s4-netlogon: merge netr_AccountDeltas from s3 idl.
[ira/wip.git] / source4 / torture / rpc / netlogon.c
1 /* 
2    Unix SMB/CIFS implementation.
3
4    test suite for netlogon rpc operations
5
6    Copyright (C) Andrew Tridgell 2003
7    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003-2004
8    Copyright (C) Tim Potter      2003
9    
10    This program is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation; either version 3 of the License, or
13    (at your option) any later version.
14    
15    This program is distributed in the hope that it will be useful,
16    but WITHOUT ANY WARRANTY; without even the implied warranty of
17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18    GNU General Public License for more details.
19    
20    You should have received a copy of the GNU General Public License
21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "torture/torture.h"
26 #include "lib/events/events.h"
27 #include "auth/auth.h"
28 #include "auth/gensec/gensec.h"
29 #include "lib/cmdline/popt_common.h"
30 #include "torture/rpc/rpc.h"
31 #include "torture/rpc/netlogon.h"
32 #include "../lib/crypto/crypto.h"
33 #include "libcli/auth/libcli_auth.h"
34 #include "librpc/gen_ndr/ndr_netlogon_c.h"
35 #include "librpc/gen_ndr/ndr_lsa_c.h"
36 #include "param/param.h"
37
38 #define TEST_MACHINE_NAME "torturetest"
39
40 static bool test_LogonUasLogon(struct torture_context *tctx, 
41                                struct dcerpc_pipe *p)
42 {
43         NTSTATUS status;
44         struct netr_LogonUasLogon r;
45         struct netr_UasInfo *info = NULL;
46
47         r.in.server_name = NULL;
48         r.in.account_name = cli_credentials_get_username(cmdline_credentials);
49         r.in.workstation = TEST_MACHINE_NAME;
50         r.out.info = &info;
51
52         status = dcerpc_netr_LogonUasLogon(p, tctx, &r);
53         torture_assert_ntstatus_ok(tctx, status, "LogonUasLogon");
54
55         return true;
56 }
57
58 static bool test_LogonUasLogoff(struct torture_context *tctx,
59                                 struct dcerpc_pipe *p)
60 {
61         NTSTATUS status;
62         struct netr_LogonUasLogoff r;
63         struct netr_UasLogoffInfo info;
64
65         r.in.server_name = NULL;
66         r.in.account_name = cli_credentials_get_username(cmdline_credentials);
67         r.in.workstation = TEST_MACHINE_NAME;
68         r.out.info = &info;
69
70         status = dcerpc_netr_LogonUasLogoff(p, tctx, &r);
71         torture_assert_ntstatus_ok(tctx, status, "LogonUasLogoff");
72
73         return true;
74 }
75
76 static bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context *tctx,
77                                   struct cli_credentials *credentials,
78                                   struct creds_CredentialState **creds_out)
79 {
80         NTSTATUS status;
81         struct netr_ServerReqChallenge r;
82         struct netr_ServerAuthenticate a;
83         struct netr_Credential credentials1, credentials2, credentials3;
84         struct creds_CredentialState *creds;
85         const struct samr_Password *mach_password;
86         const char *machine_name;
87
88         mach_password = cli_credentials_get_nt_hash(credentials, tctx);
89         machine_name = cli_credentials_get_workstation(credentials);
90
91         torture_comment(tctx, "Testing ServerReqChallenge\n");
92
93         creds = talloc(tctx, struct creds_CredentialState);
94         torture_assert(tctx, creds != NULL, "memory allocation");
95
96         r.in.server_name = NULL;
97         r.in.computer_name = machine_name;
98         r.in.credentials = &credentials1;
99         r.out.credentials = &credentials2;
100
101         generate_random_buffer(credentials1.data, sizeof(credentials1.data));
102
103         status = dcerpc_netr_ServerReqChallenge(p, tctx, &r);
104         torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge");
105
106         a.in.server_name = NULL;
107         a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
108         a.in.secure_channel_type = SEC_CHAN_BDC;
109         a.in.computer_name = machine_name;
110         a.in.credentials = &credentials3;
111         a.out.credentials = &credentials3;
112
113         creds_client_init(creds, &credentials1, &credentials2, 
114                           mach_password, &credentials3, 
115                           0);
116
117         torture_comment(tctx, "Testing ServerAuthenticate\n");
118
119         status = dcerpc_netr_ServerAuthenticate(p, tctx, &a);
120
121         /* This allows the tests to continue against the more fussy windows 2008 */
122         if (NT_STATUS_EQUAL(status, NT_STATUS_DOWNGRADE_DETECTED)) {
123                 return test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS, 
124                                               credentials, SEC_CHAN_BDC, creds_out);
125         }
126
127         torture_assert_ntstatus_ok(tctx, status, "ServerAuthenticate");
128
129         torture_assert(tctx, creds_client_check(creds, &credentials3), 
130                        "Credential chaining failed");
131
132         *creds_out = creds;
133         return true;
134 }
135
136 bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx,
137                             uint32_t negotiate_flags,
138                             struct cli_credentials *machine_credentials,
139                             int sec_chan_type,
140                             struct creds_CredentialState **creds_out)
141 {
142         NTSTATUS status;
143         struct netr_ServerReqChallenge r;
144         struct netr_ServerAuthenticate2 a;
145         struct netr_Credential credentials1, credentials2, credentials3;
146         struct creds_CredentialState *creds;
147         const struct samr_Password *mach_password;
148         const char *machine_name;
149         const char *plain_pass;
150
151         mach_password = cli_credentials_get_nt_hash(machine_credentials, tctx);
152         machine_name = cli_credentials_get_workstation(machine_credentials);
153
154         torture_comment(tctx, "Testing ServerReqChallenge\n");
155
156         creds = talloc(tctx, struct creds_CredentialState);
157         torture_assert(tctx, creds != NULL, "memory allocation");
158
159         r.in.server_name = NULL;
160         r.in.computer_name = machine_name;
161         r.in.credentials = &credentials1;
162         r.out.credentials = &credentials2;
163
164         generate_random_buffer(credentials1.data, sizeof(credentials1.data));
165
166         status = dcerpc_netr_ServerReqChallenge(p, tctx, &r);
167         torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge");
168
169         a.in.server_name = NULL;
170         a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
171         a.in.secure_channel_type = sec_chan_type;
172         a.in.computer_name = machine_name;
173         a.in.negotiate_flags = &negotiate_flags;
174         a.out.negotiate_flags = &negotiate_flags;
175         a.in.credentials = &credentials3;
176         a.out.credentials = &credentials3;
177
178         creds_client_init(creds, &credentials1, &credentials2, 
179                           mach_password, &credentials3, 
180                           negotiate_flags);
181
182         torture_comment(tctx, "Testing ServerAuthenticate2\n");
183
184         status = dcerpc_netr_ServerAuthenticate2(p, tctx, &a);
185         torture_assert_ntstatus_ok(tctx, status, "ServerAuthenticate2");
186
187         torture_assert(tctx, creds_client_check(creds, &credentials3), 
188                 "Credential chaining failed");
189
190         torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
191
192         *creds_out = creds;
193         return true;
194 }
195
196
197 static bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx,
198                             uint32_t negotiate_flags,
199                             struct cli_credentials *machine_credentials,
200                             struct creds_CredentialState **creds_out)
201 {
202         NTSTATUS status;
203         struct netr_ServerReqChallenge r;
204         struct netr_ServerAuthenticate3 a;
205         struct netr_Credential credentials1, credentials2, credentials3;
206         struct creds_CredentialState *creds;
207         struct samr_Password mach_password;
208         uint32_t rid;
209         const char *machine_name;
210         const char *plain_pass;
211
212         machine_name = cli_credentials_get_workstation(machine_credentials);
213         plain_pass = cli_credentials_get_password(machine_credentials);
214
215         torture_comment(tctx, "Testing ServerReqChallenge\n");
216
217         creds = talloc(tctx, struct creds_CredentialState);
218         torture_assert(tctx, creds != NULL, "memory allocation");
219
220         r.in.server_name = NULL;
221         r.in.computer_name = machine_name;
222         r.in.credentials = &credentials1;
223         r.out.credentials = &credentials2;
