search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ECLIPSE + PyDev Project
[Samba/kamenim.git] / source4 / torture / libnet / libnet_domain.c
blobfc45c4efa77b60de88ba62b2b2c39054c043d3b5
1 /*
2 Unix SMB/CIFS implementation.
3 Test suite for libnet calls.
4
5 Copyright (C) Rafal Szczesniak 2006
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21
22 #include "includes.h"
23 #include "lib/cmdline/popt_common.h"
24 #include "libnet/libnet.h"
25 #include "librpc/gen_ndr/ndr_samr_c.h"
26 #include "librpc/gen_ndr/ndr_lsa_c.h"
27 #include "torture/rpc/rpc.h"
28 #include "param/param.h"
29
30
31 static bool test_opendomain_samr(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
32 struct policy_handle *handle, struct lsa_String *domname,
33 uint32_t *access_mask, struct dom_sid **sid_p)
34 {
35 NTSTATUS status;
36 struct policy_handle h, domain_handle;
37 struct samr_Connect r1;
38 struct samr_LookupDomain r2;
39 struct dom_sid2 *sid = NULL;
40 struct samr_OpenDomain r3;
41
42 printf("connecting\n");
43
44 *access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
45
46 r1.in.system_name = 0;
47 r1.in.access_mask = *access_mask;
48 r1.out.connect_handle = &h;
49
50 status = dcerpc_samr_Connect(p, mem_ctx, &r1);
51 if (!NT_STATUS_IS_OK(status)) {
52 printf("Connect failed - %s\n", nt_errstr(status));
53 return false;
54 }
55
56 r2.in.connect_handle = &h;
57 r2.in.domain_name = domname;
58 r2.out.sid = &sid;
59
60 printf("domain lookup on %s\n", domname->string);
61
62 status = dcerpc_samr_LookupDomain(p, mem_ctx, &r2);
63 if (!NT_STATUS_IS_OK(status)) {
64 printf("LookupDomain failed - %s\n", nt_errstr(status));
65 return false;
66 }
67
68 r3.in.connect_handle = &h;
69 r3.in.access_mask = *access_mask;
70 r3.in.sid = *sid_p = *r2.out.sid;
71 r3.out.domain_handle = &domain_handle;
72
73 printf("opening domain\n");
74
75 status = dcerpc_samr_OpenDomain(p, mem_ctx, &r3);
76 if (!NT_STATUS_IS_OK(status)) {
77 printf("OpenDomain failed - %s\n", nt_errstr(status));
78 return false;
79 } else {
80 *handle = domain_handle;
81 }
82
83 return true;
84 }
85
86
87 static bool test_opendomain_lsa(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
88 struct policy_handle *handle, struct lsa_String *domname,
89 uint32_t *access_mask)
90 {
91 NTSTATUS status;
92 struct lsa_OpenPolicy2 open;
93 struct lsa_ObjectAttribute attr;
94 struct lsa_QosInfo qos;
95
96 *access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
97
98 ZERO_STRUCT(attr);
99 ZERO_STRUCT(qos);
100
101 qos.len = 0;
102 qos.impersonation_level = 2;
103 qos.context_mode = 1;
104 qos.effective_only = 0;
105
106 attr.sec_qos = &qos;
107
108 open.in.system_name = domname->string;
109 open.in.attr = &attr;
110 open.in.access_mask = *access_mask;
111 open.out.handle = handle;
112
113 status = dcerpc_lsa_OpenPolicy2(p, mem_ctx, &open);
114 if (!NT_STATUS_IS_OK(status)) {
115 return false;
116 }
117
118 return true;
119 }
120
121 bool torture_domain_open_lsa(struct torture_context *torture)
122 {
123 NTSTATUS status;
124 bool ret = true;
125 struct libnet_context *ctx;
126 struct libnet_DomainOpen r;
127 struct lsa_Close lsa_close;
128 struct policy_handle h;
129 const char *domain_name;
130
131 /* we're accessing domain controller so the domain name should be
132 passed (it's going to be resolved to dc name and address) instead
133 of specific server name. */
134 domain_name = lp_workgroup(torture->lp_ctx);
135
136 ctx = libnet_context_init(torture->ev, torture->lp_ctx);
137 if (ctx == NULL) {
138 d_printf("failed to create libnet context\n");
139 return false;
140 }
141
142 ctx->cred = cmdline_credentials;
143
144 ZERO_STRUCT(r);
145 r.in.type = DOMAIN_LSA;
146 r.in.domain_name = domain_name;
147 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
148
149 status = libnet_DomainOpen(ctx, torture, &r);
150 if (!NT_STATUS_IS_OK(status)) {
