r14464: Don't include ndr_BASENAME.h files unless strictly required, instead

[kai/samba-autobuild/.git] / source4 / torture / rpc / testjoin.c

diff --git a/source4/torture/rpc/testjoin.c b/source4/torture/rpc/testjoin.c
index 7c62353f539e4c369c443e2e1a5f4bb025274fa8..76fe3ec2ae9b16859ed8bfbf5f24bbbd9e5790a0 100644 (file)
--- a/source4/torture/rpc/testjoin.c
+++ b/source4/torture/rpc/testjoin.c
@@ -26,19 +26,26 @@
 */
 
 #include "includes.h"
-#include "librpc/gen_ndr/ndr_samr.h"
+#include "torture/torture.h"
 #include "system/time.h"
 #include "lib/crypto/crypto.h"
 #include "libnet/libnet.h"
 #include "lib/cmdline/popt_common.h"
+#include "smb.h"
 #include "lib/ldb/include/ldb.h"
+#include "librpc/gen_ndr/ndr_samr.h"
+#include "librpc/gen_ndr/ndr_samr_c.h"
 
+#include "libcli/auth/libcli_auth.h"
+#include "torture/rpc/rpc.h"
+#include "libcli/security/proto.h"
 
 struct test_join {
        struct dcerpc_pipe *p;
        struct policy_handle user_handle;
        struct libnet_JoinDomain *libnet_r;
-       const char *dom_sid;
+       struct dom_sid *dom_sid;
+       struct dom_sid *user_sid;
 };
 
 
@@ -112,8 +119,6 @@ struct test_join *torture_create_testuser(const char *username,
        uint32_t rid;
        DATA_BLOB session_key;
        struct lsa_String name;
-       struct lsa_String comment;
-       struct lsa_String full_name;
        
        int policy_min_pw_len = 0;
        struct test_join *join;
@@ -130,9 +135,7 @@ struct test_join *torture_create_testuser(const char *username,
 
        status = torture_rpc_connection(join, 
                                        &join->p, 
-                                       DCERPC_SAMR_NAME,
-                                       DCERPC_SAMR_UUID,
-                                       DCERPC_SAMR_VERSION);
+                                       &dcerpc_table_samr);
        if (!NT_STATUS_IS_OK(status)) {
                return NULL;
        }
@@ -163,7 +166,8 @@ struct test_join *torture_create_testuser(const char *username,
                goto failed;
        }
 
-       join->dom_sid = dom_sid_string(join, l.out.sid);
+       talloc_steal(join, l.out.sid);
+       join->dom_sid = l.out.sid;
 
        o.in.connect_handle = &handle;
        o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
@@ -202,6 +206,8 @@ again:
                goto failed;
        }
 
+       join->user_sid = dom_sid_add_rid(join, join->dom_sid, rid);
+
        pwp.in.user_handle = &join->user_handle;
 
        status = dcerpc_samr_GetUserPwInfo(join->p, join, &pwp);
@@ -243,15 +249,15 @@ again:
 
        u.info21.acct_flags = acct_type;
        u.info21.fields_present = SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_DESCRIPTION | SAMR_FIELD_COMMENT | SAMR_FIELD_FULL_NAME;
-       comment.string = talloc_asprintf(join, 
-                                        "Tortured by Samba4: %s", 
-                                        timestring(join, time(NULL)));
-       u.info21.comment = comment;
-       full_name.string = talloc_asprintf(join, 
-                                        "Torture account for Samba4: %s", 
-                                        timestring(join, time(NULL)));
-       u.info21.full_name = full_name;
 
+       u.info21.comment.string = talloc_asprintf(join, 
+                                                 "Tortured by Samba4: %s", 
+                                                 timestring(join, time(NULL)));
+       
+       u.info21.full_name.string = talloc_asprintf(join, 
+                                                   "Torture account for Samba4: %s", 
+                                                   timestring(join, time(NULL)));
+       
        u.info21.description.string = talloc_asprintf(join, 
                                         "Samba4 torture account created by host %s: %s", 
                                         lp_netbios_name(), timestring(join, time(NULL)));
@@ -278,7 +284,7 @@ failed:
 
 struct test_join *torture_join_domain(const char *machine_name, 
                                      uint32_t acct_flags,
-                                     const char **machine_password)
+                                     struct cli_credentials **machine_credentials)
 {
        NTSTATUS status;
        struct libnet_context *libnet_ctx;
@@ -286,8 +292,6 @@ struct test_join *torture_join_domain(const char *machine_name,
        struct test_join *tj;
        struct samr_SetUserInfo s;
        union samr_UserInfo u;
-       struct lsa_String comment;
-       struct lsa_String full_name;
        
        tj = talloc(NULL, struct test_join);
        if (!tj) return NULL;
@@ -308,6 +312,9 @@ struct test_join *torture_join_domain(const char *machine_name,
                
        libnet_ctx->cred = cmdline_credentials;
        libnet_r->in.binding = lp_parm_string(-1, "torture", "binding");
+       if (!libnet_r->in.binding) {
+               libnet_r->in.binding = talloc_asprintf(libnet_r, "ncacn_np:%s", lp_parm_string(-1, "torture", "host"));
+       }
        libnet_r->in.level = LIBNET_JOINDOMAIN_SPECIFIED;
        libnet_r->in.netbios_name = machine_name;
        libnet_r->in.account_name = talloc_asprintf(libnet_r, "%s$", machine_name);
@@ -317,17 +324,22 @@ struct test_join *torture_join_domain(const char *machine_name,
        }
        
        libnet_r->in.acct_type = acct_flags;
+       libnet_r->in.recreate_account = True;
 
        status = libnet_JoinDomain(libnet_ctx, libnet_r, libnet_r);
        if (!NT_STATUS_IS_OK(status)) {
-               DEBUG(0, ("Domain join failed - %s.\n", nt_errstr(status)));
+               if (libnet_r->out.error_string) {
+                       DEBUG(0, ("Domain join failed - %s.\n", libnet_r->out.error_string));
+               } else {
+                       DEBUG(0, ("Domain join failed - %s.\n", nt_errstr(status)));
+               }
                talloc_free(tj);
                 return NULL;
        }
        tj->p = libnet_r->out.samr_pipe;
        tj->user_handle = *libnet_r->out.user_handle;
-       tj->dom_sid = dom_sid_string(tj, libnet_r->out.domain_sid);
-       *machine_password = libnet_r->out.join_password;
+       tj->dom_sid = libnet_r->out.domain_sid;
+       talloc_steal(tj, libnet_r->out.domain_sid);
 