224
225         generate_random_buffer(credentials1.data, sizeof(credentials1.data));
226
227         status = dcerpc_netr_ServerReqChallenge(p, tctx, &r);
228         torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge");
229
230         E_md4hash(plain_pass, mach_password.hash);
231
232         a.in.server_name = NULL;
233         a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
234         a.in.secure_channel_type = SEC_CHAN_BDC;
235         a.in.computer_name = machine_name;
236         a.in.negotiate_flags = &negotiate_flags;
237         a.in.credentials = &credentials3;
238         a.out.credentials = &credentials3;
239         a.out.negotiate_flags = &negotiate_flags;
240         a.out.rid = &rid;
241
242         creds_client_init(creds, &credentials1, &credentials2, 
243                           &mach_password, &credentials3,
244                           negotiate_flags);
245
246         torture_comment(tctx, "Testing ServerAuthenticate3\n");
247
248         status = dcerpc_netr_ServerAuthenticate3(p, tctx, &a);
249         torture_assert_ntstatus_ok(tctx, status, "ServerAuthenticate3");
250         torture_assert(tctx, creds_client_check(creds, &credentials3), "Credential chaining failed");
251
252         torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
253         
254         /* Prove that requesting a challenge again won't break it */
255         status = dcerpc_netr_ServerReqChallenge(p, tctx, &r);
256         torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge");
257
258         *creds_out = creds;
259         return true;
260 }
261
262 /*
263   try a change password for our machine account
264 */
265 static bool test_SetPassword(struct torture_context *tctx, 
266                              struct dcerpc_pipe *p,
267                              struct cli_credentials *machine_credentials)
268 {
269         NTSTATUS status;
270         struct netr_ServerPasswordSet r;
271         const char *password;
272         struct creds_CredentialState *creds;
273
274         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
275                 return false;
276         }
277
278         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
279         r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
280         r.in.secure_channel_type = SEC_CHAN_BDC;
281         r.in.computer_name = TEST_MACHINE_NAME;
282
283         password = generate_random_str(tctx, 8);
284         E_md4hash(password, r.in.new_password.hash);
285
286         creds_des_encrypt(creds, &r.in.new_password);
287
288         torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
289         torture_comment(tctx, "Changing machine account password to '%s'\n", 
290                         password);
291
292         creds_client_authenticator(creds, &r.in.credential);
293
294         status = dcerpc_netr_ServerPasswordSet(p, tctx, &r);
295         torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet");
296
297         if (!creds_client_check(creds, &r.out.return_authenticator.cred)) {
298                 torture_comment(tctx, "Credential chaining failed\n");
299         }
300
301         /* by changing the machine password twice we test the
302            credentials chaining fully, and we verify that the server
303            allows the password to be set to the same value twice in a
304            row (match win2k3) */
305         torture_comment(tctx, 
306                 "Testing a second ServerPasswordSet on machine account\n");
307         torture_comment(tctx, 
308                 "Changing machine account password to '%s' (same as previous run)\n", password);
309
310         creds_client_authenticator(creds, &r.in.credential);
311
312         status = dcerpc_netr_ServerPasswordSet(p, tctx, &r);
313         torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet (2)");
314
315         if (!creds_client_check(creds, &r.out.return_authenticator.cred)) {
316                 torture_comment(tctx, "Credential chaining failed\n");
317         }
318
319         cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
320
321         torture_assert(tctx, 
322                 test_SetupCredentials(p, tctx, machine_credentials, &creds), 
323                 "ServerPasswordSet failed to actually change the password");
324
325         return true;
326 }
327
328 /*
329   generate a random password for password change tests
330 */
331 static DATA_BLOB netlogon_very_rand_pass(TALLOC_CTX *mem_ctx, int len)
332 {
333         int i;
334         DATA_BLOB password = data_blob_talloc(mem_ctx, NULL, len * 2 /* number of unicode chars */);
335         generate_random_buffer(password.data, password.length);
336
337         for (i=0; i < len; i++) {
338                 if (((uint16_t *)password.data)[i] == 0) {
339                         ((uint16_t *)password.data)[i] = 1;
340                 }
341         }
342
343         return password;
344 }
345
346 /*
347   try a change password for our machine account
348 */
349 static bool test_SetPassword2(struct torture_context *tctx, 
350                               struct dcerpc_pipe *p, 
351                               struct cli_credentials *machine_credentials)
352 {
353         NTSTATUS status;
354         struct netr_ServerPasswordSet2 r;
355         const char *password;
356         DATA_BLOB new_random_pass;
357         struct creds_CredentialState *creds;
358         struct samr_CryptPassword password_buf;
359         struct samr_Password nt_hash;
360
361         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
362                 return false;
363         }
364
365         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
366         r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
367         r.in.secure_channel_type = SEC_CHAN_BDC;
368         r.in.computer_name = TEST_MACHINE_NAME;
369
370         password = generate_random_str(tctx, 8);
371         encode_pw_buffer(password_buf.data, password, STR_UNICODE);
372         creds_arcfour_crypt(creds, password_buf.data, 516);
373
374         memcpy(r.in.new_password.data, password_buf.data, 512);
375         r.in.new_password.length = IVAL(password_buf.data, 512);
376
377         torture_comment(tctx, "Testing ServerPasswordSet2 on machine account\n");
378         torture_comment(tctx, "Changing machine account password to '%s'\n", password);
379
380         creds_client_authenticator(creds, &r.in.credential);
381
382         status = dcerpc_netr_ServerPasswordSet2(p, tctx, &r);
383         torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet2");
384
385         if (!creds_client_check(creds, &r.out.return_authenticator.cred)) {
386                 torture_comment(tctx, "Credential chaining failed\n");
387         }
388
389         cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
390
391         if (!torture_setting_bool(tctx, "dangerous", false)) {
392                 torture_comment(tctx, 
393                         "Not testing ability to set password to '', enable dangerous tests to perform this test\n");
394         } else {
395                 /* by changing the machine password to ""
396                  * we check if the server uses password restrictions
397                  * for ServerPasswordSet2
398                  * (win2k3 accepts "")
399                  */
400                 password = "";
401                 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
402                 creds_arcfour_crypt(creds, password_buf.data, 516);
403                 
404                 memcpy(r.in.new_password.data, password_buf.data, 512);
405                 r.in.new_password.length = IVAL(password_buf.data, 512);
406                 
407                 torture_comment(tctx, 
408                         "Testing ServerPasswordSet2 on machine account\n");
409                 torture_comment(tctx, 
410                         "Changing machine account password to '%s'\n", password);
411                 
412                 creds_client_authenticator(creds, &r.in.credential);
413                 
414                 status = dcerpc_netr_ServerPasswordSet2(p, tctx, &r);
415                 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet2");
416                 
417                 if (!creds_client_check(creds, &r.out.return_authenticator.cred)) {
418                         torture_comment(tctx, "Credential chaining failed\n");
419                 }
420                 
421                 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
422         }
423
424         torture_assert(tctx, test_SetupCredentials(p, tctx, machine_credentials, &creds), 
425                 "ServerPasswordSet failed to actually change the password");
426
427         /* now try a random password */
428         password = generate_random_str(tctx, 8);
429         encode_pw_buffer(password_buf.data, password, STR_UNICODE);
430         creds_arcfour_crypt(creds, password_buf.data, 516);
