS_OK,
1036 .expected_num_results = 1,
1037 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1038 .comment = "NETR_DELTA_DOMAIN"
1039 },
1040 {
1041 .rid = DOMAIN_RID_ADMINISTRATOR,
1042 .flags = 0,
1043 .db_index = SAM_DATABASE_DOMAIN,
1044 .delta_type = NETR_DELTA_USER,
1045 .sid = null_sid,
1046 .name = NULL,
1047 .expected_error = NT_STATUS_OK,
1048 .expected_num_results = 1,
1049 .expected_delta_type_1 = NETR_DELTA_USER,
1050 .comment = "NETR_DELTA_USER by rid 500"
1051 },
1052 {
1053 .rid = DOMAIN_RID_GUEST,
1054 .flags = 0,
1055 .db_index = SAM_DATABASE_DOMAIN,
1056 .delta_type = NETR_DELTA_USER,
1057 .sid = null_sid,
1058 .name = NULL,
1059 .expected_error = NT_STATUS_OK,
1060 .expected_num_results = 1,
1061 .expected_delta_type_1 = NETR_DELTA_USER,
1062 .comment = "NETR_DELTA_USER by rid 501"
1063 },
1064 {
1065 .rid = 0,
1066 .flags = NETR_CHANGELOG_SID_INCLUDED,
1067 .db_index = SAM_DATABASE_DOMAIN,
1068 .delta_type = NETR_DELTA_USER,
1069 .sid = *sid,
1070 .name = NULL,
1071 .expected_error = NT_STATUS_OK,
1072 .expected_num_results = 1,
1073 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1074 .comment = "NETR_DELTA_USER by sid and flags"
1075 },
1076 {
1077 .rid = 0,
1078 .flags = NETR_CHANGELOG_SID_INCLUDED,
1079 .db_index = SAM_DATABASE_DOMAIN,
1080 .delta_type = NETR_DELTA_USER,
1081 .sid = null_sid,
1082 .name = NULL,
1083 .expected_error = NT_STATUS_OK,
1084 .expected_num_results = 1,
1085 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1086 .comment = "NETR_DELTA_USER by null_sid and flags"
1087 },
1088 {
1089 .rid = 0,
1090 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1091 .db_index = SAM_DATABASE_DOMAIN,
1092 .delta_type = NETR_DELTA_USER,
1093 .sid = null_sid,
1094 .name = "administrator",
1095 .expected_error = NT_STATUS_OK,
1096 .expected_num_results = 1,
1097 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1098 .comment = "NETR_DELTA_USER by name 'administrator'"
1099 },
1100 {
1101 .rid = DOMAIN_RID_ADMINS,
1102 .flags = 0,
1103 .db_index = SAM_DATABASE_DOMAIN,
1104 .delta_type = NETR_DELTA_GROUP,
1105 .sid = null_sid,
1106 .name = NULL,
1107 .expected_error = NT_STATUS_OK,
1108 .expected_num_results = 2,
1109 .expected_delta_type_1 = NETR_DELTA_GROUP,
1110 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER,
1111 .comment = "NETR_DELTA_GROUP by rid 512"
1112 },
1113 {
1114 .rid = DOMAIN_RID_ADMINS,
1115 .flags = 0,
1116 .db_index = SAM_DATABASE_DOMAIN,
1117 .delta_type = NETR_DELTA_GROUP_MEMBER,
1118 .sid = null_sid,
1119 .name = NULL,
1120 .expected_error = NT_STATUS_OK,
1121 .expected_num_results = 2,
1122 .expected_delta_type_1 = NETR_DELTA_GROUP,
1123 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER,
1124 .comment = "NETR_DELTA_GROUP_MEMBER by rid 512"
1125 },
1126
1127
1128 /* SAM_DATABASE_BUILTIN */
1129
1130 {
1131 .rid = 0,
1132 .flags = 0,
1133 .db_index = SAM_DATABASE_BUILTIN,
1134 .delta_type = NETR_DELTA_MODIFY_COUNT,
1135 .sid = null_sid,
1136 .name = NULL,
1137 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1138 .expected_num_results = 0,
1139 .comment = "NETR_DELTA_MODIFY_COUNT"
1140 },
1141 {
1142 .rid = 0,
1143 .flags = 0,
1144 .db_index = SAM_DATABASE_BUILTIN,
1145 .delta_type = NETR_DELTA_DOMAIN,
1146 .sid = null_sid,
1147 .name = NULL,
1148 .expected_error = NT_STATUS_OK,
1149 .expected_num_results = 1,
1150 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1151 .comment = "NETR_DELTA_DOMAIN"
1152 },
1153 {
1154 .rid = DOMAIN_RID_ADMINISTRATOR,
1155 .flags = 0,
1156 .db_index = SAM_DATABASE_BUILTIN,
1157 .delta_type = NETR_DELTA_USER,
1158 .sid = null_sid,
1159 .name = NULL,
1160 .expected_error = NT_STATUS_OK,
1161 .expected_num_results = 1,
1162 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1163 .comment = "NETR_DELTA_USER by rid 500"
1164 },
1165 {
1166 .rid = 0,
1167 .flags = 0,
1168 .db_index = SAM_DATABASE_BUILTIN,
1169 .delta_type = NETR_DELTA_USER,
1170 .sid = null_sid,
1171 .name = NULL,
1172 .expected_error = NT_STATUS_OK,
1173 .expected_num_results = 1,
1174 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1175 .comment = "NETR_DELTA_USER"
1176 },
1177 {
1178 .rid = 544,
1179 .flags = 0,
1180 .db_index = SAM_DATABASE_BUILTIN,
1181 .delta_type = NETR_DELTA_ALIAS,
1182 .sid = null_sid,
1183 .name = NULL,
1184 .expected_error = NT_STATUS_OK,
1185 .expected_num_results = 2,
1186 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1187 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1188 .comment = "NETR_DELTA_ALIAS by rid 544"
1189 },
1190 {
1191 .rid = 544,
1192 .flags = 0,
1193 .db_index = SAM_DATABASE_BUILTIN,
1194 .delta_type = NETR_DELTA_ALIAS_MEMBER,
1195 .sid = null_sid,
1196 .name = NULL,
1197 .expected_error = NT_STATUS_OK,
1198 .expected_num_results = 2,
1199 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1200 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1201 .comment = "NETR_DELTA_ALIAS_MEMBER by rid 544"
1202 },
1203 {
1204 .rid = 544,
1205 .flags = 0,
1206 .db_index = SAM_DATABASE_BUILTIN,
1207 .delta_type = 0,
1208 .sid = null_sid,
1209 .name = NULL,
1210 .expected_error = NT_STATUS_OK,
1211 .expected_num_results = 1,
1212 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1213 .comment = "NULL DELTA by rid 544"
1214 },
1215 {
1216 .rid = 544,
1217 .flags = NETR_CHANGELOG_SID_INCLUDED,
1218 .db_index = SAM_DATABASE_BUILTIN,
1219 .delta_type = 0,
1220 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1221 .name = NULL,
1222 .expected_error = NT_STATUS_OK,
1223 .expected_num_results = 1,
1224 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1225 .comment = "NULL DELTA by rid 544 sid S-1-5-32-544 and flags"
1226 },
1227 {
1228 .rid = 544,
1229 .flags = NETR_CHANGELOG_SID_INCLUDED,
1230 .db_index = SAM_DATABASE_BUILTIN,
1231 .delta_type = NETR_DELTA_ALIAS,
1232 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1233 .name = NULL,
1234 .expected_error = NT_STATUS_OK,
1235 .expected_num_results = 2,
1236 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1237 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1238 .comment = "NETR_DELTA_ALIAS by rid 544 and sid S-1-5-32-544 and flags"
1239 },
1240 {
1241 .rid = 0,
1242 .flags = NETR_CHANGELOG_SID_INCLUDED,
1243 .db_index = SAM_DATABASE_BUILTIN,
1244 .delta_type = NETR_DELTA_ALIAS,
1245 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1246 .name = NULL,
1247 .expected_error = NT_STATUS_OK,
1248 .expected_num_results = 1,
1249 .expected_delta_type_1 = NETR_DELTA_DELETE_ALIAS,
1250 .comment = "NETR_DELTA_ALIAS by sid S-1-5-32-544 and flags"
1251 },
1252
1253 /* SAM_DATABASE_PRIVS */
1254
1255 {
1256 .rid = 0,
1257 .flags = 0,
1258 .db_index = SAM_DATABASE_PRIVS,
1259 .delta_type = 0,
1260 .sid = null_sid,
1261 .name = NULL,
1262 .expected_error = NT_STATUS_ACCESS_DENIED,
1263 .expected_num_results = 0,
1264 .comment = "NULL DELTA"
1265 },
1266 {
1267 .rid = 0,
1268 .flags = 0,
1269 .db_index = SAM_DATABASE_PRIVS,
1270 .delta_type = NETR_DELTA_MODIFY_COUNT,
1271 .sid = null_sid,
1272 .name = NULL,
1273 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1274 .expected_num_results = 0,
1275 .comment = "NETR_DELTA_MODIFY_COUNT"
1276 },
1277 {
1278 .rid = 0,
1279 .flags = 0,
1280 .db_index = SAM_DATABASE_PRIVS,
1281 .delta_type = NETR_DELTA_POLICY,
1282 .sid = null_sid,
1283 .name = NULL,
1284 .expected_error = NT_STATUS_OK,
1285 .expected_num_results = 1,
1286 .expected_delta_type_1 = NETR_DELTA_POLICY,
1287 .comment = "NETR_DELTA_POLICY"
1288 },
1289 {
1290 .rid = 0,
1291 .flags = NETR_CHANGELOG_SID_INCLUDED,
1292 .db_index = SAM_DATABASE_PRIVS,
1293 .delta_type = NETR_DELTA_POLICY,
1294 .sid = null_sid,
1295 .name = NULL,
1296 .expected_error = NT_STATUS_OK,
1297 .expected_num_results = 1,
1298 .expected_delta_type_1 = NETR_DELTA_POLICY,
1299 .comment = "NETR_DELTA_POLICY by null sid and flags"
1300 },
1301 {
1302 .rid = 0,
1303 .flags = NETR_CHANGELOG_SID_INCLUDED,
1304 .db_index = SAM_DATABASE_PRIVS,
1305 .delta_type = NETR_DELTA_POLICY,
1306 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32"),
1307 .name = NULL,
1308 .expected_error = NT_STATUS_OK,
1309 .expected_num_results = 1,
1310 .expected_delta_type_1 = NETR_DELTA_POLICY,
1311 .comment = "NETR_DELTA_POLICY by sid S-1-5-32 and flags"
1312 },
1313 {
1314 .rid = DOMAIN_RID_ADMINISTRATOR,
1315 .flags = 0,
1316 .db_index = SAM_DATABASE_PRIVS,
1317 .delta_type = NETR_DELTA_ACCOUNT,
1318 .sid = null_sid,
1319 .name = NULL,
1320 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED, /* strange */
1321 .expected_num_results = 0,
1322 .comment = "NETR_DELTA_ACCOUNT by rid 500"
1323 },
1324 {
1325 .rid = 0,
1326 .flags = NETR_CHANGELOG_SID_INCLUDED,
1327 .db_index = SAM_DATABASE_PRIVS,
1328 .delta_type = NETR_DELTA_ACCOUNT,
1329 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1330 .name = NULL,
1331 .expected_error = NT_STATUS_OK,
1332 .expected_num_results = 1,
1333 .expected_delta_type_1 = NETR_DELTA_ACCOUNT,
1334 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and flags"
1335 },
1336 {
1337 .rid = 0,
1338 .flags = NETR_CHANGELOG_SID_INCLUDED |
1339 NETR_CHANGELOG_IMMEDIATE_REPL_REQUIRED,
1340 .db_index = SAM_DATABASE_PRIVS,
1341 .delta_type = NETR_DELTA_ACCOUNT,
1342 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1343 .name = NULL,
1344 .expected_error = NT_STATUS_OK,
1345 .expected_num_results = 1,
1346 .expected_delta_type_1 = NETR_DELTA_ACCOUNT,
1347 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and 2 flags"
1348 },
1349 {
1350 .rid = 0,
1351 .flags = NETR_CHANGELOG_SID_INCLUDED |
1352 NETR_CHANGELOG_NAME_INCLUDED,
1353 .db_index = SAM_DATABASE_PRIVS,
1354 .delta_type = NETR_DELTA_ACCOUNT,
1355 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1356 .name = NULL,
1357 .expected_error = NT_STATUS_INVALID_PARAMETER,
1358 .expected_num_results = 0,
1359 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and invalid flags"
1360 },
1361 {
1362 .rid = DOMAIN_RID_ADMINISTRATOR,
1363 .flags = NETR_CHANGELOG_SID_INCLUDED,
1364 .db_index = SAM_DATABASE_PRIVS,
1365 .delta_type = NETR_DELTA_ACCOUNT,
1366 .sid = *sid,
1367 .name = NULL,
