source4/torture/rpc/schannel.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    test suite for schannel operations
   5
   6    Copyright (C) Andrew Tridgell 2004
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 2 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program; if not, write to the Free Software
  20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  21 */
  22
  23 #include "includes.h"
  24 #include "librpc/gen_ndr/ndr_samr.h"
  25 #include "librpc/gen_ndr/ndr_netlogon.h"
  26
  27 #define TEST_MACHINE_NAME "schanneltest"
  28
  29 /*
  30   do some samr ops using the schannel connection
  31  */
  32 static BOOL test_samr_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
  33 {
  34         NTSTATUS status;
  35         struct samr_GetDomPwInfo r;
  36         int i;
  37         struct samr_String name;
  38
  39         name.string = lp_workgroup();
  40         r.in.name = &name;
  41
  42         printf("Testing GetDomPwInfo with name %s\n", r.in.name->string);
  43
  44         /* do several ops to test credential chaining */
  45         for (i=0;i<5;i++) {
  46                 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
  47                 if (!NT_STATUS_IS_OK(status)) {
  48                         printf("GetDomPwInfo op %d failed - %s\n", i, nt_errstr(status));
  49                         return False;
  50                 }
  51         }
  52
  53         return True;
  54 }
  55
  56
  57 /*
  58   try a netlogon SamLogon
  59 */
  60 static BOOL test_netlogon_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
  61                                   struct creds_CredentialState *creds)
  62 {
  63         NTSTATUS status;
  64         struct netr_LogonSamLogon r;
  65         struct netr_Authenticator auth, auth2;
  66         struct netr_NetworkInfo ninfo;
  67         const char *username = lp_parm_string(-1, "torture", "username");
  68         const char *password = lp_parm_string(-1, "torture", "password");
  69
  70         int i;
  71         BOOL ret = True;
  72
  73         ninfo.identity_info.domain_name.string = lp_workgroup();
  74         ninfo.identity_info.parameter_control = 0;
  75         ninfo.identity_info.logon_id_low = 0;
  76         ninfo.identity_info.logon_id_high = 0;
  77         ninfo.identity_info.account_name.string = username;
  78         ninfo.identity_info.workstation.string = TEST_MACHINE_NAME;
  79         generate_random_buffer(ninfo.challenge,
  80                                sizeof(ninfo.challenge));
  81         ninfo.nt.length = 24;
  82         ninfo.nt.data = talloc_size(mem_ctx, 24);
  83         SMBNTencrypt(password, ninfo.challenge, ninfo.nt.data);
  84         ninfo.lm.length = 24;
  85         ninfo.lm.data = talloc_size(mem_ctx, 24);
  86         SMBencrypt(password, ninfo.challenge, ninfo.lm.data);
  87
  88
  89         r.in.server_name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
  90         r.in.workstation = TEST_MACHINE_NAME;
  91         r.in.credential = &auth;
  92         r.in.return_authenticator = &auth2;
  93         r.in.logon_level = 2;
  94         r.in.logon.network = &ninfo;
  95
  96         for (i=2;i<3;i++) {
  97                 ZERO_STRUCT(auth2);
  98                 creds_client_authenticator(creds, &auth);
  99
 100                 r.in.validation_level = i;
 101
 102                 status = dcerpc_netr_LogonSamLogon(p, mem_ctx, &r);
 103
 104                 if (!creds_client_check(creds, &r.out.return_authenticator->cred)) {
 105                         printf("Credential chaining failed\n");
 106                         ret = False;
 107                 }
 108
 109         }
 110                 return ret;
 111 }
 112
 113 /*
 114   test a schannel connection with the given flags
 115  */
 116 static BOOL test_schannel(TALLOC_CTX *mem_ctx,
 117                           uint16 acct_flags, uint32 dcerpc_flags,
 118                           uint32 schannel_type)
 119 {
 120         void *join_ctx;
 121         const char *machine_password;
 122         NTSTATUS status;
 123         const char *binding = lp_parm_string(-1, "torture", "binding");
 124         struct dcerpc_binding b;
 125         struct dcerpc_pipe *p;
 126         struct dcerpc_pipe *p_netlogon;
 127         struct creds_CredentialState *creds;
 128
 129         join_ctx = torture_join_domain(TEST_MACHINE_NAME, lp_workgroup(), acct_flags,
 130                                        &machine_password);
 131         if (!join_ctx) {
 132                 printf("Failed to join domain with acct_flags=0x%x\n", acct_flags);
 133                 return False;
 134         }
 135