431
432         memcpy(r.in.new_password.data, password_buf.data, 512);
433         r.in.new_password.length = IVAL(password_buf.data, 512);
434
435         torture_comment(tctx, "Testing second ServerPasswordSet2 on machine account\n");
436         torture_comment(tctx, "Changing machine account password to '%s'\n", password);
437
438         creds_client_authenticator(creds, &r.in.credential);
439
440         status = dcerpc_netr_ServerPasswordSet2(p, tctx, &r);
441         torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet2 (2)");
442
443         if (!creds_client_check(creds, &r.out.return_authenticator.cred)) {
444                 torture_comment(tctx, "Credential chaining failed\n");
445         }
446
447         /* by changing the machine password twice we test the
448            credentials chaining fully, and we verify that the server
449            allows the password to be set to the same value twice in a
450            row (match win2k3) */
451         torture_comment(tctx, 
452                 "Testing a second ServerPasswordSet2 on machine account\n");
453         torture_comment(tctx, 
454                 "Changing machine account password to '%s' (same as previous run)\n", password);
455
456         creds_client_authenticator(creds, &r.in.credential);
457
458         status = dcerpc_netr_ServerPasswordSet2(p, tctx, &r);
459         torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet (3)");
460
461         if (!creds_client_check(creds, &r.out.return_authenticator.cred)) {
462                 torture_comment(tctx, "Credential chaining failed\n");
463         }
464
465         cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
466
467         torture_assert (tctx, 
468                 test_SetupCredentials(p, tctx, machine_credentials, &creds), 
469                 "ServerPasswordSet failed to actually change the password");
470
471         new_random_pass = netlogon_very_rand_pass(tctx, 128);
472
473         /* now try a random stream of bytes for a password */
474         set_pw_in_buffer(password_buf.data, &new_random_pass);
475
476         creds_arcfour_crypt(creds, password_buf.data, 516);
477
478         memcpy(r.in.new_password.data, password_buf.data, 512);
479         r.in.new_password.length = IVAL(password_buf.data, 512);
480
481         torture_comment(tctx, 
482                 "Testing a third ServerPasswordSet2 on machine account, with a compleatly random password\n");
483
484         creds_client_authenticator(creds, &r.in.credential);
485
486         status = dcerpc_netr_ServerPasswordSet2(p, tctx, &r);
487         torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet (3)");
488
489         if (!creds_client_check(creds, &r.out.return_authenticator.cred)) {
490                 torture_comment(tctx, "Credential chaining failed\n");
491         }
492
493         mdfour(nt_hash.hash, new_random_pass.data, new_random_pass.length);
494
495         cli_credentials_set_password(machine_credentials, NULL, CRED_UNINITIALISED);
496         cli_credentials_set_nt_hash(machine_credentials, &nt_hash, CRED_SPECIFIED);
497
498         torture_assert (tctx, 
499                 test_SetupCredentials(p, tctx, machine_credentials, &creds), 
500                 "ServerPasswordSet failed to actually change the password");
501
502         return true;
503 }
504
505 static bool test_GetPassword(struct torture_context *tctx,
506                              struct dcerpc_pipe *p,
507                              struct cli_credentials *machine_credentials)
508 {
509         struct netr_ServerPasswordGet r;
510         struct creds_CredentialState *creds;
511         struct netr_Authenticator credential;
512         NTSTATUS status;
513         struct netr_Authenticator return_authenticator;
514         struct samr_Password password;
515
516         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
517                 return false;
518         }
519
520         creds_client_authenticator(creds, &credential);
521
522         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
523         r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
524         r.in.secure_channel_type = SEC_CHAN_BDC;
525         r.in.computer_name = TEST_MACHINE_NAME;
526         r.in.credential = &credential;
527         r.out.return_authenticator = &return_authenticator;
528         r.out.password = &password;
529
530         status = dcerpc_netr_ServerPasswordGet(p, tctx, &r);
531         torture_assert_ntstatus_ok(tctx, status, "ServerPasswordGet");
532
533         return true;
534 }
535
536 static bool test_GetTrustPasswords(struct torture_context *tctx,
537                                    struct dcerpc_pipe *p,
538                                    struct cli_credentials *machine_credentials)
539 {
540         struct netr_ServerTrustPasswordsGet r;
541         struct creds_CredentialState *creds;
542         struct netr_Authenticator credential;
543         NTSTATUS status;
544         struct netr_Authenticator return_authenticator;
545         struct samr_Password password, password2;
546
547         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
548                 return false;
549         }
550
551         creds_client_authenticator(creds, &credential);
552
553         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
554         r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
555         r.in.secure_channel_type = SEC_CHAN_BDC;
556         r.in.computer_name = TEST_MACHINE_NAME;
557         r.in.credential = &credential;
558         r.out.return_authenticator = &return_authenticator;
559         r.out.password = &password;
560         r.out.password2 = &password2;
561
562         status = dcerpc_netr_ServerTrustPasswordsGet(p, tctx, &r);
563         torture_assert_ntstatus_ok(tctx, status, "ServerTrustPasswordsGet");
564
565         return true;
566 }
567
568 /*
569   try a netlogon SamLogon
570 */
571 bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
572                               struct cli_credentials *credentials, 
573                               struct creds_CredentialState *creds)
574 {
575         NTSTATUS status;
576         struct netr_LogonSamLogon r;
577         struct netr_Authenticator auth, auth2;
578         struct netr_NetworkInfo ninfo;
579         DATA_BLOB names_blob, chal, lm_resp, nt_resp;
580         int i;
581         int flags = CLI_CRED_NTLM_AUTH;
582         if (lp_client_lanman_auth(tctx->lp_ctx)) {
583                 flags |= CLI_CRED_LANMAN_AUTH;
584         }
585
586         if (lp_client_ntlmv2_auth(tctx->lp_ctx)) {
587                 flags |= CLI_CRED_NTLMv2_AUTH;
588         }
589
590         cli_credentials_get_ntlm_username_domain(cmdline_credentials, tctx, 
591                                                  &ninfo.identity_info.account_name.string,
592                                                  &ninfo.identity_info.domain_name.string);
593         
594         generate_random_buffer(ninfo.challenge, 
595                                sizeof(ninfo.challenge));
596         chal = data_blob_const(ninfo.challenge, 
597                                sizeof(ninfo.challenge));
598
599         names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(credentials), 
600                                                 cli_credentials_get_domain(credentials));
601
602         status = cli_credentials_get_ntlm_response(cmdline_credentials, tctx, 
603                                                    &flags, 
604                                                    chal,
605                                                    names_blob,
606                                                    &lm_resp, &nt_resp,
607                                                    NULL, NULL);
608         torture_assert_ntstatus_ok(tctx, status, "cli_credentials_get_ntlm_response failed");
609
610         ninfo.lm.data = lm_resp.data;
611         ninfo.lm.length = lm_resp.length;
612
613         ninfo.nt.data = nt_resp.data;
614         ninfo.nt.length = nt_resp.length;
615
616         ninfo.identity_info.parameter_control = 0;
617         ninfo.identity_info.logon_id_low = 0;
618         ninfo.identity_info.logon_id_high = 0;
619         ninfo.identity_info.workstation.string = cli_credentials_get_workstation(credentials);
620
621         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
622         r.in.computer_name = cli_credentials_get_workstation(credentials);
623         r.in.credential = &auth;
624         r.in.return_authenticator = &auth2;
625         r.in.logon_level = 2;
626         r.in.logon.network = &ninfo;
627
628         d_printf("Testing LogonSamLogon with name %s\n", ninfo.identity_info.account_name.string);
629         
630         for (i=2;i<3;i++) {
631                 ZERO_STRUCT(auth2);
632                 creds_client_authenticator(creds, &auth);
633                 
