search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4:torture/rpc/samsync.c: make use of dcerpc_binding_handle stubs
[Samba/gebeck_regimport.git] / source4 / torture / rpc / netlogon.c
blobb8d75f5edc82486b68d7850b2599d95f8493d838
1 /*
2 Unix SMB/CIFS implementation.
3
4 test suite for netlogon rpc operations
5
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003-2004
8 Copyright (C) Tim Potter 2003
9 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
10
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 */
24
25 #include "includes.h"
26 #include "lib/events/events.h"
27 #include "lib/cmdline/popt_common.h"
28 #include "torture/rpc/rpc.h"
29 #include "../lib/crypto/crypto.h"
30 #include "libcli/auth/libcli_auth.h"
31 #include "librpc/gen_ndr/ndr_netlogon_c.h"
32 #include "librpc/gen_ndr/ndr_lsa_c.h"
33 #include "param/param.h"
34 #include "libcli/security/security.h"
35 #include "lib/ldb/include/ldb.h"
36 #include "lib/util/util_ldb.h"
37 #include "lib/ldb_wrap.h"
38
39 #define TEST_MACHINE_NAME "torturetest"
40
41 static bool test_LogonUasLogon(struct torture_context *tctx,
42 struct dcerpc_pipe *p)
43 {
44 NTSTATUS status;
45 struct netr_LogonUasLogon r;
46 struct netr_UasInfo *info = NULL;
47 struct dcerpc_binding_handle *b = p->binding_handle;
48
49 r.in.server_name = NULL;
50 r.in.account_name = cli_credentials_get_username(cmdline_credentials);
51 r.in.workstation = TEST_MACHINE_NAME;
52 r.out.info = &info;
53
54 status = dcerpc_netr_LogonUasLogon_r(b, tctx, &r);
55 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogon");
56
57 return true;
58 }
59
60 static bool test_LogonUasLogoff(struct torture_context *tctx,
61 struct dcerpc_pipe *p)
62 {
63 NTSTATUS status;
64 struct netr_LogonUasLogoff r;
65 struct netr_UasLogoffInfo info;
66 struct dcerpc_binding_handle *b = p->binding_handle;
67
68 r.in.server_name = NULL;
69 r.in.account_name = cli_credentials_get_username(cmdline_credentials);
70 r.in.workstation = TEST_MACHINE_NAME;
71 r.out.info = &info;
72
73 status = dcerpc_netr_LogonUasLogoff_r(b, tctx, &r);
74 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogoff");
75
76 return true;
77 }
78
79 bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context *tctx,
80 struct cli_credentials *credentials,
81 struct netlogon_creds_CredentialState **creds_out)
82 {
83 NTSTATUS status;
84 struct netr_ServerReqChallenge r;
85 struct netr_ServerAuthenticate a;
86 struct netr_Credential credentials1, credentials2, credentials3;
87 struct netlogon_creds_CredentialState *creds;
88 const struct samr_Password *mach_password;
89 const char *machine_name;
90 struct dcerpc_binding_handle *b = p->binding_handle;
91
92 mach_password = cli_credentials_get_nt_hash(credentials, tctx);
93 machine_name = cli_credentials_get_workstation(credentials);
94
95 torture_comment(tctx, "Testing ServerReqChallenge\n");
96
97 r.in.server_name = NULL;
98 r.in.computer_name = machine_name;
99 r.in.credentials = &credentials1;
100 r.out.return_credentials = &credentials2;
101
102 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
103
104 status = dcerpc_netr_ServerReqChallenge_r(b, tctx, &r);
105 torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge");
106
107 a.in.server_name = NULL;
108 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
109 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(credentials);
110 a.in.computer_name = machine_name;
111 a.in.credentials = &credentials3;
112 a.out.return_credentials = &credentials3;
113
114 creds = netlogon_creds_client_init(tctx, a.in.account_name,
115 a.in.computer_name,
116 &credentials1, &credentials2,
117 mach_password, &credentials3,
118 0);
119 torture_assert(tctx, creds != NULL, "memory allocation");
120
121
122 torture_comment(tctx, "Testing ServerAuthenticate\n");
123
124 status = dcerpc_netr_ServerAuthenticate_r(b, tctx, &a);
125
126 /* This allows the tests to continue against the more fussy windows 2008 */
127 if (NT_STATUS_EQUAL(status, NT_STATUS_DOWNGRADE_DETECTED)) {
128 return test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
129 credentials,
130 cli_credentials_get_secure_channel_type(credentials),
131 creds_out);
132 }
133
134 torture_assert_ntstatus_ok(tctx, status, "ServerAuthenticate");
135
136 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
137 "Credential chaining failed");
138
139 *creds_out = creds;
140 return true;
141 }
142
143 bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx,
144 uint32_t negotiate_flags,
145 struct cli_credentials *machine_credentials,
146 int sec_chan_type,
147 struct netlogon_creds_CredentialState **creds_out)
148 {
149 NTSTATUS status;
150 struct netr_ServerReqChallenge r;
151 struct netr_ServerAuthenticate2 a;
152 struct netr_Credential credentials1, credentials2, credentials3;
153 struct netlogon_creds_CredentialState *creds;
154 const struct samr_Password *mach_password;
155 const char *machine_name;
156 struct dcerpc_binding_handle *b = p->binding_handle;
157
158 mach_password = cli_credentials_get_nt_hash(machine_credentials, tctx);
159 machine_name = cli_credentials_get_workstation(machine_credentials);
160
161 torture_comment(tctx, "Testing ServerReqChallenge\n");
162
163
164 r.in.server_name = NULL;
165 r.in.computer_name = machine_name;
166 r.in.credentials = &credentials1;
167 r.out.return_credentials = &credentials2;
168
169 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
170
171 status = dcerpc_netr_ServerReqChallenge_r(b, tctx, &r);
172 torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge");
173
174 a.in.server_name = NULL;
175 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
176 a.in.secure_channel_type = sec_chan_type;
177 a.in.computer_name = machine_name;
178 a.in.negotiate_flags = &negotiate_flags;
179 a.out.negotiate_flags = &negotiate_flags;
180 a.in.credentials = &credentials3;
181 a.out.return_credentials = &credentials3;
182
183 creds = netlogon_creds_client_init(tctx, a.in.account_name,
184 a.in.computer_name,
185 &credentials1, &credentials2,
186 mach_password, &credentials3,
187 negotiate_flags);
188
189 torture_assert(tctx, creds != NULL, "memory allocation");
190
191 torture_comment(tctx, "Testing ServerAuthenticate2\n");
192
193 status = dcerpc_netr_ServerAuthenticate2_r(b, tctx, &a);
194 torture_assert_ntstatus_ok(tctx, status, "ServerAuthenticate2");
195
196 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
197 "Credential chaining failed");
198
199 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
200
201 *creds_out = creds;
202 return true;
203 }
204
205
206 static bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx,
207 uint32_t negotiate_flags,
208 struct cli_credentials *machine_credentials,
209 struct netlogon_creds_CredentialState **creds_out)
210 {
211 NTSTATUS status;
212 struct netr_ServerReqChallenge r;
213 struct netr_ServerAuthenticate3 a;
214 struct netr_Credential credentials1, credentials2, credentials3;
215 struct netlogon_creds_CredentialState *creds;
216 struct samr_Password mach_password;
217 uint32_t rid;
218 const char *machine_name;
219 const char *plain_pass;
220 struct dcerpc_binding_handle *b = p->binding_handle;
221
222 machine_name = cli_credentials_get_workstation(machine_credentials);
223 plain_pass = cli_credentials_get_password(machine_credentials);
224
225 torture_comment(tctx, "Testing ServerReqChallenge\n");
226
227 r.in.server_name = NULL;
228 r.in.computer_name = machine_name;
229 r.in.credentials = &credentials1;
230 r.out.return_credentials = &credentials2;
231
232 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
233
234 status = dcerpc_netr_ServerReqChallenge_r(b, tctx, &r);
235 torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge");
236
237 E_md4hash(plain_pass, mach_password.hash);
238
239 a.in.server_name = NULL;
240 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
241 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
242 a.in.computer_name = machine_name;
243 a.in.negotiate_flags = &negotiate_flags;
244 a.in.credentials = &credentials3;
245 a.out.return_credentials = &credentials3;
246 a.out.negotiate_flags = &negotiate_flags;
247 a.out.rid = &rid;
248
249 creds = netlogon_creds_client_init(tctx, a.in.account_name,
250 a.in.computer_name,
251 &credentials1, &credentials2,
252 &mach_password, &credentials3,
253 negotiate_flags);
254
255 torture_assert(tctx, creds != NULL, "memory allocation");
256
257 torture_comment(tctx, "Testing ServerAuthenticate3\n");
258
259 status = dcerpc_netr_ServerAuthenticate3_r(b, tctx, &a);
260 torture_assert_ntstatus_ok(tctx, status, "ServerAuthenticate3");
261 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3), "Credential chaining failed");
262
263 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
264
265 /* Prove that requesting a challenge again won't break it */
266 status = dcerpc_netr_ServerReqChallenge_r(b, tctx, &r);
267 torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge");
268
269 *creds_out = creds;
270 return true;
271 }
272
273 /*
274 try a change password for our machine account
275 */
276 static bool test_SetPassword(struct torture_context *tctx,
277 struct dcerpc_pipe *p,
278 struct cli_credentials *machine_credentials)
279 {
280 NTSTATUS status;
281 struct netr_ServerPasswordSet r;
282 const char *password;
283 struct netlogon_creds_CredentialState *creds;
284 struct netr_Authenticator credential, return_authenticator;
285 struct samr_Password new_password;
286 struct dcerpc_binding_handle *b = p->binding_handle;
287
288 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
289 return false;
290 }
291
292 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
293 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
294 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
295 r.in.computer_name = TEST_MACHINE_NAME;
296 r.in.credential = &credential;
297 r.in.new_password = &new_password;
298 r.out.return_authenticator = &return_authenticator;
299
300 password = generate_random_password(tctx, 8, 255);
301 E_md4hash(password, new_password.hash);
302
303 netlogon_creds_des_encrypt(creds, &new_password);
304
305 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
306 torture_comment(tctx, "Changing machine account password to '%s'\n",
307 password);
308
309 netlogon_creds_client_authenticator(creds, &credential);
310
311 status = dcerpc_netr_ServerPasswordSet_r(b, tctx, &r);
312 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet");
313
314 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
315 torture_comment(tctx, "Credential chaining failed\n");
316 }
317
318 /* by changing the machine password twice we test the
319 credentials chaining fully, and we verify that the server
320 allows the password to be set to the same value twice in a
321 row (match win2k3) */
322 torture_comment(tctx,
323 "Testing a second ServerPasswordSet on machine account\n");
324 torture_comment(tctx,
325 "Changing machine account password to '%s' (same as previous run)\n", password);
326
327 netlogon_creds_client_authenticator(creds, &credential);
328
329 status = dcerpc_netr_ServerPasswordSet_r(b, tctx, &r);
330 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet (2)");
331
332 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
333 torture_comment(tctx, "Credential chaining failed\n");
334 }
335
336 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
337
338 torture_assert(tctx,
339 test_SetupCredentials(p, tctx, machine_credentials, &creds),
340 "ServerPasswordSet failed to actually change the password");
341
342 return true;
343 }
344
345 /*
346 try a change password for our machine account
347 */
348 static bool test_SetPassword_flags(struct torture_context *tctx,
349 struct dcerpc_pipe *p,
350 struct cli_credentials *machine_credentials,
351 uint32_t negotiate_flags)
352 {
353 NTSTATUS status;
354 struct netr_ServerPasswordSet r;
355 const char *password;
356 struct netlogon_creds_CredentialState *creds;
357 struct netr_Authenticator credential, return_authenticator;
358 struct samr_Password new_password;
359 struct dcerpc_binding_handle *b = p->binding_handle;
360
361 if (!test_SetupCredentials2(p, tctx, negotiate_flags,
362 machine_credentials,
363 cli_credentials_get_secure_channel_type(machine_credentials),
364 &creds)) {
365 return false;
366 }
367
368 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
369 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
370 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
371 r.in.computer_name = TEST_MACHINE_NAME;
372 r.in.credential = &credential;
373 r.in.new_password = &new_password;
374 r.out.return_authenticator = &return_authenticator;
375
376 password = generate_random_password(tctx, 8, 255);
377 E_md4hash(password, new_password.hash);
378
379 netlogon_creds_des_encrypt(creds, &new_password);
380
