search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3/s4: merge msleep and smb_msleep
[Samba/gbeck.git] / source4 / torture / rpc / netlogon.c
blobc2eb8724624e9d5fc0a8cbf4824161aacc197db7
1 /*
2 Unix SMB/CIFS implementation.
3
4 test suite for netlogon rpc operations
5
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003-2004
8 Copyright (C) Tim Potter 2003
9 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
10
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 */
24
25 #include "includes.h"
26 #include "lib/events/events.h"
27 #include "lib/cmdline/popt_common.h"
28 #include "torture/rpc/torture_rpc.h"
29 #include "../lib/crypto/crypto.h"
30 #include "libcli/auth/libcli_auth.h"
31 #include "librpc/gen_ndr/ndr_netlogon_c.h"
32 #include "librpc/gen_ndr/ndr_lsa_c.h"
33 #include "param/param.h"
34 #include "libcli/security/security.h"
35 #include "lib/ldb/include/ldb.h"
36 #include "lib/util/util_ldb.h"
37 #include "ldb_wrap.h"
38 #include "lib/replace/system/network.h"
39 #include "dsdb/samdb/samdb.h"
40
41 #define TEST_MACHINE_NAME "torturetest"
42
43 static bool test_LogonUasLogon(struct torture_context *tctx,
44 struct dcerpc_pipe *p)
45 {
46 NTSTATUS status;
47 struct netr_LogonUasLogon r;
48 struct netr_UasInfo *info = NULL;
49 struct dcerpc_binding_handle *b = p->binding_handle;
50
51 r.in.server_name = NULL;
52 r.in.account_name = cli_credentials_get_username(cmdline_credentials);
53 r.in.workstation = TEST_MACHINE_NAME;
54 r.out.info = &info;
55
56 status = dcerpc_netr_LogonUasLogon_r(b, tctx, &r);
57 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogon");
58
59 return true;
60 }
61
62 static bool test_LogonUasLogoff(struct torture_context *tctx,
63 struct dcerpc_pipe *p)
64 {
65 NTSTATUS status;
66 struct netr_LogonUasLogoff r;
67 struct netr_UasLogoffInfo info;
68 struct dcerpc_binding_handle *b = p->binding_handle;
69
70 r.in.server_name = NULL;
71 r.in.account_name = cli_credentials_get_username(cmdline_credentials);
72 r.in.workstation = TEST_MACHINE_NAME;
73 r.out.info = &info;
74
75 status = dcerpc_netr_LogonUasLogoff_r(b, tctx, &r);
76 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogoff");
77
78 return true;
79 }
80
81 bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context *tctx,
82 struct cli_credentials *credentials,
83 struct netlogon_creds_CredentialState **creds_out)
84 {
85 struct netr_ServerReqChallenge r;
86 struct netr_ServerAuthenticate a;
87 struct netr_Credential credentials1, credentials2, credentials3;
88 struct netlogon_creds_CredentialState *creds;
89 const struct samr_Password *mach_password;
90 const char *machine_name;
91 struct dcerpc_binding_handle *b = p->binding_handle;
92
93 mach_password = cli_credentials_get_nt_hash(credentials, tctx);
94 machine_name = cli_credentials_get_workstation(credentials);
95
96 torture_comment(tctx, "Testing ServerReqChallenge\n");
97
98 r.in.server_name = NULL;
99 r.in.computer_name = machine_name;
100 r.in.credentials = &credentials1;
101 r.out.return_credentials = &credentials2;
102
103 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
104
105 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
106 "ServerReqChallenge failed");
107 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
108
109 a.in.server_name = NULL;
110 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
111 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(credentials);
112 a.in.computer_name = machine_name;
113 a.in.credentials = &credentials3;
114 a.out.return_credentials = &credentials3;
115
116 creds = netlogon_creds_client_init(tctx, a.in.account_name,
117 a.in.computer_name,
118 &credentials1, &credentials2,
119 mach_password, &credentials3,
120 0);
121 torture_assert(tctx, creds != NULL, "memory allocation");
122
123
124 torture_comment(tctx, "Testing ServerAuthenticate\n");
125
126 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate_r(b, tctx, &a),
127 "ServerAuthenticate failed");
128
129 /* This allows the tests to continue against the more fussy windows 2008 */
130 if (NT_STATUS_EQUAL(a.out.result, NT_STATUS_DOWNGRADE_DETECTED)) {
131 return test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
132 credentials,
133 cli_credentials_get_secure_channel_type(credentials),
134 creds_out);
135 }
136
137 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate");
138
139 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
140 "Credential chaining failed");
141
142 *creds_out = creds;
143 return true;
144 }
145
146 bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx,
147 uint32_t negotiate_flags,
148 struct cli_credentials *machine_credentials,
149 enum netr_SchannelType sec_chan_type,
150 struct netlogon_creds_CredentialState **creds_out)
151 {
152 struct netr_ServerReqChallenge r;
153 struct netr_ServerAuthenticate2 a;
154 struct netr_Credential credentials1, credentials2, credentials3;
155 struct netlogon_creds_CredentialState *creds;
156 const struct samr_Password *mach_password;
157 const char *machine_name;
158 struct dcerpc_binding_handle *b = p->binding_handle;
159
160 mach_password = cli_credentials_get_nt_hash(machine_credentials, tctx);
161 machine_name = cli_credentials_get_workstation(machine_credentials);
162
163 torture_comment(tctx, "Testing ServerReqChallenge\n");
164
165
166 r.in.server_name = NULL;
167 r.in.computer_name = machine_name;
168 r.in.credentials = &credentials1;
169 r.out.return_credentials = &credentials2;
170
171 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
172
173 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
174 "ServerReqChallenge failed");
175 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
176
177 a.in.server_name = NULL;
178 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
179 a.in.secure_channel_type = sec_chan_type;
180 a.in.computer_name = machine_name;
181 a.in.negotiate_flags = &negotiate_flags;
182 a.out.negotiate_flags = &negotiate_flags;
183 a.in.credentials = &credentials3;
184 a.out.return_credentials = &credentials3;
185
186 creds = netlogon_creds_client_init(tctx, a.in.account_name,
187 a.in.computer_name,
188 &credentials1, &credentials2,
189 mach_password, &credentials3,
190 negotiate_flags);
191
192 torture_assert(tctx, creds != NULL, "memory allocation");
193
194 torture_comment(tctx, "Testing ServerAuthenticate2\n");
195
196 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate2_r(b, tctx, &a),
197 "ServerAuthenticate2 failed");
198 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate2 failed");
199
200 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
201 "Credential chaining failed");
202
203 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
204
205 *creds_out = creds;
206 return true;
207 }
208
209
210 bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx,
211 uint32_t negotiate_flags,
212 struct cli_credentials *machine_credentials,
213 struct netlogon_creds_CredentialState **creds_out)
214 {
215 struct netr_ServerReqChallenge r;
216 struct netr_ServerAuthenticate3 a;
217 struct netr_Credential credentials1, credentials2, credentials3;
218 struct netlogon_creds_CredentialState *creds;
219 struct samr_Password mach_password;
220 uint32_t rid;
221 const char *machine_name;
222 const char *plain_pass;
223 struct dcerpc_binding_handle *b = p->binding_handle;
224
225 machine_name = cli_credentials_get_workstation(machine_credentials);
226 plain_pass = cli_credentials_get_password(machine_credentials);
227
228 torture_comment(tctx, "Testing ServerReqChallenge\n");
229
230 r.in.server_name = NULL;
231 r.in.computer_name = machine_name;
232 r.in.credentials = &credentials1;
233 r.out.return_credentials = &credentials2;
234
235 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
236
237 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
238 "ServerReqChallenge failed");
239 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
240
241 E_md4hash(plain_pass, mach_password.hash);
242
243 a.in.server_name = NULL;
244 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
245 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
246 a.in.computer_name = machine_name;
247 a.in.negotiate_flags = &negotiate_flags;
248 a.in.credentials = &credentials3;
249 a.out.return_credentials = &credentials3;
250 a.out.negotiate_flags = &negotiate_flags;
251 a.out.rid = &rid;
252
253 creds = netlogon_creds_client_init(tctx, a.in.account_name,
254 a.in.computer_name,
255 &credentials1, &credentials2,
256 &mach_password, &credentials3,
257 negotiate_flags);
258
259 torture_assert(tctx, creds != NULL, "memory allocation");
260
261 torture_comment(tctx, "Testing ServerAuthenticate3\n");
262
263 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate3_r(b, tctx, &a),
264 "ServerAuthenticate3 failed");
265 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate3 failed");
266 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3), "Credential chaining failed");
267
268 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
269
270 /* Prove that requesting a challenge again won't break it */
271 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
272 "ServerReqChallenge failed");
273 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
274
275 *creds_out = creds;
276 return true;
277 }
278
279 /*
280 try a change password for our machine account
281 */
282 static bool test_SetPassword(struct torture_context *tctx,
283 struct dcerpc_pipe *p,
284 struct cli_credentials *machine_credentials)
285 {
286 struct netr_ServerPasswordSet r;
287 const char *password;
288 struct netlogon_creds_CredentialState *creds;
289 struct netr_Authenticator credential, return_authenticator;
290 struct samr_Password new_password;
291 struct dcerpc_binding_handle *b = p->binding_handle;
292
293 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
294 return false;
295 }
296
297 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
298 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
299 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
300 r.in.computer_name = TEST_MACHINE_NAME;
301 r.in.credential = &credential;
302 r.in.new_password = &new_password;
303 r.out.return_authenticator = &return_authenticator;
304
305 password = generate_random_password(tctx, 8, 255);
306 E_md4hash(password, new_password.hash);
307
308 netlogon_creds_des_encrypt(creds, &new_password);
309
310 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
311 torture_comment(tctx, "Changing machine account password to '%s'\n",
312 password);
313
314 netlogon_creds_client_authenticator(creds, &credential);
315
316 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
317 "ServerPasswordSet failed");
318 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet failed");
319
320 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
321 torture_comment(tctx, "Credential chaining failed\n");
322 }
323
324 /* by changing the machine password twice we test the
325 credentials chaining fully, and we verify that the server
326 allows the password to be set to the same value twice in a
327 row (match win2k3) */
328 torture_comment(tctx,
329 "Testing a second ServerPasswordSet on machine account\n");
330 torture_comment(tctx,
331 "Changing machine account password to '%s' (same as previous run)\n", password);
332
333 netlogon_creds_client_authenticator(creds, &credential);
334
335 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
336 "ServerPasswordSet (2) failed");
337 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (2) failed");
338
339 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
340 torture_comment(tctx, "Credential chaining failed\n");
341 }
342
343 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
344
345 torture_assert(tctx,
346 test_SetupCredentials(p, tctx, machine_credentials, &creds),
347 "ServerPasswordSet failed to actually change the password");
348
349 return true;
350 }
351
352 /*
353 try a change password for our machine account
354 */
355 static bool test_SetPassword_flags(struct torture_context *tctx,
356 struct dcerpc_pipe *p,
357 struct cli_credentials *machine_credentials,
358 uint32_t negotiate_flags)
359 {
360 struct netr_ServerPasswordSet r;
361 const char *password;
362 struct netlogon_creds_CredentialState *creds;
363 struct netr_Authenticator credential, return_authenticator;
364 struct samr_Password new_password;
365 struct dcerpc_binding_handle *b = p->binding_handle;
366
367 if (!test_SetupCredentials2(p, tctx, negotiate_flags,
368 machine_credentials,
369 cli_credentials_get_secure_channel_type(machine_credentials),
370 &creds)) {
371 return false;
372 }
373
374 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
375 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
376 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
377 r.in.computer_name = TEST_MACHINE_NAME;
378 r.in.credential = &credential;
379 r.in.new_password = &new_password;
380 r.out.return_authenticator = &return_authenticator;
381
382 password = generate_random_password(tctx, 8, 255);
383 E_md4hash(password, new_password.hash);
384
385 netlogon_creds_des_encrypt(creds, &new_password);
386
387 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
388 torture_comment(tctx, "Changing machine account password to '%s'\n",
389 password);
390
391 netlogon_creds_client_authenticator(creds, &credential);
392
393 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
394 "ServerPasswordSet failed");
395 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet failed");
396
397 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
398 torture_comment(tctx, "Credential chaining failed\n");
399 }
400
401 /* by changing the machine password twice we test the
402 credentials chaining fully, and we verify that the server
403 allows the password to be set to the same value twice in a
404 row (match win2k3) */
405 torture_comment(tctx,
406 "Testing a second ServerPasswordSet on machine account\n");
407 torture_comment(tctx,
408 "Changing machine account password to '%s' (same as previous run)\n", password);
409
410 netlogon_creds_client_authenticator(creds, &credential);
411
412 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
413 "ServerPasswordSet (2) failed");
414 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (2) failed");
415
416 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
417 torture_comment(tctx, "Credential chaining failed\n");
418 }
419
420 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
421
422 torture_assert(tctx,
423 test_SetupCredentials(p, tctx, machine_credentials, &creds),
424 "ServerPasswordSet failed to actually change the password");
425
426 return true;
427 }
428
429
430 /*
431 generate a random password for password change tests
432 */
433 static DATA_BLOB netlogon_very_rand_pass(TALLOC_CTX *mem_ctx, int len)
434 {
435 int i;
436 DATA_BLOB password = data_blob_talloc(mem_ctx, NULL, len * 2 /* number of unicode chars */);
