source4/torture/rpc/handles.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    test suite for behaviour of rpc policy handles
   5
   6    Copyright (C) Andrew Tridgell 2007
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 3 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  20 */
  21
  22 #include "includes.h"
  23 #include "torture/torture.h"
  24 #include "librpc/gen_ndr/ndr_samr_c.h"
  25 #include "librpc/gen_ndr/ndr_lsa_c.h"
  26 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
  27 #include "torture/rpc/rpc.h"
  28
  29 /*
  30   this tests the use of policy handles between connections
  31 */
  32
  33 static bool test_handles_lsa(struct torture_context *torture)
  34 {
  35         NTSTATUS status;
  36         struct dcerpc_pipe *p1, *p2;
  37         struct policy_handle handle;
  38         struct policy_handle handle2;
  39         struct lsa_ObjectAttribute attr;
  40         struct lsa_QosInfo qos;
  41         struct lsa_OpenPolicy r;
  42         struct lsa_Close c;
  43         uint16_t system_name = '\\';
  44         TALLOC_CTX *mem_ctx = talloc_new(torture);
  45
  46         torture_comment(torture, "RPC-HANDLE-LSARPC\n");
  47
  48         status = torture_rpc_connection(torture, &p1, &ndr_table_lsarpc);
  49         torture_assert_ntstatus_ok(torture, status, "opening lsa pipe1");
  50
  51         status = torture_rpc_connection(torture, &p2, &ndr_table_lsarpc);
  52         torture_assert_ntstatus_ok(torture, status, "opening lsa pipe1");
  53
  54         qos.len = 0;
  55         qos.impersonation_level = 2;
  56         qos.context_mode = 1;
  57         qos.effective_only = 0;
  58
  59         attr.len = 0;
  60         attr.root_dir = NULL;
  61         attr.object_name = NULL;
  62         attr.attributes = 0;
  63         attr.sec_desc = NULL;
  64         attr.sec_qos = &qos;
  65
  66         r.in.system_name = &system_name;
  67         r.in.attr = &attr;
  68         r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
  69         r.out.handle = &handle;
  70
  71         status = dcerpc_lsa_OpenPolicy(p1, mem_ctx, &r);
  72         if (!NT_STATUS_IS_OK(status)) {
  73                 torture_comment(torture, "lsa_OpenPolicy not supported - skipping\n");
  74                 talloc_free(mem_ctx);
  75                 return true;
  76         }
  77
  78         c.in.handle = &handle;
  79         c.out.handle = &handle2;
  80
  81         status = dcerpc_lsa_Close(p2, mem_ctx, &c);
  82         torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
  83                                       "closing policy handle on p2");
  84         torture_assert_int_equal(torture, p2->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
  85                                       "closing policy handle on p2");
  86
  87         status = dcerpc_lsa_Close(p1, mem_ctx, &c);
  88         torture_assert_ntstatus_ok(torture, status, "closing policy handle on p1");
  89
  90         status = dcerpc_lsa_Close(p1, mem_ctx, &c);
  91         torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
  92                                       "closing policy handle on p1 again");
  93         torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
  94                                       "closing policy handle on p1 again");
  95
  96         talloc_free(mem_ctx);
  97
  98         return true;
  99 }
 100
 101 static bool test_handles_lsa_shared(struct torture_context *torture)
 102 {
 103         NTSTATUS status;
 104         struct dcerpc_pipe *p1, *p2, *p3, *p4, *p5;
 105         struct policy_handle handle;
 106         struct policy_handle handle2;
 107         struct lsa_ObjectAttribute attr;
 108         struct lsa_QosInfo qos;
 109         struct lsa_OpenPolicy r;
 110         struct lsa_Close c;
 111         struct lsa_QuerySecurity qsec;
 112         struct sec_desc_buf *sdbuf = NULL;
 113         uint16_t system_name = '\\';
 114         TALLOC_CTX *mem_ctx = talloc_new(torture);
 115         enum dcerpc_transport_t transport;
 116         uint32_t assoc_group_id;
 117
 118         torture_comment(torture, "RPC-HANDLE-LSARPC-SHARED\n");
 119
 120         torture_comment(torture, "connect lsa pipe1\n");
 121         status = torture_rpc_connection(torture, &p1, &ndr_table_lsarpc);
 122         torture_assert_ntstatus_ok(torture, status, "opening lsa pipe1");
 123
 124         transport       = p1->conn->transport.transport,