1368 .expected_error = NT_STATUS_OK,
1369 .expected_num_results = 1,
1370 .expected_delta_type_1 = NETR_DELTA_DELETE_ACCOUNT,
1371 .comment = "NETR_DELTA_ACCOUNT by rid 500, sid and flags"
1372 },
1373 {
1374 .rid = 0,
1375 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1376 .db_index = SAM_DATABASE_PRIVS,
1377 .delta_type = NETR_DELTA_SECRET,
1378 .sid = null_sid,
1379 .name = "IsurelydontexistIhope",
1380 .expected_error = NT_STATUS_OK,
1381 .expected_num_results = 1,
1382 .expected_delta_type_1 = NETR_DELTA_DELETE_SECRET,
1383 .comment = "NETR_DELTA_SECRET by name 'IsurelydontexistIhope' and flags"
1384 },
1385 {
1386 .rid = 0,
1387 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1388 .db_index = SAM_DATABASE_PRIVS,
1389 .delta_type = NETR_DELTA_SECRET,
1390 .sid = null_sid,
1391 .name = "G$BCKUPKEY_P",
1392 .expected_error = NT_STATUS_OK,
1393 .expected_num_results = 1,
1394 .expected_delta_type_1 = NETR_DELTA_SECRET,
1395 .comment = "NETR_DELTA_SECRET by name 'G$BCKUPKEY_P' and flags"
1396 }
1397 };
1398
1399 ZERO_STRUCT(return_authenticator);
1400
1401 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1402 r.in.computername = TEST_MACHINE_NAME;
1403 r.in.return_authenticator = &return_authenticator;
1404 r.out.return_authenticator = &return_authenticator;
1405 r.out.delta_enum_array = &delta_enum_array;
1406
1407 for (d=0; d<3; d++) {
1408 const char *database = NULL;
1409
1410 switch (d) {
1411 case 0:
1412 database = "SAM";
1413 break;
1414 case 1:
1415 database = "BUILTIN";
1416 break;
1417 case 2:
1418 database = "LSA";
1419 break;
1420 default:
1421 break;
1422 }
1423
1424 torture_comment(tctx, "Testing DatabaseRedo\n");
1425
1426 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1427 return false;
1428 }
1429
1430 for (i=0;i<ARRAY_SIZE(changes);i++) {
1431
1432 if (d != changes[i].db_index) {
1433 continue;
1434 }
1435
1436 netlogon_creds_client_authenticator(creds, &credential);
1437
1438 r.in.credential = &credential;
1439
1440 e.serial_number1 = 0;
1441 e.serial_number2 = 0;
1442 e.object_rid = changes[i].rid;
1443 e.flags = changes[i].flags;
1444 e.db_index = changes[i].db_index;
1445 e.delta_type = changes[i].delta_type;
1446
1447 switch (changes[i].flags & (NETR_CHANGELOG_NAME_INCLUDED | NETR_CHANGELOG_SID_INCLUDED)) {
1448 case NETR_CHANGELOG_SID_INCLUDED:
1449 e.object.object_sid = changes[i].sid;
1450 break;
1451 case NETR_CHANGELOG_NAME_INCLUDED:
1452 e.object.object_name = changes[i].name;
1453 break;
1454 default:
1455 break;
1456 }
1457
1458 r.in.change_log_entry = e;
1459
1460 torture_comment(tctx, "Testing DatabaseRedo with database %s and %s\n",
1461 database, changes[i].comment);
1462
1463 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseRedo_r(b, tctx, &r),
1464 "DatabaseRedo failed");
1465 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
1466 return true;
1467 }
1468
1469 torture_assert_ntstatus_equal(tctx, r.out.result, changes[i].expected_error, changes[i].comment);
1470 if (delta_enum_array) {
1471 torture_assert_int_equal(tctx,
1472 delta_enum_array->num_deltas,
1473 changes[i].expected_num_results,
1474 changes[i].comment);
1475 if (delta_enum_array->num_deltas > 0) {
1476 torture_assert_int_equal(tctx,
1477 delta_enum_array->delta_enum[0].delta_type,
1478 changes[i].expected_delta_type_1,
1479 changes[i].comment);
1480 }
1481 if (delta_enum_array->num_deltas > 1) {
1482 torture_assert_int_equal(tctx,
1483 delta_enum_array->delta_enum[1].delta_type,
1484 changes[i].expected_delta_type_2,
1485 changes[i].comment);
1486 }
1487 }
1488
1489 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
1490 torture_comment(tctx, "Credential chaining failed\n");
1491 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1492 return false;
1493 }
1494 }
1495 }
1496 }
1497 }
1498
1499 return true;
1500 }
1501
1502 /*
1503 try a netlogon AccountDeltas
1504 */
1505 static bool test_AccountDeltas(struct torture_context *tctx,
1506 struct dcerpc_pipe *p,
1507 struct cli_credentials *machine_credentials)
1508 {
1509 struct netr_AccountDeltas r;
1510 struct netlogon_creds_CredentialState *creds;
1511
1512 struct netr_AccountBuffer buffer;
1513 uint32_t count_returned = 0;
1514 uint32_t total_entries = 0;
1515 struct netr_UAS_INFO_0 recordid;
1516 struct netr_Authenticator return_authenticator;
1517 struct dcerpc_binding_handle *b = p->binding_handle;
1518
1519 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1520 return false;
1521 }
1522
1523 ZERO_STRUCT(return_authenticator);
1524
1525 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1526 r.in.computername = TEST_MACHINE_NAME;
1527 r.in.return_authenticator = &return_authenticator;
1528 netlogon_creds_client_authenticator(creds, &r.in.credential);
1529 ZERO_STRUCT(r.in.uas);
1530 r.in.count=10;
1531 r.in.level=0;
1532 r.in.buffersize=100;
1533 r.out.buffer = &buffer;
1534 r.out.count_returned = &count_returned;
1535 r.out.total_entries = &total_entries;
1536 r.out.recordid = &recordid;
1537 r.out.return_authenticator = &return_authenticator;
1538
1539 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1540 torture_assert_ntstatus_ok(tctx, dcerpc_netr_AccountDeltas_r(b, tctx, &r),
1541 "AccountDeltas failed");
1542 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_NOT_IMPLEMENTED, "AccountDeltas");
1543
1544 return true;
1545 }
1546
1547 /*
1548 try a netlogon AccountSync
1549 */
1550 static bool test_AccountSync(struct torture_context *tctx, struct dcerpc_pipe *p,
1551 struct cli_credentials *machine_credentials)
1552 {
1553 struct netr_AccountSync r;
1554 struct netlogon_creds_CredentialState *creds;
1555
1556 struct netr_AccountBuffer buffer;
1557 uint32_t count_returned = 0;
1558 uint32_t total_entries = 0;
1559 uint32_t next_reference = 0;
1560 struct netr_UAS_INFO_0 recordid;
1561 struct netr_Authenticator return_authenticator;
1562 struct dcerpc_binding_handle *b = p->binding_handle;
1563
1564 ZERO_STRUCT(recordid);
1565 ZERO_STRUCT(return_authenticator);
1566
1567 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1568 return false;
1569 }
1570
1571 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1572 r.in.computername = TEST_MACHINE_NAME;
1573 r.in.return_authenticator = &return_authenticator;
1574 netlogon_creds_client_authenticator(creds, &r.in.credential);
1575 r.in.recordid = &recordid;
1576 r.in.reference=0;
1577 r.in.level=0;
1578 r.in.buffersize=100;
1579 r.out.buffer = &buffer;
1580 r.out.count_returned = &count_returned;
1581 r.out.total_entries = &total_entries;
1582 r.out.next_reference = &next_reference;
1583 r.out.recordid = &recordid;
1584 r.out.return_authenticator = &return_authenticator;
1585
1586 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1587 torture_assert_ntstatus_ok(tctx, dcerpc_netr_AccountSync_r(b, tctx, &r),
1588 "AccountSync failed");
1589 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_NOT_IMPLEMENTED, "AccountSync");
1590
1591 return true;
1592 }
1593
1594 /*
1595 try a netlogon GetDcName
1596 */
1597 static bool test_GetDcName(struct torture_context *tctx,
1598 struct dcerpc_pipe *p)
1599 {
1600 struct netr_GetDcName r;
1601 const char *dcname = NULL;
1602 struct dcerpc_binding_handle *b = p->binding_handle;
1603
1604 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1605 r.in.domainname = lp_workgroup(tctx->lp_ctx);
1606 r.out.dcname = &dcname;
1607
1608 torture_assert_ntstatus_ok(tctx, dcerpc_netr_GetDcName_r(b, tctx, &r),
1609 "GetDcName failed");
1610 torture_assert_werr_ok(tctx, r.out.result, "GetDcName failed");
1611
1612 torture_comment(tctx, "\tDC is at '%s'\n", dcname);
1613
1614 return true;
1615 }
1616
1617 static const char *function_code_str(TALLOC_CTX *mem_ctx,
1618 enum netr_LogonControlCode function_code)
1619 {
1620 switch (function_code) {
1621 case NETLOGON_CONTROL_QUERY:
1622 return "NETLOGON_CONTROL_QUERY";
1623 case NETLOGON_CONTROL_REPLICATE:
1624 return "NETLOGON_CONTROL_REPLICATE";
1625 case NETLOGON_CONTROL_SYNCHRONIZE:
1626 return "NETLOGON_CONTROL_SYNCHRONIZE";
1627 case NETLOGON_CONTROL_PDC_REPLICATE:
1628 return "NETLOGON_CONTROL_PDC_REPLICATE";
1629 case NETLOGON_CONTROL_REDISCOVER:
1630 return "NETLOGON_CONTROL_REDISCOVER";
1631 case NETLOGON_CONTROL_TC_QUERY:
1632 return "NETLOGON_CONTROL_TC_QUERY";
1633 case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1634 return "NETLOGON_CONTROL_TRANSPORT_NOTIFY";
1635 case NETLOGON_CONTROL_FIND_USER:
1636 return "NETLOGON_CONTROL_FIND_USER";
1637 case NETLOGON_CONTROL_CHANGE_PASSWORD:
1638 return "NETLOGON_CONTROL_CHANGE_PASSWORD";
1639 case NETLOGON_CONTROL_TC_VERIFY:
1640 return "NETLOGON_CONTROL_TC_VERIFY";
1641 case NETLOGON_CONTROL_FORCE_DNS_REG:
1642 return "NETLOGON_CONTROL_FORCE_DNS_REG";
1643 case NETLOGON_CONTROL_QUERY_DNS_REG:
1644 return "NETLOGON_CONTROL_QUERY_DNS_REG";
1645 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1646 return "NETLOGON_CONTROL_BACKUP_CHANGE_LOG";
1647 case NETLOGON_CONTROL_TRUNCATE_LOG:
1648 return "NETLOGON_CONTROL_TRUNCATE_LOG";
1649 case NETLOGON_CONTROL_SET_DBFLAG:
1650 return "NETLOGON_CONTROL_SET_DBFLAG";
1651 case NETLOGON_CONTROL_BREAKPOINT:
1652 return "NETLOGON_CONTROL_BREAKPOINT";
1653 default:
1654 return talloc_asprintf(mem_ctx, "unknown function code: %d",
1655 function_code);
1656 }
1657 }
1658
1659
1660 /*
1661 try a netlogon LogonControl
1662 */
1663 static bool test_LogonControl(struct torture_context *tctx,
1664 struct dcerpc_pipe *p,
1665 struct cli_credentials *machine_credentials)
1666
1667 {
1668 NTSTATUS status;
1669 struct netr_LogonControl r;
1670 union netr_CONTROL_QUERY_INFORMATION query;
1671 int i,f;
1672 enum netr_SchannelType secure_channel_type = SEC_CHAN_NULL;
1673 struct dcerpc_binding_handle *b = p->binding_handle;
1674
1675 uint32_t function_codes[] = {
1676 NETLOGON_CONTROL_QUERY,
1677 NETLOGON_CONTROL_REPLICATE,
1678 NETLOGON_CONTROL_SYNCHRONIZE,
1679 NETLOGON_CONTROL_PDC_REPLICATE,
1680 NETLOGON_CONTROL_REDISCOVER,
1681 NETLOGON_CONTROL_TC_QUERY,
1682 NETLOGON_CONTROL_TRANSPORT_NOTIFY,
1683 NETLOGON_CONTROL_FIND_USER,
1684 NETLOGON_CONTROL_CHANGE_PASSWORD,
1685 NETLOGON_CONTROL_TC_VERIFY,
1686 NETLOGON_CONTROL_FORCE_DNS_REG,