437 generate_random_buffer(password.data, password.length);
438
439 for (i=0; i < len; i++) {
440 if (((uint16_t *)password.data)[i] == 0) {
441 ((uint16_t *)password.data)[i] = 1;
442 }
443 }
444
445 return password;
446 }
447
448 /*
449 try a change password for our machine account
450 */
451 static bool test_SetPassword2(struct torture_context *tctx,
452 struct dcerpc_pipe *p,
453 struct cli_credentials *machine_credentials)
454 {
455 struct netr_ServerPasswordSet2 r;
456 const char *password;
457 DATA_BLOB new_random_pass;
458 struct netlogon_creds_CredentialState *creds;
459 struct samr_CryptPassword password_buf;
460 struct samr_Password nt_hash;
461 struct netr_Authenticator credential, return_authenticator;
462 struct netr_CryptPassword new_password;
463 struct dcerpc_binding_handle *b = p->binding_handle;
464
465 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
466 return false;
467 }
468
469 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
470 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
471 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
472 r.in.computer_name = TEST_MACHINE_NAME;
473 r.in.credential = &credential;
474 r.in.new_password = &new_password;
475 r.out.return_authenticator = &return_authenticator;
476
477 password = generate_random_password(tctx, 8, 255);
478 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
479 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
480
481 memcpy(new_password.data, password_buf.data, 512);
482 new_password.length = IVAL(password_buf.data, 512);
483
484 torture_comment(tctx, "Testing ServerPasswordSet2 on machine account\n");
485 torture_comment(tctx, "Changing machine account password to '%s'\n", password);
486
487 netlogon_creds_client_authenticator(creds, &credential);
488
489 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
490 "ServerPasswordSet2 failed");
491 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 failed");
492
493 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
494 torture_comment(tctx, "Credential chaining failed\n");
495 }
496
497 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
498
499 if (!torture_setting_bool(tctx, "dangerous", false)) {
500 torture_comment(tctx,
501 "Not testing ability to set password to '', enable dangerous tests to perform this test\n");
502 } else {
503 /* by changing the machine password to ""
504 * we check if the server uses password restrictions
505 * for ServerPasswordSet2
506 * (win2k3 accepts "")
507 */
508 password = "";
509 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
510 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
511
512 memcpy(new_password.data, password_buf.data, 512);
513 new_password.length = IVAL(password_buf.data, 512);
514
515 torture_comment(tctx,
516 "Testing ServerPasswordSet2 on machine account\n");
517 torture_comment(tctx,
518 "Changing machine account password to '%s'\n", password);
519
520 netlogon_creds_client_authenticator(creds, &credential);
521
522 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
523 "ServerPasswordSet2 failed");
524 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 failed");
525
526 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
527 torture_comment(tctx, "Credential chaining failed\n");
528 }
529
530 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
531 }
532
533 torture_assert(tctx, test_SetupCredentials(p, tctx, machine_credentials, &creds),
534 "ServerPasswordSet failed to actually change the password");
535
536 /* now try a random password */
537 password = generate_random_password(tctx, 8, 255);
538 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
539 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
540
541 memcpy(new_password.data, password_buf.data, 512);
542 new_password.length = IVAL(password_buf.data, 512);
543
544 torture_comment(tctx, "Testing second ServerPasswordSet2 on machine account\n");
545 torture_comment(tctx, "Changing machine account password to '%s'\n", password);
546
547 netlogon_creds_client_authenticator(creds, &credential);
548
549 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
550 "ServerPasswordSet2 (2) failed");
551 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 (2) failed");
552
553 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
554 torture_comment(tctx, "Credential chaining failed\n");
555 }
556
557 /* by changing the machine password twice we test the
558 credentials chaining fully, and we verify that the server
559 allows the password to be set to the same value twice in a
560 row (match win2k3) */
561 torture_comment(tctx,
562 "Testing a second ServerPasswordSet2 on machine account\n");
563 torture_comment(tctx,
564 "Changing machine account password to '%s' (same as previous run)\n", password);
565
566 netlogon_creds_client_authenticator(creds, &credential);
567
568 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
569 "ServerPasswordSet (3) failed");
570 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (3) failed");
571
572 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
573 torture_comment(tctx, "Credential chaining failed\n");
574 }
575
576 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
577
578 torture_assert (tctx,
579 test_SetupCredentials(p, tctx, machine_credentials, &creds),
580 "ServerPasswordSet failed to actually change the password");
581
582 new_random_pass = netlogon_very_rand_pass(tctx, 128);
583
584 /* now try a random stream of bytes for a password */
585 set_pw_in_buffer(password_buf.data, &new_random_pass);
586
587 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
588
589 memcpy(new_password.data, password_buf.data, 512);
590 new_password.length = IVAL(password_buf.data, 512);
591
592 torture_comment(tctx,
593 "Testing a third ServerPasswordSet2 on machine account, with a compleatly random password\n");
594
595 netlogon_creds_client_authenticator(creds, &credential);
596
597 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
598 "ServerPasswordSet (3) failed");
599 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (3) failed");
600
601 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
602 torture_comment(tctx, "Credential chaining failed\n");
603 }
604
605 mdfour(nt_hash.hash, new_random_pass.data, new_random_pass.length);
606
607 cli_credentials_set_password(machine_credentials, NULL, CRED_UNINITIALISED);
608 cli_credentials_set_nt_hash(machine_credentials, &nt_hash, CRED_SPECIFIED);
609
610 torture_assert (tctx,
611 test_SetupCredentials(p, tctx, machine_credentials, &creds),
612 "ServerPasswordSet failed to actually change the password");
613
614 return true;
615 }
616
617 static bool test_GetPassword(struct torture_context *tctx,
618 struct dcerpc_pipe *p,
619 struct cli_credentials *machine_credentials)
620 {
621 struct netr_ServerPasswordGet r;
622 struct netlogon_creds_CredentialState *creds;
623 struct netr_Authenticator credential;
624 NTSTATUS status;
625 struct netr_Authenticator return_authenticator;
626 struct samr_Password password;
627 struct dcerpc_binding_handle *b = p->binding_handle;
628
629 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
630 return false;
631 }
632
633 netlogon_creds_client_authenticator(creds, &credential);
634
635 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
636 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
637 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
638 r.in.computer_name = TEST_MACHINE_NAME;
639 r.in.credential = &credential;
640 r.out.return_authenticator = &return_authenticator;
641 r.out.password = &password;
642
643 status = dcerpc_netr_ServerPasswordGet_r(b, tctx, &r);
644 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordGet");
645
646 return true;
647 }
648
649 static bool test_GetTrustPasswords(struct torture_context *tctx,
650 struct dcerpc_pipe *p,
651 struct cli_credentials *machine_credentials)
652 {
653 struct netr_ServerTrustPasswordsGet r;
654 struct netlogon_creds_CredentialState *creds;
655 struct netr_Authenticator credential;
656 struct netr_Authenticator return_authenticator;
657 struct samr_Password password, password2;
658 struct dcerpc_binding_handle *b = p->binding_handle;
659
660 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
661 return false;
662 }
663
664 netlogon_creds_client_authenticator(creds, &credential);
665
666 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
667 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
668 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
669 r.in.computer_name = TEST_MACHINE_NAME;
670 r.in.credential = &credential;
671 r.out.return_authenticator = &return_authenticator;
672 r.out.password = &password;
673 r.out.password2 = &password2;
674
675 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerTrustPasswordsGet_r(b, tctx, &r),
676 "ServerTrustPasswordsGet failed");
677 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerTrustPasswordsGet failed");
678
679 return true;
680 }
681
682 /*
683 try a netlogon SamLogon
684 */
685 static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context *tctx,
686 struct cli_credentials *credentials,
687 struct netlogon_creds_CredentialState *creds,
688 bool null_domain)
689 {
690 NTSTATUS status;
691 struct netr_LogonSamLogon r;
692 struct netr_Authenticator auth, auth2;
693 union netr_LogonLevel logon;
694 union netr_Validation validation;
695 uint8_t authoritative;
696 struct netr_NetworkInfo ninfo;
697 DATA_BLOB names_blob, chal, lm_resp, nt_resp;
698 int i;
699 struct dcerpc_binding_handle *b = p->binding_handle;
700 int flags = CLI_CRED_NTLM_AUTH;
701 if (lpcfg_client_lanman_auth(tctx->lp_ctx)) {
702 flags |= CLI_CRED_LANMAN_AUTH;
703 }
704
705 if (lpcfg_client_ntlmv2_auth(tctx->lp_ctx)) {
706 flags |= CLI_CRED_NTLMv2_AUTH;
707 }
708
709 cli_credentials_get_ntlm_username_domain(cmdline_credentials, tctx,
710 &ninfo.identity_info.account_name.string,
711 &ninfo.identity_info.domain_name.string);
712
713 if (null_domain) {
714 ninfo.identity_info.domain_name.string = NULL;
715 }
716
717 generate_random_buffer(ninfo.challenge,
718 sizeof(ninfo.challenge));
719 chal = data_blob_const(ninfo.challenge,
720 sizeof(ninfo.challenge));
721
722 names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(credentials),
723 cli_credentials_get_domain(credentials));
724
725 status = cli_credentials_get_ntlm_response(cmdline_credentials, tctx,
726 &flags,
727 chal,
728 names_blob,
729 &lm_resp, &nt_resp,
730 NULL, NULL);
731 torture_assert_ntstatus_ok(tctx, status, "cli_credentials_get_ntlm_response failed");
732
733 ninfo.lm.data = lm_resp.data;
734 ninfo.lm.length = lm_resp.length;
735
736 ninfo.nt.data = nt_resp.data;
737 ninfo.nt.length = nt_resp.length;
738
739 ninfo.identity_info.parameter_control = 0;
740 ninfo.identity_info.logon_id_low = 0;
741 ninfo.identity_info.logon_id_high = 0;
742 ninfo.identity_info.workstation.string = cli_credentials_get_workstation(credentials);
743
744 logon.network = &ninfo;
745
746 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
747 r.in.computer_name = cli_credentials_get_workstation(credentials);
748 r.in.credential = &auth;
749 r.in.return_authenticator = &auth2;
750 r.in.logon_level = 2;
751 r.in.logon = &logon;
752 r.out.validation = &validation;
753 r.out.authoritative = &authoritative;
754
755 d_printf("Testing LogonSamLogon with name %s\n", ninfo.identity_info.account_name.string);
756
757 for (i=2;i<3;i++) {
758 ZERO_STRUCT(auth2);
759 netlogon_creds_client_authenticator(creds, &auth);
760
761 r.in.validation_level = i;
762
763 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
764 "LogonSamLogon failed");
765 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonSamLogon failed");
766
767 torture_assert(tctx, netlogon_creds_client_check(creds,
768 &r.out.return_authenticator->cred),
769 "Credential chaining failed");
770 }
771
772 r.in.credential = NULL;
773
774 for (i=2;i<=3;i++) {
775
776 r.in.validation_level = i;
777
778 torture_comment(tctx, "Testing SamLogon with validation level %d and a NULL credential\n", i);
779
780 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
781 "LogonSamLogon failed");
782 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_PARAMETER,
783 "LogonSamLogon expected INVALID_PARAMETER");
784
785 }
786
787 return true;
788 }
789
790 bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
791 struct cli_credentials *credentials,
792 struct netlogon_creds_CredentialState *creds)
793 {
794 return test_netlogon_ops_args(p, tctx, credentials, creds, false);
795 }
796
797 /*
798 try a netlogon SamLogon
799 */
800 static bool test_SamLogon(struct torture_context *tctx,
801 struct dcerpc_pipe *p,
802 struct cli_credentials *credentials)
803 {
804 struct netlogon_creds_CredentialState *creds;
805
806 if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
807 return false;
808 }
809
810 return test_netlogon_ops(p, tctx, credentials, creds);
811 }
812
813 static bool test_SamLogon_NULL_domain(struct torture_context *tctx,
814 struct dcerpc_pipe *p,
815 struct cli_credentials *credentials)
816 {
817 struct netlogon_creds_CredentialState *creds;
818
819 if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
820 return false;
821 }
822
823 return test_netlogon_ops_args(p, tctx, credentials, creds, true);
824 }
825
826 /* we remember the sequence numbers so we can easily do a DatabaseDelta */
827 static uint64_t sequence_nums[3];
828
829 /*
830 try a netlogon DatabaseSync
831 */
832 static bool test_DatabaseSync(struct torture_context *tctx,
833 struct dcerpc_pipe *p,
834 struct cli_credentials *machine_credentials)
835 {
836 struct netr_DatabaseSync r;
837 struct netlogon_creds_CredentialState *creds;
838 const uint32_t database_ids[] = {SAM_DATABASE_DOMAIN, SAM_DATABASE_BUILTIN, SAM_DATABASE_PRIVS};
839 int i;
840 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
841 struct netr_Authenticator credential, return_authenticator;
842 struct dcerpc_binding_handle *b = p->binding_handle;
843
844 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
845 return false;
846 }
847
848 ZERO_STRUCT(return_authenticator);
849
850 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
851 r.in.computername = TEST_MACHINE_NAME;
852 r.in.preferredmaximumlength = (uint32_t)-1;
853 r.in.return_authenticator = &return_authenticator;
854 r.out.delta_enum_array = &delta_enum_array;
855 r.out.return_authenticator = &return_authenticator;
856
857 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
858
859 uint32_t sync_context = 0;
860
861 r.in.database_id = database_ids[i];
862 r.in.sync_context = &sync_context;
863 r.out.sync_context = &sync_context;
864
865 torture_comment(tctx, "Testing DatabaseSync of id %d\n", r.in.database_id);
866
867 do {
868 netlogon_creds_client_authenticator(creds, &credential);
869
870 r.in.credential = &credential;
871
872 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseSync_r(b, tctx, &r),
