search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3:torture:delete: fix a comment
[Samba/gebeck_regimport.git] / source4 / torture / libnet / utils.c
blob88cebf1fbdc0ec02d8b5373326a2fd8007f0f68b
1 /*
2 Unix SMB/CIFS implementation.
3 Test suite for libnet calls.
4
5 Copyright (C) Rafal Szczesniak 2007
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 /*
22 * These are more general use functions shared among the tests.
23 */
24
25 #include "includes.h"
26 #include "lib/cmdline/popt_common.h"
27 #include "torture/rpc/torture_rpc.h"
28 #include "libnet/libnet.h"
29 #include "librpc/gen_ndr/ndr_samr_c.h"
30 #include "librpc/gen_ndr/ndr_lsa_c.h"
31 #include "torture/libnet/proto.h"
32 #include "ldb_wrap.h"
33
34 /**
35 * Opens handle on Domain using SAMR
36 *
37 * @param _domain_handle [out] Ptr to storage to store Domain handle
38 * @param _dom_sid [out] If NULL, Domain SID won't be returned
39 */
40 bool test_domain_open(struct torture_context *tctx,
41 struct dcerpc_binding_handle *b,
42 struct lsa_String *domname,
43 TALLOC_CTX *mem_ctx,
44 struct policy_handle *_domain_handle,
45 struct dom_sid2 *_dom_sid)
46 {
47 struct policy_handle connect_handle;
48 struct policy_handle domain_handle;
49 struct samr_Connect r1;
50 struct samr_LookupDomain r2;
51 struct dom_sid2 *sid = NULL;
52 struct samr_OpenDomain r3;
53
54 torture_comment(tctx, "connecting\n");
55
56 r1.in.system_name = 0;
57 r1.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
58 r1.out.connect_handle = &connect_handle;
59
60 torture_assert_ntstatus_ok(tctx,
61 dcerpc_samr_Connect_r(b, mem_ctx, &r1),
62 "Connect failed");
63 torture_assert_ntstatus_ok(tctx, r1.out.result,
64 "Connect failed");
65
66 r2.in.connect_handle = &connect_handle;
67 r2.in.domain_name = domname;
68 r2.out.sid = &sid;
69
70 torture_comment(tctx, "domain lookup on %s\n", domname->string);
71
72 torture_assert_ntstatus_ok(tctx,
73 dcerpc_samr_LookupDomain_r(b, mem_ctx, &r2),
74 "LookupDomain failed");
75 torture_assert_ntstatus_ok(tctx, r2.out.result,
76 "LookupDomain failed");
77
78 r3.in.connect_handle = &connect_handle;
79 r3.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
80 r3.in.sid = *r2.out.sid;
81 r3.out.domain_handle = &domain_handle;
82
83 torture_comment(tctx, "opening domain %s\n", domname->string);
84
85 torture_assert_ntstatus_ok(tctx,
86 dcerpc_samr_OpenDomain_r(b, mem_ctx, &r3),
87 "OpenDomain failed");
88 torture_assert_ntstatus_ok(tctx, r3.out.result,
89 "OpenDomain failed");
90
91 *_domain_handle = domain_handle;
92
93 if (_dom_sid) {
94 *_dom_sid = **r2.out.sid;
95 }
96
97 /* Close connect_handle, we don't need it anymore */
98 test_samr_close_handle(tctx, b, mem_ctx, &connect_handle);
99
100 return true;
101 }
102
103
104 /**
105 * Find out user's samAccountName for given
106 * user RDN. We need samAccountName value
107 * when deleting users.