381 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
382 torture_comment(tctx, "Changing machine account password to '%s'\n",
383 password);
384
385 netlogon_creds_client_authenticator(creds, &credential);
386
387 status = dcerpc_netr_ServerPasswordSet_r(b, tctx, &r);
388 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet");
389
390 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
391 torture_comment(tctx, "Credential chaining failed\n");
392 }
393
394 /* by changing the machine password twice we test the
395 credentials chaining fully, and we verify that the server
396 allows the password to be set to the same value twice in a
397 row (match win2k3) */
398 torture_comment(tctx,
399 "Testing a second ServerPasswordSet on machine account\n");
400 torture_comment(tctx,
401 "Changing machine account password to '%s' (same as previous run)\n", password);
402
403 netlogon_creds_client_authenticator(creds, &credential);
404
405 status = dcerpc_netr_ServerPasswordSet_r(b, tctx, &r);
406 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet (2)");
407
408 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
409 torture_comment(tctx, "Credential chaining failed\n");
410 }
411
412 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
413
414 torture_assert(tctx,
415 test_SetupCredentials(p, tctx, machine_credentials, &creds),
416 "ServerPasswordSet failed to actually change the password");
417
418 return true;
419 }
420
421
422 /*
423 generate a random password for password change tests
424 */
425 static DATA_BLOB netlogon_very_rand_pass(TALLOC_CTX *mem_ctx, int len)
426 {
427 int i;
428 DATA_BLOB password = data_blob_talloc(mem_ctx, NULL, len * 2 /* number of unicode chars */);
429 generate_random_buffer(password.data, password.length);
430
431 for (i=0; i < len; i++) {
432 if (((uint16_t *)password.data)[i] == 0) {
433 ((uint16_t *)password.data)[i] = 1;
434 }
435 }
436
437 return password;
438 }
439
440 /*
441 try a change password for our machine account
442 */
443 static bool test_SetPassword2(struct torture_context *tctx,
444 struct dcerpc_pipe *p,
445 struct cli_credentials *machine_credentials)
446 {
447 NTSTATUS status;
448 struct netr_ServerPasswordSet2 r;
449 const char *password;
450 DATA_BLOB new_random_pass;
451 struct netlogon_creds_CredentialState *creds;
452 struct samr_CryptPassword password_buf;
453 struct samr_Password nt_hash;
454 struct netr_Authenticator credential, return_authenticator;
455 struct netr_CryptPassword new_password;
456 struct dcerpc_binding_handle *b = p->binding_handle;
457
458 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
459 return false;
460 }
461
462 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
463 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
464 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
465 r.in.computer_name = TEST_MACHINE_NAME;
466 r.in.credential = &credential;
467 r.in.new_password = &new_password;
468 r.out.return_authenticator = &return_authenticator;
469
470 password = generate_random_password(tctx, 8, 255);
471 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
472 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
473
474 memcpy(new_password.data, password_buf.data, 512);
475 new_password.length = IVAL(password_buf.data, 512);
476
477 torture_comment(tctx, "Testing ServerPasswordSet2 on machine account\n");
478 torture_comment(tctx, "Changing machine account password to '%s'\n", password);
479
480 netlogon_creds_client_authenticator(creds, &credential);
481
482 status = dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r);
483 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet2");
484
485 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
486 torture_comment(tctx, "Credential chaining failed\n");
487 }
488
489 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
490
491 if (!torture_setting_bool(tctx, "dangerous", false)) {
492 torture_comment(tctx,
493 "Not testing ability to set password to '', enable dangerous tests to perform this test\n");
494 } else {
495 /* by changing the machine password to ""
496 * we check if the server uses password restrictions
497 * for ServerPasswordSet2
498 * (win2k3 accepts "")
499 */
500 password = "";
501 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
502 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
503
504 memcpy(new_password.data, password_buf.data, 512);
505 new_password.length = IVAL(password_buf.data, 512);
506
507 torture_comment(tctx,
508 "Testing ServerPasswordSet2 on machine account\n");
509 torture_comment(tctx,
510 "Changing machine account password to '%s'\n", password);
511
512 netlogon_creds_client_authenticator(creds, &credential);
513
514 status = dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r);
515 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet2");
516
517 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
518 torture_comment(tctx, "Credential chaining failed\n");
519 }
520
521 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
522 }
523
524 torture_assert(tctx, test_SetupCredentials(p, tctx, machine_credentials, &creds),
525 "ServerPasswordSet failed to actually change the password");
526
527 /* now try a random password */
528 password = generate_random_password(tctx, 8, 255);
529 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
530 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
531
532 memcpy(new_password.data, password_buf.data, 512);
533 new_password.length = IVAL(password_buf.data, 512);
534
535 torture_comment(tctx, "Testing second ServerPasswordSet2 on machine account\n");
536 torture_comment(tctx, "Changing machine account password to '%s'\n", password);
537
538 netlogon_creds_client_authenticator(creds, &credential);
539
540 status = dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r);
541 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet2 (2)");
542
543 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
544 torture_comment(tctx, "Credential chaining failed\n");
545 }
546
547 /* by changing the machine password twice we test the
548 credentials chaining fully, and we verify that the server
549 allows the password to be set to the same value twice in a
550 row (match win2k3) */
551 torture_comment(tctx,
552 "Testing a second ServerPasswordSet2 on machine account\n");
553 torture_comment(tctx,
554 "Changing machine account password to '%s' (same as previous run)\n", password);
555
556 netlogon_creds_client_authenticator(creds, &credential);
557
558 status = dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r);
559 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet (3)");
560
561 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
562 torture_comment(tctx, "Credential chaining failed\n");
563 }
564
565 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
566
567 torture_assert (tctx,
568 test_SetupCredentials(p, tctx, machine_credentials, &creds),
569 "ServerPasswordSet failed to actually change the password");
570
571 new_random_pass = netlogon_very_rand_pass(tctx, 128);
572
573 /* now try a random stream of bytes for a password */
574 set_pw_in_buffer(password_buf.data, &new_random_pass);
575
576 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
577
578 memcpy(new_password.data, password_buf.data, 512);
579 new_password.length = IVAL(password_buf.data, 512);
580
581 torture_comment(tctx,
582 "Testing a third ServerPasswordSet2 on machine account, with a compleatly random password\n");
583
584 netlogon_creds_client_authenticator(creds, &credential);
585
586 status = dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r);
587 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet (3)");
588
589 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
590 torture_comment(tctx, "Credential chaining failed\n");
591 }
592
593 mdfour(nt_hash.hash, new_random_pass.data, new_random_pass.length);
594
595 cli_credentials_set_password(machine_credentials, NULL, CRED_UNINITIALISED);
596 cli_credentials_set_nt_hash(machine_credentials, &nt_hash, CRED_SPECIFIED);
597
598 torture_assert (tctx,
599 test_SetupCredentials(p, tctx, machine_credentials, &creds),
600 "ServerPasswordSet failed to actually change the password");
601
602 return true;
603 }
604
605 static bool test_GetPassword(struct torture_context *tctx,
606 struct dcerpc_pipe *p,
607 struct cli_credentials *machine_credentials)
608 {
609 struct netr_ServerPasswordGet r;
610 struct netlogon_creds_CredentialState *creds;
611 struct netr_Authenticator credential;
612 NTSTATUS status;
613 struct netr_Authenticator return_authenticator;
614 struct samr_Password password;
615 struct dcerpc_binding_handle *b = p->binding_handle;
616
617 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
618 return false;
619 }
620
621 netlogon_creds_client_authenticator(creds, &credential);
622
623 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
624 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
625 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
626 r.in.computer_name = TEST_MACHINE_NAME;
627 r.in.credential = &credential;
628 r.out.return_authenticator = &return_authenticator;
629 r.out.password = &password;
630
631 status = dcerpc_netr_ServerPasswordGet_r(b, tctx, &r);
632 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordGet");
633
634 return true;
635 }
636
637 static bool test_GetTrustPasswords(struct torture_context *tctx,
638 struct dcerpc_pipe *p,
639 struct cli_credentials *machine_credentials)
640 {
641 struct netr_ServerTrustPasswordsGet r;
642 struct netlogon_creds_CredentialState *creds;
643 struct netr_Authenticator credential;
644 NTSTATUS status;
645 struct netr_Authenticator return_authenticator;
646 struct samr_Password password, password2;
647 struct dcerpc_binding_handle *b = p->binding_handle;
648
649 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
650 return false;
651 }
652
653 netlogon_creds_client_authenticator(creds, &credential);
654
655 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
656 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
657 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
658 r.in.computer_name = TEST_MACHINE_NAME;
659 r.in.credential = &credential;
660 r.out.return_authenticator = &return_authenticator;
661 r.out.password = &password;
662 r.out.password2 = &password2;
663
664 status = dcerpc_netr_ServerTrustPasswordsGet_r(b, tctx, &r);
665 torture_assert_ntstatus_ok(tctx, status, "ServerTrustPasswordsGet");
666
667 return true;
668 }
669
670 /*
671 try a netlogon SamLogon
672 */
673 static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context *tctx,
674 struct cli_credentials *credentials,
675 struct netlogon_creds_CredentialState *creds,
676 bool null_domain)
677 {
678 NTSTATUS status;
679 struct netr_LogonSamLogon r;
680 struct netr_Authenticator auth, auth2;
681 union netr_LogonLevel logon;
682 union netr_Validation validation;
683 uint8_t authoritative;
684 struct netr_NetworkInfo ninfo;
685 DATA_BLOB names_blob, chal, lm_resp, nt_resp;
686 int i;
687 struct dcerpc_binding_handle *b = p->binding_handle;
688 int flags = CLI_CRED_NTLM_AUTH;
689 if (lp_client_lanman_auth(tctx->lp_ctx)) {
690 flags |= CLI_CRED_LANMAN_AUTH;
691 }
692
693 if (lp_client_ntlmv2_auth(tctx->lp_ctx)) {
694 flags |= CLI_CRED_NTLMv2_AUTH;
695 }
696
697 cli_credentials_get_ntlm_username_domain(cmdline_credentials, tctx,
698 &ninfo.identity_info.account_name.string,
699 &ninfo.identity_info.domain_name.string);
700
701 if (null_domain) {
702 ninfo.identity_info.domain_name.string = NULL;
703 }
704
705 generate_random_buffer(ninfo.challenge,
706 sizeof(ninfo.challenge));
707 chal = data_blob_const(ninfo.challenge,
708 sizeof(ninfo.challenge));
709
710 names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(credentials),
711 cli_credentials_get_domain(credentials));
712
713 status = cli_credentials_get_ntlm_response(cmdline_credentials, tctx,
714 &flags,
715 chal,
716 names_blob,
717 &lm_resp, &nt_resp,
718 NULL, NULL);
719 torture_assert_ntstatus_ok(tctx, status, "cli_credentials_get_ntlm_response failed");
720
721 ninfo.lm.data = lm_resp.data;
722 ninfo.lm.length = lm_resp.length;
723
724 ninfo.nt.data = nt_resp.data;
725 ninfo.nt.length = nt_resp.length;
726
727 ninfo.identity_info.parameter_control = 0;
728 ninfo.identity_info.logon_id_low = 0;
729 ninfo.identity_info.logon_id_high = 0;
730 ninfo.identity_info.workstation.string = cli_credentials_get_workstation(credentials);
731
732 logon.network = &ninfo;
733
734 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
735 r.in.computer_name = cli_credentials_get_workstation(credentials);
736 r.in.credential = &auth;
737 r.in.return_authenticator = &auth2;
738 r.in.logon_level = 2;
739 r.in.logon = &logon;
740 r.out.validation = &validation;
741 r.out.authoritative = &authoritative;