873 "DatabaseSync failed");
874 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
875 break;
876
877 /* Native mode servers don't do this */
878 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
879 return true;
880 }
881 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseSync");
882
883 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
884 torture_comment(tctx, "Credential chaining failed\n");
885 }
886
887 if (delta_enum_array &&
888 delta_enum_array->num_deltas > 0 &&
889 delta_enum_array->delta_enum[0].delta_type == NETR_DELTA_DOMAIN &&
890 delta_enum_array->delta_enum[0].delta_union.domain) {
891 sequence_nums[r.in.database_id] =
892 delta_enum_array->delta_enum[0].delta_union.domain->sequence_num;
893 torture_comment(tctx, "\tsequence_nums[%d]=%llu\n",
894 r.in.database_id,
895 (unsigned long long)sequence_nums[r.in.database_id]);
896 }
897 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
898 }
899
900 return true;
901 }
902
903
904 /*
905 try a netlogon DatabaseDeltas
906 */
907 static bool test_DatabaseDeltas(struct torture_context *tctx,
908 struct dcerpc_pipe *p,
909 struct cli_credentials *machine_credentials)
910 {
911 struct netr_DatabaseDeltas r;
912 struct netlogon_creds_CredentialState *creds;
913 struct netr_Authenticator credential;
914 struct netr_Authenticator return_authenticator;
915 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
916 const uint32_t database_ids[] = {0, 1, 2};
917 int i;
918 struct dcerpc_binding_handle *b = p->binding_handle;
919
920 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
921 return false;
922 }
923
924 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
925 r.in.computername = TEST_MACHINE_NAME;
926 r.in.preferredmaximumlength = (uint32_t)-1;
927 ZERO_STRUCT(r.in.return_authenticator);
928 r.out.return_authenticator = &return_authenticator;
929 r.out.delta_enum_array = &delta_enum_array;
930
931 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
932 r.in.database_id = database_ids[i];
933 r.in.sequence_num = &sequence_nums[r.in.database_id];
934
935 if (*r.in.sequence_num == 0) continue;
936
937 *r.in.sequence_num -= 1;
938
939 torture_comment(tctx, "Testing DatabaseDeltas of id %d at %llu\n",
940 r.in.database_id, (unsigned long long)*r.in.sequence_num);
941
942 do {
943 netlogon_creds_client_authenticator(creds, &credential);
944
945 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseDeltas_r(b, tctx, &r),
946 "DatabaseDeltas failed");
947 if (NT_STATUS_EQUAL(r.out.result,
948 NT_STATUS_SYNCHRONIZATION_REQUIRED)) {
949 torture_comment(tctx, "not considering %s to be an error\n",
950 nt_errstr(r.out.result));
951 return true;
952 }
953 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
954 break;
955
956 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseDeltas");
957
958 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
959 torture_comment(tctx, "Credential chaining failed\n");
960 }
961
962 (*r.in.sequence_num)++;
963 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
964 }
965
966 return true;
967 }
968
969 static bool test_DatabaseRedo(struct torture_context *tctx,
970 struct dcerpc_pipe *p,
971 struct cli_credentials *machine_credentials)
972 {
973 struct netr_DatabaseRedo r;
974 struct netlogon_creds_CredentialState *creds;
975 struct netr_Authenticator credential;
976 struct netr_Authenticator return_authenticator;
977 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
978 struct netr_ChangeLogEntry e;
979 struct dom_sid null_sid, *sid;
980 int i,d;
981 struct dcerpc_binding_handle *b = p->binding_handle;
982
983 ZERO_STRUCT(null_sid);
984
985 sid = dom_sid_parse_talloc(tctx, "S-1-5-21-1111111111-2222222222-333333333-500");
986
987 {
988
989 struct {
990 uint32_t rid;
991 uint16_t flags;
992 uint8_t db_index;
993 uint8_t delta_type;
994 struct dom_sid sid;
995 const char *name;
996 NTSTATUS expected_error;
997 uint32_t expected_num_results;
998 uint8_t expected_delta_type_1;
999 uint8_t expected_delta_type_2;
1000 const char *comment;
1001 } changes[] = {
1002
1003 /* SAM_DATABASE_DOMAIN */
1004
1005 {
1006 .rid = 0,
1007 .flags = 0,
1008 .db_index = SAM_DATABASE_DOMAIN,
1009 .delta_type = NETR_DELTA_MODIFY_COUNT,
1010 .sid = null_sid,
1011 .name = NULL,
1012 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1013 .expected_num_results = 0,
1014 .comment = "NETR_DELTA_MODIFY_COUNT"
1015 },
1016 {
1017 .rid = 0,
1018 .flags = 0,
1019 .db_index = SAM_DATABASE_DOMAIN,
1020 .delta_type = 0,
1021 .sid = null_sid,
1022 .name = NULL,
1023 .expected_error = NT_STATUS_OK,
1024 .expected_num_results = 1,
1025 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1026 .comment = "NULL DELTA"
1027 },
1028 {
1029 .rid = 0,
1030 .flags = 0,
1031 .db_index = SAM_DATABASE_DOMAIN,
1032 .delta_type = NETR_DELTA_DOMAIN,
1033 .sid = null_sid,
1034 .name = NULL,
1035 .expected_error = NT_STATUS_OK,
1036 .expected_num_results = 1,
1037 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1038 .comment = "NETR_DELTA_DOMAIN"
1039 },
1040 {
1041 .rid = DOMAIN_RID_ADMINISTRATOR,
1042 .flags = 0,
1043 .db_index = SAM_DATABASE_DOMAIN,
1044 .delta_type = NETR_DELTA_USER,
1045 .sid = null_sid,
1046 .name = NULL,
1047 .expected_error = NT_STATUS_OK,
1048 .expected_num_results = 1,
1049 .expected_delta_type_1 = NETR_DELTA_USER,
1050 .comment = "NETR_DELTA_USER by rid 500"
1051 },
1052 {
1053 .rid = DOMAIN_RID_GUEST,
1054 .flags = 0,
1055 .db_index = SAM_DATABASE_DOMAIN,
1056 .delta_type = NETR_DELTA_USER,
1057 .sid = null_sid,
1058 .name = NULL,
1059 .expected_error = NT_STATUS_OK,
1060 .expected_num_results = 1,
1061 .expected_delta_type_1 = NETR_DELTA_USER,
1062 .comment = "NETR_DELTA_USER by rid 501"
1063 },
1064 {
1065 .rid = 0,
1066 .flags = NETR_CHANGELOG_SID_INCLUDED,
1067 .db_index = SAM_DATABASE_DOMAIN,
1068 .delta_type = NETR_DELTA_USER,
1069 .sid = *sid,
1070 .name = NULL,
1071 .expected_error = NT_STATUS_OK,
1072 .expected_num_results = 1,
1073 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1074 .comment = "NETR_DELTA_USER by sid and flags"
1075 },
1076 {
1077 .rid = 0,
1078 .flags = NETR_CHANGELOG_SID_INCLUDED,
1079 .db_index = SAM_DATABASE_DOMAIN,
1080 .delta_type = NETR_DELTA_USER,
1081 .sid = null_sid,
1082 .name = NULL,
1083 .expected_error = NT_STATUS_OK,
1084 .expected_num_results = 1,
1085 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1086 .comment = "NETR_DELTA_USER by null_sid and flags"
1087 },
1088 {
1089 .rid = 0,
1090 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1091 .db_index = SAM_DATABASE_DOMAIN,
1092 .delta_type = NETR_DELTA_USER,
1093 .sid = null_sid,
1094 .name = "administrator",
1095 .expected_error = NT_STATUS_OK,
1096 .expected_num_results = 1,
1097 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1098 .comment = "NETR_DELTA_USER by name 'administrator'"
1099 },
1100 {
1101 .rid = DOMAIN_RID_ADMINS,
1102 .flags = 0,
1103 .db_index = SAM_DATABASE_DOMAIN,
1104 .delta_type = NETR_DELTA_GROUP,
1105 .sid = null_sid,
1106 .name = NULL,
1107 .expected_error = NT_STATUS_OK,
1108 .expected_num_results = 2,
1109 .expected_delta_type_1 = NETR_DELTA_GROUP,
1110 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER,
1111 .comment = "NETR_DELTA_GROUP by rid 512"
1112 },
1113 {
1114 .rid = DOMAIN_RID_ADMINS,
1115 .flags = 0,
1116 .db_index = SAM_DATABASE_DOMAIN,
1117 .delta_type = NETR_DELTA_GROUP_MEMBER,
1118 .sid = null_sid,
1119 .name = NULL,
1120 .expected_error = NT_STATUS_OK,
1121 .expected_num_results = 2,
1122 .expected_delta_type_1 = NETR_DELTA_GROUP,
1123 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER,
1124 .comment = "NETR_DELTA_GROUP_MEMBER by rid 512"
1125 },
1126
1127
1128 /* SAM_DATABASE_BUILTIN */
1129
1130 {
1131 .rid = 0,
1132 .flags = 0,
1133 .db_index = SAM_DATABASE_BUILTIN,
1134 .delta_type = NETR_DELTA_MODIFY_COUNT,
1135 .sid = null_sid,
1136 .name = NULL,
1137 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1138 .expected_num_results = 0,
1139 .comment = "NETR_DELTA_MODIFY_COUNT"
1140 },
1141 {
1142 .rid = 0,
1143 .flags = 0,
1144 .db_index = SAM_DATABASE_BUILTIN,
1145 .delta_type = NETR_DELTA_DOMAIN,
1146 .sid = null_sid,
1147 .name = NULL,
1148 .expected_error = NT_STATUS_OK,
1149 .expected_num_results = 1,
1150 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1151 .comment = "NETR_DELTA_DOMAIN"
1152 },
1153 {
1154 .rid = DOMAIN_RID_ADMINISTRATOR,
1155 .flags = 0,
1156 .db_index = SAM_DATABASE_BUILTIN,
1157 .delta_type = NETR_DELTA_USER,
1158 .sid = null_sid,
1159 .name = NULL,
1160 .expected_error = NT_STATUS_OK,
1161 .expected_num_results = 1,
1162 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1163 .comment = "NETR_DELTA_USER by rid 500"
1164 },
1165 {
1166 .rid = 0,
1167 .flags = 0,
1168 .db_index = SAM_DATABASE_BUILTIN,
1169 .delta_type = NETR_DELTA_USER,
1170 .sid = null_sid,
1171 .name = NULL,
1172 .expected_error = NT_STATUS_OK,
1173 .expected_num_results = 1,
1174 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1175 .comment = "NETR_DELTA_USER"
1176 },
1177 {
1178 .rid = 544,
1179 .flags = 0,
1180 .db_index = SAM_DATABASE_BUILTIN,
1181 .delta_type = NETR_DELTA_ALIAS,
1182 .sid = null_sid,
1183 .name = NULL,
1184 .expected_error = NT_STATUS_OK,
1185 .expected_num_results = 2,
1186 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1187 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1188 .comment = "NETR_DELTA_ALIAS by rid 544"
1189 },
1190 {
1191 .rid = 544,
1192 .flags = 0,
1193 .db_index = SAM_DATABASE_BUILTIN,
1194 .delta_type = NETR_DELTA_ALIAS_MEMBER,
1195 .sid = null_sid,
1196 .name = NULL,
1197 .expected_error = NT_STATUS_OK,
1198 .expected_num_results = 2,
1199 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1200 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1201 .comment = "NETR_DELTA_ALIAS_MEMBER by rid 544"
1202 },
1203 {
1204 .rid = 544,
1205 .flags = 0,
1206 .db_index = SAM_DATABASE_BUILTIN,
1207 .delta_type = 0,
1208 .sid = null_sid,
1209 .name = NULL,
1210 .expected_error = NT_STATUS_OK,
1211 .expected_num_results = 1,
1212 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1213 .comment = "NULL DELTA by rid 544"
1214 },
1215 {
1216 .rid = 544,
1217 .flags = NETR_CHANGELOG_SID_INCLUDED,
1218 .db_index = SAM_DATABASE_BUILTIN,
1219 .delta_type = 0,
1220 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1221 .name = NULL,
1222 .expected_error = NT_STATUS_OK,
1223 .expected_num_results = 1,
1224 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1225 .comment = "NULL DELTA by rid 544 sid S-1-5-32-544 and flags"
1226 },
1227 {
1228 .rid = 544,
1229 .flags = NETR_CHANGELOG_SID_INCLUDED,
1230 .db_index = SAM_DATABASE_BUILTIN,
1231 .delta_type = NETR_DELTA_ALIAS,
1232 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1233 .name = NULL,
1234 .expected_error = NT_STATUS_OK,
1235 .expected_num_results = 2,
1236 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1237 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1238 .comment = "NETR_DELTA_ALIAS by rid 544 and sid S-1-5-32-544 and flags"
1239 },
1240 {
1241 .rid = 0,
1242 .flags = NETR_CHANGELOG_SID_INCLUDED,
1243 .db_index = SAM_DATABASE_BUILTIN,
1244 .delta_type = NETR_DELTA_ALIAS,
1245 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1246 .name = NULL,
1247 .expected_error = NT_STATUS_OK,
1248 .expected_num_results = 1,
1249 .expected_delta_type_1 = NETR_DELTA_DELETE_ALIAS,
1250 .comment = "NETR_DELTA_ALIAS by sid S-1-5-32-544 and flags"
1251 },
1252
1253 /* SAM_DATABASE_PRIVS */
1254
1255 {
1256 .rid = 0,
1257 .flags = 0,
1258 .db_index = SAM_DATABASE_PRIVS,
1259 .delta_type = 0,
1260 .sid = null_sid,
1261 .name = NULL,
1262 .expected_error = NT_STATUS_ACCESS_DENIED,
1263 .expected_num_results = 0,
1264 .comment = "NULL DELTA"
1265 },
1266 {
1267 .rid = 0,
1268 .flags = 0,
1269 .db_index = SAM_DATABASE_PRIVS,
1270 .delta_type = NETR_DELTA_MODIFY_COUNT,
1271 .sid = null_sid,
1272 .name = NULL,
1273 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1274 .expected_num_results = 0,
1275 .comment = "NETR_DELTA_MODIFY_COUNT"
1276 },
1277 {
1278 .rid = 0,
1279 .flags = 0,
1280 .db_index = SAM_DATABASE_PRIVS,
1281 .delta_type = NETR_DELTA_POLICY,
1282 .sid = null_sid,
1283 .name = NULL,
1284 .expected_error = NT_STATUS_OK,
1285 .expected_num_results = 1,
1286 .expected_delta_type_1 = NETR_DELTA_POLICY,
1287 .comment = "NETR_DELTA_POLICY"
1288 },
1289 {
1290 .rid = 0,
1291 .flags = NETR_CHANGELOG_SID_INCLUDED,
1292 .db_index = SAM_DATABASE_PRIVS,
1293 .delta_type = NETR_DELTA_POLICY,
1294 .sid = null_sid,
1295 .name = NULL,
1296 .expected_error = NT_STATUS_OK,
1297 .expected_num_results = 1,
1298 .expected_delta_type_1 = NETR_DELTA_POLICY,
1299 .comment = "NETR_DELTA_POLICY by null sid and flags"
1300 },
1301 {
1302 .rid = 0,
1303 .flags = NETR_CHANGELOG_SID_INCLUDED,
1304 .db_index = SAM_DATABASE_PRIVS,
1305 .delta_type = NETR_DELTA_POLICY,
1306 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32"),
1307 .name = NULL,
1308 .expected_error = NT_STATUS_OK,
1309 .expected_num_results = 1,
1310 .expected_delta_type_1 = NETR_DELTA_POLICY,
1311 .comment = "NETR_DELTA_POLICY by sid S-1-5-32 and flags"
1312 },
1313 {
1314 .rid = DOMAIN_RID_ADMINISTRATOR,
1315 .flags = 0,
1316 .db_index = SAM_DATABASE_PRIVS,
1317 .delta_type = NETR_DELTA_ACCOUNT,
1318 .sid = null_sid,
1319 .name = NULL,
1320 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED, /* strange */
1321 .expected_num_results = 0,
1322 .comment = "NETR_DELTA_ACCOUNT by rid 500"
1323 },
1324 {
1325 .rid = 0,
1326 .flags = NETR_CHANGELOG_SID_INCLUDED,
1327 .db_index = SAM_DATABASE_PRIVS,
1328 .delta_type = NETR_DELTA_ACCOUNT,
1329 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1330 .name = NULL,
1331 .expected_error = NT_STATUS_OK,
1332 .expected_num_results = 1,
1333 .expected_delta_type_1 = NETR_DELTA_ACCOUNT,
1334 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and flags"
1335 },
1336 {
1337 .rid = 0,
1338 .flags = NETR_CHANGELOG_SID_INCLUDED |
1339 NETR_CHANGELOG_IMMEDIATE_REPL_REQUIRED,
1340 .db_index = SAM_DATABASE_PRIVS,
1341 .delta_type = NETR_DELTA_ACCOUNT,
1342 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1343 .name = NULL,
1344 .expected_error = NT_STATUS_OK,
1345 .expected_num_results = 1,
1346 .expected_delta_type_1 = NETR_DELTA_ACCOUNT,
1347 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and 2 flags"
1348 },
1349 {
1350 .rid = 0,
1351 .flags = NETR_CHANGELOG_SID_INCLUDED |
1352 NETR_CHANGELOG_NAME_INCLUDED,
1353 .db_index = SAM_DATABASE_PRIVS,
1354 .delta_type = NETR_DELTA_ACCOUNT,
1355 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1356 .name = NULL,
1357 .expected_error = NT_STATUS_INVALID_PARAMETER,
1358 .expected_num_results = 0,
1359 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and invalid flags"
1360 },
1361 {
1362 .rid = DOMAIN_RID_ADMINISTRATOR,
1363 .flags = NETR_CHANGELOG_SID_INCLUDED,
1364 .db_index = SAM_DATABASE_PRIVS,
