2 Unix SMB/CIFS implementation.
4 DsGetNCChanges replication test
6 Copyright (C) Stefan (metze) Metzmacher 2005
7 Copyright (C) Brad Henry 2005
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "lib/cmdline/popt_common.h"
25 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
26 #include "librpc/gen_ndr/ndr_drsblobs.h"
27 #include "libcli/cldap/cldap.h"
28 #include "libcli/ldap/ldap_client.h"
29 #include "torture/torture.h"
30 #include "torture/ldap/proto.h"
31 #include "libcli/auth/libcli_auth.h"
32 #include "../lib/crypto/crypto.h"
33 #include "auth/credentials/credentials.h"
34 #include "libcli/auth/libcli_auth.h"
35 #include "auth/gensec/gensec.h"
36 #include "param/param.h"
37 #include "dsdb/samdb/samdb.h"
39 struct DsSyncBindInfo {
40 struct dcerpc_pipe *pipe;
41 struct drsuapi_DsBind req;
42 struct GUID bind_guid;
43 struct drsuapi_DsBindInfoCtr our_bind_info_ctr;
44 struct drsuapi_DsBindInfo28 our_bind_info28;
45 struct drsuapi_DsBindInfo28 peer_bind_info28;
46 struct policy_handle bind_handle;
49 struct DsSyncLDAPInfo {
50 struct ldap_connection *conn;
54 struct dcerpc_binding *drsuapi_binding;
57 const char *site_name;
59 const char *domain_dn;
61 /* what we need to do as 'Administrator' */
63 struct cli_credentials *credentials;
64 struct DsSyncBindInfo drsuapi;
65 struct DsSyncLDAPInfo ldap;
68 /* what we need to do as the new dc machine account */
70 struct cli_credentials *credentials;
71 struct DsSyncBindInfo drsuapi;
72 struct drsuapi_DsGetDCInfo2 dc_info2;
73 struct GUID invocation_id;
74 struct GUID object_guid;
77 /* info about the old dc */
79 struct drsuapi_DsGetDomainControllerInfo dc_info;
83 static struct DsSyncTest *test_create_context(struct torture_context *tctx)
86 struct DsSyncTest *ctx;
87 struct drsuapi_DsBindInfo28 *our_bind_info28;
88 struct drsuapi_DsBindInfoCtr *our_bind_info_ctr;
89 const char *binding = torture_setting_string(tctx, "binding", NULL);
90 ctx = talloc_zero(tctx, struct DsSyncTest);
91 if (!ctx) return NULL;
93 status = dcerpc_parse_binding(ctx, binding, &ctx->drsuapi_binding);
94 if (!NT_STATUS_IS_OK(status)) {
95 printf("Bad binding string %s\n", binding);
98 ctx->drsuapi_binding->flags |= DCERPC_SIGN | DCERPC_SEAL;
100 ctx->ldap_url = talloc_asprintf(ctx, "ldap://%s/", ctx->drsuapi_binding->host);
103 ctx->admin.credentials = cmdline_credentials;
105 our_bind_info28 = &ctx->admin.drsuapi.our_bind_info28;
106 our_bind_info28->supported_extensions = 0xFFFFFFFF;
107 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
108 our_bind_info28->site_guid = GUID_zero();
109 our_bind_info28->pid = 0;
110 our_bind_info28->repl_epoch = 1;
112 our_bind_info_ctr = &ctx->admin.drsuapi.our_bind_info_ctr;
113 our_bind_info_ctr->length = 28;
114 our_bind_info_ctr->info.info28 = *our_bind_info28;
116 GUID_from_string(DRSUAPI_DS_BIND_GUID, &ctx->admin.drsuapi.bind_guid);
118 ctx->admin.drsuapi.req.in.bind_guid = &ctx->admin.drsuapi.bind_guid;
119 ctx->admin.drsuapi.req.in.bind_info = our_bind_info_ctr;
120 ctx->admin.drsuapi.req.out.bind_handle = &ctx->admin.drsuapi.bind_handle;
123 ctx->new_dc.credentials = cmdline_credentials;
125 our_bind_info28 = &ctx->new_dc.drsuapi.our_bind_info28;
126 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_BASE;
127 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION;
128 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI;
129 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2;
130 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS;
131 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1;
132 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION;
133 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE;
134 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2;
135 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION;
