2 Unix SMB/CIFS implementation.
4 test suite for netlogon rpc operations
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003-2004
8 Copyright (C) Tim Potter 2003
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 2 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
28 #define TEST_MACHINE_NAME "torturetest"
31 struct dcerpc_pipe *p;
32 const char *machine_password;
33 struct policy_handle acct_handle;
37 join the domain as a BDC
39 static BOOL join_domain_bdc(TALLOC_CTX *mem_ctx)
42 struct samr_Connect c;
43 struct samr_CreateUser2 r;
44 struct samr_OpenDomain o;
45 struct samr_LookupDomain l;
46 struct samr_GetUserPwInfo pwp;
47 struct samr_SetUserInfo s;
48 union samr_UserInfo u;
49 struct policy_handle handle;
50 struct policy_handle domain_handle;
51 uint32_t access_granted;
54 DATA_BLOB session_key;
55 struct samr_Name name;
56 int policy_min_pw_len = 0;
58 printf("Connecting to SAMR\n");
60 status = torture_rpc_connection(&join.p,
64 if (!NT_STATUS_IS_OK(status)) {
68 c.in.system_name = NULL;
69 c.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
70 c.out.handle = &handle;
72 status = dcerpc_samr_Connect(join.p, mem_ctx, &c);
73 if (!NT_STATUS_IS_OK(status)) {
74 printf("samr_Connect failed - %s\n", nt_errstr(status));
78 printf("Opening domain %s\n", lp_workgroup());
80 name.name = lp_workgroup();
81 l.in.handle = &handle;
84 status = dcerpc_samr_LookupDomain(join.p, mem_ctx, &l);
85 if (!NT_STATUS_IS_OK(status)) {
86 printf("LookupDomain failed - %s\n", nt_errstr(status));
90 o.in.handle = &handle;
91 o.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
93 o.out.domain_handle = &domain_handle;
95 status = dcerpc_samr_OpenDomain(join.p, mem_ctx, &o);
96 if (!NT_STATUS_IS_OK(status)) {
97 printf("OpenDomain failed - %s\n", nt_errstr(status));
101 printf("Creating machine account %s\n", TEST_MACHINE_NAME);
104 name.name = talloc_asprintf(mem_ctx, "%s$", TEST_MACHINE_NAME);
105 r.in.handle = &domain_handle;
106 r.in.username = &name;
107 r.in.acct_flags = ACB_SVRTRUST;
108 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
109 r.out.acct_handle = &join.acct_handle;
110 r.out.access_granted = &access_granted;
113 status = dcerpc_samr_CreateUser2(join.p, mem_ctx, &r);
115 if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS) &&
116 test_DeleteUser_byname(join.p, mem_ctx, &domain_handle, name.name)) {
120 if (!NT_STATUS_IS_OK(status)) {
121 printf("CreateUser2 failed - %s\n", nt_errstr(status));
125 pwp.in.handle = &join.acct_handle;
127 status = dcerpc_samr_GetUserPwInfo(join.p, mem_ctx, &pwp);
128 if (NT_STATUS_IS_OK(status)) {
129 policy_min_pw_len = pwp.out.info.min_pwd_len;
132 join.machine_password = generate_random_str(mem_ctx, MAX(8, policy_min_pw_len));
134 printf("Setting machine account password '%s'\n", join.machine_password);
136 s.in.handle = &join.acct_handle;
140 encode_pw_buffer(u.info24.password.data, join.machine_password, STR_UNICODE);
141 u.info24.pw_len = strlen(join.machine_password);
143 status = dcerpc_fetch_session_key(join.p, &session_key);
144 if (!NT_STATUS_IS_OK(status)) {
145 printf("SetUserInfo level %u - no session key - %s\n",
146 s.in.level, nt_errstr(status));
150 SamOEMhashBlob(u.info24.password.data, 516, &session_key);
152 status = dcerpc_samr_SetUserInfo(join.p, mem_ctx, &s);
153 if (!NT_STATUS_IS_OK(status)) {
154 printf("SetUserInfo failed - %s\n", nt_errstr(status));
158 s.in.handle = &join.acct_handle;
162 u.info16.acct_flags = ACB_SVRTRUST;
164 printf("Resetting ACB flags\n");
166 status = dcerpc_samr_SetUserInfo(join.p, mem_ctx, &s);
167 if (!NT_STATUS_IS_OK(status)) {
168 printf("SetUserInfo failed - %s\n", nt_errstr(status));
176 leave the domain as a BDC
178 static BOOL leave_domain_bdc(TALLOC_CTX *mem_ctx)
180 struct samr_DeleteUser d;
183 d.in.handle = &join.acct_handle;
184 d.out.handle = &join.acct_handle;
186 status = dcerpc_samr_DeleteUser(join.p, mem_ctx, &d);
187 if (!NT_STATUS_IS_OK(status)) {
188 printf("Delete of machine account failed\n");
