2 # Unix SMB/CIFS implementation.
3 # Copyright (C) Stefan Metzmacher 2014,2015
5 # This program is free software; you can redistribute it and/or modify
6 # it under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
10 # This program is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
15 # You should have received a copy of the GNU General Public License
16 # along with this program. If not, see <http://www.gnu.org/licenses/>.
23 sys.path.insert(0, "bin/python")
24 os.environ["PYTHONUNBUFFERED"] = "1"
26 import samba.dcerpc.dcerpc as dcerpc
27 import samba.dcerpc.base as base
28 import samba.dcerpc.misc as misc
29 import samba.dcerpc.epmapper
30 import samba.dcerpc.mgmt
31 import samba.dcerpc.netlogon
33 from samba import gensec
34 from samba.tests.dcerpc.raw_testcase import RawDCERPCTest
35 from samba.compat import binary_type
37 global_ndr_print = False
38 global_hexdump = False
41 class TestDCERPC_BIND(RawDCERPCTest):
44 super(TestDCERPC_BIND, self).setUp()
45 self.do_ndr_print = global_ndr_print
46 self.do_hexdump = global_hexdump
48 def _test_no_auth_request_bind_pfc_flags(self, req_pfc_flags, rep_pfc_flags):
49 ndr32 = base.transfer_syntax_ndr()
52 ctx1 = dcerpc.ctx_list()
54 ctx1.num_transfer_syntaxes = len(tsf1_list)
55 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
56 ctx1.transfer_syntaxes = tsf1_list
58 req = self.generate_bind(call_id=0, pfc_flags=req_pfc_flags, ctx_list=[ctx1])
61 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
62 pfc_flags=rep_pfc_flags, auth_length=0)
63 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
64 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
65 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
66 self.assertEquals(rep.u.secondary_address_size, 4)
67 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
68 self.assertEquals(len(rep.u._pad1), 2)
69 # sometimes windows sends random bytes
70 # self.assertEquals(rep.u._pad1, '\0' * 2)
71 self.assertEquals(rep.u.num_results, 1)
72 self.assertEquals(rep.u.ctx_list[0].result,
73 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
74 self.assertEquals(rep.u.ctx_list[0].reason,
75 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
76 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
77 self.assertEquals(rep.u.auth_info, b'\0' * 0)
79 # And now try a request
80 req = self.generate_request(call_id=1,
81 context_id=ctx1.context_id,
86 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
88 self.assertNotEquals(rep.u.alloc_hint, 0)
89 self.assertEquals(rep.u.context_id, req.u.context_id)
90 self.assertEquals(rep.u.cancel_count, 0)
91 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
93 def _test_no_auth_request_alter_pfc_flags(self, req_pfc_flags, rep_pfc_flags):
94 ndr32 = base.transfer_syntax_ndr()
97 ctx1 = dcerpc.ctx_list()
99 ctx1.num_transfer_syntaxes = len(tsf1_list)
100 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
101 ctx1.transfer_syntaxes = tsf1_list
103 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
105 rep = self.recv_pdu()
106 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
108 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
109 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
110 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
111 self.assertEquals(rep.u.secondary_address_size, 4)
112 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
113 self.assertEquals(len(rep.u._pad1), 2)
114 # sometimes windows sends random bytes
115 # self.assertEquals(rep.u._pad1, '\0' * 2)
116 self.assertEquals(rep.u.num_results, 1)
117 self.assertEquals(rep.u.ctx_list[0].result,
118 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
119 self.assertEquals(rep.u.ctx_list[0].reason,
120 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
121 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
122 self.assertEquals(rep.u.auth_info, b'\0' * 0)
124 # And now try a alter context
125 req = self.generate_alter(call_id=0, pfc_flags=req_pfc_flags, ctx_list=[ctx1])
127 rep = self.recv_pdu()
128 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
129 pfc_flags=rep_pfc_flags, auth_length=0)
130 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
131 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
132 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
133 self.assertEquals(rep.u.secondary_address_size, 0)
134 self.assertEquals(rep.u.secondary_address, "")
135 self.assertEquals(len(rep.u._pad1), 2)
136 # sometimes windows sends random bytes
137 # self.assertEquals(rep.u._pad1, '\0' * 2)
138 self.assertEquals(rep.u.num_results, 1)
139 self.assertEquals(rep.u.ctx_list[0].result,
140 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
141 self.assertEquals(rep.u.ctx_list[0].reason,
142 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
143 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
144 self.assertEquals(rep.u.auth_info, b'\0' * 0)
146 # And now try a request
147 req = self.generate_request(call_id=1,
148 context_id=ctx1.context_id,
152 rep = self.recv_pdu()
153 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
155 self.assertNotEquals(rep.u.alloc_hint, 0)
156 self.assertEquals(rep.u.context_id, req.u.context_id)
157 self.assertEquals(rep.u.cancel_count, 0)
158 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
160 def test_no_auth_request(self):
161 return self._test_no_auth_request_bind_pfc_flags(
163 dcerpc.DCERPC_PFC_FLAG_FIRST |
164 dcerpc.DCERPC_PFC_FLAG_LAST,
166 dcerpc.DCERPC_PFC_FLAG_FIRST |
167 dcerpc.DCERPC_PFC_FLAG_LAST)
169 def test_no_auth_request_bind_pfc_00(self):
170 return self._test_no_auth_request_bind_pfc_flags(
174 dcerpc.DCERPC_PFC_FLAG_FIRST |
175 dcerpc.DCERPC_PFC_FLAG_LAST)
177 def test_no_auth_request_bind_pfc_FIRST(self):
178 return self._test_no_auth_request_bind_pfc_flags(
180 dcerpc.DCERPC_PFC_FLAG_FIRST |
183 dcerpc.DCERPC_PFC_FLAG_FIRST |
184 dcerpc.DCERPC_PFC_FLAG_LAST)
186 def test_no_auth_request_bind_pfc_LAST(self):
187 return self._test_no_auth_request_bind_pfc_flags(
189 dcerpc.DCERPC_PFC_FLAG_LAST |
192 dcerpc.DCERPC_PFC_FLAG_FIRST |
193 dcerpc.DCERPC_PFC_FLAG_LAST)
195 # TODO: doesn't announce DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN
196 # without authentication
197 def _test_no_auth_request_bind_pfc_HDR_SIGNING(self):
198 return self._test_no_auth_request_bind_pfc_flags(
200 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN |
203 dcerpc.DCERPC_PFC_FLAG_FIRST |
204 dcerpc.DCERPC_PFC_FLAG_LAST |
205 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN)
207 def test_no_auth_request_bind_pfc_08(self):
208 return self._test_no_auth_request_bind_pfc_flags(
213 dcerpc.DCERPC_PFC_FLAG_FIRST |
214 dcerpc.DCERPC_PFC_FLAG_LAST)
216 def test_no_auth_request_bind_pfc_CONC_MPX(self):
217 return self._test_no_auth_request_bind_pfc_flags(
219 dcerpc.DCERPC_PFC_FLAG_CONC_MPX |
222 dcerpc.DCERPC_PFC_FLAG_FIRST |
223 dcerpc.DCERPC_PFC_FLAG_LAST |
224 dcerpc.DCERPC_PFC_FLAG_CONC_MPX)
226 def test_no_auth_request_bind_pfc_DID_NOT_EXECUTE(self):
227 return self._test_no_auth_request_bind_pfc_flags(
229 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE |
232 dcerpc.DCERPC_PFC_FLAG_FIRST |
233 dcerpc.DCERPC_PFC_FLAG_LAST)
235 def test_no_auth_request_bind_pfc_MAYBE(self):
236 return self._test_no_auth_request_bind_pfc_flags(
238 dcerpc.DCERPC_PFC_FLAG_MAYBE |
241 dcerpc.DCERPC_PFC_FLAG_FIRST |
242 dcerpc.DCERPC_PFC_FLAG_LAST)
244 def test_no_auth_request_bind_pfc_OBJECT_UUID(self):
245 return self._test_no_auth_request_bind_pfc_flags(
247 dcerpc.DCERPC_PFC_FLAG_OBJECT_UUID |
250 dcerpc.DCERPC_PFC_FLAG_FIRST |
251 dcerpc.DCERPC_PFC_FLAG_LAST)
253 # TODO: doesn't announce DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN
254 # without authentication
255 # TODO: doesn't announce DCERPC_PFC_FLAG_CONC_MPX
257 def _test_no_auth_request_bind_pfc_ff(self):
258 return self._test_no_auth_request_bind_pfc_flags(
263 dcerpc.DCERPC_PFC_FLAG_FIRST |
264 dcerpc.DCERPC_PFC_FLAG_LAST |
265 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN |
266 dcerpc.DCERPC_PFC_FLAG_CONC_MPX)
268 def test_no_auth_request_alter_pfc_00(self):
269 return self._test_no_auth_request_alter_pfc_flags(
273 dcerpc.DCERPC_PFC_FLAG_FIRST |
274 dcerpc.DCERPC_PFC_FLAG_LAST)
276 def test_no_auth_request_alter_pfc_FIRST(self):
277 return self._test_no_auth_request_alter_pfc_flags(
279 dcerpc.DCERPC_PFC_FLAG_FIRST |
282 dcerpc.DCERPC_PFC_FLAG_FIRST |
283 dcerpc.DCERPC_PFC_FLAG_LAST)
285 def test_no_auth_request_alter_pfc_LAST(self):
286 return self._test_no_auth_request_alter_pfc_flags(
288 dcerpc.DCERPC_PFC_FLAG_LAST |
291 dcerpc.DCERPC_PFC_FLAG_FIRST |
292 dcerpc.DCERPC_PFC_FLAG_LAST)
294 # TODO: doesn't announce DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN
295 # without authentication
296 def _test_no_auth_request_alter_pfc_HDR_SIGNING(self):
297 return self._test_no_auth_request_alter_pfc_flags(
299 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN |
302 dcerpc.DCERPC_PFC_FLAG_FIRST |
303 dcerpc.DCERPC_PFC_FLAG_LAST |
304 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN)
306 def test_no_auth_request_alter_pfc_08(self):
307 return self._test_no_auth_request_alter_pfc_flags(
312 dcerpc.DCERPC_PFC_FLAG_FIRST |
313 dcerpc.DCERPC_PFC_FLAG_LAST)
315 def test_no_auth_request_alter_pfc_CONC_MPX(self):
316 return self._test_no_auth_request_alter_pfc_flags(
318 dcerpc.DCERPC_PFC_FLAG_CONC_MPX |
321 dcerpc.DCERPC_PFC_FLAG_FIRST |
322 dcerpc.DCERPC_PFC_FLAG_LAST)
324 def test_no_auth_request_alter_pfc_DID_NOT_EXECUTE(self):
325 return self._test_no_auth_request_alter_pfc_flags(
327 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE |
330 dcerpc.DCERPC_PFC_FLAG_FIRST |
331 dcerpc.DCERPC_PFC_FLAG_LAST)
333 def test_no_auth_request_alter_pfc_MAYBE(self):
334 return self._test_no_auth_request_alter_pfc_flags(
336 dcerpc.DCERPC_PFC_FLAG_MAYBE |
339 dcerpc.DCERPC_PFC_FLAG_FIRST |
340 dcerpc.DCERPC_PFC_FLAG_LAST)
342 def test_no_auth_request_alter_pfc_OBJECT_UUID(self):
343 return self._test_no_auth_request_alter_pfc_flags(
345 dcerpc.DCERPC_PFC_FLAG_OBJECT_UUID |
348 dcerpc.DCERPC_PFC_FLAG_FIRST |
349 dcerpc.DCERPC_PFC_FLAG_LAST)
351 # TODO: doesn't announce DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN
352 # without authentication
353 def _test_no_auth_request_alter_pfc_ff(self):
354 return self._test_no_auth_request_alter_pfc_flags(
359 dcerpc.DCERPC_PFC_FLAG_FIRST |
360 dcerpc.DCERPC_PFC_FLAG_LAST |
361 dcerpc.DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN)
363 def test_no_auth_no_ctx(self):
364 # send an useless bind
365 req = self.generate_bind(call_id=0)
367 rep = self.recv_pdu()
368 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
370 self.assertEquals(rep.u.reject_reason,
371 dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
372 self.assertEquals(rep.u.num_versions, 1)
373 self.assertEquals(rep.u.versions[0].rpc_vers, req.rpc_vers)
374 self.assertEquals(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
375 self.assertEquals(len(rep.u._pad), 3)
376 self.assertEquals(rep.u._pad, b'\0' * 3)
378 def test_invalid_auth_noctx(self):
379 req = self.generate_bind(call_id=0)
380 req.auth_length = dcerpc.DCERPC_AUTH_TRAILER_LENGTH
382 rep = self.recv_pdu()
383 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
385 self.assertEquals(rep.u.reject_reason,
386 dcerpc.DCERPC_BIND_NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED)
387 self.assertEquals(rep.u.num_versions, 1)
388 self.assertEquals(rep.u.versions[0].rpc_vers, req.rpc_vers)
389 self.assertEquals(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
390 self.assertEquals(len(rep.u._pad), 3)
391 self.assertEquals(rep.u._pad, b'\0' * 3)
393 def test_no_auth_valid_valid_request(self):
394 ndr32 = base.transfer_syntax_ndr()