1687 NETLOGON_CONTROL_QUERY_DNS_REG,
1688 NETLOGON_CONTROL_BACKUP_CHANGE_LOG,
1689 NETLOGON_CONTROL_TRUNCATE_LOG,
1690 NETLOGON_CONTROL_SET_DBFLAG,
1691 NETLOGON_CONTROL_BREAKPOINT
1692 };
1693
1694 if (machine_credentials) {
1695 secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
1696 }
1697
1698 torture_comment(tctx, "Testing LogonControl with secure channel type: %d\n",
1699 secure_channel_type);
1700
1701 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1702 r.in.function_code = 1;
1703 r.out.query = &query;
1704
1705 for (f=0;f<ARRAY_SIZE(function_codes); f++) {
1706 for (i=1;i<5;i++) {
1707
1708 r.in.function_code = function_codes[f];
1709 r.in.level = i;
1710
1711 torture_comment(tctx, "Testing LogonControl function code %s (%d) level %d\n",
1712 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
1713
1714 status = dcerpc_netr_LogonControl_r(b, tctx, &r);
1715 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1716
1717 switch (r.in.level) {
1718 case 1:
1719 switch (r.in.function_code) {
1720 case NETLOGON_CONTROL_REPLICATE:
1721 case NETLOGON_CONTROL_SYNCHRONIZE:
1722 case NETLOGON_CONTROL_PDC_REPLICATE:
1723 case NETLOGON_CONTROL_BREAKPOINT:
1724 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1725 if ((secure_channel_type == SEC_CHAN_BDC) ||
1726 (secure_channel_type == SEC_CHAN_WKSTA)) {
1727 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1728 "LogonControl returned unexpected error code");
1729 } else {
1730 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1731 "LogonControl returned unexpected error code");
1732 }
1733 break;
1734
1735 case NETLOGON_CONTROL_REDISCOVER:
1736 case NETLOGON_CONTROL_TC_QUERY:
1737 case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1738 case NETLOGON_CONTROL_FIND_USER:
1739 case NETLOGON_CONTROL_CHANGE_PASSWORD:
1740 case NETLOGON_CONTROL_TC_VERIFY:
1741 case NETLOGON_CONTROL_FORCE_DNS_REG:
1742 case NETLOGON_CONTROL_QUERY_DNS_REG:
1743 case NETLOGON_CONTROL_SET_DBFLAG:
1744 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1745 "LogonControl returned unexpected error code");
1746 break;
1747 case NETLOGON_CONTROL_TRUNCATE_LOG:
1748 if ((secure_channel_type == SEC_CHAN_BDC) ||
1749 (secure_channel_type == SEC_CHAN_WKSTA)) {
1750 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1751 "LogonControl returned unexpected error code");
1752 } else {
1753 torture_assert_werr_ok(tctx, r.out.result,
1754 "LogonControl returned unexpected result");
1755 }
1756 break;
1757 default:
1758 torture_assert_werr_ok(tctx, r.out.result,
1759 "LogonControl returned unexpected result");
1760 break;
1761 }
1762 break;
1763 case 2:
1764 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1765 "LogonControl returned unexpected error code");
1766 break;
1767 default:
1768 torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL,
1769 "LogonControl returned unexpected error code");
1770 break;
1771 }
1772 }
1773 }
1774
1775 return true;
1776 }
1777
1778
1779 /*
1780 try a netlogon GetAnyDCName
1781 */
1782 static bool test_GetAnyDCName(struct torture_context *tctx,
1783 struct dcerpc_pipe *p)
1784 {
1785 NTSTATUS status;
1786 struct netr_GetAnyDCName r;
1787 const char *dcname = NULL;
1788 struct dcerpc_binding_handle *b = p->binding_handle;
1789
1790 r.in.domainname = lp_workgroup(tctx->lp_ctx);
1791 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1792 r.out.dcname = &dcname;
1793
1794 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
1795 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1796 if ((!W_ERROR_IS_OK(r.out.result)) &&
1797 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
1798 return false;
1799 }
1800
1801 if (dcname) {
1802 torture_comment(tctx, "\tDC is at '%s'\n", dcname);
1803 }
1804
1805 r.in.domainname = NULL;
1806
1807 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
1808 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1809 if ((!W_ERROR_IS_OK(r.out.result)) &&
1810 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
1811 return false;
1812 }
1813
1814 r.in.domainname = "";
1815
1816 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
1817 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1818 if ((!W_ERROR_IS_OK(r.out.result)) &&
1819 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
1820 return false;
1821 }
1822
1823 return true;
1824 }
1825
1826
1827 /*
1828 try a netlogon LogonControl2
1829 */
1830 static bool test_LogonControl2(struct torture_context *tctx,
1831 struct dcerpc_pipe *p,
1832 struct cli_credentials *machine_credentials)
1833
1834 {
1835 NTSTATUS status;
1836 struct netr_LogonControl2 r;
1837 union netr_CONTROL_DATA_INFORMATION data;
1838 union netr_CONTROL_QUERY_INFORMATION query;
1839 int i;
1840 struct dcerpc_binding_handle *b = p->binding_handle;
1841
1842 data.domain = lp_workgroup(tctx->lp_ctx);
1843
1844 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1845
1846 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
1847 r.in.data = &data;
1848 r.out.query = &query;
1849
1850 for (i=1;i<4;i++) {
1851 r.in.level = i;
1852
1853 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1854 i, r.in.function_code);
1855
1856 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1857 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1858 }
1859
1860 data.domain = lp_workgroup(tctx->lp_ctx);
1861
1862 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
1863 r.in.data = &data;
1864
1865 for (i=1;i<4;i++) {
1866 r.in.level = i;
1867
1868 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1869 i, r.in.function_code);
1870
1871 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1872 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1873 }
1874
1875 data.domain = lp_workgroup(tctx->lp_ctx);
1876
1877 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
1878 r.in.data = &data;
1879
1880 for (i=1;i<4;i++) {
1881 r.in.level = i;
1882
1883 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1884 i, r.in.function_code);
1885
1886 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1887 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1888 }
1889
1890 data.debug_level = ~0;
1891
1892 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
1893 r.in.data = &data;
1894
1895 for (i=1;i<4;i++) {
1896 r.in.level = i;
1897
1898 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1899 i, r.in.function_code);
1900
1901 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1902 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1903 }
1904
1905 return true;
1906 }
1907
1908 /*
1909 try a netlogon DatabaseSync2
1910 */
1911 static bool test_DatabaseSync2(struct torture_context *tctx,
1912 struct dcerpc_pipe *p,
1913 struct cli_credentials *machine_credentials)
1914 {
1915 struct netr_DatabaseSync2 r;
1916 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1917 struct netr_Authenticator return_authenticator, credential;
1918
1919 struct netlogon_creds_CredentialState *creds;
1920 const uint32_t database_ids[] = {0, 1, 2};
1921 int i;
1922 struct dcerpc_binding_handle *b = p->binding_handle;
1923
1924 if (!test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_FLAGS,
1925 machine_credentials,
1926 cli_credentials_get_secure_channel_type(machine_credentials),
1927 &creds)) {
1928 return false;
1929 }
1930
1931 ZERO_STRUCT(return_authenticator);
1932
1933 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1934 r.in.computername = TEST_MACHINE_NAME;
1935 r.in.preferredmaximumlength = (uint32_t)-1;
1936 r.in.return_authenticator = &return_authenticator;
1937 r.out.return_authenticator = &return_authenticator;
1938 r.out.delta_enum_array = &delta_enum_array;
1939
1940 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1941
1942 uint32_t sync_context = 0;
1943
1944 r.in.database_id = database_ids[i];
1945 r.in.sync_context = &sync_context;
1946 r.out.sync_context = &sync_context;
1947 r.in.restart_state = 0;
1948
1949 torture_comment(tctx, "Testing DatabaseSync2 of id %d\n", r.in.database_id);
1950
1951 do {
1952 netlogon_creds_client_authenticator(creds, &credential);
1953
1954 r.in.credential = &credential;
1955
1956 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseSync2_r(b, tctx, &r),
1957 "DatabaseSync2 failed");
1958 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
1959 break;
1960
1961 /* Native mode servers don't do this */
1962 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
1963 return true;
1964 }
1965
1966 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseSync2");
1967
1968 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
1969 torture_comment(tctx, "Credential chaining failed\n");
1970 }
1971
1972 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
1973 }
1974
1975 return true;
1976 }
1977
1978
1979 /*
1980 try a netlogon LogonControl2Ex
1981 */
1982 static bool test_LogonControl2Ex(struct torture_context *tctx,
1983 struct dcerpc_pipe *p,
1984 struct cli_credentials *machine_credentials)
1985
1986 {
1987 NTSTATUS status;
1988 struct netr_LogonControl2Ex r;
1989 union netr_CONTROL_DATA_INFORMATION data;
1990 union netr_CONTROL_QUERY_INFORMATION query;
1991 int i;
1992 struct dcerpc_binding_handle *b = p->binding_handle;
1993
1994 data.domain = lp_workgroup(tctx->lp_ctx);
1995
1996 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1997
1998 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
1999 r.in.data = &data;
2000 r.out.query = &query;
2001
2002 for (i=1;i<4;i++) {
2003 r.in.level = i;
2004
2005 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2006 i, r.in.function_code);
2007
2008 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2009 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2010 }
2011
2012 data.domain = lp_workgroup(tctx->lp_ctx);
2013
2014 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
2015 r.in.data = &data;
2016
2017 for (i=1;i<4;i++) {
2018 r.in.level = i;
2019
2020 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2021 i, r.in.function_code);
2022
2023 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2024 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2025 }
2026