195 static BOOL test_LogonUasLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
198 struct netr_LogonUasLogon r;
200 r.in.server_name = NULL;
201 r.in.username = lp_parm_string(-1, "torture", "username");
202 r.in.workstation = TEST_MACHINE_NAME;
204 printf("Testing LogonUasLogon\n");
206 status = dcerpc_netr_LogonUasLogon(p, mem_ctx, &r);
207 if (!NT_STATUS_IS_OK(status)) {
208 printf("LogonUasLogon - %s\n", nt_errstr(status));
216 static BOOL test_LogonUasLogoff(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
219 struct netr_LogonUasLogoff r;
221 r.in.server_name = NULL;
222 r.in.username = lp_parm_string(-1, "torture", "username");
223 r.in.workstation = TEST_MACHINE_NAME;
225 printf("Testing LogonUasLogoff\n");
227 status = dcerpc_netr_LogonUasLogoff(p, mem_ctx, &r);
228 if (!NT_STATUS_IS_OK(status)) {
229 printf("LogonUasLogoff - %s\n", nt_errstr(status));
237 static BOOL test_SetupCredentials(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
238 struct creds_CredentialState *creds)
241 struct netr_ServerReqChallenge r;
242 struct netr_ServerAuthenticate a;
243 struct netr_Credential credentials1, credentials2, credentials3;
244 const char *plain_pass;
245 uint8_t mach_pwd[16];
247 printf("Testing ServerReqChallenge\n");
249 r.in.server_name = NULL;
250 r.in.computer_name = TEST_MACHINE_NAME;
251 r.in.credentials = &credentials1;
252 r.out.credentials = &credentials2;
254 generate_random_buffer(credentials1.data, sizeof(credentials1.data), False);
256 status = dcerpc_netr_ServerReqChallenge(p, mem_ctx, &r);
257 if (!NT_STATUS_IS_OK(status)) {
258 printf("ServerReqChallenge - %s\n", nt_errstr(status));
262 plain_pass = join.machine_password;
264 printf("Unable to fetch machine password!\n");
268 E_md4hash(plain_pass, mach_pwd);
270 a.in.server_name = NULL;
271 a.in.username = talloc_asprintf(mem_ctx, "%s$", TEST_MACHINE_NAME);
272 a.in.secure_channel_type = SEC_CHAN_BDC;
273 a.in.computer_name = TEST_MACHINE_NAME;
274 a.in.credentials = &credentials3;
275 a.out.credentials = &credentials3;
277 creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3);
279 printf("Testing ServerAuthenticate\n");
281 status = dcerpc_netr_ServerAuthenticate(p, mem_ctx, &a);
282 if (!NT_STATUS_IS_OK(status)) {
283 printf("ServerAuthenticate - %s\n", nt_errstr(status));
287 if (!creds_client_check(creds, &credentials3)) {
288 printf("Credential chaining failed\n");
295 static BOOL test_SetupCredentials2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
296 uint32_t negotiate_flags,
297 struct creds_CredentialState *creds)
300 struct netr_ServerReqChallenge r;
301 struct netr_ServerAuthenticate2 a;
302 struct netr_Credential credentials1, credentials2, credentials3;
303 const char *plain_pass;
304 uint8_t mach_pwd[16];
306 printf("Testing ServerReqChallenge\n");
308 r.in.server_name = NULL;
309 r.in.computer_name = TEST_MACHINE_NAME;
310 r.in.credentials = &credentials1;
311 r.out.credentials = &credentials2;
313 generate_random_buffer(credentials1.data, sizeof(credentials1.data), False);
315 status = dcerpc_netr_ServerReqChallenge(p, mem_ctx, &r);
316 if (!NT_STATUS_IS_OK(status)) {
317 printf("ServerReqChallenge - %s\n", nt_errstr(status));
321 plain_pass = join.machine_password;
323 printf("Unable to fetch machine password!\n");
327 E_md4hash(plain_pass, mach_pwd);
329 a.in.server_name = NULL;
330 a.in.username = talloc_asprintf(mem_ctx, "%s$", TEST_MACHINE_NAME);
331 a.in.secure_channel_type = SEC_CHAN_BDC;
332 a.in.computer_name = TEST_MACHINE_NAME;
333 a.in.negotiate_flags = &negotiate_flags;
334 a.out.negotiate_flags = &negotiate_flags;
335 a.in.credentials = &credentials3;
336 a.out.credentials = &credentials3;
338 creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3);
340 printf("Testing ServerAuthenticate2\n");
342 status = dcerpc_netr_ServerAuthenticate2(p, mem_ctx, &a);
343 if (!NT_STATUS_IS_OK(status)) {
344 printf("ServerAuthenticate2 - %s\n", nt_errstr(status));