397 ctx1 = dcerpc.ctx_list()
399 ctx1.num_transfer_syntaxes = len(tsf1_list)
400 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
401 ctx1.transfer_syntaxes = tsf1_list
403 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
405 rep = self.recv_pdu()
406 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
408 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
409 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
410 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
411 self.assertEquals(rep.u.secondary_address_size, 4)
412 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
413 self.assertEquals(len(rep.u._pad1), 2)
414 self.assertEquals(rep.u._pad1, b'\0' * 2)
415 self.assertEquals(rep.u.num_results, 1)
416 self.assertEquals(rep.u.ctx_list[0].result,
417 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
418 self.assertEquals(rep.u.ctx_list[0].reason,
419 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
420 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
421 self.assertEquals(rep.u.auth_info, b'\0' * 0)
425 ctx2 = dcerpc.ctx_list()
427 ctx2.num_transfer_syntaxes = len(tsf2_list)
428 ctx2.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
429 ctx2.transfer_syntaxes = tsf2_list
431 req = self.generate_bind(call_id=1, ctx_list=[ctx2])
433 rep = self.recv_pdu()
434 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
436 self.assertEquals(rep.u.reject_reason,
437 dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
438 self.assertEquals(rep.u.num_versions, 1)
439 self.assertEquals(rep.u.versions[0].rpc_vers, req.rpc_vers)
440 self.assertEquals(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
441 self.assertEquals(len(rep.u._pad), 3)
442 self.assertEquals(rep.u._pad, b'\0' * 3)
444 # wait for a disconnect
445 rep = self.recv_pdu()
446 self.assertIsNone(rep)
447 self.assertNotConnected()
449 def test_no_auth_invalid_valid_request(self):
450 # send an useless bind
451 req = self.generate_bind(call_id=0)
453 rep = self.recv_pdu()
454 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
456 self.assertEquals(rep.u.reject_reason,
457 dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
458 self.assertEquals(rep.u.num_versions, 1)
459 self.assertEquals(rep.u.versions[0].rpc_vers, req.rpc_vers)
460 self.assertEquals(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
461 self.assertEquals(len(rep.u._pad), 3)
462 self.assertEquals(rep.u._pad, b'\0' * 3)
464 # wait for a disconnect
465 rep = self.recv_pdu()
466 self.assertIsNone(rep)
467 self.assertNotConnected()
469 def test_alter_no_auth_no_ctx(self):
470 ndr32 = base.transfer_syntax_ndr()
473 ctx1 = dcerpc.ctx_list()
475 ctx1.num_transfer_syntaxes = len(tsf1_list)
476 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
477 ctx1.transfer_syntaxes = tsf1_list
479 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
481 rep = self.recv_pdu()
482 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
484 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
485 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
486 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
487 self.assertEquals(rep.u.secondary_address_size, 4)
488 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
489 self.assertEquals(len(rep.u._pad1), 2)
490 self.assertEquals(rep.u._pad1, b'\0' * 2)
491 self.assertEquals(rep.u.num_results, 1)
492 self.assertEquals(rep.u.ctx_list[0].result,
493 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
494 self.assertEquals(rep.u.ctx_list[0].reason,
495 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
496 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
497 self.assertEquals(rep.u.auth_info, b'\0' * 0)
500 req = self.generate_alter(call_id=1, ctx_list=[])
502 rep = self.recv_pdu()
503 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
504 pfc_flags=req.pfc_flags |
505 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
507 self.assertNotEquals(rep.u.alloc_hint, 0)
508 self.assertEquals(rep.u.context_id, 0)
509 self.assertEquals(rep.u.cancel_count, 0)
510 self.assertEquals(rep.u.flags, 0)
511 self.assertEquals(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
512 self.assertEquals(rep.u.reserved, 0)
513 self.assertEquals(len(rep.u.error_and_verifier), 0)
515 # wait for a disconnect
516 rep = self.recv_pdu()
517 self.assertIsNone(rep)
518 self.assertNotConnected()
520 def test_no_auth_presentation_ctx_valid1(self):
521 ndr32 = base.transfer_syntax_ndr()
523 zero_syntax = misc.ndr_syntax_id()
525 tsf1_list = [zero_syntax, ndr32]
526 ctx1 = dcerpc.ctx_list()
528 ctx1.num_transfer_syntaxes = len(tsf1_list)
529 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
530 ctx1.transfer_syntaxes = tsf1_list
532 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
534 rep = self.recv_pdu()
535 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
537 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
538 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
539 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
540 self.assertEquals(rep.u.secondary_address_size, 4)
541 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
542 self.assertEquals(len(rep.u._pad1), 2)
543 self.assertEquals(rep.u._pad1, b'\0' * 2)
544 self.assertEquals(rep.u.num_results, 1)
545 self.assertEquals(rep.u.ctx_list[0].result,
546 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
547 self.assertEquals(rep.u.ctx_list[0].reason,
548 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
549 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
550 self.assertEquals(rep.u.auth_info, b'\0' * 0)
553 req = self.generate_alter(call_id=1, ctx_list=[ctx1])
555 rep = self.recv_pdu()
556 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
558 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
559 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
560 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
561 self.assertEquals(rep.u.secondary_address_size, 0)
562 self.assertEquals(len(rep.u._pad1), 2)
563 #self.assertEquals(rep.u._pad1, '\0' * 2)
564 self.assertEquals(rep.u.num_results, 1)
565 self.assertEquals(rep.u.ctx_list[0].result,
566 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
567 self.assertEquals(rep.u.ctx_list[0].reason,
568 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
569 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
570 self.assertEquals(rep.u.auth_info, b'\0' * 0)
572 req = self.generate_request(call_id=2,
573 context_id=ctx1.context_id,
577 rep = self.recv_pdu()
578 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
579 pfc_flags=req.pfc_flags |
580 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
582 self.assertNotEquals(rep.u.alloc_hint, 0)
583 self.assertEquals(rep.u.context_id, ctx1.context_id)
584 self.assertEquals(rep.u.cancel_count, 0)
585 self.assertEquals(rep.u.flags, 0)
586 self.assertEquals(rep.u.status, dcerpc.DCERPC_NCA_S_OP_RNG_ERROR)
587 self.assertEquals(rep.u.reserved, 0)
588 self.assertEquals(len(rep.u.error_and_verifier), 0)
590 def test_no_auth_presentation_ctx_invalid1(self):
591 ndr32 = base.transfer_syntax_ndr()
593 zero_syntax = misc.ndr_syntax_id()
596 ctx1 = dcerpc.ctx_list()
598 ctx1.num_transfer_syntaxes = len(tsf1_list)
599 ctx1.abstract_syntax = ndr32
600 ctx1.transfer_syntaxes = tsf1_list
602 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
604 rep = self.recv_pdu()
605 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
607 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
608 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
609 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
610 self.assertEquals(rep.u.secondary_address_size, 4)
611 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
612 self.assertEquals(len(rep.u._pad1), 2)
613 self.assertEquals(rep.u._pad1, b'\0' * 2)
614 self.assertEquals(rep.u.num_results, 1)
615 self.assertEquals(rep.u.ctx_list[0].result,
616 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
617 self.assertEquals(rep.u.ctx_list[0].reason,
618 dcerpc.DCERPC_BIND_ACK_REASON_ABSTRACT_SYNTAX_NOT_SUPPORTED)
619 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
620 self.assertEquals(rep.u.auth_info, b'\0' * 0)
623 req = self.generate_alter(call_id=1, ctx_list=[ctx1])
625 rep = self.recv_pdu()
626 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
628 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
629 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
630 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
631 self.assertEquals(rep.u.secondary_address_size, 0)
632 self.assertEquals(len(rep.u._pad1), 2)
633 #self.assertEquals(rep.u._pad1, '\0' * 2)
634 self.assertEquals(rep.u.num_results, 1)
635 self.assertEquals(rep.u.ctx_list[0].result,
636 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
637 self.assertEquals(rep.u.ctx_list[0].reason,
638 dcerpc.DCERPC_BIND_ACK_REASON_ABSTRACT_SYNTAX_NOT_SUPPORTED)
639 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
640 self.assertEquals(rep.u.auth_info, b'\0' * 0)
642 req = self.generate_request(call_id=2,
647 rep = self.recv_pdu()
648 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
649 pfc_flags=req.pfc_flags |
650 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
652 self.assertNotEquals(rep.u.alloc_hint, 0)
653 self.assertEquals(rep.u.context_id, 0)
654 self.assertEquals(rep.u.cancel_count, 0)
655 self.assertEquals(rep.u.flags, 0)
656 self.assertEquals(rep.u.status, dcerpc.DCERPC_NCA_S_UNKNOWN_IF)
657 self.assertEquals(rep.u.reserved, 0)
658 self.assertEquals(len(rep.u.error_and_verifier), 0)
660 # Send a alter again to prove the connection is still alive
661 req = self.generate_alter(call_id=3, ctx_list=[ctx1])
663 rep = self.recv_pdu()
664 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
666 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
667 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
668 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
669 self.assertEquals(rep.u.secondary_address_size, 0)
670 self.assertEquals(len(rep.u._pad1), 2)
671 #self.assertEquals(rep.u._pad1, '\0' * 2)
672 self.assertEquals(rep.u.num_results, 1)
673 self.assertEquals(rep.u.ctx_list[0].result,
674 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
675 self.assertEquals(rep.u.ctx_list[0].reason,
676 dcerpc.DCERPC_BIND_ACK_REASON_ABSTRACT_SYNTAX_NOT_SUPPORTED)
677 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
678 self.assertEquals(rep.u.auth_info, b'\0' * 0)
680 def test_no_auth_presentation_ctx_invalid2(self):
681 ndr32 = base.transfer_syntax_ndr()
683 zero_syntax = misc.ndr_syntax_id()
686 ctx1a = dcerpc.ctx_list()
688 ctx1a.num_transfer_syntaxes = len(tsf1a_list)
689 ctx1a.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
690 ctx1a.transfer_syntaxes = tsf1a_list
692 req = self.generate_bind(call_id=0, ctx_list=[ctx1a])
694 rep = self.recv_pdu()
695 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
697 self.assertEquals(rep.u.reject_reason,
698 dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
699 self.assertEquals(rep.u.num_versions, 1)
700 self.assertEquals(rep.u.versions[0].rpc_vers, req.rpc_vers)
701 self.assertEquals(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
702 self.assertEquals(len(rep.u._pad), 3)
703 self.assertEquals(rep.u._pad, b'\0' * 3)
705 # wait for a disconnect
706 rep = self.recv_pdu()
707 self.assertIsNone(rep)
708 self.assertNotConnected()
710 def test_no_auth_presentation_ctx_invalid3(self):
711 ndr32 = base.transfer_syntax_ndr()
713 zero_syntax = misc.ndr_syntax_id()
715 tsf1a_list = [zero_syntax, ndr32, ndr32, ndr32]
716 ctx1a = dcerpc.ctx_list()
718 ctx1a.num_transfer_syntaxes = len(tsf1a_list)
719 ctx1a.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
720 ctx1a.transfer_syntaxes = tsf1a_list