        ZERO_STRUCT(u);
        s.in.user_handle = &tj->user_handle;
@@ -335,15 +347,13 @@ struct test_join *torture_join_domain(const char *machine_name,
        s.in.level = 21;
 
        u.info21.fields_present = SAMR_FIELD_DESCRIPTION | SAMR_FIELD_COMMENT | SAMR_FIELD_FULL_NAME;
-       comment.string = talloc_asprintf(tj, 
-                                        "Tortured by Samba4: %s", 
-                                        timestring(tj, time(NULL)));
-       u.info21.comment = comment;
-       full_name.string = talloc_asprintf(tj, 
-                                        "Torture account for Samba4: %s", 
-                                        timestring(tj, time(NULL)));
-       u.info21.full_name = full_name;
-
+       u.info21.comment.string = talloc_asprintf(tj, 
+                                                 "Tortured by Samba4: %s", 
+                                                 timestring(tj, time(NULL)));
+       u.info21.full_name.string = talloc_asprintf(tj, 
+                                                   "Torture account for Samba4: %s", 
+                                                   timestring(tj, time(NULL)));
+       
        u.info21.description.string = talloc_asprintf(tj, 
                                                      "Samba4 torture account created by host %s: %s", 
                                                      lp_netbios_name(), timestring(tj, time(NULL)));
@@ -353,10 +363,26 @@ struct test_join *torture_join_domain(const char *machine_name,
                printf("SetUserInfo (non-critical) failed - %s\n", nt_errstr(status));
        }
 
-       DEBUG(0, ("%s joined domain %s (%s).\n", 
-                 libnet_r->in.netbios_name, 
-                 libnet_r->out.domain_name, 
-                 tj->dom_sid));
+       *machine_credentials = cli_credentials_init(tj);
+       cli_credentials_set_conf(*machine_credentials);
+       cli_credentials_set_workstation(*machine_credentials, machine_name, CRED_SPECIFIED);
+       cli_credentials_set_domain(*machine_credentials, libnet_r->out.domain_name, CRED_SPECIFIED);
+       if (libnet_r->out.realm) {
+               cli_credentials_set_realm(*machine_credentials, libnet_r->out.realm, CRED_SPECIFIED);
+       }
+       cli_credentials_set_username(*machine_credentials, libnet_r->in.account_name, CRED_SPECIFIED);
+       cli_credentials_set_password(*machine_credentials, libnet_r->out.join_password, CRED_SPECIFIED);
+       if (acct_flags & ACB_SVRTRUST) {
+               cli_credentials_set_secure_channel_type(*machine_credentials,
+                                                       SEC_CHAN_BDC);
+       } else if (acct_flags & ACB_WSTRUST) {
+               cli_credentials_set_secure_channel_type(*machine_credentials,
+                                                       SEC_CHAN_WKSTA);
+       } else {
+               DEBUG(0, ("Invalid account type specificed to torture_join_domain\n"));
+               talloc_free(*machine_credentials);
+               return NULL;
+       }
 
        return tj;
 }
@@ -373,7 +399,6 @@ struct policy_handle *torture_join_samr_user_policy(struct test_join *join)
 
 NTSTATUS torture_leave_ads_domain(TALLOC_CTX *mem_ctx, struct libnet_JoinDomain *libnet_r)
 {
-       NTSTATUS status;
        int rtn;
        TALLOC_CTX *tmp_ctx;
 
@@ -432,7 +457,7 @@ NTSTATUS torture_leave_ads_domain(TALLOC_CTX *mem_ctx, struct libnet_JoinDomain
        DEBUG(0, ("%s removed successfully.\n", libnet_r->out.server_dn_str));
 
        talloc_free(tmp_ctx); 
-       return status;
+       return NT_STATUS_OK;
 }
 
 /*
@@ -468,11 +493,16 @@ void torture_leave_domain(struct test_join *join)
 /*
   return the dom sid for a test join
 */
-const char *torture_join_sid(struct test_join *join)
+const struct dom_sid *torture_join_sid(struct test_join *join)
 {
        return join->dom_sid;
 }
 
+const struct dom_sid *torture_join_user_sid(struct test_join *join)
+{
+       return join->user_sid;
+}
+
 
 struct test_join_ads_dc {
        struct test_join *join;
@@ -480,7 +510,7 @@ struct test_join_ads_dc {
 
 struct test_join_ads_dc *torture_join_domain_ads_dc(const char *machine_name, 
                                                    const char *domain,
-                                                   const char **machine_password)
+                                                   struct cli_credentials **machine_credentials)
 {
        struct test_join_ads_dc *join;
 
@@ -491,7 +521,7 @@ struct test_join_ads_dc *torture_join_domain_ads_dc(const char *machine_name,
 
        join->join = torture_join_domain(machine_name, 
                                        ACB_SVRTRUST,
-                                       machine_password);
+                                       machine_credentials);
 
        if (!join->join) {
                return NULL;