 125         assoc_group_id  = p1->assoc_group_id;
 126
 127         torture_comment(torture, "use assoc_group_id[0x%08X] for new connections\n", assoc_group_id);
 128
 129         torture_comment(torture, "connect lsa pipe2\n");
 130         status = torture_rpc_connection_transport(torture, &p2, &ndr_table_lsarpc,
 131                                                   transport,
 132                                                   assoc_group_id);
 133         torture_assert_ntstatus_ok(torture, status, "opening lsa pipe2");
 134
 135         torture_comment(torture, "got assoc_group_id[0x%08X] for p2\n",
 136                         p2->assoc_group_id);
 137
 138         qos.len = 0;
 139         qos.impersonation_level = 2;
 140         qos.context_mode = 1;
 141         qos.effective_only = 0;
 142
 143         attr.len = 0;
 144         attr.root_dir = NULL;
 145         attr.object_name = NULL;
 146         attr.attributes = 0;
 147         attr.sec_desc = NULL;
 148         attr.sec_qos = &qos;
 149
 150         r.in.system_name = &system_name;
 151         r.in.attr = &attr;
 152         r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 153         r.out.handle = &handle;
 154
 155         torture_comment(torture, "open lsa policy handle\n");
 156         status = dcerpc_lsa_OpenPolicy(p1, mem_ctx, &r);
 157         if (!NT_STATUS_IS_OK(status)) {
 158                 torture_comment(torture, "lsa_OpenPolicy not supported - skipping\n");
 159                 talloc_free(mem_ctx);
 160                 return true;
 161         }
 162
 163         /*
 164          * connect p3 after the policy handle is opened
 165          */
 166         torture_comment(torture, "connect lsa pipe3 after the policy handle is opened\n");
 167         status = torture_rpc_connection_transport(torture, &p3, &ndr_table_lsarpc,
 168                                                   transport,
 169                                                   assoc_group_id);
 170         torture_assert_ntstatus_ok(torture, status, "opening lsa pipe3");
 171
 172         qsec.in.handle          = &handle;
 173         qsec.in.sec_info        = 0;
 174         qsec.out.sdbuf          = &sdbuf;
 175         c.in.handle = &handle;
 176         c.out.handle = &handle2;
 177
 178         /*
 179          * use policy handle on all 3 connections
 180          */
 181         torture_comment(torture, "use the policy handle on p1,p2,p3\n");
 182         status = dcerpc_lsa_QuerySecurity(p1, mem_ctx, &qsec);
 183         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 184                                       "use policy handle on p1");
 185
 186         status = dcerpc_lsa_QuerySecurity(p2, mem_ctx, &qsec);
 187         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 188                                       "use policy handle on p2");
 189
 190         status = dcerpc_lsa_QuerySecurity(p3, mem_ctx, &qsec);
 191         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 192                                       "use policy handle on p3");
 193
 194         /*
 195          * close policy handle on connection 2 and the others get a fault
 196          */
 197         torture_comment(torture, "close the policy handle on p2 others get a fault\n");
 198         status = dcerpc_lsa_Close(p2, mem_ctx, &c);
 199         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 200                                       "closing policy handle on p2");
 201
 202         status = dcerpc_lsa_Close(p1, mem_ctx, &c);
 203         torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
 204                                       "closing policy handle on p1 again");
 205         torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
 206                                       "closing policy handle on p1 again");
 207
 208         status = dcerpc_lsa_Close(p3, mem_ctx, &c);
 209         torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
 210                                       "closing policy handle on p3");
 211         torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
 212                                       "closing policy handle on p3");
 213
 214         status = dcerpc_lsa_Close(p2, mem_ctx, &c);
 215         torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
 216                                       "closing policy handle on p2 again");