1365 .delta_type = NETR_DELTA_ACCOUNT,
1366 .sid = *sid,
1367 .name = NULL,
1368 .expected_error = NT_STATUS_OK,
1369 .expected_num_results = 1,
1370 .expected_delta_type_1 = NETR_DELTA_DELETE_ACCOUNT,
1371 .comment = "NETR_DELTA_ACCOUNT by rid 500, sid and flags"
1372 },
1373 {
1374 .rid = 0,
1375 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1376 .db_index = SAM_DATABASE_PRIVS,
1377 .delta_type = NETR_DELTA_SECRET,
1378 .sid = null_sid,
1379 .name = "IsurelydontexistIhope",
1380 .expected_error = NT_STATUS_OK,
1381 .expected_num_results = 1,
1382 .expected_delta_type_1 = NETR_DELTA_DELETE_SECRET,
1383 .comment = "NETR_DELTA_SECRET by name 'IsurelydontexistIhope' and flags"
1384 },
1385 {
1386 .rid = 0,
1387 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1388 .db_index = SAM_DATABASE_PRIVS,
1389 .delta_type = NETR_DELTA_SECRET,
1390 .sid = null_sid,
1391 .name = "G$BCKUPKEY_P",
1392 .expected_error = NT_STATUS_OK,
1393 .expected_num_results = 1,
1394 .expected_delta_type_1 = NETR_DELTA_SECRET,
1395 .comment = "NETR_DELTA_SECRET by name 'G$BCKUPKEY_P' and flags"
1396 }
1397 };
1398
1399 ZERO_STRUCT(return_authenticator);
1400
1401 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1402 r.in.computername = TEST_MACHINE_NAME;
1403 r.in.return_authenticator = &return_authenticator;
1404 r.out.return_authenticator = &return_authenticator;
1405 r.out.delta_enum_array = &delta_enum_array;
1406
1407 for (d=0; d<3; d++) {
1408 const char *database = NULL;
1409
1410 switch (d) {
1411 case 0:
1412 database = "SAM";
1413 break;
1414 case 1:
1415 database = "BUILTIN";
1416 break;
1417 case 2:
1418 database = "LSA";
1419 break;
1420 default:
1421 break;
1422 }
1423
1424 torture_comment(tctx, "Testing DatabaseRedo\n");
1425
1426 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1427 return false;
1428 }
1429
1430 for (i=0;i<ARRAY_SIZE(changes);i++) {
1431
1432 if (d != changes[i].db_index) {
1433 continue;
1434 }
1435
1436 netlogon_creds_client_authenticator(creds, &credential);
1437
1438 r.in.credential = &credential;
1439
1440 e.serial_number1 = 0;
1441 e.serial_number2 = 0;
1442 e.object_rid = changes[i].rid;
1443 e.flags = changes[i].flags;
1444 e.db_index = changes[i].db_index;
1445 e.delta_type = changes[i].delta_type;
1446
1447 switch (changes[i].flags & (NETR_CHANGELOG_NAME_INCLUDED | NETR_CHANGELOG_SID_INCLUDED)) {
1448 case NETR_CHANGELOG_SID_INCLUDED:
1449 e.object.object_sid = changes[i].sid;
1450 break;
1451 case NETR_CHANGELOG_NAME_INCLUDED:
1452 e.object.object_name = changes[i].name;
1453 break;
1454 default:
1455 break;
1456 }
1457
1458 r.in.change_log_entry = e;
1459
1460 torture_comment(tctx, "Testing DatabaseRedo with database %s and %s\n",
1461 database, changes[i].comment);
1462
1463 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseRedo_r(b, tctx, &r),
1464 "DatabaseRedo failed");
1465 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
1466 return true;
1467 }
1468
1469 torture_assert_ntstatus_equal(tctx, r.out.result, changes[i].expected_error, changes[i].comment);
1470 if (delta_enum_array) {
1471 torture_assert_int_equal(tctx,
1472 delta_enum_array->num_deltas,
1473 changes[i].expected_num_results,
1474 changes[i].comment);
1475 if (delta_enum_array->num_deltas > 0) {
1476 torture_assert_int_equal(tctx,
1477 delta_enum_array->delta_enum[0].delta_type,
1478 changes[i].expected_delta_type_1,
1479 changes[i].comment);
1480 }
1481 if (delta_enum_array->num_deltas > 1) {
1482 torture_assert_int_equal(tctx,
1483 delta_enum_array->delta_enum[1].delta_type,
1484 changes[i].expected_delta_type_2,
1485 changes[i].comment);
1486 }
1487 }
1488
1489 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
1490 torture_comment(tctx, "Credential chaining failed\n");
1491 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1492 return false;
1493 }
1494 }
1495 }
1496 }
1497 }
1498
1499 return true;
1500 }
1501
1502 /*
1503 try a netlogon AccountDeltas
1504 */
1505 static bool test_AccountDeltas(struct torture_context *tctx,
1506 struct dcerpc_pipe *p,
1507 struct cli_credentials *machine_credentials)
1508 {
1509 struct netr_AccountDeltas r;
1510 struct netlogon_creds_CredentialState *creds;
1511
1512 struct netr_AccountBuffer buffer;
1513 uint32_t count_returned = 0;
1514 uint32_t total_entries = 0;
1515 struct netr_UAS_INFO_0 recordid;
1516 struct netr_Authenticator return_authenticator;
1517 struct dcerpc_binding_handle *b = p->binding_handle;
1518
1519 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1520 return false;
1521 }
1522
1523 ZERO_STRUCT(return_authenticator);
1524
1525 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1526 r.in.computername = TEST_MACHINE_NAME;
1527 r.in.return_authenticator = &return_authenticator;
1528 netlogon_creds_client_authenticator(creds, &r.in.credential);
1529 ZERO_STRUCT(r.in.uas);
1530 r.in.count=10;
1531 r.in.level=0;
1532 r.in.buffersize=100;
1533 r.out.buffer = &buffer;
1534 r.out.count_returned = &count_returned;
1535 r.out.total_entries = &total_entries;
1536 r.out.recordid = &recordid;
1537 r.out.return_authenticator = &return_authenticator;
1538
1539 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1540 torture_assert_ntstatus_ok(tctx, dcerpc_netr_AccountDeltas_r(b, tctx, &r),
1541 "AccountDeltas failed");
1542 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_NOT_IMPLEMENTED, "AccountDeltas");
1543
1544 return true;
1545 }
1546
1547 /*
1548 try a netlogon AccountSync
1549 */
1550 static bool test_AccountSync(struct torture_context *tctx, struct dcerpc_pipe *p,
1551 struct cli_credentials *machine_credentials)
1552 {
1553 struct netr_AccountSync r;
1554 struct netlogon_creds_CredentialState *creds;
1555
1556 struct netr_AccountBuffer buffer;
1557 uint32_t count_returned = 0;
1558 uint32_t total_entries = 0;
1559 uint32_t next_reference = 0;
1560 struct netr_UAS_INFO_0 recordid;
1561 struct netr_Authenticator return_authenticator;
1562 struct dcerpc_binding_handle *b = p->binding_handle;
1563
1564 ZERO_STRUCT(recordid);
1565 ZERO_STRUCT(return_authenticator);
1566
1567 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1568 return false;
1569 }
1570
1571 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1572 r.in.computername = TEST_MACHINE_NAME;
1573 r.in.return_authenticator = &return_authenticator;
1574 netlogon_creds_client_authenticator(creds, &r.in.credential);
1575 r.in.recordid = &recordid;
1576 r.in.reference=0;
1577 r.in.level=0;
1578 r.in.buffersize=100;
1579 r.out.buffer = &buffer;
1580 r.out.count_returned = &count_returned;
1581 r.out.total_entries = &total_entries;
1582 r.out.next_reference = &next_reference;
1583 r.out.recordid = &recordid;
1584 r.out.return_authenticator = &return_authenticator;
1585
1586 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1587 torture_assert_ntstatus_ok(tctx, dcerpc_netr_AccountSync_r(b, tctx, &r),
1588 "AccountSync failed");
1589 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_NOT_IMPLEMENTED, "AccountSync");
1590
1591 return true;
1592 }
1593
1594 /*
1595 try a netlogon GetDcName
1596 */
1597 static bool test_GetDcName(struct torture_context *tctx,
1598 struct dcerpc_pipe *p)
1599 {
1600 struct netr_GetDcName r;
1601 const char *dcname = NULL;
1602 struct dcerpc_binding_handle *b = p->binding_handle;
1603
1604 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1605 r.in.domainname = lpcfg_workgroup(tctx->lp_ctx);
1606 r.out.dcname = &dcname;
1607
1608 torture_assert_ntstatus_ok(tctx, dcerpc_netr_GetDcName_r(b, tctx, &r),
1609 "GetDcName failed");
1610 torture_assert_werr_ok(tctx, r.out.result, "GetDcName failed");
1611
1612 torture_comment(tctx, "\tDC is at '%s'\n", dcname);
1613
1614 return true;
1615 }
1616
1617 static const char *function_code_str(TALLOC_CTX *mem_ctx,
1618 enum netr_LogonControlCode function_code)
1619 {
1620 switch (function_code) {
1621 case NETLOGON_CONTROL_QUERY:
1622 return "NETLOGON_CONTROL_QUERY";
1623 case NETLOGON_CONTROL_REPLICATE:
1624 return "NETLOGON_CONTROL_REPLICATE";
1625 case NETLOGON_CONTROL_SYNCHRONIZE:
1626 return "NETLOGON_CONTROL_SYNCHRONIZE";
1627 case NETLOGON_CONTROL_PDC_REPLICATE:
1628 return "NETLOGON_CONTROL_PDC_REPLICATE";
1629 case NETLOGON_CONTROL_REDISCOVER:
1630 return "NETLOGON_CONTROL_REDISCOVER";
1631 case NETLOGON_CONTROL_TC_QUERY:
1632 return "NETLOGON_CONTROL_TC_QUERY";
1633 case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1634 return "NETLOGON_CONTROL_TRANSPORT_NOTIFY";
1635 case NETLOGON_CONTROL_FIND_USER:
1636 return "NETLOGON_CONTROL_FIND_USER";
1637 case NETLOGON_CONTROL_CHANGE_PASSWORD:
1638 return "NETLOGON_CONTROL_CHANGE_PASSWORD";
1639 case NETLOGON_CONTROL_TC_VERIFY:
1640 return "NETLOGON_CONTROL_TC_VERIFY";
1641 case NETLOGON_CONTROL_FORCE_DNS_REG:
1642 return "NETLOGON_CONTROL_FORCE_DNS_REG";
1643 case NETLOGON_CONTROL_QUERY_DNS_REG:
1644 return "NETLOGON_CONTROL_QUERY_DNS_REG";
1645 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1646 return "NETLOGON_CONTROL_BACKUP_CHANGE_LOG";
1647 case NETLOGON_CONTROL_TRUNCATE_LOG:
1648 return "NETLOGON_CONTROL_TRUNCATE_LOG";
1649 case NETLOGON_CONTROL_SET_DBFLAG:
1650 return "NETLOGON_CONTROL_SET_DBFLAG";
1651 case NETLOGON_CONTROL_BREAKPOINT:
1652 return "NETLOGON_CONTROL_BREAKPOINT";
1653 default:
1654 return talloc_asprintf(mem_ctx, "unknown function code: %d",
1655 function_code);
1656 }
1657 }
1658
1659
1660 /*
1661 try a netlogon LogonControl
1662 */
1663 static bool test_LogonControl(struct torture_context *tctx,
1664 struct dcerpc_pipe *p,
1665 struct cli_credentials *machine_credentials)
1666
1667 {
1668 NTSTATUS status;
1669 struct netr_LogonControl r;
1670 union netr_CONTROL_QUERY_INFORMATION query;
1671 int i,f;
1672 enum netr_SchannelType secure_channel_type = SEC_CHAN_NULL;
1673 struct dcerpc_binding_handle *b = p->binding_handle;
1674
1675 uint32_t function_codes[] = {
1676 NETLOGON_CONTROL_QUERY,
1677 NETLOGON_CONTROL_REPLICATE,
1678 NETLOGON_CONTROL_SYNCHRONIZE,
1679 NETLOGON_CONTROL_PDC_REPLICATE,
1680 NETLOGON_CONTROL_REDISCOVER,
1681 NETLOGON_CONTROL_TC_QUERY,
1682 NETLOGON_CONTROL_TRANSPORT_NOTIFY,
1683 NETLOGON_CONTROL_FIND_USER,
1684 NETLOGON_CONTROL_CHANGE_PASSWORD,
1685 NETLOGON_CONTROL_TC_VERIFY,
1686 NETLOGON_CONTROL_FORCE_DNS_REG,
1687 NETLOGON_CONTROL_QUERY_DNS_REG,
1688 NETLOGON_CONTROL_BACKUP_CHANGE_LOG,
1689 NETLOGON_CONTROL_TRUNCATE_LOG,
1690 NETLOGON_CONTROL_SET_DBFLAG,
1691 NETLOGON_CONTROL_BREAKPOINT
1692 };
1693
1694 if (machine_credentials) {
1695 secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
1696 }
1697
1698 torture_comment(tctx, "Testing LogonControl with secure channel type: %d\n",
1699 secure_channel_type);
1700
1701 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1702 r.in.function_code = 1;
1703 r.out.query = &query;
1704
1705 for (f=0;f<ARRAY_SIZE(function_codes); f++) {
1706 for (i=1;i<5;i++) {
1707
1708 r.in.function_code = function_codes[f];
1709 r.in.level = i;
1710
1711 torture_comment(tctx, "Testing LogonControl function code %s (%d) level %d\n",
1712 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
1713
1714 status = dcerpc_netr_LogonControl_r(b, tctx, &r);
1715 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1716
1717 switch (r.in.level) {
1718 case 1:
1719 switch (r.in.function_code) {
1720 case NETLOGON_CONTROL_REPLICATE:
1721 case NETLOGON_CONTROL_SYNCHRONIZE:
1722 case NETLOGON_CONTROL_PDC_REPLICATE:
1723 case NETLOGON_CONTROL_BREAKPOINT:
1724 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1725 if ((secure_channel_type == SEC_CHAN_BDC) ||
1726 (secure_channel_type == SEC_CHAN_WKSTA)) {
1727 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1728 "LogonControl returned unexpected error code");
1729 } else {
1730 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1731 "LogonControl returned unexpected error code");
1732 }
1733 break;
1734
1735 case NETLOGON_CONTROL_REDISCOVER:
1736 case NETLOGON_CONTROL_TC_QUERY:
1737 case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1738 case NETLOGON_CONTROL_FIND_USER:
1739 case NETLOGON_CONTROL_CHANGE_PASSWORD:
1740 case NETLOGON_CONTROL_TC_VERIFY:
1741 case NETLOGON_CONTROL_FORCE_DNS_REG:
1742 case NETLOGON_CONTROL_QUERY_DNS_REG:
1743 case NETLOGON_CONTROL_SET_DBFLAG:
1744 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1745 "LogonControl returned unexpected error code");
1746 break;
1747 case NETLOGON_CONTROL_TRUNCATE_LOG:
1748 if ((secure_channel_type == SEC_CHAN_BDC) ||
1749 (secure_channel_type == SEC_CHAN_WKSTA)) {
1750 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1751 "LogonControl returned unexpected error code");
1752 } else {
1753 torture_assert_werr_ok(tctx, r.out.result,
1754 "LogonControl returned unexpected result");
1755 }
1756 break;
1757 default:
1758 torture_assert_werr_ok(tctx, r.out.result,
1759 "LogonControl returned unexpected result");
1760 break;
1761 }
1762 break;
1763 case 2:
1764 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1765 "LogonControl returned unexpected error code");
1766 break;
1767 default:
1768 torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL,
1769 "LogonControl returned unexpected error code");
1770 break;
1771 }
1772 }
1773 }
1774
1775 return true;
1776 }
1777
1778
1779 /*
1780 try a netlogon GetAnyDCName
1781 */
1782 static bool test_GetAnyDCName(struct torture_context *tctx,
1783 struct dcerpc_pipe *p)
1784 {
1785 NTSTATUS status;
1786 struct netr_GetAnyDCName r;
1787 const char *dcname = NULL;
1788 struct dcerpc_binding_handle *b = p->binding_handle;
1789
1790 r.in.domainname = lpcfg_workgroup(tctx->lp_ctx);
1791 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1792 r.out.dcname = &dcname;
1793
1794 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
1795 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1796 if ((!W_ERROR_IS_OK(r.out.result)) &&
1797 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
1798 return false;
1799 }
1800
1801 if (dcname) {
1802 torture_comment(tctx, "\tDC is at '%s'\n", dcname);
1803 }
1804
1805 r.in.domainname = NULL;
1806
1807 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
1808 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1809 if ((!W_ERROR_IS_OK(r.out.result)) &&
1810 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
1811 return false;
1812 }
1813
1814 r.in.domainname = "";
1815
1816 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
1817 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1818 if ((!W_ERROR_IS_OK(r.out.result)) &&
1819 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
1820 return false;
1821 }
1822
1823 return true;
1824 }
1825
1826
1827 /*
1828 try a netlogon LogonControl2
1829 */
1830 static bool test_LogonControl2(struct torture_context *tctx,
1831 struct dcerpc_pipe *p,
1832 struct cli_credentials *machine_credentials)
1833
1834 {
1835 NTSTATUS status;
1836 struct netr_LogonControl2 r;
1837 union netr_CONTROL_DATA_INFORMATION data;
1838 union netr_CONTROL_QUERY_INFORMATION query;