108 */
109 static bool _get_account_name_for_user_rdn(struct torture_context *tctx,
110 const char *user_rdn,
111 TALLOC_CTX *mem_ctx,
112 const char **_account_name)
113 {
114 const char *url;
115 struct ldb_context *ldb;
116 TALLOC_CTX *tmp_ctx;
117 bool test_res = true;
118 const char *hostname = torture_setting_string(tctx, "host", NULL);
119 int ldb_ret;
120 struct ldb_result *ldb_res;
121 const char *account_name = NULL;
122 static const char *attrs[] = {
123 "samAccountName",
124 NULL
125 };
126
127 torture_assert(tctx, hostname != NULL, "Failed to get hostname");
128
129 tmp_ctx = talloc_new(tctx);
130 torture_assert(tctx, tmp_ctx != NULL, "Failed to create temporary mem context");
131
132 url = talloc_asprintf(tmp_ctx, "ldap://%s/", hostname);
133 torture_assert_goto(tctx, url != NULL, test_res, done, "Failed to allocate URL for ldb");
134
135 ldb = ldb_wrap_connect(tmp_ctx,
136 tctx->ev, tctx->lp_ctx,
137 url, NULL, cmdline_credentials, 0);
138 torture_assert_goto(tctx, ldb != NULL, test_res, done, "Failed to make LDB connection");
139
140 ldb_ret = ldb_search(ldb, tmp_ctx, &ldb_res,
141 ldb_get_default_basedn(ldb), LDB_SCOPE_SUBTREE,
142 attrs,
143 "(&(objectClass=user)(name=%s))", user_rdn);
144 if (LDB_SUCCESS == ldb_ret && 1 == ldb_res->count) {
145 account_name = ldb_msg_find_attr_as_string(ldb_res->msgs[0], "samAccountName", NULL);
146 }
147
148 /* return user_rdn by default */
149 if (!account_name) {
150 account_name = user_rdn;
151 }
152
153 /* duplicate memory in parent context */
154 *_account_name = talloc_strdup(mem_ctx, account_name);
155
156 done:
157 talloc_free(tmp_ctx);
158 return test_res;
159 }
160
161 /**
162 * Removes user by RDN through SAMR interface.
163 *
164 * @param domain_handle [in] Domain handle
165 * @param user_rdn [in] User's RDN in ldap database
166 */
167 bool test_user_cleanup(struct torture_context *tctx,
168 struct dcerpc_binding_handle *b,
169 TALLOC_CTX *mem_ctx,
170 struct policy_handle *domain_handle,
171 const char *user_rdn)
172 {
173 struct samr_LookupNames r1;
174 struct samr_OpenUser r2;
175 struct samr_DeleteUser r3;
176 struct lsa_String names[2];
177 uint32_t rid;
178 struct policy_handle user_handle;
179 struct samr_Ids rids, types;
180 const char *account_name;
181
182 if (!_get_account_name_for_user_rdn(tctx, user_rdn, mem_ctx, &account_name)) {
183 torture_result(tctx, TORTURE_FAIL,
184 __location__": Failed to find samAccountName for %s", user_rdn);
185 return false;
186 }
187
188 names[0].string = account_name;
189
190 r1.in.domain_handle = domain_handle;
191 r1.in.num_names = 1;
192 r1.in.names = names;
193 r1.out.rids = &rids;
194 r1.out.types = &types;
195
196 torture_comment(tctx, "user account lookup '%s'\n", account_name);
197
198 torture_assert_ntstatus_ok(tctx,
199 dcerpc_samr_LookupNames_r(b, mem_ctx, &r1),
200 "LookupNames failed");
201 torture_assert_ntstatus_ok(tctx, r1.out.result,
202 "LookupNames failed");
203
204 rid = r1.out.rids->ids[0];
205
206 r2.in.domain_handle = domain_handle;
207 r2.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
208 r2.in.rid = rid;
209 r2.out.user_handle = &user_handle;
210
211 torture_comment(tctx, "opening user account\n");
212
213 torture_assert_ntstatus_ok(tctx,
214 dcerpc_samr_OpenUser_r(b, mem_ctx, &r2),
215 "OpenUser failed");
216 torture_assert_ntstatus_ok(tctx, r2.out.result,
217 "OpenUser failed");
218
219 r3.in.user_handle = &user_handle;
220 r3.out.user_handle = &user_handle;
221
222 torture_comment(tctx, "deleting user account\n");
223
224 torture_assert_ntstatus_ok(tctx,
225 dcerpc_samr_DeleteUser_r(b, mem_ctx, &r3),