 217         torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
 218                                       "closing policy handle on p2 again");
 219
 220         /*
 221          * open a new policy handle on p3
 222          */
 223         torture_comment(torture, "open a new policy handle on p3\n");
 224         status = dcerpc_lsa_OpenPolicy(p3, mem_ctx, &r);
 225         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 226                                       "open policy handle on p3");
 227
 228         /*
 229          * use policy handle on all 3 connections
 230          */
 231         torture_comment(torture, "use the policy handle on p1,p2,p3\n");
 232         status = dcerpc_lsa_QuerySecurity(p1, mem_ctx, &qsec);
 233         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 234                                       "use policy handle on p1");
 235
 236         status = dcerpc_lsa_QuerySecurity(p2, mem_ctx, &qsec);
 237         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 238                                       "use policy handle on p2");
 239
 240         status = dcerpc_lsa_QuerySecurity(p3, mem_ctx, &qsec);
 241         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 242                                       "use policy handle on p3");
 243
 244         /*
 245          * close policy handle on connection 2 and the others get a fault
 246          */
 247         torture_comment(torture, "close the policy handle on p2 others get a fault\n");
 248         status = dcerpc_lsa_Close(p2, mem_ctx, &c);
 249         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 250                                       "closing policy handle on p2");
 251
 252         status = dcerpc_lsa_Close(p1, mem_ctx, &c);
 253         torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
 254                                       "closing policy handle on p1 again");
 255         torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
 256                                       "closing policy handle on p1 again");
 257
 258         status = dcerpc_lsa_Close(p3, mem_ctx, &c);
 259         torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
 260                                       "closing policy handle on p3");
 261         torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
 262                                       "closing policy handle on p3");
 263
 264         status = dcerpc_lsa_Close(p2, mem_ctx, &c);
 265         torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
 266                                       "closing policy handle on p2 again");
 267         torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
 268                                       "closing policy handle on p2 again");
 269
 270         /*
 271          * open a new policy handle
 272          */
 273         torture_comment(torture, "open a new policy handle on p1 and use it\n");
 274         status = dcerpc_lsa_OpenPolicy(p1, mem_ctx, &r);
 275         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 276                                       "open 2nd policy handle on p1");
 277
 278         status = dcerpc_lsa_QuerySecurity(p1, mem_ctx, &qsec);
 279         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 280                                       "QuerySecurity handle on p1");
 281
 282         /* close first connection */
 283         torture_comment(torture, "disconnect p1\n");
 284         talloc_free(p1);
 285         msleep(5);
 286
 287         /*
 288          * and it's still available on p2,p3
 289          */
 290         torture_comment(torture, "use policy handle on p2,p3\n");
 291         status = dcerpc_lsa_QuerySecurity(p2, mem_ctx, &qsec);
 292         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 293                                       "QuerySecurity handle on p2 after p1 was disconnected");
 294
 295         status = dcerpc_lsa_QuerySecurity(p3, mem_ctx, &qsec);
 296         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 297                                       "QuerySecurity handle on p3 after p1 was disconnected");
 298
 299         /*
 300          * now open p4
 301          * and use the handle on it
 302          */
 303         torture_comment(torture, "connect lsa pipe4 and use policy handle\n");
 304         status = torture_rpc_connection_transport(torture, &p4, &ndr_table_lsarpc,