634                 r.in.validation_level = i;
635                 
636                 status = dcerpc_netr_LogonSamLogon(p, tctx, &r);
637                 torture_assert_ntstatus_ok(tctx, status, "LogonSamLogon failed");
638                 
639                 torture_assert(tctx, creds_client_check(creds, &r.out.return_authenticator->cred), 
640                         "Credential chaining failed");
641         }
642
643         r.in.credential = NULL;
644
645         for (i=2;i<=3;i++) {
646
647                 r.in.validation_level = i;
648
649                 torture_comment(tctx, "Testing SamLogon with validation level %d and a NULL credential\n", i);
650
651                 status = dcerpc_netr_LogonSamLogon(p, tctx, &r);
652                 torture_assert_ntstatus_equal(tctx, status, NT_STATUS_INVALID_PARAMETER, 
653                         "LogonSamLogon expected INVALID_PARAMETER");
654
655         }
656
657         return true;
658 }
659
660 /*
661   try a netlogon SamLogon
662 */
663 static bool test_SamLogon(struct torture_context *tctx, 
664                           struct dcerpc_pipe *p,
665                           struct cli_credentials *credentials)
666 {
667         struct creds_CredentialState *creds;
668
669         if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
670                 return false;
671         }
672
673         return test_netlogon_ops(p, tctx, credentials, creds);
674 }
675
676 /* we remember the sequence numbers so we can easily do a DatabaseDelta */
677 static uint64_t sequence_nums[3];
678
679 /*
680   try a netlogon DatabaseSync
681 */
682 static bool test_DatabaseSync(struct torture_context *tctx, 
683                               struct dcerpc_pipe *p,
684                               struct cli_credentials *machine_credentials)
685 {
686         NTSTATUS status;
687         struct netr_DatabaseSync r;
688         struct creds_CredentialState *creds;
689         const uint32_t database_ids[] = {SAM_DATABASE_DOMAIN, SAM_DATABASE_BUILTIN, SAM_DATABASE_PRIVS}; 
690         int i;
691
692         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
693                 return false;
694         }
695
696         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
697         r.in.computername = TEST_MACHINE_NAME;
698         r.in.preferredmaximumlength = (uint32_t)-1;
699         ZERO_STRUCT(r.in.return_authenticator);
700
701         for (i=0;i<ARRAY_SIZE(database_ids);i++) {
702                 r.in.sync_context = 0;
703                 r.in.database_id = database_ids[i];
704
705                 torture_comment(tctx, "Testing DatabaseSync of id %d\n", r.in.database_id);
706
707                 do {
708                         creds_client_authenticator(creds, &r.in.credential);
709
710                         status = dcerpc_netr_DatabaseSync(p, tctx, &r);
711                         if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES))
712                             break;
713
714                         /* Native mode servers don't do this */
715                         if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
716                                 return true;
717                         }
718                         torture_assert_ntstatus_ok(tctx, status, "DatabaseSync");
719
720                         if (!creds_client_check(creds, &r.out.return_authenticator.cred)) {
721                                 torture_comment(tctx, "Credential chaining failed\n");
722                         }
723
724                         r.in.sync_context = r.out.sync_context;
725
726                         if (r.out.delta_enum_array &&
727                             r.out.delta_enum_array->num_deltas > 0 &&
728                             r.out.delta_enum_array->delta_enum[0].delta_type == NETR_DELTA_DOMAIN &&
729                             r.out.delta_enum_array->delta_enum[0].delta_union.domain) {
730                                 sequence_nums[r.in.database_id] = 
731                                         r.out.delta_enum_array->delta_enum[0].delta_union.domain->sequence_num;
732                                 torture_comment(tctx, "\tsequence_nums[%d]=%llu\n",
733                                        r.in.database_id, 
734                                        (unsigned long long)sequence_nums[r.in.database_id]);
735                         }
736                 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
737         }
738
739         return true;
740 }
741
742
743 /*
744   try a netlogon DatabaseDeltas
745 */
746 static bool test_DatabaseDeltas(struct torture_context *tctx, 
747                                 struct dcerpc_pipe *p,
748                                 struct cli_credentials *machine_credentials)
749 {
750         NTSTATUS status;
751         struct netr_DatabaseDeltas r;
752         struct creds_CredentialState *creds;
753         struct netr_Authenticator credential;
754         struct netr_Authenticator return_authenticator;
755         struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
756         const uint32_t database_ids[] = {0, 1, 2}; 
757         int i;
758
759         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
760                 return false;
761         }
762
763         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
764         r.in.computername = TEST_MACHINE_NAME;
765         r.in.preferredmaximumlength = (uint32_t)-1;
766         ZERO_STRUCT(r.in.return_authenticator);
767         r.out.return_authenticator = &return_authenticator;
768         r.out.delta_enum_array = &delta_enum_array;
769
770         for (i=0;i<ARRAY_SIZE(database_ids);i++) {
771                 r.in.database_id = database_ids[i];
772                 r.in.sequence_num = &sequence_nums[r.in.database_id];
773
774                 if (*r.in.sequence_num == 0) continue;
775
776                 *r.in.sequence_num -= 1;
777
778                 torture_comment(tctx, "Testing DatabaseDeltas of id %d at %llu\n", 
779                        r.in.database_id, (unsigned long long)*r.in.sequence_num);
780
781                 do {
782                         creds_client_authenticator(creds, &credential);
783
784                         status = dcerpc_netr_DatabaseDeltas(p, tctx, &r);
785                         if (NT_STATUS_EQUAL(status, 
786                                              NT_STATUS_SYNCHRONIZATION_REQUIRED)) {
787                                 torture_comment(tctx, "not considering %s to be an error\n",
788                                        nt_errstr(status));
789                                 return true;
790                         }
791                         if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) 
792                             break;
793
794                         torture_assert_ntstatus_ok(tctx, status, "DatabaseDeltas");
795
796                         if (!creds_client_check(creds, &return_authenticator.cred)) {
797                                 torture_comment(tctx, "Credential chaining failed\n");
798                         }
799
800                         (*r.in.sequence_num)++;
801                 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
802         }
803
804         return true;
805 }
806
807
808 /*
809   try a netlogon AccountDeltas
810 */
811 static bool test_AccountDeltas(struct torture_context *tctx, 
812                                struct dcerpc_pipe *p,
813                                struct cli_credentials *machine_credentials)
814 {
815         NTSTATUS status;
816         struct netr_AccountDeltas r;
817         struct creds_CredentialState *creds;
818
819         struct netr_AccountBuffer buffer;
820         uint32_t count_returned = 0;
821         uint32_t total_entries = 0;
822         struct netr_UAS_INFO_0 recordid;
823         struct netr_Authenticator return_authenticator;
824
825         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
826                 return false;
827         }
828
829         ZERO_STRUCT(return_authenticator);
830
831         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
832         r.in.computername = TEST_MACHINE_NAME;
833         r.in.return_authenticator = &return_authenticator;
834         creds_client_authenticator(creds, &r.in.credential);
835         ZERO_STRUCT(r.in.uas);
836         r.in.count=10;
837         r.in.level=0;
838         r.in.buffersize=100;
839         r.out.buffer = &buffer;
840         r.out.count_returned = &count_returned;
841         r.out.total_entries = &total_entries;
842         r.out.recordid = &recordid;
843         r.out.return_authenticator = &return_authenticator;
844
845         /* w2k3 returns "NOT IMPLEMENTED" for this call */
846         status = dcerpc_netr_AccountDeltas(p, tctx, &r);
847         torture_assert_ntstatus_equal(tctx, status, NT_STATUS_NOT_IMPLEMENTED, "AccountDeltas");
848
849         return true;
850 }
851
852 /*
