2 Unix SMB/CIFS implementation.
3 test suite for lsa rpc operations
5 Copyright (C) Andrew Tridgell 2003
6 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "torture/torture.h"
24 #include "librpc/gen_ndr/ndr_lsa_c.h"
25 #include "librpc/gen_ndr/netlogon.h"
26 #include "lib/events/events.h"
27 #include "libcli/security/security.h"
28 #include "libcli/auth/libcli_auth.h"
29 #include "torture/rpc/rpc.h"
30 #include "param/param.h"
32 static void init_lsa_String(struct lsa_String *name, const char *s)
37 static BOOL test_OpenPolicy(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
39 struct lsa_ObjectAttribute attr;
40 struct policy_handle handle;
41 struct lsa_QosInfo qos;
42 struct lsa_OpenPolicy r;
44 uint16_t system_name = '\\';
46 printf("\ntesting OpenPolicy\n");
49 qos.impersonation_level = 2;
51 qos.effective_only = 0;
55 attr.object_name = NULL;
60 r.in.system_name = &system_name;
62 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
63 r.out.handle = &handle;
65 status = dcerpc_lsa_OpenPolicy(p, mem_ctx, &r);
66 if (!NT_STATUS_IS_OK(status)) {
67 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) ||
68 NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) {
69 printf("not considering %s to be an error\n", nt_errstr(status));
72 printf("OpenPolicy failed - %s\n", nt_errstr(status));
80 BOOL test_lsa_OpenPolicy2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
81 struct policy_handle **handle)
83 struct lsa_ObjectAttribute attr;
84 struct lsa_QosInfo qos;
85 struct lsa_OpenPolicy2 r;
88 printf("\ntesting OpenPolicy2\n");
90 *handle = talloc(mem_ctx, struct policy_handle);
96 qos.impersonation_level = 2;
98 qos.effective_only = 0;
101 attr.root_dir = NULL;
102 attr.object_name = NULL;
104 attr.sec_desc = NULL;
107 r.in.system_name = "\\";
109 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
110 r.out.handle = *handle;
112 status = dcerpc_lsa_OpenPolicy2(p, mem_ctx, &r);
113 if (!NT_STATUS_IS_OK(status)) {
114 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) ||
115 NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) {
116 printf("not considering %s to be an error\n", nt_errstr(status));
117 talloc_free(*handle);
121 printf("OpenPolicy2 failed - %s\n", nt_errstr(status));
128 static BOOL test_LookupNames(struct dcerpc_pipe *p,
130 struct policy_handle *handle,
131 struct lsa_TransNameArray *tnames)
133 struct lsa_LookupNames r;
134 struct lsa_TransSidArray sids;
135 struct lsa_String *names;
140 printf("\nTesting LookupNames with %d names\n", tnames->count);
145 names = talloc_array(mem_ctx, struct lsa_String, tnames->count);
146 for (i=0;i<tnames->count;i++) {
147 init_lsa_String(&names[i], tnames->names[i].name.string);
150 r.in.handle = handle;
151 r.in.num_names = tnames->count;
156 r.out.count = &count;
159 status = dcerpc_lsa_LookupNames(p, mem_ctx, &r);
160 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
161 printf("LookupNames failed - %s\n", nt_errstr(status));
170 static BOOL test_LookupNames2(struct dcerpc_pipe *p,
172 struct policy_handle *handle,
173 struct lsa_TransNameArray2 *tnames)
175 struct lsa_LookupNames2 r;
176 struct lsa_TransSidArray2 sids;
177 struct lsa_String *names;
182 printf("\nTesting LookupNames2 with %d names\n", tnames->count);
187 names = talloc_array(mem_ctx, struct lsa_String, tnames->count);
188 for (i=0;i<tnames->count;i++) {
189 init_lsa_String(&names[i], tnames->names[i].name.string);
192 r.in.handle = handle;
193 r.in.num_names = tnames->count;
200 r.out.count = &count;
203 status = dcerpc_lsa_LookupNames2(p, mem_ctx, &r);
204 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
205 printf("LookupNames2 failed - %s\n", nt_errstr(status));
215 static BOOL test_LookupNames3(struct dcerpc_pipe *p,
217 struct policy_handle *handle,
218 struct lsa_TransNameArray2 *tnames)
220 struct lsa_LookupNames3 r;
221 struct lsa_TransSidArray3 sids;
222 struct lsa_String *names;
227 printf("\nTesting LookupNames3 with %d names\n", tnames->count);
232 names = talloc_array(mem_ctx, struct lsa_String, tnames->count);
233 for (i=0;i<tnames->count;i++) {
234 init_lsa_String(&names[i], tnames->names[i].name.string);
237 r.in.handle = handle;
238 r.in.num_names = tnames->count;
245 r.out.count = &count;
248 status = dcerpc_lsa_LookupNames3(p, mem_ctx, &r);
249 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
250 printf("LookupNames3 failed - %s\n", nt_errstr(status));
259 static BOOL test_LookupNames4(struct dcerpc_pipe *p,
261 struct lsa_TransNameArray2 *tnames)
263 struct lsa_LookupNames4 r;
264 struct lsa_TransSidArray3 sids;
265 struct lsa_String *names;
270 printf("\nTesting LookupNames4 with %d names\n", tnames->count);
275 names = talloc_array(mem_ctx, struct lsa_String, tnames->count);
276 for (i=0;i<tnames->count;i++) {
277 init_lsa_String(&names[i], tnames->names[i].name.string);
280 r.in.num_names = tnames->count;
287 r.out.count = &count;
290 status = dcerpc_lsa_LookupNames4(p, mem_ctx, &r);
291 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
292 printf("LookupNames4 failed - %s\n", nt_errstr(status));
302 static BOOL test_LookupSids(struct dcerpc_pipe *p,
304 struct policy_handle *handle,
305 struct lsa_SidArray *sids)
307 struct lsa_LookupSids r;
308 struct lsa_TransNameArray names;
309 uint32_t count = sids->num_sids;
312 printf("\nTesting LookupSids\n");
317 r.in.handle = handle;
322 r.out.count = &count;
323 r.out.names = &names;
325 status = dcerpc_lsa_LookupSids(p, mem_ctx, &r);
326 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
327 printf("LookupSids failed - %s\n", nt_errstr(status));