742
743 d_printf("Testing LogonSamLogon with name %s\n", ninfo.identity_info.account_name.string);
744
745 for (i=2;i<3;i++) {
746 ZERO_STRUCT(auth2);
747 netlogon_creds_client_authenticator(creds, &auth);
748
749 r.in.validation_level = i;
750
751 status = dcerpc_netr_LogonSamLogon_r(b, tctx, &r);
752 torture_assert_ntstatus_ok(tctx, status, "LogonSamLogon failed");
753
754 torture_assert(tctx, netlogon_creds_client_check(creds,
755 &r.out.return_authenticator->cred),
756 "Credential chaining failed");
757 }
758
759 r.in.credential = NULL;
760
761 for (i=2;i<=3;i++) {
762
763 r.in.validation_level = i;
764
765 torture_comment(tctx, "Testing SamLogon with validation level %d and a NULL credential\n", i);
766
767 status = dcerpc_netr_LogonSamLogon_r(b, tctx, &r);
768 torture_assert_ntstatus_equal(tctx, status, NT_STATUS_INVALID_PARAMETER,
769 "LogonSamLogon expected INVALID_PARAMETER");
770
771 }
772
773 return true;
774 }
775
776 bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
777 struct cli_credentials *credentials,
778 struct netlogon_creds_CredentialState *creds)
779 {
780 return test_netlogon_ops_args(p, tctx, credentials, creds, false);
781 }
782
783 /*
784 try a netlogon SamLogon
785 */
786 static bool test_SamLogon(struct torture_context *tctx,
787 struct dcerpc_pipe *p,
788 struct cli_credentials *credentials)
789 {
790 struct netlogon_creds_CredentialState *creds;
791
792 if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
793 return false;
794 }
795
796 return test_netlogon_ops(p, tctx, credentials, creds);
797 }
798
799 static bool test_SamLogon_NULL_domain(struct torture_context *tctx,
800 struct dcerpc_pipe *p,
801 struct cli_credentials *credentials)
802 {
803 struct netlogon_creds_CredentialState *creds;
804
805 if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
806 return false;
807 }
808
809 return test_netlogon_ops_args(p, tctx, credentials, creds, true);
810 }
811
812 /* we remember the sequence numbers so we can easily do a DatabaseDelta */
813 static uint64_t sequence_nums[3];
814
815 /*
816 try a netlogon DatabaseSync
817 */
818 static bool test_DatabaseSync(struct torture_context *tctx,
819 struct dcerpc_pipe *p,
820 struct cli_credentials *machine_credentials)
821 {
822 NTSTATUS status;
823 struct netr_DatabaseSync r;
824 struct netlogon_creds_CredentialState *creds;
825 const uint32_t database_ids[] = {SAM_DATABASE_DOMAIN, SAM_DATABASE_BUILTIN, SAM_DATABASE_PRIVS};
826 int i;
827 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
828 struct netr_Authenticator credential, return_authenticator;
829 struct dcerpc_binding_handle *b = p->binding_handle;
830
831 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
832 return false;
833 }
834
835 ZERO_STRUCT(return_authenticator);
836
837 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
838 r.in.computername = TEST_MACHINE_NAME;
839 r.in.preferredmaximumlength = (uint32_t)-1;
840 r.in.return_authenticator = &return_authenticator;
841 r.out.delta_enum_array = &delta_enum_array;
842 r.out.return_authenticator = &return_authenticator;
843
844 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
845
846 uint32_t sync_context = 0;
847
848 r.in.database_id = database_ids[i];
849 r.in.sync_context = &sync_context;
850 r.out.sync_context = &sync_context;
851
852 torture_comment(tctx, "Testing DatabaseSync of id %d\n", r.in.database_id);
853
854 do {
855 netlogon_creds_client_authenticator(creds, &credential);
856
857 r.in.credential = &credential;
858
859 status = dcerpc_netr_DatabaseSync_r(b, tctx, &r);
860 if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES))
861 break;
862
863 /* Native mode servers don't do this */
864 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
865 return true;
866 }
867 torture_assert_ntstatus_ok(tctx, status, "DatabaseSync");
868
869 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
870 torture_comment(tctx, "Credential chaining failed\n");
871 }
872
873 if (delta_enum_array &&
874 delta_enum_array->num_deltas > 0 &&
875 delta_enum_array->delta_enum[0].delta_type == NETR_DELTA_DOMAIN &&
876 delta_enum_array->delta_enum[0].delta_union.domain) {
877 sequence_nums[r.in.database_id] =
878 delta_enum_array->delta_enum[0].delta_union.domain->sequence_num;
879 torture_comment(tctx, "\tsequence_nums[%d]=%llu\n",
880 r.in.database_id,
881 (unsigned long long)sequence_nums[r.in.database_id]);
882 }
883 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
884 }
885
886 return true;
887 }
888
889
890 /*
891 try a netlogon DatabaseDeltas
892 */
893 static bool test_DatabaseDeltas(struct torture_context *tctx,
894 struct dcerpc_pipe *p,
895 struct cli_credentials *machine_credentials)
896 {
897 NTSTATUS status;
898 struct netr_DatabaseDeltas r;
899 struct netlogon_creds_CredentialState *creds;
900 struct netr_Authenticator credential;
901 struct netr_Authenticator return_authenticator;
902 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
903 const uint32_t database_ids[] = {0, 1, 2};
904 int i;
905 struct dcerpc_binding_handle *b = p->binding_handle;
906
907 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
908 return false;
909 }
910
911 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
912 r.in.computername = TEST_MACHINE_NAME;
913 r.in.preferredmaximumlength = (uint32_t)-1;
914 ZERO_STRUCT(r.in.return_authenticator);
915 r.out.return_authenticator = &return_authenticator;
916 r.out.delta_enum_array = &delta_enum_array;
917
918 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
919 r.in.database_id = database_ids[i];
920 r.in.sequence_num = &sequence_nums[r.in.database_id];
921
922 if (*r.in.sequence_num == 0) continue;
923
924 *r.in.sequence_num -= 1;
925
926 torture_comment(tctx, "Testing DatabaseDeltas of id %d at %llu\n",
927 r.in.database_id, (unsigned long long)*r.in.sequence_num);
928
929 do {
930 netlogon_creds_client_authenticator(creds, &credential);
931
932 status = dcerpc_netr_DatabaseDeltas_r(b, tctx, &r);
933 if (NT_STATUS_EQUAL(status,
934 NT_STATUS_SYNCHRONIZATION_REQUIRED)) {
935 torture_comment(tctx, "not considering %s to be an error\n",
936 nt_errstr(status));
937 return true;
938 }
939 if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES))
940 break;
941
942 torture_assert_ntstatus_ok(tctx, status, "DatabaseDeltas");
943
944 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
945 torture_comment(tctx, "Credential chaining failed\n");
946 }
947
948 (*r.in.sequence_num)++;
949 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
950 }
951
952 return true;
953 }
954
955 static bool test_DatabaseRedo(struct torture_context *tctx,
956 struct dcerpc_pipe *p,
957 struct cli_credentials *machine_credentials)
958 {
959 NTSTATUS status;
960 struct netr_DatabaseRedo r;
961 struct netlogon_creds_CredentialState *creds;
962 struct netr_Authenticator credential;
963 struct netr_Authenticator return_authenticator;
964 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
965 struct netr_ChangeLogEntry e;
966 struct dom_sid null_sid, *sid;
967 int i,d;
968 struct dcerpc_binding_handle *b = p->binding_handle;
969
970 ZERO_STRUCT(null_sid);
971
972 sid = dom_sid_parse_talloc(tctx, "S-1-5-21-1111111111-2222222222-333333333-500");
973
974 {
975
976 struct {
977 uint32_t rid;
978 uint16_t flags;
979 uint8_t db_index;
980 uint8_t delta_type;
981 struct dom_sid sid;
982 const char *name;
983 NTSTATUS expected_error;
984 uint32_t expected_num_results;
985 uint8_t expected_delta_type_1;
986 uint8_t expected_delta_type_2;
987 const char *comment;
988 } changes[] = {
989
990 /* SAM_DATABASE_DOMAIN */
991
992 {
993 .rid = 0,
994 .flags = 0,
995 .db_index = SAM_DATABASE_DOMAIN,
996 .delta_type = NETR_DELTA_MODIFY_COUNT,
997 .sid = null_sid,
998 .name = NULL,
999 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1000 .expected_num_results = 0,
1001 .comment = "NETR_DELTA_MODIFY_COUNT"
1002 },
1003 {
1004 .rid = 0,
1005 .flags = 0,
1006 .db_index = SAM_DATABASE_DOMAIN,
1007 .delta_type = 0,
1008 .sid = null_sid,
1009 .name = NULL,
1010 .expected_error = NT_STATUS_OK,
1011 .expected_num_results = 1,
1012 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1013 .comment = "NULL DELTA"
1014 },
1015 {
1016 .rid = 0,
1017 .flags = 0,
1018 .db_index = SAM_DATABASE_DOMAIN,
1019 .delta_type = NETR_DELTA_DOMAIN,
1020 .sid = null_sid,
1021 .name = NULL,
1022 .expected_error = NT_STATUS_OK,
1023 .expected_num_results = 1,
1024 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1025 .comment = "NETR_DELTA_DOMAIN"
1026 },
1027 {
1028 .rid = DOMAIN_RID_ADMINISTRATOR,
1029 .flags = 0,
1030 .db_index = SAM_DATABASE_DOMAIN,
1031 .delta_type = NETR_DELTA_USER,
1032 .sid = null_sid,
1033 .name = NULL,
1034 .expected_error = NT_STATUS_OK,
1035 .expected_num_results = 1,
1036 .expected_delta_type_1 = NETR_DELTA_USER,
1037 .comment = "NETR_DELTA_USER by rid 500"
1038 },
1039 {
1040 .rid = DOMAIN_RID_GUEST,
1041 .flags = 0,
1042 .db_index = SAM_DATABASE_DOMAIN,
1043 .delta_type = NETR_DELTA_USER,
1044 .sid = null_sid,
1045 .name = NULL,
1046 .expected_error = NT_STATUS_OK,
1047 .expected_num_results = 1,
1048 .expected_delta_type_1 = NETR_DELTA_USER,
1049 .comment = "NETR_DELTA_USER by rid 501"
1050 },
1051 {
1052 .rid = 0,
1053 .flags = NETR_CHANGELOG_SID_INCLUDED,
1054 .db_index = SAM_DATABASE_DOMAIN,
1055 .delta_type = NETR_DELTA_USER,
1056 .sid = *sid,
1057 .name = NULL,
1058 .expected_error = NT_STATUS_OK,
1059 .expected_num_results = 1,
1060 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1061 .comment = "NETR_DELTA_USER by sid and flags"
1062 },
1063 {
1064 .rid = 0,
1065 .flags = NETR_CHANGELOG_SID_INCLUDED,
1066 .db_index = SAM_DATABASE_DOMAIN,
1067 .delta_type = NETR_DELTA_USER,
1068 .sid = null_sid,
1069 .name = NULL,
1070 .expected_error = NT_STATUS_OK,
1071 .expected_num_results = 1,
1072 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1073 .comment = "NETR_DELTA_USER by null_sid and flags"
1074 },
1075 {
1076 .rid = 0,
1077 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1078 .db_index = SAM_DATABASE_DOMAIN,
1079 .delta_type = NETR_DELTA_USER,
1080 .sid = null_sid,
1081 .name = "administrator",
1082 .expected_error = NT_STATUS_OK,
1083 .expected_num_results = 1,
1084 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1085 .comment = "NETR_DELTA_USER by name 'administrator'"
1086 },
1087 {
1088 .rid = DOMAIN_RID_ADMINS,
1089 .flags = 0,
1090 .db_index = SAM_DATABASE_DOMAIN,
1091 .delta_type = NETR_DELTA_GROUP,
1092 .sid = null_sid,
1093 .name = NULL,
1094 .expected_error = NT_STATUS_OK,
1095 .expected_num_results = 2,
1096 .expected_delta_type_1 = NETR_DELTA_GROUP,
1097 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER,
1098 .comment = "NETR_DELTA_GROUP by rid 512"
1099 },
1100 {
1101 .rid = DOMAIN_RID_ADMINS,
1102 .flags = 0,
1103 .db_index = SAM_DATABASE_DOMAIN,
1104 .delta_type = NETR_DELTA_GROUP_MEMBER,
1105 .sid = null_sid,
1106 .name = NULL,
1107 .expected_error = NT_STATUS_OK,
1108 .expected_num_results = 2,
1109 .expected_delta_type_1 = NETR_DELTA_GROUP,
1110 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER,
1111 .comment = "NETR_DELTA_GROUP_MEMBER by rid 512"
1112 },
1113
1114
1115 /* SAM_DATABASE_BUILTIN */
1116
1117 {
1118 .rid = 0,
1119 .flags = 0,
1120 .db_index = SAM_DATABASE_BUILTIN,
1121 .delta_type = NETR_DELTA_MODIFY_COUNT,
1122 .sid = null_sid,
1123 .name = NULL,
1124 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1125 .expected_num_results = 0,
1126 .comment = "NETR_DELTA_MODIFY_COUNT"
1127 },
1128 {
1129 .rid = 0,
1130 .flags = 0,
1131 .db_index = SAM_DATABASE_BUILTIN,
1132 .delta_type = NETR_DELTA_DOMAIN,
1133 .sid = null_sid,
1134 .name = NULL,
1135 .expected_error = NT_STATUS_OK,
1136 .expected_num_results = 1,
1137 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1138 .comment = "NETR_DELTA_DOMAIN"
1139 },
1140 {
1141 .rid = DOMAIN_RID_ADMINISTRATOR,
1142 .flags = 0,
1143 .db_index = SAM_DATABASE_BUILTIN,
1144 .delta_type = NETR_DELTA_USER,
1145 .sid = null_sid,
1146 .name = NULL,
1147 .expected_error = NT_STATUS_OK,
1148 .expected_num_results = 1,
1149 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1150 .comment = "NETR_DELTA_USER by rid 500"
1151 },
1152 {
1153 .rid = 0,
1154 .flags = 0,
1155 .db_index = SAM_DATABASE_BUILTIN,
1156 .delta_type = NETR_DELTA_USER,
1157 .sid = null_sid,
1158 .name = NULL,
1159 .expected_error = NT_STATUS_OK,
1160 .expected_num_results = 1,
1161 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1162 .comment = "NETR_DELTA_USER"
1163 },
1164 {
1165 .rid = 544,
1166 .flags = 0,
1167 .db_index = SAM_DATABASE_BUILTIN,
1168 .delta_type = NETR_DELTA_ALIAS,
1169 .sid = null_sid,
1170 .name = NULL,
1171 .expected_error = NT_STATUS_OK,
1172 .expected_num_results = 2,
