search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
libcli/cldap: make use of samba_tevent_context_init()
[Samba/gebeck_regimport.git] / source4 / torture / rpc / eventlog.c
blob0d48fc0c269bd07cb9f81b3b4298c518b8aace8f
1 /*
2 Unix SMB/CIFS implementation.
3 test suite for eventlog rpc operations
4
5 Copyright (C) Tim Potter 2003,2005
6 Copyright (C) Jelmer Vernooij 2004
7 Copyright (C) Guenther Deschner 2009
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "librpc/gen_ndr/ndr_eventlog.h"
25 #include "librpc/gen_ndr/ndr_eventlog_c.h"
26 #include "torture/rpc/torture_rpc.h"
27 #include "param/param.h"
28
29 #define TEST_BACKUP_NAME "samrtorturetest"
30
31 static void init_lsa_String(struct lsa_String *name, const char *s)
32 {
33 name->string = s;
34 name->length = 2*strlen_m(s);
35 name->size = name->length;
36 }
37
38 static bool get_policy_handle(struct torture_context *tctx,
39 struct dcerpc_binding_handle *b,
40 struct policy_handle *handle)
41 {
42 struct eventlog_OpenEventLogW r;
43 struct eventlog_OpenUnknown0 unknown0;
44 struct lsa_String logname, servername;
45
46 unknown0.unknown0 = 0x005c;
47 unknown0.unknown1 = 0x0001;
48
49 r.in.unknown0 = &unknown0;
50 init_lsa_String(&logname, "dns server");
51 init_lsa_String(&servername, NULL);
52 r.in.logname = &logname;
53 r.in.servername = &servername;
54 r.in.major_version = 0x00000001;
55 r.in.minor_version = 0x00000001;
56 r.out.handle = handle;
57
58 torture_assert_ntstatus_ok(tctx,
59 dcerpc_eventlog_OpenEventLogW_r(b, tctx, &r),
60 "OpenEventLog failed");
61
62 torture_assert_ntstatus_ok(tctx, r.out.result, "OpenEventLog failed");
63
64 return true;
65 }
66
67
68
69 static bool test_GetNumRecords(struct torture_context *tctx, struct dcerpc_pipe *p)
70 {
71 struct eventlog_GetNumRecords r;
72 struct eventlog_CloseEventLog cr;
73 struct policy_handle handle;
74 uint32_t number = 0;
75 struct dcerpc_binding_handle *b = p->binding_handle;
76
77 if (!get_policy_handle(tctx, b, &handle))
78 return false;
79
80 ZERO_STRUCT(r);
81 r.in.handle = &handle;
82 r.out.number = &number;
83
84 torture_assert_ntstatus_ok(tctx,
85 dcerpc_eventlog_GetNumRecords_r(b, tctx, &r),
86 "GetNumRecords failed");
87 torture_assert_ntstatus_ok(tctx, r.out.result,
88 "GetNumRecords failed");
89 torture_comment(tctx, "%d records\n", *r.out.number);
90
91 cr.in.handle = cr.out.handle = &handle;
92
93 torture_assert_ntstatus_ok(tctx,
94 dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
95 "CloseEventLog failed");
96 torture_assert_ntstatus_ok(tctx, cr.out.result,
97 "CloseEventLog failed");
98 return true;
99 }
100
101 static bool test_ReadEventLog(struct torture_context *tctx,
102 struct dcerpc_pipe *p)
103 {
104 NTSTATUS status;
105 struct eventlog_ReadEventLogW r;
106 struct eventlog_CloseEventLog cr;
107 struct policy_handle handle;
108 struct dcerpc_binding_handle *b = p->binding_handle;
109
110 uint32_t sent_size = 0;
111 uint32_t real_size = 0;
112
113 if (!get_policy_handle(tctx, b, &handle))
114 return false;
115
116 ZERO_STRUCT(r);
117 r.in.offset = 0;
118 r.in.handle = &handle;
119 r.in.flags = 0;
120 r.out.data = NULL;
121 r.out.sent_size = &sent_size;
122 r.out.real_size = &real_size;
123
124 torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_ReadEventLogW_r(b, tctx, &r),
125 "ReadEventLog failed");
126
127 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_PARAMETER,
128 "ReadEventLog failed");
129
130 while (1) {
131 DATA_BLOB blob;
132 struct EVENTLOGRECORD rec;
133 enum ndr_err_code ndr_err;
134 uint32_t size = 0;
135 uint32_t pos = 0;
136
137 /* Read first for number of bytes in record */
138
139 r.in.number_of_bytes = 0;
140 r.in.flags = EVENTLOG_BACKWARDS_READ|EVENTLOG_SEQUENTIAL_READ;
141 r.out.data = NULL;