333 if (!test_LookupNames(p, mem_ctx, handle, &names)) {
341 static BOOL test_LookupSids2(struct dcerpc_pipe *p,
343 struct policy_handle *handle,
344 struct lsa_SidArray *sids)
346 struct lsa_LookupSids2 r;
347 struct lsa_TransNameArray2 names;
348 uint32_t count = sids->num_sids;
351 printf("\nTesting LookupSids2\n");
356 r.in.handle = handle;
363 r.out.count = &count;
364 r.out.names = &names;
366 status = dcerpc_lsa_LookupSids2(p, mem_ctx, &r);
367 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
368 printf("LookupSids2 failed - %s\n", nt_errstr(status));
374 if (!test_LookupNames2(p, mem_ctx, handle, &names)) {
378 if (!test_LookupNames3(p, mem_ctx, handle, &names)) {
385 static BOOL test_LookupSids3(struct dcerpc_pipe *p,
387 struct lsa_SidArray *sids)
389 struct lsa_LookupSids3 r;
390 struct lsa_TransNameArray2 names;
391 uint32_t count = sids->num_sids;
394 printf("\nTesting LookupSids3\n");
405 r.out.count = &count;
406 r.out.names = &names;
408 status = dcerpc_lsa_LookupSids3(p, mem_ctx, &r);
409 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
410 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) ||
411 NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) {
412 printf("not considering %s to be an error\n", nt_errstr(status));
415 printf("LookupSids3 failed - %s - not considered an error\n",
422 if (!test_LookupNames4(p, mem_ctx, &names)) {
429 BOOL test_many_LookupSids(struct dcerpc_pipe *p,
431 struct policy_handle *handle)
435 struct lsa_SidArray sids;
438 printf("\nTesting LookupSids with lots of SIDs\n");
442 sids.sids = talloc_array(mem_ctx, struct lsa_SidPtr, sids.num_sids);
444 for (i=0; i<sids.num_sids; i++) {
445 const char *sidstr = "S-1-5-32-545";
446 sids.sids[i].sid = dom_sid_parse_talloc(mem_ctx, sidstr);
449 count = sids.num_sids;
452 struct lsa_LookupSids r;
453 struct lsa_TransNameArray names;
457 r.in.handle = handle;
461 r.in.count = &names.count;
462 r.out.count = &count;
463 r.out.names = &names;
465 status = dcerpc_lsa_LookupSids(p, mem_ctx, &r);
466 if (!NT_STATUS_IS_OK(status) &&
467 !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
468 printf("LookupSids failed - %s\n", nt_errstr(status));
474 if (!test_LookupNames(p, mem_ctx, handle, &names)) {
478 struct lsa_LookupSids3 r;
479 struct lsa_TransNameArray2 names;
484 printf("\nTesting LookupSids3\n");
492 r.out.count = &count;
493 r.out.names = &names;
495 status = dcerpc_lsa_LookupSids3(p, mem_ctx, &r);
496 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
497 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) ||
498 NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED)) {
499 printf("not considering %s to be an error\n", nt_errstr(status));
502 printf("LookupSids3 failed - %s\n",
506 if (!test_LookupNames4(p, mem_ctx, &names)) {
518 static void lookupsids_cb(struct rpc_request *req)
520 int *replies = (int *)req->async.private_data;
523 status = dcerpc_ndr_request_recv(req);
524 if (!NT_STATUS_IS_OK(status)) {
525 printf("lookupsids returned %s\n", nt_errstr(status));
534 static BOOL test_LookupSids_async(struct dcerpc_pipe *p,
536 struct policy_handle *handle)
538 struct lsa_SidArray sids;
539 struct lsa_SidPtr sidptr;
541 struct lsa_TransNameArray *names;
542 struct lsa_LookupSids *r;
543 struct rpc_request **req;
546 const int num_async_requests = 50;
548 count = talloc_array(mem_ctx, uint32_t, num_async_requests);
549 names = talloc_array(mem_ctx, struct lsa_TransNameArray, num_async_requests);
550 r = talloc_array(mem_ctx, struct lsa_LookupSids, num_async_requests);
552 printf("\nTesting %d async lookupsids request\n", num_async_requests);
554 req = talloc_array(mem_ctx, struct rpc_request *, num_async_requests);
558 sidptr.sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-545");
562 for (i=0; i<num_async_requests; i++) {
565 names[i].names = NULL;
567 r[i].in.handle = handle;
568 r[i].in.sids = &sids;
569 r[i].in.names = &names[i];
571 r[i].in.count = &names[i].count;
572 r[i].out.count = &count[i];
573 r[i].out.names = &names[i];
575 req[i] = dcerpc_lsa_LookupSids_send(p, req, &r[i]);
576 if (req[i] == NULL) {
581 req[i]->async.callback = lookupsids_cb;
582 req[i]->async.private_data = &replies;
585 while (replies >= 0 && replies < num_async_requests) {
586 event_loop_once(p->conn->event_ctx);
598 static BOOL test_LookupPrivValue(struct dcerpc_pipe *p,
600 struct policy_handle *handle,
601 struct lsa_String *name)
604 struct lsa_LookupPrivValue r;
605 struct lsa_LUID luid;
607 r.in.handle = handle;
611 status = dcerpc_lsa_LookupPrivValue(p, mem_ctx, &r);
612 if (!NT_STATUS_IS_OK(status)) {
613 printf("\nLookupPrivValue failed - %s\n", nt_errstr(status));
620 static BOOL test_LookupPrivName(struct dcerpc_pipe *p,
622 struct policy_handle *handle,
623 struct lsa_LUID *luid)
626 struct lsa_LookupPrivName r;
628 r.in.handle = handle;
631 status = dcerpc_lsa_LookupPrivName(p, mem_ctx, &r);
632 if (!NT_STATUS_IS_OK(status)) {
633 printf("\nLookupPrivName failed - %s\n", nt_errstr(status));
640 static BOOL test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p,
642 struct policy_handle *acct_handle,
643 struct lsa_LUID *luid)
646 struct lsa_RemovePrivilegesFromAccount r;
647 struct lsa_PrivilegeSet privs;
650 printf("Testing RemovePrivilegesFromAccount\n");
652 r.in.handle = acct_handle;
658 privs.set = talloc_array(mem_ctx, struct lsa_LUIDAttribute, 1);
659 privs.set[0].luid = *luid;
660 privs.set[0].attribute = 0;
662 status = dcerpc_lsa_RemovePrivilegesFromAccount(p, mem_ctx, &r);
663 if (!NT_STATUS_IS_OK(status)) {