2027 data.domain = lp_workgroup(tctx->lp_ctx);
2028
2029 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
2030 r.in.data = &data;
2031
2032 for (i=1;i<4;i++) {
2033 r.in.level = i;
2034
2035 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2036 i, r.in.function_code);
2037
2038 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2039 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2040 }
2041
2042 data.debug_level = ~0;
2043
2044 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
2045 r.in.data = &data;
2046
2047 for (i=1;i<4;i++) {
2048 r.in.level = i;
2049
2050 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2051 i, r.in.function_code);
2052
2053 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2054 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2055 }
2056
2057 return true;
2058 }
2059
2060 static bool test_netr_DsRGetForestTrustInformation(struct torture_context *tctx,
2061 struct dcerpc_pipe *p, const char *trusted_domain_name)
2062 {
2063 NTSTATUS status;
2064 struct netr_DsRGetForestTrustInformation r;
2065 struct lsa_ForestTrustInformation info, *info_ptr;
2066 struct dcerpc_binding_handle *b = p->binding_handle;
2067
2068 info_ptr = &info;
2069
2070 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2071 r.in.trusted_domain_name = trusted_domain_name;
2072 r.in.flags = 0;
2073 r.out.forest_trust_info = &info_ptr;
2074
2075 torture_comment(tctx ,"Testing netr_DsRGetForestTrustInformation\n");
2076
2077 status = dcerpc_netr_DsRGetForestTrustInformation_r(b, tctx, &r);
2078 torture_assert_ntstatus_ok(tctx, status, "DsRGetForestTrustInformation");
2079 torture_assert_werr_ok(tctx, r.out.result, "DsRGetForestTrustInformation");
2080
2081 return true;
2082 }
2083
2084 /*
2085 try a netlogon netr_DsrEnumerateDomainTrusts
2086 */
2087 static bool test_DsrEnumerateDomainTrusts(struct torture_context *tctx,
2088 struct dcerpc_pipe *p)
2089 {
2090 NTSTATUS status;
2091 struct netr_DsrEnumerateDomainTrusts r;
2092 struct netr_DomainTrustList trusts;
2093 int i;
2094 struct dcerpc_binding_handle *b = p->binding_handle;
2095
2096 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2097 r.in.trust_flags = 0x3f;
2098 r.out.trusts = &trusts;
2099
2100 status = dcerpc_netr_DsrEnumerateDomainTrusts_r(b, tctx, &r);
2101 torture_assert_ntstatus_ok(tctx, status, "DsrEnumerateDomaintrusts");
2102 torture_assert_werr_ok(tctx, r.out.result, "DsrEnumerateDomaintrusts");
2103
2104 /* when trusted_domain_name is NULL, netr_DsRGetForestTrustInformation
2105 * will show non-forest trusts and all UPN suffixes of the own forest
2106 * as LSA_FOREST_TRUST_TOP_LEVEL_NAME types */
2107
2108 if (r.out.trusts->count) {
2109 if (!test_netr_DsRGetForestTrustInformation(tctx, p, NULL)) {
2110 return false;
2111 }
2112 }
2113
2114 for (i=0; i<r.out.trusts->count; i++) {
2115
2116 /* get info for transitive forest trusts */
2117
2118 if (r.out.trusts->array[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
2119 if (!test_netr_DsRGetForestTrustInformation(tctx, p,
2120 r.out.trusts->array[i].dns_name)) {
2121 return false;
2122 }
2123 }
2124 }
2125
2126 return true;
2127 }
2128
2129 static bool test_netr_NetrEnumerateTrustedDomains(struct torture_context *tctx,
2130 struct dcerpc_pipe *p)
2131 {
2132 NTSTATUS status;
2133 struct netr_NetrEnumerateTrustedDomains r;
2134 struct netr_Blob trusted_domains_blob;
2135 struct dcerpc_binding_handle *b = p->binding_handle;
2136
2137 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2138 r.out.trusted_domains_blob = &trusted_domains_blob;
2139
2140 status = dcerpc_netr_NetrEnumerateTrustedDomains_r(b, tctx, &r);
2141 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomains");
2142 torture_assert_ntstatus_ok(tctx, r.out.result, "NetrEnumerateTrustedDomains");
2143
2144 return true;
2145 }
2146
2147 static bool test_netr_NetrEnumerateTrustedDomainsEx(struct torture_context *tctx,
2148 struct dcerpc_pipe *p)
2149 {
2150 NTSTATUS status;
2151 struct netr_NetrEnumerateTrustedDomainsEx r;
2152 struct netr_DomainTrustList dom_trust_list;
2153 struct dcerpc_binding_handle *b = p->binding_handle;
2154
2155 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2156 r.out.dom_trust_list = &dom_trust_list;
2157
2158 status = dcerpc_netr_NetrEnumerateTrustedDomainsEx_r(b, tctx, &r);
2159 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomainsEx");
2160 torture_assert_werr_ok(tctx, r.out.result, "NetrEnumerateTrustedDomainsEx");
2161
2162 return true;
2163 }
2164
2165
2166 static bool test_netr_DsRGetSiteName(struct dcerpc_pipe *p, struct torture_context *tctx,
2167 const char *computer_name,
2168 const char *expected_site)
2169 {
2170 NTSTATUS status;
2171 struct netr_DsRGetSiteName r;
2172 const char *site = NULL;
2173 struct dcerpc_binding_handle *b = p->binding_handle;
2174
2175 r.in.computer_name = computer_name;
2176 r.out.site = &site;
2177 torture_comment(tctx, "Testing netr_DsRGetSiteName\n");
2178
2179 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
2180 torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
2181 torture_assert_werr_ok(tctx, r.out.result, "DsRGetSiteName");
2182 torture_assert_str_equal(tctx, expected_site, site, "netr_DsRGetSiteName");
2183
2184 if (torture_setting_bool(tctx, "samba4", false))
2185 torture_skip(tctx, "skipping computer name check against Samba4");
2186
2187 r.in.computer_name = talloc_asprintf(tctx, "\\\\%s", computer_name);
2188 torture_comment(tctx,
2189 "Testing netr_DsRGetSiteName with broken computer name: %s\n", r.in.computer_name);
2190
2191 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
2192 torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
2193 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_COMPUTERNAME, "netr_DsRGetSiteName");
2194
2195 return true;
2196 }
2197
2198 /*
2199 try a netlogon netr_DsRGetDCName
2200 */
2201 static bool test_netr_DsRGetDCName(struct torture_context *tctx,
2202 struct dcerpc_pipe *p)
2203 {
2204 NTSTATUS status;
2205 struct netr_DsRGetDCName r;
2206 struct netr_DsRGetDCNameInfo *info = NULL;
2207 struct dcerpc_binding_handle *b = p->binding_handle;
2208
2209 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2210 r.in.domain_name = lp_dnsdomain(tctx->lp_ctx);
2211 r.in.domain_guid = NULL;
2212 r.in.site_guid = NULL;
2213 r.in.flags = DS_RETURN_DNS_NAME;
2214 r.out.info = &info;
2215
2216 status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
2217 torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
2218 torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
2219
2220 r.in.domain_name = lp_workgroup(tctx->lp_ctx);
2221
2222 status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
2223 torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
2224 torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
2225
2226 return test_netr_DsRGetSiteName(p, tctx,
2227 info->dc_unc,
2228 info->dc_site_name);
2229 }
2230
2231 /*
2232 try a netlogon netr_DsRGetDCNameEx
2233 */
2234 static bool test_netr_DsRGetDCNameEx(struct torture_context *tctx,
2235 struct dcerpc_pipe *p)
2236 {
2237 NTSTATUS status;
2238 struct netr_DsRGetDCNameEx r;
2239 struct netr_DsRGetDCNameInfo *info = NULL;
2240 struct dcerpc_binding_handle *b = p->binding_handle;
2241
2242 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2243 r.in.domain_name = lp_dnsdomain(tctx->lp_ctx);
2244 r.in.domain_guid = NULL;
2245 r.in.site_name = NULL;
2246 r.in.flags = DS_RETURN_DNS_NAME;
2247 r.out.info = &info;
2248
2249 status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
2250 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
2251 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
2252
2253 r.in.domain_name = lp_workgroup(tctx->lp_ctx);
2254
2255 status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
2256 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
2257 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
2258
2259 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2260 info->dc_site_name);
2261 }
2262
2263 /*
2264 try a netlogon netr_DsRGetDCNameEx2
2265 */
2266 static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx,
2267 struct dcerpc_pipe *p)
2268 {
2269 NTSTATUS status;
2270 struct netr_DsRGetDCNameEx2 r;
2271 struct netr_DsRGetDCNameInfo *info = NULL;
2272 struct dcerpc_binding_handle *b = p->binding_handle;
2273
2274 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with no inputs\n");
2275 ZERO_STRUCT(r.in);
2276 r.in.flags = DS_RETURN_DNS_NAME;
2277 r.out.info = &info;
2278
2279 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2280 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2281 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2282
2283 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2284 r.in.client_account = NULL;
2285 r.in.mask = 0x00000000;
2286 r.in.domain_name = lp_dnsdomain(tctx->lp_ctx);
2287 r.in.domain_guid = NULL;
2288 r.in.site_name = NULL;
2289 r.in.flags = DS_RETURN_DNS_NAME;
2290 r.out.info = &info;
2291
2292 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 without client account\n");
2293
2294 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2295 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2296 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2297
2298 r.in.domain_name = lp_workgroup(tctx->lp_ctx);
2299
2300 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2301 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2302 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2303
2304 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with client account\n");
2305 r.in.client_account = TEST_MACHINE_NAME"$";
2306 r.in.mask = ACB_SVRTRUST;
2307 r.in.flags = DS_RETURN_FLAT_NAME;
2308 r.out.info = &info;
2309
2310 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2311 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2312 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2313
2314 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2315 info->dc_site_name);
2316 }
2317
2318 static bool test_netr_DsrGetDcSiteCoverageW(struct torture_context *tctx,
2319 struct dcerpc_pipe *p)
2320 {
2321 char *url;
