2 Unix SMB/CIFS implementation.
4 test suite for behaviour of rpc policy handles
6 Copyright (C) Andrew Tridgell 2007
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "torture/torture.h"
24 #include "librpc/gen_ndr/ndr_samr_c.h"
25 #include "librpc/gen_ndr/ndr_lsa_c.h"
26 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
27 #include "torture/rpc/rpc.h"
30 this tests the use of policy handles between connections
33 static bool test_handles_lsa(struct torture_context *torture)
36 struct dcerpc_pipe *p1, *p2;
37 struct policy_handle handle;
38 struct policy_handle handle2;
39 struct lsa_ObjectAttribute attr;
40 struct lsa_QosInfo qos;
41 struct lsa_OpenPolicy r;
43 uint16_t system_name = '\\';
44 TALLOC_CTX *mem_ctx = talloc_new(torture);
46 torture_comment(torture, "RPC-HANDLE-LSARPC\n");
48 status = torture_rpc_connection(torture, &p1, &ndr_table_lsarpc);
49 torture_assert_ntstatus_ok(torture, status, "opening lsa pipe1");
51 status = torture_rpc_connection(torture, &p2, &ndr_table_lsarpc);
52 torture_assert_ntstatus_ok(torture, status, "opening lsa pipe1");
55 qos.impersonation_level = 2;
57 qos.effective_only = 0;
61 attr.object_name = NULL;
66 r.in.system_name = &system_name;
68 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
69 r.out.handle = &handle;
71 status = dcerpc_lsa_OpenPolicy(p1, mem_ctx, &r);
72 if (!NT_STATUS_IS_OK(status)) {
73 torture_comment(torture, "lsa_OpenPolicy not supported - skipping\n");
78 c.in.handle = &handle;
79 c.out.handle = &handle2;
81 status = dcerpc_lsa_Close(p2, mem_ctx, &c);
82 torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
83 "closing policy handle on p2");
84 torture_assert_int_equal(torture, p2->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
85 "closing policy handle on p2");
87 status = dcerpc_lsa_Close(p1, mem_ctx, &c);
88 torture_assert_ntstatus_ok(torture, status, "closing policy handle on p1");
90 status = dcerpc_lsa_Close(p1, mem_ctx, &c);
91 torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
92 "closing policy handle on p1 again");
93 torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
94 "closing policy handle on p1 again");
101 static bool test_handles_lsa_shared(struct torture_context *torture)
104 struct dcerpc_pipe *p1, *p2, *p3, *p4, *p5;
105 struct policy_handle handle;
106 struct policy_handle handle2;
107 struct lsa_ObjectAttribute attr;
108 struct lsa_QosInfo qos;
109 struct lsa_OpenPolicy r;
111 struct lsa_QuerySecurity qsec;
112 struct sec_desc_buf *sdbuf = NULL;
113 uint16_t system_name = '\\';
114 TALLOC_CTX *mem_ctx = talloc_new(torture);
115 enum dcerpc_transport_t transport;
116 uint32_t assoc_group_id;
118 torture_comment(torture, "RPC-HANDLE-LSARPC-SHARED\n");
120 torture_comment(torture, "connect lsa pipe1\n");
121 status = torture_rpc_connection(torture, &p1, &ndr_table_lsarpc);
122 torture_assert_ntstatus_ok(torture, status, "opening lsa pipe1");
124 transport = p1->conn->transport.transport,
125 assoc_group_id = p1->assoc_group_id;
127 torture_comment(torture, "use assoc_group_id[0x%08X] for new connections\n", assoc_group_id);
129 torture_comment(torture, "connect lsa pipe2\n");
130 status = torture_rpc_connection_transport(torture, &p2, &ndr_table_lsarpc,
133 torture_assert_ntstatus_ok(torture, status, "opening lsa pipe2");
135 torture_comment(torture, "got assoc_group_id[0x%08X] for p2\n",
139 qos.impersonation_level = 2;
140 qos.context_mode = 1;
141 qos.effective_only = 0;
144 attr.root_dir = NULL;
145 attr.object_name = NULL;
147 attr.sec_desc = NULL;
150 r.in.system_name = &system_name;
152 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
153 r.out.handle = &handle;
155 torture_comment(torture, "open lsa policy handle\n");
156 status = dcerpc_lsa_OpenPolicy(p1, mem_ctx, &r);
157 if (!NT_STATUS_IS_OK(status)) {
158 torture_comment(torture, "lsa_OpenPolicy not supported - skipping\n");
159 talloc_free(mem_ctx);
164 * connect p3 after the policy handle is opened
166 torture_comment(torture, "connect lsa pipe3 after the policy handle is opened\n");
167 status = torture_rpc_connection_transport(torture, &p3, &ndr_table_lsarpc,
170 torture_assert_ntstatus_ok(torture, status, "opening lsa pipe3");
172 qsec.in.handle = &handle;
173 qsec.in.sec_info = 0;
174 qsec.out.sdbuf = &sdbuf;
175 c.in.handle = &handle;
176 c.out.handle = &handle2;
179 * use policy handle on all 3 connections
181 torture_comment(torture, "use the policy handle on p1,p2,p3\n");
