#include "includes.h"
#include "auth/auth.h"
+#include "param/param.h"
/**
* Return a anonymous logon for anonymous users (username = "")
const struct auth_usersupplied_info *user_info,
struct auth_serversupplied_info **_server_info)
{
- return auth_anonymous_server_info(mem_ctx, _server_info);
+ return auth_anonymous_server_info(mem_ctx, lp_netbios_name(ctx->auth_ctx->lp_ctx), _server_info);
}
static struct auth_operations anonymous_auth_ops = {
struct auth_session_info **_session_info)
{
struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
- return auth_anonymous_session_info(state, _session_info);
+ return auth_anonymous_session_info(state, global_loadparm, _session_info);
}
static NTSTATUS schannel_start(struct gensec_security *gensec_security)
}
_PUBLIC_ NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, struct ldb_context *sam_ctx,
- struct ldb_message *msg,
- struct ldb_message *msg_domain_ref,
- DATA_BLOB user_sess_key, DATA_BLOB lm_sess_key,
- struct auth_serversupplied_info **_server_info)
+ const char *netbios_name,
+ struct ldb_message *msg,
+ struct ldb_message *msg_domain_ref,
+ DATA_BLOB user_sess_key, DATA_BLOB lm_sess_key,
+ struct auth_serversupplied_info **_server_info)
{
struct auth_serversupplied_info *server_info;
struct ldb_message **group_msgs;
server_info->home_drive = talloc_strdup(server_info, str);
NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
- server_info->logon_server = talloc_strdup(server_info, lp_netbios_name(global_loadparm));
+ server_info->logon_server = talloc_strdup(server_info, netbios_name);
NT_STATUS_HAVE_NO_MEMORY(server_info->logon_server);
server_info->last_logon = samdb_result_nttime(msg, "lastLogon", 0);
}
/* Used in the gensec_gssapi and gensec_krb5 server-side code, where the PAC isn't available */
-NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx, const char *principal,
+NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx,
+ const char *principal,
struct auth_serversupplied_info **server_info)
{
NTSTATUS nt_status;
return NT_STATUS_NO_MEMORY;
}
- sam_ctx = samdb_connect(tmp_ctx, global_loadparm, system_session(tmp_ctx));
+ sam_ctx = samdb_connect(tmp_ctx, lp_ctx, system_session(tmp_ctx));
if (sam_ctx == NULL) {
talloc_free(tmp_ctx);
return NT_STATUS_INVALID_SYSTEM_SERVICE;
return nt_status;
}
- nt_status = authsam_make_server_info(tmp_ctx, sam_ctx, msgs[0], msgs_domain_ref[0],
+ nt_status = authsam_make_server_info(tmp_ctx, sam_ctx, lp_netbios_name(lp_ctx),
+ msgs[0], msgs_domain_ref[0],
user_sess_key, lm_sess_key,
server_info);
if (NT_STATUS_IS_OK(nt_status)) {
{
NTSTATUS nt_status;
struct auth_session_info *session_info = NULL;
- nt_status = auth_anonymous_session_info(mem_ctx, &session_info);
+ nt_status = auth_anonymous_session_info(mem_ctx, global_loadparm, &session_info);
if (!NT_STATUS_IS_OK(nt_status)) {
return NULL;
}
}
NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
+ struct loadparm_context *lp_ctx,
struct auth_session_info **_session_info)
{
NTSTATUS nt_status;
TALLOC_CTX *mem_ctx = talloc_new(parent_ctx);
nt_status = auth_anonymous_server_info(mem_ctx,
+ lp_netbios_name(lp_ctx),
&server_info);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(mem_ctx);
return NT_STATUS_NO_MEMORY;
}
- cli_credentials_set_conf(session_info->credentials, global_loadparm);
+ cli_credentials_set_conf(session_info->credentials, lp_ctx);
cli_credentials_set_anonymous(session_info->credentials);
*_session_info = session_info;
return NT_STATUS_OK;
}
-NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx, struct auth_serversupplied_info **_server_info)
+NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
+ const char *netbios_name,
+ struct auth_serversupplied_info **_server_info)
{
struct auth_serversupplied_info *server_info;
server_info = talloc(mem_ctx, struct auth_serversupplied_info);
server_info->home_drive = talloc_strdup(server_info, "");
NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
- server_info->logon_server = talloc_strdup(server_info, lp_netbios_name(global_loadparm));
+ server_info->logon_server = talloc_strdup(server_info, netbios_name);
NT_STATUS_HAVE_NO_MEMORY(server_info->logon_server);
server_info->last_logon = 0;
conn->server_credentials = server_credentials;
/* Connections start out anonymous */
- if (!NT_STATUS_IS_OK(auth_anonymous_session_info(conn, &conn->session_info))) {
+ if (!NT_STATUS_IS_OK(auth_anonymous_session_info(conn, global_loadparm, &conn->session_info))) {
ldapsrv_terminate_connection(conn, "failed to setup anonymous session info");
return;
}
/**
* open up the secrets database
*/
-bool secrets_init(void)
+bool secrets_init(struct loadparm_context *lp_ctx)
{
char *fname;
uint8_t dummy;
if (tdb != NULL)
return true;
- fname = private_path(NULL, global_loadparm,
- "secrets.tdb");
+ fname = private_path(NULL, lp_ctx, "secrets.tdb");
tdb = tdb_wrap_open(talloc_autofree_context(), fname, 0, TDB_DEFAULT,
O_RDWR|O_CREAT, 0600);
* @return pointer to a SID object if the SID could be obtained, NULL otherwise
*/
struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx,
const char *domain)
{
struct ldb_context *ldb;
const char *attrs[] = { "objectSid", NULL };
struct dom_sid *result = NULL;
- ldb = secrets_db_connect(mem_ctx, global_loadparm);
+ ldb = secrets_db_connect(mem_ctx, lp_ctx);
if (ldb == NULL) {
DEBUG(5, ("secrets_db_connect failed\n"));
return NULL;
*
* @note Not called by systems with a working /dev/urandom.