2322 struct ldb_context *sam_ctx = NULL;
2323 NTSTATUS status;
2324 struct netr_DsrGetDcSiteCoverageW r;
2325 struct DcSitesCtr *ctr = NULL;
2326 struct dcerpc_binding_handle *b = p->binding_handle;
2327
2328 torture_comment(tctx, "This does only pass with the default site\n");
2329
2330 /* We won't double-check this when we are over 'local' transports */
2331 if (dcerpc_server_name(p)) {
2332 /* Set up connection to SAMDB on DC */
2333 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2334 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2335 NULL,
2336 cmdline_credentials,
2337 0);
2338
2339 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2340 }
2341
2342 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2343 r.out.ctr = &ctr;
2344
2345 status = dcerpc_netr_DsrGetDcSiteCoverageW_r(b, tctx, &r);
2346 torture_assert_ntstatus_ok(tctx, status, "failed");
2347 torture_assert_werr_ok(tctx, r.out.result, "failed");
2348
2349 torture_assert(tctx, ctr->num_sites == 1,
2350 "we should per default only get the default site");
2351 if (sam_ctx != NULL) {
2352 torture_assert_casestr_equal(tctx, ctr->sites[0].string,
2353 samdb_server_site_name(sam_ctx, tctx),
2354 "didn't return default site");
2355 }
2356
2357 return true;
2358 }
2359
2360 static bool test_netr_DsRAddressToSitenamesW(struct torture_context *tctx,
2361 struct dcerpc_pipe *p)
2362 {
2363 char *url;
2364 struct ldb_context *sam_ctx = NULL;
2365 NTSTATUS status;
2366 struct netr_DsRAddressToSitenamesW r;
2367 struct netr_DsRAddress addrs[6];
2368 struct sockaddr_in *addr;
2369 #ifdef HAVE_IPV6
2370 struct sockaddr_in6 *addr6;
2371 #endif
2372 struct netr_DsRAddressToSitenamesWCtr *ctr;
2373 struct dcerpc_binding_handle *b = p->binding_handle;
2374 uint32_t i;
2375 int ret;
2376
2377 torture_comment(tctx, "This does only pass with the default site\n");
2378
2379 /* We won't double-check this when we are over 'local' transports */
2380 if (dcerpc_server_name(p)) {
2381 /* Set up connection to SAMDB on DC */
2382 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2383 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2384 NULL,
2385 cmdline_credentials,
2386 0);
2387
2388 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2389 }
2390
2391 /* First try valid IP addresses */
2392
2393 addrs[0].size = sizeof(struct sockaddr_in);
2394 addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
2395 addr = (struct sockaddr_in *) addrs[0].buffer;
2396 addr->sin_family = AF_INET;
2397 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2398 torture_assert(tctx, ret > 0, "inet_pton failed");
2399
2400 addrs[1].size = sizeof(struct sockaddr_in);
2401 addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
2402 addr = (struct sockaddr_in *) addrs[1].buffer;
2403 addr->sin_family = AF_INET;
2404 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2405 torture_assert(tctx, ret > 0, "inet_pton failed");
2406
2407 addrs[2].size = sizeof(struct sockaddr_in);
2408 addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
2409 addr = (struct sockaddr_in *) addrs[2].buffer;
2410 addr->sin_family = AF_INET;
2411 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2412 torture_assert(tctx, ret > 0, "inet_pton failed");
2413
2414 #ifdef HAVE_IPV6
2415 addrs[3].size = sizeof(struct sockaddr_in6);
2416 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2417 addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
2418 addr6->sin6_family = AF_INET6;
2419 ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
2420 torture_assert(tctx, ret > 0, "inet_pton failed");
2421
2422 addrs[4].size = sizeof(struct sockaddr_in6);
2423 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2424 addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
2425 addr6->sin6_family = AF_INET6;
2426 ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
2427 torture_assert(tctx, ret > 0, "inet_pton failed");
2428
2429 addrs[5].size = sizeof(struct sockaddr_in6);
2430 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2431 addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
2432 addr6->sin6_family = AF_INET6;
2433 ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
2434 torture_assert(tctx, ret > 0, "inet_pton failed");
2435 #else
2436 /* the test cases are repeated to have exactly 6. This is for
2437 * compatibility with IPv4-only machines */
2438 addrs[3].size = sizeof(struct sockaddr_in);
2439 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2440 addr = (struct sockaddr_in *) addrs[3].buffer;
2441 addr->sin_family = AF_INET;
2442 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2443 torture_assert(tctx, ret > 0, "inet_pton failed");
2444
2445 addrs[4].size = sizeof(struct sockaddr_in);
2446 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2447 addr = (struct sockaddr_in *) addrs[4].buffer;
2448 addr->sin_family = AF_INET;
2449 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2450 torture_assert(tctx, ret > 0, "inet_pton failed");
2451
2452 addrs[5].size = sizeof(struct sockaddr_in);
2453 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2454 addr = (struct sockaddr_in *) addrs[5].buffer;
2455 addr->sin_family = AF_INET;
2456 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2457 torture_assert(tctx, ret > 0, "inet_pton failed");
2458 #endif
2459
2460 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesWCtr);
2461
2462 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2463 r.in.count = 6;
2464 r.in.addresses = addrs;
2465 r.out.ctr = &ctr;
2466
2467 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2468 torture_assert_ntstatus_ok(tctx, status, "failed");
2469 torture_assert_werr_ok(tctx, r.out.result, "failed");
2470
2471 if (sam_ctx != NULL) {
2472 for (i = 0; i < 3; i++) {
2473 torture_assert_casestr_equal(tctx,
2474 ctr->sitename[i].string,
2475 samdb_server_site_name(sam_ctx, tctx),
2476 "didn't return default site");
2477 }
2478 for (i = 3; i < 6; i++) {
2479 /* Windows returns "NULL" for the sitename if it isn't IPv6 configured
2480 torture_assert_casestr_equal(tctx,
2481 ctr->sitename[i].string,
2482 samdb_server_site_name(sam_ctx, tctx),
2483 "didn't return default site");
2484 */
2485 }
2486 }
2487
2488 /* Now try invalid ones (too short buffers) */
2489
2490 addrs[0].size = 0;
2491 addrs[1].size = 1;
2492 addrs[2].size = 4;
2493
2494 addrs[3].size = 0;
2495 addrs[4].size = 1;
2496 addrs[5].size = 4;
2497
2498 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2499 torture_assert_ntstatus_ok(tctx, status, "failed");
2500 torture_assert_werr_ok(tctx, r.out.result, "failed");
2501
2502 for (i = 0; i < 6; i++) {
2503 torture_assert(tctx, ctr->sitename[i].string == NULL,
2504 "sitename should be null");
2505 }
2506
2507 /* Now try invalid ones (wrong address types) */
2508
2509 addrs[0].size = 10;
2510 addrs[0].buffer[0] = AF_UNSPEC;
2511 addrs[1].size = 10;
2512 addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
2513 addrs[2].size = 10;
2514 addrs[2].buffer[0] = AF_UNIX;
2515
2516 addrs[3].size = 10;
2517 addrs[3].buffer[0] = 250;
2518 addrs[4].size = 10;
2519 addrs[4].buffer[0] = 251;
2520 addrs[5].size = 10;
2521 addrs[5].buffer[0] = 252;
2522
2523 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2524 torture_assert_ntstatus_ok(tctx, status, "failed");
2525 torture_assert_werr_ok(tctx, r.out.result, "failed");
2526
2527 for (i = 0; i < 6; i++) {
2528 torture_assert(tctx, ctr->sitename[i].string == NULL,
2529 "sitename should be null");
2530 }
2531
2532 return true;
2533 }
2534
2535 static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx,
2536 struct dcerpc_pipe *p)
2537 {
2538 char *url;
2539 struct ldb_context *sam_ctx = NULL;
2540 NTSTATUS status;
2541 struct netr_DsRAddressToSitenamesExW r;
2542 struct netr_DsRAddress addrs[6];
2543 struct sockaddr_in *addr;
2544 #ifdef HAVE_IPV6
2545 struct sockaddr_in6 *addr6;
2546 #endif
2547 struct netr_DsRAddressToSitenamesExWCtr *ctr;
2548 struct dcerpc_binding_handle *b = p->binding_handle;
2549 uint32_t i;
2550 int ret;
2551
2552 torture_comment(tctx, "This does pass with the default site\n");
2553
2554 /* We won't double-check this when we are over 'local' transports */
2555 if (dcerpc_server_name(p)) {
2556 /* Set up connection to SAMDB on DC */
2557 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2558 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2559 NULL,
2560 cmdline_credentials,
2561 0);
2562
2563 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2564 }
2565
2566 /* First try valid IP addresses */
2567
2568 addrs[0].size = sizeof(struct sockaddr_in);
2569 addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
2570 addr = (struct sockaddr_in *) addrs[0].buffer;
2571 addr->sin_family = AF_INET;
2572 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2573 torture_assert(tctx, ret > 0, "inet_pton failed");
2574
2575 addrs[1].size = sizeof(struct sockaddr_in);
2576 addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
2577 addr = (struct sockaddr_in *) addrs[1].buffer;
2578 addr->sin_family = AF_INET;
2579 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2580 torture_assert(tctx, ret > 0, "inet_pton failed");
2581
2582 addrs[2].size = sizeof(struct sockaddr_in);
2583 addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
2584 addr = (struct sockaddr_in *) addrs[2].buffer;
2585 addr->sin_family = AF_INET;
2586 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2587 torture_assert(tctx, ret > 0, "inet_pton failed");
2588
2589 #ifdef HAVE_IPV6
2590 addrs[3].size = sizeof(struct sockaddr_in6);
2591 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2592 addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
2593 addr6->sin6_family = AF_INET6;
2594 ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
2595 torture_assert(tctx, ret > 0, "inet_pton failed");
2596
2597 addrs[4].size = sizeof(struct sockaddr_in6);
2598 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2599 addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
2600 addr6->sin6_family = AF_INET6;
2601 ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
2602 torture_assert(tctx, ret > 0, "inet_pton failed");
2603
