samr: for correctness, rename samr_RidTypeArray to samr_RidAttrArray.

[samba.git] / source4 / torture / rpc / samr.c
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c

index b87cac5ac911d0a47fface9d62c35f0185db4493..ad61692e0366bfa5f90bca47f9e65b23a45f4952 100644 (file)
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -1870,7 +1870,7 @@ static bool test_ChangePasswordUser(struct dcerpc_binding_handle *b,
                 changed = true;
                 *password = newpass;
         } else if (!NT_STATUS_EQUAL(NT_STATUS_PASSWORD_RESTRICTION, r.out.result)) {
-               torture_warning(tctx, "ChangePasswordUser failed: expected NT_STATUS_NT_CROSS_ENCRYPTION_REQUIRED, got %s\n", nt_errstr(r.out.result));
+               torture_warning(tctx, "ChangePasswordUser failed: expected NT_STATUS_OK, or at least NT_STATUS_PASSWORD_RESTRICTION, got %s\n", nt_errstr(r.out.result));
                 ret = false;
         }
  
@@ -2708,10 +2708,6 @@ static bool test_GetAliasMembership(struct dcerpc_binding_handle *b,
  
         torture_comment(tctx, "Testing GetAliasMembership\n");
  
-       if (torture_setting_bool(tctx, "samba4", false)) {
-               torture_skip(tctx, "skipping GetAliasMembership against s4");
-       }
-
         r.in.domain_handle      = domain_handle;
         r.in.sids               = &sids;
         r.out.rids              = &rids;
@@ -2863,11 +2859,11 @@ static bool test_SamLogon(struct torture_context *tctx,
  
         torture_assert_ntstatus_ok(tctx, dcerpc_schannel_creds(p->conn->security_state.generic_state, tctx, &creds), "");
  
-       if (lp_client_lanman_auth(tctx->lp_ctx)) {
+       if (lpcfg_client_lanman_auth(tctx->lp_ctx)) {
                 flags |= CLI_CRED_LANMAN_AUTH;
         }
  
-       if (lp_client_ntlmv2_auth(tctx->lp_ctx)) {
+       if (lpcfg_client_ntlmv2_auth(tctx->lp_ctx)) {
                 flags |= CLI_CRED_NTLMv2_AUTH;
         }
  
@@ -3115,7 +3111,8 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
         };
         struct dcerpc_pipe *np = NULL;
  
-       if (torture_setting_bool(tctx, "samba3", false)) {
+       if (torture_setting_bool(tctx, "samba3", false) ||
+           torture_setting_bool(tctx, "samba4", false)) {
                 delay = 999999;
                 torture_comment(tctx, "Samba3 has second granularity, setting delay to: %d\n",
                         delay);
@@ -3181,7 +3178,7 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                             password,
                                             machine_credentials,
                                             query_levels[q],
-                                           &pwdlastset_old,
+                                           &pwdlastset_new,
                                             expected_samlogon_result)) {
                         ret = false;
                 }
@@ -3206,6 +3203,7 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                         "been set\n");
                                 break;
                         }
+                       break;
                 default:
                         if (pwdlastset_new != 0) {
                                 torture_warning(tctx, "pwdLastSet test failed: "
@@ -3228,15 +3226,10 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                 ret = false;
                         }
                         break;
-               default:
-                       if ((pwdlastset_old > 0) && (pwdlastset_new > 0) &&
-                           (pwdlastset_old >= pwdlastset_new)) {
-                               torture_warning(tctx, "pwdlastset not increasing\n");
-                               ret = false;
-                       }
-                       break;
                 }
  
+               pwdlastset_old = pwdlastset_new;
+
                 usleep(delay);
  
                 /* set #2 */
@@ -3266,7 +3259,6 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                 case 21:
                 case 23:
                 case 25:
-
                         /* SAMR_FIELD_EXPIRED_FLAG has not been set and no
                          * password has been changed, old and new pwdlastset
                          * need to be the same value */
@@ -3279,6 +3271,7 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                         pwdlastset_new, "pwdlastset must be equal");
                                 break;
                         }
+                       break;
                 default:
                         if (pwdlastset_old >= pwdlastset_new) {
                                 torture_warning(tctx, "pwdLastSet test failed: "
@@ -3292,6 +3285,7 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                         pwdlastset_new);
                                 ret = false;
                         }
+                       break;
                 }
  
                 switch (levels[l]) {
@@ -3306,13 +3300,6 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                 ret = false;
                         }
                         break;
-               default:
-                       if ((pwdlastset_old > 0) && (pwdlastset_new > 0) &&
-                           (pwdlastset_old >= pwdlastset_new)) {
-                               torture_warning(tctx, "pwdlastset not increasing\n");
-                               ret = false;
-                       }
-                       break;
                 }
  
                 pwdlastset_old = pwdlastset_new;
@@ -3347,16 +3334,19 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                 case 23:
                 case 25:
  