1173 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1174 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1175 .comment = "NETR_DELTA_ALIAS by rid 544"
1176 },
1177 {
1178 .rid = 544,
1179 .flags = 0,
1180 .db_index = SAM_DATABASE_BUILTIN,
1181 .delta_type = NETR_DELTA_ALIAS_MEMBER,
1182 .sid = null_sid,
1183 .name = NULL,
1184 .expected_error = NT_STATUS_OK,
1185 .expected_num_results = 2,
1186 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1187 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1188 .comment = "NETR_DELTA_ALIAS_MEMBER by rid 544"
1189 },
1190 {
1191 .rid = 544,
1192 .flags = 0,
1193 .db_index = SAM_DATABASE_BUILTIN,
1194 .delta_type = 0,
1195 .sid = null_sid,
1196 .name = NULL,
1197 .expected_error = NT_STATUS_OK,
1198 .expected_num_results = 1,
1199 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1200 .comment = "NULL DELTA by rid 544"
1201 },
1202 {
1203 .rid = 544,
1204 .flags = NETR_CHANGELOG_SID_INCLUDED,
1205 .db_index = SAM_DATABASE_BUILTIN,
1206 .delta_type = 0,
1207 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1208 .name = NULL,
1209 .expected_error = NT_STATUS_OK,
1210 .expected_num_results = 1,
1211 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1212 .comment = "NULL DELTA by rid 544 sid S-1-5-32-544 and flags"
1213 },
1214 {
1215 .rid = 544,
1216 .flags = NETR_CHANGELOG_SID_INCLUDED,
1217 .db_index = SAM_DATABASE_BUILTIN,
1218 .delta_type = NETR_DELTA_ALIAS,
1219 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1220 .name = NULL,
1221 .expected_error = NT_STATUS_OK,
1222 .expected_num_results = 2,
1223 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1224 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1225 .comment = "NETR_DELTA_ALIAS by rid 544 and sid S-1-5-32-544 and flags"
1226 },
1227 {
1228 .rid = 0,
1229 .flags = NETR_CHANGELOG_SID_INCLUDED,
1230 .db_index = SAM_DATABASE_BUILTIN,
1231 .delta_type = NETR_DELTA_ALIAS,
1232 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1233 .name = NULL,
1234 .expected_error = NT_STATUS_OK,
1235 .expected_num_results = 1,
1236 .expected_delta_type_1 = NETR_DELTA_DELETE_ALIAS,
1237 .comment = "NETR_DELTA_ALIAS by sid S-1-5-32-544 and flags"
1238 },
1239
1240 /* SAM_DATABASE_PRIVS */
1241
1242 {
1243 .rid = 0,
1244 .flags = 0,
1245 .db_index = SAM_DATABASE_PRIVS,
1246 .delta_type = 0,
1247 .sid = null_sid,
1248 .name = NULL,
1249 .expected_error = NT_STATUS_ACCESS_DENIED,
1250 .expected_num_results = 0,
1251 .comment = "NULL DELTA"
1252 },
1253 {
1254 .rid = 0,
1255 .flags = 0,
1256 .db_index = SAM_DATABASE_PRIVS,
1257 .delta_type = NETR_DELTA_MODIFY_COUNT,
1258 .sid = null_sid,
1259 .name = NULL,
1260 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1261 .expected_num_results = 0,
1262 .comment = "NETR_DELTA_MODIFY_COUNT"
1263 },
1264 {
1265 .rid = 0,
1266 .flags = 0,
1267 .db_index = SAM_DATABASE_PRIVS,
1268 .delta_type = NETR_DELTA_POLICY,
1269 .sid = null_sid,
1270 .name = NULL,
1271 .expected_error = NT_STATUS_OK,
1272 .expected_num_results = 1,
1273 .expected_delta_type_1 = NETR_DELTA_POLICY,
1274 .comment = "NETR_DELTA_POLICY"
1275 },
1276 {
1277 .rid = 0,
1278 .flags = NETR_CHANGELOG_SID_INCLUDED,
1279 .db_index = SAM_DATABASE_PRIVS,
1280 .delta_type = NETR_DELTA_POLICY,
1281 .sid = null_sid,
1282 .name = NULL,
1283 .expected_error = NT_STATUS_OK,
1284 .expected_num_results = 1,
1285 .expected_delta_type_1 = NETR_DELTA_POLICY,
1286 .comment = "NETR_DELTA_POLICY by null sid and flags"
1287 },
1288 {
1289 .rid = 0,
1290 .flags = NETR_CHANGELOG_SID_INCLUDED,
1291 .db_index = SAM_DATABASE_PRIVS,
1292 .delta_type = NETR_DELTA_POLICY,
1293 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32"),
1294 .name = NULL,
1295 .expected_error = NT_STATUS_OK,
1296 .expected_num_results = 1,
1297 .expected_delta_type_1 = NETR_DELTA_POLICY,
1298 .comment = "NETR_DELTA_POLICY by sid S-1-5-32 and flags"
1299 },
1300 {
1301 .rid = DOMAIN_RID_ADMINISTRATOR,
1302 .flags = 0,
1303 .db_index = SAM_DATABASE_PRIVS,
1304 .delta_type = NETR_DELTA_ACCOUNT,
1305 .sid = null_sid,
1306 .name = NULL,
1307 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED, /* strange */
1308 .expected_num_results = 0,
1309 .comment = "NETR_DELTA_ACCOUNT by rid 500"
1310 },
1311 {
1312 .rid = 0,
1313 .flags = NETR_CHANGELOG_SID_INCLUDED,
1314 .db_index = SAM_DATABASE_PRIVS,
1315 .delta_type = NETR_DELTA_ACCOUNT,
1316 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1317 .name = NULL,
1318 .expected_error = NT_STATUS_OK,
1319 .expected_num_results = 1,
1320 .expected_delta_type_1 = NETR_DELTA_ACCOUNT,
1321 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and flags"
1322 },
1323 {
1324 .rid = 0,
1325 .flags = NETR_CHANGELOG_SID_INCLUDED |
1326 NETR_CHANGELOG_IMMEDIATE_REPL_REQUIRED,
1327 .db_index = SAM_DATABASE_PRIVS,
1328 .delta_type = NETR_DELTA_ACCOUNT,
1329 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1330 .name = NULL,
1331 .expected_error = NT_STATUS_OK,
1332 .expected_num_results = 1,
1333 .expected_delta_type_1 = NETR_DELTA_ACCOUNT,
1334 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and 2 flags"
1335 },
1336 {
1337 .rid = 0,
1338 .flags = NETR_CHANGELOG_SID_INCLUDED |
1339 NETR_CHANGELOG_NAME_INCLUDED,
1340 .db_index = SAM_DATABASE_PRIVS,
1341 .delta_type = NETR_DELTA_ACCOUNT,
1342 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1343 .name = NULL,
1344 .expected_error = NT_STATUS_INVALID_PARAMETER,
1345 .expected_num_results = 0,
1346 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and invalid flags"
1347 },
1348 {
1349 .rid = DOMAIN_RID_ADMINISTRATOR,
1350 .flags = NETR_CHANGELOG_SID_INCLUDED,
1351 .db_index = SAM_DATABASE_PRIVS,
1352 .delta_type = NETR_DELTA_ACCOUNT,
1353 .sid = *sid,
1354 .name = NULL,
1355 .expected_error = NT_STATUS_OK,
1356 .expected_num_results = 1,
1357 .expected_delta_type_1 = NETR_DELTA_DELETE_ACCOUNT,
1358 .comment = "NETR_DELTA_ACCOUNT by rid 500, sid and flags"
1359 },
1360 {
1361 .rid = 0,
1362 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1363 .db_index = SAM_DATABASE_PRIVS,
1364 .delta_type = NETR_DELTA_SECRET,
1365 .sid = null_sid,
1366 .name = "IsurelydontexistIhope",
1367 .expected_error = NT_STATUS_OK,
1368 .expected_num_results = 1,
1369 .expected_delta_type_1 = NETR_DELTA_DELETE_SECRET,
1370 .comment = "NETR_DELTA_SECRET by name 'IsurelydontexistIhope' and flags"
1371 },
1372 {
1373 .rid = 0,
1374 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1375 .db_index = SAM_DATABASE_PRIVS,
1376 .delta_type = NETR_DELTA_SECRET,
1377 .sid = null_sid,
1378 .name = "G$BCKUPKEY_P",
1379 .expected_error = NT_STATUS_OK,
1380 .expected_num_results = 1,
1381 .expected_delta_type_1 = NETR_DELTA_SECRET,
1382 .comment = "NETR_DELTA_SECRET by name 'G$BCKUPKEY_P' and flags"
1383 }
1384 };
1385
1386 ZERO_STRUCT(return_authenticator);
1387
1388 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1389 r.in.computername = TEST_MACHINE_NAME;
1390 r.in.return_authenticator = &return_authenticator;
1391 r.out.return_authenticator = &return_authenticator;
1392 r.out.delta_enum_array = &delta_enum_array;
1393
1394 for (d=0; d<3; d++) {
1395 const char *database = NULL;
1396
1397 switch (d) {
1398 case 0:
1399 database = "SAM";
1400 break;
1401 case 1:
1402 database = "BUILTIN";
1403 break;
1404 case 2:
1405 database = "LSA";
1406 break;
1407 default:
1408 break;
1409 }
1410
1411 torture_comment(tctx, "Testing DatabaseRedo\n");
1412
1413 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1414 return false;
1415 }
1416
1417 for (i=0;i<ARRAY_SIZE(changes);i++) {
1418
1419 if (d != changes[i].db_index) {
1420 continue;
1421 }
1422
1423 netlogon_creds_client_authenticator(creds, &credential);
1424
1425 r.in.credential = &credential;
1426
1427 e.serial_number1 = 0;
1428 e.serial_number2 = 0;
1429 e.object_rid = changes[i].rid;
1430 e.flags = changes[i].flags;
1431 e.db_index = changes[i].db_index;
1432 e.delta_type = changes[i].delta_type;
1433
1434 switch (changes[i].flags & (NETR_CHANGELOG_NAME_INCLUDED | NETR_CHANGELOG_SID_INCLUDED)) {
1435 case NETR_CHANGELOG_SID_INCLUDED:
1436 e.object.object_sid = changes[i].sid;
1437 break;
1438 case NETR_CHANGELOG_NAME_INCLUDED:
1439 e.object.object_name = changes[i].name;
1440 break;
1441 default:
1442 break;
1443 }
1444
1445 r.in.change_log_entry = e;
1446
1447 torture_comment(tctx, "Testing DatabaseRedo with database %s and %s\n",
1448 database, changes[i].comment);
1449
1450 status = dcerpc_netr_DatabaseRedo_r(b, tctx, &r);
1451 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
1452 return true;
1453 }
1454
1455 torture_assert_ntstatus_equal(tctx, status, changes[i].expected_error, changes[i].comment);
1456 if (delta_enum_array) {
1457 torture_assert_int_equal(tctx,
1458 delta_enum_array->num_deltas,
1459 changes[i].expected_num_results,
1460 changes[i].comment);
1461 if (delta_enum_array->num_deltas > 0) {
1462 torture_assert_int_equal(tctx,
1463 delta_enum_array->delta_enum[0].delta_type,
1464 changes[i].expected_delta_type_1,
1465 changes[i].comment);
1466 }
1467 if (delta_enum_array->num_deltas > 1) {
1468 torture_assert_int_equal(tctx,
1469 delta_enum_array->delta_enum[1].delta_type,
1470 changes[i].expected_delta_type_2,
1471 changes[i].comment);
1472 }
1473 }
1474
1475 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
1476 torture_comment(tctx, "Credential chaining failed\n");
1477 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1478 return false;
1479 }
1480 }
1481 }
1482 }
1483 }
1484
1485 return true;
1486 }
1487
1488 /*
1489 try a netlogon AccountDeltas
1490 */
1491 static bool test_AccountDeltas(struct torture_context *tctx,
1492 struct dcerpc_pipe *p,
1493 struct cli_credentials *machine_credentials)
1494 {
1495 NTSTATUS status;
1496 struct netr_AccountDeltas r;
1497 struct netlogon_creds_CredentialState *creds;
1498
1499 struct netr_AccountBuffer buffer;
1500 uint32_t count_returned = 0;
1501 uint32_t total_entries = 0;
1502 struct netr_UAS_INFO_0 recordid;
1503 struct netr_Authenticator return_authenticator;
1504 struct dcerpc_binding_handle *b = p->binding_handle;
1505
1506 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1507 return false;
1508 }
1509
1510 ZERO_STRUCT(return_authenticator);
1511
1512 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1513 r.in.computername = TEST_MACHINE_NAME;
1514 r.in.return_authenticator = &return_authenticator;
1515 netlogon_creds_client_authenticator(creds, &r.in.credential);
1516 ZERO_STRUCT(r.in.uas);
1517 r.in.count=10;
1518 r.in.level=0;
1519 r.in.buffersize=100;
1520 r.out.buffer = &buffer;
1521 r.out.count_returned = &count_returned;
1522 r.out.total_entries = &total_entries;
1523 r.out.recordid = &recordid;
1524 r.out.return_authenticator = &return_authenticator;
1525
1526 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1527 status = dcerpc_netr_AccountDeltas_r(b, tctx, &r);
1528 torture_assert_ntstatus_equal(tctx, status, NT_STATUS_NOT_IMPLEMENTED, "AccountDeltas");
1529
1530 return true;
1531 }
1532
1533 /*
1534 try a netlogon AccountSync
1535 */
1536 static bool test_AccountSync(struct torture_context *tctx, struct dcerpc_pipe *p,
1537 struct cli_credentials *machine_credentials)
1538 {
1539 NTSTATUS status;
1540 struct netr_AccountSync r;
1541 struct netlogon_creds_CredentialState *creds;
1542
1543 struct netr_AccountBuffer buffer;
1544 uint32_t count_returned = 0;
1545 uint32_t total_entries = 0;
1546 uint32_t next_reference = 0;
1547 struct netr_UAS_INFO_0 recordid;
1548 struct netr_Authenticator return_authenticator;
1549 struct dcerpc_binding_handle *b = p->binding_handle;
1550
1551 ZERO_STRUCT(recordid);
1552 ZERO_STRUCT(return_authenticator);
1553
1554 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1555 return false;
1556 }
1557
1558 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1559 r.in.computername = TEST_MACHINE_NAME;
1560 r.in.return_authenticator = &return_authenticator;
1561 netlogon_creds_client_authenticator(creds, &r.in.credential);
1562 r.in.recordid = &recordid;
1563 r.in.reference=0;
1564 r.in.level=0;
1565 r.in.buffersize=100;
1566 r.out.buffer = &buffer;
1567 r.out.count_returned = &count_returned;
1568 r.out.total_entries = &total_entries;
1569 r.out.next_reference = &next_reference;
1570 r.out.recordid = &recordid;
1571 r.out.return_authenticator = &return_authenticator;
1572
1573 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1574 status = dcerpc_netr_AccountSync_r(b, tctx, &r);
1575 torture_assert_ntstatus_equal(tctx, status, NT_STATUS_NOT_IMPLEMENTED, "AccountSync");
1576
1577 return true;
1578 }
1579
1580 /*
1581 try a netlogon GetDcName
1582 */
1583 static bool test_GetDcName(struct torture_context *tctx,
1584 struct dcerpc_pipe *p)
1585 {
1586 NTSTATUS status;
1587 struct netr_GetDcName r;
1588 const char *dcname = NULL;
1589 struct dcerpc_binding_handle *b = p->binding_handle;
1590