142 r.out.sent_size = &sent_size;
143 r.out.real_size = &real_size;
144
145 torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_ReadEventLogW_r(b, tctx, &r),
146 "ReadEventLogW failed");
147
148 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_END_OF_FILE)) {
149 /* FIXME: still need to decode then */
150 break;
151 }
152
153 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_BUFFER_TOO_SMALL,
154 "ReadEventLog failed");
155
156 /* Now read the actual record */
157
158 r.in.number_of_bytes = *r.out.real_size;
159 r.out.data = talloc_array(tctx, uint8_t, r.in.number_of_bytes);
160
161 torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_ReadEventLogW_r(b, tctx, &r),
162 "ReadEventLogW failed");
163
164 torture_assert_ntstatus_ok(tctx, r.out.result, "ReadEventLog failed");
165
166 /* Decode a user-marshalled record */
167 size = IVAL(r.out.data, pos);
168
169 while (size > 0) {
170
171 blob = data_blob_const(r.out.data + pos, size);
172 dump_data(0, blob.data, blob.length);
173
174 ndr_err = ndr_pull_struct_blob_all(&blob, tctx, &rec,
175 (ndr_pull_flags_fn_t)ndr_pull_EVENTLOGRECORD);
176 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
177 status = ndr_map_error2ntstatus(ndr_err);
178 torture_assert_ntstatus_ok(tctx, status,
179 "ReadEventLog failed parsing event log record");
180 }
181
182 NDR_PRINT_DEBUG(EVENTLOGRECORD, &rec);
183
184 pos += size;
185
186 if (pos + 4 > *r.out.sent_size) {
187 break;
188 }
189
190 size = IVAL(r.out.data, pos);
191 }
192
193 torture_assert_ntstatus_ok(tctx, r.out.result,
194 "ReadEventLog failed parsing event log record");
195
196 r.in.offset++;
197 }
198
199 cr.in.handle = cr.out.handle = &handle;
200
201 torture_assert_ntstatus_ok(tctx,
202 dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
203 "CloseEventLog failed");
204 torture_assert_ntstatus_ok(tctx, cr.out.result,
205 "CloseEventLog failed");
206
207 return true;
208 }
209
210 static bool test_ReportEventLog(struct torture_context *tctx,
211 struct dcerpc_pipe *p)
212 {
213 struct eventlog_ReportEventW r;
214 struct eventlog_CloseEventLog cr;
215 struct policy_handle handle;
216 struct dcerpc_binding_handle *b = p->binding_handle;
217
218 uint32_t record_number = 0;
219 time_t time_written = 0;
220 struct lsa_String servername, *strings;
221
222 if (!get_policy_handle(tctx, b, &handle))
223 return false;
224
225 init_lsa_String(&servername, NULL);
226
227 strings = talloc_array(tctx, struct lsa_String, 1);
228 init_lsa_String(&strings[0], "Currently tortured by samba 4");
229
230 ZERO_STRUCT(r);
231
232 r.in.handle = &handle;
233 r.in.timestamp = time(NULL);
234 r.in.event_type = EVENTLOG_INFORMATION_TYPE;
235 r.in.event_category = 0;
236 r.in.event_id = 0;
237 r.in.num_of_strings = 1;
238 r.in.data_size = 0;
239 r.in.servername = &servername;
240 r.in.user_sid = NULL;
241 r.in.strings = &strings;
242 r.in.data = NULL;
243 r.in.flags = 0;
244 r.in.record_number = r.out.record_number = &record_number;
245 r.in.time_written = r.out.time_written = &time_written;
246
247 torture_assert_ntstatus_ok(tctx,
248 dcerpc_eventlog_ReportEventW_r(b, tctx, &r),
249 "ReportEventW failed");
250
251 torture_assert_ntstatus_ok(tctx, r.out.result, "ReportEventW failed");
252
253 cr.in.handle = cr.out.handle = &handle;
254
255 torture_assert_ntstatus_ok(tctx,
256 dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
257 "CloseEventLog failed");
258 torture_assert_ntstatus_ok(tctx, cr.out.result,
259 "CloseEventLog failed");
260
261 return true;
262 }
263
264 static bool test_FlushEventLog(struct torture_context *tctx,
265 struct dcerpc_pipe *p)
266 {
267 struct eventlog_FlushEventLog r;
268 struct eventlog_CloseEventLog cr;
269 struct policy_handle handle;
270 struct dcerpc_binding_handle *b = p->binding_handle;