-                       /* if no password has been changed, old and new pwdlastset
+                       /* SAMR_FIELD_EXPIRED_FLAG has not been set and no
+                        * password has been changed, old and new pwdlastset
                          * need to be the same value */
  
-                       if (!((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) ||
+                       if (!(fields_present[f] & SAMR_FIELD_EXPIRED_FLAG) &&
+                           !((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) ||
                               (fields_present[f] & SAMR_FIELD_LM_PASSWORD_PRESENT)))
                         {
                                 torture_assert_int_equal(tctx, pwdlastset_old,
                                         pwdlastset_new, "pwdlastset must be equal");
                                 break;
                         }
+                       break;
                 default:
                         if (pwdlastset_old >= pwdlastset_new) {
                                 torture_warning(tctx, "pwdLastSet test failed: "
@@ -3370,8 +3360,27 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                         pwdlastset_new);
                                 ret = false;
                         }
+                       break;
+               }
+
+               switch (levels[l]) {
+               case 21:
+               case 23:
+               case 25:
+                       if (((fields_present[f] & SAMR_FIELD_NT_PASSWORD_PRESENT) ||
+                            (fields_present[f] & SAMR_FIELD_LM_PASSWORD_PRESENT)) &&
+                            (pwdlastset_old > 0) && (pwdlastset_new > 0) &&
+                            (pwdlastset_old >= pwdlastset_new)) {
+                               torture_warning(tctx, "pwdlastset not increasing\n");
+                               ret = false;
+                       }
+                       break;
                 }
  
+               pwdlastset_old = pwdlastset_new;
+
+               usleep(delay);
+
                 /* set #3 */
  
                 /* set a password and force password change (pwdlastset 0) by
@@ -3420,15 +3429,8 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                         pwdlastset_new, "pwdlastset must be equal");
                                 break;
                         }
+                       break;
                 default:
-
-                       if (pwdlastset_old == pwdlastset_new) {
-                               torture_warning(tctx, "pwdLastSet test failed: "
-                                       "expected last pwdlastset (%lld) != new pwdlastset (%lld)\n",
-                                       pwdlastset_old, pwdlastset_new);
-                               ret = false;
-                       }
-
                         if (pwdlastset_new != 0) {
                                 torture_warning(tctx, "pwdLastSet test failed: "
                                         "expected pwdLastSet 0, got %lld\n",
@@ -3450,13 +3452,6 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p,
                                 ret = false;
                         }
                         break;
-               default:
-                       if ((pwdlastset_old > 0) && (pwdlastset_new > 0) &&
-                           (pwdlastset_old >= pwdlastset_new)) {
-                               torture_warning(tctx, "pwdlastset not increasing\n");
-                               ret = false;
-                       }
-                       break;
                 }
  
                 /* if the level we are testing does not have a fields_present
@@ -4690,34 +4685,29 @@ static bool test_user_ops(struct dcerpc_pipe *p,
                         ret = false;
                 }
  
-               if (torture_setting_bool(tctx, "samba4", false)) {
-                       torture_comment(tctx, "skipping Set Password level 18 and 21 against Samba4\n");
-               } else {
+               if (!test_SetUserPass_18(p, tctx, user_handle, &password)) {
+                       ret = false;
+               }
  
-                       if (!test_SetUserPass_18(p, tctx, user_handle, &password)) {
-                               ret = false;
+               if (!test_ChangePasswordUser3(p, tctx, base_acct_name, 0, &password, NULL, 0, false)) {
+                       ret = false;
+               }
+
+               for (i = 0; password_fields[i]; i++) {
+
+                       if (password_fields[i] == SAMR_FIELD_LM_PASSWORD_PRESENT) {
+                               /* we need to skip as that would break
+                                * the ChangePasswordUser3 verify */
+                               continue;
                         }
  
-                       if (!test_ChangePasswordUser3(p, tctx, base_acct_name, 0, &password, NULL, 0, false)) {
+                       if (!test_SetUserPass_21(p, tctx, user_handle, password_fields[i], &password)) {
                                 ret = false;
                         }
  
-                       for (i = 0; password_fields[i]; i++) {
-
-                               if (password_fields[i] == SAMR_FIELD_LM_PASSWORD_PRESENT) {
-                                       /* we need to skip as that would break
-                                        * the ChangePasswordUser3 verify */
-                                       continue;
-                               }
-
-                               if (!test_SetUserPass_21(p, tctx, user_handle, password_fields[i], &password)) {
-                                       ret = false;
-                               }
-
-                               /* check it was set right */
-                               if (!test_ChangePasswordUser3(p, tctx, base_acct_name, 0, &password, NULL, 0, false)) {
-                                       ret = false;
-                               }
+                       /* check it was set right */
+                       if (!test_ChangePasswordUser3(p, tctx, base_acct_name, 0, &password, NULL, 0, false)) {
+                               ret = false;
                         }
                 }
  