136 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2;
137 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD;
138 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND;
139 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO;
140 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION;
141 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01;
142 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP;
143 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY;
144 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3;
145 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2;
146 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6;
147 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS;
148 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8;
149 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5;
150 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6;
151 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
152 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
153 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
154 if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "xpress", false)) {
155 our_bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
157 our_bind_info28->site_guid = GUID_zero();
158 our_bind_info28->pid = 0;
159 our_bind_info28->repl_epoch = 0;
161 our_bind_info_ctr = &ctx->new_dc.drsuapi.our_bind_info_ctr;
162 our_bind_info_ctr->length = 28;
163 our_bind_info_ctr->info.info28 = *our_bind_info28;
165 GUID_from_string(DRSUAPI_DS_BIND_GUID_W2K3, &ctx->new_dc.drsuapi.bind_guid);
167 ctx->new_dc.drsuapi.req.in.bind_guid = &ctx->new_dc.drsuapi.bind_guid;
168 ctx->new_dc.drsuapi.req.in.bind_info = our_bind_info_ctr;
169 ctx->new_dc.drsuapi.req.out.bind_handle = &ctx->new_dc.drsuapi.bind_handle;
171 ctx->new_dc.invocation_id = ctx->new_dc.drsuapi.bind_guid;
178 static bool _test_DsBind(struct torture_context *tctx,
179 struct DsSyncTest *ctx, struct cli_credentials *credentials, struct DsSyncBindInfo *b)
184 status = dcerpc_pipe_connect_b(ctx,
185 &b->pipe, ctx->drsuapi_binding,
187 credentials, tctx->ev, tctx->lp_ctx);
189 if (!NT_STATUS_IS_OK(status)) {
190 printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status));
194 status = dcerpc_drsuapi_DsBind(b->pipe, ctx, &b->req);
195 if (!NT_STATUS_IS_OK(status)) {
196 const char *errstr = nt_errstr(status);
197 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
198 errstr = dcerpc_errstr(ctx, b->pipe->last_fault_code);
200 printf("dcerpc_drsuapi_DsBind failed - %s\n", errstr);
202 } else if (!W_ERROR_IS_OK(b->req.out.result)) {
203 printf("DsBind failed - %s\n", win_errstr(b->req.out.result));
207 ZERO_STRUCT(b->peer_bind_info28);
208 if (b->req.out.bind_info) {
209 switch (b->req.out.bind_info->length) {
211 struct drsuapi_DsBindInfo24 *info24;
212 info24 = &b->req.out.bind_info->info.info24;
213 b->peer_bind_info28.supported_extensions= info24->supported_extensions;
214 b->peer_bind_info28.site_guid = info24->site_guid;
215 b->peer_bind_info28.pid = info24->pid;
216 b->peer_bind_info28.repl_epoch = 0;
220 struct drsuapi_DsBindInfo48 *info48;
221 info48 = &b->req.out.bind_info->info.info48;
222 b->peer_bind_info28.supported_extensions= info48->supported_extensions;
223 b->peer_bind_info28.site_guid = info48->site_guid;
224 b->peer_bind_info28.pid = info48->pid;
225 b->peer_bind_info28.repl_epoch = info48->repl_epoch;
229 b->peer_bind_info28 = b->req.out.bind_info->info.info28;
232 printf("DsBind - warning: unknown BindInfo length: %u\n",
233 b->req.out.bind_info->length);
240 static bool test_LDAPBind(struct torture_context *tctx, struct DsSyncTest *ctx,
241 struct cli_credentials *credentials, struct DsSyncLDAPInfo *l)
246 status = torture_ldap_connection(tctx, &l->conn, ctx->ldap_url);
247 if (!NT_STATUS_IS_OK(status)) {
248 printf("failed to connect to LDAP: %s\n", ctx->ldap_url);