 305                                                   transport,
 306                                                   assoc_group_id);
 307         torture_assert_ntstatus_ok(torture, status, "opening lsa pipe4");
 308
 309         status = dcerpc_lsa_QuerySecurity(p4, mem_ctx, &qsec);
 310         torture_assert_ntstatus_equal(torture, status, NT_STATUS_OK,
 311                                       "using policy handle on p4");
 312
 313         /*
 314          * now close p2,p3,p4
 315          * without closing the policy handle
 316          */
 317         torture_comment(torture, "disconnect p2,p3,p4\n");
 318         talloc_free(p2);
 319         talloc_free(p3);
 320         talloc_free(p4);
 321         msleep(10);
 322
 323         /*
 324          * now open p5
 325          */
 326         torture_comment(torture, "connect lsa pipe5 - should fail\n");
 327         status = torture_rpc_connection_transport(torture, &p5, &ndr_table_lsarpc,
 328                                                   transport,
 329                                                   assoc_group_id);
 330         torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
 331                                       "opening lsa pipe5");
 332
 333         talloc_free(mem_ctx);
 334
 335         return true;
 336 }
 337
 338
 339 static bool test_handles_samr(struct torture_context *torture)
 340 {
 341         NTSTATUS status;
 342         struct dcerpc_pipe *p1, *p2;
 343         struct policy_handle handle;
 344         struct policy_handle handle2;
 345         struct samr_Connect r;
 346         struct samr_Close c;
 347         TALLOC_CTX *mem_ctx = talloc_new(torture);
 348
 349         torture_comment(torture, "RPC-HANDLE-SAMR\n");
 350
 351         status = torture_rpc_connection(torture, &p1, &ndr_table_samr);
 352         torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
 353
 354         status = torture_rpc_connection(torture, &p2, &ndr_table_samr);
 355         torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
 356
 357         r.in.system_name = 0;
 358         r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 359         r.out.connect_handle = &handle;
 360
 361         status = dcerpc_samr_Connect(p1, mem_ctx, &r);
 362         torture_assert_ntstatus_ok(torture, status, "opening policy handle on p1");
 363
 364         c.in.handle = &handle;
 365         c.out.handle = &handle2;
 366
 367         status = dcerpc_samr_Close(p2, mem_ctx, &c);
 368         torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
 369                                       "closing policy handle on p2");
 370         torture_assert_int_equal(torture, p2->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
 371                                       "closing policy handle on p2");
 372
 373         status = dcerpc_samr_Close(p1, mem_ctx, &c);
 374         torture_assert_ntstatus_ok(torture, status, "closing policy handle on p1");
 375
 376         status = dcerpc_samr_Close(p1, mem_ctx, &c);
 377         torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
 378                                       "closing policy handle on p1 again");
 379         torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
 380                                       "closing policy handle on p1 again");
 381
 382         talloc_free(mem_ctx);
 383
 384         return true;
 385 }
 386
 387 static bool test_handles_mixed_shared(struct torture_context *torture)
 388 {
 389         NTSTATUS status;
 390         struct dcerpc_pipe *p1, *p2, *p3, *p4, *p5, *p6;
 391         struct policy_handle handle;
 392         struct policy_handle handle2;
 393         struct samr_Connect r;
 394         struct lsa_Close lc;
 395         struct samr_Close sc;
 396         TALLOC_CTX *mem_ctx = talloc_new(torture);
 397         enum dcerpc_transport_t transport;
 398         uint32_t assoc_group_id;
 399
 400         torture_comment(torture, "RPC-HANDLE-MIXED-SHARED\n");
 401
 402         torture_comment(torture, "connect samr pipe1\n");
 403         status = torture_rpc_connection(torture, &p1, &ndr_table_samr);
 404         torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
 405
 406         transport       = p1->conn->transport.transport,
 407         assoc_group_id  = p1->assoc_group_id;
 408
 409         torture_comment(torture, "use assoc_group_id[0x%08X] for new connections\n", assoc_group_id);