1591 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1592 r.in.domainname = lp_workgroup(tctx->lp_ctx);
1593 r.out.dcname = &dcname;
1594
1595 status = dcerpc_netr_GetDcName_r(b, tctx, &r);
1596 torture_assert_ntstatus_ok(tctx, status, "GetDcName");
1597 torture_assert_werr_ok(tctx, r.out.result, "GetDcName");
1598
1599 torture_comment(tctx, "\tDC is at '%s'\n", dcname);
1600
1601 return true;
1602 }
1603
1604 static const char *function_code_str(TALLOC_CTX *mem_ctx,
1605 enum netr_LogonControlCode function_code)
1606 {
1607 switch (function_code) {
1608 case NETLOGON_CONTROL_QUERY:
1609 return "NETLOGON_CONTROL_QUERY";
1610 case NETLOGON_CONTROL_REPLICATE:
1611 return "NETLOGON_CONTROL_REPLICATE";
1612 case NETLOGON_CONTROL_SYNCHRONIZE:
1613 return "NETLOGON_CONTROL_SYNCHRONIZE";
1614 case NETLOGON_CONTROL_PDC_REPLICATE:
1615 return "NETLOGON_CONTROL_PDC_REPLICATE";
1616 case NETLOGON_CONTROL_REDISCOVER:
1617 return "NETLOGON_CONTROL_REDISCOVER";
1618 case NETLOGON_CONTROL_TC_QUERY:
1619 return "NETLOGON_CONTROL_TC_QUERY";
1620 case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1621 return "NETLOGON_CONTROL_TRANSPORT_NOTIFY";
1622 case NETLOGON_CONTROL_FIND_USER:
1623 return "NETLOGON_CONTROL_FIND_USER";
1624 case NETLOGON_CONTROL_CHANGE_PASSWORD:
1625 return "NETLOGON_CONTROL_CHANGE_PASSWORD";
1626 case NETLOGON_CONTROL_TC_VERIFY:
1627 return "NETLOGON_CONTROL_TC_VERIFY";
1628 case NETLOGON_CONTROL_FORCE_DNS_REG:
1629 return "NETLOGON_CONTROL_FORCE_DNS_REG";
1630 case NETLOGON_CONTROL_QUERY_DNS_REG:
1631 return "NETLOGON_CONTROL_QUERY_DNS_REG";
1632 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1633 return "NETLOGON_CONTROL_BACKUP_CHANGE_LOG";
1634 case NETLOGON_CONTROL_TRUNCATE_LOG:
1635 return "NETLOGON_CONTROL_TRUNCATE_LOG";
1636 case NETLOGON_CONTROL_SET_DBFLAG:
1637 return "NETLOGON_CONTROL_SET_DBFLAG";
1638 case NETLOGON_CONTROL_BREAKPOINT:
1639 return "NETLOGON_CONTROL_BREAKPOINT";
1640 default:
1641 return talloc_asprintf(mem_ctx, "unknown function code: %d",
1642 function_code);
1643 }
1644 }
1645
1646
1647 /*
1648 try a netlogon LogonControl
1649 */
1650 static bool test_LogonControl(struct torture_context *tctx,
1651 struct dcerpc_pipe *p,
1652 struct cli_credentials *machine_credentials)
1653
1654 {
1655 NTSTATUS status;
1656 struct netr_LogonControl r;
1657 union netr_CONTROL_QUERY_INFORMATION query;
1658 int i,f;
1659 enum netr_SchannelType secure_channel_type = SEC_CHAN_NULL;
1660 struct dcerpc_binding_handle *b = p->binding_handle;
1661
1662 uint32_t function_codes[] = {
1663 NETLOGON_CONTROL_QUERY,
1664 NETLOGON_CONTROL_REPLICATE,
1665 NETLOGON_CONTROL_SYNCHRONIZE,
1666 NETLOGON_CONTROL_PDC_REPLICATE,
1667 NETLOGON_CONTROL_REDISCOVER,
1668 NETLOGON_CONTROL_TC_QUERY,
1669 NETLOGON_CONTROL_TRANSPORT_NOTIFY,
1670 NETLOGON_CONTROL_FIND_USER,
1671 NETLOGON_CONTROL_CHANGE_PASSWORD,
1672 NETLOGON_CONTROL_TC_VERIFY,
1673 NETLOGON_CONTROL_FORCE_DNS_REG,
1674 NETLOGON_CONTROL_QUERY_DNS_REG,
1675 NETLOGON_CONTROL_BACKUP_CHANGE_LOG,
1676 NETLOGON_CONTROL_TRUNCATE_LOG,
1677 NETLOGON_CONTROL_SET_DBFLAG,
1678 NETLOGON_CONTROL_BREAKPOINT
1679 };
1680
1681 if (machine_credentials) {
1682 secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
1683 }
1684
1685 torture_comment(tctx, "testing LogonControl with secure channel type: %d\n",
1686 secure_channel_type);
1687
1688 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1689 r.in.function_code = 1;
1690 r.out.query = &query;
1691
1692 for (f=0;f<ARRAY_SIZE(function_codes); f++) {
1693 for (i=1;i<5;i++) {
1694
1695 r.in.function_code = function_codes[f];
1696 r.in.level = i;
1697
1698 torture_comment(tctx, "Testing LogonControl function code %s (%d) level %d\n",
1699 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
1700
1701 status = dcerpc_netr_LogonControl_r(b, tctx, &r);
1702 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1703
1704 switch (r.in.level) {
1705 case 1:
1706 switch (r.in.function_code) {
1707 case NETLOGON_CONTROL_REPLICATE:
1708 case NETLOGON_CONTROL_SYNCHRONIZE:
1709 case NETLOGON_CONTROL_PDC_REPLICATE:
1710 case NETLOGON_CONTROL_BREAKPOINT:
1711 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1712 if ((secure_channel_type == SEC_CHAN_BDC) ||
1713 (secure_channel_type == SEC_CHAN_WKSTA)) {
1714 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1715 "LogonControl returned unexpected error code");
1716 } else {
1717 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1718 "LogonControl returned unexpected error code");
1719 }
1720 break;
1721
1722 case NETLOGON_CONTROL_REDISCOVER:
1723 case NETLOGON_CONTROL_TC_QUERY:
1724 case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1725 case NETLOGON_CONTROL_FIND_USER:
1726 case NETLOGON_CONTROL_CHANGE_PASSWORD:
1727 case NETLOGON_CONTROL_TC_VERIFY:
1728 case NETLOGON_CONTROL_FORCE_DNS_REG:
1729 case NETLOGON_CONTROL_QUERY_DNS_REG:
1730 case NETLOGON_CONTROL_SET_DBFLAG:
1731 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1732 "LogonControl returned unexpected error code");
1733 break;
1734 case NETLOGON_CONTROL_TRUNCATE_LOG:
1735 if ((secure_channel_type == SEC_CHAN_BDC) ||
1736 (secure_channel_type == SEC_CHAN_WKSTA)) {
1737 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1738 "LogonControl returned unexpected error code");
1739 } else {
1740 torture_assert_werr_ok(tctx, r.out.result,
1741 "LogonControl returned unexpected result");
1742 }
1743 break;
1744 default:
1745 torture_assert_werr_ok(tctx, r.out.result,
1746 "LogonControl returned unexpected result");
1747 break;
1748 }
1749 break;
1750 case 2:
1751 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1752 "LogonControl returned unexpected error code");
1753 break;
1754 default:
1755 torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL,
1756 "LogonControl returned unexpected error code");
1757 break;
1758 }
1759 }
1760 }
1761
1762 return true;
1763 }
1764
1765
1766 /*
1767 try a netlogon GetAnyDCName
1768 */
1769 static bool test_GetAnyDCName(struct torture_context *tctx,
1770 struct dcerpc_pipe *p)
1771 {
1772 NTSTATUS status;
1773 struct netr_GetAnyDCName r;
1774 const char *dcname = NULL;
1775 struct dcerpc_binding_handle *b = p->binding_handle;
1776
1777 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1778 r.in.domainname = lp_workgroup(tctx->lp_ctx);
1779 r.out.dcname = &dcname;
1780
1781 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
1782 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1783 torture_assert_werr_ok(tctx, r.out.result, "GetAnyDCName");
1784
1785 if (dcname) {
1786 torture_comment(tctx, "\tDC is at '%s'\n", dcname);
1787 }
1788
1789 return true;
1790 }
1791
1792
1793 /*
1794 try a netlogon LogonControl2
1795 */
1796 static bool test_LogonControl2(struct torture_context *tctx,
1797 struct dcerpc_pipe *p,
1798 struct cli_credentials *machine_credentials)
1799
1800 {
1801 NTSTATUS status;
1802 struct netr_LogonControl2 r;
1803 union netr_CONTROL_DATA_INFORMATION data;
1804 union netr_CONTROL_QUERY_INFORMATION query;
1805 int i;
1806 struct dcerpc_binding_handle *b = p->binding_handle;
1807
1808 data.domain = lp_workgroup(tctx->lp_ctx);
1809
1810 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1811
1812 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
1813 r.in.data = &data;
1814 r.out.query = &query;
1815
1816 for (i=1;i<4;i++) {
1817 r.in.level = i;
1818
1819 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1820 i, r.in.function_code);
1821
1822 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1823 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1824 }
1825
1826 data.domain = lp_workgroup(tctx->lp_ctx);
1827
1828 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
1829 r.in.data = &data;
1830
1831 for (i=1;i<4;i++) {
1832 r.in.level = i;
1833
1834 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1835 i, r.in.function_code);
1836
1837 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1838 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1839 }
1840
1841 data.domain = lp_workgroup(tctx->lp_ctx);
1842
1843 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
1844 r.in.data = &data;
1845
1846 for (i=1;i<4;i++) {
1847 r.in.level = i;
1848
1849 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1850 i, r.in.function_code);
1851
1852 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1853 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1854 }
1855
1856 data.debug_level = ~0;
1857
1858 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
1859 r.in.data = &data;
1860
1861 for (i=1;i<4;i++) {
1862 r.in.level = i;
1863
1864 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1865 i, r.in.function_code);
1866
1867 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1868 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1869 }
1870
1871 return true;
1872 }
1873
1874 /*
1875 try a netlogon DatabaseSync2
1876 */
1877 static bool test_DatabaseSync2(struct torture_context *tctx,
1878 struct dcerpc_pipe *p,
1879 struct cli_credentials *machine_credentials)
1880 {
1881 NTSTATUS status;
1882 struct netr_DatabaseSync2 r;
1883 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1884 struct netr_Authenticator return_authenticator, credential;
1885
1886 struct netlogon_creds_CredentialState *creds;
1887 const uint32_t database_ids[] = {0, 1, 2};
1888 int i;
1889 struct dcerpc_binding_handle *b = p->binding_handle;
1890
1891 if (!test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_FLAGS,
1892 machine_credentials,
1893 cli_credentials_get_secure_channel_type(machine_credentials),
1894 &creds)) {
1895 return false;
1896 }
1897
1898 ZERO_STRUCT(return_authenticator);
1899
1900 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1901 r.in.computername = TEST_MACHINE_NAME;
1902 r.in.preferredmaximumlength = (uint32_t)-1;
1903 r.in.return_authenticator = &return_authenticator;
1904 r.out.return_authenticator = &return_authenticator;
1905 r.out.delta_enum_array = &delta_enum_array;
1906
1907 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1908
1909 uint32_t sync_context = 0;
1910
1911 r.in.database_id = database_ids[i];
1912 r.in.sync_context = &sync_context;
1913 r.out.sync_context = &sync_context;
1914 r.in.restart_state = 0;
1915
1916 torture_comment(tctx, "Testing DatabaseSync2 of id %d\n", r.in.database_id);
1917
1918 do {
1919 netlogon_creds_client_authenticator(creds, &credential);
1920
1921 r.in.credential = &credential;
1922
1923 status = dcerpc_netr_DatabaseSync2_r(b, tctx, &r);
1924 if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES))
1925 break;
1926
1927 /* Native mode servers don't do this */
1928 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
1929 return true;
1930 }
1931
1932 torture_assert_ntstatus_ok(tctx, status, "DatabaseSync2");
1933
1934 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
1935 torture_comment(tctx, "Credential chaining failed\n");
1936 }
1937
1938 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
1939 }
1940
1941 return true;
1942 }
1943
1944
1945 /*
1946 try a netlogon LogonControl2Ex
1947 */
1948 static bool test_LogonControl2Ex(struct torture_context *tctx,
1949 struct dcerpc_pipe *p,
1950 struct cli_credentials *machine_credentials)
1951
1952 {
1953 NTSTATUS status;
1954 struct netr_LogonControl2Ex r;
1955 union netr_CONTROL_DATA_INFORMATION data;
1956 union netr_CONTROL_QUERY_INFORMATION query;
1957 int i;
1958 struct dcerpc_binding_handle *b = p->binding_handle;
1959
1960 data.domain = lp_workgroup(tctx->lp_ctx);
1961
1962 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1963
1964 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
1965 r.in.data = &data;
1966 r.out.query = &query;
1967
1968 for (i=1;i<4;i++) {
1969 r.in.level = i;
1970
1971 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
1972 i, r.in.function_code);
1973
1974 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
1975 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1976 }
1977
1978 data.domain = lp_workgroup(tctx->lp_ctx);
1979
1980 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
1981 r.in.data = &data;
1982
1983 for (i=1;i<4;i++) {
1984 r.in.level = i;
1985
1986 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
1987 i, r.in.function_code);
1988
1989 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
1990 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1991 }
1992
1993 data.domain = lp_workgroup(tctx->lp_ctx);
1994
1995 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
1996 r.in.data = &data;
1997
1998 for (i=1;i<4;i++) {
1999 r.in.level = i;
2000
2001 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2002 i, r.in.function_code);
2003
2004 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2005 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2006 }
2007
2008 data.debug_level = ~0;
2009