722 req = self.generate_bind(call_id=0, ctx_list=[ctx1a])
724 rep = self.recv_pdu()
725 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
727 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
728 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
729 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
730 self.assertEquals(rep.u.secondary_address_size, 4)
731 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
732 self.assertEquals(len(rep.u._pad1), 2)
733 self.assertEquals(rep.u._pad1, b'\0' * 2)
734 self.assertEquals(rep.u.num_results, 1)
735 self.assertEquals(rep.u.ctx_list[0].result,
736 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
737 self.assertEquals(rep.u.ctx_list[0].reason,
738 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
739 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
740 self.assertEquals(rep.u.auth_info, b'\0' * 0)
743 ctx1b = dcerpc.ctx_list()
745 ctx1b.num_transfer_syntaxes = len(tsf1b_list)
746 ctx1b.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
747 ctx1b.transfer_syntaxes = tsf1b_list
750 req = self.generate_alter(call_id=1, ctx_list=[ctx1b])
752 rep = self.recv_pdu()
753 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
754 pfc_flags=req.pfc_flags |
755 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
757 self.assertNotEquals(rep.u.alloc_hint, 0)
758 self.assertEquals(rep.u.context_id, 0)
759 self.assertEquals(rep.u.cancel_count, 0)
760 self.assertEquals(rep.u.flags, 0)
761 self.assertEquals(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
762 self.assertEquals(rep.u.reserved, 0)
763 self.assertEquals(len(rep.u.error_and_verifier), 0)
765 # wait for a disconnect
766 rep = self.recv_pdu()
767 self.assertIsNone(rep)
768 self.assertNotConnected()
770 def test_no_auth_presentation_ctx_invalid4(self):
771 ndr32 = base.transfer_syntax_ndr()
772 ndr64 = base.transfer_syntax_ndr64()
774 zero_syntax = misc.ndr_syntax_id()
776 tsf1a_list = [zero_syntax, ndr32, ndr32, ndr32]
777 ctx1a = dcerpc.ctx_list()
779 ctx1a.num_transfer_syntaxes = len(tsf1a_list)
780 ctx1a.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
781 ctx1a.transfer_syntaxes = tsf1a_list
783 req = self.generate_bind(call_id=0, ctx_list=[ctx1a])
785 rep = self.recv_pdu()
786 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
788 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
789 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
790 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
791 self.assertEquals(rep.u.secondary_address_size, 4)
792 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
793 self.assertEquals(len(rep.u._pad1), 2)
794 self.assertEquals(rep.u._pad1, b'\0' * 2)
795 self.assertEquals(rep.u.num_results, 1)
796 self.assertEquals(rep.u.ctx_list[0].result,
797 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
798 self.assertEquals(rep.u.ctx_list[0].reason,
799 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
800 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
801 self.assertEquals(rep.u.auth_info, b'\0' * 0)
803 # With a known but wrong syntax we get a protocol error
804 # see test_no_auth_presentation_ctx_valid2
805 tsf1b_list = [zero_syntax, samba.dcerpc.epmapper.abstract_syntax(), ndr64]
806 ctx1b = dcerpc.ctx_list()
808 ctx1b.num_transfer_syntaxes = len(tsf1b_list)
809 ctx1b.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
810 ctx1b.transfer_syntaxes = tsf1b_list
813 req = self.generate_alter(call_id=1, ctx_list=[ctx1b])
815 rep = self.recv_pdu()
816 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
817 pfc_flags=req.pfc_flags |
818 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
820 self.assertNotEquals(rep.u.alloc_hint, 0)
821 self.assertEquals(rep.u.context_id, 0)
822 self.assertEquals(rep.u.cancel_count, 0)
823 self.assertEquals(rep.u.flags, 0)
824 self.assertEquals(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
825 self.assertEquals(rep.u.reserved, 0)
826 self.assertEquals(len(rep.u.error_and_verifier), 0)
828 # wait for a disconnect
829 rep = self.recv_pdu()
830 self.assertIsNone(rep)
831 self.assertNotConnected()
833 def test_no_auth_presentation_ctx_valid2(self):
834 ndr32 = base.transfer_syntax_ndr()
836 zero_syntax = misc.ndr_syntax_id()
838 tsf1a_list = [zero_syntax, ndr32, ndr32, ndr32]
839 ctx1a = dcerpc.ctx_list()
841 ctx1a.num_transfer_syntaxes = len(tsf1a_list)
842 ctx1a.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
843 ctx1a.transfer_syntaxes = tsf1a_list
845 req = self.generate_bind(call_id=0, ctx_list=[ctx1a])
847 rep = self.recv_pdu()
848 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
850 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
851 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
852 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
853 self.assertEquals(rep.u.secondary_address_size, 4)
854 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
855 self.assertEquals(len(rep.u._pad1), 2)
856 self.assertEquals(rep.u._pad1, b'\0' * 2)
857 self.assertEquals(rep.u.num_results, 1)
858 self.assertEquals(rep.u.ctx_list[0].result,
859 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
860 self.assertEquals(rep.u.ctx_list[0].reason,
861 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
862 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
863 self.assertEquals(rep.u.auth_info, b'\0' * 0)
865 # With a unknown but wrong syntaxes we get NO protocol error
866 # see test_no_auth_presentation_ctx_invalid4
867 tsf1b_list = [zero_syntax, samba.dcerpc.epmapper.abstract_syntax()]
868 ctx1b = dcerpc.ctx_list()
870 ctx1b.num_transfer_syntaxes = len(tsf1b_list)
871 ctx1b.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
872 ctx1b.transfer_syntaxes = tsf1b_list
875 req = self.generate_alter(call_id=1, ctx_list=[ctx1b])
877 rep = self.recv_pdu()
878 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
880 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
881 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
882 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
883 self.assertEquals(rep.u.secondary_address_size, 0)
884 self.assertEquals(len(rep.u._pad1), 2)
885 #self.assertEquals(rep.u._pad1, '\0' * 2)
886 self.assertEquals(rep.u.num_results, 1)
887 self.assertEquals(rep.u.ctx_list[0].result,
888 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
889 self.assertEquals(rep.u.ctx_list[0].reason,
890 dcerpc.DCERPC_BIND_ACK_REASON_TRANSFER_SYNTAXES_NOT_SUPPORTED)
891 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
892 self.assertEquals(rep.u.auth_info, b'\0' * 0)
894 req = self.generate_request(call_id=2,
895 context_id=ctx1a.context_id,
899 rep = self.recv_pdu()
900 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
901 pfc_flags=req.pfc_flags |
902 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
904 self.assertNotEquals(rep.u.alloc_hint, 0)
905 self.assertEquals(rep.u.context_id, ctx1a.context_id)
906 self.assertEquals(rep.u.cancel_count, 0)
907 self.assertEquals(rep.u.flags, 0)
908 self.assertEquals(rep.u.status, dcerpc.DCERPC_NCA_S_OP_RNG_ERROR)
909 self.assertEquals(rep.u.reserved, 0)
910 self.assertEquals(len(rep.u.error_and_verifier), 0)
912 def test_no_auth_presentation_ctx_no_ndr64(self):
913 ndr32 = base.transfer_syntax_ndr()
914 zero_syntax = misc.ndr_syntax_id()
916 tsfZ_list = [zero_syntax]
917 ctxZ = dcerpc.ctx_list()
918 ctxZ.context_id = 54321
919 ctxZ.num_transfer_syntaxes = len(tsfZ_list)
920 ctxZ.abstract_syntax = zero_syntax
921 ctxZ.transfer_syntaxes = tsfZ_list
923 req = self.generate_bind(call_id=0, ctx_list=[ctxZ])
925 rep = self.recv_pdu()
926 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
928 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
929 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
930 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
931 self.assertEquals(rep.u.secondary_address_size, 4)
932 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
933 self.assertEquals(len(rep.u._pad1), 2)
934 self.assertEquals(rep.u._pad1, b'\0' * 2)
935 self.assertEquals(rep.u.num_results, 1)
936 self.assertEquals(rep.u.ctx_list[0].result,
937 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
938 self.assertEquals(rep.u.ctx_list[0].reason,
939 dcerpc.DCERPC_BIND_ACK_REASON_ABSTRACT_SYNTAX_NOT_SUPPORTED)
940 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
941 self.assertEquals(rep.u.auth_info, b'\0' * 0)
944 ctx0 = dcerpc.ctx_list()
946 ctx0.num_transfer_syntaxes = len(tsf0_list)
947 ctx0.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
948 ctx0.transfer_syntaxes = tsf0_list
950 req = self.generate_alter(call_id=0, ctx_list=[ctx0])
952 rep = self.recv_pdu()
953 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
955 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
956 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
957 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
958 self.assertEquals(rep.u.secondary_address_size, 0)
959 self.assertEquals(len(rep.u._pad1), 2)
960 #self.assertEquals(rep.u._pad1, '\0' * 2)
961 self.assertEquals(rep.u.num_results, 1)
962 self.assertEquals(rep.u.ctx_list[0].result,
963 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
964 self.assertEquals(rep.u.ctx_list[0].reason,
965 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
966 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
967 self.assertEquals(rep.u.auth_info, b'\0' * 0)
969 req = self.generate_request(call_id=1,
970 context_id=ctx0.context_id,
974 rep = self.recv_pdu()
975 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
977 self.assertNotEquals(rep.u.alloc_hint, 0)
978 self.assertEquals(rep.u.context_id, req.u.context_id)
979 self.assertEquals(rep.u.cancel_count, 0)
980 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
982 tsf1_list = [zero_syntax, ndr32]
983 ctx1 = dcerpc.ctx_list()
985 ctx1.num_transfer_syntaxes = len(tsf1_list)
986 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
987 ctx1.transfer_syntaxes = tsf1_list
989 req = self.generate_alter(call_id=1, ctx_list=[ctx1])
991 rep = self.recv_pdu()
992 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
994 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
995 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
996 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
997 self.assertEquals(rep.u.secondary_address_size, 0)
998 self.assertEquals(len(rep.u._pad1), 2)
999 #self.assertEquals(rep.u._pad1, '\0' * 2)
1000 self.assertEquals(rep.u.num_results, 1)
1001 self.assertEquals(rep.u.ctx_list[0].result,
1002 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1003 self.assertEquals(rep.u.ctx_list[0].reason,
1004 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1005 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1006 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1008 req = self.generate_request(call_id=1,
1009 context_id=ctx1.context_id,
1013 rep = self.recv_pdu()
1014 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1016 self.assertNotEquals(rep.u.alloc_hint, 0)
1017 self.assertEquals(rep.u.context_id, req.u.context_id)
1018 self.assertEquals(rep.u.cancel_count, 0)
1019 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1021 tsf2_list = [ndr32, ndr32]
1022 ctx2 = dcerpc.ctx_list()
1024 ctx2.num_transfer_syntaxes = len(tsf2_list)
1025 ctx2.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1026 ctx2.transfer_syntaxes = tsf2_list
1028 req = self.generate_alter(call_id=2, ctx_list=[ctx2])
1030 rep = self.recv_pdu()
1031 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
1033 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1034 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
1035 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1036 self.assertEquals(rep.u.secondary_address_size, 0)