 410
 411         torture_comment(torture, "connect lsa pipe2\n");
 412         status = torture_rpc_connection_transport(torture, &p2, &ndr_table_lsarpc,
 413                                                   transport,
 414                                                   assoc_group_id);
 415         torture_assert_ntstatus_ok(torture, status, "opening lsa pipe2");
 416
 417         torture_comment(torture, "got assoc_group_id[0x%08X] for p2\n",
 418                         p2->assoc_group_id);
 419         r.in.system_name = 0;
 420         r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 421         r.out.connect_handle = &handle;
 422
 423         torture_comment(torture, "samr_Connect to open a policy handle on samr p1\n");
 424         status = dcerpc_samr_Connect(p1, mem_ctx, &r);
 425         torture_assert_ntstatus_ok(torture, status, "opening policy handle on p1");
 426
 427         lc.in.handle            = &handle;
 428         lc.out.handle           = &handle2;
 429         sc.in.handle            = &handle;
 430         sc.out.handle           = &handle2;
 431
 432         torture_comment(torture, "use policy handle on lsa p2 - should fail\n");
 433         status = dcerpc_lsa_Close(p2, mem_ctx, &lc);
 434         torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
 435                                       "closing handle on lsa p2");
 436         torture_assert_int_equal(torture, p2->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
 437                                       "closing handle on lsa p2");
 438
 439         torture_comment(torture, "closing policy handle on samr p1\n");
 440         status = dcerpc_samr_Close(p1, mem_ctx, &sc);
 441         torture_assert_ntstatus_ok(torture, status, "closing policy handle on p1");
 442
 443         talloc_free(p1);
 444         talloc_free(p2);
 445         msleep(10);
 446
 447         torture_comment(torture, "connect samr pipe3 - should fail\n");
 448         status = torture_rpc_connection_transport(torture, &p3, &ndr_table_samr,
 449                                                   transport,
 450                                                   assoc_group_id);
 451         torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
 452                                       "opening samr pipe3");
 453
 454         torture_comment(torture, "connect lsa pipe4 - should fail\n");
 455         status = torture_rpc_connection_transport(torture, &p4, &ndr_table_lsarpc,
 456                                                   transport,
 457                                                   assoc_group_id);
 458         torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
 459                                       "opening lsa pipe4");
 460
 461         torture_comment(torture, "connect samr pipe5 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id);
 462         status = torture_rpc_connection_transport(torture, &p5, &ndr_table_samr,
 463                                                   transport,
 464                                                   assoc_group_id);
 465         torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
 466                                       "opening samr pipe5");
 467
 468         torture_comment(torture, "connect lsa pipe6 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id);
 469         status = torture_rpc_connection_transport(torture, &p6, &ndr_table_lsarpc,
 470                                                   transport,
 471                                                   assoc_group_id);
 472         torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
 473                                       "opening lsa pipe6");
 474
 475         talloc_free(mem_ctx);
 476
 477         return true;
 478 }
 479
 480 static bool test_handles_random_assoc(struct torture_context *torture)
 481 {
 482         NTSTATUS status;
 483         struct dcerpc_pipe *p1, *p2, *p3;
 484         TALLOC_CTX *mem_ctx = talloc_new(torture);
 485         enum dcerpc_transport_t transport;
 486         uint32_t assoc_group_id;
 487
 488         torture_comment(torture, "RPC-HANDLE-RANDOM-ASSOC\n");
 489
 490         torture_comment(torture, "connect samr pipe1\n");
 491         status = torture_rpc_connection(torture, &p1, &ndr_table_samr);
 492         torture_assert_ntstatus_ok(torture, status, "opening samr pipe1");