348 if (!creds_client_check(creds, &credentials3)) {
349 printf("Credential chaining failed\n");
353 printf("negotiate_flags=0x%08x\n", negotiate_flags);
359 static BOOL test_SetupCredentials3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
360 uint32_t negotiate_flags,
361 struct creds_CredentialState *creds)
364 struct netr_ServerReqChallenge r;
365 struct netr_ServerAuthenticate3 a;
366 struct netr_Credential credentials1, credentials2, credentials3;
367 const char *plain_pass;
368 uint8_t mach_pwd[16];
371 printf("Testing ServerReqChallenge\n");
373 r.in.server_name = NULL;
374 r.in.computer_name = TEST_MACHINE_NAME;
375 r.in.credentials = &credentials1;
376 r.out.credentials = &credentials2;
377 generate_random_buffer(credentials1.data, sizeof(credentials1.data), False);
379 status = dcerpc_netr_ServerReqChallenge(p, mem_ctx, &r);
380 if (!NT_STATUS_IS_OK(status)) {
381 printf("ServerReqChallenge - %s\n", nt_errstr(status));
385 plain_pass = join.machine_password;
387 printf("Unable to fetch machine password!\n");
391 E_md4hash(plain_pass, mach_pwd);
393 a.in.server_name = NULL;
394 a.in.username = talloc_asprintf(mem_ctx, "%s$", TEST_MACHINE_NAME);
395 a.in.secure_channel_type = SEC_CHAN_BDC;
396 a.in.computer_name = TEST_MACHINE_NAME;
397 a.in.negotiate_flags = &negotiate_flags;
398 a.in.credentials = &credentials3;
399 a.out.credentials = &credentials3;
400 a.out.negotiate_flags = &negotiate_flags;
403 creds_client_init(creds, &credentials1, &credentials2, mach_pwd, &credentials3);
405 printf("Testing ServerAuthenticate3\n");
407 status = dcerpc_netr_ServerAuthenticate3(p, mem_ctx, &a);
408 if (!NT_STATUS_IS_OK(status)) {
409 printf("ServerAuthenticate3 - %s\n", nt_errstr(status));
413 if (!creds_client_check(creds, &credentials3)) {
414 printf("Credential chaining failed\n");
418 printf("negotiate_flags=0x%08x\n", negotiate_flags);
431 struct samlogon_state {
433 const char *username;
434 const char *password;
435 struct dcerpc_pipe *p;
436 struct netr_LogonSamLogon r;
437 struct netr_Authenticator auth, auth2;
438 struct creds_CredentialState creds;
443 Authenticate a user with a challenge/response, checking session key
444 and valid authentication types
447 static NTSTATUS check_samlogon(struct samlogon_state *samlogon_state,
448 enum ntlm_break break_which,
450 DATA_BLOB *lm_response,
451 DATA_BLOB *nt_response,
453 uint8_t user_session_key[16],
457 struct netr_LogonSamLogon *r = &samlogon_state->r;
458 int levels[] = { 2, 6 };
460 struct netr_NetworkInfo ninfo;
462 for (i=0;i<ARRAY_SIZE(levels);i++) {
463 printf("testing netr_LogonSamLogon with logon level %d\n", levels[i]);
465 samlogon_state->r.in.logon_level = levels[i];
466 samlogon_state->r.in.logon.network = &ninfo;
468 ninfo.logon_info.domain_name.string = lp_workgroup();
469 ninfo.logon_info.parameter_control = 0;
470 ninfo.logon_info.logon_id_low = 0;
471 ninfo.logon_info.logon_id_high = 0;
472 ninfo.logon_info.username.string = samlogon_state->username;
473 ninfo.logon_info.workstation.string = TEST_MACHINE_NAME;
475 memcpy(ninfo.challenge, chall->data, 8);
477 switch (break_which) {
481 if (lm_response && lm_response->data) {
482 lm_response->data[0]++;
486 if (nt_response && nt_response->data) {
487 nt_response->data[0]++;
491 data_blob_free(lm_response);
494 data_blob_free(nt_response);
499 ninfo.nt.data = nt_response->data;
500 ninfo.nt.length = nt_response->length;
502 ninfo.nt.data = NULL;
507 ninfo.lm.data = lm_response->data;
508 ninfo.lm.length = lm_response->length;
510 ninfo.lm.data = NULL;
514 ZERO_STRUCT(samlogon_state->auth2);
515 creds_client_authenticator(&samlogon_state->creds, &samlogon_state->auth);
517 r->out.authenticator = NULL;
518 status = dcerpc_netr_LogonSamLogon(samlogon_state->p, samlogon_state->mem_ctx, r);
519 if (!NT_STATUS_IS_OK(status)) {
521 *error_string = strdup(nt_errstr(status));
525 if (!r->out.authenticator ||
526 !creds_client_check(&samlogon_state->creds, &r->out.authenticator->cred)) {