2604 addrs[5].size = sizeof(struct sockaddr_in6);
2605 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2606 addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
2607 addr6->sin6_family = AF_INET6;
2608 ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
2609 torture_assert(tctx, ret > 0, "inet_pton failed");
2610 #else
2611 /* the test cases are repeated to have exactly 6. This is for
2612 * compatibility with IPv4-only machines */
2613 addrs[3].size = sizeof(struct sockaddr_in);
2614 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2615 addr = (struct sockaddr_in *) addrs[3].buffer;
2616 addr->sin_family = AF_INET;
2617 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2618 torture_assert(tctx, ret > 0, "inet_pton failed");
2619
2620 addrs[4].size = sizeof(struct sockaddr_in);
2621 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2622 addr = (struct sockaddr_in *) addrs[4].buffer;
2623 addr->sin_family = AF_INET;
2624 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2625 torture_assert(tctx, ret > 0, "inet_pton failed");
2626
2627 addrs[5].size = sizeof(struct sockaddr_in);
2628 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2629 addr = (struct sockaddr_in *) addrs[5].buffer;
2630 addr->sin_family = AF_INET;
2631 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2632 torture_assert(tctx, ret > 0, "inet_pton failed");
2633 #endif
2634
2635 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesExWCtr);
2636
2637 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2638 r.in.count = 6;
2639 r.in.addresses = addrs;
2640 r.out.ctr = &ctr;
2641
2642 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
2643 torture_assert_ntstatus_ok(tctx, status, "failed");
2644 torture_assert_werr_ok(tctx, r.out.result, "failed");
2645
2646 if (sam_ctx != NULL) {
2647 for (i = 0; i < 3; i++) {
2648 torture_assert_casestr_equal(tctx,
2649 ctr->sitename[i].string,
2650 samdb_server_site_name(sam_ctx, tctx),
2651 "didn't return default site");
2652 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2653 "subnet should be null");
2654 }
2655 for (i = 3; i < 6; i++) {
2656 /* Windows returns "NULL" for the sitename if it isn't IPv6 configured
2657 torture_assert_casestr_equal(tctx,
2658 ctr->sitename[i].string,
2659 samdb_server_site_name(sam_ctx, tctx),
2660 "didn't return default site");
2661 */
2662 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2663 "subnet should be null");
2664 }
2665 }
2666
2667 /* Now try invalid ones (too short buffers) */
2668
2669 addrs[0].size = 0;
2670 addrs[1].size = 1;
2671 addrs[2].size = 4;
2672
2673 addrs[3].size = 0;
2674 addrs[4].size = 1;
2675 addrs[5].size = 4;
2676
2677 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
2678 torture_assert_ntstatus_ok(tctx, status, "failed");
2679 torture_assert_werr_ok(tctx, r.out.result, "failed");
2680
2681 for (i = 0; i < 6; i++) {
2682 torture_assert(tctx, ctr->sitename[i].string == NULL,
2683 "sitename should be null");
2684 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2685 "subnet should be null");
2686 }
2687
2688 addrs[0].size = 10;
2689 addrs[0].buffer[0] = AF_UNSPEC;
2690 addrs[1].size = 10;
2691 addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
2692 addrs[2].size = 10;
2693 addrs[2].buffer[0] = AF_UNIX;
2694
2695 addrs[3].size = 10;
2696 addrs[3].buffer[0] = 250;
2697 addrs[4].size = 10;
2698 addrs[4].buffer[0] = 251;
2699 addrs[5].size = 10;
2700 addrs[5].buffer[0] = 252;
2701
2702 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
2703 torture_assert_ntstatus_ok(tctx, status, "failed");
2704 torture_assert_werr_ok(tctx, r.out.result, "failed");
2705
2706 for (i = 0; i < 6; i++) {
2707 torture_assert(tctx, ctr->sitename[i].string == NULL,
2708 "sitename should be null");
2709 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2710 "subnet should be null");
2711 }
2712
2713 return true;
2714 }
2715
2716 static bool test_netr_ServerGetTrustInfo(struct torture_context *tctx,
2717 struct dcerpc_pipe *p,
2718 struct cli_credentials *machine_credentials)
2719 {
2720 struct netr_ServerGetTrustInfo r;
2721
2722 struct netr_Authenticator a;
2723 struct netr_Authenticator return_authenticator;
2724 struct samr_Password new_owf_password;
2725 struct samr_Password old_owf_password;
2726 struct netr_TrustInfo *trust_info;
2727
2728 struct netlogon_creds_CredentialState *creds;
2729 struct dcerpc_binding_handle *b = p->binding_handle;
2730
2731 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2732 machine_credentials, &creds)) {
2733 return false;
2734 }
2735
2736 netlogon_creds_client_authenticator(creds, &a);
2737
2738 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2739 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
2740 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
2741 r.in.computer_name = TEST_MACHINE_NAME;
2742 r.in.credential = &a;
2743
2744 r.out.return_authenticator = &return_authenticator;
2745 r.out.new_owf_password = &new_owf_password;
2746 r.out.old_owf_password = &old_owf_password;
2747 r.out.trust_info = &trust_info;
2748
2749 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerGetTrustInfo_r(b, tctx, &r),
2750 "ServerGetTrustInfo failed");
2751 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerGetTrustInfo failed");
2752 torture_assert(tctx, netlogon_creds_client_check(creds, &return_authenticator.cred), "Credential chaining failed");
2753
2754 return true;
2755 }
2756
2757
2758 static bool test_GetDomainInfo(struct torture_context *tctx,
2759 struct dcerpc_pipe *p,
2760 struct cli_credentials *machine_credentials)
2761 {
2762 struct netr_LogonGetDomainInfo r;
2763 struct netr_WorkstationInformation q1;
2764 struct netr_Authenticator a;
2765 struct netlogon_creds_CredentialState *creds;
2766 struct netr_OsVersion os;
2767 union netr_WorkstationInfo query;
2768 union netr_DomainInfo info;
2769 const char* const attrs[] = { "dNSHostName", "operatingSystem",
2770 "operatingSystemServicePack", "operatingSystemVersion",
2771 "servicePrincipalName", NULL };
2772 char *url;
2773 struct ldb_context *sam_ctx = NULL;
2774 struct ldb_message **res;
2775 struct ldb_message_element *spn_el;
2776 int ret, i;
2777 char *version_str;
2778 const char *old_dnsname = NULL;
2779 char **spns = NULL;
2780 int num_spns = 0;
2781 char *temp_str;
2782 struct dcerpc_binding_handle *b = p->binding_handle;
2783
2784 torture_comment(tctx, "Testing netr_LogonGetDomainInfo\n");
2785
2786 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2787 machine_credentials, &creds)) {
2788 return false;
2789 }
2790
2791 /* We won't double-check this when we are over 'local' transports */
2792 if (dcerpc_server_name(p)) {
2793 /* Set up connection to SAMDB on DC */
2794 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2795 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2796 NULL,
2797 cmdline_credentials,
2798 0);
2799
2800 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2801 }
2802
2803 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 1st call (no variation of DNS hostname)\n");
2804 netlogon_creds_client_authenticator(creds, &a);
2805
2806 ZERO_STRUCT(r);
2807 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2808 r.in.computer_name = TEST_MACHINE_NAME;
2809 r.in.credential = &a;
2810 r.in.level = 1;
2811 r.in.return_authenticator = &a;
2812 r.in.query = &query;
2813 r.out.return_authenticator = &a;
2814 r.out.info = &info;
2815
2816 ZERO_STRUCT(os);
2817 os.os.MajorVersion = 123;
2818 os.os.MinorVersion = 456;
2819 os.os.BuildNumber = 789;
2820 os.os.CSDVersion = "Service Pack 10";
2821 os.os.ServicePackMajor = 10;
2822 os.os.ServicePackMinor = 1;
2823 os.os.SuiteMask = NETR_VER_SUITE_SINGLEUSERTS;
2824 os.os.ProductType = NETR_VER_NT_SERVER;
2825 os.os.Reserved = 0;
2826
2827 version_str = talloc_asprintf(tctx, "%d.%d (%d)", os.os.MajorVersion,
2828 os.os.MinorVersion, os.os.BuildNumber);
2829
2830 ZERO_STRUCT(q1);
2831 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
2832 lp_dnsdomain(tctx->lp_ctx));
2833 q1.sitename = "Default-First-Site-Name";
2834 q1.os_version.os = &os;
2835 q1.os_name.string = talloc_asprintf(tctx,
2836 "Tortured by Samba4 RPC-NETLOGON: %s",
2837 timestring(tctx, time(NULL)));
2838
2839 /* The workstation handles the "servicePrincipalName" and DNS hostname
2840 updates */
2841 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
2842
2843 query.workstation_info = &q1;
2844
2845 if (sam_ctx) {
2846 /* Gets back the old DNS hostname in AD */
2847 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
2848 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
2849 old_dnsname =
2850 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL);
2851
2852 /* Gets back the "servicePrincipalName"s in AD */
2853 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2854 if (spn_el != NULL) {
2855 for (i=0; i < spn_el->num_values; i++) {
2856 spns = talloc_realloc(tctx, spns, char *, i + 1);
2857 spns[i] = (char *) spn_el->values[i].data;
2858 }
2859 num_spns = i;
2860 }
2861 }
2862
2863 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
2864 "LogonGetDomainInfo failed");
2865 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
2866 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
2867
2868 msleep(250);
2869
2870 if (sam_ctx) {
2871 /* AD workstation infos entry check */
2872 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
2873 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
2874 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
2875 torture_assert_str_equal(tctx,
2876 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
2877 q1.os_name.string, "'operatingSystem' wrong!");
2878 torture_assert_str_equal(tctx,
2879 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL),
2880 os.os.CSDVersion, "'operatingSystemServicePack' wrong!");
2881 torture_assert_str_equal(tctx,
2882 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL),
2883 version_str, "'operatingSystemVersion' wrong!");
2884
2885 if (old_dnsname != NULL) {
2886 /* If before a DNS hostname was set then it should remain
2887 the same in combination with the "servicePrincipalName"s.