 136         status = dcerpc_parse_binding(mem_ctx, binding, &b);
 137         if (!NT_STATUS_IS_OK(status)) {
 138                 printf("Bad binding string %s\n", binding);
 139                 goto failed;
 140         }
 141
 142         b.flags &= ~DCERPC_AUTH_OPTIONS;
 143         b.flags |= dcerpc_flags;
 144
 145         status = dcerpc_pipe_connect_b(&p, &b,
 146                                        DCERPC_SAMR_UUID,
 147                                        DCERPC_SAMR_VERSION,
 148                                        lp_workgroup(),
 149                                        TEST_MACHINE_NAME,
 150                                        machine_password);
 151         if (!NT_STATUS_IS_OK(status)) {
 152                 printf("Failed to connect with schannel\n");
 153                 goto failed;
 154         }
 155
 156         if (!test_samr_ops(p, mem_ctx)) {
 157                 printf("Failed to process schannel secured ops\n");
 158                 goto failed;
 159         }
 160
 161
 162         status = dcerpc_parse_binding(mem_ctx, binding, &b);
 163         if (!NT_STATUS_IS_OK(status)) {
 164                 printf("Bad binding string %s\n", binding);
 165                 goto failed;
 166         }
 167
 168
 169         /* Also test that when we connect to the netlogon pipe, that
 170          * the credentials we setup on the first pipe are valid for
 171          * the second */
 172
 173         b.flags &= ~DCERPC_AUTH_OPTIONS;
 174         b.flags |= dcerpc_flags;
 175
 176         status = dcerpc_pipe_connect_b(&p_netlogon, &b,
 177                                        DCERPC_NETLOGON_UUID,
 178                                        DCERPC_NETLOGON_VERSION,
 179                                        lp_workgroup(),
 180                                        TEST_MACHINE_NAME,
 181                                        machine_password);
 182
 183         if (!NT_STATUS_IS_OK(status)) {
 184                 goto failed;
 185         }
 186
 187         status = dcerpc_schannel_creds(p_netlogon->security_state.generic_state, mem_ctx, &creds);
 188         if (!NT_STATUS_IS_OK(status)) {
 189                 goto failed;
 190         }
 191
 192         /* do a couple of logins */
 193         if (!test_netlogon_ops(p_netlogon, mem_ctx, creds)) {
 194                 printf("Failed to process schannel secured ops\n");
 195                 goto failed;
 196         }
 197
 198         torture_leave_domain(join_ctx);
 199         dcerpc_pipe_close(p_netlogon);
 200         dcerpc_pipe_close(p);
 201         return True;
 202
 203 failed:
 204         torture_leave_domain(join_ctx);
 205         dcerpc_pipe_close(p_netlogon);
 206         dcerpc_pipe_close(p);
 207         return False;
 208 }
 209
 210 /*
 211   a schannel test suite
 212  */
 213 BOOL torture_rpc_schannel(void)
 214 {
 215         TALLOC_CTX *mem_ctx;
 216         BOOL ret = True;
 217         struct {
 218                 uint16 acct_flags;
 219                 uint32 dcerpc_flags;
 220                 uint32 schannel_type;
 221         } tests[] = {
 222                 { ACB_WSTRUST,   DCERPC_SCHANNEL_WORKSTATION | DCERPC_SIGN,                       3 },
 223                 { ACB_WSTRUST,   DCERPC_SCHANNEL_WORKSTATION | DCERPC_SEAL,                       3 },
 224                 { ACB_WSTRUST,   DCERPC_SCHANNEL_WORKSTATION | DCERPC_SIGN | DCERPC_SCHANNEL_128, 3 },
 225                 { ACB_WSTRUST,   DCERPC_SCHANNEL_WORKSTATION | DCERPC_SEAL | DCERPC_SCHANNEL_128, 3 },
 226                 { ACB_SVRTRUST,  DCERPC_SCHANNEL_BDC | DCERPC_SIGN,                               3 },
 227                 { ACB_SVRTRUST,  DCERPC_SCHANNEL_BDC | DCERPC_SEAL,                               3 },
 228                 { ACB_SVRTRUST,  DCERPC_SCHANNEL_BDC | DCERPC_SIGN | DCERPC_SCHANNEL_128,         3 },
 229                 { ACB_SVRTRUST,  DCERPC_SCHANNEL_BDC | DCERPC_SEAL | DCERPC_SCHANNEL_128,         3 }
 230         };
 231         int i;
 232
 233         mem_ctx = talloc_init("torture_rpc_schannel");
 234
 235         for (i=0;i<ARRAY_SIZE(tests);i++) {
 236                 if (!test_schannel(mem_ctx,
 237                                    tests[i].acct_flags, tests[i].dcerpc_flags, tests[i].schannel_type)) {
 238                         printf("Failed with acct_flags=0x%x dcerpc_flags=0x%x schannel_type=%d\n",
 239                                tests[i].acct_flags, tests[i].dcerpc_flags, tests[i].schannel_type);
 240                         ret = False;
 241                         break;
 242                 }
 243         }
 244
 245         talloc_free(mem_ctx);
 246
 247         return ret;
 248 }