527 printf("Credential chaining failed\n");
530 if (!NT_STATUS_IS_OK(status)) {
531 /* we cannot check the session key, if the logon failed... */
535 /* find and decyrpt the session keys, return in parameters above */
536 if (r->in.validation_level == 2) {
537 static const char zeros[16];
539 if (memcmp(r->out.validation.sam->LMSessKey.key, zeros,
540 sizeof(r->out.validation.sam->LMSessKey.key)) != 0) {
541 creds_arcfour_crypt(&samlogon_state->creds,
542 r->out.validation.sam->LMSessKey.key,
543 sizeof(r->out.validation.sam->LMSessKey.key));
547 memcpy(lm_key, r->out.validation.sam->LMSessKey.key, 8);
550 if (memcmp(r->out.validation.sam->key.key, zeros, sizeof(r->out.validation.sam->key.key)) != 0) {
551 creds_arcfour_crypt(&samlogon_state->creds,
552 r->out.validation.sam->key.key,
553 sizeof(r->out.validation.sam->key.key));
556 if (user_session_key) {
557 memcpy(user_session_key, r->out.validation.sam->key.key, 16);
560 } else if (r->in.validation_level == 3) {
561 static const char zeros[16];
562 if (memcmp(r->out.validation.sam2->LMSessKey.key, zeros, sizeof(r->out.validation.sam2->LMSessKey.key)) != 0) {
563 creds_arcfour_crypt(&samlogon_state->creds,
564 r->out.validation.sam2->LMSessKey.key,
565 sizeof(r->out.validation.sam2->LMSessKey.key));
569 memcpy(lm_key, r->out.validation.sam2->LMSessKey.key, 8);
572 if (memcmp(r->out.validation.sam2->key.key, zeros, sizeof(r->out.validation.sam2->key.key)) != 0) {
573 creds_arcfour_crypt(&samlogon_state->creds,
574 r->out.validation.sam2->key.key,
575 sizeof(r->out.validation.sam2->key.key));
578 if (user_session_key) {
579 memcpy(user_session_key, r->out.validation.sam2->key.key, 16);
588 * Test the normal 'LM and NTLM' combination
591 static BOOL test_lm_ntlm_broken(struct samlogon_state *samlogon_state, enum ntlm_break break_which, char **error_string)
595 DATA_BLOB lm_response = data_blob_talloc(samlogon_state->mem_ctx, NULL, 24);
596 DATA_BLOB nt_response = data_blob_talloc(samlogon_state->mem_ctx, NULL, 24);
597 DATA_BLOB session_key = data_blob_talloc(samlogon_state->mem_ctx, NULL, 16);
600 uchar user_session_key[16];
605 ZERO_STRUCT(user_session_key);
607 SMBencrypt(samlogon_state->password, samlogon_state->chall.data, lm_response.data);
608 E_deshash(samlogon_state->password, lm_hash);
610 SMBNTencrypt(samlogon_state->password, samlogon_state->chall.data, nt_response.data);
612 E_md4hash(samlogon_state->password, nt_hash);
613 SMBsesskeygen_ntv1(nt_hash, session_key.data);
615 nt_status = check_samlogon(samlogon_state,
617 &samlogon_state->chall,
624 data_blob_free(&lm_response);
626 if (!NT_STATUS_IS_OK(nt_status)) {
627 return break_which == BREAK_NT;
630 if (memcmp(lm_hash, lm_key,
631 sizeof(lm_key)) != 0) {
632 printf("LM Key does not match expectations!\n");
634 dump_data(1, (const char *)lm_key, 8);
635 printf("expected:\n");
636 dump_data(1, (const char *)lm_hash, 8);
640 if (break_which == NO_NT) {
641 char lm_key_expected[16];
642 memcpy(lm_key_expected, lm_hash, 8);
643 memset(lm_key_expected+8, '\0', 8);
644 if (memcmp(lm_key_expected, user_session_key,
646 printf("NT Session Key does not match expectations (should be first-8 LM hash)!\n");
647 printf("user_session_key:\n");
648 dump_data(1, (const char *)user_session_key, sizeof(user_session_key));
649 printf("expected:\n");
650 dump_data(1, (const char *)lm_key_expected, sizeof(lm_key_expected));
654 if (memcmp(session_key.data, user_session_key,
655 sizeof(user_session_key)) != 0) {
656 printf("NT Session Key does not match expectations!\n");
657 printf("user_session_key:\n");
658 dump_data(1, (const char *)user_session_key, 16);
659 printf("expected:\n");
660 dump_data(1, (const char *)session_key.data, session_key.length);
668 * Test LM authentication, no NT response supplied
671 static BOOL test_lm(struct samlogon_state *samlogon_state, char **error_string)
674 return test_lm_ntlm_broken(samlogon_state, NO_NT, error_string);
678 * Test the NTLM response only, no LM.