664 printf("RemovePrivilegesFromAccount failed - %s\n", nt_errstr(status));
671 static BOOL test_AddPrivilegesToAccount(struct dcerpc_pipe *p,
673 struct policy_handle *acct_handle,
674 struct lsa_LUID *luid)
677 struct lsa_AddPrivilegesToAccount r;
678 struct lsa_PrivilegeSet privs;
681 printf("Testing AddPrivilegesToAccount\n");
683 r.in.handle = acct_handle;
688 privs.set = talloc_array(mem_ctx, struct lsa_LUIDAttribute, 1);
689 privs.set[0].luid = *luid;
690 privs.set[0].attribute = 0;
692 status = dcerpc_lsa_AddPrivilegesToAccount(p, mem_ctx, &r);
693 if (!NT_STATUS_IS_OK(status)) {
694 printf("AddPrivilegesToAccount failed - %s\n", nt_errstr(status));
701 static BOOL test_EnumPrivsAccount(struct dcerpc_pipe *p,
703 struct policy_handle *handle,
704 struct policy_handle *acct_handle)
707 struct lsa_EnumPrivsAccount r;
710 printf("Testing EnumPrivsAccount\n");
712 r.in.handle = acct_handle;
714 status = dcerpc_lsa_EnumPrivsAccount(p, mem_ctx, &r);
715 if (!NT_STATUS_IS_OK(status)) {
716 printf("EnumPrivsAccount failed - %s\n", nt_errstr(status));
720 if (r.out.privs && r.out.privs->count > 0) {
722 for (i=0;i<r.out.privs->count;i++) {
723 test_LookupPrivName(p, mem_ctx, handle,
724 &r.out.privs->set[i].luid);
727 ret &= test_RemovePrivilegesFromAccount(p, mem_ctx, acct_handle,
728 &r.out.privs->set[0].luid);
729 ret &= test_AddPrivilegesToAccount(p, mem_ctx, acct_handle,
730 &r.out.privs->set[0].luid);
736 static BOOL test_Delete(struct dcerpc_pipe *p,
738 struct policy_handle *handle)
743 printf("testing Delete\n");
745 r.in.handle = handle;
746 status = dcerpc_lsa_Delete(p, mem_ctx, &r);
747 if (!NT_STATUS_IS_OK(status)) {
748 printf("Delete failed - %s\n", nt_errstr(status));
756 static BOOL test_CreateAccount(struct dcerpc_pipe *p,
758 struct policy_handle *handle)
761 struct lsa_CreateAccount r;
762 struct dom_sid2 *newsid;
763 struct policy_handle acct_handle;
765 newsid = dom_sid_parse_talloc(mem_ctx, "S-1-5-12349876-4321-2854");
767 printf("Testing CreateAccount\n");
769 r.in.handle = handle;
771 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
772 r.out.acct_handle = &acct_handle;
774 status = dcerpc_lsa_CreateAccount(p, mem_ctx, &r);
775 if (!NT_STATUS_IS_OK(status)) {
776 printf("CreateAccount failed - %s\n", nt_errstr(status));
780 if (!test_Delete(p, mem_ctx, &acct_handle)) {
787 static BOOL test_DeleteTrustedDomain(struct dcerpc_pipe *p,
789 struct policy_handle *handle,
790 struct lsa_StringLarge name)
793 struct lsa_OpenTrustedDomainByName r;
794 struct policy_handle trustdom_handle;
796 r.in.handle = handle;
797 r.in.name.string = name.string;
798 r.in.access_mask = SEC_STD_DELETE;
799 r.out.trustdom_handle = &trustdom_handle;
801 status = dcerpc_lsa_OpenTrustedDomainByName(p, mem_ctx, &r);
802 if (!NT_STATUS_IS_OK(status)) {
803 printf("lsa_OpenTrustedDomainByName failed - %s\n", nt_errstr(status));
807 if (!test_Delete(p, mem_ctx, &trustdom_handle)) {
814 static BOOL test_DeleteTrustedDomainBySid(struct dcerpc_pipe *p,
816 struct policy_handle *handle,
820 struct lsa_DeleteTrustedDomain r;
822 r.in.handle = handle;
825 status = dcerpc_lsa_DeleteTrustedDomain(p, mem_ctx, &r);
826 if (!NT_STATUS_IS_OK(status)) {
827 printf("lsa_DeleteTrustedDomain failed - %s\n", nt_errstr(status));
835 static BOOL test_CreateSecret(struct dcerpc_pipe *p,
837 struct policy_handle *handle)
840 struct lsa_CreateSecret r;
841 struct lsa_OpenSecret r2;
842 struct lsa_SetSecret r3;
843 struct lsa_QuerySecret r4;
844 struct lsa_SetSecret r5;
845 struct lsa_QuerySecret r6;
846 struct lsa_SetSecret r7;
847 struct lsa_QuerySecret r8;
848 struct policy_handle sec_handle, sec_handle2, sec_handle3;
850 struct lsa_DATA_BUF buf1;
851 struct lsa_DATA_BUF_PTR bufp1;
852 struct lsa_DATA_BUF_PTR bufp2;
855 DATA_BLOB session_key;
856 NTTIME old_mtime, new_mtime;
857 DATA_BLOB blob1, blob2;
858 const char *secret1 = "abcdef12345699qwerty";
860 const char *secret3 = "ABCDEF12345699QWERTY";
862 const char *secret5 = "NEW-SAMBA4-SECRET";
867 const int GLOBAL = 1;
869 secname[LOCAL] = talloc_asprintf(mem_ctx, "torturesecret-%u", (uint_t)random());
870 secname[GLOBAL] = talloc_asprintf(mem_ctx, "G$torturesecret-%u", (uint_t)random());
872 for (i=0; i< 2; i++) {
873 printf("Testing CreateSecret of %s\n", secname[i]);
875 init_lsa_String(&r.in.name, secname[i]);
877 r.in.handle = handle;
878 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
879 r.out.sec_handle = &sec_handle;
881 status = dcerpc_lsa_CreateSecret(p, mem_ctx, &r);
882 if (!NT_STATUS_IS_OK(status)) {
883 printf("CreateSecret failed - %s\n", nt_errstr(status));
887 r.in.handle = handle;
888 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
889 r.out.sec_handle = &sec_handle3;
891 status = dcerpc_lsa_CreateSecret(p, mem_ctx, &r);
892 if (!NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) {
893 printf("CreateSecret should have failed OBJECT_NAME_COLLISION - %s\n", nt_errstr(status));
897 r2.in.handle = handle;
898 r2.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
899 r2.in.name = r.in.name;
900 r2.out.sec_handle = &sec_handle2;
902 printf("Testing OpenSecret\n");
904 status = dcerpc_lsa_OpenSecret(p, mem_ctx, &r2);
905 if (!NT_STATUS_IS_OK(status)) {
906 printf("OpenSecret failed - %s\n", nt_errstr(status));
910 status = dcerpc_fetch_session_key(p, &session_key);
911 if (!NT_STATUS_IS_OK(status)) {
912 printf("dcerpc_fetch_session_key failed - %s\n", nt_errstr(status));
916 enc_key = sess_encrypt_string(secret1, &session_key);
918 r3.in.sec_handle = &sec_handle;
919 r3.in.new_val = &buf1;
920 r3.in.old_val = NULL;
921 r3.in.new_val->data = enc_key.data;