*/
-void secrets_shutdown(void);
-bool secrets_init(void);
struct loadparm_context;
+void secrets_shutdown(void);
+bool secrets_init(struct loadparm_context *lp_ctx);
struct ldb_context *secrets_db_connect(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
-struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx, const char *domain);
+struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx, const char *domain);
#endif /* _SECRETS_H */
ops = share_backend_by_name(backend_name);
if (!ops) {
- DEBUG(0, ("share_init_connection: share backend [%s] not found!\n", lp_share_backend(global_loadparm)));
+ DEBUG(0, ("share_init_connection: share backend [%s] not found!\n", backend_name));
return NT_STATUS_INTERNAL_ERROR;
}
}
(*ctx)->ops = ops;
- (*ctx)->priv_data = NULL;
+ (*ctx)->priv_data = global_loadparm;
return NT_STATUS_OK;
}
int num_services;
const char **n;
- num_services = lp_numservices(global_loadparm);
+ num_services = lp_numservices((struct loadparm_context *)ctx->priv_data);
n = talloc_array(mem_ctx, const char *, num_services);
if (!n) {
}
for (i = 0; i < num_services; i++) {
- n[i] = talloc_strdup(n, lp_servicename(lp_servicebynum(global_loadparm, i)));
+ n[i] = talloc_strdup(n, lp_servicename(lp_servicebynum((struct loadparm_context *)ctx->priv_data, i)));
if (!n[i]) {
DEBUG(0,("ERROR: Out of memory!\n"));
talloc_free(n);
struct share_config *s;
struct loadparm_service *service;
- service = lp_service(global_loadparm, name);
+ service = lp_service((struct loadparm_context *)ctx->priv_data, name);
if (service == NULL) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
struct dcesrv_connection *dcesrv_conn = NULL;
struct auth_session_info *session_info = NULL;
- status = auth_anonymous_session_info(srv_conn, &session_info);
+ status = auth_anonymous_session_info(srv_conn, global_loadparm, &session_info);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("dcesrv_sock_accept: auth_anonymous_session_info failed: %s\n",
nt_errstr(status)));
task_server_set_title(task, "task[dcesrv]");
status = dcesrv_init_context(task->event_ctx,
- lp_dcerpc_endpoint_servers(global_loadparm),
+ lp_dcerpc_endpoint_servers(task->lp_ctx),
&dce_ctx);
if (!NT_STATUS_IS_OK(status)) goto failed;
/* Make sure the directory for NCALRPC exists */
- if (!directory_exist(lp_ncalrpc_dir(global_loadparm))) {
- mkdir(lp_ncalrpc_dir(global_loadparm), 0755);
+ if (!directory_exist(lp_ncalrpc_dir(task->lp_ctx))) {
+ mkdir(lp_ncalrpc_dir(task->lp_ctx), 0755);
}
for (e=dce_ctx->endpoint_list;e;e=e->next) {
/* yes, this looks strange. It is a hack to preload the
schema. I'd like to share most of the ldb context with the
child too. That will come later */
- talloc_free(samdb_connect(task, global_loadparm, NULL));
+ talloc_free(samdb_connect(task, task->lp_ctx, NULL));
}
/*
/* Do *not* remove this, until you have removed
* passdb/secrets.c, and proved that Samba still builds... */
/* Setup the SECRETS subsystem */
- if (!secrets_init()) {
+ if (!secrets_init(global_loadparm)) {
exit(1);
}
s = talloc_zero(torture, struct test_become_dc_state);
if (!s) return false;
- s->netbios_name = lp_parm_string(global_loadparm, NULL, "become dc", "smbtorture dc");
+ s->netbios_name = lp_parm_string(torture->lp_ctx, NULL, "become dc", "smbtorture dc");
if (!s->netbios_name || !s->netbios_name[0]) {
s->netbios_name = "smbtorturedc";
}
if (!s->path.secrets_keytab) return false;
/* Join domain as a member server. */
- s->tj = torture_join_domain(s->netbios_name,
+ s->tj = torture_join_domain(torture, s->netbios_name,
ACB_WSTRUST,
&s->machine_account);
if (!s->tj) {
io->in.service_type = state->service_type;
io->in.credentials = cmdline_credentials;
io->in.fallback_to_anonymous = false;
- io->in.workgroup = lp_workgroup(global_loadparm);
+ io->in.workgroup = lp_workgroup(state->tctx->lp_ctx);
/* kill off the remnants of the old connection */
talloc_free(state->tree);
io->in.service_type = state->service_type;
io->in.credentials = cmdline_credentials;
io->in.fallback_to_anonymous = false;
- io->in.workgroup = lp_workgroup(global_loadparm);
+ io->in.workgroup = lp_workgroup(state->tctx->lp_ctx);
/* kill off the remnants of the old connection */
talloc_free(state->tree);
r.in.req.req5.highwatermark.highest_usn = 0;
r.in.req.req5.uptodateness_vector = NULL;
r.in.req.req5.replica_flags = 0;
- if (lp_parm_bool(global_loadparm, NULL, "drsuapi","compression", false)) {
+ if (lp_parm_bool(tctx->lp_ctx, NULL, "drsuapi","compression", false)) {
r.in.req.req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
}
r.in.req.req5.max_object_count = 0;
r.in.req.req8.highwatermark.highest_usn = 0;