681 static BOOL test_ntlm(struct samlogon_state *samlogon_state, char **error_string)
683 return test_lm_ntlm_broken(samlogon_state, NO_LM, error_string);
687 * Test the NTLM response only, but in the LM field.
690 static BOOL test_ntlm_in_lm(struct samlogon_state *samlogon_state, char **error_string)
694 DATA_BLOB nt_response = data_blob_talloc(samlogon_state->mem_ctx, NULL, 24);
698 uchar user_session_key[16];
700 ZERO_STRUCT(user_session_key);
702 SMBNTencrypt(samlogon_state->password, samlogon_state->chall.data, nt_response.data);
704 E_deshash(samlogon_state->password, lm_hash);
706 nt_status = check_samlogon(samlogon_state,
708 &samlogon_state->chall,
715 if (!NT_STATUS_IS_OK(nt_status)) {
719 if (memcmp(lm_hash, lm_key,
720 sizeof(lm_key)) != 0) {
721 printf("LM Key does not match expectations!\n");
723 dump_data(1, (const char *)lm_key, 8);
724 printf("expected:\n");
725 dump_data(1, (const char *)lm_hash, 8);
728 if (memcmp(lm_hash, user_session_key, 8) != 0) {
729 char lm_key_expected[16];
730 memcpy(lm_key_expected, lm_hash, 8);
731 memset(lm_key_expected+8, '\0', 8);
732 if (memcmp(lm_key_expected, user_session_key,
734 printf("NT Session Key does not match expectations (should be first-8 LM hash)!\n");
735 printf("user_session_key:\n");
736 dump_data(1, (const char *)user_session_key, sizeof(user_session_key));
737 printf("expected:\n");
738 dump_data(1, (const char *)lm_key_expected, sizeof(lm_key_expected));
746 * Test the NTLM response only, but in the both the NT and LM fields.
749 static BOOL test_ntlm_in_both(struct samlogon_state *samlogon_state, char **error_string)
753 DATA_BLOB nt_response = data_blob_talloc(samlogon_state->mem_ctx, NULL, 24);
754 DATA_BLOB session_key = data_blob_talloc(samlogon_state->mem_ctx, NULL, 16);
758 char user_session_key[16];
762 ZERO_STRUCT(user_session_key);
764 SMBNTencrypt(samlogon_state->password, samlogon_state->chall.data,
766 E_md4hash(samlogon_state->password, (uint8_t *)nt_hash);
767 SMBsesskeygen_ntv1((const uint8_t *)nt_hash,
770 E_deshash(samlogon_state->password, (uint8_t *)lm_hash);
772 nt_status = check_samlogon(samlogon_state,
774 &samlogon_state->chall,
781 if (!NT_STATUS_IS_OK(nt_status)) {
785 if (memcmp(lm_hash, lm_key,
786 sizeof(lm_key)) != 0) {
787 printf("LM Key does not match expectations!\n");
789 dump_data(1, lm_key, 8);
790 printf("expected:\n");
791 dump_data(1, lm_hash, 8);
794 if (memcmp(session_key.data, user_session_key,
795 sizeof(user_session_key)) != 0) {
796 printf("NT Session Key does not match expectations!\n");
797 printf("user_session_key:\n");
798 dump_data(1, user_session_key, 16);
799 printf("expected:\n");
800 dump_data(1, (const char *)session_key.data, session_key.length);
809 * Test the NTLMv2 and LMv2 responses
812 static BOOL test_lmv2_ntlmv2_broken(struct samlogon_state *samlogon_state, enum ntlm_break break_which, char **error_string)
816 DATA_BLOB ntlmv2_response = data_blob(NULL, 0);
817 DATA_BLOB lmv2_response = data_blob(NULL, 0);
818 DATA_BLOB ntlmv2_session_key = data_blob(NULL, 0);
819 DATA_BLOB names_blob = NTLMv2_generate_names_blob(samlogon_state->mem_ctx, lp_netbios_name(), lp_workgroup());
821 uchar user_session_key[16];
823 ZERO_STRUCT(user_session_key);
825 /* TODO - test with various domain cases, and without domain */
826 if (!SMBNTLMv2encrypt(samlogon_state->username, lp_workgroup(),
827 samlogon_state->password, &samlogon_state->chall,
829 &lmv2_response, &ntlmv2_response,
830 &ntlmv2_session_key)) {
831 data_blob_free(&names_blob);
834 data_blob_free(&names_blob);
836 nt_status = check_samlogon(samlogon_state,
838 &samlogon_state->chall,
845 data_blob_free(&lmv2_response);
846 data_blob_free(&ntlmv2_response);
848 if (!NT_STATUS_IS_OK(nt_status)) {
849 return break_which == BREAK_NT;
852 if (break_which != NO_NT && break_which != BREAK_NT && memcmp(ntlmv2_session_key.data, user_session_key,
853 sizeof(user_session_key)) != 0) {