182 status = dcerpc_lsa_QuerySecurity(p1, mem_ctx, &qsec);
183 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
184 "use policy handle on p1");
186 status = dcerpc_lsa_QuerySecurity(p2, mem_ctx, &qsec);
187 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
188 "use policy handle on p2");
190 status = dcerpc_lsa_QuerySecurity(p3, mem_ctx, &qsec);
191 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
192 "use policy handle on p3");
195 * close policy handle on connection 2 and the others get a fault
197 torture_comment(torture, "close the policy handle on p2 others get a fault\n");
198 status = dcerpc_lsa_Close(p2, mem_ctx, &c);
199 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
200 "closing policy handle on p2");
202 status = dcerpc_lsa_Close(p1, mem_ctx, &c);
203 torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
204 "closing policy handle on p1 again");
205 torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
206 "closing policy handle on p1 again");
208 status = dcerpc_lsa_Close(p3, mem_ctx, &c);
209 torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
210 "closing policy handle on p3");
211 torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
212 "closing policy handle on p3");
214 status = dcerpc_lsa_Close(p2, mem_ctx, &c);
215 torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
216 "closing policy handle on p2 again");
217 torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
218 "closing policy handle on p2 again");
221 * open a new policy handle on p3
223 torture_comment(torture, "open a new policy handle on p3\n");
224 status = dcerpc_lsa_OpenPolicy(p3, mem_ctx, &r);
225 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
226 "open policy handle on p3");
229 * use policy handle on all 3 connections
231 torture_comment(torture, "use the policy handle on p1,p2,p3\n");
232 status = dcerpc_lsa_QuerySecurity(p1, mem_ctx, &qsec);
233 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
234 "use policy handle on p1");
236 status = dcerpc_lsa_QuerySecurity(p2, mem_ctx, &qsec);
237 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
238 "use policy handle on p2");
240 status = dcerpc_lsa_QuerySecurity(p3, mem_ctx, &qsec);
241 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
242 "use policy handle on p3");
245 * close policy handle on connection 2 and the others get a fault
247 torture_comment(torture, "close the policy handle on p2 others get a fault\n");
248 status = dcerpc_lsa_Close(p2, mem_ctx, &c);
249 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
250 "closing policy handle on p2");
252 status = dcerpc_lsa_Close(p1, mem_ctx, &c);
253 torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
254 "closing policy handle on p1 again");
255 torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
256 "closing policy handle on p1 again");
258 status = dcerpc_lsa_Close(p3, mem_ctx, &c);
259 torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
260 "closing policy handle on p3");
261 torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
262 "closing policy handle on p3");
264 status = dcerpc_lsa_Close(p2, mem_ctx, &c);
265 torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
266 "closing policy handle on p2 again");
267 torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
268 "closing policy handle on p2 again");
271 * open a new policy handle
273 torture_comment(torture, "open a new policy handle on p1 and use it\n");
274 status = dcerpc_lsa_OpenPolicy(p1, mem_ctx, &r);
275 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
276 "open 2nd policy handle on p1");
278 status = dcerpc_lsa_QuerySecurity(p1, mem_ctx, &qsec);
279 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
280 "QuerySecurity handle on p1");
282 /* close first connection */
283 torture_comment(torture, "disconnect p1\n");
288 * and it's still available on p2,p3
290 torture_comment(torture, "use policy handle on p2,p3\n");
291 status = dcerpc_lsa_QuerySecurity(p2, mem_ctx, &qsec);
292 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
293 "QuerySecurity handle on p2 after p1 was disconnected");
295 status = dcerpc_lsa_QuerySecurity(p3, mem_ctx, &qsec);
296 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
297 "QuerySecurity handle on p3 after p1 was disconnected");
301 * and use the handle on it
303 torture_comment(torture, "connect lsa pipe4 and use policy handle\n");