r.in.req.req8.uptodateness_vector = NULL;
r.in.req.req8.replica_flags = 0;
- if (lp_parm_bool(global_loadparm, NULL, "drsuapi", "compression", false)) {
+ if (lp_parm_bool(tctx->lp_ctx, NULL, "drsuapi", "compression", false)) {
r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
}
- if (lp_parm_bool(global_loadparm, NULL, "drsuapi", "neighbour_writeable", true)) {
+ if (lp_parm_bool(tctx->lp_ctx, NULL, "drsuapi", "neighbour_writeable", true)) {
r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
}
r.in.req.req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
ZERO_STRUCT(priv);
- priv.join = torture_join_domain(TEST_MACHINE_NAME, ACB_SVRTRUST,
+ priv.join = torture_join_domain(torture, TEST_MACHINE_NAME, ACB_SVRTRUST,
&machine_credentials);
if (!priv.join) {
torture_fail(torture, "Failed to join as BDC");
ZERO_STRUCT(priv);
- priv.join = torture_join_domain(TEST_MACHINE_NAME, ACB_SVRTRUST,
+ priv.join = torture_join_domain(torture, TEST_MACHINE_NAME, ACB_SVRTRUST,
&machine_credentials);
if (!priv.join) {
torture_fail(torture, "Failed to join as BDC\n");
static bool test_QuerySecurity(struct dcerpc_pipe *p,
- TALLOC_CTX *mem_ctx,
+ struct torture_context *tctx,
struct policy_handle *handle,
struct policy_handle *acct_handle)
{
NTSTATUS status;
struct lsa_QuerySecurity r;
- if (lp_parm_bool(global_loadparm, NULL, "torture", "samba4", false)) {
+ if (torture_setting_bool(tctx, "samba4", false)) {
printf("skipping QuerySecurity test against Samba4\n");
return true;
}
r.in.handle = acct_handle;
r.in.sec_info = 7;
- status = dcerpc_lsa_QuerySecurity(p, mem_ctx, &r);
+ status = dcerpc_lsa_QuerySecurity(p, tctx, &r);
if (!NT_STATUS_IS_OK(status)) {
printf("QuerySecurity failed - %s\n", nt_errstr(status));
return false;
}
static bool test_QueryForestTrustInformation(struct dcerpc_pipe *p,
- TALLOC_CTX *mem_ctx,
+ struct torture_context *tctx,
struct policy_handle *handle,
const char *trusted_domain_name)
{
printf("\nTesting lsaRQueryForestTrustInformation\n");
- if (lp_parm_bool(global_loadparm, NULL, "torture", "samba4", false)) {
+ if (torture_setting_bool(tctx, "samba4", false)) {
printf("skipping QueryForestTrustInformation against Samba4\n");
return true;
}
r.in.unknown = 0;
r.out.forest_trust_info = &info_ptr;
- status = dcerpc_lsa_lsaRQueryForestTrustInformation(p, mem_ctx, &r);
+ status = dcerpc_lsa_lsaRQueryForestTrustInformation(p, tctx, &r);
if (!NT_STATUS_IS_OK(status)) {
printf("lsaRQueryForestTrustInformation failed - %s\n", nt_errstr(status));
}
static bool test_QueryDomainInfoPolicy(struct dcerpc_pipe *p,
- TALLOC_CTX *mem_ctx,
+ struct torture_context *tctx,
struct policy_handle *handle)
{
struct lsa_QueryDomainInformationPolicy r;
NTSTATUS status;
int i;
bool ret = true;
- if (lp_parm_bool(global_loadparm, NULL, "torture", "samba4", false)) {
+ if (torture_setting_bool(tctx, "samba4", false)) {
printf("skipping QueryDomainInformationPolicy test against Samba4\n");
return true;
}
printf("\ntrying QueryDomainInformationPolicy level %d\n", i);
- status = dcerpc_lsa_QueryDomainInformationPolicy(p, mem_ctx, &r);
+ status = dcerpc_lsa_QueryDomainInformationPolicy(p, tctx, &r);
if (!NT_STATUS_IS_OK(status)) {
printf("QueryDomainInformationPolicy failed - %s\n", nt_errstr(status));
static bool test_QueryInfoPolicy(struct dcerpc_pipe *p,
- TALLOC_CTX *mem_ctx,
+ struct torture_context *tctx,
struct policy_handle *handle)
{
struct lsa_QueryInfoPolicy r;
bool ret = true;
printf("\nTesting QueryInfoPolicy\n");
- if (lp_parm_bool(global_loadparm, NULL, "torture", "samba4", false)) {
+ if (torture_setting_bool(tctx, "samba4", false)) {
printf("skipping QueryInfoPolicy against Samba4\n");
return true;
}
printf("\ntrying QueryInfoPolicy level %d\n", i);
- status = dcerpc_lsa_QueryInfoPolicy(p, mem_ctx, &r);
+ status = dcerpc_lsa_QueryInfoPolicy(p, tctx, &r);
switch (i) {
case LSA_POLICY_INFO_DB:
}
break;
default:
- if (lp_parm_bool(global_loadparm, NULL, "torture", "samba4", false)) {
+ if (torture_setting_bool(tctx, "samba4", false)) {
/* Other levels not implemented yet */
if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS)) {
printf("QueryInfoPolicy failed - %s\n", nt_errstr(status));
struct lsa_TransNameArray tnames;
tnames.count = 10;
- tnames.names = talloc_array(mem_ctx, struct lsa_TranslatedName, tnames.count);
+ tnames.names = talloc_array(tctx, struct lsa_TranslatedName, tnames.count);
tnames.names[0].name.string = r.out.info->dns.name.string;
tnames.names[1].name.string = r.out.info->dns.dns_domain.string;
- tnames.names[2].name.string = talloc_asprintf(mem_ctx, "%s\\", r.out.info->dns.name.string);