854 printf("USER (NTLMv2) Session Key does not match expectations!\n");
855 printf("user_session_key:\n");
856 dump_data(1, (const char *)user_session_key, 16);
857 printf("expected:\n");
858 dump_data(1, (const char *)ntlmv2_session_key.data, ntlmv2_session_key.length);
865 * Test the NTLMv2 and LMv2 responses
868 static BOOL test_lmv2_ntlmv2(struct samlogon_state *samlogon_state, char **error_string)
870 return test_lmv2_ntlmv2_broken(samlogon_state, BREAK_NONE, error_string);
874 * Test the LMv2 response only
877 static BOOL test_lmv2(struct samlogon_state *samlogon_state, char **error_string)
879 return test_lmv2_ntlmv2_broken(samlogon_state, NO_NT, error_string);
883 * Test the NTLMv2 response only
886 static BOOL test_ntlmv2(struct samlogon_state *samlogon_state, char **error_string)
888 return test_lmv2_ntlmv2_broken(samlogon_state, NO_LM, error_string);
891 static BOOL test_lm_ntlm(struct samlogon_state *samlogon_state, char **error_string)
893 return test_lm_ntlm_broken(samlogon_state, BREAK_NONE, error_string);
896 static BOOL test_ntlm_lm_broken(struct samlogon_state *samlogon_state, char **error_string)
898 return test_lm_ntlm_broken(samlogon_state, BREAK_LM, error_string);
901 static BOOL test_ntlm_ntlm_broken(struct samlogon_state *samlogon_state, char **error_string)
903 return test_lm_ntlm_broken(samlogon_state, BREAK_NT, error_string);
906 static BOOL test_ntlmv2_lmv2_broken(struct samlogon_state *samlogon_state, char **error_string)
908 return test_lmv2_ntlmv2_broken(samlogon_state, BREAK_LM, error_string);
911 static BOOL test_ntlmv2_ntlmv2_broken(struct samlogon_state *samlogon_state, char **error_string)
913 return test_lmv2_ntlmv2_broken(samlogon_state, BREAK_NT, error_string);
916 static BOOL test_plaintext(struct samlogon_state *samlogon_state, enum ntlm_break break_which, char **error_string)
919 DATA_BLOB nt_response = data_blob(NULL, 0);
920 DATA_BLOB lm_response = data_blob(NULL, 0);
923 smb_ucs2_t *unicodepw;
925 uchar user_session_key[16];
927 static const uchar zeros[8];
928 DATA_BLOB chall = data_blob_talloc(samlogon_state->mem_ctx, zeros, sizeof(zeros));
930 ZERO_STRUCT(user_session_key);
932 if ((push_ucs2_talloc(samlogon_state->mem_ctx, (smb_ucs2_t **)&unicodepw,
933 samlogon_state->password)) == -1) {
934 DEBUG(0, ("push_ucs2_allocate failed!\n"));
938 nt_response = data_blob_talloc(samlogon_state->mem_ctx, unicodepw,
939 strlen_w(((void *)unicodepw))*sizeof(smb_ucs2_t));
941 password = strdup_upper(samlogon_state->password);
943 if ((convert_string_talloc(samlogon_state->mem_ctx, CH_UNIX,
946 (const void**)&dospw)) == -1) {
947 DEBUG(0, ("push_ascii_allocate failed!\n"));
953 lm_response = data_blob_talloc(samlogon_state->mem_ctx, dospw, strlen(dospw));
955 nt_status = check_samlogon(samlogon_state,
964 if (!NT_STATUS_IS_OK(nt_status)) {
965 return break_which == BREAK_NT;
971 static BOOL test_plaintext_none_broken(struct samlogon_state *samlogon_state,
972 char **error_string) {
973 return test_plaintext(samlogon_state, BREAK_NONE, error_string);
976 static BOOL test_plaintext_lm_broken(struct samlogon_state *samlogon_state,
977 char **error_string) {
978 return test_plaintext(samlogon_state, BREAK_LM, error_string);
981 static BOOL test_plaintext_nt_broken(struct samlogon_state *samlogon_state,
982 char **error_string) {
983 return test_plaintext(samlogon_state, BREAK_NT, error_string);
986 static BOOL test_plaintext_nt_only(struct samlogon_state *samlogon_state,
987 char **error_string) {
988 return test_plaintext(samlogon_state, NO_LM, error_string);
991 static BOOL test_plaintext_lm_only(struct samlogon_state *samlogon_state,
992 char **error_string) {
993 return test_plaintext(samlogon_state, NO_NT, error_string);
1007 - plaintext tests (in challenge-response feilds)
1009 check we get the correct session key in each case
1010 check what values we get for the LM session key