226 "DeleteUser failed");
227 torture_assert_ntstatus_ok(tctx, r3.out.result,
228 "DeleteUser failed");
229
230 return true;
231 }
232
233
234 /**
235 * Creates new user using SAMR
236 *
237 * @param name [in] Username for user to create
238 * @param rid [out] If NULL, User's RID is not returned
239 */
240 bool test_user_create(struct torture_context *tctx,
241 struct dcerpc_binding_handle *b,
242 TALLOC_CTX *mem_ctx,
243 struct policy_handle *domain_handle,
244 const char *name,
245 uint32_t *rid)
246 {
247 struct policy_handle user_handle;
248 struct lsa_String username;
249 struct samr_CreateUser r;
250 uint32_t user_rid;
251
252 username.string = name;
253
254 r.in.domain_handle = domain_handle;
255 r.in.account_name = &username;
256 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
257 r.out.user_handle = &user_handle;
258 /* return user's RID only if requested */
259 r.out.rid = rid ? rid : &user_rid;
260
261 torture_comment(tctx, "creating user '%s'\n", username.string);
262
263 torture_assert_ntstatus_ok(tctx,
264 dcerpc_samr_CreateUser_r(b, mem_ctx, &r),
265 "CreateUser RPC call failed");
266 if (!NT_STATUS_IS_OK(r.out.result)) {
267 torture_comment(tctx, "CreateUser failed - %s\n", nt_errstr(r.out.result));
268
269 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_USER_EXISTS)) {
270 torture_comment(tctx,
271 "User (%s) already exists - "
272 "attempting to delete and recreate account again\n",
273 username.string);
274 if (!test_user_cleanup(tctx, b, mem_ctx, domain_handle, username.string)) {
275 return false;
276 }
277
278 torture_comment(tctx, "creating user account\n");
279
280 torture_assert_ntstatus_ok(tctx,
281 dcerpc_samr_CreateUser_r(b, mem_ctx, &r),
282 "CreateUser RPC call failed");
283 torture_assert_ntstatus_ok(tctx, r.out.result,
284 "CreateUser failed");
285
286 /* be nice and close opened handles */
287 test_samr_close_handle(tctx, b, mem_ctx, &user_handle);
288
289 return true;
290 }
291 return false;
292 }
293
294 /* be nice and close opened handles */
295 test_samr_close_handle(tctx, b, mem_ctx, &user_handle);
296
297 return true;
298 }
299
300
301 /**
302 * Deletes a Group using SAMR interface
303 */
304 bool test_group_cleanup(struct torture_context *tctx,
305 struct dcerpc_binding_handle *b,
306 TALLOC_CTX *mem_ctx,
307 struct policy_handle *domain_handle,
308 const char *name)
309 {
310 struct samr_LookupNames r1;
311 struct samr_OpenGroup r2;
312 struct samr_DeleteDomainGroup r3;
313 struct lsa_String names[2];
314 uint32_t rid;
315 struct policy_handle group_handle;
316 struct samr_Ids rids, types;
317
318 names[0].string = name;
319
320 r1.in.domain_handle = domain_handle;
321 r1.in.num_names = 1;
322 r1.in.names = names;
323 r1.out.rids = &rids;
324 r1.out.types = &types;
325
326 torture_comment(tctx, "group account lookup '%s'\n", name);
327
328 torture_assert_ntstatus_ok(tctx,
329 dcerpc_samr_LookupNames_r(b, mem_ctx, &r1),
330 "LookupNames failed");
331 torture_assert_ntstatus_ok(tctx, r1.out.result,
332 "LookupNames failed");
333
334 rid = r1.out.rids->ids[0];
335
336 r2.in.domain_handle = domain_handle;
337 r2.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
338 r2.in.rid = rid;
339 r2.out.group_handle = &group_handle;
340
341 torture_comment(tctx, "opening group account\n");
342
343 torture_assert_ntstatus_ok(tctx,
344 dcerpc_samr_OpenGroup_r(b, mem_ctx, &r2),
345 "OpenGroup failed");
346 torture_assert_ntstatus_ok(tctx, r2.out.result,
347 "OpenGroup failed");
348
349 r3.in.group_handle = &group_handle;
350 r3.out.group_handle = &group_handle;