271
272 if (!get_policy_handle(tctx, b, &handle))
273 return false;
274
275 r.in.handle = &handle;
276
277 /* Huh? Does this RPC always return access denied? */
278 torture_assert_ntstatus_ok(tctx,
279 dcerpc_eventlog_FlushEventLog_r(b, tctx, &r),
280 "FlushEventLog failed");
281
282 torture_assert_ntstatus_equal(tctx,
283 r.out.result,
284 NT_STATUS_ACCESS_DENIED,
285 "FlushEventLog failed");
286
287 cr.in.handle = cr.out.handle = &handle;
288
289 torture_assert_ntstatus_ok(tctx,
290 dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
291 "CloseEventLog failed");
292 torture_assert_ntstatus_ok(tctx, cr.out.result,
293 "CloseEventLog failed");
294
295 return true;
296 }
297
298 static bool test_ClearEventLog(struct torture_context *tctx,
299 struct dcerpc_pipe *p)
300 {
301 struct eventlog_ClearEventLogW r;
302 struct eventlog_CloseEventLog cr;
303 struct policy_handle handle;
304 struct dcerpc_binding_handle *b = p->binding_handle;
305
306 if (!get_policy_handle(tctx, b, &handle))
307 return false;
308
309 r.in.handle = &handle;
310 r.in.backupfile = NULL;
311
312 torture_assert_ntstatus_ok(tctx,
313 dcerpc_eventlog_ClearEventLogW_r(b, tctx, &r),
314 "ClearEventLog failed");
315 torture_assert_ntstatus_ok(tctx, r.out.result,
316 "ClearEventLog failed");
317
318 cr.in.handle = cr.out.handle = &handle;
319
320 torture_assert_ntstatus_ok(tctx,
321 dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
322 "CloseEventLog failed");
323 torture_assert_ntstatus_ok(tctx, cr.out.result,
324 "CloseEventLog failed");
325
326 return true;
327 }
328
329 static bool test_GetLogInformation(struct torture_context *tctx,
330 struct dcerpc_pipe *p)
331 {
332 struct eventlog_GetLogInformation r;
333 struct eventlog_CloseEventLog cr;
334 struct policy_handle handle;
335 uint32_t bytes_needed = 0;
336 struct dcerpc_binding_handle *b = p->binding_handle;
337
338 if (!get_policy_handle(tctx, b, &handle))
339 return false;
340
341 r.in.handle = &handle;
342 r.in.level = 1;
343 r.in.buf_size = 0;
344 r.out.buffer = NULL;
345 r.out.bytes_needed = &bytes_needed;
346
347 torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_GetLogInformation_r(b, tctx, &r),
348 "GetLogInformation failed");
349
350 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_LEVEL,
351 "GetLogInformation failed");
352
353 r.in.level = 0;
354
355 torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_GetLogInformation_r(b, tctx, &r),
356 "GetLogInformation failed");
357
358 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_BUFFER_TOO_SMALL,
359 "GetLogInformation failed");
360
361 r.in.buf_size = bytes_needed;
362 r.out.buffer = talloc_array(tctx, uint8_t, bytes_needed);
363
364 torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_GetLogInformation_r(b, tctx, &r),
365 "GetLogInformation failed");
366
367 torture_assert_ntstatus_ok(tctx, r.out.result, "GetLogInformation failed");
368
369 cr.in.handle = cr.out.handle = &handle;
370
371 torture_assert_ntstatus_ok(tctx,
372 dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
373 "CloseEventLog failed");
374 torture_assert_ntstatus_ok(tctx, cr.out.result,
375 "CloseEventLog failed");
376
377 return true;
378 }
379
380
381 static bool test_OpenEventLog(struct torture_context *tctx,
382 struct dcerpc_pipe *p)
383 {
384 struct policy_handle handle;
385 struct eventlog_CloseEventLog cr;
386 struct dcerpc_binding_handle *b = p->binding_handle;
387
388 if (!get_policy_handle(tctx, b, &handle))
389 return false;
390
391 cr.in.handle = cr.out.handle = &handle;
392
393 torture_assert_ntstatus_ok(tctx,
394 dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
395 "CloseEventLog failed");
396 torture_assert_ntstatus_ok(tctx, cr.out.result,