2010 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
2011 r.in.data = &data;
2012
2013 for (i=1;i<4;i++) {
2014 r.in.level = i;
2015
2016 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2017 i, r.in.function_code);
2018
2019 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2020 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2021 }
2022
2023 return true;
2024 }
2025
2026 static bool test_netr_DsRGetForestTrustInformation(struct torture_context *tctx,
2027 struct dcerpc_pipe *p, const char *trusted_domain_name)
2028 {
2029 NTSTATUS status;
2030 struct netr_DsRGetForestTrustInformation r;
2031 struct lsa_ForestTrustInformation info, *info_ptr;
2032 struct dcerpc_binding_handle *b = p->binding_handle;
2033
2034 info_ptr = &info;
2035
2036 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2037 r.in.trusted_domain_name = trusted_domain_name;
2038 r.in.flags = 0;
2039 r.out.forest_trust_info = &info_ptr;
2040
2041 torture_comment(tctx ,"Testing netr_DsRGetForestTrustInformation\n");
2042
2043 status = dcerpc_netr_DsRGetForestTrustInformation_r(b, tctx, &r);
2044 torture_assert_ntstatus_ok(tctx, status, "DsRGetForestTrustInformation");
2045 torture_assert_werr_ok(tctx, r.out.result, "DsRGetForestTrustInformation");
2046
2047 return true;
2048 }
2049
2050 /*
2051 try a netlogon netr_DsrEnumerateDomainTrusts
2052 */
2053 static bool test_DsrEnumerateDomainTrusts(struct torture_context *tctx,
2054 struct dcerpc_pipe *p)
2055 {
2056 NTSTATUS status;
2057 struct netr_DsrEnumerateDomainTrusts r;
2058 struct netr_DomainTrustList trusts;
2059 int i;
2060 struct dcerpc_binding_handle *b = p->binding_handle;
2061
2062 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2063 r.in.trust_flags = 0x3f;
2064 r.out.trusts = &trusts;
2065
2066 status = dcerpc_netr_DsrEnumerateDomainTrusts_r(b, tctx, &r);
2067 torture_assert_ntstatus_ok(tctx, status, "DsrEnumerateDomaintrusts");
2068 torture_assert_werr_ok(tctx, r.out.result, "DsrEnumerateDomaintrusts");
2069
2070 /* when trusted_domain_name is NULL, netr_DsRGetForestTrustInformation
2071 * will show non-forest trusts and all UPN suffixes of the own forest
2072 * as LSA_FOREST_TRUST_TOP_LEVEL_NAME types */
2073
2074 if (r.out.trusts->count) {
2075 if (!test_netr_DsRGetForestTrustInformation(tctx, p, NULL)) {
2076 return false;
2077 }
2078 }
2079
2080 for (i=0; i<r.out.trusts->count; i++) {
2081
2082 /* get info for transitive forest trusts */
2083
2084 if (r.out.trusts->array[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
2085 if (!test_netr_DsRGetForestTrustInformation(tctx, p,
2086 r.out.trusts->array[i].dns_name)) {
2087 return false;
2088 }
2089 }
2090 }
2091
2092 return true;
2093 }
2094
2095 static bool test_netr_NetrEnumerateTrustedDomains(struct torture_context *tctx,
2096 struct dcerpc_pipe *p)
2097 {
2098 NTSTATUS status;
2099 struct netr_NetrEnumerateTrustedDomains r;
2100 struct netr_Blob trusted_domains_blob;
2101 struct dcerpc_binding_handle *b = p->binding_handle;
2102
2103 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2104 r.out.trusted_domains_blob = &trusted_domains_blob;
2105
2106 status = dcerpc_netr_NetrEnumerateTrustedDomains_r(b, tctx, &r);
2107 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomains");
2108 torture_assert_werr_ok(tctx, r.out.result, "NetrEnumerateTrustedDomains");
2109
2110 return true;
2111 }
2112
2113 static bool test_netr_NetrEnumerateTrustedDomainsEx(struct torture_context *tctx,
2114 struct dcerpc_pipe *p)
2115 {
2116 NTSTATUS status;
2117 struct netr_NetrEnumerateTrustedDomainsEx r;
2118 struct netr_DomainTrustList dom_trust_list;
2119 struct dcerpc_binding_handle *b = p->binding_handle;
2120
2121 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2122 r.out.dom_trust_list = &dom_trust_list;
2123
2124 status = dcerpc_netr_NetrEnumerateTrustedDomainsEx_r(b, tctx, &r);
2125 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomainsEx");
2126 torture_assert_werr_ok(tctx, r.out.result, "NetrEnumerateTrustedDomainsEx");
2127
2128 return true;
2129 }
2130
2131
2132 static bool test_netr_DsRGetSiteName(struct dcerpc_pipe *p, struct torture_context *tctx,
2133 const char *computer_name,
2134 const char *expected_site)
2135 {
2136 NTSTATUS status;
2137 struct netr_DsRGetSiteName r;
2138 const char *site = NULL;
2139 struct dcerpc_binding_handle *b = p->binding_handle;
2140
2141 if (torture_setting_bool(tctx, "samba4", false))
2142 torture_skip(tctx, "skipping DsRGetSiteName test against Samba4");
2143
2144 r.in.computer_name = computer_name;
2145 r.out.site = &site;
2146 torture_comment(tctx, "Testing netr_DsRGetSiteName\n");
2147
2148 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
2149 torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
2150 torture_assert_werr_ok(tctx, r.out.result, "DsRGetSiteName");
2151 torture_assert_str_equal(tctx, expected_site, site, "netr_DsRGetSiteName");
2152
2153 r.in.computer_name = talloc_asprintf(tctx, "\\\\%s", computer_name);
2154 torture_comment(tctx,
2155 "Testing netr_DsRGetSiteName with broken computer name: %s\n", r.in.computer_name);
2156
2157 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
2158 torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
2159 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_COMPUTERNAME, "netr_DsRGetSiteName");
2160
2161 return true;
2162 }
2163
2164 /*
2165 try a netlogon netr_DsRGetDCName
2166 */
2167 static bool test_netr_DsRGetDCName(struct torture_context *tctx,
2168 struct dcerpc_pipe *p)
2169 {
2170 NTSTATUS status;
2171 struct netr_DsRGetDCName r;
2172 struct netr_DsRGetDCNameInfo *info = NULL;
2173 struct dcerpc_binding_handle *b = p->binding_handle;
2174
2175 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2176 r.in.domain_name = lp_dnsdomain(tctx->lp_ctx);
2177 r.in.domain_guid = NULL;
2178 r.in.site_guid = NULL;
2179 r.in.flags = DS_RETURN_DNS_NAME;
2180 r.out.info = &info;
2181
2182 status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
2183 torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
2184 torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
2185 return test_netr_DsRGetSiteName(p, tctx,
2186 info->dc_unc,
2187 info->dc_site_name);
2188 }
2189
2190 /*
2191 try a netlogon netr_DsRGetDCNameEx
2192 */
2193 static bool test_netr_DsRGetDCNameEx(struct torture_context *tctx,
2194 struct dcerpc_pipe *p)
2195 {
2196 NTSTATUS status;
2197 struct netr_DsRGetDCNameEx r;
2198 struct netr_DsRGetDCNameInfo *info = NULL;
2199 struct dcerpc_binding_handle *b = p->binding_handle;
2200
2201 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2202 r.in.domain_name = lp_dnsdomain(tctx->lp_ctx);
2203 r.in.domain_guid = NULL;
2204 r.in.site_name = NULL;
2205 r.in.flags = DS_RETURN_DNS_NAME;
2206 r.out.info = &info;
2207
2208 status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
2209 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
2210 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
2211
2212 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2213 info->dc_site_name);
2214 }
2215
2216 /*
2217 try a netlogon netr_DsRGetDCNameEx2
2218 */
2219 static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx,
2220 struct dcerpc_pipe *p)
2221 {
2222 NTSTATUS status;
2223 struct netr_DsRGetDCNameEx2 r;
2224 struct netr_DsRGetDCNameInfo *info = NULL;
2225 struct dcerpc_binding_handle *b = p->binding_handle;
2226
2227 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2228 r.in.client_account = NULL;
2229 r.in.mask = 0x00000000;
2230 r.in.domain_name = lp_dnsdomain(tctx->lp_ctx);
2231 r.in.domain_guid = NULL;
2232 r.in.site_name = NULL;
2233 r.in.flags = DS_RETURN_DNS_NAME;
2234 r.out.info = &info;
2235
2236 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 without client account\n");
2237
2238 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2239 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2240 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2241
2242 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with client acount\n");
2243 r.in.client_account = TEST_MACHINE_NAME"$";
2244 r.in.mask = ACB_SVRTRUST;
2245 r.in.flags = DS_RETURN_FLAT_NAME;
2246 r.out.info = &info;
2247
2248 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2249 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2250 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2251 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2252 info->dc_site_name);
2253 }
2254
2255 static bool test_netr_DsrGetDcSiteCoverageW(struct torture_context *tctx,
2256 struct dcerpc_pipe *p)
2257 {
2258 NTSTATUS status;
2259 struct netr_DsrGetDcSiteCoverageW r;
2260 struct DcSitesCtr *ctr = NULL;
2261 struct dcerpc_binding_handle *b = p->binding_handle;
2262
2263 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2264 r.out.ctr = &ctr;
2265
2266 status = dcerpc_netr_DsrGetDcSiteCoverageW_r(b, tctx, &r);
2267 torture_assert_ntstatus_ok(tctx, status, "failed");
2268 torture_assert_werr_ok(tctx, r.out.result, "failed");
2269
2270 return true;
2271 }
2272
2273 static bool test_netr_DsRAddressToSitenamesW(struct torture_context *tctx,
2274 struct dcerpc_pipe *p)
2275 {
2276 NTSTATUS status;
2277 struct netr_DsRAddressToSitenamesW r;
2278 struct netr_DsRAddress addr;
2279 struct netr_DsRAddressToSitenamesWCtr *ctr;
2280 struct dcerpc_binding_handle *b = p->binding_handle;
2281
2282 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesWCtr);
2283
2284 addr.size = 16;
2285 addr.buffer = talloc_zero_array(tctx, uint8_t, addr.size);
2286
2287 addr.buffer[0] = 2; /* AF_INET */
2288 addr.buffer[4] = 127;
2289 addr.buffer[5] = 0;
2290 addr.buffer[6] = 0;
2291 addr.buffer[7] = 1;
2292
2293 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2294 r.in.count = 1;
2295 r.in.addresses = talloc_zero_array(tctx, struct netr_DsRAddress, r.in.count);
2296 r.in.addresses[0] = addr;
2297 r.out.ctr = &ctr;
2298
2299 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2300 torture_assert_ntstatus_ok(tctx, status, "failed");
2301 torture_assert_werr_ok(tctx, r.out.result, "failed");
2302
2303 return true;
2304 }
2305
2306 static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx,
2307 struct dcerpc_pipe *p)
2308 {
2309 NTSTATUS status;
2310 struct netr_DsRAddressToSitenamesExW r;
2311 struct netr_DsRAddress addr;
2312 struct netr_DsRAddressToSitenamesExWCtr *ctr;
2313 struct dcerpc_binding_handle *b = p->binding_handle;
2314
2315 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesExWCtr);
2316
2317 addr.size = 16;
2318 addr.buffer = talloc_zero_array(tctx, uint8_t, addr.size);
2319
2320 addr.buffer[0] = 2; /* AF_INET */
2321 addr.buffer[4] = 127;
2322 addr.buffer[5] = 0;
2323 addr.buffer[6] = 0;
2324 addr.buffer[7] = 1;
2325
2326 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2327 r.in.count = 1;
2328 r.in.addresses = talloc_zero_array(tctx, struct netr_DsRAddress, r.in.count);
2329 r.in.addresses[0] = addr;
2330 r.out.ctr = &ctr;
2331
2332 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
2333 torture_assert_ntstatus_ok(tctx, status, "failed");
2334 torture_assert_werr_ok(tctx, r.out.result, "failed");
2335
2336 return true;
2337 }
2338
2339 static bool test_netr_ServerGetTrustInfo(struct torture_context *tctx,
2340 struct dcerpc_pipe *p,
2341 struct cli_credentials *machine_credentials)
2342 {
2343 NTSTATUS status;
2344 struct netr_ServerGetTrustInfo r;
2345
2346 struct netr_Authenticator a;
2347 struct netr_Authenticator return_authenticator;
2348 struct samr_Password new_owf_password;
2349 struct samr_Password old_owf_password;
2350 struct netr_TrustInfo *trust_info;
2351
2352 struct netlogon_creds_CredentialState *creds;
2353 struct dcerpc_binding_handle *b = p->binding_handle;
2354
2355 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2356 machine_credentials, &creds)) {
2357 return false;
2358 }
2359
2360 netlogon_creds_client_authenticator(creds, &a);
2361
2362 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2363 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
2364 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
2365 r.in.computer_name = TEST_MACHINE_NAME;
2366 r.in.credential = &a;
2367
2368 r.out.return_authenticator = &return_authenticator;
2369 r.out.new_owf_password = &new_owf_password;
2370 r.out.old_owf_password = &old_owf_password;
2371 r.out.trust_info = &trust_info;
2372
2373 status = dcerpc_netr_ServerGetTrustInfo_r(b, tctx, &r);
2374 torture_assert_ntstatus_ok(tctx, status, "failed");
2375 torture_assert(tctx, netlogon_creds_client_check(creds, &return_authenticator.cred), "Credential chaining failed");
2376
2377 return true;
2378 }
2379
2380
2381 static bool test_GetDomainInfo(struct torture_context *tctx,
2382 struct dcerpc_pipe *p,
2383 struct cli_credentials *machine_credentials)
2384 {
2385 NTSTATUS status;
2386 struct netr_LogonGetDomainInfo r;