252 printf("connected to LDAP: %s\n", ctx->ldap_url);
254 status = torture_ldap_bind_sasl(l->conn, credentials, tctx->lp_ctx);
255 if (!NT_STATUS_IS_OK(status)) {
256 printf("failed to bind to LDAP:\n");
259 printf("bound to LDAP.\n");
264 static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx)
267 struct drsuapi_DsCrackNames r;
268 union drsuapi_DsNameRequest req;
269 union drsuapi_DsNameCtr ctr;
270 int32_t level_out = 0;
271 struct drsuapi_DsNameString names[1];
273 struct cldap_socket *cldap;
274 struct cldap_netlogon search;
276 status = cldap_socket_init(ctx, NULL, NULL, NULL, &cldap);
277 if (!NT_STATUS_IS_OK(status)) {
278 printf("failed to setup cldap socket - %s\n",
283 r.in.bind_handle = &ctx->admin.drsuapi.bind_handle;
286 r.in.req->req1.codepage = 1252; /* western european */
287 r.in.req->req1.language = 0x00000407; /* german */
288 r.in.req->req1.count = 1;
289 r.in.req->req1.names = names;
290 r.in.req->req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
291 r.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
292 r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
293 names[0].str = talloc_asprintf(ctx, "%s\\", lp_workgroup(tctx->lp_ctx));
295 r.out.level_out = &level_out;
298 status = dcerpc_drsuapi_DsCrackNames(ctx->admin.drsuapi.pipe, ctx, &r);
299 if (!NT_STATUS_IS_OK(status)) {
300 const char *errstr = nt_errstr(status);
301 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
302 errstr = dcerpc_errstr(ctx, ctx->admin.drsuapi.pipe->last_fault_code);
304 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
306 } else if (!W_ERROR_IS_OK(r.out.result)) {
307 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
311 ctx->domain_dn = r.out.ctr->ctr1->array[0].result_name;
314 search.in.dest_address = ctx->drsuapi_binding->host;
315 search.in.dest_port = lp_cldap_port(tctx->lp_ctx);
316 search.in.acct_control = -1;
317 search.in.version = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX;
318 search.in.map_response = true;
319 status = cldap_netlogon(cldap, lp_iconv_convenience(tctx->lp_ctx), ctx, &search);
320 if (!NT_STATUS_IS_OK(status)) {
321 const char *errstr = nt_errstr(status);
322 ctx->site_name = talloc_asprintf(ctx, "%s", "Default-First-Site-Name");
323 printf("cldap_netlogon() returned %s. Defaulting to Site-Name: %s\n", errstr, ctx->site_name);
325 ctx->site_name = talloc_steal(ctx, search.out.netlogon.data.nt5_ex.client_site);
326 printf("cldap_netlogon() returned Client Site-Name: %s.\n",ctx->site_name);
327 printf("cldap_netlogon() returned Server Site-Name: %s.\n",search.out.netlogon.data.nt5_ex.server_site);
330 if (!ctx->domain_dn) {
331 struct ldb_context *ldb = ldb_init(ctx, tctx->ev);
332 struct ldb_dn *dn = samdb_dns_domain_to_dn(ldb, ctx, search.out.netlogon.data.nt5_ex.dns_domain);
333 ctx->domain_dn = ldb_dn_alloc_linearized(ctx, dn);
341 static DATA_BLOB decrypt_blob(TALLOC_CTX *mem_ctx,
342 const DATA_BLOB *gensec_skey,
344 struct drsuapi_DsReplicaObjectIdentifier *id,
346 const DATA_BLOB *buffer)
348 DATA_BLOB confounder;
349 DATA_BLOB enc_buffer;
351 struct MD5Context md5;
352 uint8_t _enc_key[16];
355 DATA_BLOB dec_buffer;
357 uint32_t crc32_given;
359 DATA_BLOB checked_buffer;
361 DATA_BLOB plain_buffer;
364 * the combination "c[3] s[1] e[1] d[0]..."
365 * was successful!!!!!!!!!!!!!!!!!!!!!!!!!!
369 * the first 16 bytes at the beginning are the confounder
370 * followed by the 4 byte crc32 checksum
372 if (buffer->length < 20) {
373 return data_blob_const(NULL, 0);
375 confounder = data_blob_const(buffer->data, 16);
376 enc_buffer = data_blob_const(buffer->data + 16, buffer->length - 16);
379 * build the encryption key md5 over the session key followed
382 * here the gensec session key is used and
383 * not the dcerpc ncacn_ip_tcp "SystemLibraryDTC" key!