351
352 torture_comment(tctx, "deleting group account\n");
353
354 torture_assert_ntstatus_ok(tctx,
355 dcerpc_samr_DeleteDomainGroup_r(b, mem_ctx, &r3),
356 "DeleteGroup failed");
357 torture_assert_ntstatus_ok(tctx, r3.out.result,
358 "DeleteGroup failed");
359
360 return true;
361 }
362
363
364 /**
365 * Creates a Group object using SAMR interface
366 *
367 * @param group_name [in] Name of the group to create
368 * @param rid [out] RID of group created. May be NULL in
369 * which case RID is not required by caller
370 */
371 bool test_group_create(struct torture_context *tctx,
372 struct dcerpc_binding_handle *b,
373 TALLOC_CTX *mem_ctx,
374 struct policy_handle *handle,
375 const char *group_name,
376 uint32_t *rid)
377 {
378 uint32_t group_rid;
379 struct lsa_String groupname;
380 struct samr_CreateDomainGroup r;
381 struct policy_handle group_handle;
382
383 groupname.string = group_name;
384
385 r.in.domain_handle = handle;
386 r.in.name = &groupname;
387 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
388 r.out.group_handle = &group_handle;
389 /* use local variable in case caller
390 * don't care about the group RID */
391 r.out.rid = rid ? rid : &group_rid;
392
393 torture_comment(tctx, "creating group account %s\n", group_name);
394
395 torture_assert_ntstatus_ok(tctx,
396 dcerpc_samr_CreateDomainGroup_r(b, mem_ctx, &r),
397 "CreateGroup failed");
398 if (!NT_STATUS_IS_OK(r.out.result)) {
399 torture_comment(tctx, "CreateGroup failed - %s\n", nt_errstr(r.out.result));
400
401 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_GROUP_EXISTS)) {
402 torture_comment(tctx,
403 "Group (%s) already exists - "
404 "attempting to delete and recreate group again\n",
405 group_name);
406 if (!test_group_cleanup(tctx, b, mem_ctx, handle, group_name)) {
407 return false;
408 }
409
410 torture_comment(tctx, "creating group account\n");
411
412 torture_assert_ntstatus_ok(tctx,
413 dcerpc_samr_CreateDomainGroup_r(b, mem_ctx, &r),
414 "CreateGroup failed");
415 torture_assert_ntstatus_ok(tctx, r.out.result,
416 "CreateGroup failed");
417
418 /* be nice and close opened handles */
419 test_samr_close_handle(tctx, b, mem_ctx, &group_handle);
420
421 return true;
422 }
423 return false;
424 }
425
426 /* be nice and close opened handles */
427 test_samr_close_handle(tctx, b, mem_ctx, &group_handle);
428
429 return true;
430 }
431
432 /**
433 * Closes SAMR handle obtained from Connect, Open User/Domain, etc
434 */
435 bool test_samr_close_handle(struct torture_context *tctx,
436 struct dcerpc_binding_handle *b,
437 TALLOC_CTX *mem_ctx,
438 struct policy_handle *samr_handle)
439 {
440 struct samr_Close r;
441
442 r.in.handle = samr_handle;
443 r.out.handle = samr_handle;
444
445 torture_assert_ntstatus_ok(tctx,
446 dcerpc_samr_Close_r(b, mem_ctx, &r),
447 "Close SAMR handle RPC call failed");
448 torture_assert_ntstatus_ok(tctx, r.out.result,
449 "Close SAMR handle failed");
450
451 return true;
452 }
453
454 /**
455 * Closes LSA handle obtained from Connect, Open Group, etc
456 */
457 bool test_lsa_close_handle(struct torture_context *tctx,
458 struct dcerpc_binding_handle *b,
459 TALLOC_CTX *mem_ctx,
460 struct policy_handle *lsa_handle)
461 {
462 struct lsa_Close r;
463
464 r.in.handle = lsa_handle;
465 r.out.handle = lsa_handle;
466
467 torture_assert_ntstatus_ok(tctx,
468 dcerpc_lsa_Close_r(b, mem_ctx, &r),
469 "Close LSA handle RPC call failed");
470 torture_assert_ntstatus_ok(tctx, r.out.result,
471 "Close LSA handle failed");
472
473 return true;
474 }
475
476 /**
477 * Create and initialize libnet_context Context.