1014 static const struct ntlm_tests {
1015 BOOL (*fn)(struct samlogon_state *, char **);
1019 {test_lm, "LM", False},
1020 {test_lm_ntlm, "LM and NTLM", False},
1021 {test_ntlm, "NTLM", False},
1022 {test_ntlm_in_lm, "NTLM in LM", False},
1023 {test_ntlm_in_both, "NTLM in both", False},
1024 {test_ntlmv2, "NTLMv2", False},
1025 {test_lmv2_ntlmv2, "NTLMv2 and LMv2", False},
1026 {test_lmv2, "LMv2", False},
1027 {test_ntlmv2_lmv2_broken, "NTLMv2 and LMv2, LMv2 broken", False},
1028 {test_ntlmv2_ntlmv2_broken, "NTLMv2 and LMv2, NTLMv2 broken", False},
1029 {test_ntlm_lm_broken, "NTLM and LM, LM broken", False},
1030 {test_ntlm_ntlm_broken, "NTLM and LM, NTLM broken", False},
1031 {test_plaintext_none_broken, "Plaintext", True},
1032 {test_plaintext_lm_broken, "Plaintext LM broken", True},
1033 {test_plaintext_nt_broken, "Plaintext NT broken", True},
1034 {test_plaintext_nt_only, "Plaintext NT only", True},
1035 {test_plaintext_lm_only, "Plaintext LM only", True},
1040 try a netlogon SamLogon
1042 static BOOL test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1047 struct samlogon_state samlogon_state;
1049 samlogon_state.mem_ctx = mem_ctx;
1050 samlogon_state.username = lp_parm_string(-1, "torture", "username");
1051 samlogon_state.password = lp_parm_string(-1, "torture", "password");
1052 samlogon_state.p = p;
1054 samlogon_state.chall = data_blob_talloc(mem_ctx, NULL, 8);
1056 generate_random_buffer(samlogon_state.chall.data,
1059 if (!test_SetupCredentials2(p, mem_ctx, NETLOGON_NEG_AUTH2_FLAGS, &samlogon_state.creds)) {
1063 if (!test_SetupCredentials3(p, mem_ctx, NETLOGON_NEG_AUTH2_FLAGS, &samlogon_state.creds)) {
1067 if (!test_SetupCredentials3(p, mem_ctx, NETLOGON_NEG_AUTH2_ADS_FLAGS, &samlogon_state.creds)) {
1071 samlogon_state.r.in.server_name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1072 samlogon_state.r.in.workstation = TEST_MACHINE_NAME;
1073 samlogon_state.r.in.credential = &samlogon_state.auth;
1074 samlogon_state.r.in.authenticator = &samlogon_state.auth2;
1076 for (i=2;i<=3;i++) {
1077 samlogon_state.r.in.validation_level = i;
1078 for (j=0; test_table[j].fn; j++) {
1079 char *error_string = NULL;
1080 printf("Testing SamLogon with '%s' at validation level %d\n", test_table[j].name, i);
1082 if (!test_table[j].fn(&samlogon_state, &error_string)) {
1083 if (test_table[j].expect_fail) {
1084 printf("Test %s failed (expected, test incomplete): %s\n", test_table[j].name, error_string);
1086 printf("Test %s failed: %s\n", test_table[j].name, error_string);
1089 SAFE_FREE(error_string);
1099 try a change password for our machine account
1101 static BOOL test_SetPassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1104 struct netr_ServerPasswordSet r;
1105 const char *password;
1106 struct creds_CredentialState creds;
1108 if (!test_SetupCredentials(p, mem_ctx, &creds)) {
1112 r.in.server_name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1113 r.in.username = talloc_asprintf(mem_ctx, "%s$", TEST_MACHINE_NAME);
1114 r.in.secure_channel_type = SEC_CHAN_BDC;
1115 r.in.computer_name = TEST_MACHINE_NAME;
1117 password = generate_random_str(mem_ctx, 8);
1118 E_md4hash(password, r.in.new_password.data);
1120 creds_des_encrypt(&creds, &r.in.new_password);
1122 printf("Testing ServerPasswordSet on machine account\n");
1123 printf("Changing machine account password to '%s'\n", password);
1125 creds_client_authenticator(&creds, &r.in.credential);
1127 status = dcerpc_netr_ServerPasswordSet(p, mem_ctx, &r);
1128 if (!NT_STATUS_IS_OK(status)) {
1129 printf("ServerPasswordSet - %s\n", nt_errstr(status));
1133 if (!creds_client_check(&creds, &r.out.return_authenticator.cred)) {
1134 printf("Credential chaining failed\n");
1137 /* by changing the machine password twice we test the
1138 credentials chaining fully, and we verify that the server
1139 allows the password to be set to the same value twice in a