922 r3.in.new_val->length = enc_key.length;
923 r3.in.new_val->size = enc_key.length;
925 printf("Testing SetSecret\n");
927 status = dcerpc_lsa_SetSecret(p, mem_ctx, &r3);
928 if (!NT_STATUS_IS_OK(status)) {
929 printf("SetSecret failed - %s\n", nt_errstr(status));
933 r3.in.sec_handle = &sec_handle;
934 r3.in.new_val = &buf1;
935 r3.in.old_val = NULL;
936 r3.in.new_val->data = enc_key.data;
937 r3.in.new_val->length = enc_key.length;
938 r3.in.new_val->size = enc_key.length;
940 /* break the encrypted data */
943 printf("Testing SetSecret with broken key\n");
945 status = dcerpc_lsa_SetSecret(p, mem_ctx, &r3);
946 if (!NT_STATUS_EQUAL(status, NT_STATUS_UNKNOWN_REVISION)) {
947 printf("SetSecret should have failed UNKNOWN_REVISION - %s\n", nt_errstr(status));
951 data_blob_free(&enc_key);
953 ZERO_STRUCT(new_mtime);
954 ZERO_STRUCT(old_mtime);
956 /* fetch the secret back again */
957 r4.in.sec_handle = &sec_handle;
958 r4.in.new_val = &bufp1;
959 r4.in.new_mtime = &new_mtime;
960 r4.in.old_val = NULL;
961 r4.in.old_mtime = NULL;
965 printf("Testing QuerySecret\n");
966 status = dcerpc_lsa_QuerySecret(p, mem_ctx, &r4);
967 if (!NT_STATUS_IS_OK(status)) {
968 printf("QuerySecret failed - %s\n", nt_errstr(status));
971 if (r4.out.new_val == NULL || r4.out.new_val->buf == NULL) {
972 printf("No secret buffer returned\n");
975 blob1.data = r4.out.new_val->buf->data;
976 blob1.length = r4.out.new_val->buf->size;
978 blob2 = data_blob_talloc(mem_ctx, NULL, blob1.length);
980 secret2 = sess_decrypt_string(mem_ctx,
981 &blob1, &session_key);
983 if (strcmp(secret1, secret2) != 0) {
984 printf("Returned secret '%s' doesn't match '%s'\n",
991 enc_key = sess_encrypt_string(secret3, &session_key);
993 r5.in.sec_handle = &sec_handle;
994 r5.in.new_val = &buf1;
995 r5.in.old_val = NULL;
996 r5.in.new_val->data = enc_key.data;
997 r5.in.new_val->length = enc_key.length;
998 r5.in.new_val->size = enc_key.length;
1000 printf("Testing SetSecret (existing value should move to old)\n");
1002 status = dcerpc_lsa_SetSecret(p, mem_ctx, &r5);
1003 if (!NT_STATUS_IS_OK(status)) {
1004 printf("SetSecret failed - %s\n", nt_errstr(status));
1008 data_blob_free(&enc_key);
1010 ZERO_STRUCT(new_mtime);
1011 ZERO_STRUCT(old_mtime);
1013 /* fetch the secret back again */
1014 r6.in.sec_handle = &sec_handle;
1015 r6.in.new_val = &bufp1;
1016 r6.in.new_mtime = &new_mtime;
1017 r6.in.old_val = &bufp2;
1018 r6.in.old_mtime = &old_mtime;
1023 status = dcerpc_lsa_QuerySecret(p, mem_ctx, &r6);
1024 if (!NT_STATUS_IS_OK(status)) {
1025 printf("QuerySecret failed - %s\n", nt_errstr(status));
1030 if (r6.out.new_val->buf == NULL || r6.out.old_val->buf == NULL
1031 || r6.out.new_mtime == NULL || r6.out.old_mtime == NULL) {
1032 printf("Both secret buffers and both times not returned\n");
1036 blob1.data = r6.out.new_val->buf->data;
1037 blob1.length = r6.out.new_val->buf->size;
1039 blob2 = data_blob_talloc(mem_ctx, NULL, blob1.length);
1041 secret4 = sess_decrypt_string(mem_ctx,
1042 &blob1, &session_key);
1044 if (strcmp(secret3, secret4) != 0) {
1045 printf("Returned NEW secret %s doesn't match %s\n", secret4, secret3);
1049 blob1.data = r6.out.old_val->buf->data;
1050 blob1.length = r6.out.old_val->buf->length;
1052 blob2 = data_blob_talloc(mem_ctx, NULL, blob1.length);
1054 secret2 = sess_decrypt_string(mem_ctx,
1055 &blob1, &session_key);
1057 if (strcmp(secret1, secret2) != 0) {
1058 printf("Returned OLD secret %s doesn't match %s\n", secret2, secret1);
1062 if (*r6.out.new_mtime == *r6.out.old_mtime) {
1063 printf("Returned secret %s had same mtime for both secrets: %s\n",
1065 nt_time_string(mem_ctx, *r6.out.new_mtime));
1071 enc_key = sess_encrypt_string(secret5, &session_key);
1073 r7.in.sec_handle = &sec_handle;
1074 r7.in.old_val = &buf1;
1075 r7.in.old_val->data = enc_key.data;
1076 r7.in.old_val->length = enc_key.length;
1077 r7.in.old_val->size = enc_key.length;
1078 r7.in.new_val = NULL;
1080 printf("Testing SetSecret of old Secret only\n");
1082 status = dcerpc_lsa_SetSecret(p, mem_ctx, &r7);
1083 if (!NT_STATUS_IS_OK(status)) {
1084 printf("SetSecret failed - %s\n", nt_errstr(status));
1088 data_blob_free(&enc_key);
1090 /* fetch the secret back again */
1091 r8.in.sec_handle = &sec_handle;
1092 r8.in.new_val = &bufp1;
1093 r8.in.new_mtime = &new_mtime;
1094 r8.in.old_val = &bufp2;
1095 r8.in.old_mtime = &old_mtime;
1100 status = dcerpc_lsa_QuerySecret(p, mem_ctx, &r8);
1101 if (!NT_STATUS_IS_OK(status)) {
1102 printf("QuerySecret failed - %s\n", nt_errstr(status));
1105 if (!r8.out.new_val || !r8.out.old_val) {
1106 printf("in/out pointers not returned, despite being set on in for QuerySecret\n");
1108 } else if (r8.out.new_val->buf == NULL) {
1110 printf("NEW secret buffer not returned after GLOBAL OLD set\n");
1113 } else if (r8.out.old_val->buf == NULL) {
1114 printf("OLD secret buffer not returned after OLD set\n");
1116 } else if (r8.out.new_mtime == NULL || r8.out.old_mtime == NULL) {
1117 printf("Both times not returned after OLD set\n");
1121 printf("NEW secret buffer should not be returned after LOCAL OLD set\n");
1124 blob1.data = r8.out.new_val->buf->data;
1125 blob1.length = r8.out.new_val->buf->length;
1127 blob2 = data_blob_talloc(mem_ctx, NULL, blob1.length);
1129 secret6 = sess_decrypt_string(mem_ctx,
1130 &blob1, &session_key);
1132 if (strcmp(secret3, secret4) != 0) {
1133 printf("Returned NEW secret '%s' doesn't match '%s'\n", secret4, secret3);
1137 blob1.data = r8.out.old_val->buf->data;
1138 blob1.length = r8.out.old_val->buf->size;
1140 blob2 = data_blob_talloc(mem_ctx, NULL, blob1.length);