853   try a netlogon AccountSync
854 */
855 static bool test_AccountSync(struct torture_context *tctx, struct dcerpc_pipe *p, 
856                              struct cli_credentials *machine_credentials)
857 {
858         NTSTATUS status;
859         struct netr_AccountSync r;
860         struct creds_CredentialState *creds;
861
862         if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
863                 return false;
864         }
865
866         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
867         r.in.computername = TEST_MACHINE_NAME;
868         ZERO_STRUCT(r.in.return_authenticator);
869         creds_client_authenticator(creds, &r.in.credential);
870         ZERO_STRUCT(r.in.recordid);
871         r.in.reference=0;
872         r.in.level=0;
873         r.in.buffersize=100;
874
875         /* w2k3 returns "NOT IMPLEMENTED" for this call */
876         status = dcerpc_netr_AccountSync(p, tctx, &r);
877         torture_assert_ntstatus_equal(tctx, status, NT_STATUS_NOT_IMPLEMENTED, "AccountSync");
878
879         return true;
880 }
881
882 /*
883   try a netlogon GetDcName
884 */
885 static bool test_GetDcName(struct torture_context *tctx, 
886                            struct dcerpc_pipe *p)
887 {
888         NTSTATUS status;
889         struct netr_GetDcName r;
890         const char *dcname = NULL;
891
892         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
893         r.in.domainname = lp_workgroup(tctx->lp_ctx);
894         r.out.dcname = &dcname;
895
896         status = dcerpc_netr_GetDcName(p, tctx, &r);
897         torture_assert_ntstatus_ok(tctx, status, "GetDcName");
898         torture_assert_werr_ok(tctx, r.out.result, "GetDcName");
899
900         torture_comment(tctx, "\tDC is at '%s'\n", dcname);
901
902         return true;
903 }
904
905 /*
906   try a netlogon LogonControl 
907 */
908 static bool test_LogonControl(struct torture_context *tctx, 
909                               struct dcerpc_pipe *p)
910 {
911         NTSTATUS status;
912         struct netr_LogonControl r;
913         union netr_CONTROL_QUERY_INFORMATION info;
914         int i;
915
916         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
917         r.in.function_code = 1;
918         r.out.info = &info;
919
920         for (i=1;i<4;i++) {
921                 r.in.level = i;
922
923                 torture_comment(tctx, "Testing LogonControl level %d\n", i);
924
925                 status = dcerpc_netr_LogonControl(p, tctx, &r);
926                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
927         }
928
929         return true;
930 }
931
932
933 /*
934   try a netlogon GetAnyDCName
935 */
936 static bool test_GetAnyDCName(struct torture_context *tctx, 
937                               struct dcerpc_pipe *p)
938 {
939         NTSTATUS status;
940         struct netr_GetAnyDCName r;
941         const char *dcname = NULL;
942
943         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
944         r.in.domainname = lp_workgroup(tctx->lp_ctx);
945         r.out.dcname = &dcname;
946
947         status = dcerpc_netr_GetAnyDCName(p, tctx, &r);
948         torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
949
950         if (dcname) {
951             torture_comment(tctx, "\tDC is at '%s'\n", dcname);
952         }
953
954         return true;
955 }
956
957
958 /*
959   try a netlogon LogonControl2
960 */
961 static bool test_LogonControl2(struct torture_context *tctx, 
962                                struct dcerpc_pipe *p)
963 {
964         NTSTATUS status;
965         struct netr_LogonControl2 r;
966         union netr_CONTROL_DATA_INFORMATION data;
967         union netr_CONTROL_QUERY_INFORMATION query;
968         int i;
969
970         data.domain = lp_workgroup(tctx->lp_ctx);
971
972         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
973
974         r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
975         r.in.data = &data;
976         r.out.query = &query;
977
978         for (i=1;i<4;i++) {
979                 r.in.level = i;
980
981                 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n", 
982                        i, r.in.function_code);
983
984                 status = dcerpc_netr_LogonControl2(p, tctx, &r);
985                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
986         }
987
988         data.domain = lp_workgroup(tctx->lp_ctx);
989
990         r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
991         r.in.data = &data;
992
993         for (i=1;i<4;i++) {
994                 r.in.level = i;
995
996                 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n", 
997                        i, r.in.function_code);
998
999                 status = dcerpc_netr_LogonControl2(p, tctx, &r);
1000                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1001         }
1002
1003         data.domain = lp_workgroup(tctx->lp_ctx);
1004
1005         r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
1006         r.in.data = &data;
1007
1008         for (i=1;i<4;i++) {
1009                 r.in.level = i;
1010
1011                 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n", 
1012                        i, r.in.function_code);
1013
1014                 status = dcerpc_netr_LogonControl2(p, tctx, &r);
1015                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1016         }
1017
1018         data.debug_level = ~0;
1019
1020         r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
1021         r.in.data = &data;
1022
1023         for (i=1;i<4;i++) {
1024                 r.in.level = i;
1025
1026                 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n", 
1027                        i, r.in.function_code);
1028
1029                 status = dcerpc_netr_LogonControl2(p, tctx, &r);
1030                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1031         }
1032
1033         return true;
1034 }
1035
1036 /*
1037   try a netlogon DatabaseSync2
1038 */
1039 static bool test_DatabaseSync2(struct torture_context *tctx, 
1040                                struct dcerpc_pipe *p,
1041                                struct cli_credentials *machine_credentials)
1042 {
1043         NTSTATUS status;
1044         struct netr_DatabaseSync2 r;
1045         struct creds_CredentialState *creds;
1046         const uint32_t database_ids[] = {0, 1, 2}; 
1047         int i;
1048
1049         if (!test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_FLAGS, 
1050                                     machine_credentials,
1051                                     SEC_CHAN_BDC, &creds)) {
1052                 return false;
1053         }
1054
1055         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1056         r.in.computername = TEST_MACHINE_NAME;
1057         r.in.preferredmaximumlength = (uint32_t)-1;
1058         ZERO_STRUCT(r.in.return_authenticator);
1059
1060         for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1061                 r.in.sync_context = 0;
1062                 r.in.database_id = database_ids[i];
1063                 r.in.restart_state = 0;
1064
1065                 torture_comment(tctx, "Testing DatabaseSync2 of id %d\n", r.in.database_id);
1066
1067                 do {
1068                         creds_client_authenticator(creds, &r.in.credential);
1069
1070                         status = dcerpc_netr_DatabaseSync2(p, tctx, &r);
1071                         if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES))
1072                             break;
1073
1074                         /* Native mode servers don't do this */
1075                         if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
1076                                 return true;
1077                         }
1078
1079                         torture_assert_ntstatus_ok(tctx, status, "DatabaseSync2");
1080
1081                         if (!creds_client_check(creds, &r.out.return_authenticator.cred)) {
1082                                 torture_comment(tctx, "Credential chaining failed\n");
1083                         }
1084
1085                         r.in.sync_context = r.out.sync_context;
1086                 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
1087         }
1088
1089         return true;
1090 }
1091
1092
1093 /*
1094   try a netlogon LogonControl2Ex
1095 */
1096 static bool test_LogonControl2Ex(struct torture_context *tctx, 
1097                                  struct dcerpc_pipe *p)
1098 {
1099         NTSTATUS status;
1100         struct netr_LogonControl2Ex r;
1101         union netr_CONTROL_QUERY_INFORMATION query;
1102         int i;
1103
1104         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1105
1106         r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
1107         r.in.data.domain = lp_workgroup(tctx->lp_ctx);
1108         r.out.query = &query;