- tnames.names[3].name.string = talloc_asprintf(mem_ctx, "%s\\", r.out.info->dns.dns_domain.string);
- tnames.names[4].name.string = talloc_asprintf(mem_ctx, "%s\\guest", r.out.info->dns.name.string);
- tnames.names[5].name.string = talloc_asprintf(mem_ctx, "%s\\krbtgt", r.out.info->dns.name.string);
- tnames.names[6].name.string = talloc_asprintf(mem_ctx, "%s\\guest", r.out.info->dns.dns_domain.string);
- tnames.names[7].name.string = talloc_asprintf(mem_ctx, "%s\\krbtgt", r.out.info->dns.dns_domain.string);
- tnames.names[8].name.string = talloc_asprintf(mem_ctx, "krbtgt@%s", r.out.info->dns.name.string);
- tnames.names[9].name.string = talloc_asprintf(mem_ctx, "krbtgt@%s", r.out.info->dns.dns_domain.string);
- ret &= test_LookupNames(p, mem_ctx, handle, &tnames);
+ tnames.names[2].name.string = talloc_asprintf(tctx, "%s\\", r.out.info->dns.name.string);
+ tnames.names[3].name.string = talloc_asprintf(tctx, "%s\\", r.out.info->dns.dns_domain.string);
+ tnames.names[4].name.string = talloc_asprintf(tctx, "%s\\guest", r.out.info->dns.name.string);
+ tnames.names[5].name.string = talloc_asprintf(tctx, "%s\\krbtgt", r.out.info->dns.name.string);
+ tnames.names[6].name.string = talloc_asprintf(tctx, "%s\\guest", r.out.info->dns.dns_domain.string);
+ tnames.names[7].name.string = talloc_asprintf(tctx, "%s\\krbtgt", r.out.info->dns.dns_domain.string);
+ tnames.names[8].name.string = talloc_asprintf(tctx, "krbtgt@%s", r.out.info->dns.name.string);
+ tnames.names[9].name.string = talloc_asprintf(tctx, "krbtgt@%s", r.out.info->dns.dns_domain.string);
+ ret &= test_LookupNames(p, tctx, handle, &tnames);
}
}
}
static bool test_QueryInfoPolicy2(struct dcerpc_pipe *p,
- TALLOC_CTX *mem_ctx,
+ struct torture_context *tctx,
struct policy_handle *handle)
{
struct lsa_QueryInfoPolicy2 r;
printf("\ntrying QueryInfoPolicy2 level %d\n", i);
- status = dcerpc_lsa_QueryInfoPolicy2(p, mem_ctx, &r);
+ status = dcerpc_lsa_QueryInfoPolicy2(p, tctx, &r);
switch (i) {
case LSA_POLICY_INFO_DB:
}
break;
default:
- if (lp_parm_bool(global_loadparm, NULL, "torture", "samba4", false)) {
+ if (torture_setting_bool(tctx, "samba4", false)) {
/* Other levels not implemented yet */
if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS)) {
printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status));
return true;
}
-bool torture_rpc_lsa(struct torture_context *torture)
+bool torture_rpc_lsa(struct torture_context *tctx)
{
NTSTATUS status;
struct dcerpc_pipe *p;
- TALLOC_CTX *mem_ctx;
bool ret = true;
struct policy_handle *handle;
- mem_ctx = talloc_init("torture_rpc_lsa");
-
- status = torture_rpc_connection(torture, &p, &ndr_table_lsarpc);
+ status = torture_rpc_connection(tctx, &p, &ndr_table_lsarpc);
if (!NT_STATUS_IS_OK(status)) {
- talloc_free(mem_ctx);
return false;
}
- if (!test_OpenPolicy(p, mem_ctx)) {
+ if (!test_OpenPolicy(p, tctx)) {
ret = false;
}
- if (!test_lsa_OpenPolicy2(p, mem_ctx, &handle)) {
+ if (!test_lsa_OpenPolicy2(p, tctx, &handle)) {
ret = false;
}
if (handle) {
- if (!test_LookupNames_wellknown(p, mem_ctx, handle)) {
+ if (!test_LookupNames_wellknown(p, tctx, handle)) {
ret = false;
}
- if (!test_LookupNames_bogus(p, mem_ctx, handle)) {
+ if (!test_LookupNames_bogus(p, tctx, handle)) {
ret = false;
}
- if (!test_LookupSids_async(p, mem_ctx, handle)) {
+ if (!test_LookupSids_async(p, tctx, handle)) {
ret = false;
}
- if (!test_QueryDomainInfoPolicy(p, mem_ctx, handle)) {
+ if (!test_QueryDomainInfoPolicy(p, tctx, handle)) {
ret = false;
}
- if (!test_CreateAccount(p, mem_ctx, handle)) {
+ if (!test_CreateAccount(p, tctx, handle)) {
ret = false;
}
- if (!test_CreateSecret(p, mem_ctx, handle)) {
+ if (!test_CreateSecret(p, tctx, handle)) {
ret = false;
}
- if (!test_CreateTrustedDomain(p, mem_ctx, handle)) {
+ if (!test_CreateTrustedDomain(p, tctx, handle)) {
ret = false;
}
- if (!test_EnumAccounts(p, mem_ctx, handle)) {
+ if (!test_EnumAccounts(p, tctx, handle)) {
ret = false;
}
- if (!test_EnumPrivs(p, mem_ctx, handle)) {
+ if (!test_EnumPrivs(p, tctx, handle)) {
ret = false;
}
- if (!test_QueryInfoPolicy(p, mem_ctx, handle)) {
+ if (!test_QueryInfoPolicy(p, tctx, handle)) {
ret = false;
}
- if (!test_QueryInfoPolicy2(p, mem_ctx, handle)) {
+ if (!test_QueryInfoPolicy2(p, tctx, handle)) {
ret = false;
}
#if 0
- if (!test_Delete(p, mem_ctx, handle)) {
+ if (!test_Delete(p, tctx, handle)) {
ret = false;
}
#endif
- if (!test_many_LookupSids(p, mem_ctx, handle)) {
+ if (!test_many_LookupSids(p, tctx, handle)) {
ret = false;
}
- if (!test_lsa_Close(p, mem_ctx, handle)) {
+ if (!test_lsa_Close(p, tctx, handle)) {
ret = false;
}
} else {