1142 secret6 = sess_decrypt_string(mem_ctx,
1143 &blob1, &session_key);
1145 if (strcmp(secret5, secret6) != 0) {
1146 printf("Returned OLD secret %s doesn't match %s\n", secret5, secret6);
1150 if (*r8.out.new_mtime == *r8.out.old_mtime) {
1152 printf("Returned secret %s had same mtime for both secrets: %s\n",
1154 nt_time_string(mem_ctx, *r8.out.new_mtime));
1158 printf("Returned secret %s should have had same mtime for both secrets: %s != %s\n",
1160 nt_time_string(mem_ctx, *r8.out.old_mtime),
1161 nt_time_string(mem_ctx, *r8.out.new_mtime));
1167 if (!test_Delete(p, mem_ctx, &sec_handle)) {
1171 d.in.handle = &sec_handle2;
1172 status = dcerpc_lsa_Delete(p, mem_ctx, &d);
1173 if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_HANDLE)) {
1174 printf("Second delete expected INVALID_HANDLE - %s\n", nt_errstr(status));
1178 printf("Testing OpenSecret of just-deleted secret\n");
1180 status = dcerpc_lsa_OpenSecret(p, mem_ctx, &r2);
1181 if (!NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1182 printf("OpenSecret expected OBJECT_NAME_NOT_FOUND - %s\n", nt_errstr(status));
1193 static BOOL test_EnumAccountRights(struct dcerpc_pipe *p,
1194 TALLOC_CTX *mem_ctx,
1195 struct policy_handle *acct_handle,
1196 struct dom_sid *sid)
1199 struct lsa_EnumAccountRights r;
1200 struct lsa_RightSet rights;
1202 printf("Testing EnumAccountRights\n");
1204 r.in.handle = acct_handle;
1206 r.out.rights = &rights;
1208 status = dcerpc_lsa_EnumAccountRights(p, mem_ctx, &r);
1209 if (!NT_STATUS_IS_OK(status)) {
1210 printf("EnumAccountRights of %s failed - %s\n",
1211 dom_sid_string(mem_ctx, sid), nt_errstr(status));
1219 static BOOL test_QuerySecurity(struct dcerpc_pipe *p,
1220 TALLOC_CTX *mem_ctx,
1221 struct policy_handle *handle,
1222 struct policy_handle *acct_handle)
1225 struct lsa_QuerySecurity r;
1227 if (lp_parm_bool(-1, "torture", "samba4", False)) {
1228 printf("skipping QuerySecurity test against Samba4\n");
1232 printf("Testing QuerySecurity\n");
1234 r.in.handle = acct_handle;
1237 status = dcerpc_lsa_QuerySecurity(p, mem_ctx, &r);
1238 if (!NT_STATUS_IS_OK(status)) {
1239 printf("QuerySecurity failed - %s\n", nt_errstr(status));
1246 static BOOL test_OpenAccount(struct dcerpc_pipe *p,
1247 TALLOC_CTX *mem_ctx,
1248 struct policy_handle *handle,
1249 struct dom_sid *sid)
1252 struct lsa_OpenAccount r;
1253 struct policy_handle acct_handle;
1255 printf("Testing OpenAccount\n");
1257 r.in.handle = handle;
1259 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1260 r.out.acct_handle = &acct_handle;
1262 status = dcerpc_lsa_OpenAccount(p, mem_ctx, &r);
1263 if (!NT_STATUS_IS_OK(status)) {
1264 printf("OpenAccount failed - %s\n", nt_errstr(status));
1268 if (!test_EnumPrivsAccount(p, mem_ctx, handle, &acct_handle)) {
1272 if (!test_QuerySecurity(p, mem_ctx, handle, &acct_handle)) {
1279 static BOOL test_EnumAccounts(struct dcerpc_pipe *p,
1280 TALLOC_CTX *mem_ctx,
1281 struct policy_handle *handle)
1284 struct lsa_EnumAccounts r;
1285 struct lsa_SidArray sids1, sids2;
1286 uint32_t resume_handle = 0;
1290 printf("\ntesting EnumAccounts\n");
1292 r.in.handle = handle;
1293 r.in.resume_handle = &resume_handle;
1294 r.in.num_entries = 100;
1295 r.out.resume_handle = &resume_handle;
1296 r.out.sids = &sids1;
1300 status = dcerpc_lsa_EnumAccounts(p, mem_ctx, &r);
1301 if (NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES)) {
1304 if (!NT_STATUS_IS_OK(status)) {
1305 printf("EnumAccounts failed - %s\n", nt_errstr(status));
1309 if (!test_LookupSids(p, mem_ctx, handle, &sids1)) {
1313 if (!test_LookupSids2(p, mem_ctx, handle, &sids1)) {
1317 if (!test_LookupSids3(p, mem_ctx, &sids1)) {
1321 printf("testing all accounts\n");
1322 for (i=0;i<sids1.num_sids;i++) {
1323 ret &= test_OpenAccount(p, mem_ctx, handle, sids1.sids[i].sid);
1324 ret &= test_EnumAccountRights(p, mem_ctx, handle, sids1.sids[i].sid);
1329 if (sids1.num_sids < 3) {
1333 printf("trying EnumAccounts partial listing (asking for 1 at 2)\n");
1335 r.in.num_entries = 1;
1336 r.out.sids = &sids2;
1338 status = dcerpc_lsa_EnumAccounts(p, mem_ctx, &r);
1339 if (!NT_STATUS_IS_OK(status)) {
1340 printf("EnumAccounts failed - %s\n", nt_errstr(status));
1344 if (sids2.num_sids != 1) {
1345 printf("Returned wrong number of entries (%d)\n", sids2.num_sids);
1352 static BOOL test_LookupPrivDisplayName(struct dcerpc_pipe *p,
1353 TALLOC_CTX *mem_ctx,
1354 struct policy_handle *handle,
1355 struct lsa_String *priv_name)
1357 struct lsa_LookupPrivDisplayName r;
1359 /* produce a reasonable range of language output without screwing up
1361 uint16_t language_id = (random() % 4) + 0x409;
1363 printf("testing LookupPrivDisplayName(%s)\n", priv_name->string);
1365 r.in.handle = handle;
1366 r.in.name = priv_name;
1367 r.in.language_id = &language_id;
1368 r.out.language_id = &language_id;
1371 status = dcerpc_lsa_LookupPrivDisplayName(p, mem_ctx, &r);
1372 if (!NT_STATUS_IS_OK(status)) {
1373 printf("LookupPrivDisplayName failed - %s\n", nt_errstr(status));
1376 printf("%s -> \"%s\" (language 0x%x/0x%x)\n",
1377 priv_name->string, r.out.disp_name->string,
1378 *r.in.language_id, *r.out.language_id);
1383 static BOOL test_EnumAccountsWithUserRight(struct dcerpc_pipe *p,
1384 TALLOC_CTX *mem_ctx,
1385 struct policy_handle *handle,
1386 struct lsa_String *priv_name)
1388 struct lsa_EnumAccountsWithUserRight r;
1389 struct lsa_SidArray sids;
1394 printf("testing EnumAccountsWithUserRight(%s)\n", priv_name->string);
1396 r.in.handle = handle;
1397 r.in.name = priv_name;
1400 status = dcerpc_lsa_EnumAccountsWithUserRight(p, mem_ctx, &r);