1839 int i;
1840 struct dcerpc_binding_handle *b = p->binding_handle;
1841
1842 data.domain = lpcfg_workgroup(tctx->lp_ctx);
1843
1844 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1845
1846 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
1847 r.in.data = &data;
1848 r.out.query = &query;
1849
1850 for (i=1;i<4;i++) {
1851 r.in.level = i;
1852
1853 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1854 i, r.in.function_code);
1855
1856 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1857 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1858 }
1859
1860 data.domain = lpcfg_workgroup(tctx->lp_ctx);
1861
1862 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
1863 r.in.data = &data;
1864
1865 for (i=1;i<4;i++) {
1866 r.in.level = i;
1867
1868 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1869 i, r.in.function_code);
1870
1871 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1872 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1873 }
1874
1875 data.domain = lpcfg_workgroup(tctx->lp_ctx);
1876
1877 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
1878 r.in.data = &data;
1879
1880 for (i=1;i<4;i++) {
1881 r.in.level = i;
1882
1883 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1884 i, r.in.function_code);
1885
1886 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1887 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1888 }
1889
1890 data.debug_level = ~0;
1891
1892 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
1893 r.in.data = &data;
1894
1895 for (i=1;i<4;i++) {
1896 r.in.level = i;
1897
1898 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1899 i, r.in.function_code);
1900
1901 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1902 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1903 }
1904
1905 return true;
1906 }
1907
1908 /*
1909 try a netlogon DatabaseSync2
1910 */
1911 static bool test_DatabaseSync2(struct torture_context *tctx,
1912 struct dcerpc_pipe *p,
1913 struct cli_credentials *machine_credentials)
1914 {
1915 struct netr_DatabaseSync2 r;
1916 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1917 struct netr_Authenticator return_authenticator, credential;
1918
1919 struct netlogon_creds_CredentialState *creds;
1920 const uint32_t database_ids[] = {0, 1, 2};
1921 int i;
1922 struct dcerpc_binding_handle *b = p->binding_handle;
1923
1924 if (!test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_FLAGS,
1925 machine_credentials,
1926 cli_credentials_get_secure_channel_type(machine_credentials),
1927 &creds)) {
1928 return false;
1929 }
1930
1931 ZERO_STRUCT(return_authenticator);
1932
1933 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1934 r.in.computername = TEST_MACHINE_NAME;
1935 r.in.preferredmaximumlength = (uint32_t)-1;
1936 r.in.return_authenticator = &return_authenticator;
1937 r.out.return_authenticator = &return_authenticator;
1938 r.out.delta_enum_array = &delta_enum_array;
1939
1940 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1941
1942 uint32_t sync_context = 0;
1943
1944 r.in.database_id = database_ids[i];
1945 r.in.sync_context = &sync_context;
1946 r.out.sync_context = &sync_context;
1947 r.in.restart_state = 0;
1948
1949 torture_comment(tctx, "Testing DatabaseSync2 of id %d\n", r.in.database_id);
1950
1951 do {
1952 netlogon_creds_client_authenticator(creds, &credential);
1953
1954 r.in.credential = &credential;
1955
1956 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseSync2_r(b, tctx, &r),
1957 "DatabaseSync2 failed");
1958 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
1959 break;
1960
1961 /* Native mode servers don't do this */
1962 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
1963 return true;
1964 }
1965
1966 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseSync2");
1967
1968 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
1969 torture_comment(tctx, "Credential chaining failed\n");
1970 }
1971
1972 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
1973 }
1974
1975 return true;
1976 }
1977
1978
1979 /*
1980 try a netlogon LogonControl2Ex
1981 */
1982 static bool test_LogonControl2Ex(struct torture_context *tctx,
1983 struct dcerpc_pipe *p,
1984 struct cli_credentials *machine_credentials)
1985
1986 {
1987 NTSTATUS status;
1988 struct netr_LogonControl2Ex r;
1989 union netr_CONTROL_DATA_INFORMATION data;
1990 union netr_CONTROL_QUERY_INFORMATION query;
1991 int i;
1992 struct dcerpc_binding_handle *b = p->binding_handle;
1993
1994 data.domain = lpcfg_workgroup(tctx->lp_ctx);
1995
1996 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1997
1998 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
1999 r.in.data = &data;
2000 r.out.query = &query;
2001
2002 for (i=1;i<4;i++) {
2003 r.in.level = i;
2004
2005 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2006 i, r.in.function_code);
2007
2008 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2009 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2010 }
2011
2012 data.domain = lpcfg_workgroup(tctx->lp_ctx);
2013
2014 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
2015 r.in.data = &data;
2016
2017 for (i=1;i<4;i++) {
2018 r.in.level = i;
2019
2020 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2021 i, r.in.function_code);
2022
2023 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2024 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2025 }
2026
2027 data.domain = lpcfg_workgroup(tctx->lp_ctx);
2028
2029 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
2030 r.in.data = &data;
2031
2032 for (i=1;i<4;i++) {
2033 r.in.level = i;
2034
2035 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2036 i, r.in.function_code);
2037
2038 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2039 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2040 }
2041
2042 data.debug_level = ~0;
2043
2044 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
2045 r.in.data = &data;
2046
2047 for (i=1;i<4;i++) {
2048 r.in.level = i;
2049
2050 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2051 i, r.in.function_code);
2052
2053 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2054 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2055 }
2056
2057 return true;
2058 }
2059
2060 static bool test_netr_GetForestTrustInformation(struct torture_context *tctx,
2061 struct dcerpc_pipe *p,
2062 struct cli_credentials *machine_credentials)
2063 {
2064 struct netr_GetForestTrustInformation r;
2065 struct netlogon_creds_CredentialState *creds;
2066 struct netr_Authenticator a;
2067 struct netr_Authenticator return_authenticator;
2068 struct lsa_ForestTrustInformation *forest_trust_info;
2069 struct dcerpc_binding_handle *b = p->binding_handle;
2070
2071 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2072 machine_credentials, &creds)) {
2073 return false;
2074 }
2075
2076 netlogon_creds_client_authenticator(creds, &a);
2077
2078 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2079 r.in.computer_name = TEST_MACHINE_NAME;
2080 r.in.credential = &a;
2081 r.in.flags = 0;
2082 r.out.return_authenticator = &return_authenticator;
2083 r.out.forest_trust_info = &forest_trust_info;
2084
2085 torture_assert_ntstatus_ok(tctx,
2086 dcerpc_netr_GetForestTrustInformation_r(b, tctx, &r),
2087 "netr_GetForestTrustInformation failed");
2088 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_IMPLEMENTED)) {
2089 torture_comment(tctx, "not considering NT_STATUS_NOT_IMPLEMENTED as an error\n");
2090 } else {
2091 torture_assert_ntstatus_ok(tctx, r.out.result,
2092 "netr_GetForestTrustInformation failed");
2093 }
2094
2095 torture_assert(tctx,
2096 netlogon_creds_client_check(creds, &return_authenticator.cred),
2097 "Credential chaining failed");
2098
2099 return true;
2100 }
2101
2102 static bool test_netr_DsRGetForestTrustInformation(struct torture_context *tctx,
2103 struct dcerpc_pipe *p, const char *trusted_domain_name)
2104 {
2105 NTSTATUS status;
2106 struct netr_DsRGetForestTrustInformation r;
2107 struct lsa_ForestTrustInformation info, *info_ptr;
2108 struct dcerpc_binding_handle *b = p->binding_handle;
2109
2110 info_ptr = &info;
2111
2112 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2113 r.in.trusted_domain_name = trusted_domain_name;
2114 r.in.flags = 0;
2115 r.out.forest_trust_info = &info_ptr;
2116
2117 torture_comment(tctx ,"Testing netr_DsRGetForestTrustInformation\n");
2118
2119 status = dcerpc_netr_DsRGetForestTrustInformation_r(b, tctx, &r);
2120 torture_assert_ntstatus_ok(tctx, status, "DsRGetForestTrustInformation");
2121 torture_assert_werr_ok(tctx, r.out.result, "DsRGetForestTrustInformation");
2122
2123 return true;
2124 }
2125
2126 /*
2127 try a netlogon netr_DsrEnumerateDomainTrusts
2128 */
2129 static bool test_DsrEnumerateDomainTrusts(struct torture_context *tctx,
2130 struct dcerpc_pipe *p)
2131 {
2132 NTSTATUS status;
2133 struct netr_DsrEnumerateDomainTrusts r;
2134 struct netr_DomainTrustList trusts;
2135 int i;
2136 struct dcerpc_binding_handle *b = p->binding_handle;
2137
2138 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2139 r.in.trust_flags = 0x3f;
2140 r.out.trusts = &trusts;
2141
2142 status = dcerpc_netr_DsrEnumerateDomainTrusts_r(b, tctx, &r);
2143 torture_assert_ntstatus_ok(tctx, status, "DsrEnumerateDomaintrusts");
2144 torture_assert_werr_ok(tctx, r.out.result, "DsrEnumerateDomaintrusts");
2145
2146 /* when trusted_domain_name is NULL, netr_DsRGetForestTrustInformation
2147 * will show non-forest trusts and all UPN suffixes of the own forest
2148 * as LSA_FOREST_TRUST_TOP_LEVEL_NAME types */
2149
2150 if (r.out.trusts->count) {
2151 if (!test_netr_DsRGetForestTrustInformation(tctx, p, NULL)) {
2152 return false;
2153 }
2154 }
2155
2156 for (i=0; i<r.out.trusts->count; i++) {
2157
2158 /* get info for transitive forest trusts */
2159
2160 if (r.out.trusts->array[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
2161 if (!test_netr_DsRGetForestTrustInformation(tctx, p,
2162 r.out.trusts->array[i].dns_name)) {
2163 return false;
2164 }
2165 }
2166 }
2167
2168 return true;
2169 }
2170
2171 static bool test_netr_NetrEnumerateTrustedDomains(struct torture_context *tctx,
2172 struct dcerpc_pipe *p)
2173 {
2174 NTSTATUS status;
2175 struct netr_NetrEnumerateTrustedDomains r;
2176 struct netr_Blob trusted_domains_blob;
2177 struct dcerpc_binding_handle *b = p->binding_handle;
2178
2179 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2180 r.out.trusted_domains_blob = &trusted_domains_blob;
2181
2182 status = dcerpc_netr_NetrEnumerateTrustedDomains_r(b, tctx, &r);
2183 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomains");
2184 torture_assert_ntstatus_ok(tctx, r.out.result, "NetrEnumerateTrustedDomains");
2185
2186 return true;
2187 }
2188
2189 static bool test_netr_NetrEnumerateTrustedDomainsEx(struct torture_context *tctx,
2190 struct dcerpc_pipe *p)
2191 {
2192 NTSTATUS status;
2193 struct netr_NetrEnumerateTrustedDomainsEx r;
2194 struct netr_DomainTrustList dom_trust_list;
2195 struct dcerpc_binding_handle *b = p->binding_handle;
2196
2197 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2198 r.out.dom_trust_list = &dom_trust_list;
2199
2200 status = dcerpc_netr_NetrEnumerateTrustedDomainsEx_r(b, tctx, &r);
2201 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomainsEx");
2202 torture_assert_werr_ok(tctx, r.out.result, "NetrEnumerateTrustedDomainsEx");
2203
2204 return true;
2205 }
2206
2207
2208 static bool test_netr_DsRGetSiteName(struct dcerpc_pipe *p, struct torture_context *tctx,
2209 const char *computer_name,
2210 const char *expected_site)
2211 {
2212 NTSTATUS status;
2213 struct netr_DsRGetSiteName r;
2214 const char *site = NULL;
2215 struct dcerpc_binding_handle *b = p->binding_handle;
2216
2217 r.in.computer_name = computer_name;
2218 r.out.site = &site;
2219 torture_comment(tctx, "Testing netr_DsRGetSiteName\n");
2220
2221 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
2222 torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
2223 torture_assert_werr_ok(tctx, r.out.result, "DsRGetSiteName");
2224 torture_assert_str_equal(tctx, expected_site, site, "netr_DsRGetSiteName");
2225
2226 if (torture_setting_bool(tctx, "samba4", false))
2227 torture_skip(tctx, "skipping computer name check against Samba4");
2228
2229 r.in.computer_name = talloc_asprintf(tctx, "\\\\%s", computer_name);
2230 torture_comment(tctx,
2231 "Testing netr_DsRGetSiteName with broken computer name: %s\n", r.in.computer_name);
2232
2233 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
2234 torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
2235 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_COMPUTERNAME, "netr_DsRGetSiteName");
2236
2237 return true;
2238 }
2239
2240 /*
2241 try a netlogon netr_DsRGetDCName
2242 */
2243 static bool test_netr_DsRGetDCName(struct torture_context *tctx,
2244 struct dcerpc_pipe *p)
2245 {
2246 NTSTATUS status;
2247 struct netr_DsRGetDCName r;
2248 struct netr_DsRGetDCNameInfo *info = NULL;
2249 struct dcerpc_binding_handle *b = p->binding_handle;
2250
2251 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2252 r.in.domain_name = lpcfg_dnsdomain(tctx->lp_ctx);
2253 r.in.domain_guid = NULL;
2254 r.in.site_guid = NULL;
2255 r.in.flags = DS_RETURN_DNS_NAME;
2256 r.out.info = &info;
2257
2258 status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
2259 torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
2260 torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
2261
2262 r.in.domain_name = lpcfg_workgroup(tctx->lp_ctx);
2263
2264 status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
2265 torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
2266 torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
2267
2268 return test_netr_DsRGetSiteName(p, tctx,
2269 info->dc_unc,
2270 info->dc_site_name);
2271 }
2272
2273 /*
2274 try a netlogon netr_DsRGetDCNameEx
2275 */
2276 static bool test_netr_DsRGetDCNameEx(struct torture_context *tctx,
2277 struct dcerpc_pipe *p)
2278 {
2279 NTSTATUS status;
2280 struct netr_DsRGetDCNameEx r;
2281 struct netr_DsRGetDCNameInfo *info = NULL;
2282 struct dcerpc_binding_handle *b = p->binding_handle;
2283
2284 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2285 r.in.domain_name = lpcfg_dnsdomain(tctx->lp_ctx);
2286 r.in.domain_guid = NULL;
2287 r.in.site_name = NULL;
2288 r.in.flags = DS_RETURN_DNS_NAME;
2289 r.out.info = &info;
2290
2291 status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
2292 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
2293 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
2294
2295 r.in.domain_name = lpcfg_workgroup(tctx->lp_ctx);
2296
2297 status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
2298 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
2299 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
2300
2301 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2302 info->dc_site_name);