- if (!test_many_LookupSids(p, mem_ctx, handle)) {
+ if (!test_many_LookupSids(p, tctx, handle)) {
ret = false;
}
}
- if (!test_GetUserName(p, mem_ctx)) {
+ if (!test_GetUserName(p, tctx)) {
ret = false;
}
-
- talloc_free(mem_ctx);
return ret;
}
return true;
}
-static bool test_Shutdown(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+static bool test_Shutdown(struct dcerpc_pipe *p, struct torture_context *tctx,
struct policy_handle *handle)
{
NTSTATUS status;
struct samr_Shutdown r;
- if (!lp_parm_bool(global_loadparm, NULL, "torture", "dangerous", false)) {
+ if (!torture_setting_bool(tctx, "dangerous", false)) {
printf("samr_Shutdown disabled - enable dangerous tests to use\n");
return true;
}
printf("testing samr_Shutdown\n");
- status = dcerpc_samr_Shutdown(p, mem_ctx, &r);
+ status = dcerpc_samr_Shutdown(p, tctx, &r);
if (!NT_STATUS_IS_OK(status)) {
printf("samr_Shutdown failed - %s\n", nt_errstr(status));
return false;
return true;
}
-static bool test_SetDsrmPassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+static bool test_SetDsrmPassword(struct dcerpc_pipe *p, struct torture_context *tctx,
struct policy_handle *handle)
{
NTSTATUS status;
struct lsa_String string;
struct samr_Password hash;
- if (!lp_parm_bool(global_loadparm, NULL, "torture", "dangerous", false)) {
+ if (!torture_setting_bool(tctx, "dangerous", false)) {
printf("samr_SetDsrmPassword disabled - enable dangerous tests to use\n");
return true;
}
printf("testing samr_SetDsrmPassword\n");
- status = dcerpc_samr_SetDsrmPassword(p, mem_ctx, &r);
+ status = dcerpc_samr_SetDsrmPassword(p, tctx, &r);
if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
printf("samr_SetDsrmPassword failed - %s\n", nt_errstr(status));
return false;
}
-static bool test_QuerySecurity(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+static bool test_QuerySecurity(struct dcerpc_pipe *p, struct torture_context *tctx,
struct policy_handle *handle)
{
NTSTATUS status;
r.in.handle = handle;
r.in.sec_info = 7;
- status = dcerpc_samr_QuerySecurity(p, mem_ctx, &r);
+ status = dcerpc_samr_QuerySecurity(p, tctx, &r);
if (!NT_STATUS_IS_OK(status)) {
printf("QuerySecurity failed - %s\n", nt_errstr(status));
return false;
s.in.sec_info = 7;
s.in.sdbuf = r.out.sdbuf;
- if (lp_parm_bool(global_loadparm, NULL, "torture", "samba4", false)) {
+ if (torture_setting_bool(tctx, "samba4", false)) {
printf("skipping SetSecurity test against Samba4\n");
return true;
}
- status = dcerpc_samr_SetSecurity(p, mem_ctx, &s);
+ status = dcerpc_samr_SetSecurity(p, tctx, &s);
if (!NT_STATUS_IS_OK(status)) {
printf("SetSecurity failed - %s\n", nt_errstr(status));
return false;
}
- status = dcerpc_samr_QuerySecurity(p, mem_ctx, &r);
+ status = dcerpc_samr_QuerySecurity(p, tctx, &r);
if (!NT_STATUS_IS_OK(status)) {
printf("QuerySecurity failed - %s\n", nt_errstr(status));
return false;
}
-static bool test_SetUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+static bool test_SetUserInfo(struct dcerpc_pipe *p, struct torture_context *tctx,
struct policy_handle *handle, uint32_t base_acct_flags,
const char *base_account_name)
{
q0 = q;
#define TESTCALL(call, r) \
- status = dcerpc_samr_ ##call(p, mem_ctx, &r); \
+ status = dcerpc_samr_ ##call(p, tctx, &r); \
if (!NT_STATUS_IS_OK(status)) { \
printf(#call " level %u failed - %s (%s)\n", \
r.in.level, nt_errstr(status), __location__); \
TEST_USERINFO_STRING(21, comment, 21, comment, "xx21-21 comment",
SAMR_FIELD_COMMENT);
- test_account_name = talloc_asprintf(mem_ctx, "%sxx7-1", base_account_name);
+ test_account_name = talloc_asprintf(tctx, "%sxx7-1", base_account_name);
TEST_USERINFO_STRING(7, account_name, 1, account_name, base_account_name, 0);
- test_account_name = talloc_asprintf(mem_ctx, "%sxx7-3", base_account_name);
+ test_account_name = talloc_asprintf(tctx, "%sxx7-3", base_account_name);
TEST_USERINFO_STRING(7, account_name, 3, account_name, base_account_name, 0);
- test_account_name = talloc_asprintf(mem_ctx, "%sxx7-5", base_account_name);
+ test_account_name = talloc_asprintf(tctx, "%sxx7-5", base_account_name);
TEST_USERINFO_STRING(7, account_name, 5, account_name, base_account_name, 0);
- test_account_name = talloc_asprintf(mem_ctx, "%sxx7-6", base_account_name);
+ test_account_name = talloc_asprintf(tctx, "%sxx7-6", base_account_name);
TEST_USERINFO_STRING(7, account_name, 6, account_name, base_account_name, 0);
- test_account_name = talloc_asprintf(mem_ctx, "%sxx7-7", base_account_name);
+ test_account_name = talloc_asprintf(tctx, "%sxx7-7", base_account_name);
TEST_USERINFO_STRING(7, account_name, 7, account_name, base_account_name, 0);