1109
1110         for (i=1;i<4;i++) {
1111                 r.in.level = i;
1112
1113                 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n", 
1114                        i, r.in.function_code);
1115
1116                 status = dcerpc_netr_LogonControl2Ex(p, tctx, &r);
1117                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1118         }
1119
1120         r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
1121         r.in.data.domain = lp_workgroup(tctx->lp_ctx);
1122
1123         for (i=1;i<4;i++) {
1124                 r.in.level = i;
1125
1126                 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n", 
1127                        i, r.in.function_code);
1128
1129                 status = dcerpc_netr_LogonControl2Ex(p, tctx, &r);
1130                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1131         }
1132
1133         r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
1134         r.in.data.domain = lp_workgroup(tctx->lp_ctx);
1135
1136         for (i=1;i<4;i++) {
1137                 r.in.level = i;
1138
1139                 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n", 
1140                        i, r.in.function_code);
1141
1142                 status = dcerpc_netr_LogonControl2Ex(p, tctx, &r);
1143                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1144         }
1145
1146         r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
1147         r.in.data.debug_level = ~0;
1148
1149         for (i=1;i<4;i++) {
1150                 r.in.level = i;
1151
1152                 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n", 
1153                        i, r.in.function_code);
1154
1155                 status = dcerpc_netr_LogonControl2Ex(p, tctx, &r);
1156                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1157         }
1158
1159         return true;
1160 }
1161
1162 static bool test_netr_DsRGetForestTrustInformation(struct torture_context *tctx, 
1163                                                    struct dcerpc_pipe *p, const char *trusted_domain_name) 
1164 {
1165         NTSTATUS status;
1166         struct netr_DsRGetForestTrustInformation r;
1167         struct lsa_ForestTrustInformation info, *info_ptr;
1168
1169         info_ptr = &info;
1170
1171         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1172         r.in.trusted_domain_name = trusted_domain_name;
1173         r.in.flags = 0;
1174         r.out.forest_trust_info = &info_ptr;
1175
1176         torture_comment(tctx ,"Testing netr_DsRGetForestTrustInformation\n");
1177
1178         status = dcerpc_netr_DsRGetForestTrustInformation(p, tctx, &r);
1179         torture_assert_ntstatus_ok(tctx, status, "DsRGetForestTrustInformation");
1180         torture_assert_werr_ok(tctx, r.out.result, "DsRGetForestTrustInformation");
1181
1182         return true;
1183 }
1184
1185 /*
1186   try a netlogon netr_DsrEnumerateDomainTrusts
1187 */
1188 static bool test_DsrEnumerateDomainTrusts(struct torture_context *tctx, 
1189                                           struct dcerpc_pipe *p)
1190 {
1191         NTSTATUS status;
1192         struct netr_DsrEnumerateDomainTrusts r;
1193         struct netr_DomainTrustList trusts;
1194         int i;
1195
1196         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1197         r.in.trust_flags = 0x3f;
1198         r.out.trusts = &trusts;
1199
1200         status = dcerpc_netr_DsrEnumerateDomainTrusts(p, tctx, &r);
1201         torture_assert_ntstatus_ok(tctx, status, "DsrEnumerateDomaintrusts");
1202         torture_assert_werr_ok(tctx, r.out.result, "DsrEnumerateDomaintrusts");
1203
1204         /* when trusted_domain_name is NULL, netr_DsRGetForestTrustInformation
1205          * will show non-forest trusts and all UPN suffixes of the own forest
1206          * as LSA_FOREST_TRUST_TOP_LEVEL_NAME types */
1207
1208         if (r.out.trusts->count) {
1209                 if (!test_netr_DsRGetForestTrustInformation(tctx, p, NULL)) {
1210                         return false;
1211                 }
1212         }
1213
1214         for (i=0; i<r.out.trusts->count; i++) {
1215
1216                 /* get info for transitive forest trusts */
1217
1218                 if (r.out.trusts->array[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
1219                         if (!test_netr_DsRGetForestTrustInformation(tctx, p, 
1220                                                                     r.out.trusts->array[i].dns_name)) {
1221                                 return false;
1222                         }
1223                 }
1224         }
1225
1226         return true;
1227 }
1228
1229 static bool test_netr_NetrEnumerateTrustedDomains(struct torture_context *tctx,
1230                                                   struct dcerpc_pipe *p)
1231 {
1232         NTSTATUS status;
1233         struct netr_NetrEnumerateTrustedDomains r;
1234         struct netr_Blob trusted_domains_blob;
1235
1236         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1237         r.out.trusted_domains_blob = &trusted_domains_blob;
1238
1239         status = dcerpc_netr_NetrEnumerateTrustedDomains(p, tctx, &r);
1240         torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomains");
1241         torture_assert_werr_ok(tctx, r.out.result, "NetrEnumerateTrustedDomains");
1242
1243         return true;
1244 }
1245
1246 static bool test_netr_NetrEnumerateTrustedDomainsEx(struct torture_context *tctx,
1247                                                     struct dcerpc_pipe *p)
1248 {
1249         NTSTATUS status;
1250         struct netr_NetrEnumerateTrustedDomainsEx r;
1251         struct netr_DomainTrustList dom_trust_list;
1252
1253         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1254         r.out.dom_trust_list = &dom_trust_list;
1255
1256         status = dcerpc_netr_NetrEnumerateTrustedDomainsEx(p, tctx, &r);
1257         torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomainsEx");
1258         torture_assert_werr_ok(tctx, r.out.result, "NetrEnumerateTrustedDomainsEx");
1259
1260         return true;
1261 }
1262
1263
1264 static bool test_netr_DsRGetSiteName(struct dcerpc_pipe *p, struct torture_context *tctx,
1265                                      const char *computer_name, 
1266                                      const char *expected_site) 
1267 {
1268         NTSTATUS status;
1269         struct netr_DsRGetSiteName r;
1270         const char *site = NULL;
1271
1272         if (torture_setting_bool(tctx, "samba4", false))
1273                 torture_skip(tctx, "skipping DsRGetSiteName test against Samba4");
1274
1275         r.in.computer_name              = computer_name;
1276         r.out.site                      = &site;
1277         torture_comment(tctx, "Testing netr_DsRGetSiteName\n");
1278
1279         status = dcerpc_netr_DsRGetSiteName(p, tctx, &r);
1280         torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
1281         torture_assert_werr_ok(tctx, r.out.result, "DsRGetSiteName");
1282         torture_assert_str_equal(tctx, expected_site, site, "netr_DsRGetSiteName");
1283
1284         r.in.computer_name              = talloc_asprintf(tctx, "\\\\%s", computer_name);
1285         torture_comment(tctx, 
1286                         "Testing netr_DsRGetSiteName with broken computer name: %s\n", r.in.computer_name);
1287
1288         status = dcerpc_netr_DsRGetSiteName(p, tctx, &r);
1289         torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
1290         torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_COMPUTERNAME, "netr_DsRGetSiteName");
1291
1292         return true;
1293 }
1294
1295 /*
1296   try a netlogon netr_DsRGetDCName
1297 */
1298 static bool test_netr_DsRGetDCName(struct torture_context *tctx, 
1299                                    struct dcerpc_pipe *p)
1300 {
1301         NTSTATUS status;
1302         struct netr_DsRGetDCName r;
1303         struct netr_DsRGetDCNameInfo *info = NULL;
1304
1305         r.in.server_unc         = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1306         r.in.domain_name        = talloc_asprintf(tctx, "%s", lp_realm(tctx->lp_ctx));
1307         r.in.domain_guid        = NULL;
1308         r.in.site_guid          = NULL;
1309         r.in.flags              = DS_RETURN_DNS_NAME;
1310         r.out.info              = &info;
1311
1312         status = dcerpc_netr_DsRGetDCName(p, tctx, &r);
1313         torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
1314         torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
1315         return test_netr_DsRGetSiteName(p, tctx, 
1316                                        info->dc_unc,
1317                                        info->dc_site_name);
1318 }
1319
1320 /*
1321   try a netlogon netr_DsRGetDCNameEx
1322 */
1323 static bool test_netr_DsRGetDCNameEx(struct torture_context *tctx, 
