*/
#include "includes.h"
+#include "librpc/gen_ndr/ndr_drsuapi.h"
+
+struct DsPrivate {
+ struct policy_handle bind_handle;
+ struct GUID domain_guid;
+ struct GUID site_guid;
+ struct GUID computer_guid;
+ struct GUID server_guid;
+ struct GUID ntds_guid;
+};
static BOOL test_DsBind(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
- struct policy_handle *bind_handle)
+ struct DsPrivate *priv)
{
NTSTATUS status;
struct drsuapi_DsBind r;
r.in.server_guid = NULL;
r.in.bind_info = NULL;
- r.out.bind_handle = bind_handle;
+ r.out.bind_handle = &priv->bind_handle;
+
+ printf("testing DsBind\n");
status = dcerpc_drsuapi_DsBind(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsBind failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsBind failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsBind failed - %s\n", win_errstr(r.out.result));
ret = False;
}
}
static BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
- struct policy_handle *bind_handle)
+ struct DsPrivate *priv)
{
NTSTATUS status;
struct drsuapi_DsCrackNames r;
const char *FQDN_1779_name;
ZERO_STRUCT(r);
- r.in.bind_handle = bind_handle;
+ r.in.bind_handle = &priv->bind_handle;
r.in.level = 1;
r.in.req.req1.unknown1 = 0x000004e4;
r.in.req.req1.unknown2 = 0x00000407;
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
names[0].str = talloc_asprintf(mem_ctx, "%s/", lp_realm());
+ printf("testing DsCrackNames with name '%s' desired format:%d\n",
+ names[0].str, r.in.req.req1.format_desired);
+
status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsCrackNames failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
ret = False;
}
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
names[0].str = nt4_domain;
+ printf("testing DsCrackNames with name '%s' desired format:%d\n",
+ names[0].str, r.in.req.req1.format_desired);
+
status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsCrackNames failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
ret = False;
}
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
names[0].str = talloc_asprintf(mem_ctx, "%s%s$", nt4_domain, dcerpc_server_name(p));
+ printf("testing DsCrackNames with name '%s' desired format:%d\n",
+ names[0].str, r.in.req.req1.format_desired);
+
status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsCrackNames failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
ret = False;
}
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL;
names[0].str = FQDN_1779_name;
+ printf("testing DsCrackNames with name '%s' desired format:%d\n",
+ names[0].str, r.in.req.req1.format_desired);
+
status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsCrackNames failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
ret = False;
}
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_DISPLAY;
+ printf("testing DsCrackNames with name '%s' desired format:%d\n",
+ names[0].str, r.in.req.req1.format_desired);
+
status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsCrackNames failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
ret = False;
}
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_GUID;
+ printf("testing DsCrackNames with name '%s' desired format:%d\n",
+ names[0].str, r.in.req.req1.format_desired);
+
status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsCrackNames failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
ret = False;
}
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL;
+ printf("testing DsCrackNames with name '%s' desired format:%d\n",
+ names[0].str, r.in.req.req1.format_desired);
+
status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsCrackNames failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
ret = False;
}
r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL;
+ printf("testing DsCrackNames with name '%s' desired format:%d\n",
+ names[0].str, r.in.req.req1.format_desired);
+
+ status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ const char *errstr = nt_errstr(status);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
+ errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
+ }
+ printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
+ ret = False;
+ }
+
+ if (!ret) {
+ return ret;
+ }
+
+ r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
+ r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
+ names[0].str = GUID_string2(mem_ctx, &priv->site_guid);
+
+ printf("testing DsCrackNames with Site GUID '%s' desired format:%d\n",
+ names[0].str, r.in.req.req1.format_desired);
+
status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsCrackNames failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
+ ret = False;
+ }
+
+ if (!ret) {
+ return ret;
+ }
+
+ names[0].str = GUID_string2(mem_ctx, &priv->computer_guid);
+
+ printf("testing DsCrackNames with Computer GUID '%s' desired format:%d\n",
+ names[0].str, r.in.req.req1.format_desired);
+
+ status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ const char *errstr = nt_errstr(status);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
+ errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
+ }
+ printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
+ ret = False;
+ }
+
+ if (!ret) {
+ return ret;
+ }
+
+ names[0].str = GUID_string2(mem_ctx, &priv->server_guid);
+
+ printf("testing DsCrackNames with Server GUID '%s' desired format:%d\n",
+ names[0].str, r.in.req.req1.format_desired);
+
+ status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ const char *errstr = nt_errstr(status);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
+ errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
+ }
+ printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
+ ret = False;
+ }
+
+ if (!ret) {
+ return ret;
+ }
+
+ names[0].str = GUID_string2(mem_ctx, &priv->ntds_guid);