385 enc_key = data_blob_const(_enc_key, sizeof(_enc_key));
387 MD5Update(&md5, gensec_skey->data, gensec_skey->length);
388 MD5Update(&md5, confounder.data, confounder.length);
389 MD5Final(enc_key.data, &md5);
392 * copy the encrypted buffer part and
393 * decrypt it using the created encryption key using arcfour
395 dec_buffer = data_blob_talloc(mem_ctx, enc_buffer.data, enc_buffer.length);
396 if (!dec_buffer.data) {
397 return data_blob_const(NULL, 0);
399 arcfour_crypt_blob(dec_buffer.data, dec_buffer.length, &enc_key);
402 * the first 4 byte are the crc32 checksum
403 * of the remaining bytes
405 crc32_given = IVAL(dec_buffer.data, 0);
406 crc32_calc = crc32_calc_buffer(dec_buffer.data + 4 , dec_buffer.length - 4);
407 if (crc32_given != crc32_calc) {
408 DEBUG(0,("CRC32: given[0x%08X] calc[0x%08X]\n",
409 crc32_given, crc32_calc));
410 return data_blob_const(NULL, 0);
412 checked_buffer = data_blob_talloc(mem_ctx, dec_buffer.data + 4, dec_buffer.length - 4);
413 if (!checked_buffer.data) {
414 return data_blob_const(NULL, 0);
418 * some attributes seem to be in a usable form after this decryption
419 * (supplementalCredentials, priorValue, currentValue, trustAuthOutgoing,
420 * trustAuthIncoming, initialAuthOutgoing, initialAuthIncoming)
421 * At least supplementalCredentials contains plaintext
422 * like "Primary:Kerberos" (in unicode form)
424 * some attributes seem to have some additional encryption
425 * dBCSPwd, unicodePwd, ntPwdHistory, lmPwdHistory
427 * it's the sam_rid_crypt() function, as the value is constant,
428 * so it doesn't depend on sessionkeys.
431 uint32_t i, num_hashes;
433 if ((checked_buffer.length % 16) != 0) {
434 return data_blob_const(NULL, 0);
437 plain_buffer = data_blob_talloc(mem_ctx, checked_buffer.data, checked_buffer.length);
438 if (!plain_buffer.data) {
439 return data_blob_const(NULL, 0);
442 num_hashes = plain_buffer.length / 16;
443 for (i = 0; i < num_hashes; i++) {
444 uint32_t offset = i * 16;
445 sam_rid_crypt(rid, checked_buffer.data + offset, plain_buffer.data + offset, 0);
448 plain_buffer = checked_buffer;
454 static void test_analyse_objects(struct torture_context *tctx,
455 struct DsSyncTest *ctx,
456 const DATA_BLOB *gensec_skey,
457 struct drsuapi_DsReplicaObjectListItemEx *cur)
459 static uint32_t object_id;
460 const char *save_values_dir;
462 if (!lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "print_pwd_blobs", false)) {
466 save_values_dir = lp_parm_string(tctx->lp_ctx, NULL, "dssync", "save_pwd_blobs_dir");
468 for (; cur; cur = cur->next_object) {
470 struct dom_sid *sid = NULL;
472 bool dn_printed = false;
475 if (!cur->object.identifier) continue;
477 dn = cur->object.identifier->dn;
478 if (cur->object.identifier->sid.num_auths > 0) {
479 sid = &cur->object.identifier->sid;
480 rid = sid->sub_auths[sid->num_auths - 1];
483 for (i=0; i < cur->object.attribute_ctr.num_attributes; i++) {
484 const char *name = NULL;
486 DATA_BLOB *enc_data = NULL;
487 DATA_BLOB plain_data;
488 struct drsuapi_DsReplicaAttribute *attr;
489 ndr_pull_flags_fn_t pull_fn = NULL;
490 ndr_print_fn_t print_fn = NULL;
492 attr = &cur->object.attribute_ctr.attributes[i];
494 switch (attr->attid) {
495 case DRSUAPI_ATTRIBUTE_dBCSPwd:
499 case DRSUAPI_ATTRIBUTE_unicodePwd:
503 case DRSUAPI_ATTRIBUTE_ntPwdHistory:
504 name = "ntPwdHistory";
507 case DRSUAPI_ATTRIBUTE_lmPwdHistory:
508 name = "lmPwdHistory";
511 case DRSUAPI_ATTRIBUTE_supplementalCredentials:
512 name = "supplementalCredentials";
513 pull_fn = (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob;
514 print_fn = (ndr_print_fn_t)ndr_print_supplementalCredentialsBlob;
515 ptr = talloc(ctx, struct supplementalCredentialsBlob);
