s4-smbtorture: add netr_GetForestTrustInformation test to RPC-NETLOGON.

Guenther

diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail
index a1f383e22369633fc123cf769b4a9874deaf25eb..674501f045127b1ad54b55d3c68a3209ec0ba875 100644 (file)
--- a/source4/selftest/knownfail
+++ b/source4/selftest/knownfail
@@ -34,6 +34,7 @@ samba4.rpc.netlogon.*.GetPassword
 samba4.rpc.netlogon.*.GetTrustPasswords
 samba4.rpc.netlogon.*.DatabaseRedo
 samba4.rpc.netlogon.*.ServerGetTrustInfo
+samba4.rpc.netlogon.*.GetForestTrustInformation
 samba4.rpc.samr.passwords.badpwdcount # Not provided by Samba 4 yet
 samba4.rpc.samr.passwords.lockout
 samba4.rpc.spoolss # Not provided by Samba 4 yet

diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 09b28828c34e7b92f8440e06970115055ea4ff8b..02e60a9ffaeeb2d57410dd24d672096b6ccf7fed 100644 (file)
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -2057,6 +2057,44 @@ static bool test_LogonControl2Ex(struct torture_context *tctx,
        return true;
 }
 
+static bool test_netr_GetForestTrustInformation(struct torture_context *tctx,
+                                               struct dcerpc_pipe *p,
+                                               struct cli_credentials *machine_credentials)
+{
+       struct netr_GetForestTrustInformation r;
+       struct netlogon_creds_CredentialState *creds;
+       struct netr_Authenticator a;
+       struct netr_Authenticator return_authenticator;
+       struct lsa_ForestTrustInformation *forest_trust_info;
+       struct dcerpc_binding_handle *b = p->binding_handle;
+
+       if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
+                                   machine_credentials, &creds)) {
+               return false;
+       }
+
+       netlogon_creds_client_authenticator(creds, &a);
+
+       r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
+       r.in.computer_name = "";
+       r.in.credential = &a;
+       r.in.flags = 0;
+       r.out.return_authenticator = &return_authenticator;
+       r.out.forest_trust_info = &forest_trust_info;
+
+       torture_assert_ntstatus_ok(tctx,
+               dcerpc_netr_GetForestTrustInformation_r(b, tctx, &r),
+               "netr_GetForestTrustInformation failed");
+       torture_assert_ntstatus_ok(tctx, r.out.result,
+               "netr_GetForestTrustInformation failed");
+
+       torture_assert(tctx,
+               netlogon_creds_client_check(creds, &return_authenticator.cred),
+               "Credential chaining failed");
+
+       return true;
+}
+
 static bool test_netr_DsRGetForestTrustInformation(struct torture_context *tctx, 
                                                   struct dcerpc_pipe *p, const char *trusted_domain_name) 
 {
@@ -3397,6 +3435,7 @@ struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx)
        torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesW", test_netr_DsRAddressToSitenamesW);
        torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesExW", test_netr_DsRAddressToSitenamesExW);
        torture_rpc_tcase_add_test_creds(tcase, "ServerGetTrustInfo", test_netr_ServerGetTrustInfo);
+       torture_rpc_tcase_add_test_creds(tcase, "GetForestTrustInformation", test_netr_GetForestTrustInformation);
 
        return suite;
 }