+
+ printf("testing DsCrackNames with NTDS GUID '%s' desired format:%d\n",
+ names[0].str, r.in.req.req1.format_desired);
+
+ status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ const char *errstr = nt_errstr(status);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
+ errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
+ }
+ printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
ret = False;
}
}
static BOOL test_DsGetDCInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
- struct policy_handle *bind_handle)
+ struct DsPrivate *priv)
{
NTSTATUS status;
struct drsuapi_DsGetDomainControllerInfo r;
BOOL ret = True;
- r.in.bind_handle = bind_handle;
+ r.in.bind_handle = &priv->bind_handle;
r.in.level = 1;
+
r.in.req.req1.domain_name = talloc_strdup(mem_ctx, lp_realm());
r.in.req.req1.level = 1;
+ printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
+ r.in.req.req1.level, r.in.req.req1.domain_name);
+
status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsGetDomainControllerInfo failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
+ " with dns domain failed - %s\n",
+ r.in.req.req1.level, errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsGetDomainControllerInfo level %d\n"
+ " with dns domain failed - %s\n",
+ r.in.req.req1.level, win_errstr(r.out.result));
ret = False;
}
r.in.req.req1.level = 2;
+ printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
+ r.in.req.req1.level, r.in.req.req1.domain_name);
+
status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsGetDomainControllerInfo failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
+ " with dns domain failed - %s\n",
+ r.in.req.req1.level, errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsGetDomainControllerInfo level %d\n"
+ " with dns domain failed - %s\n",
+ r.in.req.req1.level, win_errstr(r.out.result));
ret = False;
+ } else {
+ if (r.out.ctr.ctr2.count > 0) {
+ priv->site_guid = r.out.ctr.ctr2.array[0].site_guid;
+ priv->computer_guid = r.out.ctr.ctr2.array[0].computer_guid;
+ priv->server_guid = r.out.ctr.ctr2.array[0].server_guid;
+ priv->ntds_guid = r.out.ctr.ctr2.array[0].ntds_guid;
+ }
}
r.in.req.req1.level = -1;
+ printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
+ r.in.req.req1.level, r.in.req.req1.domain_name);
+
status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsGetDomainControllerInfo failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
+ " with dns domain failed - %s\n",
+ r.in.req.req1.level, errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsGetDomainControllerInfo level %d\n"
+ " with dns domain failed - %s\n",
+ r.in.req.req1.level, win_errstr(r.out.result));
ret = False;
}
r.in.req.req1.domain_name = talloc_strdup(mem_ctx, lp_workgroup());
r.in.req.req1.level = 2;
+ printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
+ r.in.req.req1.level, r.in.req.req1.domain_name);
+
status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsGetDomainControllerInfo failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
+ " with netbios domain failed - %s\n",
+ r.in.req.req1.level, errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsGetDomainControllerInfo level %d\n"
+ " with netbios domain failed - %s\n",
+ r.in.req.req1.level, win_errstr(r.out.result));
ret = False;
}
r.in.req.req1.domain_name = "__UNKNOWN_DOMAIN__";
r.in.req.req1.level = 2;
+ printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
+ r.in.req.req1.level, r.in.req.req1.domain_name);
+
status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
const char *errstr = nt_errstr(status);
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
-
- if (!NT_STATUS_EQUAL(status, NT_STATUS(0x0000208d))) {
- printf("drsuapi_DsGetDomainControllerInfo level %d with invalid domain name\n"
- " - %s != NTSTATUS[0x0000208d]\n",
- r.in.req.req1.level, errstr);
- ret = False;
- }
+ printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
+ " with invalid domain failed - %s\n",
+ r.in.req.req1.level, errstr);
+ ret = False;
+ } else if (!W_ERROR_EQUAL(r.out.result, WERR_DS_OBJ_NOT_FOUND)) {
+ printf("DsGetDomainControllerInfo level %d\n"
+ " with invalid domain not expected error (WERR_DS_OBJ_NOT_FOUND) - %s\n",
+ r.in.req.req1.level, win_errstr(r.out.result));
+ ret = False;
}
return ret;
}
static BOOL test_DsUnbind(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
- struct policy_handle *bind_handle)
+ struct DsPrivate *priv)
{
NTSTATUS status;
struct drsuapi_DsUnbind r;
BOOL ret = True;
- r.in.bind_handle = bind_handle;
- r.out.bind_handle = bind_handle;
+ r.in.bind_handle = &priv->bind_handle;
+ r.out.bind_handle = &priv->bind_handle;
+
+ printf("testing DsUnbind\n");
status = dcerpc_drsuapi_DsUnbind(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
}
- printf("drsuapi_DsUnbind failed - %s\n", errstr);
+ printf("dcerpc_drsuapi_DsUnbind failed - %s\n", errstr);
+ ret = False;
+ } else if (!W_ERROR_IS_OK(r.out.result)) {
+ printf("DsBind failed - %s\n", win_errstr(r.out.result));
ret = False;
}
return ret;
}
-BOOL torture_rpc_drsuapi(int dummy)
+BOOL torture_rpc_drsuapi(void)
{
NTSTATUS status;
struct dcerpc_pipe *p;
TALLOC_CTX *mem_ctx;
BOOL ret = True;
- struct policy_handle bind_handle;
+ struct DsPrivate priv;
status = torture_rpc_connection(&p,
DCERPC_DRSUAPI_NAME,
mem_ctx = talloc_init("torture_rpc_drsuapi");
- if (!test_DsBind(p, mem_ctx, &bind_handle)) {
+ if (!test_DsBind(p, mem_ctx, &priv)) {
ret = False;
}
- if (!test_DsGetDCInfo(p, mem_ctx, &bind_handle)) {
+ if (!test_DsGetDCInfo(p, mem_ctx, &priv)) {
ret = False;
}
- if (!test_DsCrackNames(p, mem_ctx, &bind_handle)) {
+ if (!test_DsCrackNames(p, mem_ctx, &priv)) {
ret = False;
}
- if (!test_DsUnbind(p, mem_ctx, &bind_handle)) {
+ if (!test_DsUnbind(p, mem_ctx, &priv)) {
ret = False;
}