517 case DRSUAPI_ATTRIBUTE_priorValue:
520 case DRSUAPI_ATTRIBUTE_currentValue:
521 name = "currentValue";
523 case DRSUAPI_ATTRIBUTE_trustAuthOutgoing:
524 name = "trustAuthOutgoing";
525 pull_fn = (ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob;
526 print_fn = (ndr_print_fn_t)ndr_print_trustAuthInOutBlob;
527 ptr = talloc(ctx, struct trustAuthInOutBlob);
529 case DRSUAPI_ATTRIBUTE_trustAuthIncoming:
530 name = "trustAuthIncoming";
531 pull_fn = (ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob;
532 print_fn = (ndr_print_fn_t)ndr_print_trustAuthInOutBlob;
533 ptr = talloc(ctx, struct trustAuthInOutBlob);
535 case DRSUAPI_ATTRIBUTE_initialAuthOutgoing:
536 name = "initialAuthOutgoing";
538 case DRSUAPI_ATTRIBUTE_initialAuthIncoming:
539 name = "initialAuthIncoming";
545 if (attr->value_ctr.num_values != 1) continue;
547 if (!attr->value_ctr.values[0].blob) continue;
549 enc_data = attr->value_ctr.values[0].blob;
550 ZERO_STRUCT(plain_data);
552 plain_data = decrypt_blob(ctx, gensec_skey, rcrypt,
553 cur->object.identifier, rid,
557 DEBUG(0,("DN[%u] %s\n", object_id, dn));
560 DEBUGADD(0,("ATTR: %s enc.length=%lu plain.length=%lu\n",
561 name, (long)enc_data->length, (long)plain_data.length));
562 if (plain_data.length) {
563 enum ndr_err_code ndr_err;
564 dump_data(0, plain_data.data, plain_data.length);
565 if (save_values_dir) {
567 fname = talloc_asprintf(ctx, "%s/%s%02d",
572 ok = file_save(fname, plain_data.data, plain_data.length);
574 DEBUGADD(0,("Failed to save '%s'\n", fname));
581 /* Can't use '_all' because of PIDL bugs with relative pointers */
582 ndr_err = ndr_pull_struct_blob(&plain_data, ptr,
583 lp_iconv_convenience(tctx->lp_ctx), ptr,
585 if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
586 ndr_print_debug(print_fn, name, ptr);
588 DEBUG(0, ("Failed to decode %s\n", name));
592 dump_data(0, enc_data->data, enc_data->length);
599 static bool test_FetchData(struct torture_context *tctx, struct DsSyncTest *ctx)
604 uint64_t highest_usn = 0;
605 const char *partition = NULL;
606 struct drsuapi_DsGetNCChanges r;
607 union drsuapi_DsGetNCChangesRequest req;
608 struct drsuapi_DsReplicaObjectIdentifier nc;
609 struct drsuapi_DsGetNCChangesCtr1 *ctr1 = NULL;
610 struct drsuapi_DsGetNCChangesCtr6 *ctr6 = NULL;
611 int32_t out_level = 0;
612 struct GUID null_guid;
613 struct dom_sid null_sid;
614 DATA_BLOB gensec_skey;
626 ZERO_STRUCT(null_guid);
627 ZERO_STRUCT(null_sid);
629 partition = lp_parm_string(tctx->lp_ctx, NULL, "dssync", "partition");
630 if (partition == NULL) {
631 partition = ctx->domain_dn;
632 printf("dssync:partition not specified, defaulting to %s.\n", ctx->domain_dn);
635 highest_usn = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "highest_usn", 0);
637 array[0].level = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "get_nc_changes_level", array[0].level);
639 if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "print_pwd_blobs", false)) {
640 const struct samr_Password *nthash;
641 nthash = cli_credentials_get_nt_hash(ctx->new_dc.credentials, ctx);
643 dump_data_pw("CREDENTIALS nthash:", nthash->hash, sizeof(nthash->hash));
646 status = gensec_session_key(ctx->new_dc.drsuapi.pipe->conn->security_state.generic_state,
648 if (!NT_STATUS_IS_OK(status)) {
649 printf("failed to get gensec session key: %s\n", nt_errstr(status));
653 for (i=0; i < ARRAY_SIZE(array); i++) {
654 printf("testing DsGetNCChanges level %d\n",
657 r.in.bind_handle = &ctx->new_dc.drsuapi.bind_handle;
658 r.in.level = array[i].level;
660 switch (r.in.level) {
667 r.in.req->req5.destination_dsa_guid = ctx->new_dc.invocation_id;
668 r.in.req->req5.source_dsa_invocation_id = null_guid;