2888 The DNS hostname should also be returned by our
2889 "LogonGetDomainInfo" call (in the domain info structure). */
2890
2891 torture_assert_str_equal(tctx,
2892 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
2893 old_dnsname, "'DNS hostname' was not set!");
2894
2895 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2896 torture_assert(tctx, ((spns != NULL) && (spn_el != NULL)),
2897 "'servicePrincipalName's not set!");
2898 torture_assert(tctx, spn_el->num_values == num_spns,
2899 "'servicePrincipalName's incorrect!");
2900 for (i=0; (i < spn_el->num_values) && (i < num_spns); i++)
2901 torture_assert_str_equal(tctx,
2902 (char *) spn_el->values[i].data,
2903 spns[i], "'servicePrincipalName's incorrect!");
2904
2905 torture_assert_str_equal(tctx,
2906 info.domain_info->dns_hostname.string,
2907 old_dnsname,
2908 "Out 'DNS hostname' doesn't match the old one!");
2909 } else {
2910 /* If no DNS hostname was set then also now none should be set,
2911 the "servicePrincipalName"s should remain empty and no DNS
2912 hostname should be returned by our "LogonGetDomainInfo"
2913 call (in the domain info structure). */
2914
2915 torture_assert(tctx,
2916 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL) == NULL,
2917 "'DNS hostname' was set!");
2918
2919 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2920 torture_assert(tctx, ((spns == NULL) && (spn_el == NULL)),
2921 "'servicePrincipalName's were set!");
2922
2923 torture_assert(tctx,
2924 info.domain_info->dns_hostname.string == NULL,
2925 "Out 'DNS host name' was set!");
2926 }
2927 }
2928
2929 /* Checks "workstation flags" */
2930 torture_assert(tctx,
2931 info.domain_info->workstation_flags
2932 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
2933 "Out 'workstation flags' don't match!");
2934
2935
2936 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 2nd call (variation of DNS hostname doesn't work)\n");
2937 netlogon_creds_client_authenticator(creds, &a);
2938
2939 /* Wipe out the osVersion, and prove which values still 'stick' */
2940 q1.os_version.os = NULL;
2941
2942 /* Change also the DNS hostname to test differences in behaviour */
2943 talloc_free(discard_const_p(char, q1.dns_hostname));
2944 q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
2945 lp_dnsdomain(tctx->lp_ctx));
2946
2947 /* The workstation handles the "servicePrincipalName" and DNS hostname
2948 updates */
2949 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
2950
2951 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
2952 "LogonGetDomainInfo failed");
2953 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
2954
2955 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
2956
2957 msleep(250);
2958
2959 if (sam_ctx) {
2960 /* AD workstation infos entry check */
2961 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
2962 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
2963 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
2964
2965 torture_assert_str_equal(tctx,
2966 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
2967 q1.os_name.string, "'operatingSystem' should stick!");
2968 torture_assert(tctx,
2969 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
2970 "'operatingSystemServicePack' shouldn't stick!");
2971 torture_assert(tctx,
2972 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
2973 "'operatingSystemVersion' shouldn't stick!");
2974
2975 /* The DNS host name shouldn't have been updated by the server */
2976
2977 torture_assert_str_equal(tctx,
2978 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
2979 old_dnsname, "'DNS host name' did change!");
2980
2981 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
2982 updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
2983 3.5.4.3.9 */
2984 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2985 torture_assert(tctx, spn_el != NULL,
2986 "There should exist 'servicePrincipalName's in AD!");
2987 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
2988 for (i=0; i < spn_el->num_values; i++)
2989 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
2990 break;
2991 torture_assert(tctx, i != spn_el->num_values,
2992 "'servicePrincipalName' HOST/<Netbios name> not found!");
2993 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
2994 for (i=0; i < spn_el->num_values; i++)
2995 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
2996 break;
2997 torture_assert(tctx, i != spn_el->num_values,
2998 "'servicePrincipalName' HOST/<FQDN name> not found!");
2999
3000 /* Check that the out DNS hostname was set properly */
3001 torture_assert_str_equal(tctx, info.domain_info->dns_hostname.string,
3002 old_dnsname, "Out 'DNS hostname' doesn't match the old one!");
3003 }
3004
3005 /* Checks "workstation flags" */
3006 torture_assert(tctx,
3007 info.domain_info->workstation_flags == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3008 "Out 'workstation flags' don't match!");
3009
3010
3011 /* Now try the same but the workstation flags set to 0 */
3012
3013 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 3rd call (variation of DNS hostname doesn't work)\n");
3014 netlogon_creds_client_authenticator(creds, &a);
3015
3016 /* Change also the DNS hostname to test differences in behaviour */
3017 talloc_free(discard_const_p(char, q1.dns_hostname));
3018 q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
3019 lp_dnsdomain(tctx->lp_ctx));
3020
3021 /* Wipe out the osVersion, and prove which values still 'stick' */
3022 q1.os_version.os = NULL;
3023
3024 /* Let the DC handle the "servicePrincipalName" and DNS hostname
3025 updates */
3026 q1.workstation_flags = 0;
3027
3028 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3029 "LogonGetDomainInfo failed");
3030 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3031 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3032
3033 msleep(250);
3034
3035 if (sam_ctx) {
3036 /* AD workstation infos entry check */
3037 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3038 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3039 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
3040
3041 torture_assert_str_equal(tctx,
3042 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
3043 q1.os_name.string, "'operatingSystem' should stick!");
3044 torture_assert(tctx,
3045 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
3046 "'operatingSystemServicePack' shouldn't stick!");
3047 torture_assert(tctx,
3048 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
3049 "'operatingSystemVersion' shouldn't stick!");
3050
3051 /* The DNS host name shouldn't have been updated by the server */
3052
3053 torture_assert_str_equal(tctx,
3054 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
3055 old_dnsname, "'DNS host name' did change!");
3056
3057 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
3058 updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
3059 3.5.4.3.9 */
3060 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3061 torture_assert(tctx, spn_el != NULL,
3062 "There should exist 'servicePrincipalName's in AD!");
3063 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
3064 for (i=0; i < spn_el->num_values; i++)
3065 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3066 break;
3067 torture_assert(tctx, i != spn_el->num_values,
3068 "'servicePrincipalName' HOST/<Netbios name> not found!");
3069 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
3070 for (i=0; i < spn_el->num_values; i++)
3071 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3072 break;
3073 torture_assert(tctx, i != spn_el->num_values,
3074 "'servicePrincipalName' HOST/<FQDN name> not found!");
3075
3076 /* Here the server gives us NULL as the out DNS hostname */
3077 torture_assert(tctx, info.domain_info->dns_hostname.string == NULL,
3078 "Out 'DNS hostname' should be NULL!");
3079 }
3080
3081 /* Checks "workstation flags" */
3082 torture_assert(tctx,
3083 info.domain_info->workstation_flags == 0,
3084 "Out 'workstation flags' don't match!");
3085
3086
3087 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 4th call (verification of DNS hostname and check for trusted domains)\n");
3088 netlogon_creds_client_authenticator(creds, &a);
3089
3090 /* Put the DNS hostname back */
3091 talloc_free(discard_const_p(char, q1.dns_hostname));
3092 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3093 lp_dnsdomain(tctx->lp_ctx));
3094
3095 /* The workstation handles the "servicePrincipalName" and DNS hostname
3096 updates */
3097 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
3098
3099 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3100 "LogonGetDomainInfo failed");
3101 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3102 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3103
3104 msleep(250);
3105
3106 /* Now the in/out DNS hostnames should be the same */
3107 torture_assert_str_equal(tctx,
3108 info.domain_info->dns_hostname.string,
3109 query.workstation_info->dns_hostname,
3110 "In/Out 'DNS hostnames' don't match!");
3111
3112 /* Checks "workstation flags" */
3113 torture_assert(tctx,
3114 info.domain_info->workstation_flags
3115 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3116 "Out 'workstation flags' don't match!");
3117
3118 /* Checks for trusted domains */
3119 torture_assert(tctx,
3120 (info.domain_info->trusted_domain_count != 0)
3121 && (info.domain_info->trusted_domains != NULL),
3122 "Trusted domains have been requested!");
3123
3124
3125 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 5th call (check for trusted domains)\n");
3126 netlogon_creds_client_authenticator(creds, &a);
3127
3128 /* The workstation handles the "servicePrincipalName" and DNS hostname
3129 updates and requests inbound trusts */
3130 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE
3131 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS;
3132
3133 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3134 "LogonGetDomainInfo failed");
3135 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3136 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3137
3138 msleep(250);
3139
3140 /* Checks "workstation flags" */
3141 torture_assert(tctx,
3142 info.domain_info->workstation_flags
3143 == (NETR_WS_FLAG_HANDLES_SPN_UPDATE
3144 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS),
3145 "Out 'workstation flags' don't match!");
3146
3147 /* Checks for trusted domains */
3148 torture_assert(tctx,
3149 (info.domain_info->trusted_domain_count != 0)
3150 && (info.domain_info->trusted_domains != NULL),
3151 "Trusted domains have been requested!");
3152
3153
3154 if (!torture_setting_bool(tctx, "dangerous", false)) {
3155 torture_comment(tctx, "Not testing netr_LogonGetDomainInfo 6th call (no workstation info) - enable dangerous tests in order to do so\n");
3156 } else {
3157 /* Try a call without the workstation information structure */
3158
3159 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 6th call (no workstation info)\n");
3160 netlogon_creds_client_authenticator(creds, &a);