2387 struct netr_WorkstationInformation q1;
2388 struct netr_Authenticator a;
2389 struct netlogon_creds_CredentialState *creds;
2390 struct netr_OsVersion os;
2391 union netr_WorkstationInfo query;
2392 union netr_DomainInfo info;
2393 const char* const attrs[] = { "dNSHostName", "operatingSystem",
2394 "operatingSystemServicePack", "operatingSystemVersion",
2395 "servicePrincipalName", NULL };
2396 char *url;
2397 struct ldb_context *sam_ctx = NULL;
2398 struct ldb_message **res;
2399 struct ldb_message_element *spn_el;
2400 int ret, i;
2401 char *version_str;
2402 const char *old_dnsname = NULL;
2403 char **spns = NULL;
2404 int num_spns = 0;
2405 char *temp_str;
2406 struct dcerpc_binding_handle *b = p->binding_handle;
2407
2408 torture_comment(tctx, "Testing netr_LogonGetDomainInfo\n");
2409
2410 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2411 machine_credentials, &creds)) {
2412 return false;
2413 }
2414
2415 /* We won't double-check this when we are over 'local' transports */
2416 if (dcerpc_server_name(p)) {
2417 /* Set up connection to SAMDB on DC */
2418 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2419 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2420 NULL,
2421 cmdline_credentials,
2422 0);
2423
2424 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2425 }
2426
2427 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 1st call (no variation of DNS hostname)\n");
2428 netlogon_creds_client_authenticator(creds, &a);
2429
2430 ZERO_STRUCT(r);
2431 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2432 r.in.computer_name = TEST_MACHINE_NAME;
2433 r.in.credential = &a;
2434 r.in.level = 1;
2435 r.in.return_authenticator = &a;
2436 r.in.query = &query;
2437 r.out.return_authenticator = &a;
2438 r.out.info = &info;
2439
2440 ZERO_STRUCT(os);
2441 os.os.MajorVersion = 123;
2442 os.os.MinorVersion = 456;
2443 os.os.BuildNumber = 789;
2444 os.os.CSDVersion = "Service Pack 10";
2445 os.os.ServicePackMajor = 10;
2446 os.os.ServicePackMinor = 1;
2447 os.os.SuiteMask = NETR_VER_SUITE_SINGLEUSERTS;
2448 os.os.ProductType = NETR_VER_NT_SERVER;
2449 os.os.Reserved = 0;
2450
2451 version_str = talloc_asprintf(tctx, "%d.%d (%d)", os.os.MajorVersion,
2452 os.os.MinorVersion, os.os.BuildNumber);
2453
2454 ZERO_STRUCT(q1);
2455 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
2456 lp_dnsdomain(tctx->lp_ctx));
2457 q1.sitename = "Default-First-Site-Name";
2458 q1.os_version.os = &os;
2459 q1.os_name.string = talloc_asprintf(tctx,
2460 "Tortured by Samba4 RPC-NETLOGON: %s",
2461 timestring(tctx, time(NULL)));
2462
2463 /* The workstation handles the "servicePrincipalName" and DNS hostname
2464 updates */
2465 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
2466
2467 query.workstation_info = &q1;
2468
2469 if (sam_ctx) {
2470 /* Gets back the old DNS hostname in AD */
2471 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
2472 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
2473 old_dnsname =
2474 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL);
2475
2476 /* Gets back the "servicePrincipalName"s in AD */
2477 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2478 if (spn_el != NULL) {
2479 for (i=0; i < spn_el->num_values; i++) {
2480 spns = talloc_realloc(tctx, spns, char *, i + 1);
2481 spns[i] = (char *) spn_el->values[i].data;
2482 }
2483 num_spns = i;
2484 }
2485 }
2486
2487 status = dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r);
2488 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo");
2489 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
2490
2491 msleep(250);
2492
2493 if (sam_ctx) {
2494 /* AD workstation infos entry check */
2495 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
2496 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
2497 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
2498 torture_assert_str_equal(tctx,
2499 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
2500 q1.os_name.string, "'operatingSystem' wrong!");
2501 torture_assert_str_equal(tctx,
2502 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL),
2503 os.os.CSDVersion, "'operatingSystemServicePack' wrong!");
2504 torture_assert_str_equal(tctx,
2505 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL),
2506 version_str, "'operatingSystemVersion' wrong!");
2507
2508 if (old_dnsname != NULL) {
2509 /* If before a DNS hostname was set then it should remain
2510 the same in combination with the "servicePrincipalName"s.
2511 The DNS hostname should also be returned by our
2512 "LogonGetDomainInfo" call (in the domain info structure). */
2513
2514 torture_assert_str_equal(tctx,
2515 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
2516 old_dnsname, "'DNS hostname' was not set!");
2517
2518 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2519 torture_assert(tctx, ((spns != NULL) && (spn_el != NULL)),
2520 "'servicePrincipalName's not set!");
2521 torture_assert(tctx, spn_el->num_values == num_spns,
2522 "'servicePrincipalName's incorrect!");
2523 for (i=0; (i < spn_el->num_values) && (i < num_spns); i++)
2524 torture_assert_str_equal(tctx,
2525 (char *) spn_el->values[i].data,
2526 spns[i], "'servicePrincipalName's incorrect!");
2527
2528 torture_assert_str_equal(tctx,
2529 info.domain_info->dns_hostname.string,
2530 old_dnsname,
2531 "Out 'DNS hostname' doesn't match the old one!");
2532 } else {
2533 /* If no DNS hostname was set then also now none should be set,
2534 the "servicePrincipalName"s should remain empty and no DNS
2535 hostname should be returned by our "LogonGetDomainInfo"
2536 call (in the domain info structure). */
2537
2538 torture_assert(tctx,
2539 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL) == NULL,
2540 "'DNS hostname' was set!");
2541
2542 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2543 torture_assert(tctx, ((spns == NULL) && (spn_el == NULL)),
2544 "'servicePrincipalName's were set!");
2545
2546 torture_assert(tctx,
2547 info.domain_info->dns_hostname.string == NULL,
2548 "Out 'DNS host name' was set!");
2549 }
2550 }
2551
2552 /* Checks "workstation flags" */
2553 torture_assert(tctx,
2554 info.domain_info->workstation_flags
2555 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
2556 "Out 'workstation flags' don't match!");
2557
2558
2559 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 2nd call (variation of DNS hostname doesn't work)\n");
2560 netlogon_creds_client_authenticator(creds, &a);
2561
2562 /* Wipe out the osVersion, and prove which values still 'stick' */
2563 q1.os_version.os = NULL;
2564
2565 /* Change also the DNS hostname to test differences in behaviour */
2566 talloc_free(discard_const_p(char, q1.dns_hostname));
2567 q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
2568 lp_dnsdomain(tctx->lp_ctx));
2569
2570 /* The workstation handles the "servicePrincipalName" and DNS hostname
2571 updates */
2572 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
2573
2574 status = dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r);
2575 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo");
2576 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
2577
2578 msleep(250);
2579
2580 if (sam_ctx) {
2581 /* AD workstation infos entry check */
2582 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
2583 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
2584 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
2585
2586 torture_assert_str_equal(tctx,
2587 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
2588 q1.os_name.string, "'operatingSystem' should stick!");
2589 torture_assert(tctx,
2590 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
2591 "'operatingSystemServicePack' shouldn't stick!");
2592 torture_assert(tctx,
2593 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
2594 "'operatingSystemVersion' shouldn't stick!");
2595
2596 /* The DNS host name shouldn't have been updated by the server */
2597
2598 torture_assert_str_equal(tctx,
2599 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
2600 old_dnsname, "'DNS host name' did change!");
2601
2602 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
2603 updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
2604 3.5.4.3.9 */
2605 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2606 torture_assert(tctx, spn_el != NULL,
2607 "There should exist 'servicePrincipalName's in AD!");
2608 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
2609 for (i=0; i < spn_el->num_values; i++)
2610 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
2611 break;
2612 torture_assert(tctx, i != spn_el->num_values,
2613 "'servicePrincipalName' HOST/<Netbios name> not found!");
2614 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
2615 for (i=0; i < spn_el->num_values; i++)
2616 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
2617 break;
2618 torture_assert(tctx, i != spn_el->num_values,
2619 "'servicePrincipalName' HOST/<FQDN name> not found!");
2620
2621 /* Check that the out DNS hostname was set properly */
2622 torture_assert_str_equal(tctx, info.domain_info->dns_hostname.string,
2623 old_dnsname, "Out 'DNS hostname' doesn't match the old one!");
2624 }
2625
2626 /* Checks "workstation flags" */
2627 torture_assert(tctx,
2628 info.domain_info->workstation_flags == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
2629 "Out 'workstation flags' don't match!");
2630
2631
2632 /* Now try the same but the workstation flags set to 0 */
2633
2634 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 3rd call (variation of DNS hostname doesn't work)\n");
2635 netlogon_creds_client_authenticator(creds, &a);
2636
2637 /* Change also the DNS hostname to test differences in behaviour */
2638 talloc_free(discard_const_p(char, q1.dns_hostname));
2639 q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
2640 lp_dnsdomain(tctx->lp_ctx));
2641
2642 /* Wipe out the osVersion, and prove which values still 'stick' */
2643 q1.os_version.os = NULL;
2644
2645 /* Let the DC handle the "servicePrincipalName" and DNS hostname
2646 updates */
2647 q1.workstation_flags = 0;
2648
2649 status = dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r);
2650 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo");
2651 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
2652
2653 msleep(250);
2654
2655 if (sam_ctx) {
2656 /* AD workstation infos entry check */
2657 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
2658 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
2659 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
2660
2661 torture_assert_str_equal(tctx,
2662 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
2663 q1.os_name.string, "'operatingSystem' should stick!");
2664 torture_assert(tctx,
2665 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
2666 "'operatingSystemServicePack' shouldn't stick!");
2667 torture_assert(tctx,
2668 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
2669 "'operatingSystemVersion' shouldn't stick!");
2670
2671 /* The DNS host name shouldn't have been updated by the server */
2672
2673 torture_assert_str_equal(tctx,
2674 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
2675 old_dnsname, "'DNS host name' did change!");
2676
2677 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
2678 updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
2679 3.5.4.3.9 */
2680 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2681 torture_assert(tctx, spn_el != NULL,
2682 "There should exist 'servicePrincipalName's in AD!");
2683 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
2684 for (i=0; i < spn_el->num_values; i++)
2685 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
2686 break;
2687 torture_assert(tctx, i != spn_el->num_values,
2688 "'servicePrincipalName' HOST/<Netbios name> not found!");
2689 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
2690 for (i=0; i < spn_el->num_values; i++)
2691 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
2692 break;
2693 torture_assert(tctx, i != spn_el->num_values,
2694 "'servicePrincipalName' HOST/<FQDN name> not found!");
2695
2696 /* Here the server gives us NULL as the out DNS hostname */
2697 torture_assert(tctx, info.domain_info->dns_hostname.string == NULL,
2698 "Out 'DNS hostname' should be NULL!");
2699 }
2700
2701 /* Checks "workstation flags" */
2702 torture_assert(tctx,
2703 info.domain_info->workstation_flags == 0,
2704 "Out 'workstation flags' don't match!");
2705
2706
2707 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 4th call (verification of DNS hostname and check for trusted domains)\n");
2708 netlogon_creds_client_authenticator(creds, &a);
2709
2710 /* Put the DNS hostname back */
2711 talloc_free(discard_const_p(char, q1.dns_hostname));
2712 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