669 r.in.req->req5.naming_context = &nc;
670 r.in.req->req5.highwatermark.tmp_highest_usn = highest_usn;
671 r.in.req->req5.highwatermark.reserved_usn = 0;
672 r.in.req->req5.highwatermark.highest_usn = highest_usn;
673 r.in.req->req5.uptodateness_vector = NULL;
674 r.in.req->req5.replica_flags = 0;
675 if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "compression", false)) {
676 r.in.req->req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
678 if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "neighbour_writeable", true)) {
679 r.in.req->req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
681 r.in.req->req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
682 | DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS
683 | DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS
684 | DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED
686 r.in.req->req5.max_object_count = 133;
687 r.in.req->req5.max_ndr_size = 1336770;
688 r.in.req->req5.extended_op = DRSUAPI_EXOP_NONE;
689 r.in.req->req5.fsmo_info = 0;
696 /* nc.dn can be set to any other ad partition */
699 r.in.req->req8.destination_dsa_guid = ctx->new_dc.invocation_id;
700 r.in.req->req8.source_dsa_invocation_id = null_guid;
701 r.in.req->req8.naming_context = &nc;
702 r.in.req->req8.highwatermark.tmp_highest_usn = highest_usn;
703 r.in.req->req8.highwatermark.reserved_usn = 0;
704 r.in.req->req8.highwatermark.highest_usn = highest_usn;
705 r.in.req->req8.uptodateness_vector = NULL;
706 r.in.req->req8.replica_flags = 0;
707 if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "compression", false)) {
708 r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
710 if (lp_parm_bool(tctx->lp_ctx, NULL, "dssync", "neighbour_writeable", true)) {
711 r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
713 r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
714 | DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS
715 | DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS
716 | DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED
718 r.in.req->req8.max_object_count = 402;
719 r.in.req->req8.max_ndr_size = 402116;
721 r.in.req->req8.extended_op = DRSUAPI_EXOP_NONE;
722 r.in.req->req8.fsmo_info = 0;
723 r.in.req->req8.partial_attribute_set = NULL;
724 r.in.req->req8.partial_attribute_set_ex = NULL;
725 r.in.req->req8.mapping_ctr.num_mappings = 0;
726 r.in.req->req8.mapping_ctr.mappings = NULL;
731 printf("Dumping AD partition: %s\n", nc.dn);
734 union drsuapi_DsGetNCChangesCtr ctr;
738 r.out.level_out = &_level;
741 if (r.in.level == 5) {
742 DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
743 (long long)r.in.req->req5.highwatermark.tmp_highest_usn,
744 (long long)r.in.req->req5.highwatermark.highest_usn));
747 if (r.in.level == 8) {
748 DEBUG(0,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
749 (long long)r.in.req->req8.highwatermark.tmp_highest_usn,
750 (long long)r.in.req->req8.highwatermark.highest_usn));
753 status = dcerpc_drsuapi_DsGetNCChanges(ctx->new_dc.drsuapi.pipe, ctx, &r);
754 if (!NT_STATUS_IS_OK(status)) {
755 const char *errstr = nt_errstr(status);
756 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
757 errstr = dcerpc_errstr(ctx, ctx->new_dc.drsuapi.pipe->last_fault_code);
759 printf("dcerpc_drsuapi_DsGetNCChanges failed - %s\n", errstr);
761 } else if (!W_ERROR_IS_OK(r.out.result)) {
762 printf("DsGetNCChanges failed - %s\n", win_errstr(r.out.result));
766 if (ret == true && *r.out.level_out == 1) {
768 ctr1 = &r.out.ctr->ctr1;
769 } else if (ret == true && *r.out.level_out == 2 &&
770 r.out.ctr->ctr2.mszip1.ts) {
772 ctr1 = &r.out.ctr->ctr2.mszip1.ts->ctr1;
775 if (out_level == 1) {