1402 /* NT_STATUS_NO_MORE_ENTRIES means noone has this privilege */
1403 if (NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES)) {
1407 if (!NT_STATUS_IS_OK(status)) {
1408 printf("EnumAccountsWithUserRight failed - %s\n", nt_errstr(status));
1416 static BOOL test_EnumPrivs(struct dcerpc_pipe *p,
1417 TALLOC_CTX *mem_ctx,
1418 struct policy_handle *handle)
1421 struct lsa_EnumPrivs r;
1422 struct lsa_PrivArray privs1;
1423 uint32_t resume_handle = 0;
1427 printf("\ntesting EnumPrivs\n");
1429 r.in.handle = handle;
1430 r.in.resume_handle = &resume_handle;
1431 r.in.max_count = 100;
1432 r.out.resume_handle = &resume_handle;
1433 r.out.privs = &privs1;
1436 status = dcerpc_lsa_EnumPrivs(p, mem_ctx, &r);
1437 if (!NT_STATUS_IS_OK(status)) {
1438 printf("EnumPrivs failed - %s\n", nt_errstr(status));
1442 for (i = 0; i< privs1.count; i++) {
1443 test_LookupPrivDisplayName(p, mem_ctx, handle, (struct lsa_String *)&privs1.privs[i].name);
1444 test_LookupPrivValue(p, mem_ctx, handle, (struct lsa_String *)&privs1.privs[i].name);
1445 if (!test_EnumAccountsWithUserRight(p, mem_ctx, handle, (struct lsa_String *)&privs1.privs[i].name)) {
1453 static BOOL test_QueryForestTrustInformation(struct dcerpc_pipe *p,
1454 TALLOC_CTX *mem_ctx,
1455 struct policy_handle *handle,
1456 const char *trusted_domain_name)
1459 struct lsa_lsaRQueryForestTrustInformation r;
1461 struct lsa_String string;
1462 struct lsa_ForestTrustInformation info, *info_ptr;
1464 printf("\nTesting lsaRQueryForestTrustInformation\n");
1466 if (lp_parm_bool(-1, "torture", "samba4", False)) {
1467 printf("skipping QueryForestTrustInformation against Samba4\n");
1471 ZERO_STRUCT(string);
1473 if (trusted_domain_name) {
1474 init_lsa_String(&string, trusted_domain_name);
1479 r.in.handle = handle;
1480 r.in.trusted_domain_name = &string;
1482 r.out.forest_trust_info = &info_ptr;
1484 status = dcerpc_lsa_lsaRQueryForestTrustInformation(p, mem_ctx, &r);
1486 if (!NT_STATUS_IS_OK(status)) {
1487 printf("lsaRQueryForestTrustInformation failed - %s\n", nt_errstr(status));
1494 static BOOL test_query_each_TrustDomEx(struct dcerpc_pipe *p,
1495 TALLOC_CTX *mem_ctx,
1496 struct policy_handle *handle,
1497 struct lsa_DomainListEx *domains)
1502 for (i=0; i< domains->count; i++) {
1504 if (domains->domains[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
1505 ret &= test_QueryForestTrustInformation(p, mem_ctx, handle,
1506 domains->domains[i].domain_name.string);
1513 static BOOL test_query_each_TrustDom(struct dcerpc_pipe *p,
1514 TALLOC_CTX *mem_ctx,
1515 struct policy_handle *handle,
1516 struct lsa_DomainList *domains)
1522 printf("\nTesting OpenTrustedDomain, OpenTrustedDomainByName and QueryInfoTrustedDomain\n");
1523 for (i=0; i< domains->count; i++) {
1524 struct lsa_OpenTrustedDomain trust;
1525 struct lsa_OpenTrustedDomainByName trust_by_name;
1526 struct policy_handle trustdom_handle;
1527 struct policy_handle handle2;
1529 struct lsa_CloseTrustedDomainEx c_trust;
1530 int levels [] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12};
1531 int ok[] = {1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1};
1533 if (domains->domains[i].sid) {
1534 trust.in.handle = handle;
1535 trust.in.sid = domains->domains[i].sid;
1536 trust.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1537 trust.out.trustdom_handle = &trustdom_handle;
1539 status = dcerpc_lsa_OpenTrustedDomain(p, mem_ctx, &trust);
1541 if (!NT_STATUS_IS_OK(status)) {
1542 printf("OpenTrustedDomain failed - %s\n", nt_errstr(status));
1546 c.in.handle = &trustdom_handle;
1547 c.out.handle = &handle2;
1549 c_trust.in.handle = &trustdom_handle;
1550 c_trust.out.handle = &handle2;
1552 for (j=0; j < ARRAY_SIZE(levels); j++) {
1553 struct lsa_QueryTrustedDomainInfo q;
1554 union lsa_TrustedDomainInfo info;
1555 q.in.trustdom_handle = &trustdom_handle;
1556 q.in.level = levels[j];
1558 status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q);
1559 if (!NT_STATUS_IS_OK(status) && ok[j]) {
1560 printf("QueryTrustedDomainInfo level %d failed - %s\n",
1561 levels[j], nt_errstr(status));
1563 } else if (NT_STATUS_IS_OK(status) && !ok[j]) {
1564 printf("QueryTrustedDomainInfo level %d unexpectedly succeeded - %s\n",
1565 levels[j], nt_errstr(status));
1570 status = dcerpc_lsa_CloseTrustedDomainEx(p, mem_ctx, &c_trust);
1571 if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
1572 printf("Expected CloseTrustedDomainEx to return NT_STATUS_NOT_IMPLEMENTED, instead - %s\n", nt_errstr(status));
1576 c.in.handle = &trustdom_handle;
1577 c.out.handle = &handle2;
1579 status = dcerpc_lsa_Close(p, mem_ctx, &c);
1580 if (!NT_STATUS_IS_OK(status)) {
1581 printf("Close of trusted domain failed - %s\n", nt_errstr(status));
1585 for (j=0; j < ARRAY_SIZE(levels); j++) {
1586 struct lsa_QueryTrustedDomainInfoBySid q;
1587 union lsa_TrustedDomainInfo info;
1589 if (!domains->domains[i].sid) {
1593 q.in.handle = handle;
1594 q.in.dom_sid = domains->domains[i].sid;
1595 q.in.level = levels[j];
1597 status = dcerpc_lsa_QueryTrustedDomainInfoBySid(p, mem_ctx, &q);
1598 if (!NT_STATUS_IS_OK(status) && ok[j]) {
1599 printf("QueryTrustedDomainInfoBySid level %d failed - %s\n",
1600 levels[j], nt_errstr(status));
1602 } else if (NT_STATUS_IS_OK(status) && !ok[j]) {
1603 printf("QueryTrustedDomainInfoBySid level %d unexpectedly succeeded - %s\n",
1604 levels[j], nt_errstr(status));
1610 trust_by_name.in.handle = handle;
1611 trust_by_name.in.name.string = domains->domains[i].name.string;
1612 trust_by_name.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1613 trust_by_name.out.trustdom_handle = &trustdom_handle;