1037 self.assertEquals(len(rep.u._pad1), 2)
1038 #self.assertEquals(rep.u._pad1, '\0' * 2)
1039 self.assertEquals(rep.u.num_results, 1)
1040 self.assertEquals(rep.u.ctx_list[0].result,
1041 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1042 self.assertEquals(rep.u.ctx_list[0].reason,
1043 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1044 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1045 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1047 req = self.generate_request(call_id=1,
1048 context_id=ctx2.context_id,
1052 rep = self.recv_pdu()
1053 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1055 self.assertNotEquals(rep.u.alloc_hint, 0)
1056 self.assertEquals(rep.u.context_id, req.u.context_id)
1057 self.assertEquals(rep.u.cancel_count, 0)
1058 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1061 ctx3 = dcerpc.ctx_list()
1063 ctx3.num_transfer_syntaxes = len(tsf3_list)
1064 ctx3.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1065 ctx3.transfer_syntaxes = tsf3_list
1068 ctx4 = dcerpc.ctx_list()
1070 ctx4.num_transfer_syntaxes = len(tsf4_list)
1071 ctx4.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1072 ctx4.transfer_syntaxes = tsf4_list
1074 req = self.generate_alter(call_id=34, ctx_list=[ctx3, ctx4])
1076 rep = self.recv_pdu()
1077 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
1079 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1080 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
1081 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1082 self.assertEquals(rep.u.secondary_address_size, 0)
1083 self.assertEquals(len(rep.u._pad1), 2)
1084 #self.assertEquals(rep.u._pad1, '\0' * 2)
1085 self.assertEquals(rep.u.num_results, 2)
1086 self.assertEquals(rep.u.ctx_list[0].result,
1087 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1088 self.assertEquals(rep.u.ctx_list[0].reason,
1089 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1090 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1091 self.assertEquals(rep.u.ctx_list[1].result,
1092 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
1093 self.assertEquals(rep.u.ctx_list[1].reason,
1094 dcerpc.DCERPC_BIND_ACK_REASON_TRANSFER_SYNTAXES_NOT_SUPPORTED)
1095 self.assertNDRSyntaxEquals(rep.u.ctx_list[1].syntax, zero_syntax)
1096 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1098 req = self.generate_request(call_id=1,
1099 context_id=ctx3.context_id,
1103 rep = self.recv_pdu()
1104 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1106 self.assertNotEquals(rep.u.alloc_hint, 0)
1107 self.assertEquals(rep.u.context_id, req.u.context_id)
1108 self.assertEquals(rep.u.cancel_count, 0)
1109 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1111 req = self.generate_alter(call_id=43, ctx_list=[ctx4, ctx3])
1113 rep = self.recv_pdu()
1114 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
1116 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1117 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
1118 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1119 self.assertEquals(rep.u.secondary_address_size, 0)
1120 self.assertEquals(len(rep.u._pad1), 2)
1121 #self.assertEquals(rep.u._pad1, '\0' * 2)
1122 self.assertEquals(rep.u.num_results, 2)
1123 self.assertEquals(rep.u.ctx_list[0].result,
1124 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1125 self.assertEquals(rep.u.ctx_list[0].reason,
1126 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1127 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1128 self.assertEquals(rep.u.ctx_list[1].result,
1129 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
1130 self.assertEquals(rep.u.ctx_list[1].reason,
1131 dcerpc.DCERPC_BIND_ACK_REASON_TRANSFER_SYNTAXES_NOT_SUPPORTED)
1132 self.assertNDRSyntaxEquals(rep.u.ctx_list[1].syntax, zero_syntax)
1133 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1135 req = self.generate_request(call_id=1,
1136 context_id=ctx4.context_id,
1140 rep = self.recv_pdu()
1141 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1143 self.assertNotEquals(rep.u.alloc_hint, 0)
1144 self.assertEquals(rep.u.context_id, req.u.context_id)
1145 self.assertEquals(rep.u.cancel_count, 0)
1146 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1148 req = self.generate_request(call_id=1,
1149 context_id=ctx3.context_id,
1153 rep = self.recv_pdu()
1154 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1156 self.assertNotEquals(rep.u.alloc_hint, 0)
1157 self.assertEquals(rep.u.context_id, req.u.context_id)
1158 self.assertEquals(rep.u.cancel_count, 0)
1159 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1161 req = self.generate_alter(call_id=44, ctx_list=[ctx4, ctx4])
1163 rep = self.recv_pdu()
1164 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
1166 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1167 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
1168 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1169 self.assertEquals(rep.u.secondary_address_size, 0)
1170 self.assertEquals(len(rep.u._pad1), 2)
1171 #self.assertEquals(rep.u._pad1, '\0' * 2)
1172 self.assertEquals(rep.u.num_results, 2)
1173 self.assertEquals(rep.u.ctx_list[0].result,
1174 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1175 self.assertEquals(rep.u.ctx_list[0].reason,
1176 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1177 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1178 self.assertEquals(rep.u.ctx_list[1].result,
1179 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
1180 self.assertEquals(rep.u.ctx_list[1].reason,
1181 dcerpc.DCERPC_BIND_ACK_REASON_TRANSFER_SYNTAXES_NOT_SUPPORTED)
1182 self.assertNDRSyntaxEquals(rep.u.ctx_list[1].syntax, zero_syntax)
1183 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1185 req = self.generate_request(call_id=1,
1186 context_id=ctx4.context_id,
1190 rep = self.recv_pdu()
1191 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1193 self.assertNotEquals(rep.u.alloc_hint, 0)
1194 self.assertEquals(rep.u.context_id, req.u.context_id)
1195 self.assertEquals(rep.u.cancel_count, 0)
1196 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1198 req = self.generate_request(call_id=1,
1199 context_id=ctx3.context_id,
1203 rep = self.recv_pdu()
1204 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1206 self.assertNotEquals(rep.u.alloc_hint, 0)
1207 self.assertEquals(rep.u.context_id, req.u.context_id)
1208 self.assertEquals(rep.u.cancel_count, 0)
1209 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1211 tsf5mgmt_list = [ndr32]
1212 ctx5mgmt = dcerpc.ctx_list()
1213 ctx5mgmt.context_id = 5
1214 ctx5mgmt.num_transfer_syntaxes = len(tsf5mgmt_list)
1215 ctx5mgmt.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1216 ctx5mgmt.transfer_syntaxes = tsf5mgmt_list
1218 tsf5epm_list = [ndr32]
1219 ctx5epm = dcerpc.ctx_list()
1220 ctx5epm.context_id = 5
1221 ctx5epm.num_transfer_syntaxes = len(tsf5epm_list)
1222 ctx5epm.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1223 ctx5epm.transfer_syntaxes = tsf5epm_list
1225 req = self.generate_alter(call_id=55, ctx_list=[ctx5mgmt, ctx5epm])
1227 rep = self.recv_pdu()
1228 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
1230 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1231 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
1232 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1233 self.assertEquals(rep.u.secondary_address_size, 0)
1234 self.assertEquals(len(rep.u._pad1), 2)
1235 #self.assertEquals(rep.u._pad1, '\0' * 2)
1236 self.assertEquals(rep.u.num_results, 2)
1237 self.assertEquals(rep.u.ctx_list[0].result,
1238 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1239 self.assertEquals(rep.u.ctx_list[0].reason,
1240 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1241 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1242 self.assertEquals(rep.u.ctx_list[1].result,
1243 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
1244 self.assertEquals(rep.u.ctx_list[1].reason,
1245 dcerpc.DCERPC_BIND_ACK_REASON_TRANSFER_SYNTAXES_NOT_SUPPORTED)
1246 self.assertNDRSyntaxEquals(rep.u.ctx_list[1].syntax, zero_syntax)
1247 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1249 req = self.generate_request(call_id=1,
1250 context_id=ctx5mgmt.context_id,
1254 rep = self.recv_pdu()
1255 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1257 self.assertNotEquals(rep.u.alloc_hint, 0)
1258 self.assertEquals(rep.u.context_id, req.u.context_id)
1259 self.assertEquals(rep.u.cancel_count, 0)
1260 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1262 req = self.generate_alter(call_id=55, ctx_list=[ctx5mgmt, ctx5epm])
1264 rep = self.recv_pdu()
1265 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
1267 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1268 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
1269 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1270 self.assertEquals(rep.u.secondary_address_size, 0)
1271 self.assertEquals(len(rep.u._pad1), 2)
1272 #self.assertEquals(rep.u._pad1, '\0' * 2)
1273 self.assertEquals(rep.u.num_results, 2)
1274 self.assertEquals(rep.u.ctx_list[0].result,
1275 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1276 self.assertEquals(rep.u.ctx_list[0].reason,
1277 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1278 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1279 self.assertEquals(rep.u.ctx_list[1].result,
1280 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
1281 self.assertEquals(rep.u.ctx_list[1].reason,
1282 dcerpc.DCERPC_BIND_ACK_REASON_TRANSFER_SYNTAXES_NOT_SUPPORTED)
1283 self.assertNDRSyntaxEquals(rep.u.ctx_list[1].syntax, zero_syntax)
1284 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1286 req = self.generate_request(call_id=1,
1287 context_id=ctx5mgmt.context_id,
1291 rep = self.recv_pdu()
1292 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1294 self.assertNotEquals(rep.u.alloc_hint, 0)
1295 self.assertEquals(rep.u.context_id, req.u.context_id)
1296 self.assertEquals(rep.u.cancel_count, 0)
1297 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1299 def test_no_auth_bind_time_none_simple(self):
1301 btf = base.bind_time_features_syntax(features)
1303 zero_syntax = misc.ndr_syntax_id()
1306 ctx1 = dcerpc.ctx_list()
1308 ctx1.num_transfer_syntaxes = len(tsf1_list)
1309 ctx1.abstract_syntax = zero_syntax
1310 ctx1.transfer_syntaxes = tsf1_list
1312 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
1314 rep = self.recv_pdu()
1315 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
1317 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1318 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
1319 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1320 self.assertEquals(rep.u.secondary_address_size, 4)
1321 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
1322 self.assertEquals(len(rep.u._pad1), 2)
1323 self.assertEquals(rep.u._pad1, b'\0' * 2)
1324 self.assertEquals(rep.u.num_results, 1)
1325 self.assertEquals(rep.u.ctx_list[0].result,
1326 dcerpc.DCERPC_BIND_ACK_RESULT_NEGOTIATE_ACK)
1327 self.assertEquals(rep.u.ctx_list[0].reason, features)
1328 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
1329 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1331 def test_no_auth_bind_time_none_ignore_additional(self):
1333 btf1 = base.bind_time_features_syntax(features1)
1335 features2 = dcerpc.DCERPC_BIND_TIME_KEEP_CONNECTION_ON_ORPHAN
1336 features2 |= dcerpc.DCERPC_BIND_TIME_SECURITY_CONTEXT_MULTIPLEXING
1337 btf2 = base.bind_time_features_syntax(features2)
1339 zero_syntax = misc.ndr_syntax_id()
1340 ndr64 = base.transfer_syntax_ndr64()
1342 tsf1_list = [btf1, btf2, zero_syntax]
1343 ctx1 = dcerpc.ctx_list()