397 "CloseEventLog failed");
398
399 return true;
400 }
401
402 static bool test_BackupLog(struct torture_context *tctx,
403 struct dcerpc_pipe *p)
404 {
405 struct policy_handle handle, backup_handle;
406 struct eventlog_BackupEventLogW r;
407 struct eventlog_OpenBackupEventLogW br;
408 struct eventlog_CloseEventLog cr;
409 const char *tmp;
410 struct lsa_String backup_filename;
411 struct eventlog_OpenUnknown0 unknown0;
412 struct dcerpc_binding_handle *b = p->binding_handle;
413
414 if (torture_setting_bool(tctx, "samba3", false)) {
415 torture_skip(tctx, "skipping BackupLog test against samba");
416 }
417
418 if (!get_policy_handle(tctx, b, &handle))
419 return false;
420
421 tmp = talloc_asprintf(tctx, "C:\\%s", TEST_BACKUP_NAME);
422 init_lsa_String(&backup_filename, tmp);
423
424 r.in.handle = &handle;
425 r.in.backup_filename = &backup_filename;
426
427 torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_BackupEventLogW_r(b, tctx, &r),
428 "BackupEventLogW failed");
429 torture_assert_ntstatus_equal(tctx, r.out.result,
430 NT_STATUS_OBJECT_PATH_SYNTAX_BAD, "BackupEventLogW failed");
431
432 tmp = talloc_asprintf(tctx, "\\??\\C:\\%s", TEST_BACKUP_NAME);
433 init_lsa_String(&backup_filename, tmp);
434
435 r.in.handle = &handle;
436 r.in.backup_filename = &backup_filename;
437
438 torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_BackupEventLogW_r(b, tctx, &r),
439 "BackupEventLogW failed");
440 torture_assert_ntstatus_ok(tctx, r.out.result, "BackupEventLogW failed");
441
442 torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_BackupEventLogW_r(b, tctx, &r),
443 "BackupEventLogW failed");
444 torture_assert_ntstatus_equal(tctx, r.out.result,
445 NT_STATUS_OBJECT_NAME_COLLISION, "BackupEventLogW failed");
446
447 cr.in.handle = cr.out.handle = &handle;
448
449 torture_assert_ntstatus_ok(tctx,
450 dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
451 "BackupLog failed");
452 torture_assert_ntstatus_ok(tctx, cr.out.result,
453 "BackupLog failed");
454
455 unknown0.unknown0 = 0x005c;
456 unknown0.unknown1 = 0x0001;
457
458 br.in.unknown0 = &unknown0;
459 br.in.backup_logname = &backup_filename;
460 br.in.major_version = 1;
461 br.in.minor_version = 1;
462 br.out.handle = &backup_handle;
463
464 torture_assert_ntstatus_ok(tctx, dcerpc_eventlog_OpenBackupEventLogW_r(b, tctx, &br),
465 "OpenBackupEventLogW failed");
466
467 torture_assert_ntstatus_ok(tctx, br.out.result, "OpenBackupEventLogW failed");
468
469 cr.in.handle = cr.out.handle = &backup_handle;
470
471 torture_assert_ntstatus_ok(tctx,
472 dcerpc_eventlog_CloseEventLog_r(b, tctx, &cr),
473 "CloseEventLog failed");
474 torture_assert_ntstatus_ok(tctx, cr.out.result,
475 "CloseEventLog failed");
476
477 return true;
478 }
479
480 struct torture_suite *torture_rpc_eventlog(TALLOC_CTX *mem_ctx)
481 {
482 struct torture_suite *suite;
483 struct torture_rpc_tcase *tcase;
484 struct torture_test *test;
485
486 suite = torture_suite_create(mem_ctx, "eventlog");
487 tcase = torture_suite_add_rpc_iface_tcase(suite, "eventlog",
488 &ndr_table_eventlog);
489
490 torture_rpc_tcase_add_test(tcase, "OpenEventLog", test_OpenEventLog);
491 test = torture_rpc_tcase_add_test(tcase, "ClearEventLog",
492 test_ClearEventLog);
493 test->dangerous = true;
494 torture_rpc_tcase_add_test(tcase, "GetNumRecords", test_GetNumRecords);
495 torture_rpc_tcase_add_test(tcase, "ReadEventLog", test_ReadEventLog);
496 torture_rpc_tcase_add_test(tcase, "ReportEventLog", test_ReportEventLog);
497 torture_rpc_tcase_add_test(tcase, "FlushEventLog", test_FlushEventLog);
498 torture_rpc_tcase_add_test(tcase, "GetLogIntormation", test_GetLogInformation);
499 torture_rpc_tcase_add_test(tcase, "BackupLog", test_BackupLog);
500
501 return suite;
502 }
reg import