1615 status = dcerpc_lsa_OpenTrustedDomainByName(p, mem_ctx, &trust_by_name);
1617 if (!NT_STATUS_IS_OK(status)) {
1618 printf("OpenTrustedDomainByName failed - %s\n", nt_errstr(status));
1622 for (j=0; j < ARRAY_SIZE(levels); j++) {
1623 struct lsa_QueryTrustedDomainInfo q;
1624 union lsa_TrustedDomainInfo info;
1625 q.in.trustdom_handle = &trustdom_handle;
1626 q.in.level = levels[j];
1628 status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q);
1629 if (!NT_STATUS_IS_OK(status) && ok[j]) {
1630 printf("QueryTrustedDomainInfo level %d failed - %s\n",
1631 levels[j], nt_errstr(status));
1633 } else if (NT_STATUS_IS_OK(status) && !ok[j]) {
1634 printf("QueryTrustedDomainInfo level %d unexpectedly succeeded - %s\n",
1635 levels[j], nt_errstr(status));
1640 c.in.handle = &trustdom_handle;
1641 c.out.handle = &handle2;
1643 status = dcerpc_lsa_Close(p, mem_ctx, &c);
1644 if (!NT_STATUS_IS_OK(status)) {
1645 printf("Close of trusted domain failed - %s\n", nt_errstr(status));
1649 for (j=0; j < ARRAY_SIZE(levels); j++) {
1650 struct lsa_QueryTrustedDomainInfoByName q;
1651 union lsa_TrustedDomainInfo info;
1652 q.in.handle = handle;
1653 q.in.trusted_domain.string = domains->domains[i].name.string;
1654 q.in.level = levels[j];
1656 status = dcerpc_lsa_QueryTrustedDomainInfoByName(p, mem_ctx, &q);
1657 if (!NT_STATUS_IS_OK(status) && ok[j]) {
1658 printf("QueryTrustedDomainInfoByName level %d failed - %s\n",
1659 levels[j], nt_errstr(status));
1661 } else if (NT_STATUS_IS_OK(status) && !ok[j]) {
1662 printf("QueryTrustedDomainInfoByName level %d unexpectedly succeeded - %s\n",
1663 levels[j], nt_errstr(status));
1671 static BOOL test_EnumTrustDom(struct dcerpc_pipe *p,
1672 TALLOC_CTX *mem_ctx,
1673 struct policy_handle *handle)
1675 struct lsa_EnumTrustDom r;
1676 struct lsa_EnumTrustedDomainsEx r_ex;
1677 NTSTATUS enum_status;
1678 uint32_t resume_handle = 0;
1679 struct lsa_DomainList domains;
1680 struct lsa_DomainListEx domains_ex;
1683 printf("\nTesting EnumTrustDom\n");
1686 r.in.handle = handle;
1687 r.in.resume_handle = &resume_handle;
1688 r.in.max_size = LSA_ENUM_TRUST_DOMAIN_MULTIPLIER * 3;
1689 r.out.domains = &domains;
1690 r.out.resume_handle = &resume_handle;
1692 enum_status = dcerpc_lsa_EnumTrustDom(p, mem_ctx, &r);
1694 /* NO_MORE_ENTRIES is allowed */
1695 if (NT_STATUS_EQUAL(enum_status, NT_STATUS_NO_MORE_ENTRIES)) {
1697 } else if (NT_STATUS_EQUAL(enum_status, STATUS_MORE_ENTRIES)) {
1698 /* Windows 2003 gets this off by one on the first run */
1699 if (r.out.domains->count < 3 || r.out.domains->count > 4) {
1700 printf("EnumTrustDom didn't fill the buffer we "
1701 "asked it to (got %d, expected %d / %d == %d entries)\n",
1702 r.out.domains->count, LSA_ENUM_TRUST_DOMAIN_MULTIPLIER * 3,
1703 LSA_ENUM_TRUST_DOMAIN_MULTIPLIER, r.in.max_size);
1706 } else if (!NT_STATUS_IS_OK(enum_status)) {
1707 printf("EnumTrustDom failed - %s\n", nt_errstr(enum_status));
1711 ret &= test_query_each_TrustDom(p, mem_ctx, handle, &domains);
1713 } while ((NT_STATUS_EQUAL(enum_status, STATUS_MORE_ENTRIES)));
1715 printf("\nTesting EnumTrustedDomainsEx\n");
1719 r_ex.in.handle = handle;
1720 r_ex.in.resume_handle = &resume_handle;
1721 r_ex.in.max_size = LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER * 3;
1722 r_ex.out.domains = &domains_ex;
1723 r_ex.out.resume_handle = &resume_handle;
1725 enum_status = dcerpc_lsa_EnumTrustedDomainsEx(p, mem_ctx, &r_ex);
1727 /* NO_MORE_ENTRIES is allowed */
1728 if (NT_STATUS_EQUAL(enum_status, NT_STATUS_NO_MORE_ENTRIES)) {
1730 } else if (NT_STATUS_EQUAL(enum_status, STATUS_MORE_ENTRIES)) {
1731 /* Windows 2003 gets this off by one on the first run */
1732 if (r_ex.out.domains->count < 3 || r_ex.out.domains->count > 4) {
1733 printf("EnumTrustDom didn't fill the buffer we "
1734 "asked it to (got %d, expected %d / %d == %d entries)\n",
1735 r_ex.out.domains->count,
1737 LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER,
1738 r_ex.in.max_size / LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER);
1742 } else if (!NT_STATUS_IS_OK(enum_status)) {
1743 printf("EnumTrustedDomainEx failed - %s\n", nt_errstr(enum_status));
1747 ret &= test_query_each_TrustDomEx(p, mem_ctx, handle, &domains_ex);
1749 } while ((NT_STATUS_EQUAL(enum_status, STATUS_MORE_ENTRIES)));
1754 static BOOL test_CreateTrustedDomain(struct dcerpc_pipe *p,
1755 TALLOC_CTX *mem_ctx,
1756 struct policy_handle *handle)
1760 struct lsa_CreateTrustedDomain r;
1761 struct lsa_DomainInfo trustinfo;
1762 struct dom_sid *domsid[12];
1763 struct policy_handle trustdom_handle[12];
1764 struct lsa_QueryTrustedDomainInfo q;
1767 printf("Testing CreateTrustedDomain for 12 domains\n");
1769 for (i=0; i< 12; i++) {
1770 char *trust_name = talloc_asprintf(mem_ctx, "torturedom%02d", i);
1771 char *trust_sid = talloc_asprintf(mem_ctx, "S-1-5-21-97398-379795-100%02d", i);
1773 domsid[i] = dom_sid_parse_talloc(mem_ctx, trust_sid);
1775 trustinfo.sid = domsid[i];
1776 init_lsa_String((struct lsa_String *)&trustinfo.name, trust_name);
1778 r.in.handle = handle;
1779 r.in.info = &trustinfo;
1780 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1781 r.out.trustdom_handle = &trustdom_handle[i];
1783 status = dcerpc_lsa_CreateTrustedDomain(p, mem_ctx, &r);
1784 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) {
1785 test_DeleteTrustedDomain(p, mem_ctx, handle, trustinfo.name);
1786 status = dcerpc_lsa_CreateTrustedDomain(p, mem_ctx, &r);
1788 if (!NT_STATUS_IS_OK(status)) {
1789 printf("CreateTrustedDomain failed - %s\n", nt_errstr(status));