1345 ctx1.num_transfer_syntaxes = len(tsf1_list)
1346 ctx1.abstract_syntax = ndr64
1347 ctx1.transfer_syntaxes = tsf1_list
1349 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
1351 rep = self.recv_pdu()
1352 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
1354 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1355 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
1356 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1357 self.assertEquals(rep.u.secondary_address_size, 4)
1358 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
1359 self.assertEquals(len(rep.u._pad1), 2)
1360 self.assertEquals(rep.u._pad1, b'\0' * 2)
1361 self.assertEquals(rep.u.num_results, 1)
1362 self.assertEquals(rep.u.ctx_list[0].result,
1363 dcerpc.DCERPC_BIND_ACK_RESULT_NEGOTIATE_ACK)
1364 self.assertEquals(rep.u.ctx_list[0].reason, features1)
1365 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
1366 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1368 def test_no_auth_bind_time_only_first(self):
1369 features1 = dcerpc.DCERPC_BIND_TIME_KEEP_CONNECTION_ON_ORPHAN
1370 btf1 = base.bind_time_features_syntax(features1)
1372 features2 = dcerpc.DCERPC_BIND_TIME_SECURITY_CONTEXT_MULTIPLEXING
1373 btf2 = base.bind_time_features_syntax(features2)
1375 zero_syntax = misc.ndr_syntax_id()
1377 tsf1_list = [zero_syntax, btf1, btf2, zero_syntax]
1378 ctx1 = dcerpc.ctx_list()
1380 ctx1.num_transfer_syntaxes = len(tsf1_list)
1381 ctx1.abstract_syntax = zero_syntax
1382 ctx1.transfer_syntaxes = tsf1_list
1384 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
1386 rep = self.recv_pdu()
1387 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
1389 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1390 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
1391 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1392 self.assertEquals(rep.u.secondary_address_size, 4)
1393 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
1394 self.assertEquals(len(rep.u._pad1), 2)
1395 self.assertEquals(rep.u._pad1, b'\0' * 2)
1396 self.assertEquals(rep.u.num_results, 1)
1397 self.assertEquals(rep.u.ctx_list[0].result,
1398 dcerpc.DCERPC_BIND_ACK_RESULT_PROVIDER_REJECTION)
1399 self.assertEquals(rep.u.ctx_list[0].reason,
1400 dcerpc.DCERPC_BIND_ACK_REASON_ABSTRACT_SYNTAX_NOT_SUPPORTED)
1401 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
1402 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1404 def test_no_auth_bind_time_twice(self):
1405 features1 = dcerpc.DCERPC_BIND_TIME_KEEP_CONNECTION_ON_ORPHAN
1406 btf1 = base.bind_time_features_syntax(features1)
1408 features2 = dcerpc.DCERPC_BIND_TIME_SECURITY_CONTEXT_MULTIPLEXING
1409 btf2 = base.bind_time_features_syntax(features2)
1411 zero_syntax = misc.ndr_syntax_id()
1414 ctx1 = dcerpc.ctx_list()
1416 ctx1.num_transfer_syntaxes = len(tsf1_list)
1417 ctx1.abstract_syntax = zero_syntax
1418 ctx1.transfer_syntaxes = tsf1_list
1421 ctx2 = dcerpc.ctx_list()
1423 ctx2.num_transfer_syntaxes = len(tsf2_list)
1424 ctx2.abstract_syntax = zero_syntax
1425 ctx2.transfer_syntaxes = tsf2_list
1427 req = self.generate_bind(call_id=0, ctx_list=[ctx1, ctx2])
1429 rep = self.recv_pdu()
1430 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
1432 self.assertEquals(rep.u.reject_reason,
1433 dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
1434 self.assertEquals(rep.u.num_versions, 1)
1435 self.assertEquals(rep.u.versions[0].rpc_vers, req.rpc_vers)
1436 self.assertEquals(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
1437 self.assertEquals(len(rep.u._pad), 3)
1438 self.assertEquals(rep.u._pad, b'\0' * 3)
1440 # wait for a disconnect
1441 rep = self.recv_pdu()
1442 self.assertIsNone(rep)
1443 self.assertNotConnected()
1445 def test_no_auth_bind_time_keep_on_orphan_simple(self):
1446 features = dcerpc.DCERPC_BIND_TIME_KEEP_CONNECTION_ON_ORPHAN
1447 btf = base.bind_time_features_syntax(features)
1449 zero_syntax = misc.ndr_syntax_id()
1452 ctx1 = dcerpc.ctx_list()
1454 ctx1.num_transfer_syntaxes = len(tsf1_list)
1455 ctx1.abstract_syntax = zero_syntax
1456 ctx1.transfer_syntaxes = tsf1_list
1458 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
1460 rep = self.recv_pdu()
1461 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
1463 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1464 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
1465 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1466 self.assertEquals(rep.u.secondary_address_size, 4)
1467 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
1468 self.assertEquals(len(rep.u._pad1), 2)
1469 self.assertEquals(rep.u._pad1, b'\0' * 2)
1470 self.assertEquals(rep.u.num_results, 1)
1471 self.assertEquals(rep.u.ctx_list[0].result,
1472 dcerpc.DCERPC_BIND_ACK_RESULT_NEGOTIATE_ACK)
1473 self.assertEquals(rep.u.ctx_list[0].reason, features)
1474 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
1475 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1477 def test_no_auth_bind_time_keep_on_orphan_ignore_additional(self):
1478 features1 = dcerpc.DCERPC_BIND_TIME_KEEP_CONNECTION_ON_ORPHAN
1479 btf1 = base.bind_time_features_syntax(features1)
1481 features2 = dcerpc.DCERPC_BIND_TIME_SECURITY_CONTEXT_MULTIPLEXING
1482 btf2 = base.bind_time_features_syntax(features2)
1484 zero_syntax = misc.ndr_syntax_id()
1485 ndr64 = base.transfer_syntax_ndr64()
1487 tsf1_list = [btf1, btf2, zero_syntax]
1488 ctx1 = dcerpc.ctx_list()
1490 ctx1.num_transfer_syntaxes = len(tsf1_list)
1491 ctx1.abstract_syntax = ndr64
1492 ctx1.transfer_syntaxes = tsf1_list
1494 req = self.generate_bind(call_id=0, ctx_list=[ctx1])
1496 rep = self.recv_pdu()
1497 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
1499 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1500 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
1501 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1502 self.assertEquals(rep.u.secondary_address_size, 4)
1503 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
1504 self.assertEquals(len(rep.u._pad1), 2)
1505 self.assertEquals(rep.u._pad1, b'\0' * 2)
1506 self.assertEquals(rep.u.num_results, 1)
1507 self.assertEquals(rep.u.ctx_list[0].result,
1508 dcerpc.DCERPC_BIND_ACK_RESULT_NEGOTIATE_ACK)
1509 self.assertEquals(rep.u.ctx_list[0].reason, features1)
1510 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, zero_syntax)
1511 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1513 def _test_auth_type_level_bind_nak(self, auth_type, auth_level, creds=None,
1514 reason=dcerpc.DCERPC_BIND_NAK_REASON_INVALID_AUTH_TYPE):
1515 ndr32 = base.transfer_syntax_ndr()
1518 ctx1 = dcerpc.ctx_list()
1520 ctx1.num_transfer_syntaxes = len(tsf1_list)
1521 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1522 ctx1.transfer_syntaxes = tsf1_list
1527 if creds is not None:
1528 # We always start with DCERPC_AUTH_LEVEL_INTEGRITY
1529 auth_context = self.get_auth_context_creds(creds,
1530 auth_type=auth_type,
1531 auth_level=auth_level,
1532 auth_context_id=auth_context_id,
1533 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY)
1535 (finished, to_server) = auth_context["gensec"].update(from_server)
1536 self.assertFalse(finished)
1538 auth_info = self.generate_auth(auth_type=auth_context["auth_type"],
1539 auth_level=auth_context["auth_level"],
1540 auth_context_id=auth_context["auth_context_id"],
1541 auth_blob=to_server)
1544 auth_info = self.generate_auth(auth_type=auth_type,
1545 auth_level=auth_level,
1546 auth_context_id=auth_context_id,
1547 auth_blob=to_server)
1549 req = self.generate_bind(call_id=0,
1551 auth_info=auth_info)
1553 rep = self.recv_pdu()
1554 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_NAK, req.call_id,
1556 self.assertEquals(rep.u.reject_reason, reason)
1557 self.assertEquals(rep.u.num_versions, 1)
1558 self.assertEquals(rep.u.versions[0].rpc_vers, req.rpc_vers)
1559 self.assertEquals(rep.u.versions[0].rpc_vers_minor, req.rpc_vers_minor)
1560 self.assertEquals(len(rep.u._pad), 3)
1561 self.assertEquals(rep.u._pad, b'\0' * 3)
1563 # wait for a disconnect
1564 rep = self.recv_pdu()
1565 self.assertIsNone(rep)
1566 self.assertNotConnected()
1568 def _test_auth_none_level_bind(self, auth_level,
1569 reason=dcerpc.DCERPC_BIND_NAK_REASON_INVALID_AUTH_TYPE):
1570 return self._test_auth_type_level_bind_nak(auth_type=dcerpc.DCERPC_AUTH_LEVEL_NONE,
1571 auth_level=auth_level, reason=reason)
1573 def test_auth_none_none_bind(self):
1574 return self._test_auth_none_level_bind(dcerpc.DCERPC_AUTH_LEVEL_NONE,
1575 reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
1577 def test_auth_none_connect_bind(self):
1578 return self._test_auth_none_level_bind(dcerpc.DCERPC_AUTH_LEVEL_CONNECT)
1580 def test_auth_none_call_bind(self):
1581 return self._test_auth_none_level_bind(dcerpc.DCERPC_AUTH_LEVEL_CALL)
1583 def test_auth_none_packet_bind(self):
1584 return self._test_auth_none_level_bind(dcerpc.DCERPC_AUTH_LEVEL_PACKET)
1586 def test_auth_none_integrity_bind(self):
1587 return self._test_auth_none_level_bind(dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY)
1589 def test_auth_none_privacy_bind(self):
1590 return self._test_auth_none_level_bind(dcerpc.DCERPC_AUTH_LEVEL_PRIVACY)
1592 def test_auth_none_0_bind(self):
1593 return self._test_auth_none_level_bind(0,
1594 reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
1596 def test_auth_none_7_bind(self):
1597 return self._test_auth_none_level_bind(7,
1598 reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
1600 def test_auth_none_255_bind(self):
1601 return self._test_auth_none_level_bind(255,
1602 reason=dcerpc.DCERPC_BIND_NAK_REASON_NOT_SPECIFIED)
1604 def _test_auth_none_level_request(self, auth_level):
1605 ndr32 = base.transfer_syntax_ndr()
1608 ctx1 = dcerpc.ctx_list()
1610 ctx1.num_transfer_syntaxes = len(tsf1_list)
1611 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1612 ctx1.transfer_syntaxes = tsf1_list
1615 auth_type = dcerpc.DCERPC_AUTH_TYPE_NONE
1618 req = self.generate_bind(call_id=0,
1622 rep = self.recv_pdu()
1623 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
1624 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1625 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
1626 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1627 self.assertEquals(rep.u.secondary_address_size, 4)
1628 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
1629 self.assertEquals(len(rep.u._pad1), 2)
1630 self.assertEquals(rep.u._pad1, b'\0' * 2)
1631 self.assertEquals(rep.u.num_results, 1)
1632 self.assertEquals(rep.u.ctx_list[0].result,
1633 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1634 self.assertEquals(rep.u.ctx_list[0].reason,
1635 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1636 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1637 self.assertEquals(len(rep.u.auth_info), 0)
1639 # And now try a request without auth_info
1640 req = self.generate_request(call_id=2,
1641 context_id=ctx1.context_id,
1645 rep = self.recv_pdu()
1646 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1648 self.assertNotEquals(rep.u.alloc_hint, 0)
1649 self.assertEquals(rep.u.context_id, req.u.context_id)
1650 self.assertEquals(rep.u.cancel_count, 0)
1651 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1653 auth_info = self.generate_auth(auth_type=auth_type,
1654 auth_level=auth_level,
1655 auth_context_id=auth_context_id,
1658 req = self.generate_request(call_id=3,
1659 context_id=ctx1.context_id,
1662 auth_info=auth_info)
1664 rep = self.recv_pdu()
1665 # We get a fault back
1666 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
1668 self.assertNotEquals(rep.u.alloc_hint, 0)
1669 self.assertEquals(rep.u.context_id, req.u.context_id)
1670 self.assertEquals(rep.u.cancel_count, 0)
1671 self.assertEquals(rep.u.flags, 0)