1324                                      struct dcerpc_pipe *p)
1325 {
1326         NTSTATUS status;
1327         struct netr_DsRGetDCNameEx r;
1328         struct netr_DsRGetDCNameInfo *info = NULL;
1329
1330         r.in.server_unc         = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1331         r.in.domain_name        = talloc_asprintf(tctx, "%s", lp_realm(tctx->lp_ctx));
1332         r.in.domain_guid        = NULL;
1333         r.in.site_name          = NULL;
1334         r.in.flags              = DS_RETURN_DNS_NAME;
1335         r.out.info              = &info;
1336
1337         status = dcerpc_netr_DsRGetDCNameEx(p, tctx, &r);
1338         torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
1339         torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
1340
1341         return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
1342                                         info->dc_site_name);
1343 }
1344
1345 /*
1346   try a netlogon netr_DsRGetDCNameEx2
1347 */
1348 static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx, 
1349                                       struct dcerpc_pipe *p)
1350 {
1351         NTSTATUS status;
1352         struct netr_DsRGetDCNameEx2 r;
1353         struct netr_DsRGetDCNameInfo *info = NULL;
1354
1355         r.in.server_unc         = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1356         r.in.client_account     = NULL;
1357         r.in.mask               = 0x00000000;
1358         r.in.domain_name        = talloc_asprintf(tctx, "%s", lp_realm(tctx->lp_ctx));
1359         r.in.domain_guid        = NULL;
1360         r.in.site_name          = NULL;
1361         r.in.flags              = DS_RETURN_DNS_NAME;
1362         r.out.info              = &info;
1363
1364         torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 without client account\n");
1365
1366         status = dcerpc_netr_DsRGetDCNameEx2(p, tctx, &r);
1367         torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
1368         torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
1369
1370         torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with client acount\n");
1371         r.in.client_account     = TEST_MACHINE_NAME"$";
1372         r.in.mask               = ACB_SVRTRUST;
1373         r.in.flags              = DS_RETURN_FLAT_NAME;
1374         r.out.info              = &info;
1375
1376         status = dcerpc_netr_DsRGetDCNameEx2(p, tctx, &r);
1377         torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
1378         torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
1379         return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
1380                                         info->dc_site_name);
1381 }
1382
1383 static bool test_netr_DsrGetDcSiteCoverageW(struct torture_context *tctx, 
1384                                             struct dcerpc_pipe *p)
1385 {
1386         NTSTATUS status;
1387         struct netr_DsrGetDcSiteCoverageW r;
1388         struct DcSitesCtr *ctr = NULL;
1389
1390         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1391         r.out.ctr = &ctr;
1392
1393         status = dcerpc_netr_DsrGetDcSiteCoverageW(p, tctx, &r);
1394         torture_assert_ntstatus_ok(tctx, status, "failed");
1395         torture_assert_werr_ok(tctx, r.out.result, "failed");
1396
1397         return true;
1398 }
1399
1400 static bool test_netr_DsRAddressToSitenamesW(struct torture_context *tctx,
1401                                              struct dcerpc_pipe *p)
1402 {
1403         NTSTATUS status;
1404         struct netr_DsRAddressToSitenamesW r;
1405         struct netr_DsRAddress addr;
1406         struct netr_DsRAddressToSitenamesWCtr *ctr;
1407
1408         ctr = talloc(tctx, struct netr_DsRAddressToSitenamesWCtr);
1409
1410         addr.size = 16;
1411         addr.buffer = talloc_zero_array(tctx, uint8_t, addr.size);
1412
1413         addr.buffer[0] = 2; /* AF_INET */
1414         addr.buffer[4] = 127;
1415         addr.buffer[5] = 0;
1416         addr.buffer[6] = 0;
1417         addr.buffer[7] = 1;
1418
1419         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1420         r.in.count = 1;
1421         r.in.addresses = talloc_zero_array(tctx, struct netr_DsRAddress, r.in.count);
1422         r.in.addresses[0] = addr;
1423         r.out.ctr = &ctr;
1424
1425         status = dcerpc_netr_DsRAddressToSitenamesW(p, tctx, &r);
1426         torture_assert_ntstatus_ok(tctx, status, "failed");
1427         torture_assert_werr_ok(tctx, r.out.result, "failed");
1428
1429         return true;
1430 }
1431
1432 static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx,
1433                                                struct dcerpc_pipe *p)
1434 {
1435         NTSTATUS status;
1436         struct netr_DsRAddressToSitenamesExW r;
1437         struct netr_DsRAddress addr;
1438         struct netr_DsRAddressToSitenamesExWCtr *ctr;
1439
1440         ctr = talloc(tctx, struct netr_DsRAddressToSitenamesExWCtr);
1441
1442         addr.size = 16;
1443         addr.buffer = talloc_zero_array(tctx, uint8_t, addr.size);
1444
1445         addr.buffer[0] = 2; /* AF_INET */
1446         addr.buffer[4] = 127;
1447         addr.buffer[5] = 0;
1448         addr.buffer[6] = 0;
1449         addr.buffer[7] = 1;
1450
1451         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1452         r.in.count = 1;
1453         r.in.addresses = talloc_zero_array(tctx, struct netr_DsRAddress, r.in.count);
1454         r.in.addresses[0] = addr;
1455         r.out.ctr = &ctr;
1456
1457         status = dcerpc_netr_DsRAddressToSitenamesExW(p, tctx, &r);
1458         torture_assert_ntstatus_ok(tctx, status, "failed");
1459         torture_assert_werr_ok(tctx, r.out.result, "failed");
1460
1461         return true;
1462 }
1463
1464 static bool test_GetDomainInfo(struct torture_context *tctx, 
1465                                struct dcerpc_pipe *p,
1466                                struct cli_credentials *machine_credentials)
1467 {
1468         NTSTATUS status;
1469         struct netr_LogonGetDomainInfo r;
1470         struct netr_DomainQuery1 q1;
1471         struct netr_Authenticator a;
1472         struct creds_CredentialState *creds;
1473         union netr_DomainInfo info;
1474
1475         if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS, 
1476                                     machine_credentials, &creds)) {
1477                 return false;
1478         }
1479
1480         ZERO_STRUCT(r);
1481
1482         creds_client_authenticator(creds, &a);
1483
1484         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1485         r.in.computer_name = TEST_MACHINE_NAME;
1486         r.in.level = 1;
1487         r.in.credential = &a;
1488         r.in.return_authenticator = &a;
1489         r.out.return_authenticator = &a;
1490         r.out.info = &info;
1491
1492         r.in.query.query1 = &q1;
1493         ZERO_STRUCT(q1);
1494         
1495         /* this should really be the fully qualified name */
1496         q1.workstation_domain = TEST_MACHINE_NAME;
1497         q1.workstation_site = "Default-First-Site-Name";
1498         q1.blob2.length = 0;
1499         q1.blob2.size = 0;
1500         q1.blob2.data = NULL;
1501         q1.product.string = "product string";
1502
1503         torture_comment(tctx, "Testing netr_LogonGetDomainInfo\n");
1504
1505         status = dcerpc_netr_LogonGetDomainInfo(p, tctx, &r);
1506         torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo");
1507         torture_assert(tctx, creds_client_check(creds, &a.cred), "Credential chaining failed");
1508
1509         torture_comment(tctx, "Testing netr_LogonGetDomainInfo 2nd call\n");
1510         creds_client_authenticator(creds, &a);
1511
1512         status = dcerpc_netr_LogonGetDomainInfo(p, tctx, &r);
1513         torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo");
1514         torture_assert(tctx, creds_client_check(creds, &a.cred), "Credential chaining failed");
1515
1516         return true;
1517 }
1518
1519
1520 static void async_callback(struct rpc_request *req)
1521 {
1522         int *counter = (int *)req->async.private_data;
1523         if (NT_STATUS_IS_OK(req->status)) {
1524                 (*counter)++;
1525         }
1526 }
1527
1528 static bool test_GetDomainInfo_async(struct torture_context *tctx, 
1529                                      struct dcerpc_pipe *p,
1530                                      struct cli_credentials *machine_credentials)
1531 {
1532         NTSTATUS status;
1533         struct netr_LogonGetDomainInfo r;
1534         struct netr_DomainQuery1 q1;
1535         struct netr_Authenticator a;
1536 #define ASYNC_COUNT 100
1537         struct creds_CredentialState *creds;
1538         struct creds_CredentialState *creds_async[ASYNC_COUNT];
1539         struct rpc_request *req[ASYNC_COUNT];
1540         int i;
1541         int *async_counter = talloc(tctx, int);