2713 lp_dnsdomain(tctx->lp_ctx));
2714
2715 /* The workstation handles the "servicePrincipalName" and DNS hostname
2716 updates */
2717 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
2718
2719 status = dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r);
2720 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo");
2721 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
2722
2723 msleep(250);
2724
2725 /* Now the in/out DNS hostnames should be the same */
2726 torture_assert_str_equal(tctx,
2727 info.domain_info->dns_hostname.string,
2728 query.workstation_info->dns_hostname,
2729 "In/Out 'DNS hostnames' don't match!");
2730
2731 /* Checks "workstation flags" */
2732 torture_assert(tctx,
2733 info.domain_info->workstation_flags
2734 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
2735 "Out 'workstation flags' don't match!");
2736
2737 /* Checks for trusted domains */
2738 torture_assert(tctx,
2739 (info.domain_info->trusted_domain_count != 0)
2740 && (info.domain_info->trusted_domains != NULL),
2741 "Trusted domains have been requested!");
2742
2743
2744 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 5th call (check for trusted domains)\n");
2745 netlogon_creds_client_authenticator(creds, &a);
2746
2747 /* The workstation handles the "servicePrincipalName" and DNS hostname
2748 updates and requests inbound trusts */
2749 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE
2750 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS;
2751
2752 status = dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r);
2753 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo");
2754 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
2755
2756 msleep(250);
2757
2758 /* Checks "workstation flags" */
2759 torture_assert(tctx,
2760 info.domain_info->workstation_flags
2761 == (NETR_WS_FLAG_HANDLES_SPN_UPDATE
2762 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS),
2763 "Out 'workstation flags' don't match!");
2764
2765 /* Checks for trusted domains */
2766 torture_assert(tctx,
2767 (info.domain_info->trusted_domain_count != 0)
2768 && (info.domain_info->trusted_domains != NULL),
2769 "Trusted domains have been requested!");
2770
2771 return true;
2772 }
2773
2774 static bool test_GetDomainInfo_async(struct torture_context *tctx,
2775 struct dcerpc_pipe *p,
2776 struct cli_credentials *machine_credentials)
2777 {
2778 NTSTATUS status;
2779 struct netr_LogonGetDomainInfo r;
2780 struct netr_WorkstationInformation q1;
2781 struct netr_Authenticator a;
2782 #define ASYNC_COUNT 100
2783 struct netlogon_creds_CredentialState *creds;
2784 struct netlogon_creds_CredentialState *creds_async[ASYNC_COUNT];
2785 struct tevent_req *req[ASYNC_COUNT];
2786 int i;
2787 union netr_WorkstationInfo query;
2788 union netr_DomainInfo info;
2789
2790 torture_comment(tctx, "Testing netr_LogonGetDomainInfo - async count %d\n", ASYNC_COUNT);
2791
2792 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2793 machine_credentials, &creds)) {
2794 return false;
2795 }
2796
2797 ZERO_STRUCT(r);
2798 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2799 r.in.computer_name = TEST_MACHINE_NAME;
2800 r.in.credential = &a;
2801 r.in.level = 1;
2802 r.in.return_authenticator = &a;
2803 r.in.query = &query;
2804 r.out.return_authenticator = &a;
2805 r.out.info = &info;
2806
2807 ZERO_STRUCT(q1);
2808 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
2809 lp_dnsdomain(tctx->lp_ctx));
2810 q1.sitename = "Default-First-Site-Name";
2811 q1.os_name.string = "UNIX/Linux or similar";
2812
2813 query.workstation_info = &q1;
2814
2815 for (i=0;i<ASYNC_COUNT;i++) {
2816 netlogon_creds_client_authenticator(creds, &a);
2817
2818 creds_async[i] = (struct netlogon_creds_CredentialState *)talloc_memdup(creds, creds, sizeof(*creds));
2819 req[i] = dcerpc_netr_LogonGetDomainInfo_r_send(tctx, tctx->ev, p->binding_handle, &r);
2820
2821 /* even with this flush per request a w2k3 server seems to
2822 clag with multiple outstanding requests. bleergh. */
2823 torture_assert_int_equal(tctx, event_loop_once(dcerpc_event_context(p)), 0,
2824 "event_loop_once failed");
2825 }
2826
2827 for (i=0;i<ASYNC_COUNT;i++) {
2828 torture_assert_int_equal(tctx, tevent_req_poll(req[i], tctx->ev), true,
2829 "tevent_req_poll() failed");
2830
2831 status = dcerpc_netr_LogonGetDomainInfo_r_recv(req[i], tctx);
2832
2833 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo_async");
2834 torture_assert_ntstatus_ok(tctx, r.out.result, "netr_LogonGetDomainInfo_async");
2835
2836 torture_assert(tctx, netlogon_creds_client_check(creds_async[i], &a.cred),
2837 "Credential chaining failed at async");
2838 }
2839
2840 torture_comment(tctx,
2841 "Testing netr_LogonGetDomainInfo - async count %d OK\n", ASYNC_COUNT);
2842
2843 return true;
2844 }
2845
2846 static bool test_ManyGetDCName(struct torture_context *tctx,
2847 struct dcerpc_pipe *p)
2848 {
2849 NTSTATUS status;
2850 struct dcerpc_pipe *p2;
2851 struct lsa_ObjectAttribute attr;
2852 struct lsa_QosInfo qos;
2853 struct lsa_OpenPolicy2 o;
2854 struct policy_handle lsa_handle;
2855 struct lsa_DomainList domains;
2856
2857 struct lsa_EnumTrustDom t;
2858 uint32_t resume_handle = 0;
2859 struct netr_GetAnyDCName d;
2860 const char *dcname = NULL;
2861 struct dcerpc_binding_handle *b = p->binding_handle;
2862 struct dcerpc_binding_handle *b2;
2863
2864 int i;
2865
2866 if (p->conn->transport.transport != NCACN_NP) {
2867 return true;
2868 }
2869
2870 torture_comment(tctx, "Torturing GetDCName\n");
2871
2872 status = dcerpc_secondary_connection(p, &p2, p->binding);
2873 torture_assert_ntstatus_ok(tctx, status, "Failed to create secondary connection");
2874
2875 status = dcerpc_bind_auth_none(p2, &ndr_table_lsarpc);
2876 torture_assert_ntstatus_ok(tctx, status, "Failed to create bind on secondary connection");
2877 b2 = p2->binding_handle;
2878
2879 qos.len = 0;
2880 qos.impersonation_level = 2;
2881 qos.context_mode = 1;
2882 qos.effective_only = 0;
2883
2884 attr.len = 0;
2885 attr.root_dir = NULL;
2886 attr.object_name = NULL;
2887 attr.attributes = 0;
2888 attr.sec_desc = NULL;
2889 attr.sec_qos = &qos;
2890
2891 o.in.system_name = "\\";
2892 o.in.attr = &attr;
2893 o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2894 o.out.handle = &lsa_handle;
2895
2896 status = dcerpc_lsa_OpenPolicy2_r(b2, tctx, &o);
2897 torture_assert_ntstatus_ok(tctx, status, "OpenPolicy2 failed");
2898
2899 t.in.handle = &lsa_handle;
2900 t.in.resume_handle = &resume_handle;
2901 t.in.max_size = 1000;
2902 t.out.domains = &domains;
2903 t.out.resume_handle = &resume_handle;
2904
2905 status = dcerpc_lsa_EnumTrustDom_r(b2, tctx, &t);
2906
2907 if ((!NT_STATUS_IS_OK(status) &&
2908 (!NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES))))
2909 torture_fail(tctx, "Could not list domains");
2910
2911 talloc_free(p2);
2912
2913 d.in.logon_server = talloc_asprintf(tctx, "\\\\%s",
2914 dcerpc_server_name(p));
2915 d.out.dcname = &dcname;
2916
2917 for (i=0; i<domains.count * 4; i++) {
2918 struct lsa_DomainInfo *info =
2919 &domains.domains[rand()%domains.count];
2920
2921 d.in.domainname = info->name.string;
2922
2923 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &d);
2924 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
2925
2926 torture_comment(tctx, "\tDC for domain %s is %s\n", info->name.string,
2927 dcname ? dcname : "unknown");
2928 }
2929
2930 return true;
2931 }
2932
2933 static bool test_SetPassword_with_flags(struct torture_context *tctx,
2934 struct dcerpc_pipe *p,
2935 struct cli_credentials *machine_credentials)
2936 {
2937 uint32_t flags[] = { 0, NETLOGON_NEG_STRONG_KEYS };
2938 struct netlogon_creds_CredentialState *creds;
2939 int i;
2940
2941 if (!test_SetupCredentials2(p, tctx, 0,
2942 machine_credentials,
2943 cli_credentials_get_secure_channel_type(machine_credentials),
2944 &creds)) {
2945 torture_skip(tctx, "DC does not support negotiation of 64bit session keys");
2946 }
2947
2948 for (i=0; i < ARRAY_SIZE(flags); i++) {
2949 torture_assert(tctx,
2950 test_SetPassword_flags(tctx, p, machine_credentials, flags[i]),
2951 talloc_asprintf(tctx, "failed to test SetPassword negotiating with 0x%08x flags", flags[i]));
2952 }
2953
2954 return true;
2955 }
2956
2957 struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx)
2958 {
2959 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON");
2960 struct torture_rpc_tcase *tcase;
2961 struct torture_test *test;
2962
2963 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
2964 &ndr_table_netlogon, TEST_MACHINE_NAME);
2965
2966 torture_rpc_tcase_add_test(tcase, "LogonUasLogon", test_LogonUasLogon);
2967 torture_rpc_tcase_add_test(tcase, "LogonUasLogoff", test_LogonUasLogoff);
2968 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
2969 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
2970 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
2971 torture_rpc_tcase_add_test_creds(tcase, "GetPassword", test_GetPassword);
2972 torture_rpc_tcase_add_test_creds(tcase, "GetTrustPasswords", test_GetTrustPasswords);
2973 torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo", test_GetDomainInfo);
2974 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync", test_DatabaseSync);
2975 torture_rpc_tcase_add_test_creds(tcase, "DatabaseDeltas", test_DatabaseDeltas);
2976 torture_rpc_tcase_add_test_creds(tcase, "DatabaseRedo", test_DatabaseRedo);
2977 torture_rpc_tcase_add_test_creds(tcase, "AccountDeltas", test_AccountDeltas);
2978 torture_rpc_tcase_add_test_creds(tcase, "AccountSync", test_AccountSync);
2979 torture_rpc_tcase_add_test(tcase, "GetDcName", test_GetDcName);
2980 torture_rpc_tcase_add_test(tcase, "ManyGetDCName", test_ManyGetDCName);
2981 torture_rpc_tcase_add_test(tcase, "GetAnyDCName", test_GetAnyDCName);
2982 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync2", test_DatabaseSync2);
2983 torture_rpc_tcase_add_test(tcase, "DsrEnumerateDomainTrusts", test_DsrEnumerateDomainTrusts);
2984 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
2985 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomainsEx", test_netr_NetrEnumerateTrustedDomainsEx);
2986 test = torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo_async", test_GetDomainInfo_async);
2987 test->dangerous = true;
2988 torture_rpc_tcase_add_test(tcase, "DsRGetDCName", test_netr_DsRGetDCName);
2989 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx", test_netr_DsRGetDCNameEx);
2990 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx2", test_netr_DsRGetDCNameEx2);
2991 torture_rpc_tcase_add_test(tcase, "DsrGetDcSiteCoverageW", test_netr_DsrGetDcSiteCoverageW);
2992 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesW", test_netr_DsRAddressToSitenamesW);
2993 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesExW", test_netr_DsRAddressToSitenamesExW);
2994 torture_rpc_tcase_add_test_creds(tcase, "ServerGetTrustInfo", test_netr_ServerGetTrustInfo);
2995
2996 return suite;
2997 }
2998
2999 struct torture_suite *torture_rpc_netlogon_s3(TALLOC_CTX *mem_ctx)
3000 {
3001 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-S3");
3002 struct torture_rpc_tcase *tcase;
3003
3004 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3005 &ndr_table_netlogon, TEST_MACHINE_NAME);
3006
3007 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
3008 torture_rpc_tcase_add_test_creds(tcase, "SamLogon_NULL_domain", test_SamLogon_NULL_domain);
3009 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
3010 torture_rpc_tcase_add_test_creds(tcase, "SetPassword_with_flags", test_SetPassword_with_flags);
3011 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
3012 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
3013
3014 return suite;
3015 }
3016
3017 struct torture_suite *torture_rpc_netlogon_admin(TALLOC_CTX *mem_ctx)
3018 {
3019 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-ADMIN");
3020 struct torture_rpc_tcase *tcase;
3021
3022 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3023 &ndr_table_netlogon, TEST_MACHINE_NAME);
3024 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3025 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3026 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3027
3028 tcase = torture_suite_add_machine_workstation_rpc_iface_tcase(suite, "netlogon",
3029 &ndr_table_netlogon, TEST_MACHINE_NAME);
3030 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3031 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3032 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3033
3034 tcase = torture_suite_add_rpc_iface_tcase(suite, "netlogon",
3035 &ndr_table_netlogon);
3036 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3037 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3038 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3039
3040 return suite;
3041 }
reg import