- test_account_name = talloc_asprintf(mem_ctx, "%sxx7-21", base_account_name);
+ test_account_name = talloc_asprintf(tctx, "%sxx7-21", base_account_name);
TEST_USERINFO_STRING(7, account_name, 21, account_name, base_account_name, 0);
test_account_name = base_account_name;
TEST_USERINFO_STRING(21, account_name, 21, account_name, base_account_name,
TEST_USERINFO_INT(21, logon_hours.bits[3], 21, logon_hours.bits[3], 4,
SAMR_FIELD_LOGON_HOURS);
- if (lp_parm_bool(global_loadparm, NULL, "torture", "samba4", false)) {
+ if (torture_setting_bool(tctx, "samba4", false)) {
printf("skipping Set Account Flag tests against Samba4\n");
return ret;
}
return ret;
}
-static bool test_alias_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+static bool test_alias_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
struct policy_handle *alias_handle,
const struct dom_sid *domain_sid)
{
bool ret = true;
- if (!test_QuerySecurity(p, mem_ctx, alias_handle)) {
+ if (!test_QuerySecurity(p, tctx, alias_handle)) {
ret = false;
}
- if (!test_QueryAliasInfo(p, mem_ctx, alias_handle)) {
+ if (!test_QueryAliasInfo(p, tctx, alias_handle)) {
ret = false;
}
- if (!test_SetAliasInfo(p, mem_ctx, alias_handle)) {
+ if (!test_SetAliasInfo(p, tctx, alias_handle)) {
ret = false;
}
- if (!test_AddMemberToAlias(p, mem_ctx, alias_handle, domain_sid)) {
+ if (!test_AddMemberToAlias(p, tctx, alias_handle, domain_sid)) {
ret = false;
}
- if (lp_parm_bool(global_loadparm, NULL, "torture", "samba4", false)) {
+ if (torture_setting_bool(tctx, "samba4", false)) {
printf("skipping MultipleMembers Alias tests against Samba4\n");
return ret;
}
- if (!test_AddMultipleMembersToAlias(p, mem_ctx, alias_handle)) {
+ if (!test_AddMultipleMembersToAlias(p, tctx, alias_handle)) {
ret = false;
}
return ret;
}
-static bool test_CreateAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+static bool test_CreateAlias(struct dcerpc_pipe *p, struct torture_context *tctx,
struct policy_handle *domain_handle,
struct policy_handle *alias_handle,
const struct dom_sid *domain_sid)
printf("Testing CreateAlias (%s)\n", r.in.alias_name->string);
- status = dcerpc_samr_CreateDomAlias(p, mem_ctx, &r);
+ status = dcerpc_samr_CreateDomAlias(p, tctx, &r);
if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
printf("Server refused create of '%s'\n", r.in.alias_name->string);
}
if (NT_STATUS_EQUAL(status, NT_STATUS_ALIAS_EXISTS)) {
- if (!test_DeleteAlias_byname(p, mem_ctx, domain_handle, r.in.alias_name->string)) {
+ if (!test_DeleteAlias_byname(p, tctx, domain_handle, r.in.alias_name->string)) {
return false;
}
- status = dcerpc_samr_CreateDomAlias(p, mem_ctx, &r);
+ status = dcerpc_samr_CreateDomAlias(p, tctx, &r);
}
if (!NT_STATUS_IS_OK(status)) {
return false;
}
- if (!test_alias_ops(p, mem_ctx, alias_handle, domain_sid)) {
+ if (!test_alias_ops(p, tctx, alias_handle, domain_sid)) {
ret = false;
}
/*
try blasting the server with a bunch of sync requests
*/
-static bool test_EnumDomainUsers_async(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+static bool test_EnumDomainUsers_async(struct dcerpc_pipe *p, TALLOC_CTX *tctx,
struct policy_handle *handle)
{
NTSTATUS status;
#define ASYNC_COUNT 100
struct rpc_request *req[ASYNC_COUNT];
- if (!lp_parm_bool(global_loadparm, NULL, "torture", "dangerous", false)) {
+ if (!torture_setting_bool(tctx, "dangerous", false)) {
printf("samr async test disabled - enable dangerous tests to use\n");
return true;
}
r.out.resume_handle = &resume_handle;
for (i=0;i<ASYNC_COUNT;i++) {
- req[i] = dcerpc_samr_EnumDomainUsers_send(p, mem_ctx, &r);
+ req[i] = dcerpc_samr_EnumDomainUsers_send(p, tctx, &r);
}
for (i=0;i<ASYNC_COUNT;i++) {
return ret;
}
-static bool test_AddGroupMember(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+static bool test_AddGroupMember(struct dcerpc_pipe *p, struct torture_context *tctx,
struct policy_handle *domain_handle,
struct policy_handle *group_handle)
{
bool ret = true;
uint32_t rid;
- status = test_LookupName(p, mem_ctx, domain_handle, TEST_ACCOUNT_NAME, &rid);
+ status = test_LookupName(p, tctx, domain_handle, TEST_ACCOUNT_NAME, &rid);
if (!NT_STATUS_IS_OK(status)) {
printf("test_AddGroupMember looking up name " TEST_ACCOUNT_NAME " failed - %s\n", nt_errstr(status));
return false;
d.in.group_handle = group_handle;
d.in.rid = rid;
- status = dcerpc_samr_DeleteGroupMember(p, mem_ctx, &d);
+ status = dcerpc_samr_DeleteGroupMember(p, tctx, &d);
if (!NT_STATUS_EQUAL(NT_STATUS_MEMBER_NOT_IN_GROUP, status)) {
printf("DeleteGroupMember gave %s - should be NT_STATUS_MEMBER_NOT_IN_GROUP\n",
nt_errstr(status));
return false;
}
- status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