1542         union netr_DomainInfo info;
1543
1544         if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS, 
1545                                     machine_credentials, &creds)) {
1546                 return false;
1547         }
1548
1549         ZERO_STRUCT(r);
1550         r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1551         r.in.computer_name = TEST_MACHINE_NAME;
1552         r.in.level = 1;
1553         r.in.credential = &a;
1554         r.in.return_authenticator = &a;
1555         r.out.return_authenticator = &a;
1556         r.out.info = &info;
1557
1558         r.in.query.query1 = &q1;
1559         ZERO_STRUCT(q1);
1560         
1561         /* this should really be the fully qualified name */
1562         q1.workstation_domain = TEST_MACHINE_NAME;
1563         q1.workstation_site = "Default-First-Site-Name";
1564         q1.blob2.length = 0;
1565         q1.blob2.size = 0;
1566         q1.blob2.data = NULL;
1567         q1.product.string = "product string";
1568
1569         torture_comment(tctx, "Testing netr_LogonGetDomainInfo - async count %d\n", ASYNC_COUNT);
1570
1571         *async_counter = 0;
1572
1573         for (i=0;i<ASYNC_COUNT;i++) {
1574                 creds_client_authenticator(creds, &a);
1575
1576                 creds_async[i] = (struct creds_CredentialState *)talloc_memdup(creds, creds, sizeof(*creds));
1577                 req[i] = dcerpc_netr_LogonGetDomainInfo_send(p, tctx, &r);
1578
1579                 req[i]->async.callback = async_callback;
1580                 req[i]->async.private_data = async_counter;
1581
1582                 /* even with this flush per request a w2k3 server seems to 
1583                    clag with multiple outstanding requests. bleergh. */
1584                 torture_assert_int_equal(tctx, event_loop_once(dcerpc_event_context(p)), 0, 
1585                                          "event_loop_once failed");
1586         }
1587
1588         for (i=0;i<ASYNC_COUNT;i++) {
1589                 status = dcerpc_ndr_request_recv(req[i]);
1590
1591                 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo_async");
1592                 torture_assert_ntstatus_ok(tctx, r.out.result, "netr_LogonGetDomainInfo_async"); 
1593
1594                 torture_assert(tctx, creds_client_check(creds_async[i], &a.cred), 
1595                         "Credential chaining failed at async");
1596         }
1597
1598         torture_comment(tctx, 
1599                         "Testing netr_LogonGetDomainInfo - async count %d OK\n", *async_counter);
1600
1601         torture_assert_int_equal(tctx, (*async_counter), ASYNC_COUNT, "int");
1602
1603         return true;
1604 }
1605
1606 static bool test_ManyGetDCName(struct torture_context *tctx, 
1607                                struct dcerpc_pipe *p)
1608 {
1609         NTSTATUS status;
1610         struct dcerpc_pipe *p2;
1611         struct lsa_ObjectAttribute attr;
1612         struct lsa_QosInfo qos;
1613         struct lsa_OpenPolicy2 o;
1614         struct policy_handle lsa_handle;
1615         struct lsa_DomainList domains;
1616
1617         struct lsa_EnumTrustDom t;
1618         uint32_t resume_handle = 0;
1619         struct netr_GetAnyDCName d;
1620         const char *dcname = NULL;
1621
1622         int i;
1623
1624         if (p->conn->transport.transport != NCACN_NP) {
1625                 return true;
1626         }
1627
1628         torture_comment(tctx, "Torturing GetDCName\n");
1629
1630         status = dcerpc_secondary_connection(p, &p2, p->binding);
1631         torture_assert_ntstatus_ok(tctx, status, "Failed to create secondary connection");
1632
1633         status = dcerpc_bind_auth_none(p2, &ndr_table_lsarpc);
1634         torture_assert_ntstatus_ok(tctx, status, "Failed to create bind on secondary connection");
1635
1636         qos.len = 0;
1637         qos.impersonation_level = 2;
1638         qos.context_mode = 1;
1639         qos.effective_only = 0;
1640
1641         attr.len = 0;
1642         attr.root_dir = NULL;
1643         attr.object_name = NULL;
1644         attr.attributes = 0;
1645         attr.sec_desc = NULL;
1646         attr.sec_qos = &qos;
1647
1648         o.in.system_name = "\\";
1649         o.in.attr = &attr;
1650         o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1651         o.out.handle = &lsa_handle;
1652
1653         status = dcerpc_lsa_OpenPolicy2(p2, tctx, &o);
1654         torture_assert_ntstatus_ok(tctx, status, "OpenPolicy2 failed");
1655
1656         t.in.handle = &lsa_handle;
1657         t.in.resume_handle = &resume_handle;
1658         t.in.max_size = 1000;
1659         t.out.domains = &domains;
1660         t.out.resume_handle = &resume_handle;
1661
1662         status = dcerpc_lsa_EnumTrustDom(p2, tctx, &t);
1663
1664         if ((!NT_STATUS_IS_OK(status) &&
1665              (!NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES))))
1666                 torture_fail(tctx, "Could not list domains");
1667
1668         talloc_free(p2);
1669
1670         d.in.logon_server = talloc_asprintf(tctx, "\\\\%s",
1671                                             dcerpc_server_name(p));
1672         d.out.dcname = &dcname;
1673
1674         for (i=0; i<domains.count * 4; i++) {
1675                 struct lsa_DomainInfo *info =
1676                         &domains.domains[rand()%domains.count];
1677
1678                 d.in.domainname = info->name.string;
1679
1680                 status = dcerpc_netr_GetAnyDCName(p, tctx, &d);
1681                 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1682
1683                 torture_comment(tctx, "\tDC for domain %s is %s\n", info->name.string,
1684                        dcname ? dcname : "unknown");
1685         }
1686
1687         return true;
1688 }
1689
1690 struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx)
1691 {
1692         struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON");
1693         struct torture_rpc_tcase *tcase;
1694         struct torture_test *test;
1695
1696         tcase = torture_suite_add_machine_rpc_iface_tcase(suite, "netlogon", 
1697                                                   &ndr_table_netlogon, TEST_MACHINE_NAME);
1698
1699         torture_rpc_tcase_add_test(tcase, "LogonUasLogon", test_LogonUasLogon);
1700         torture_rpc_tcase_add_test(tcase, "LogonUasLogoff", test_LogonUasLogoff);
1701         torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
1702         torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
1703         torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
1704         torture_rpc_tcase_add_test_creds(tcase, "GetPassword", test_GetPassword);
1705         torture_rpc_tcase_add_test_creds(tcase, "GetTrustPasswords", test_GetTrustPasswords);
1706         torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo", test_GetDomainInfo);
1707         torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync", test_DatabaseSync);
1708         torture_rpc_tcase_add_test_creds(tcase, "DatabaseDeltas", test_DatabaseDeltas);
1709         torture_rpc_tcase_add_test_creds(tcase, "AccountDeltas", test_AccountDeltas);
1710         torture_rpc_tcase_add_test_creds(tcase, "AccountSync", test_AccountSync);
1711         torture_rpc_tcase_add_test(tcase, "GetDcName", test_GetDcName);
1712         torture_rpc_tcase_add_test(tcase, "ManyGetDCName", test_ManyGetDCName);
1713         torture_rpc_tcase_add_test(tcase, "LogonControl", test_LogonControl);
1714         torture_rpc_tcase_add_test(tcase, "GetAnyDCName", test_GetAnyDCName);
1715         torture_rpc_tcase_add_test(tcase, "LogonControl2", test_LogonControl2);
1716         torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync2", test_DatabaseSync2);
1717         torture_rpc_tcase_add_test(tcase, "LogonControl2Ex", test_LogonControl2Ex);
1718         torture_rpc_tcase_add_test(tcase, "DsrEnumerateDomainTrusts", test_DsrEnumerateDomainTrusts);
1719         torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
1720         torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomainsEx", test_netr_NetrEnumerateTrustedDomainsEx);
1721         test = torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo_async", test_GetDomainInfo_async);
1722         test->dangerous = true;
1723         torture_rpc_tcase_add_test(tcase, "DsRGetDCName", test_netr_DsRGetDCName);
1724         torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx", test_netr_DsRGetDCNameEx);
1725         torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx2", test_netr_DsRGetDCNameEx2);
1726         torture_rpc_tcase_add_test(tcase, "DsrGetDcSiteCoverageW", test_netr_DsrGetDcSiteCoverageW);
1727         torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesW", test_netr_DsRAddressToSitenamesW);
1728         torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesExW", test_netr_DsRAddressToSitenamesExW);
1729
1730         return suite;
1731 }