151 d_printf("failed to open domain on lsa service: %s\n", nt_errstr(status));
152 ret = false;
153 goto done;
154 }
155
156 ZERO_STRUCT(lsa_close);
157 lsa_close.in.handle = &ctx->lsa.handle;
158 lsa_close.out.handle = &h;
159
160 status = dcerpc_lsa_Close(ctx->lsa.pipe, ctx, &lsa_close);
161 if (!NT_STATUS_IS_OK(status)) {
162 d_printf("failed to close domain on lsa service: %s\n", nt_errstr(status));
163 ret = false;
164 }
165
166 done:
167 talloc_free(ctx);
168 return ret;
169 }
170
171
172 bool torture_domain_close_lsa(struct torture_context *torture)
173 {
174 bool ret = true;
175 NTSTATUS status;
176 TALLOC_CTX *mem_ctx=NULL;
177 struct libnet_context *ctx;
178 struct lsa_String domain_name;
179 struct dcerpc_binding *binding;
180 uint32_t access_mask;
181 struct policy_handle h;
182 struct dcerpc_pipe *p;
183 struct libnet_DomainClose r;
184
185 status = torture_rpc_binding(torture, &binding);
186 if (!NT_STATUS_IS_OK(status)) {
187 return false;
188 }
189
190 ctx = libnet_context_init(torture->ev, torture->lp_ctx);
191 if (ctx == NULL) {
192 d_printf("failed to create libnet context\n");
193 ret = false;
194 goto done;
195 }
196
197 ctx->cred = cmdline_credentials;
198
199 mem_ctx = talloc_init("torture_domain_close_lsa");
200 status = dcerpc_pipe_connect_b(mem_ctx, &p, binding, &ndr_table_lsarpc,
201 cmdline_credentials, torture->ev, torture->lp_ctx);
202 if (!NT_STATUS_IS_OK(status)) {
203 d_printf("failed to connect to server: %s\n", nt_errstr(status));
204 ret = false;
205 goto done;
206 }
207
208 domain_name.string = lp_workgroup(torture->lp_ctx);
209
210 if (!test_opendomain_lsa(p, torture, &h, &domain_name, &access_mask)) {
211 d_printf("failed to open domain on lsa service\n");
212 ret = false;
213 goto done;
214 }
215
216 ctx->lsa.pipe = p;
217 ctx->lsa.name = domain_name.string;
218 ctx->lsa.access_mask = access_mask;
219 ctx->lsa.handle = h;
220 /* we have to use pipe's event context, otherwise the call will
221 hang indefinitely */
222 ctx->event_ctx = p->conn->event_ctx;
223
224 ZERO_STRUCT(r);
225 r.in.type = DOMAIN_LSA;
226 r.in.domain_name = domain_name.string;
227
228 status = libnet_DomainClose(ctx, mem_ctx, &r);
229 if (!NT_STATUS_IS_OK(status)) {
230 ret = false;
231 goto done;
232 }
233
234 done:
235 talloc_free(mem_ctx);
236 talloc_free(ctx);
237 return ret;
238 }
239
240
241 bool torture_domain_open_samr(struct torture_context *torture)
242 {
243 NTSTATUS status;
244 struct libnet_context *ctx;
245 TALLOC_CTX *mem_ctx;
246 struct policy_handle domain_handle, handle;
247 struct libnet_DomainOpen io;
248 struct samr_Close r;
249 const char *domain_name;
250 bool ret = true;
251
252 mem_ctx = talloc_init("test_domainopen_lsa");
253
254 ctx = libnet_context_init(torture->ev, torture->lp_ctx);
255 ctx->cred = cmdline_credentials;
256
257 /* we're accessing domain controller so the domain name should be
258 passed (it's going to be resolved to dc name and address) instead
259 of specific server name. */
260 domain_name = lp_workgroup(torture->lp_ctx);
261
262 /*
263 * Testing synchronous version
264 */
265 printf("opening domain\n");
266
267 io.in.type = DOMAIN_SAMR;
268 io.in.domain_name = domain_name;
269 io.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
270
271 status = libnet_DomainOpen(ctx, mem_ctx, &io);
272 if (!NT_STATUS_IS_OK(status)) {
273 printf("Composite domain open failed - %s\n", nt_errstr(status));
274 ret = false;
275 goto done;
276 }
277
278 domain_handle = ctx->samr.handle;
279
280 r.in.handle = &domain_handle;
281 r.out.handle = &handle;
282
283 printf("closing domain handle\n");
284
285 status = dcerpc_samr_Close(ctx->samr.pipe, mem_ctx, &r);
286 if (!NT_STATUS_IS_OK(status)) {
287 printf("Close failed - %s\n", nt_errstr(status));
288 ret = false;
289 goto done;
290 }
291
292 done:
293 talloc_free(mem_ctx);