@@ -4734,7 +4724,7 @@ static bool test_user_ops(struct dcerpc_pipe *p,
                 } else {
                         uint32_t expected_flags = (base_acct_flags | ACB_PWNOTREQ | ACB_DISABLED);
                         if ((info->info5.acct_flags) != expected_flags) {
-                               torture_warning(tctx, "QuerUserInfo level 5 failed, it returned 0x%08x when we expected flags of 0x%08x\n",
+                               torture_warning(tctx, "QueryUserInfo level 5 failed, it returned 0x%08x when we expected flags of 0x%08x\n",
                                        info->info5.acct_flags,
                                        expected_flags);
                                 /* FIXME: GD */
@@ -4743,7 +4733,7 @@ static bool test_user_ops(struct dcerpc_pipe *p,
                                 }
                         }
                         if (info->info5.rid != rid) {
-                               torture_warning(tctx, "QuerUserInfo level 5 failed, it returned %u when we expected rid of %u\n",
+                               torture_warning(tctx, "QueryUserInfo level 5 failed, it returned %u when we expected rid of %u\n",
                                        info->info5.rid, rid);
  
                         }
@@ -5366,7 +5356,7 @@ static bool test_CreateUser(struct dcerpc_pipe *p, struct torture_context *tctx,
                         ret = false;
                 } else {
                         if ((info->info16.acct_flags & acct_flags) != acct_flags) {
-                               torture_warning(tctx, "QuerUserInfo level 16 failed, it returned 0x%08x when we expected flags of 0x%08x\n",
+                               torture_warning(tctx, "QueryUserInfo level 16 failed, it returned 0x%08x when we expected flags of 0x%08x\n",
                                        info->info16.acct_flags,
                                        acct_flags);
                                 ret = false;
@@ -5507,7 +5497,7 @@ static bool test_CreateUser2(struct dcerpc_pipe *p, struct torture_context *tctx
                                         expected_flags |= ACB_PW_EXPIRED;
                                 }
                                 if ((info->info5.acct_flags) != expected_flags) {
-                                       torture_warning(tctx, "QuerUserInfo level 5 failed, it returned 0x%08x when we expected flags of 0x%08x\n",
+                                       torture_warning(tctx, "QueryUserInfo level 5 failed, it returned 0x%08x when we expected flags of 0x%08x\n",
                                                info->info5.acct_flags,
                                                expected_flags);
                                         ret = false;
@@ -5515,21 +5505,21 @@ static bool test_CreateUser2(struct dcerpc_pipe *p, struct torture_context *tctx
                                 switch (acct_flags) {
                                 case ACB_SVRTRUST:
                                         if (info->info5.primary_gid != DOMAIN_RID_DCS) {
-                                               torture_warning(tctx, "QuerUserInfo level 5: DC should have had Primary Group %d, got %d\n",
+                                               torture_warning(tctx, "QueryUserInfo level 5: DC should have had Primary Group %d, got %d\n",
                                                        DOMAIN_RID_DCS, info->info5.primary_gid);
                                                 ret = false;
                                         }
                                         break;
                                 case ACB_WSTRUST:
                                         if (info->info5.primary_gid != DOMAIN_RID_DOMAIN_MEMBERS) {
-                                               torture_warning(tctx, "QuerUserInfo level 5: Domain Member should have had Primary Group %d, got %d\n",
+                                               torture_warning(tctx, "QueryUserInfo level 5: Domain Member should have had Primary Group %d, got %d\n",
                                                        DOMAIN_RID_DOMAIN_MEMBERS, info->info5.primary_gid);
                                                 ret = false;
                                         }
                                         break;
                                 case ACB_NORMAL:
                                         if (info->info5.primary_gid != DOMAIN_RID_USERS) {
-                                               torture_warning(tctx, "QuerUserInfo level 5: Users should have had Primary Group %d, got %d\n",
+                                               torture_warning(tctx, "QueryUserInfo level 5: Users should have had Primary Group %d, got %d\n",
                                                        DOMAIN_RID_USERS, info->info5.primary_gid);
                                                 ret = false;
                                         }
@@ -5626,7 +5616,7 @@ static bool test_QueryGroupMember(struct dcerpc_binding_handle *b,
                                   struct policy_handle *handle)
  {
         struct samr_QueryGroupMember r;
-       struct samr_RidTypeArray *rids = NULL;
+       struct samr_RidAttrArray *rids = NULL;
         bool ret = true;
  
         torture_comment(tctx, "Testing QueryGroupMember\n");
@@ -7020,7 +7010,7 @@ static bool test_AddGroupMember(struct dcerpc_binding_handle *b,
         struct samr_AddGroupMember r;
         struct samr_DeleteGroupMember d;
         struct samr_QueryGroupMember q;
-       struct samr_RidTypeArray *rids = NULL;
+       struct samr_RidAttrArray *rids = NULL;
         struct samr_SetMemberAttributesOfGroup s;
         uint32_t rid;
         bool found_member = false;