1672 self.assertEquals(rep.u.status, dcerpc.DCERPC_FAULT_ACCESS_DENIED)
1673 self.assertEquals(rep.u.reserved, 0)
1674 self.assertEquals(len(rep.u.error_and_verifier), 0)
1676 # wait for a disconnect
1677 rep = self.recv_pdu()
1678 self.assertIsNone(rep)
1679 self.assertNotConnected()
1681 def test_auth_none_none_request(self):
1682 return self._test_auth_none_level_request(dcerpc.DCERPC_AUTH_LEVEL_NONE)
1684 def test_auth_none_connect_request(self):
1685 return self._test_auth_none_level_request(dcerpc.DCERPC_AUTH_LEVEL_CONNECT)
1687 def test_auth_none_call_request(self):
1688 return self._test_auth_none_level_request(dcerpc.DCERPC_AUTH_LEVEL_CALL)
1690 def _test_neg_xmit_check_values(self,
1696 ndr32 = base.transfer_syntax_ndr()
1699 ctx1 = dcerpc.ctx_list()
1701 ctx1.num_transfer_syntaxes = len(tsf1_list)
1702 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1703 ctx1.transfer_syntaxes = tsf1_list
1705 req = self.generate_bind(call_id=0,
1706 max_xmit_frag=req_xmit,
1707 max_recv_frag=req_recv,
1710 rep = self.recv_pdu()
1711 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
1713 self.assertEquals(rep.u.max_xmit_frag, rep_both)
1714 self.assertEquals(rep.u.max_recv_frag, rep_both)
1715 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1716 self.assertEquals(rep.u.secondary_address_size, 4)
1717 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
1718 self.assertEquals(len(rep.u._pad1), 2)
1719 self.assertEquals(rep.u._pad1, b'\0' * 2)
1720 self.assertEquals(rep.u.num_results, 1)
1721 self.assertEquals(rep.u.ctx_list[0].result,
1722 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1723 self.assertEquals(rep.u.ctx_list[0].reason,
1724 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1725 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1726 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1728 assoc_group_id = rep.u.assoc_group_id
1729 if alter_xmit is None:
1730 alter_xmit = rep_both - 8
1731 if alter_recv is None:
1732 alter_recv = rep_both - 8
1734 # max_{xmit,recv}_frag and assoc_group_id are completely
1735 # ignored in alter_context requests
1736 req = self.generate_alter(call_id=1,
1737 max_xmit_frag=alter_xmit,
1738 max_recv_frag=alter_recv,
1739 assoc_group_id=0xffffffff - rep.u.assoc_group_id,
1742 rep = self.recv_pdu()
1743 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id,
1745 self.assertEquals(rep.u.max_xmit_frag, rep_both)
1746 self.assertEquals(rep.u.max_recv_frag, rep_both)
1747 self.assertEquals(rep.u.assoc_group_id, rep.u.assoc_group_id)
1748 self.assertEquals(rep.u.secondary_address_size, 0)
1749 self.assertEquals(len(rep.u._pad1), 2)
1750 #self.assertEquals(rep.u._pad1, '\0' * 2)
1751 self.assertEquals(rep.u.num_results, 1)
1752 self.assertEquals(rep.u.ctx_list[0].result,
1753 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1754 self.assertEquals(rep.u.ctx_list[0].reason,
1755 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1756 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1757 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1759 chunk_size = rep_both - dcerpc.DCERPC_REQUEST_LENGTH
1760 req = self.generate_request(call_id=2,
1761 context_id=ctx1.context_id,
1763 alloc_hint=0xffffffff,
1764 stub=b"\00" * chunk_size)
1765 self.send_pdu(req, ndr_print=True, hexdump=True)
1766 rep = self.recv_pdu(ndr_print=True, hexdump=True)
1767 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1769 self.assertNotEquals(rep.u.alloc_hint, 0)
1770 self.assertEquals(rep.u.context_id, req.u.context_id)
1771 self.assertEquals(rep.u.cancel_count, 0)
1772 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1774 chunk_size = 5840 - dcerpc.DCERPC_REQUEST_LENGTH
1775 req = self.generate_request(call_id=2,
1776 context_id=ctx1.context_id,
1778 alloc_hint=0xffffffff,
1779 stub=b"\00" * chunk_size)
1781 rep = self.recv_pdu()
1782 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1784 self.assertNotEquals(rep.u.alloc_hint, 0)
1785 self.assertEquals(rep.u.context_id, req.u.context_id)
1786 self.assertEquals(rep.u.cancel_count, 0)
1787 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1790 req = self.generate_request(call_id=3,
1791 context_id=ctx1.context_id,
1793 alloc_hint=0xffffffff,
1794 stub=b"\00" * chunk_size)
1796 rep = self.recv_pdu()
1798 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
1800 self.assertNotEquals(rep.u.alloc_hint, 0)
1801 self.assertEquals(rep.u.context_id, 0)
1802 self.assertEquals(rep.u.cancel_count, 0)
1803 self.assertEquals(rep.u.flags, 0)
1804 self.assertEquals(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
1805 self.assertEquals(rep.u.reserved, 0)
1806 self.assertEquals(len(rep.u.error_and_verifier), 0)
1808 # wait for a disconnect
1809 rep = self.recv_pdu()
1810 self.assertIsNone(rep)
1811 self.assertNotConnected()
1813 def test_neg_xmit_ffff_ffff(self):
1814 return self._test_neg_xmit_check_values(req_xmit=0xffff,
1818 def test_neg_xmit_0_ffff(self):
1819 return self._test_neg_xmit_check_values(req_xmit=0,
1825 def test_neg_xmit_ffff_0(self):
1826 return self._test_neg_xmit_check_values(req_xmit=0xffff,
1830 def test_neg_xmit_0_0(self):
1831 return self._test_neg_xmit_check_values(req_xmit=0,
1837 def test_neg_xmit_3199_0(self):
1838 return self._test_neg_xmit_check_values(req_xmit=3199,
1842 def test_neg_xmit_0_3199(self):
1843 return self._test_neg_xmit_check_values(req_xmit=0,
1847 def test_neg_xmit_3199_ffff(self):
1848 return self._test_neg_xmit_check_values(req_xmit=3199,
1852 def test_neg_xmit_ffff_3199(self):
1853 return self._test_neg_xmit_check_values(req_xmit=0xffff,
1857 def test_alloc_hint(self):
1858 ndr32 = base.transfer_syntax_ndr()
1861 ctx = dcerpc.ctx_list()
1863 ctx.num_transfer_syntaxes = len(tsf1_list)
1864 ctx.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
1865 ctx.transfer_syntaxes = tsf1_list
1867 req = self.generate_bind(call_id=0,
1870 rep = self.recv_pdu()
1871 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id,
1873 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
1874 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
1875 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
1876 self.assertEquals(rep.u.secondary_address_size, 4)
1877 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
1878 self.assertEquals(len(rep.u._pad1), 2)
1879 self.assertEquals(rep.u._pad1, b'\0' * 2)
1880 self.assertEquals(rep.u.num_results, 1)
1881 self.assertEquals(rep.u.ctx_list[0].result,
1882 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
1883 self.assertEquals(rep.u.ctx_list[0].reason,
1884 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
1885 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
1886 self.assertEquals(rep.u.auth_info, b'\0' * 0)
1888 # And now try a request without auth_info
1889 req = self.generate_request(call_id=2,
1890 context_id=ctx.context_id,
1892 alloc_hint=0xffffffff,
1895 rep = self.recv_pdu()
1896 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1898 self.assertNotEquals(rep.u.alloc_hint, 0)
1899 self.assertEquals(rep.u.context_id, req.u.context_id)
1900 self.assertEquals(rep.u.cancel_count, 0)
1901 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1903 req = self.generate_request(call_id=3,
1904 context_id=ctx.context_id,
1906 alloc_hint=0xffffffff,
1907 stub=b"\04\00\00\00\00\00\00\00")
1909 rep = self.recv_pdu()
1910 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1912 self.assertNotEquals(rep.u.alloc_hint, 0)
1913 self.assertEquals(rep.u.context_id, req.u.context_id)
1914 self.assertEquals(rep.u.cancel_count, 0)
1915 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1917 req = self.generate_request(call_id=4,
1918 context_id=ctx.context_id,
1921 stub=b"\04\00\00\00\00\00\00\00")
1923 rep = self.recv_pdu()
1924 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
1926 self.assertNotEquals(rep.u.alloc_hint, 0)
1927 self.assertEquals(rep.u.context_id, req.u.context_id)
1928 self.assertEquals(rep.u.cancel_count, 0)
1929 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
1931 def _get_netlogon_ctx(self):
1932 abstract = samba.dcerpc.netlogon.abstract_syntax()
1933 ndr32 = base.transfer_syntax_ndr()
1935 (ctx, ack) = self.prepare_presentation(abstract, ndr32, context_id=0,
1936 epmap=True, return_ack=True)
1938 server = '\\\\' + self.target_hostname
1939 if isinstance(server, binary_type):
1940 server_utf16 = server.decode('utf-8').encode('utf-16-le')
1942 server_utf16 = server.encode('utf-16-le')
1943 computer = 'UNKNOWNCOMPUTER'
1944 if isinstance(server, binary_type):
1945 computer_utf16 = computer.decode('utf-8').encode('utf-16-le')
1947 computer_utf16 = computer.encode('utf-16-le')
1949 real_stub = struct.pack('<IIII', 0x00200000,
1950 len(server) + 1, 0, len(server) + 1)
1951 real_stub += server_utf16 + b'\x00\x00'
1952 mod_len = len(real_stub) % 4
1954 real_stub += b'\x00' * (4 - mod_len)
1955 real_stub += struct.pack('<III',
1956 len(computer) + 1, 0, len(computer) + 1)
1957 real_stub += computer_utf16 + b'\x00\x00'
1958 real_stub += b'\x11\x22\x33\x44\x55\x66\x77\x88'
1960 return (ctx, ack, real_stub)
1962 def _test_fragmented_requests(self, remaining=None, alloc_hint=None,
1963 fault_first=None, fault_last=None):
1964 (ctx, rep, real_stub) = self._get_netlogon_ctx()
1966 chunk = rep.u.max_recv_frag - dcerpc.DCERPC_REQUEST_LENGTH
1970 while remaining > 0:
1971 thistime = min(remaining, chunk)
1972 remaining -= thistime
1977 pfc_flags |= dcerpc.DCERPC_PFC_FLAG_FIRST
1979 stub = real_stub + b'\x00' * (thistime - len(real_stub))
1981 stub = b"\x00" * thistime
1984 pfc_flags |= dcerpc.DCERPC_PFC_FLAG_LAST
1986 # And now try a request without auth_info
1987 # netr_ServerReqChallenge()
1988 req = self.generate_request(call_id=0x21234,
1989 pfc_flags=pfc_flags,
1990 context_id=ctx.context_id,
1992 alloc_hint=alloc_hint,
1994 if alloc_hint >= thistime:
1995 alloc_hint -= thistime
1998 self.send_pdu(req, hexdump=False)
1999 if fault_first is not None:
2000 rep = self.recv_pdu()
2001 # We get a fault back
2002 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
2004 self.assertNotEquals(rep.u.alloc_hint, 0)
2005 self.assertEquals(rep.u.context_id, req.u.context_id)
2006 self.assertEquals(rep.u.cancel_count, 0)
2007 self.assertEquals(rep.u.flags, 0)
2008 self.assertEquals(rep.u.status, fault_first)
2009 self.assertEquals(rep.u.reserved, 0)
2010 self.assertEquals(len(rep.u.error_and_verifier), 0)
2012 # wait for a disconnect
2013 rep = self.recv_pdu()
2014 self.assertIsNone(rep)
2015 self.assertNotConnected()
2019 if total >= 0x400000 and fault_last is not None:
2020 rep = self.recv_pdu()
2021 # We get a fault back
2022 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
2024 self.assertNotEquals(rep.u.alloc_hint, 0)
2025 self.assertEquals(rep.u.context_id, req.u.context_id)
2026 self.assertEquals(rep.u.cancel_count, 0)
2027 self.assertEquals(rep.u.flags, 0)
2028 self.assertEquals(rep.u.status, fault_last)
2029 self.assertEquals(rep.u.reserved, 0)
2030 self.assertEquals(len(rep.u.error_and_verifier), 0)
2032 # wait for a disconnect
2033 rep = self.recv_pdu()
2034 self.assertIsNone(rep)
2035 self.assertNotConnected()
2037 rep = self.recv_pdu(timeout=0.01)
2038 self.assertIsNone(rep)
2039 self.assertIsConnected()
2041 if total >= 0x400000 and fault_last is not None:
2042 rep = self.recv_pdu()
2043 # We get a fault back
2044 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
2046 self.assertNotEquals(rep.u.alloc_hint, 0)
2047 self.assertEquals(rep.u.context_id, req.u.context_id)
2048 self.assertEquals(rep.u.cancel_count, 0)
2049 self.assertEquals(rep.u.flags, 0)
2050 self.assertEquals(rep.u.status, fault_last)
2051 self.assertEquals(rep.u.reserved, 0)
2052 self.assertEquals(len(rep.u.error_and_verifier), 0)
2054 # wait for a disconnect
2055 rep = self.recv_pdu()