2303 }
2304
2305 /*
2306 try a netlogon netr_DsRGetDCNameEx2
2307 */
2308 static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx,
2309 struct dcerpc_pipe *p)
2310 {
2311 NTSTATUS status;
2312 struct netr_DsRGetDCNameEx2 r;
2313 struct netr_DsRGetDCNameInfo *info = NULL;
2314 struct dcerpc_binding_handle *b = p->binding_handle;
2315
2316 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with no inputs\n");
2317 ZERO_STRUCT(r.in);
2318 r.in.flags = DS_RETURN_DNS_NAME;
2319 r.out.info = &info;
2320
2321 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2322 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2323 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2324
2325 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2326 r.in.client_account = NULL;
2327 r.in.mask = 0x00000000;
2328 r.in.domain_name = lpcfg_dnsdomain(tctx->lp_ctx);
2329 r.in.domain_guid = NULL;
2330 r.in.site_name = NULL;
2331 r.in.flags = DS_RETURN_DNS_NAME;
2332 r.out.info = &info;
2333
2334 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 without client account\n");
2335
2336 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2337 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2338 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2339
2340 r.in.domain_name = lpcfg_workgroup(tctx->lp_ctx);
2341
2342 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2343 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2344 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2345
2346 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with client account\n");
2347 r.in.client_account = TEST_MACHINE_NAME"$";
2348 r.in.mask = ACB_SVRTRUST;
2349 r.in.flags = DS_RETURN_FLAT_NAME;
2350 r.out.info = &info;
2351
2352 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2353 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2354 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2355
2356 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2357 info->dc_site_name);
2358 }
2359
2360 static bool test_netr_DsrGetDcSiteCoverageW(struct torture_context *tctx,
2361 struct dcerpc_pipe *p)
2362 {
2363 char *url;
2364 struct ldb_context *sam_ctx = NULL;
2365 NTSTATUS status;
2366 struct netr_DsrGetDcSiteCoverageW r;
2367 struct DcSitesCtr *ctr = NULL;
2368 struct dcerpc_binding_handle *b = p->binding_handle;
2369
2370 torture_comment(tctx, "This does only pass with the default site\n");
2371
2372 /* We won't double-check this when we are over 'local' transports */
2373 if (dcerpc_server_name(p)) {
2374 /* Set up connection to SAMDB on DC */
2375 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2376 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2377 NULL,
2378 cmdline_credentials,
2379 0);
2380
2381 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2382 }
2383
2384 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2385 r.out.ctr = &ctr;
2386
2387 status = dcerpc_netr_DsrGetDcSiteCoverageW_r(b, tctx, &r);
2388 torture_assert_ntstatus_ok(tctx, status, "failed");
2389 torture_assert_werr_ok(tctx, r.out.result, "failed");
2390
2391 torture_assert(tctx, ctr->num_sites == 1,
2392 "we should per default only get the default site");
2393 if (sam_ctx != NULL) {
2394 torture_assert_casestr_equal(tctx, ctr->sites[0].string,
2395 samdb_server_site_name(sam_ctx, tctx),
2396 "didn't return default site");
2397 }
2398
2399 return true;
2400 }
2401
2402 static bool test_netr_DsRAddressToSitenamesW(struct torture_context *tctx,
2403 struct dcerpc_pipe *p)
2404 {
2405 char *url;
2406 struct ldb_context *sam_ctx = NULL;
2407 NTSTATUS status;
2408 struct netr_DsRAddressToSitenamesW r;
2409 struct netr_DsRAddress addrs[6];
2410 struct sockaddr_in *addr;
2411 #ifdef HAVE_IPV6
2412 struct sockaddr_in6 *addr6;
2413 #endif
2414 struct netr_DsRAddressToSitenamesWCtr *ctr;
2415 struct dcerpc_binding_handle *b = p->binding_handle;
2416 uint32_t i;
2417 int ret;
2418
2419 torture_comment(tctx, "This does only pass with the default site\n");
2420
2421 /* We won't double-check this when we are over 'local' transports */
2422 if (dcerpc_server_name(p)) {
2423 /* Set up connection to SAMDB on DC */
2424 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2425 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2426 NULL,
2427 cmdline_credentials,
2428 0);
2429
2430 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2431 }
2432
2433 /* First try valid IP addresses */
2434
2435 addrs[0].size = sizeof(struct sockaddr_in);
2436 addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
2437 addr = (struct sockaddr_in *) addrs[0].buffer;
2438 addrs[0].buffer[0] = AF_INET;
2439 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2440 torture_assert(tctx, ret > 0, "inet_pton failed");
2441
2442 addrs[1].size = sizeof(struct sockaddr_in);
2443 addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
2444 addr = (struct sockaddr_in *) addrs[1].buffer;
2445 addrs[1].buffer[0] = AF_INET;
2446 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2447 torture_assert(tctx, ret > 0, "inet_pton failed");
2448
2449 addrs[2].size = sizeof(struct sockaddr_in);
2450 addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
2451 addr = (struct sockaddr_in *) addrs[2].buffer;
2452 addrs[2].buffer[0] = AF_INET;
2453 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2454 torture_assert(tctx, ret > 0, "inet_pton failed");
2455
2456 #ifdef HAVE_IPV6
2457 addrs[3].size = sizeof(struct sockaddr_in6);
2458 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2459 addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
2460 addrs[3].buffer[0] = AF_INET6;
2461 ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
2462 torture_assert(tctx, ret > 0, "inet_pton failed");
2463
2464 addrs[4].size = sizeof(struct sockaddr_in6);
2465 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2466 addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
2467 addrs[4].buffer[0] = AF_INET6;
2468 ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
2469 torture_assert(tctx, ret > 0, "inet_pton failed");
2470
2471 addrs[5].size = sizeof(struct sockaddr_in6);
2472 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2473 addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
2474 addrs[5].buffer[0] = AF_INET6;
2475 ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
2476 torture_assert(tctx, ret > 0, "inet_pton failed");
2477 #else
2478 /* the test cases are repeated to have exactly 6. This is for
2479 * compatibility with IPv4-only machines */
2480 addrs[3].size = sizeof(struct sockaddr_in);
2481 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2482 addr = (struct sockaddr_in *) addrs[3].buffer;
2483 addrs[3].buffer[0] = AF_INET;
2484 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2485 torture_assert(tctx, ret > 0, "inet_pton failed");
2486
2487 addrs[4].size = sizeof(struct sockaddr_in);
2488 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2489 addr = (struct sockaddr_in *) addrs[4].buffer;
2490 addrs[4].buffer[0] = AF_INET;
2491 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2492 torture_assert(tctx, ret > 0, "inet_pton failed");
2493
2494 addrs[5].size = sizeof(struct sockaddr_in);
2495 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2496 addr = (struct sockaddr_in *) addrs[5].buffer;
2497 addrs[5].buffer[0] = AF_INET;
2498 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2499 torture_assert(tctx, ret > 0, "inet_pton failed");
2500 #endif
2501
2502 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesWCtr);
2503
2504 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2505 r.in.count = 6;
2506 r.in.addresses = addrs;
2507 r.out.ctr = &ctr;
2508
2509 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2510 torture_assert_ntstatus_ok(tctx, status, "failed");
2511 torture_assert_werr_ok(tctx, r.out.result, "failed");
2512
2513 if (sam_ctx != NULL) {
2514 for (i = 0; i < 3; i++) {
2515 torture_assert_casestr_equal(tctx,
2516 ctr->sitename[i].string,
2517 samdb_server_site_name(sam_ctx, tctx),
2518 "didn't return default site");
2519 }
2520 for (i = 3; i < 6; i++) {
2521 /* Windows returns "NULL" for the sitename if it isn't
2522 * IPv6 configured */
2523 if (torture_setting_bool(tctx, "samba4", false)) {
2524 torture_assert_casestr_equal(tctx,
2525 ctr->sitename[i].string,
2526 samdb_server_site_name(sam_ctx, tctx),
2527 "didn't return default site");
2528 }
2529 }
2530 }
2531
2532 /* Now try invalid ones (too short buffers) */
2533
2534 addrs[0].size = 0;
2535 addrs[1].size = 1;
2536 addrs[2].size = 4;
2537
2538 addrs[3].size = 0;
2539 addrs[4].size = 1;
2540 addrs[5].size = 4;
2541
2542 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2543 torture_assert_ntstatus_ok(tctx, status, "failed");
2544 torture_assert_werr_ok(tctx, r.out.result, "failed");
2545
2546 for (i = 0; i < 6; i++) {
2547 torture_assert(tctx, ctr->sitename[i].string == NULL,
2548 "sitename should be null");
2549 }
2550
2551 /* Now try invalid ones (wrong address types) */
2552
2553 addrs[0].size = 10;
2554 addrs[0].buffer[0] = AF_UNSPEC;
2555 addrs[1].size = 10;
2556 addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
2557 addrs[2].size = 10;
2558 addrs[2].buffer[0] = AF_UNIX;
2559
2560 addrs[3].size = 10;
2561 addrs[3].buffer[0] = 250;
2562 addrs[4].size = 10;
2563 addrs[4].buffer[0] = 251;
2564 addrs[5].size = 10;
2565 addrs[5].buffer[0] = 252;
2566
2567 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2568 torture_assert_ntstatus_ok(tctx, status, "failed");
2569 torture_assert_werr_ok(tctx, r.out.result, "failed");
2570
2571 for (i = 0; i < 6; i++) {
2572 torture_assert(tctx, ctr->sitename[i].string == NULL,
2573 "sitename should be null");
2574 }
2575
2576 return true;
2577 }
2578
2579 static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx,
2580 struct dcerpc_pipe *p)
2581 {
2582 char *url;
2583 struct ldb_context *sam_ctx = NULL;
2584 NTSTATUS status;
2585 struct netr_DsRAddressToSitenamesExW r;
2586 struct netr_DsRAddress addrs[6];
2587 struct sockaddr_in *addr;
2588 #ifdef HAVE_IPV6
2589 struct sockaddr_in6 *addr6;
2590 #endif
2591 struct netr_DsRAddressToSitenamesExWCtr *ctr;
2592 struct dcerpc_binding_handle *b = p->binding_handle;
2593 uint32_t i;
2594 int ret;
2595
2596 torture_comment(tctx, "This does pass with the default site\n");
2597
2598 /* We won't double-check this when we are over 'local' transports */
2599 if (dcerpc_server_name(p)) {
2600 /* Set up connection to SAMDB on DC */
2601 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2602 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2603 NULL,
2604 cmdline_credentials,
2605 0);
2606
2607 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2608 }
2609
2610 /* First try valid IP addresses */
2611
2612 addrs[0].size = sizeof(struct sockaddr_in);
2613 addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
2614 addr = (struct sockaddr_in *) addrs[0].buffer;
2615 addrs[0].buffer[0] = AF_INET;
2616 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2617 torture_assert(tctx, ret > 0, "inet_pton failed");
2618
2619 addrs[1].size = sizeof(struct sockaddr_in);
2620 addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
2621 addr = (struct sockaddr_in *) addrs[1].buffer;
2622 addrs[1].buffer[0] = AF_INET;
2623 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2624 torture_assert(tctx, ret > 0, "inet_pton failed");
2625
2626 addrs[2].size = sizeof(struct sockaddr_in);
2627 addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
2628 addr = (struct sockaddr_in *) addrs[2].buffer;
2629 addrs[2].buffer[0] = AF_INET;
2630 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2631 torture_assert(tctx, ret > 0, "inet_pton failed");
2632
2633 #ifdef HAVE_IPV6
2634 addrs[3].size = sizeof(struct sockaddr_in6);
2635 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2636 addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
2637 addrs[3].buffer[0] = AF_INET6;
2638 ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
2639 torture_assert(tctx, ret > 0, "inet_pton failed");
2640
2641 addrs[4].size = sizeof(struct sockaddr_in6);
2642 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2643 addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
2644 addrs[4].buffer[0] = AF_INET6;
2645 ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
2646 torture_assert(tctx, ret > 0, "inet_pton failed");
2647
2648 addrs[5].size = sizeof(struct sockaddr_in6);
2649 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2650 addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
2651 addrs[5].buffer[0] = AF_INET6;
2652 ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
2653 torture_assert(tctx, ret > 0, "inet_pton failed");
2654 #else
2655 /* the test cases are repeated to have exactly 6. This is for
2656 * compatibility with IPv4-only machines */
2657 addrs[3].size = sizeof(struct sockaddr_in);
2658 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2659 addr = (struct sockaddr_in *) addrs[3].buffer;
2660 addrs[3].buffer[0] = AF_INET;
2661 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2662 torture_assert(tctx, ret > 0, "inet_pton failed");
2663
2664 addrs[4].size = sizeof(struct sockaddr_in);
2665 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2666 addr = (struct sockaddr_in *) addrs[4].buffer;
2667 addrs[4].buffer[0] = AF_INET;
2668 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2669 torture_assert(tctx, ret > 0, "inet_pton failed");
2670
2671 addrs[5].size = sizeof(struct sockaddr_in);
2672 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2673 addr = (struct sockaddr_in *) addrs[5].buffer;
2674 addrs[5].buffer[0] = AF_INET;
2675 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2676 torture_assert(tctx, ret > 0, "inet_pton failed");
2677 #endif
2678
2679 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesExWCtr);
2680
2681 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2682 r.in.count = 6;
2683 r.in.addresses = addrs;
2684 r.out.ctr = &ctr;
2685
2686 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
2687 torture_assert_ntstatus_ok(tctx, status, "failed");
2688 torture_assert_werr_ok(tctx, r.out.result, "failed");
2689
2690 if (sam_ctx != NULL) {
2691 for (i = 0; i < 3; i++) {
2692 torture_assert_casestr_equal(tctx,
2693 ctr->sitename[i].string,
2694 samdb_server_site_name(sam_ctx, tctx),
2695 "didn't return default site");
2696 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2697 "subnet should be null");
2698 }
2699 for (i = 3; i < 6; i++) {
2700 /* Windows returns "NULL" for the sitename if it isn't
2701 * IPv6 configured */
2702 if (torture_setting_bool(tctx, "samba4", false)) {
2703 torture_assert_casestr_equal(tctx,
2704 ctr->sitename[i].string,
2705 samdb_server_site_name(sam_ctx, tctx),
2706 "didn't return default site");
2707 }
2708 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2709 "subnet should be null");
2710 }
2711 }
2712