1793 q.in.trustdom_handle = &trustdom_handle[i];
1794 q.in.level = LSA_TRUSTED_DOMAIN_INFO_NAME;
1795 status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q);
1796 if (!NT_STATUS_IS_OK(status)) {
1797 printf("QueryTrustedDomainInfo level 1 failed - %s\n", nt_errstr(status));
1799 } else if (!q.out.info) {
1802 if (strcmp(q.out.info->name.netbios_name.string, trustinfo.name.string) != 0) {
1803 printf("QueryTrustedDomainInfo returned inconsistant short name: %s != %s\n",
1804 q.out.info->name.netbios_name.string, trustinfo.name.string);
1811 /* now that we have some domains to look over, we can test the enum calls */
1812 if (!test_EnumTrustDom(p, mem_ctx, handle)) {
1816 for (i=0; i<12; i++) {
1817 if (!test_DeleteTrustedDomainBySid(p, mem_ctx, handle, domsid[i])) {
1825 static BOOL test_QueryDomainInfoPolicy(struct dcerpc_pipe *p,
1826 TALLOC_CTX *mem_ctx,
1827 struct policy_handle *handle)
1829 struct lsa_QueryDomainInformationPolicy r;
1833 if (lp_parm_bool(-1, "torture", "samba4", False)) {
1834 printf("skipping QueryDomainInformationPolicy test against Samba4\n");
1838 printf("\nTesting QueryDomainInformationPolicy\n");
1841 r.in.handle = handle;
1844 printf("\ntrying QueryDomainInformationPolicy level %d\n", i);
1846 status = dcerpc_lsa_QueryDomainInformationPolicy(p, mem_ctx, &r);
1848 if (!NT_STATUS_IS_OK(status)) {
1849 printf("QueryDomainInformationPolicy failed - %s\n", nt_errstr(status));
1859 static BOOL test_QueryInfoPolicy(struct dcerpc_pipe *p,
1860 TALLOC_CTX *mem_ctx,
1861 struct policy_handle *handle)
1863 struct lsa_QueryInfoPolicy r;
1867 printf("\nTesting QueryInfoPolicy\n");
1869 if (lp_parm_bool(-1, "torture", "samba4", False)) {
1870 printf("skipping QueryInfoPolicy against Samba4\n");
1874 for (i=1;i<13;i++) {
1875 r.in.handle = handle;
1878 printf("\ntrying QueryInfoPolicy level %d\n", i);
1880 status = dcerpc_lsa_QueryInfoPolicy(p, mem_ctx, &r);
1882 if ((i == 9 || i == 10 || i == 11) &&
1883 NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
1884 printf("server failed level %u (OK)\n", i);
1888 if (!NT_STATUS_IS_OK(status)) {
1889 printf("QueryInfoPolicy failed - %s\n", nt_errstr(status));
1898 static BOOL test_QueryInfoPolicy2(struct dcerpc_pipe *p,
1899 TALLOC_CTX *mem_ctx,
1900 struct policy_handle *handle)
1902 struct lsa_QueryInfoPolicy2 r;
1906 printf("\nTesting QueryInfoPolicy2\n");
1907 if (lp_parm_bool(-1, "torture", "samba4", False)) {
1908 printf("skipping QueryInfoPolicy2 against Samba4\n");
1912 for (i=1;i<13;i++) {
1913 r.in.handle = handle;
1916 printf("\ntrying QueryInfoPolicy2 level %d\n", i);
1918 status = dcerpc_lsa_QueryInfoPolicy2(p, mem_ctx, &r);
1920 if ((i == 9 || i == 10 || i == 11) &&
1921 NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
1922 printf("server failed level %u (OK)\n", i);
1926 if (!NT_STATUS_IS_OK(status)) {
1927 printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status));
1936 static BOOL test_GetUserName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1938 struct lsa_GetUserName r;
1941 struct lsa_StringPointer authority_name_p;
1943 printf("\nTesting GetUserName\n");
1945 r.in.system_name = "\\";
1946 r.in.account_name = NULL;
1947 r.in.authority_name = &authority_name_p;
1948 authority_name_p.string = NULL;
1950 status = dcerpc_lsa_GetUserName(p, mem_ctx, &r);
1952 if (!NT_STATUS_IS_OK(status)) {
1953 printf("GetUserName failed - %s\n", nt_errstr(status));
1960 BOOL test_lsa_Close(struct dcerpc_pipe *p,
1961 TALLOC_CTX *mem_ctx,
1962 struct policy_handle *handle)
1966 struct policy_handle handle2;
1968 printf("\ntesting Close\n");
1970 r.in.handle = handle;
1971 r.out.handle = &handle2;
1973 status = dcerpc_lsa_Close(p, mem_ctx, &r);
1974 if (!NT_STATUS_IS_OK(status)) {
1975 printf("Close failed - %s\n", nt_errstr(status));
1979 status = dcerpc_lsa_Close(p, mem_ctx, &r);
1980 /* its really a fault - we need a status code for rpc fault */
1981 if (!NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1982 printf("Close failed - %s\n", nt_errstr(status));
1991 BOOL torture_rpc_lsa(struct torture_context *torture)
1994 struct dcerpc_pipe *p;
1995 TALLOC_CTX *mem_ctx;
1997 struct policy_handle *handle;
1999 mem_ctx = talloc_init("torture_rpc_lsa");
2001 status = torture_rpc_connection(torture, &p, &ndr_table_lsarpc);
2002 if (!NT_STATUS_IS_OK(status)) {
2003 talloc_free(mem_ctx);
2007 if (!test_OpenPolicy(p, mem_ctx)) {
2011 if (!test_lsa_OpenPolicy2(p, mem_ctx, &handle)) {
2016 if (!test_LookupSids_async(p, mem_ctx, handle)) {
2020 if (!test_QueryDomainInfoPolicy(p, mem_ctx, handle)) {
2024 if (!test_CreateAccount(p, mem_ctx, handle)) {
2028 if (!test_CreateSecret(p, mem_ctx, handle)) {
2032 if (!test_CreateTrustedDomain(p, mem_ctx, handle)) {
2036 if (!test_EnumAccounts(p, mem_ctx, handle)) {
2040 if (!test_EnumPrivs(p, mem_ctx, handle)) {
2044 if (!test_QueryInfoPolicy(p, mem_ctx, handle)) {
2048 if (!test_QueryInfoPolicy2(p, mem_ctx, handle)) {
2053 if (!test_Delete(p, mem_ctx, handle)) {
2058 if (!test_many_LookupSids(p, mem_ctx, handle)) {
2062 if (!test_lsa_Close(p, mem_ctx, handle)) {
2066 if (!test_many_LookupSids(p, mem_ctx, handle)) {
2071 if (!test_GetUserName(p, mem_ctx)) {
2075 talloc_free(mem_ctx);
2080 BOOL torture_rpc_lsa_get_user(struct torture_context *torture)
2083 struct dcerpc_pipe *p;
2084 TALLOC_CTX *mem_ctx;
2087 mem_ctx = talloc_init("torture_rpc_lsa_get_user");
2089 status = torture_rpc_connection(torture, &p, &ndr_table_lsarpc);
2090 if (!NT_STATUS_IS_OK(status)) {
2091 talloc_free(mem_ctx);
2095 if (!test_GetUserName(p, mem_ctx)) {
2099 talloc_free(mem_ctx);