294 talloc_free(ctx);
295
296 return ret;
297 }
298
299
300 bool torture_domain_close_samr(struct torture_context *torture)
301 {
302 bool ret = true;
303 NTSTATUS status;
304 TALLOC_CTX *mem_ctx = NULL;
305 struct libnet_context *ctx;
306 struct lsa_String domain_name;
307 struct dcerpc_binding *binding;
308 uint32_t access_mask;
309 struct policy_handle h;
310 struct dcerpc_pipe *p;
311 struct libnet_DomainClose r;
312 struct dom_sid *sid;
313
314 status = torture_rpc_binding(torture, &binding);
315 if (!NT_STATUS_IS_OK(status)) {
316 return false;
317 }
318
319 ctx = libnet_context_init(torture->ev, torture->lp_ctx);
320 if (ctx == NULL) {
321 d_printf("failed to create libnet context\n");
322 ret = false;
323 goto done;
324 }
325
326 ctx->cred = cmdline_credentials;
327
328 mem_ctx = talloc_init("torture_domain_close_samr");
329 status = dcerpc_pipe_connect_b(mem_ctx, &p, binding, &ndr_table_samr,
330 ctx->cred, torture->ev, torture->lp_ctx);
331 if (!NT_STATUS_IS_OK(status)) {
332 d_printf("failed to connect to server: %s\n", nt_errstr(status));
333 ret = false;
334 goto done;
335 }
336
337 domain_name.string = talloc_strdup(mem_ctx, lp_workgroup(torture->lp_ctx));
338
339 if (!test_opendomain_samr(p, torture, &h, &domain_name, &access_mask, &sid)) {
340 d_printf("failed to open domain on samr service\n");
341 ret = false;
342 goto done;
343 }
344
345 ctx->samr.pipe = p;
346 ctx->samr.name = talloc_steal(ctx, domain_name.string);
347 ctx->samr.access_mask = access_mask;
348 ctx->samr.handle = h;
349 ctx->samr.sid = talloc_steal(ctx, sid);
350 /* we have to use pipe's event context, otherwise the call will
351 hang indefinitely - this wouldn't be the case if pipe was opened
352 by means of libnet call */
353 ctx->event_ctx = p->conn->event_ctx;
354
355 ZERO_STRUCT(r);
356 r.in.type = DOMAIN_SAMR;
357 r.in.domain_name = domain_name.string;
358
359 status = libnet_DomainClose(ctx, mem_ctx, &r);
360 if (!NT_STATUS_IS_OK(status)) {
361 ret = false;
362 goto done;
363 }
364
365 done:
366 talloc_free(mem_ctx);
367 talloc_free(ctx);
368 return ret;
369 }
370
371
372 bool torture_domain_list(struct torture_context *torture)
373 {
374 bool ret = true;
375 NTSTATUS status;
376 TALLOC_CTX *mem_ctx = NULL;
377 struct dcerpc_binding *binding;
378 struct libnet_context *ctx;
379 struct libnet_DomainList r;
380 int i;
381
382 status = torture_rpc_binding(torture, &binding);
383 if (!NT_STATUS_IS_OK(status)) {
384 return false;
385 }
386
387 ctx = libnet_context_init(torture->ev, torture->lp_ctx);
388 if (ctx == NULL) {
389 d_printf("failed to create libnet context\n");
390 ret = false;
391 goto done;
392 }
393
394 ctx->cred = cmdline_credentials;
395
396 mem_ctx = talloc_init("torture_domain_close_samr");
397
398 /*
399 * querying the domain list using default buffer size
400 */
401
402 ZERO_STRUCT(r);
403 r.in.hostname = binding->host;
404
405 status = libnet_DomainList(ctx, mem_ctx, &r);
406 if (!NT_STATUS_IS_OK(status)) {
407 ret = false;
408 goto done;
409 }
410
411 d_printf("Received list or domains (everything in one piece):\n");
412
413 for (i = 0; i < r.out.count; i++) {
414 d_printf("Name[%d]: %s\n", i, r.out.domains[i].name);
415 }
416
417 /*
418 * querying the domain list using specified (much smaller) buffer size
419 */
420
421 ctx->samr.buf_size = 32;
422
423 ZERO_STRUCT(r);
424 r.in.hostname = binding->host;
425
426 status = libnet_DomainList(ctx, mem_ctx, &r);
427 if (!NT_STATUS_IS_OK(status)) {
428 ret = false;
429 goto done;
430 }
431
432 d_printf("Received list or domains (collected in more than one round):\n");
433
434 for (i = 0; i < r.out.count; i++) {
435 d_printf("Name[%d]: %s\n", i, r.out.domains[i].name);
436 }
437
438 done:
439 d_printf("\nStatus: %s\n", nt_errstr(status));
440
441 talloc_free(mem_ctx);
442 talloc_free(ctx);
443 return ret;
444 }
kamenim's samba4 branches