 493
 494         transport       = p1->conn->transport.transport,
 495         assoc_group_id  = p1->assoc_group_id;
 496
 497         torture_comment(torture, "pip1 use assoc_group_id[0x%08X]\n", assoc_group_id);
 498
 499         torture_comment(torture, "connect samr pipe2 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id);
 500         status = torture_rpc_connection_transport(torture, &p2, &ndr_table_samr,
 501                                                   transport,
 502                                                   assoc_group_id);
 503         torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
 504                                       "opening samr pipe2");
 505
 506         torture_comment(torture, "connect samr pipe3 with assoc_group_id[0x%08X]- should fail\n", ++assoc_group_id);
 507         status = torture_rpc_connection_transport(torture, &p3, &ndr_table_samr,
 508                                                   transport,
 509                                                   assoc_group_id);
 510         torture_assert_ntstatus_equal(torture, status, NT_STATUS_UNSUCCESSFUL,
 511                                       "opening samr pipe3");
 512
 513         talloc_free(mem_ctx);
 514
 515         return true;
 516 }
 517
 518
 519 static bool test_handles_drsuapi(struct torture_context *torture)
 520 {
 521         NTSTATUS status;
 522         struct dcerpc_pipe *p1, *p2;
 523         struct policy_handle handle;
 524         struct policy_handle handle2;
 525         struct GUID bind_guid;
 526         struct drsuapi_DsBind r;
 527         struct drsuapi_DsUnbind c;
 528         TALLOC_CTX *mem_ctx = talloc_new(torture);
 529
 530         torture_comment(torture, "RPC-HANDLE-DRSUAPI\n");
 531
 532         status = torture_rpc_connection(torture, &p1, &ndr_table_drsuapi);
 533         torture_assert_ntstatus_ok(torture, status, "opening drsuapi pipe1");
 534
 535         status = torture_rpc_connection(torture, &p2, &ndr_table_drsuapi);
 536         torture_assert_ntstatus_ok(torture, status, "opening drsuapi pipe1");
 537
 538         GUID_from_string(DRSUAPI_DS_BIND_GUID, &bind_guid);
 539
 540         r.in.bind_guid = &bind_guid;
 541         r.in.bind_info = NULL;
 542         r.out.bind_handle = &handle;
 543
 544         status = dcerpc_drsuapi_DsBind(p1, mem_ctx, &r);
 545         if (!NT_STATUS_IS_OK(status)) {
 546                 torture_comment(torture, "drsuapi_DsBind not supported - skipping\n");
 547                 talloc_free(mem_ctx);
 548                 return true;
 549         }
 550
 551         c.in.bind_handle = &handle;
 552         c.out.bind_handle = &handle2;
 553
 554         status = dcerpc_drsuapi_DsUnbind(p2, mem_ctx, &c);
 555         torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
 556                                       "closing policy handle on p2");
 557         torture_assert_int_equal(torture, p2->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
 558                                       "closing policy handle on p2");
 559
 560         status = dcerpc_drsuapi_DsUnbind(p1, mem_ctx, &c);
 561         torture_assert_ntstatus_ok(torture, status, "closing policy handle on p1");
 562
 563         status = dcerpc_drsuapi_DsUnbind(p1, mem_ctx, &c);
 564         torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
 565                                       "closing policy handle on p1 again");
 566         torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
 567                                       "closing policy handle on p1 again");
 568
 569         talloc_free(mem_ctx);
 570
 571         return true;
 572 }
 573
 574
 575 struct torture_suite *torture_rpc_handles(TALLOC_CTX *mem_ctx)
 576 {
 577         struct torture_suite *suite;
 578
 579         suite = torture_suite_create(mem_ctx, "HANDLES");
 580         torture_suite_add_simple_test(suite, "lsarpc", test_handles_lsa);
 581         torture_suite_add_simple_test(suite, "lsarpc-shared", test_handles_lsa_shared);
 582         torture_suite_add_simple_test(suite, "samr", test_handles_samr);
 583         torture_suite_add_simple_test(suite, "mixed-shared", test_handles_mixed_shared);
 584         torture_suite_add_simple_test(suite, "random-assoc", test_handles_random_assoc);
 585         torture_suite_add_simple_test(suite, "drsuapi", test_handles_drsuapi);
 586         return suite;
 587 }