3161
3162 query.workstation_info = NULL;
3163
3164 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3165 "LogonGetDomainInfo failed");
3166 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3167 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3168 }
3169
3170 return true;
3171 }
3172
3173 static bool test_GetDomainInfo_async(struct torture_context *tctx,
3174 struct dcerpc_pipe *p,
3175 struct cli_credentials *machine_credentials)
3176 {
3177 NTSTATUS status;
3178 struct netr_LogonGetDomainInfo r;
3179 struct netr_WorkstationInformation q1;
3180 struct netr_Authenticator a;
3181 #define ASYNC_COUNT 100
3182 struct netlogon_creds_CredentialState *creds;
3183 struct netlogon_creds_CredentialState *creds_async[ASYNC_COUNT];
3184 struct tevent_req *req[ASYNC_COUNT];
3185 int i;
3186 union netr_WorkstationInfo query;
3187 union netr_DomainInfo info;
3188
3189 torture_comment(tctx, "Testing netr_LogonGetDomainInfo - async count %d\n", ASYNC_COUNT);
3190
3191 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
3192 machine_credentials, &creds)) {
3193 return false;
3194 }
3195
3196 ZERO_STRUCT(r);
3197 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
3198 r.in.computer_name = TEST_MACHINE_NAME;
3199 r.in.credential = &a;
3200 r.in.level = 1;
3201 r.in.return_authenticator = &a;
3202 r.in.query = &query;
3203 r.out.return_authenticator = &a;
3204 r.out.info = &info;
3205
3206 ZERO_STRUCT(q1);
3207 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3208 lp_dnsdomain(tctx->lp_ctx));
3209 q1.sitename = "Default-First-Site-Name";
3210 q1.os_name.string = "UNIX/Linux or similar";
3211
3212 query.workstation_info = &q1;
3213
3214 for (i=0;i<ASYNC_COUNT;i++) {
3215 netlogon_creds_client_authenticator(creds, &a);
3216
3217 creds_async[i] = (struct netlogon_creds_CredentialState *)talloc_memdup(creds, creds, sizeof(*creds));
3218 req[i] = dcerpc_netr_LogonGetDomainInfo_r_send(tctx, tctx->ev, p->binding_handle, &r);
3219
3220 /* even with this flush per request a w2k3 server seems to
3221 clag with multiple outstanding requests. bleergh. */
3222 torture_assert_int_equal(tctx, event_loop_once(dcerpc_event_context(p)), 0,
3223 "event_loop_once failed");
3224 }
3225
3226 for (i=0;i<ASYNC_COUNT;i++) {
3227 torture_assert_int_equal(tctx, tevent_req_poll(req[i], tctx->ev), true,
3228 "tevent_req_poll() failed");
3229
3230 status = dcerpc_netr_LogonGetDomainInfo_r_recv(req[i], tctx);
3231
3232 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo_async");
3233 torture_assert_ntstatus_ok(tctx, r.out.result, "netr_LogonGetDomainInfo_async");
3234
3235 torture_assert(tctx, netlogon_creds_client_check(creds_async[i], &a.cred),
3236 "Credential chaining failed at async");
3237 }
3238
3239 torture_comment(tctx,
3240 "Testing netr_LogonGetDomainInfo - async count %d OK\n", ASYNC_COUNT);
3241
3242 return true;
3243 }
3244
3245 static bool test_ManyGetDCName(struct torture_context *tctx,
3246 struct dcerpc_pipe *p)
3247 {
3248 NTSTATUS status;
3249 struct dcerpc_pipe *p2;
3250 struct lsa_ObjectAttribute attr;
3251 struct lsa_QosInfo qos;
3252 struct lsa_OpenPolicy2 o;
3253 struct policy_handle lsa_handle;
3254 struct lsa_DomainList domains;
3255
3256 struct lsa_EnumTrustDom t;
3257 uint32_t resume_handle = 0;
3258 struct netr_GetAnyDCName d;
3259 const char *dcname = NULL;
3260 struct dcerpc_binding_handle *b = p->binding_handle;
3261 struct dcerpc_binding_handle *b2;
3262
3263 int i;
3264
3265 if (p->conn->transport.transport != NCACN_NP) {
3266 return true;
3267 }
3268
3269 torture_comment(tctx, "Torturing GetDCName\n");
3270
3271 status = dcerpc_secondary_connection(p, &p2, p->binding);
3272 torture_assert_ntstatus_ok(tctx, status, "Failed to create secondary connection");
3273
3274 status = dcerpc_bind_auth_none(p2, &ndr_table_lsarpc);
3275 torture_assert_ntstatus_ok(tctx, status, "Failed to create bind on secondary connection");
3276 b2 = p2->binding_handle;
3277
3278 qos.len = 0;
3279 qos.impersonation_level = 2;
3280 qos.context_mode = 1;
3281 qos.effective_only = 0;
3282
3283 attr.len = 0;
3284 attr.root_dir = NULL;
3285 attr.object_name = NULL;
3286 attr.attributes = 0;
3287 attr.sec_desc = NULL;
3288 attr.sec_qos = &qos;
3289
3290 o.in.system_name = "\\";
3291 o.in.attr = &attr;
3292 o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3293 o.out.handle = &lsa_handle;
3294
3295 torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenPolicy2_r(b2, tctx, &o),
3296 "OpenPolicy2 failed");
3297 torture_assert_ntstatus_ok(tctx, o.out.result, "OpenPolicy2 failed");
3298
3299 t.in.handle = &lsa_handle;
3300 t.in.resume_handle = &resume_handle;
3301 t.in.max_size = 1000;
3302 t.out.domains = &domains;
3303 t.out.resume_handle = &resume_handle;
3304
3305 torture_assert_ntstatus_ok(tctx, dcerpc_lsa_EnumTrustDom_r(b2, tctx, &t),
3306 "EnumTrustDom failed");
3307
3308 if ((!NT_STATUS_IS_OK(t.out.result) &&
3309 (!NT_STATUS_EQUAL(t.out.result, NT_STATUS_NO_MORE_ENTRIES))))
3310 torture_fail(tctx, "Could not list domains");
3311
3312 talloc_free(p2);
3313
3314 d.in.logon_server = talloc_asprintf(tctx, "\\\\%s",
3315 dcerpc_server_name(p));
3316 d.out.dcname = &dcname;
3317
3318 for (i=0; i<domains.count * 4; i++) {
3319 struct lsa_DomainInfo *info =
3320 &domains.domains[rand()%domains.count];
3321
3322 d.in.domainname = info->name.string;
3323
3324 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &d);
3325 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
3326
3327 torture_comment(tctx, "\tDC for domain %s is %s\n", info->name.string,
3328 dcname ? dcname : "unknown");
3329 }
3330
3331 return true;
3332 }
3333
3334 static bool test_SetPassword_with_flags(struct torture_context *tctx,
3335 struct dcerpc_pipe *p,
3336 struct cli_credentials *machine_credentials)
3337 {
3338 uint32_t flags[] = { 0, NETLOGON_NEG_STRONG_KEYS };
3339 struct netlogon_creds_CredentialState *creds;
3340 int i;
3341
3342 if (!test_SetupCredentials2(p, tctx, 0,
3343 machine_credentials,
3344 cli_credentials_get_secure_channel_type(machine_credentials),
3345 &creds)) {
3346 torture_skip(tctx, "DC does not support negotiation of 64bit session keys");
3347 }
3348
3349 for (i=0; i < ARRAY_SIZE(flags); i++) {
3350 torture_assert(tctx,
3351 test_SetPassword_flags(tctx, p, machine_credentials, flags[i]),
3352 talloc_asprintf(tctx, "failed to test SetPassword negotiating with 0x%08x flags", flags[i]));
3353 }
3354
3355 return true;
3356 }
3357
3358 struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx)
3359 {
3360 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON");
3361 struct torture_rpc_tcase *tcase;
3362 struct torture_test *test;
3363
3364 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3365 &ndr_table_netlogon, TEST_MACHINE_NAME);
3366
3367 torture_rpc_tcase_add_test(tcase, "LogonUasLogon", test_LogonUasLogon);
3368 torture_rpc_tcase_add_test(tcase, "LogonUasLogoff", test_LogonUasLogoff);
3369 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
3370 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
3371 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
3372 torture_rpc_tcase_add_test_creds(tcase, "GetPassword", test_GetPassword);
3373 torture_rpc_tcase_add_test_creds(tcase, "GetTrustPasswords", test_GetTrustPasswords);
3374 torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo", test_GetDomainInfo);
3375 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync", test_DatabaseSync);
3376 torture_rpc_tcase_add_test_creds(tcase, "DatabaseDeltas", test_DatabaseDeltas);
3377 torture_rpc_tcase_add_test_creds(tcase, "DatabaseRedo", test_DatabaseRedo);
3378 torture_rpc_tcase_add_test_creds(tcase, "AccountDeltas", test_AccountDeltas);
3379 torture_rpc_tcase_add_test_creds(tcase, "AccountSync", test_AccountSync);
3380 torture_rpc_tcase_add_test(tcase, "GetDcName", test_GetDcName);
3381 torture_rpc_tcase_add_test(tcase, "ManyGetDCName", test_ManyGetDCName);
3382 torture_rpc_tcase_add_test(tcase, "GetAnyDCName", test_GetAnyDCName);
3383 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync2", test_DatabaseSync2);
3384 torture_rpc_tcase_add_test(tcase, "DsrEnumerateDomainTrusts", test_DsrEnumerateDomainTrusts);
3385 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
3386 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomainsEx", test_netr_NetrEnumerateTrustedDomainsEx);
3387 test = torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo_async", test_GetDomainInfo_async);
3388 test->dangerous = true;
3389 torture_rpc_tcase_add_test(tcase, "DsRGetDCName", test_netr_DsRGetDCName);
3390 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx", test_netr_DsRGetDCNameEx);
3391 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx2", test_netr_DsRGetDCNameEx2);
3392 torture_rpc_tcase_add_test(tcase, "DsrGetDcSiteCoverageW", test_netr_DsrGetDcSiteCoverageW);
3393 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesW", test_netr_DsRAddressToSitenamesW);
3394 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesExW", test_netr_DsRAddressToSitenamesExW);
3395 torture_rpc_tcase_add_test_creds(tcase, "ServerGetTrustInfo", test_netr_ServerGetTrustInfo);
3396
3397 return suite;
3398 }
3399
3400 struct torture_suite *torture_rpc_netlogon_s3(TALLOC_CTX *mem_ctx)
3401 {
3402 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-S3");
3403 struct torture_rpc_tcase *tcase;
3404
3405 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3406 &ndr_table_netlogon, TEST_MACHINE_NAME);
3407
3408 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
3409 torture_rpc_tcase_add_test_creds(tcase, "SamLogon_NULL_domain", test_SamLogon_NULL_domain);
3410 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
3411 torture_rpc_tcase_add_test_creds(tcase, "SetPassword_with_flags", test_SetPassword_with_flags);
3412 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
3413 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
3414
3415 return suite;
3416 }
3417
3418 struct torture_suite *torture_rpc_netlogon_admin(TALLOC_CTX *mem_ctx)
3419 {
3420 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-ADMIN");
3421 struct torture_rpc_tcase *tcase;
3422
3423 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3424 &ndr_table_netlogon, TEST_MACHINE_NAME);
3425 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3426 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3427 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3428
3429 tcase = torture_suite_add_machine_workstation_rpc_iface_tcase(suite, "netlogon",
3430 &ndr_table_netlogon, TEST_MACHINE_NAME);
3431 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3432 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3433 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3434
3435 tcase = torture_suite_add_rpc_iface_tcase(suite, "netlogon",
3436 &ndr_table_netlogon);
3437 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3438 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3439 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3440
3441 return suite;
3442 }