478 * Use this function in cases where we need to have SAMR and LSA pipes
479 * of libnet_context to be connected before executing any other
480 * libnet call
481 *
482 * @param rpc_connect [in] Connects SAMR and LSA pipes
483 */
484 bool test_libnet_context_init(struct torture_context *tctx,
485 bool rpc_connect,
486 struct libnet_context **_net_ctx)
487 {
488 NTSTATUS status;
489 bool bret = true;
490 struct libnet_context *net_ctx;
491
492 net_ctx = libnet_context_init(tctx->ev, tctx->lp_ctx);
493 torture_assert(tctx, net_ctx != NULL, "Failed to create libnet_context");
494
495 /* Use command line credentials for testing */
496 net_ctx->cred = cmdline_credentials;
497
498 if (rpc_connect) {
499 /* connect SAMR pipe */
500 status = torture_rpc_connection(tctx,
501 &net_ctx->samr.pipe,
502 &ndr_table_samr);
503 torture_assert_ntstatus_ok_goto(tctx, status, bret, done,
504 "Failed to connect SAMR pipe");
505
506 net_ctx->samr.samr_handle = net_ctx->samr.pipe->binding_handle;
507
508 /* connect LSARPC pipe */
509 status = torture_rpc_connection(tctx,
510 &net_ctx->lsa.pipe,
511 &ndr_table_lsarpc);
512 torture_assert_ntstatus_ok_goto(tctx, status, bret, done,
513 "Failed to connect LSA pipe");
514
515 net_ctx->lsa.lsa_handle = net_ctx->lsa.pipe->binding_handle;
516 }
517
518 *_net_ctx = net_ctx;
519
520 done:
521 if (!bret) {
522 /* a previous call has failed,
523 * clean up memory before exit */
524 talloc_free(net_ctx);
525 }
526 return bret;
527 }
528
529
530 void msg_handler(struct monitor_msg *m)
531 {
532 struct msg_rpc_open_user *msg_open;
533 struct msg_rpc_query_user *msg_query;
534 struct msg_rpc_close_user *msg_close;
535 struct msg_rpc_create_user *msg_create;
536
537 switch (m->type) {
538 case mon_SamrOpenUser:
539 msg_open = (struct msg_rpc_open_user*)m->data;
540 printf("monitor_msg: user opened (rid=%d, access_mask=0x%08x)\n",
541 msg_open->rid, msg_open->access_mask);
542 break;
543 case mon_SamrQueryUser:
544 msg_query = (struct msg_rpc_query_user*)m->data;
545 printf("monitor_msg: user queried (level=%d)\n", msg_query->level);
546 break;
547 case mon_SamrCloseUser:
548 msg_close = (struct msg_rpc_close_user*)m->data;
549 printf("monitor_msg: user closed (rid=%d)\n", msg_close->rid);
550 break;
551 case mon_SamrCreateUser:
552 msg_create = (struct msg_rpc_create_user*)m->data;
553 printf("monitor_msg: user created (rid=%d)\n", msg_create->rid);
554 break;
555 }
556 }
reg import