2056 self.assertIsNone(rep)
2057 self.assertNotConnected()
2059 rep = self.recv_pdu()
2060 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
2062 self.assertNotEquals(rep.u.alloc_hint, 0)
2063 self.assertEquals(rep.u.context_id, req.u.context_id)
2064 self.assertEquals(rep.u.cancel_count, 0)
2065 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
2067 self.assertEquals(len(rep.u.stub_and_verifier), 12)
2068 status = struct.unpack_from("<I", rep.u.stub_and_verifier, len(rep.u.stub_and_verifier) - 4)
2069 self.assertEquals(status[0], 0)
2071 def test_fragmented_requests01(self):
2072 return self._test_fragmented_requests(remaining=0x400000,
2073 alloc_hint=0x400000)
2075 def test_fragmented_requests02(self):
2076 return self._test_fragmented_requests(remaining=0x400000,
2077 alloc_hint=0x100000)
2079 def test_fragmented_requests03(self):
2080 return self._test_fragmented_requests(remaining=0x400000,
2083 def test_fragmented_requests04(self):
2084 return self._test_fragmented_requests(remaining=0x400000,
2085 alloc_hint=0x400001,
2086 fault_first=dcerpc.DCERPC_FAULT_ACCESS_DENIED)
2088 def test_fragmented_requests05(self):
2089 return self._test_fragmented_requests(remaining=0x500001,
2091 fault_last=dcerpc.DCERPC_FAULT_ACCESS_DENIED)
2093 def _test_same_requests(self, pfc_flags, fault_1st=False, fault_2nd=False):
2094 (ctx, rep, real_stub) = self._get_netlogon_ctx()
2096 # netr_ServerReqChallenge with given flags
2097 req = self.generate_request(call_id=2,
2098 pfc_flags=pfc_flags,
2099 context_id=ctx.context_id,
2104 rep = self.recv_pdu()
2105 # We get a fault back
2106 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
2108 self.assertNotEquals(rep.u.alloc_hint, 0)
2109 self.assertEquals(rep.u.context_id, 0)
2110 self.assertEquals(rep.u.cancel_count, 0)
2111 self.assertEquals(rep.u.flags, 0)
2112 self.assertEquals(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
2113 self.assertEquals(rep.u.reserved, 0)
2114 self.assertEquals(len(rep.u.error_and_verifier), 0)
2116 # wait for a disconnect
2117 rep = self.recv_pdu()
2118 self.assertIsNone(rep)
2119 self.assertNotConnected()
2121 rep = self.recv_pdu(timeout=0.1)
2122 self.assertIsNone(rep)
2123 self.assertIsConnected()
2125 # netr_ServerReqChallenge without DCERPC_PFC_FLAG_LAST
2126 # with the same call_id
2127 req = self.generate_request(call_id=2,
2128 pfc_flags=pfc_flags,
2129 context_id=ctx.context_id,
2134 rep = self.recv_pdu()
2135 # We get a fault back
2136 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
2138 self.assertNotEquals(rep.u.alloc_hint, 0)
2139 self.assertEquals(rep.u.context_id, req.u.context_id)
2140 self.assertEquals(rep.u.cancel_count, 0)
2141 self.assertEquals(rep.u.flags, 0)
2142 self.assertEquals(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
2143 self.assertEquals(rep.u.reserved, 0)
2144 self.assertEquals(len(rep.u.error_and_verifier), 0)
2146 # wait for a disconnect
2147 rep = self.recv_pdu()
2148 self.assertIsNone(rep)
2149 self.assertNotConnected()
2152 rep = self.recv_pdu(timeout=0.1)
2153 self.assertIsNone(rep)
2154 self.assertIsConnected()
2156 def test_first_only_requests(self):
2157 return self._test_same_requests(pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
2160 def test_none_only_requests(self):
2161 return self._test_same_requests(pfc_flags=0, fault_1st=True)
2163 def test_last_only_requests(self):
2164 return self._test_same_requests(pfc_flags=dcerpc.DCERPC_PFC_FLAG_LAST,
2167 def test_first_maybe_requests(self):
2168 return self._test_same_requests(pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
2169 dcerpc.DCERPC_PFC_FLAG_MAYBE,
2172 def test_first_didnot_requests(self):
2173 return self._test_same_requests(pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
2174 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
2177 def test_first_cmpx_requests(self):
2178 return self._test_same_requests(pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
2179 dcerpc.DCERPC_PFC_FLAG_CONC_MPX,
2182 def test_first_08_requests(self):
2183 return self._test_same_requests(pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
2187 def test_first_cancel_requests(self):
2188 (ctx, rep, real_stub) = self._get_netlogon_ctx()
2190 # netr_ServerReqChallenge with given flags
2191 req = self.generate_request(call_id=2,
2192 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
2193 dcerpc.DCERPC_PFC_FLAG_PENDING_CANCEL,
2194 context_id=ctx.context_id,
2198 rep = self.recv_pdu()
2199 # We get a fault back
2200 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
2201 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
2202 dcerpc.DCERPC_PFC_FLAG_LAST |
2203 dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
2205 self.assertNotEquals(rep.u.alloc_hint, 0)
2206 self.assertEquals(rep.u.context_id, 0)
2207 self.assertEquals(rep.u.cancel_count, 0)
2208 self.assertEquals(rep.u.flags, 0)
2209 self.assertEquals(rep.u.status, dcerpc.DCERPC_FAULT_NO_CALL_ACTIVE)
2210 self.assertEquals(rep.u.reserved, 0)
2211 self.assertEquals(len(rep.u.error_and_verifier), 0)
2213 # wait for a disconnect
2214 rep = self.recv_pdu()
2215 self.assertIsNone(rep)
2216 self.assertNotConnected()
2218 def test_2nd_cancel_requests(self):
2219 (ctx, rep, real_stub) = self._get_netlogon_ctx()
2221 # netr_ServerReqChallenge with given flags
2222 req = self.generate_request(call_id=2,
2223 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
2224 context_id=ctx.context_id,
2228 rep = self.recv_pdu(timeout=0.1)
2229 self.assertIsNone(rep)
2230 self.assertIsConnected()
2232 # netr_ServerReqChallenge with given flags
2233 req = self.generate_request(call_id=2,
2234 pfc_flags=dcerpc.DCERPC_PFC_FLAG_PENDING_CANCEL,
2235 context_id=ctx.context_id,
2239 rep = self.recv_pdu(timeout=0.1)
2240 self.assertIsNone(rep)
2241 self.assertIsConnected()
2243 # netr_ServerReqChallenge with given flags
2244 req = self.generate_request(call_id=2,
2245 pfc_flags=dcerpc.DCERPC_PFC_FLAG_LAST,
2246 context_id=ctx.context_id,
2250 rep = self.recv_pdu()
2251 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
2253 self.assertNotEquals(rep.u.alloc_hint, 0)
2254 self.assertEquals(rep.u.context_id, req.u.context_id)
2255 self.assertEquals(rep.u.cancel_count, 0)
2256 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
2258 self.assertEquals(len(rep.u.stub_and_verifier), 12)
2259 status = struct.unpack_from("<I", rep.u.stub_and_verifier, len(rep.u.stub_and_verifier) - 4)
2260 self.assertEquals(status[0], 0)
2262 def test_last_cancel_requests(self):
2263 (ctx, rep, real_stub) = self._get_netlogon_ctx()
2265 # netr_ServerReqChallenge with given flags
2266 req = self.generate_request(call_id=2,
2267 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
2268 context_id=ctx.context_id,
2272 rep = self.recv_pdu(timeout=0.1)
2273 self.assertIsNone(rep)
2274 self.assertIsConnected()
2276 # netr_ServerReqChallenge with given flags
2277 req = self.generate_request(call_id=2,
2278 pfc_flags=dcerpc.DCERPC_PFC_FLAG_LAST |
2279 dcerpc.DCERPC_PFC_FLAG_PENDING_CANCEL,
2280 context_id=ctx.context_id,
2284 rep = self.recv_pdu()
2285 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
2287 self.assertNotEquals(rep.u.alloc_hint, 0)
2288 self.assertEquals(rep.u.context_id, req.u.context_id)
2289 self.assertEquals(rep.u.cancel_count, 0)
2290 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
2292 self.assertEquals(len(rep.u.stub_and_verifier), 12)
2293 status = struct.unpack_from("<I", rep.u.stub_and_verifier, len(rep.u.stub_and_verifier) - 4)
2294 self.assertEquals(status[0], 0)
2296 def test_mix_requests(self):
2297 (ctx, rep, real_stub) = self._get_netlogon_ctx()
2299 # netr_ServerReqChallenge with given flags
2300 req = self.generate_request(call_id=50,
2301 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
2302 context_id=ctx.context_id,
2306 rep = self.recv_pdu(timeout=0.1)
2307 self.assertIsNone(rep)
2308 self.assertIsConnected()
2310 # netr_ServerReqChallenge with given flags
2311 req = self.generate_request(call_id=51,
2312 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
2313 context_id=ctx.context_id,
2317 rep = self.recv_pdu()
2318 # We get a fault back
2319 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, 50,
2320 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST |
2321 dcerpc.DCERPC_PFC_FLAG_LAST,
2323 self.assertNotEquals(rep.u.alloc_hint, 0)
2324 self.assertEquals(rep.u.context_id, req.u.context_id)
2325 self.assertEquals(rep.u.cancel_count, 0)
2326 self.assertEquals(rep.u.flags, 0)
2327 self.assertEquals(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
2328 self.assertEquals(rep.u.reserved, 0)
2329 self.assertEquals(len(rep.u.error_and_verifier), 0)
2331 def test_co_cancel_no_request(self):
2332 ndr32 = base.transfer_syntax_ndr()
2333 abstract = samba.dcerpc.mgmt.abstract_syntax()
2334 ctx = self.prepare_presentation(abstract, ndr32, context_id=0xff)
2336 req = self.generate_co_cancel(call_id=3)
2338 rep = self.recv_pdu(timeout=0.01)
2339 self.assertIsNone(rep)
2340 self.assertIsConnected()
2342 # And now try a request
2343 req = self.generate_request(call_id=1,
2344 context_id=ctx.context_id,
2348 rep = self.recv_pdu()
2349 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
2351 self.assertNotEquals(rep.u.alloc_hint, 0)
2352 self.assertEquals(rep.u.context_id, req.u.context_id)
2353 self.assertEquals(rep.u.cancel_count, 0)
2354 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
2356 def test_co_cancel_request_after_first(self):
2357 ndr32 = base.transfer_syntax_ndr()
2358 abstract = samba.dcerpc.mgmt.abstract_syntax()
2359 ctx = self.prepare_presentation(abstract, ndr32, context_id=0xff)
2361 req = self.generate_request(call_id=1,
2362 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
2363 context_id=ctx.context_id,
2367 rep = self.recv_pdu(timeout=0.01)
2368 self.assertIsNone(rep)
2369 self.assertIsConnected()
2371 req = self.generate_co_cancel(call_id=1)
2373 rep = self.recv_pdu(timeout=0.01)
2374 self.assertIsNone(rep)
2375 self.assertIsConnected()
2377 req = self.generate_request(call_id=1,
2378 pfc_flags=dcerpc.DCERPC_PFC_FLAG_LAST,
2379 context_id=ctx.context_id,
2383 rep = self.recv_pdu()
2384 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
2386 self.assertNotEquals(rep.u.alloc_hint, 0)
2387 self.assertEquals(rep.u.context_id, req.u.context_id)
2388 self.assertEquals(rep.u.cancel_count, 0)
2389 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
2391 # And now try a request
2392 req = self.generate_request(call_id=2,
2393 context_id=ctx.context_id,
2397 rep = self.recv_pdu()
2398 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
2400 self.assertNotEquals(rep.u.alloc_hint, 0)
2401 self.assertEquals(rep.u.context_id, req.u.context_id)
2402 self.assertEquals(rep.u.cancel_count, 0)
2403 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
2405 def test_orphaned_no_request(self):
2406 ndr32 = base.transfer_syntax_ndr()
2407 abstract = samba.dcerpc.mgmt.abstract_syntax()
2408 ctx = self.prepare_presentation(abstract, ndr32)
2410 req = self.generate_orphaned(call_id=3)
2412 rep = self.recv_pdu(timeout=0.01)
2413 self.assertIsNone(rep)
2414 self.assertIsConnected()
2416 # And now try a request
2417 req = self.generate_request(call_id=1,
2418 context_id=ctx.context_id,
2422 rep = self.recv_pdu()
2423 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
2425 self.assertNotEquals(rep.u.alloc_hint, 0)
2426 self.assertEquals(rep.u.context_id, req.u.context_id & 0xff)
2427 self.assertEquals(rep.u.cancel_count, 0)
2428 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
2430 def test_orphaned_request_after_first_last(self):
2431 ndr32 = base.transfer_syntax_ndr()
2432 abstract = samba.dcerpc.mgmt.abstract_syntax()