776 DEBUG(0,("end[%d] tmp_highest_usn: %llu , highest_usn: %llu\n",y,
777 (long long)ctr1->new_highwatermark.tmp_highest_usn,
778 (long long)ctr1->new_highwatermark.highest_usn));
780 test_analyse_objects(tctx, ctx, &gensec_skey, ctr1->first_object);
782 if (ctr1->more_data) {
783 r.in.req->req5.highwatermark = ctr1->new_highwatermark;
788 if (ret == true && *r.out.level_out == 6) {
790 ctr6 = &r.out.ctr->ctr6;
791 } else if (ret == true && *r.out.level_out == 7
792 && r.out.ctr->ctr7.level == 6
793 && r.out.ctr->ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP
794 && r.out.ctr->ctr7.ctr.mszip6.ts) {
796 ctr6 = &r.out.ctr->ctr7.ctr.mszip6.ts->ctr6;
797 } else if (ret == true && *r.out.level_out == 7
798 && r.out.ctr->ctr7.level == 6
799 && r.out.ctr->ctr7.type == DRSUAPI_COMPRESSION_TYPE_XPRESS
800 && r.out.ctr->ctr7.ctr.xpress6.ts) {
802 ctr6 = &r.out.ctr->ctr7.ctr.xpress6.ts->ctr6;
805 if (out_level == 6) {
806 DEBUG(0,("end[%d] tmp_highest_usn: %llu , highest_usn: %llu\n",y,
807 (long long)ctr6->new_highwatermark.tmp_highest_usn,
808 (long long)ctr6->new_highwatermark.highest_usn));
810 test_analyse_objects(tctx, ctx, &gensec_skey, ctr6->first_object);
812 if (ctr6->more_data) {
813 r.in.req->req8.highwatermark = ctr6->new_highwatermark;
825 static bool test_FetchNT4Data(struct torture_context *tctx,
826 struct DsSyncTest *ctx)
830 struct drsuapi_DsGetNT4ChangeLog r;
831 union drsuapi_DsGetNT4ChangeLogRequest req;
832 union drsuapi_DsGetNT4ChangeLogInfo info;
833 uint32_t level_out = 0;
834 struct GUID null_guid;
835 struct dom_sid null_sid;
838 ZERO_STRUCT(null_guid);
839 ZERO_STRUCT(null_sid);
843 r.in.bind_handle = &ctx->new_dc.drsuapi.bind_handle;
846 r.out.level_out = &level_out;
848 req.req1.unknown1 = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "nt4-1", 3);
849 req.req1.unknown2 = lp_parm_int(tctx->lp_ctx, NULL, "dssync", "nt4-2", 0x00004000);
852 req.req1.length = cookie.length;
853 req.req1.data = cookie.data;
857 status = dcerpc_drsuapi_DsGetNT4ChangeLog(ctx->new_dc.drsuapi.pipe, ctx, &r);
858 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
859 printf("DsGetNT4ChangeLog not supported by target server\n");
861 } else if (!NT_STATUS_IS_OK(status)) {
862 const char *errstr = nt_errstr(status);
863 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
864 errstr = dcerpc_errstr(ctx, ctx->new_dc.drsuapi.pipe->last_fault_code);
866 printf("dcerpc_drsuapi_DsGetNT4ChangeLog failed - %s\n", errstr);
868 } else if (W_ERROR_EQUAL(r.out.result, WERR_INVALID_DOMAIN_ROLE)) {
869 printf("DsGetNT4ChangeLog not supported by target server\n");
871 } else if (!W_ERROR_IS_OK(r.out.result)) {
872 printf("DsGetNT4ChangeLog failed - %s\n", win_errstr(r.out.result));
874 } else if (*r.out.level_out != 1) {
875 printf("DsGetNT4ChangeLog unknown level - %u\n", *r.out.level_out);
877 } else if (NT_STATUS_IS_OK(r.out.info->info1.status)) {
878 } else if (NT_STATUS_EQUAL(r.out.info->info1.status, STATUS_MORE_ENTRIES)) {
879 cookie.length = r.out.info->info1.length1;
880 cookie.data = r.out.info->info1.data1;
883 printf("DsGetNT4ChangeLog failed - %s\n", nt_errstr(r.out.info->info1.status));
893 bool torture_rpc_dssync(struct torture_context *torture)
897 struct DsSyncTest *ctx;
899 mem_ctx = talloc_init("torture_rpc_dssync");
900 ctx = test_create_context(torture);
902 ret &= _test_DsBind(torture, ctx, ctx->admin.credentials, &ctx->admin.drsuapi);
906 ret &= test_LDAPBind(torture, ctx, ctx->admin.credentials, &ctx->admin.ldap);
910 ret &= test_GetInfo(torture, ctx);
911 ret &= _test_DsBind(torture, ctx, ctx->new_dc.credentials, &ctx->new_dc.drsuapi);
915 ret &= test_FetchData(torture, ctx);
916 ret &= test_FetchNT4Data(torture, ctx);