+ status = dcerpc_samr_AddGroupMember(p, tctx, &r);
if (!NT_STATUS_IS_OK(status)) {
printf("AddGroupMember failed - %s\n", nt_errstr(status));
return false;
}
- status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
+ status = dcerpc_samr_AddGroupMember(p, tctx, &r);
if (!NT_STATUS_EQUAL(NT_STATUS_MEMBER_IN_GROUP, status)) {
printf("AddGroupMember gave %s - should be NT_STATUS_MEMBER_IN_GROUP\n",
nt_errstr(status));
return false;
}
- if (lp_parm_bool(global_loadparm, NULL, "torture", "samba4", false)) {
+ if (torture_setting_bool(tctx, "samba4", false)) {
printf("skipping SetMemberAttributesOfGroup test against Samba4\n");
} else {
/* this one is quite strange. I am using random inputs in the
s.in.unknown1 = random();
s.in.unknown2 = random();
- status = dcerpc_samr_SetMemberAttributesOfGroup(p, mem_ctx, &s);
+ status = dcerpc_samr_SetMemberAttributesOfGroup(p, tctx, &s);
if (!NT_STATUS_IS_OK(status)) {
printf("SetMemberAttributesOfGroup failed - %s\n", nt_errstr(status));
return false;
q.in.group_handle = group_handle;
- status = dcerpc_samr_QueryGroupMember(p, mem_ctx, &q);
+ status = dcerpc_samr_QueryGroupMember(p, tctx, &q);
if (!NT_STATUS_IS_OK(status)) {
printf("QueryGroupMember failed - %s\n", nt_errstr(status));
return false;
}
- status = dcerpc_samr_DeleteGroupMember(p, mem_ctx, &d);
+ status = dcerpc_samr_DeleteGroupMember(p, tctx, &d);
if (!NT_STATUS_IS_OK(status)) {
printf("DeleteGroupMember failed - %s\n", nt_errstr(status));
return false;
}
- status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
+ status = dcerpc_samr_AddGroupMember(p, tctx, &r);
if (!NT_STATUS_IS_OK(status)) {
printf("AddGroupMember failed - %s\n", nt_errstr(status));
return false;
static bool test_Connect(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct policy_handle *handle);
-static bool test_OpenDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx,
struct policy_handle *handle, struct dom_sid *sid,
enum torture_samr_choice which_ops)
{
r.in.sid = sid;
r.out.domain_handle = &domain_handle;
- status = dcerpc_samr_OpenDomain(p, mem_ctx, &r);
+ status = dcerpc_samr_OpenDomain(p, tctx, &r);
if (!NT_STATUS_IS_OK(status)) {
printf("OpenDomain failed - %s\n", nt_errstr(status));
return false;
/* run the domain tests with the main handle closed - this tests
the servers reference counting */
- ret &= test_samr_handle_Close(p, mem_ctx, handle);
+ ret &= test_samr_handle_Close(p, tctx, handle);
switch (which_ops) {
case TORTURE_SAMR_USER_ATTRIBUTES:
case TORTURE_SAMR_PASSWORDS:
- ret &= test_CreateUser2(p, mem_ctx, &domain_handle, which_ops);
- ret &= test_CreateUser(p, mem_ctx, &domain_handle, &user_handle, which_ops);
+ ret &= test_CreateUser2(p, tctx, &domain_handle, which_ops);
+ ret &= test_CreateUser(p, tctx, &domain_handle, &user_handle, which_ops);
/* This test needs 'complex' users to validate */
- ret &= test_QueryDisplayInfo(p, mem_ctx, &domain_handle);
+ ret &= test_QueryDisplayInfo(p, tctx, &domain_handle);
break;
case TORTURE_SAMR_OTHER:
- ret &= test_CreateUser(p, mem_ctx, &domain_handle, &user_handle, which_ops);
- ret &= test_QuerySecurity(p, mem_ctx, &domain_handle);
- ret &= test_RemoveMemberFromForeignDomain(p, mem_ctx, &domain_handle);
- ret &= test_CreateAlias(p, mem_ctx, &domain_handle, &alias_handle, sid);
- ret &= test_CreateDomainGroup(p, mem_ctx, &domain_handle, &group_handle);
- ret &= test_QueryDomainInfo(p, mem_ctx, &domain_handle);
- ret &= test_QueryDomainInfo2(p, mem_ctx, &domain_handle);
- ret &= test_EnumDomainUsers(p, mem_ctx, &domain_handle);
- ret &= test_EnumDomainUsers_async(p, mem_ctx, &domain_handle);
- ret &= test_EnumDomainGroups(p, mem_ctx, &domain_handle);
- ret &= test_EnumDomainAliases(p, mem_ctx, &domain_handle);
- ret &= test_QueryDisplayInfo2(p, mem_ctx, &domain_handle);
- ret &= test_QueryDisplayInfo3(p, mem_ctx, &domain_handle);
- ret &= test_QueryDisplayInfo_continue(p, mem_ctx, &domain_handle);
+ ret &= test_CreateUser(p, tctx, &domain_handle, &user_handle, which_ops);
+ ret &= test_QuerySecurity(p, tctx, &domain_handle);
+ ret &= test_RemoveMemberFromForeignDomain(p, tctx, &domain_handle);
+ ret &= test_CreateAlias(p, tctx, &domain_handle, &alias_handle, sid);
+ ret &= test_CreateDomainGroup(p, tctx, &domain_handle, &group_handle);
+ ret &= test_QueryDomainInfo(p, tctx, &domain_handle);
+ ret &= test_QueryDomainInfo2(p, tctx, &domain_handle);
+ ret &= test_EnumDomainUsers(p, tctx, &domain_handle);
+ ret &= test_EnumDomainUsers_async(p, tctx, &domain_handle);
+ ret &= test_EnumDomainGroups(p, tctx, &domain_handle);
+ ret &= test_EnumDomainAliases(p, tctx, &domain_handle);