2433 ctx = self.prepare_presentation(abstract, ndr32)
2435 req = self.generate_request(call_id=1,
2436 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
2437 context_id=ctx.context_id,
2441 rep = self.recv_pdu(timeout=0.1)
2442 self.assertIsNone(rep)
2443 self.assertIsConnected()
2445 req = self.generate_orphaned(call_id=1)
2447 rep = self.recv_pdu(timeout=0.1)
2448 self.assertIsNone(rep)
2449 self.assertIsConnected()
2451 req = self.generate_request(call_id=1,
2452 pfc_flags=dcerpc.DCERPC_PFC_FLAG_LAST,
2453 context_id=ctx.context_id,
2457 rep = self.recv_pdu()
2458 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
2460 self.assertNotEquals(rep.u.alloc_hint, 0)
2461 self.assertEquals(rep.u.context_id, req.u.context_id & 0xff)
2462 self.assertEquals(rep.u.cancel_count, 0)
2463 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
2465 # And now try a request
2466 req = self.generate_request(call_id=2,
2467 context_id=ctx.context_id,
2471 rep = self.recv_pdu()
2472 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
2474 self.assertNotEquals(rep.u.alloc_hint, 0)
2475 self.assertEquals(rep.u.context_id, req.u.context_id & 0xff)
2476 self.assertEquals(rep.u.cancel_count, 0)
2477 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
2479 def test_orphaned_request_after_first_mpx_last(self):
2480 ndr32 = base.transfer_syntax_ndr()
2481 abstract = samba.dcerpc.mgmt.abstract_syntax()
2483 pfc_flags = samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_FIRST
2484 pfc_flags |= samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_LAST
2485 pfc_flags |= samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_CONC_MPX
2486 ctx = self.prepare_presentation(abstract, ndr32, pfc_flags=pfc_flags)
2488 req = self.generate_request(call_id=1,
2489 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
2490 context_id=ctx.context_id,
2494 rep = self.recv_pdu(timeout=0.1)
2495 self.assertIsNone(rep)
2496 self.assertIsConnected()
2498 req = self.generate_orphaned(call_id=1)
2500 rep = self.recv_pdu(timeout=0.1)
2501 self.assertIsNone(rep)
2502 self.assertIsConnected()
2504 req = self.generate_request(call_id=1,
2505 pfc_flags=dcerpc.DCERPC_PFC_FLAG_LAST,
2506 context_id=ctx.context_id,
2510 rep = self.recv_pdu()
2511 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
2513 self.assertNotEquals(rep.u.alloc_hint, 0)
2514 self.assertEquals(rep.u.context_id, req.u.context_id & 0xff)
2515 self.assertEquals(rep.u.cancel_count, 0)
2516 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
2518 # And now try a request
2519 req = self.generate_request(call_id=2,
2520 context_id=ctx.context_id,
2524 rep = self.recv_pdu()
2525 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
2527 self.assertNotEquals(rep.u.alloc_hint, 0)
2528 self.assertEquals(rep.u.context_id, req.u.context_id & 0xff)
2529 self.assertEquals(rep.u.cancel_count, 0)
2530 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
2532 def test_orphaned_request_after_first_no_last(self):
2533 ndr32 = base.transfer_syntax_ndr()
2534 abstract = samba.dcerpc.mgmt.abstract_syntax()
2535 ctx = self.prepare_presentation(abstract, ndr32)
2537 req1 = self.generate_request(call_id=1,
2538 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
2539 context_id=ctx.context_id,
2543 rep = self.recv_pdu(timeout=0.1)
2544 self.assertIsNone(rep)
2545 self.assertIsConnected()
2547 req = self.generate_orphaned(call_id=1)
2549 rep = self.recv_pdu(timeout=0.1)
2550 self.assertIsNone(rep)
2551 self.assertIsConnected()
2553 # And now try a new request
2554 req2 = self.generate_request(call_id=2,
2555 context_id=ctx.context_id,
2559 rep = self.recv_pdu()
2560 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req1.call_id,
2562 self.assertNotEquals(rep.u.alloc_hint, 0)
2563 self.assertEquals(rep.u.context_id, req1.u.context_id)
2564 self.assertEquals(rep.u.cancel_count, 0)
2565 self.assertEquals(rep.u.flags, 0)
2566 self.assertEquals(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
2567 self.assertEquals(rep.u.reserved, 0)
2568 self.assertEquals(len(rep.u.error_and_verifier), 0)
2570 # wait for a disconnect
2571 rep = self.recv_pdu()
2572 self.assertIsNone(rep)
2573 self.assertNotConnected()
2575 def test_orphaned_request_after_first_mpx_no_last(self):
2576 ndr32 = base.transfer_syntax_ndr()
2577 abstract = samba.dcerpc.mgmt.abstract_syntax()
2579 pfc_flags = samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_FIRST
2580 pfc_flags |= samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_LAST
2581 pfc_flags |= samba.dcerpc.dcerpc.DCERPC_PFC_FLAG_CONC_MPX
2582 ctx = self.prepare_presentation(abstract, ndr32,
2583 pfc_flags=pfc_flags)
2585 req1 = self.generate_request(call_id=1,
2586 pfc_flags=dcerpc.DCERPC_PFC_FLAG_FIRST,
2587 context_id=ctx.context_id,
2591 rep = self.recv_pdu(timeout=0.1)
2592 self.assertIsNone(rep)
2593 self.assertIsConnected()
2595 req = self.generate_orphaned(call_id=1)
2597 rep = self.recv_pdu(timeout=0.1)
2598 self.assertIsNone(rep)
2599 self.assertIsConnected()
2601 # And now try a new request
2602 req2 = self.generate_request(call_id=2,
2603 context_id=ctx.context_id - 1,
2607 rep = self.recv_pdu()
2608 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req2.call_id,
2610 self.assertNotEquals(rep.u.alloc_hint, 0)
2611 self.assertEquals(rep.u.context_id, 0)
2612 self.assertEquals(rep.u.cancel_count, 0)
2613 self.assertEquals(rep.u.flags, 0)
2614 self.assertEquals(rep.u.status, dcerpc.DCERPC_NCA_S_PROTO_ERROR)
2615 self.assertEquals(rep.u.reserved, 0)
2616 self.assertEquals(len(rep.u.error_and_verifier), 0)
2618 # wait for a disconnect
2619 rep = self.recv_pdu()
2620 self.assertIsNone(rep)
2621 self.assertNotConnected()
2623 def test_spnego_connect_request(self):
2624 ndr32 = base.transfer_syntax_ndr()
2627 ctx1 = dcerpc.ctx_list()
2629 ctx1.num_transfer_syntaxes = len(tsf1_list)
2630 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
2631 ctx1.transfer_syntaxes = tsf1_list
2634 c = self.get_anon_creds()
2635 g = gensec.Security.start_client(self.settings)
2636 g.set_credentials(c)
2637 g.want_feature(gensec.FEATURE_DCE_STYLE)
2638 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
2639 auth_level = dcerpc.DCERPC_AUTH_LEVEL_CONNECT
2641 g.start_mech_by_authtype(auth_type, auth_level)
2643 (finished, to_server) = g.update(from_server)
2644 self.assertFalse(finished)
2646 auth_info = self.generate_auth(auth_type=auth_type,
2647 auth_level=auth_level,
2648 auth_context_id=auth_context_id,
2649 auth_blob=to_server)
2651 req = self.generate_bind(call_id=0,
2653 auth_info=auth_info)
2656 rep = self.recv_pdu()
2657 self.verify_pdu(rep, dcerpc.DCERPC_PKT_BIND_ACK, req.call_id)
2658 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
2659 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
2660 self.assertNotEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
2661 self.assertEquals(rep.u.secondary_address_size, 4)
2662 self.assertEquals(rep.u.secondary_address, "%d" % self.tcp_port)
2663 self.assertEquals(len(rep.u._pad1), 2)
2664 self.assertEquals(rep.u._pad1, b'\0' * 2)
2665 self.assertEquals(rep.u.num_results, 1)
2666 self.assertEquals(rep.u.ctx_list[0].result,
2667 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
2668 self.assertEquals(rep.u.ctx_list[0].reason,
2669 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
2670 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
2671 self.assertNotEquals(len(rep.u.auth_info), 0)
2672 a = self.parse_auth(rep.u.auth_info)
2674 from_server = a.credentials
2675 (finished, to_server) = g.update(from_server)
2676 self.assertFalse(finished)
2678 auth_info = self.generate_auth(auth_type=auth_type,
2679 auth_level=auth_level,
2680 auth_context_id=auth_context_id,
2681 auth_blob=to_server)
2683 req = self.generate_alter(call_id=0,
2685 assoc_group_id=rep.u.assoc_group_id,
2686 auth_info=auth_info)
2689 rep = self.recv_pdu()
2690 self.verify_pdu(rep, dcerpc.DCERPC_PKT_ALTER_RESP, req.call_id)
2691 self.assertEquals(rep.u.max_xmit_frag, req.u.max_xmit_frag)
2692 self.assertEquals(rep.u.max_recv_frag, req.u.max_recv_frag)
2693 self.assertEquals(rep.u.assoc_group_id, req.u.assoc_group_id)
2694 self.assertEquals(rep.u.secondary_address_size, 0)
2695 self.assertEquals(len(rep.u._pad1), 2)
2696 # Windows sends garbage
2697 #self.assertEquals(rep.u._pad1, '\0' * 2)
2698 self.assertEquals(rep.u.num_results, 1)
2699 self.assertEquals(rep.u.ctx_list[0].result,
2700 dcerpc.DCERPC_BIND_ACK_RESULT_ACCEPTANCE)
2701 self.assertEquals(rep.u.ctx_list[0].reason,
2702 dcerpc.DCERPC_BIND_ACK_REASON_NOT_SPECIFIED)
2703 self.assertNDRSyntaxEquals(rep.u.ctx_list[0].syntax, ndr32)
2704 self.assertNotEquals(len(rep.u.auth_info), 0)
2705 a = self.parse_auth(rep.u.auth_info)
2707 from_server = a.credentials
2708 (finished, to_server) = g.update(from_server)
2709 self.assertTrue(finished)
2711 # And now try a request without auth_info
2712 req = self.generate_request(call_id=2,
2713 context_id=ctx1.context_id,
2717 rep = self.recv_pdu()
2718 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
2720 self.assertNotEquals(rep.u.alloc_hint, 0)
2721 self.assertEquals(rep.u.context_id, req.u.context_id & 0xff)
2722 self.assertEquals(rep.u.cancel_count, 0)
2723 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
2725 # Now a request with auth_info DCERPC_AUTH_LEVEL_CONNECT
2726 auth_info = self.generate_auth(auth_type=auth_type,
2727 auth_level=auth_level,
2728 auth_context_id=auth_context_id,
2729 auth_blob=b"\x01" +b"\x00" *15)
2730 req = self.generate_request(call_id=3,
2731 context_id=ctx1.context_id,
2734 auth_info=auth_info)
2736 rep = self.recv_pdu()
2737 # We don't get an auth_info back
2738 self.verify_pdu(rep, dcerpc.DCERPC_PKT_RESPONSE, req.call_id,
2740 self.assertNotEquals(rep.u.alloc_hint, 0)
2741 self.assertEquals(rep.u.context_id, req.u.context_id & 0xff)
2742 self.assertEquals(rep.u.cancel_count, 0)
2743 self.assertGreaterEqual(len(rep.u.stub_and_verifier), rep.u.alloc_hint)
2745 # Now a request with auth_info DCERPC_AUTH_LEVEL_INTEGRITY
2746 auth_info = self.generate_auth(auth_type=auth_type,
2747 auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
2748 auth_context_id=auth_context_id,
2749 auth_blob=b"\x01" + b"\x00" * 15)
2750 req = self.generate_request(call_id=4,
2751 context_id=ctx1.context_id,
2754 auth_info=auth_info)
2756 rep = self.recv_pdu()
2757 # We get a fault back
2758 self.verify_pdu(rep, dcerpc.DCERPC_PKT_FAULT, req.call_id,
2760 self.assertNotEquals(rep.u.alloc_hint, 0)
2761 self.assertEquals(rep.u.context_id, req.u.context_id)
2762 self.assertEquals(rep.u.cancel_count, 0)
2763 self.assertEquals(rep.u.flags, 0)
2764 self.assertEquals(rep.u.status, dcerpc.DCERPC_FAULT_ACCESS_DENIED)
2765 self.assertEquals(rep.u.reserved, 0)
2766 self.assertEquals(len(rep.u.error_and_verifier), 0)
2768 # wait for a disconnect
2769 rep = self.recv_pdu()
2770 self.assertIsNone(rep)
2771 self.assertNotConnected()
2773 def test_spnego_integrity_request(self):
2774 ndr32 = base.transfer_syntax_ndr()
2777 ctx1 = dcerpc.ctx_list()
2779 ctx1.num_transfer_syntaxes = len(tsf1_list)
2780 ctx1.abstract_syntax = samba.dcerpc.mgmt.abstract_syntax()
2781 ctx1.transfer_syntaxes = tsf1_list
2784 c = self.get_anon_creds()
2785 g = gensec.Security.start_client(self.settings)
2786 g.set_credentials(c)
2787 g.want_feature(gensec.FEATURE_DCE_STYLE)
2788 auth_type = dcerpc.DCERPC_AUTH_TYPE_SPNEGO
2789 auth_level = dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY
2791 g.start_mech_by_authtype(auth_type, auth_level)
2793 (finished, to_server) = g.update(from_server)
2794 self.assertFalse(finished)
2796 auth_info = self.generate_auth(auth_type=auth_type,
2797 auth_level=auth_level,
git.samba.org / bbaumbach / samba-autobuild / .git / blob