304 status = torture_rpc_connection_transport(torture, &p4, &ndr_table_lsarpc,
307 torture_assert_ntstatus_ok(torture, status, "opening lsa pipe4");
309 status = dcerpc_lsa_QuerySecurity(p4, mem_ctx, &qsec);
310 torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
311 "using policy handle on p4");
315 * without closing the policy handle
317 torture_comment(torture, "disconnect p2,p3,p4\n");
326 torture_comment(torture, "connect lsa pipe5 - should fail\n");
327 status = torture_rpc_connection_transport(torture, &p5, &ndr_table_lsarpc,
330 torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
331 "opening lsa pipe5");
333 talloc_free(mem_ctx);
339 static bool test_handles_samr(struct torture_context *torture)
342 struct dcerpc_pipe *p1, *p2;
343 struct policy_handle handle;
344 struct policy_handle handle2;
345 struct samr_Connect r;
347 TALLOC_CTX *mem_ctx = talloc_new(torture);
349 torture_comment(torture, "RPC-HANDLE-SAMR\n");
351 status = torture_rpc_connection(torture, &p1, &ndr_table_samr);
352 torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
354 status = torture_rpc_connection(torture, &p2, &ndr_table_samr);
355 torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
357 r.in.system_name = 0;
358 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
359 r.out.connect_handle = &handle;
361 status = dcerpc_samr_Connect(p1, mem_ctx, &r);
362 torture_assert_ntstatus_ok(torture, status, "opening policy handle on p1");
364 c.in.handle = &handle;
365 c.out.handle = &handle2;
367 status = dcerpc_samr_Close(p2, mem_ctx, &c);
368 torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
369 "closing policy handle on p2");
370 torture_assert_int_equal(torture, p2->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
371 "closing policy handle on p2");
373 status = dcerpc_samr_Close(p1, mem_ctx, &c);
374 torture_assert_ntstatus_ok(torture, status, "closing policy handle on p1");
376 status = dcerpc_samr_Close(p1, mem_ctx, &c);
377 torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
378 "closing policy handle on p1 again");
379 torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
380 "closing policy handle on p1 again");
382 talloc_free(mem_ctx);
387 static bool test_handles_mixed_shared(struct torture_context *torture)
390 struct dcerpc_pipe *p1, *p2, *p3, *p4, *p5, *p6;
391 struct policy_handle handle;
392 struct policy_handle handle2;
393 struct samr_Connect r;
395 struct samr_Close sc;
396 TALLOC_CTX *mem_ctx = talloc_new(torture);
397 enum dcerpc_transport_t transport;
398 uint32_t assoc_group_id;
400 torture_comment(torture, "RPC-HANDLE-MIXED-SHARED\n");
402 torture_comment(torture, "connect samr pipe1\n");
403 status = torture_rpc_connection(torture, &p1, &ndr_table_samr);
404 torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
406 transport = p1->conn->transport.transport,
407 assoc_group_id = p1->assoc_group_id;
409 torture_comment(torture, "use assoc_group_id[0x%08X] for new connections\n", assoc_group_id);
411 torture_comment(torture, "connect lsa pipe2\n");
412 status = torture_rpc_connection_transport(torture, &p2, &ndr_table_lsarpc,
415 torture_assert_ntstatus_ok(torture, status, "opening lsa pipe2");
417 torture_comment(torture, "got assoc_group_id[0x%08X] for p2\n",
419 r.in.system_name = 0;
420 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
421 r.out.connect_handle = &handle;
423 torture_comment(torture, "samr_Connect to open a policy handle on samr p1\n");
424 status = dcerpc_samr_Connect(p1, mem_ctx, &r);
425 torture_assert_ntstatus_ok(torture, status, "opening policy handle on p1");
427 lc.in.handle = &handle;
428 lc.out.handle = &handle2;
429 sc.in.handle = &handle;
430 sc.out.handle = &handle2;
432 torture_comment(torture, "use policy handle on lsa p2 - should fail\n");
433 status = dcerpc_lsa_Close(p2, mem_ctx, &lc);
434 torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
435 "closing handle on lsa p2");
436 torture_assert_int_equal(torture, p2->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
437 "closing handle on lsa p2");
439 torture_comment(torture, "closing policy handle on samr p1\n");
440 status = dcerpc_samr_Close(p1, mem_ctx, &sc);
441 torture_assert_ntstatus_ok(torture, status, "closing policy handle on p1");
447 torture_comment(torture, "connect samr pipe3 - should fail\n");
448 status = torture_rpc_connection_transport(torture, &p3, &ndr_table_samr,
451 torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