2713 /* Now try invalid ones (too short buffers) */
2714
2715 addrs[0].size = 0;
2716 addrs[1].size = 1;
2717 addrs[2].size = 4;
2718
2719 addrs[3].size = 0;
2720 addrs[4].size = 1;
2721 addrs[5].size = 4;
2722
2723 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
2724 torture_assert_ntstatus_ok(tctx, status, "failed");
2725 torture_assert_werr_ok(tctx, r.out.result, "failed");
2726
2727 for (i = 0; i < 6; i++) {
2728 torture_assert(tctx, ctr->sitename[i].string == NULL,
2729 "sitename should be null");
2730 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2731 "subnet should be null");
2732 }
2733
2734 addrs[0].size = 10;
2735 addrs[0].buffer[0] = AF_UNSPEC;
2736 addrs[1].size = 10;
2737 addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
2738 addrs[2].size = 10;
2739 addrs[2].buffer[0] = AF_UNIX;
2740
2741 addrs[3].size = 10;
2742 addrs[3].buffer[0] = 250;
2743 addrs[4].size = 10;
2744 addrs[4].buffer[0] = 251;
2745 addrs[5].size = 10;
2746 addrs[5].buffer[0] = 252;
2747
2748 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
2749 torture_assert_ntstatus_ok(tctx, status, "failed");
2750 torture_assert_werr_ok(tctx, r.out.result, "failed");
2751
2752 for (i = 0; i < 6; i++) {
2753 torture_assert(tctx, ctr->sitename[i].string == NULL,
2754 "sitename should be null");
2755 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2756 "subnet should be null");
2757 }
2758
2759 return true;
2760 }
2761
2762 static bool test_netr_ServerGetTrustInfo(struct torture_context *tctx,
2763 struct dcerpc_pipe *p,
2764 struct cli_credentials *machine_credentials)
2765 {
2766 struct netr_ServerGetTrustInfo r;
2767
2768 struct netr_Authenticator a;
2769 struct netr_Authenticator return_authenticator;
2770 struct samr_Password new_owf_password;
2771 struct samr_Password old_owf_password;
2772 struct netr_TrustInfo *trust_info;
2773
2774 struct netlogon_creds_CredentialState *creds;
2775 struct dcerpc_binding_handle *b = p->binding_handle;
2776
2777 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2778 machine_credentials, &creds)) {
2779 return false;
2780 }
2781
2782 netlogon_creds_client_authenticator(creds, &a);
2783
2784 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2785 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
2786 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
2787 r.in.computer_name = TEST_MACHINE_NAME;
2788 r.in.credential = &a;
2789
2790 r.out.return_authenticator = &return_authenticator;
2791 r.out.new_owf_password = &new_owf_password;
2792 r.out.old_owf_password = &old_owf_password;
2793 r.out.trust_info = &trust_info;
2794
2795 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerGetTrustInfo_r(b, tctx, &r),
2796 "ServerGetTrustInfo failed");
2797 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerGetTrustInfo failed");
2798 torture_assert(tctx, netlogon_creds_client_check(creds, &return_authenticator.cred), "Credential chaining failed");
2799
2800 return true;
2801 }
2802
2803
2804 static bool test_GetDomainInfo(struct torture_context *tctx,
2805 struct dcerpc_pipe *p,
2806 struct cli_credentials *machine_credentials)
2807 {
2808 struct netr_LogonGetDomainInfo r;
2809 struct netr_WorkstationInformation q1;
2810 struct netr_Authenticator a;
2811 struct netlogon_creds_CredentialState *creds;
2812 struct netr_OsVersion os;
2813 union netr_WorkstationInfo query;
2814 union netr_DomainInfo info;
2815 const char* const attrs[] = { "dNSHostName", "operatingSystem",
2816 "operatingSystemServicePack", "operatingSystemVersion",
2817 "servicePrincipalName", NULL };
2818 char *url;
2819 struct ldb_context *sam_ctx = NULL;
2820 struct ldb_message **res;
2821 struct ldb_message_element *spn_el;
2822 int ret, i;
2823 char *version_str;
2824 const char *old_dnsname = NULL;
2825 char **spns = NULL;
2826 int num_spns = 0;
2827 char *temp_str;
2828 struct dcerpc_binding_handle *b = p->binding_handle;
2829
2830 torture_comment(tctx, "Testing netr_LogonGetDomainInfo\n");
2831
2832 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2833 machine_credentials, &creds)) {
2834 return false;
2835 }
2836
2837 /* We won't double-check this when we are over 'local' transports */
2838 if (dcerpc_server_name(p)) {
2839 /* Set up connection to SAMDB on DC */
2840 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2841 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2842 NULL,
2843 cmdline_credentials,
2844 0);
2845
2846 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2847 }
2848
2849 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 1st call (no variation of DNS hostname)\n");
2850 netlogon_creds_client_authenticator(creds, &a);
2851
2852 ZERO_STRUCT(r);
2853 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2854 r.in.computer_name = TEST_MACHINE_NAME;
2855 r.in.credential = &a;
2856 r.in.level = 1;
2857 r.in.return_authenticator = &a;
2858 r.in.query = &query;
2859 r.out.return_authenticator = &a;
2860 r.out.info = &info;
2861
2862 ZERO_STRUCT(os);
2863 os.os.MajorVersion = 123;
2864 os.os.MinorVersion = 456;
2865 os.os.BuildNumber = 789;
2866 os.os.CSDVersion = "Service Pack 10";
2867 os.os.ServicePackMajor = 10;
2868 os.os.ServicePackMinor = 1;
2869 os.os.SuiteMask = NETR_VER_SUITE_SINGLEUSERTS;
2870 os.os.ProductType = NETR_VER_NT_SERVER;
2871 os.os.Reserved = 0;
2872
2873 version_str = talloc_asprintf(tctx, "%d.%d (%d)", os.os.MajorVersion,
2874 os.os.MinorVersion, os.os.BuildNumber);
2875
2876 ZERO_STRUCT(q1);
2877 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
2878 lpcfg_dnsdomain(tctx->lp_ctx));
2879 q1.sitename = "Default-First-Site-Name";
2880 q1.os_version.os = &os;
2881 q1.os_name.string = talloc_asprintf(tctx,
2882 "Tortured by Samba4 RPC-NETLOGON: %s",
2883 timestring(tctx, time(NULL)));
2884
2885 /* The workstation handles the "servicePrincipalName" and DNS hostname
2886 updates */
2887 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
2888
2889 query.workstation_info = &q1;
2890
2891 if (sam_ctx) {
2892 /* Gets back the old DNS hostname in AD */
2893 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
2894 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
2895 old_dnsname =
2896 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL);
2897
2898 /* Gets back the "servicePrincipalName"s in AD */
2899 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2900 if (spn_el != NULL) {
2901 for (i=0; i < spn_el->num_values; i++) {
2902 spns = talloc_realloc(tctx, spns, char *, i + 1);
2903 spns[i] = (char *) spn_el->values[i].data;
2904 }
2905 num_spns = i;
2906 }
2907 }
2908
2909 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
2910 "LogonGetDomainInfo failed");
2911 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
2912 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
2913
2914 smb_msleep(250);
2915
2916 if (sam_ctx) {
2917 /* AD workstation infos entry check */
2918 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
2919 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
2920 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
2921 torture_assert_str_equal(tctx,
2922 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
2923 q1.os_name.string, "'operatingSystem' wrong!");
2924 torture_assert_str_equal(tctx,
2925 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL),
2926 os.os.CSDVersion, "'operatingSystemServicePack' wrong!");
2927 torture_assert_str_equal(tctx,
2928 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL),
2929 version_str, "'operatingSystemVersion' wrong!");
2930
2931 if (old_dnsname != NULL) {
2932 /* If before a DNS hostname was set then it should remain
2933 the same in combination with the "servicePrincipalName"s.
2934 The DNS hostname should also be returned by our
2935 "LogonGetDomainInfo" call (in the domain info structure). */
2936
2937 torture_assert_str_equal(tctx,
2938 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
2939 old_dnsname, "'DNS hostname' was not set!");
2940
2941 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2942 torture_assert(tctx, ((spns != NULL) && (spn_el != NULL)),
2943 "'servicePrincipalName's not set!");
2944 torture_assert(tctx, spn_el->num_values == num_spns,
2945 "'servicePrincipalName's incorrect!");
2946 for (i=0; (i < spn_el->num_values) && (i < num_spns); i++)
2947 torture_assert_str_equal(tctx,
2948 (char *) spn_el->values[i].data,
2949 spns[i], "'servicePrincipalName's incorrect!");
2950
2951 torture_assert_str_equal(tctx,
2952 info.domain_info->dns_hostname.string,
2953 old_dnsname,
2954 "Out 'DNS hostname' doesn't match the old one!");
2955 } else {
2956 /* If no DNS hostname was set then also now none should be set,
2957 the "servicePrincipalName"s should remain empty and no DNS
2958 hostname should be returned by our "LogonGetDomainInfo"
2959 call (in the domain info structure). */
2960
2961 torture_assert(tctx,
2962 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL) == NULL,
2963 "'DNS hostname' was set!");
2964
2965 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2966 torture_assert(tctx, ((spns == NULL) && (spn_el == NULL)),
2967 "'servicePrincipalName's were set!");
2968
2969 torture_assert(tctx,
2970 info.domain_info->dns_hostname.string == NULL,
2971 "Out 'DNS host name' was set!");
2972 }
2973 }
2974
2975 /* Checks "workstation flags" */
2976 torture_assert(tctx,
2977 info.domain_info->workstation_flags
2978 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
2979 "Out 'workstation flags' don't match!");
2980
2981
2982 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 2nd call (variation of DNS hostname doesn't work)\n");
2983 netlogon_creds_client_authenticator(creds, &a);
2984
2985 /* Wipe out the osVersion, and prove which values still 'stick' */
2986 q1.os_version.os = NULL;
2987
2988 /* Change also the DNS hostname to test differences in behaviour */
2989 talloc_free(discard_const_p(char, q1.dns_hostname));
2990 q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
2991 lpcfg_dnsdomain(tctx->lp_ctx));
2992
2993 /* The workstation handles the "servicePrincipalName" and DNS hostname
2994 updates */
2995 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
2996
2997 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
2998 "LogonGetDomainInfo failed");
2999 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3000
3001 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3002
3003 smb_msleep(250);
3004
3005 if (sam_ctx) {
3006 /* AD workstation infos entry check */
3007 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3008 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3009 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
3010
3011 torture_assert_str_equal(tctx,
3012 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
3013 q1.os_name.string, "'operatingSystem' should stick!");
3014 torture_assert(tctx,
3015 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
3016 "'operatingSystemServicePack' shouldn't stick!");
3017 torture_assert(tctx,
3018 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
3019 "'operatingSystemVersion' shouldn't stick!");
3020
3021 /* The DNS host name shouldn't have been updated by the server */
3022
3023 torture_assert_str_equal(tctx,
3024 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
3025 old_dnsname, "'DNS host name' did change!");
3026
3027 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
3028 updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
3029 3.5.4.3.9 */
3030 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3031 torture_assert(tctx, spn_el != NULL,
3032 "There should exist 'servicePrincipalName's in AD!");
3033 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
3034 for (i=0; i < spn_el->num_values; i++)
3035 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3036 break;
3037 torture_assert(tctx, i != spn_el->num_values,
3038 "'servicePrincipalName' HOST/<Netbios name> not found!");
3039 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
3040 for (i=0; i < spn_el->num_values; i++)
3041 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3042 break;
3043 torture_assert(tctx, i != spn_el->num_values,
3044 "'servicePrincipalName' HOST/<FQDN name> not found!");
3045
3046 /* Check that the out DNS hostname was set properly */
3047 torture_assert_str_equal(tctx, info.domain_info->dns_hostname.string,
3048 old_dnsname, "Out 'DNS hostname' doesn't match the old one!");
3049 }
3050
3051 /* Checks "workstation flags" */
3052 torture_assert(tctx,
3053 info.domain_info->workstation_flags == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3054 "Out 'workstation flags' don't match!");
3055
3056
3057 /* Now try the same but the workstation flags set to 0 */
3058
3059 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 3rd call (variation of DNS hostname doesn't work)\n");
3060 netlogon_creds_client_authenticator(creds, &a);
3061
3062 /* Change also the DNS hostname to test differences in behaviour */
3063 talloc_free(discard_const_p(char, q1.dns_hostname));
3064 q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
3065 lpcfg_dnsdomain(tctx->lp_ctx));
3066
3067 /* Wipe out the osVersion, and prove which values still 'stick' */
3068 q1.os_version.os = NULL;
3069
3070 /* Let the DC handle the "servicePrincipalName" and DNS hostname
3071 updates */
3072 q1.workstation_flags = 0;
3073
3074 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3075 "LogonGetDomainInfo failed");
3076 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3077 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3078
3079 smb_msleep(250);
3080
3081 if (sam_ctx) {
3082 /* AD workstation infos entry check */
3083 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3084 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3085 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
3086
3087 torture_assert_str_equal(tctx,
3088 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
3089 q1.os_name.string, "'operatingSystem' should stick!");
3090 torture_assert(tctx,
3091 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
3092 "'operatingSystemServicePack' shouldn't stick!");
3093 torture_assert(tctx,
3094 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
3095 "'operatingSystemVersion' shouldn't stick!");
3096
3097 /* The DNS host name shouldn't have been updated by the server */
3098
3099 torture_assert_str_equal(tctx,
3100 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
3101 old_dnsname, "'DNS host name' did change!");
3102
3103 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
3104 updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
3105 3.5.4.3.9 */
3106 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3107 torture_assert(tctx, spn_el != NULL,
3108 "There should exist 'servicePrincipalName's in AD!");
3109 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
3110 for (i=0; i < spn_el->num_values; i++)
3111 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3112 break;