+ ret &= test_QueryDisplayInfo2(p, tctx, &domain_handle);
+ ret &= test_QueryDisplayInfo3(p, tctx, &domain_handle);
+ ret &= test_QueryDisplayInfo_continue(p, tctx, &domain_handle);
- if (lp_parm_bool(global_loadparm, NULL, "torture", "samba4", false)) {
+ if (torture_setting_bool(tctx, "samba4", false)) {
printf("skipping GetDisplayEnumerationIndex test against Samba4\n");
} else {
- ret &= test_GetDisplayEnumerationIndex(p, mem_ctx, &domain_handle);
- ret &= test_GetDisplayEnumerationIndex2(p, mem_ctx, &domain_handle);
+ ret &= test_GetDisplayEnumerationIndex(p, tctx, &domain_handle);
+ ret &= test_GetDisplayEnumerationIndex2(p, tctx, &domain_handle);
}
- ret &= test_GroupList(p, mem_ctx, &domain_handle);
- ret &= test_TestPrivateFunctionsDomain(p, mem_ctx, &domain_handle);
- ret &= test_RidToSid(p, mem_ctx, sid, &domain_handle);
- ret &= test_GetBootKeyInformation(p, mem_ctx, &domain_handle);
+ ret &= test_GroupList(p, tctx, &domain_handle);
+ ret &= test_TestPrivateFunctionsDomain(p, tctx, &domain_handle);
+ ret &= test_RidToSid(p, tctx, sid, &domain_handle);
+ ret &= test_GetBootKeyInformation(p, tctx, &domain_handle);
break;
}
if (!policy_handle_empty(&user_handle) &&
- !test_DeleteUser(p, mem_ctx, &user_handle)) {
+ !test_DeleteUser(p, tctx, &user_handle)) {
ret = false;
}
if (!policy_handle_empty(&alias_handle) &&
- !test_DeleteAlias(p, mem_ctx, &alias_handle)) {
+ !test_DeleteAlias(p, tctx, &alias_handle)) {
ret = false;
}
if (!policy_handle_empty(&group_handle) &&
- !test_DeleteDomainGroup(p, mem_ctx, &group_handle)) {
+ !test_DeleteDomainGroup(p, tctx, &group_handle)) {
ret = false;
}
- ret &= test_samr_handle_Close(p, mem_ctx, &domain_handle);
+ ret &= test_samr_handle_Close(p, tctx, &domain_handle);
/* reconnect the main handle */
- ret &= test_Connect(p, mem_ctx, handle);
+ ret &= test_Connect(p, tctx, handle);
if (!ret) {
- printf("Testing domain %s failed!\n", dom_sid_string(mem_ctx, sid));
+ printf("Testing domain %s failed!\n", dom_sid_string(tctx, sid));
}
return ret;
}
-_PUBLIC_ struct test_join *torture_join_domain(const char *machine_name,
+_PUBLIC_ struct test_join *torture_join_domain(struct torture_context *tctx,
+ const char *machine_name,
uint32_t acct_flags,
struct cli_credentials **machine_credentials)
{
tj->libnet_r = libnet_r;
libnet_ctx->cred = cmdline_credentials;
- libnet_r->in.binding = lp_parm_string(global_loadparm, NULL, "torture", "binding");
+ libnet_r->in.binding = torture_setting_string(tctx, "binding", NULL);
if (!libnet_r->in.binding) {
- libnet_r->in.binding = talloc_asprintf(libnet_r, "ncacn_np:%s", lp_parm_string(global_loadparm, NULL, "torture", "host"));
+ libnet_r->in.binding = talloc_asprintf(libnet_r, "ncacn_np:%s", torture_setting_string(tctx, "host", NULL));
}
libnet_r->in.level = LIBNET_JOINDOMAIN_SPECIFIED;
libnet_r->in.netbios_name = machine_name;
u.info21.description.string = talloc_asprintf(tj,
"Samba4 torture account created by host %s: %s",
- lp_netbios_name(global_loadparm), timestring(tj, time(NULL)));
+ lp_netbios_name(tctx->lp_ctx), timestring(tj, time(NULL)));
status = dcerpc_samr_SetUserInfo(tj->p, tj, &s);
if (!NT_STATUS_IS_OK(status)) {
}
*machine_credentials = cli_credentials_init(tj);
- cli_credentials_set_conf(*machine_credentials, global_loadparm);
+ cli_credentials_set_conf(*machine_credentials, tctx->lp_ctx);
cli_credentials_set_workstation(*machine_credentials, machine_name, CRED_SPECIFIED);
cli_credentials_set_domain(*machine_credentials, libnet_r->out.domain_name, CRED_SPECIFIED);
if (libnet_r->out.realm) {
/*
test fileinfo levels
*/
-static bool torture_smb2_fileinfo(struct smb2_tree *tree)
+static bool torture_smb2_fileinfo(struct torture_context *tctx, struct smb2_tree *tree)
{
struct smb2_handle hfile, hdir;
NTSTATUS status;
file_levels[i].dinfo.query_secdesc.in.secinfo_flags = 0x7;
}
if (file_levels[i].level == RAW_FILEINFO_SMB2_ALL_EAS) {
- if (lp_parm_bool(global_loadparm, NULL, "torture", "samba4", false)) {
+ if (torture_setting_bool(tctx, "samba4", false)) {
continue;
}
file_levels[i].finfo.all_eas.in.continue_flags =
}
torture_setup_complex_file(tree, DNAME ":streamtwo");
- ret &= torture_smb2_fileinfo(tree);
+ ret &= torture_smb2_fileinfo(torture, tree);
ret &= torture_smb2_fsinfo(tree);
talloc_free(mem_ctx);
if (unix_name) {
asprintf(unix_name,
"%s%c%s", domain,
- *lp_winbind_separator(global_loadparm),
+ *lp_winbind_separator(lp_ctx),
username);
}
} else {
service->task = task;
service->primary_sid = secrets_get_domain_sid(service,
+ task->lp_ctx,
lp_workgroup(task->lp_ctx));
if (service->primary_sid == NULL) {
task_server_terminate(