452 "opening samr pipe3");
454 torture_comment(torture, "connect lsa pipe4 - should fail\n");
455 status = torture_rpc_connection_transport(torture, &p4, &ndr_table_lsarpc,
458 torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
459 "opening lsa pipe4");
461 torture_comment(torture, "connect samr pipe5 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id);
462 status = torture_rpc_connection_transport(torture, &p5, &ndr_table_samr,
465 torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
466 "opening samr pipe5");
468 torture_comment(torture, "connect lsa pipe6 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id);
469 status = torture_rpc_connection_transport(torture, &p6, &ndr_table_lsarpc,
472 torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
473 "opening lsa pipe6");
475 talloc_free(mem_ctx);
480 static bool test_handles_random_assoc(struct torture_context *torture)
483 struct dcerpc_pipe *p1, *p2, *p3;
484 TALLOC_CTX *mem_ctx = talloc_new(torture);
485 enum dcerpc_transport_t transport;
486 uint32_t assoc_group_id;
488 torture_comment(torture, "RPC-HANDLE-RANDOM-ASSOC\n");
490 torture_comment(torture, "connect samr pipe1\n");
491 status = torture_rpc_connection(torture, &p1, &ndr_table_samr);
492 torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
494 transport = p1->conn->transport.transport,
495 assoc_group_id = p1->assoc_group_id;
497 torture_comment(torture, "pip1 use assoc_group_id[0x%08X]\n", assoc_group_id);
499 torture_comment(torture, "connect samr pipe2 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id);
500 status = torture_rpc_connection_transport(torture, &p2, &ndr_table_samr,
503 torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
504 "opening samr pipe2");
506 torture_comment(torture, "connect samr pipe3 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id);
507 status = torture_rpc_connection_transport(torture, &p3, &ndr_table_samr,
510 torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
511 "opening samr pipe3");
513 talloc_free(mem_ctx);
519 static bool test_handles_drsuapi(struct torture_context *torture)
522 struct dcerpc_pipe *p1, *p2;
523 struct policy_handle handle;
524 struct policy_handle handle2;
525 struct GUID bind_guid;
526 struct drsuapi_DsBind r;
527 struct drsuapi_DsUnbind c;
528 TALLOC_CTX *mem_ctx = talloc_new(torture);
530 torture_comment(torture, "RPC-HANDLE-DRSUAPI\n");
532 status = torture_rpc_connection(torture, &p1, &ndr_table_drsuapi);
533 torture_assert_ntstatus_ok(torture, status, "opening drsuapi pipe1");
535 status = torture_rpc_connection(torture, &p2, &ndr_table_drsuapi);
536 torture_assert_ntstatus_ok(torture, status, "opening drsuapi pipe1");
538 GUID_from_string(DRSUAPI_DS_BIND_GUID, &bind_guid);
540 r.in.bind_guid = &bind_guid;
541 r.in.bind_info = NULL;
542 r.out.bind_handle = &handle;
544 status = dcerpc_drsuapi_DsBind(p1, mem_ctx, &r);
545 if (!NT_STATUS_IS_OK(status)) {
546 torture_comment(torture, "drsuapi_DsBind not supported - skipping\n");
547 talloc_free(mem_ctx);
551 c.in.bind_handle = &handle;
552 c.out.bind_handle = &handle2;
554 status = dcerpc_drsuapi_DsUnbind(p2, mem_ctx, &c);
555 torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
556 "closing policy handle on p2");
557 torture_assert_int_equal(torture, p2->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
558 "closing policy handle on p2");
560 status = dcerpc_drsuapi_DsUnbind(p1, mem_ctx, &c);
561 torture_assert_ntstatus_ok(torture, status, "closing policy handle on p1");
563 status = dcerpc_drsuapi_DsUnbind(p1, mem_ctx, &c);
564 torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
565 "closing policy handle on p1 again");
566 torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
567 "closing policy handle on p1 again");
569 talloc_free(mem_ctx);
575 struct torture_suite *torture_rpc_handles(TALLOC_CTX *mem_ctx)
577 struct torture_suite *suite;
579 suite = torture_suite_create(mem_ctx, "HANDLES");
580 torture_suite_add_simple_test(suite, "lsarpc", test_handles_lsa);
581 torture_suite_add_simple_test(suite, "lsarpc-shared", test_handles_lsa_shared);
582 torture_suite_add_simple_test(suite, "samr", test_handles_samr);
583 torture_suite_add_simple_test(suite, "mixed-shared", test_handles_mixed_shared);
584 torture_suite_add_simple_test(suite, "random-assoc", test_handles_random_assoc);
585 torture_suite_add_simple_test(suite, "drsuapi", test_handles_drsuapi);