3113 torture_assert(tctx, i != spn_el->num_values,
3114 "'servicePrincipalName' HOST/<Netbios name> not found!");
3115 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
3116 for (i=0; i < spn_el->num_values; i++)
3117 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3118 break;
3119 torture_assert(tctx, i != spn_el->num_values,
3120 "'servicePrincipalName' HOST/<FQDN name> not found!");
3121
3122 /* Here the server gives us NULL as the out DNS hostname */
3123 torture_assert(tctx, info.domain_info->dns_hostname.string == NULL,
3124 "Out 'DNS hostname' should be NULL!");
3125 }
3126
3127 /* Checks "workstation flags" */
3128 torture_assert(tctx,
3129 info.domain_info->workstation_flags == 0,
3130 "Out 'workstation flags' don't match!");
3131
3132
3133 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 4th call (verification of DNS hostname and check for trusted domains)\n");
3134 netlogon_creds_client_authenticator(creds, &a);
3135
3136 /* Put the DNS hostname back */
3137 talloc_free(discard_const_p(char, q1.dns_hostname));
3138 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3139 lpcfg_dnsdomain(tctx->lp_ctx));
3140
3141 /* The workstation handles the "servicePrincipalName" and DNS hostname
3142 updates */
3143 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
3144
3145 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3146 "LogonGetDomainInfo failed");
3147 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3148 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3149
3150 smb_msleep(250);
3151
3152 /* Now the in/out DNS hostnames should be the same */
3153 torture_assert_str_equal(tctx,
3154 info.domain_info->dns_hostname.string,
3155 query.workstation_info->dns_hostname,
3156 "In/Out 'DNS hostnames' don't match!");
3157
3158 /* Checks "workstation flags" */
3159 torture_assert(tctx,
3160 info.domain_info->workstation_flags
3161 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3162 "Out 'workstation flags' don't match!");
3163
3164 /* Checks for trusted domains */
3165 torture_assert(tctx,
3166 (info.domain_info->trusted_domain_count != 0)
3167 && (info.domain_info->trusted_domains != NULL),
3168 "Trusted domains have been requested!");
3169
3170
3171 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 5th call (check for trusted domains)\n");
3172 netlogon_creds_client_authenticator(creds, &a);
3173
3174 /* The workstation handles the "servicePrincipalName" and DNS hostname
3175 updates and requests inbound trusts */
3176 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE
3177 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS;
3178
3179 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3180 "LogonGetDomainInfo failed");
3181 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3182 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3183
3184 smb_msleep(250);
3185
3186 /* Checks "workstation flags" */
3187 torture_assert(tctx,
3188 info.domain_info->workstation_flags
3189 == (NETR_WS_FLAG_HANDLES_SPN_UPDATE
3190 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS),
3191 "Out 'workstation flags' don't match!");
3192
3193 /* Checks for trusted domains */
3194 torture_assert(tctx,
3195 (info.domain_info->trusted_domain_count != 0)
3196 && (info.domain_info->trusted_domains != NULL),
3197 "Trusted domains have been requested!");
3198
3199
3200 if (!torture_setting_bool(tctx, "dangerous", false)) {
3201 torture_comment(tctx, "Not testing netr_LogonGetDomainInfo 6th call (no workstation info) - enable dangerous tests in order to do so\n");
3202 } else {
3203 /* Try a call without the workstation information structure */
3204
3205 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 6th call (no workstation info)\n");
3206 netlogon_creds_client_authenticator(creds, &a);
3207
3208 query.workstation_info = NULL;
3209
3210 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3211 "LogonGetDomainInfo failed");
3212 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3213 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3214 }
3215
3216 return true;
3217 }
3218
3219 static bool test_GetDomainInfo_async(struct torture_context *tctx,
3220 struct dcerpc_pipe *p,
3221 struct cli_credentials *machine_credentials)
3222 {
3223 NTSTATUS status;
3224 struct netr_LogonGetDomainInfo r;
3225 struct netr_WorkstationInformation q1;
3226 struct netr_Authenticator a;
3227 #define ASYNC_COUNT 100
3228 struct netlogon_creds_CredentialState *creds;
3229 struct netlogon_creds_CredentialState *creds_async[ASYNC_COUNT];
3230 struct tevent_req *req[ASYNC_COUNT];
3231 int i;
3232 union netr_WorkstationInfo query;
3233 union netr_DomainInfo info;
3234
3235 torture_comment(tctx, "Testing netr_LogonGetDomainInfo - async count %d\n", ASYNC_COUNT);
3236
3237 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
3238 machine_credentials, &creds)) {
3239 return false;
3240 }
3241
3242 ZERO_STRUCT(r);
3243 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
3244 r.in.computer_name = TEST_MACHINE_NAME;
3245 r.in.credential = &a;
3246 r.in.level = 1;
3247 r.in.return_authenticator = &a;
3248 r.in.query = &query;
3249 r.out.return_authenticator = &a;
3250 r.out.info = &info;
3251
3252 ZERO_STRUCT(q1);
3253 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3254 lpcfg_dnsdomain(tctx->lp_ctx));
3255 q1.sitename = "Default-First-Site-Name";
3256 q1.os_name.string = "UNIX/Linux or similar";
3257
3258 query.workstation_info = &q1;
3259
3260 for (i=0;i<ASYNC_COUNT;i++) {
3261 netlogon_creds_client_authenticator(creds, &a);
3262
3263 creds_async[i] = (struct netlogon_creds_CredentialState *)talloc_memdup(creds, creds, sizeof(*creds));
3264 req[i] = dcerpc_netr_LogonGetDomainInfo_r_send(tctx, tctx->ev, p->binding_handle, &r);
3265
3266 /* even with this flush per request a w2k3 server seems to
3267 clag with multiple outstanding requests. bleergh. */
3268 torture_assert_int_equal(tctx, event_loop_once(dcerpc_event_context(p)), 0,
3269 "event_loop_once failed");
3270 }
3271
3272 for (i=0;i<ASYNC_COUNT;i++) {
3273 torture_assert_int_equal(tctx, tevent_req_poll(req[i], tctx->ev), true,
3274 "tevent_req_poll() failed");
3275
3276 status = dcerpc_netr_LogonGetDomainInfo_r_recv(req[i], tctx);
3277
3278 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo_async");
3279 torture_assert_ntstatus_ok(tctx, r.out.result, "netr_LogonGetDomainInfo_async");
3280
3281 torture_assert(tctx, netlogon_creds_client_check(creds_async[i], &a.cred),
3282 "Credential chaining failed at async");
3283 }
3284
3285 torture_comment(tctx,
3286 "Testing netr_LogonGetDomainInfo - async count %d OK\n", ASYNC_COUNT);
3287
3288 return true;
3289 }
3290
3291 static bool test_ManyGetDCName(struct torture_context *tctx,
3292 struct dcerpc_pipe *p)
3293 {
3294 NTSTATUS status;
3295 struct dcerpc_pipe *p2;
3296 struct lsa_ObjectAttribute attr;
3297 struct lsa_QosInfo qos;
3298 struct lsa_OpenPolicy2 o;
3299 struct policy_handle lsa_handle;
3300 struct lsa_DomainList domains;
3301
3302 struct lsa_EnumTrustDom t;
3303 uint32_t resume_handle = 0;
3304 struct netr_GetAnyDCName d;
3305 const char *dcname = NULL;
3306 struct dcerpc_binding_handle *b = p->binding_handle;
3307 struct dcerpc_binding_handle *b2;
3308
3309 int i;
3310
3311 if (p->conn->transport.transport != NCACN_NP) {
3312 return true;
3313 }
3314
3315 torture_comment(tctx, "Torturing GetDCName\n");
3316
3317 status = dcerpc_secondary_connection(p, &p2, p->binding);
3318 torture_assert_ntstatus_ok(tctx, status, "Failed to create secondary connection");
3319
3320 status = dcerpc_bind_auth_none(p2, &ndr_table_lsarpc);
3321 torture_assert_ntstatus_ok(tctx, status, "Failed to create bind on secondary connection");
3322 b2 = p2->binding_handle;
3323
3324 qos.len = 0;
3325 qos.impersonation_level = 2;
3326 qos.context_mode = 1;
3327 qos.effective_only = 0;
3328
3329 attr.len = 0;
3330 attr.root_dir = NULL;
3331 attr.object_name = NULL;
3332 attr.attributes = 0;
3333 attr.sec_desc = NULL;
3334 attr.sec_qos = &qos;
3335
3336 o.in.system_name = "\\";
3337 o.in.attr = &attr;
3338 o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3339 o.out.handle = &lsa_handle;
3340
3341 torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenPolicy2_r(b2, tctx, &o),
3342 "OpenPolicy2 failed");
3343 torture_assert_ntstatus_ok(tctx, o.out.result, "OpenPolicy2 failed");
3344
3345 t.in.handle = &lsa_handle;
3346 t.in.resume_handle = &resume_handle;
3347 t.in.max_size = 1000;
3348 t.out.domains = &domains;
3349 t.out.resume_handle = &resume_handle;
3350
3351 torture_assert_ntstatus_ok(tctx, dcerpc_lsa_EnumTrustDom_r(b2, tctx, &t),
3352 "EnumTrustDom failed");
3353
3354 if ((!NT_STATUS_IS_OK(t.out.result) &&
3355 (!NT_STATUS_EQUAL(t.out.result, NT_STATUS_NO_MORE_ENTRIES))))
3356 torture_fail(tctx, "Could not list domains");
3357
3358 talloc_free(p2);
3359
3360 d.in.logon_server = talloc_asprintf(tctx, "\\\\%s",
3361 dcerpc_server_name(p));
3362 d.out.dcname = &dcname;
3363
3364 for (i=0; i<domains.count * 4; i++) {
3365 struct lsa_DomainInfo *info =
3366 &domains.domains[rand()%domains.count];
3367
3368 d.in.domainname = info->name.string;
3369
3370 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &d);
3371 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
3372
3373 torture_comment(tctx, "\tDC for domain %s is %s\n", info->name.string,
3374 dcname ? dcname : "unknown");
3375 }
3376
3377 return true;
3378 }
3379
3380 static bool test_SetPassword_with_flags(struct torture_context *tctx,
3381 struct dcerpc_pipe *p,
3382 struct cli_credentials *machine_credentials)
3383 {
3384 uint32_t flags[] = { 0, NETLOGON_NEG_STRONG_KEYS };
3385 struct netlogon_creds_CredentialState *creds;
3386 int i;
3387
3388 if (!test_SetupCredentials2(p, tctx, 0,
3389 machine_credentials,
3390 cli_credentials_get_secure_channel_type(machine_credentials),
3391 &creds)) {
3392 torture_skip(tctx, "DC does not support negotiation of 64bit session keys");
3393 }
3394
3395 for (i=0; i < ARRAY_SIZE(flags); i++) {
3396 torture_assert(tctx,
3397 test_SetPassword_flags(tctx, p, machine_credentials, flags[i]),
3398 talloc_asprintf(tctx, "failed to test SetPassword negotiating with 0x%08x flags", flags[i]));
3399 }
3400
3401 return true;
3402 }
3403
3404 struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx)
3405 {
3406 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON");
3407 struct torture_rpc_tcase *tcase;
3408 struct torture_test *test;
3409
3410 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3411 &ndr_table_netlogon, TEST_MACHINE_NAME);
3412
3413 torture_rpc_tcase_add_test(tcase, "LogonUasLogon", test_LogonUasLogon);
3414 torture_rpc_tcase_add_test(tcase, "LogonUasLogoff", test_LogonUasLogoff);
3415 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
3416 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
3417 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
3418 torture_rpc_tcase_add_test_creds(tcase, "GetPassword", test_GetPassword);
3419 torture_rpc_tcase_add_test_creds(tcase, "GetTrustPasswords", test_GetTrustPasswords);
3420 torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo", test_GetDomainInfo);
3421 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync", test_DatabaseSync);
3422 torture_rpc_tcase_add_test_creds(tcase, "DatabaseDeltas", test_DatabaseDeltas);
3423 torture_rpc_tcase_add_test_creds(tcase, "DatabaseRedo", test_DatabaseRedo);
3424 torture_rpc_tcase_add_test_creds(tcase, "AccountDeltas", test_AccountDeltas);
3425 torture_rpc_tcase_add_test_creds(tcase, "AccountSync", test_AccountSync);
3426 torture_rpc_tcase_add_test(tcase, "GetDcName", test_GetDcName);
3427 torture_rpc_tcase_add_test(tcase, "ManyGetDCName", test_ManyGetDCName);
3428 torture_rpc_tcase_add_test(tcase, "GetAnyDCName", test_GetAnyDCName);
3429 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync2", test_DatabaseSync2);
3430 torture_rpc_tcase_add_test(tcase, "DsrEnumerateDomainTrusts", test_DsrEnumerateDomainTrusts);
3431 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
3432 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomainsEx", test_netr_NetrEnumerateTrustedDomainsEx);
3433 test = torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo_async", test_GetDomainInfo_async);
3434 test->dangerous = true;
3435 torture_rpc_tcase_add_test(tcase, "DsRGetDCName", test_netr_DsRGetDCName);
3436 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx", test_netr_DsRGetDCNameEx);
3437 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx2", test_netr_DsRGetDCNameEx2);
3438 torture_rpc_tcase_add_test(tcase, "DsrGetDcSiteCoverageW", test_netr_DsrGetDcSiteCoverageW);
3439 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesW", test_netr_DsRAddressToSitenamesW);
3440 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesExW", test_netr_DsRAddressToSitenamesExW);
3441 torture_rpc_tcase_add_test_creds(tcase, "ServerGetTrustInfo", test_netr_ServerGetTrustInfo);
3442 torture_rpc_tcase_add_test_creds(tcase, "GetForestTrustInformation", test_netr_GetForestTrustInformation);
3443
3444 return suite;
3445 }
3446
3447 struct torture_suite *torture_rpc_netlogon_s3(TALLOC_CTX *mem_ctx)
3448 {
3449 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-S3");
3450 struct torture_rpc_tcase *tcase;
3451
3452 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3453 &ndr_table_netlogon, TEST_MACHINE_NAME);
3454
3455 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
3456 torture_rpc_tcase_add_test_creds(tcase, "SamLogon_NULL_domain", test_SamLogon_NULL_domain);
3457 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
3458 torture_rpc_tcase_add_test_creds(tcase, "SetPassword_with_flags", test_SetPassword_with_flags);
3459 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
3460 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
3461
3462 return suite;
3463 }
3464
3465 struct torture_suite *torture_rpc_netlogon_admin(TALLOC_CTX *mem_ctx)
3466 {
3467 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-ADMIN");
3468 struct torture_rpc_tcase *tcase;
3469
3470 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3471 &ndr_table_netlogon, TEST_MACHINE_NAME);
3472 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3473 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3474 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3475
3476 tcase = torture_suite_add_machine_workstation_rpc_iface_tcase(suite, "netlogon",
3477 &ndr_table_netlogon, TEST_MACHINE_NAME);
3478 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3479 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3480 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3481
3482 tcase = torture_suite_add_rpc_iface_tcase(suite, "netlogon",
3483 &ndr_table_netlogon);
3484 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3485 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3486 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3487
3488 return suite;
3489 }
WIP