1140 row (match win2k3) */
1141 printf("Testing a second ServerPasswordSet on machine account\n");
1142 printf("Changing machine account password to '%s' (same as pervsious run)\n", password);
1144 creds_client_authenticator(&creds, &r.in.credential);
1146 status = dcerpc_netr_ServerPasswordSet(p, mem_ctx, &r);
1147 if (!NT_STATUS_IS_OK(status)) {
1148 printf("ServerPasswordSet (2) - %s\n", nt_errstr(status));
1152 if (!creds_client_check(&creds, &r.out.return_authenticator.cred)) {
1153 printf("Credential chaining failed\n");
1156 join.machine_password = password;
1158 if (!test_SetupCredentials(p, mem_ctx, &creds)) {
1159 printf("ServerPasswordSet failed to actually change the password\n");
1167 /* we remember the sequence numbers so we can easily do a DatabaseDelta */
1168 static uint64_t sequence_nums[3];
1171 try a netlogon DatabaseSync
1173 static BOOL test_DatabaseSync(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1176 struct netr_DatabaseSync r;
1177 struct creds_CredentialState creds;
1178 const uint32_t database_ids[] = {0, 1, 2};
1182 if (!test_SetupCredentials(p, mem_ctx, &creds)) {
1186 r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1187 r.in.computername = TEST_MACHINE_NAME;
1188 r.in.preferredmaximumlength = (uint32_t)-1;
1189 ZERO_STRUCT(r.in.return_authenticator);
1191 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1192 r.in.sync_context = 0;
1193 r.in.database_id = database_ids[i];
1195 printf("Testing DatabaseSync of id %d\n", r.in.database_id);
1198 creds_client_authenticator(&creds, &r.in.credential);
1200 status = dcerpc_netr_DatabaseSync(p, mem_ctx, &r);
1201 if (!NT_STATUS_IS_OK(status) &&
1202 !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
1203 printf("DatabaseSync - %s\n", nt_errstr(status));
1208 if (!creds_client_check(&creds, &r.out.return_authenticator.cred)) {
1209 printf("Credential chaining failed\n");
1212 r.in.sync_context = r.out.sync_context;
1214 if (r.out.delta_enum_array &&
1215 r.out.delta_enum_array->num_deltas > 0 &&
1216 r.out.delta_enum_array->delta_enum[0].delta_type == 1 &&
1217 r.out.delta_enum_array->delta_enum[0].delta_union.domain) {
1218 sequence_nums[r.in.database_id] =
1219 r.out.delta_enum_array->delta_enum[0].delta_union.domain->sequence_num;
1220 printf("\tsequence_nums[%d]=%llu\n",
1222 sequence_nums[r.in.database_id]);
1224 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
1232 try a netlogon DatabaseDeltas
1234 static BOOL test_DatabaseDeltas(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1237 struct netr_DatabaseDeltas r;
1238 struct creds_CredentialState creds;
1239 const uint32_t database_ids[] = {0, 1, 2};
1243 if (!test_SetupCredentials(p, mem_ctx, &creds)) {
1247 r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1248 r.in.computername = TEST_MACHINE_NAME;
1249 r.in.preferredmaximumlength = (uint32_t)-1;
1250 ZERO_STRUCT(r.in.return_authenticator);
1252 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1253 r.in.database_id = database_ids[i];
1254 r.in.sequence_num = sequence_nums[r.in.database_id];
1256 if (r.in.sequence_num == 0) continue;
1258 r.in.sequence_num -= 1;
1261 printf("Testing DatabaseDeltas of id %d at %llu\n",
1262 r.in.database_id, r.in.sequence_num);
1265 creds_client_authenticator(&creds, &r.in.credential);
1267 status = dcerpc_netr_DatabaseDeltas(p, mem_ctx, &r);
1268 if (!NT_STATUS_IS_OK(status) &&
1269 !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
1270 printf("DatabaseDeltas - %s\n", nt_errstr(status));
1275 if (!creds_client_check(&creds, &r.out.return_authenticator.cred)) {
1276 printf("Credential chaining failed\n");
1279 r.in.sequence_num++;
1280 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
1288 try a netlogon AccountDeltas
1290 static BOOL test_AccountDeltas(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1293 struct netr_AccountDeltas r;
1294 struct creds_CredentialState creds;
1297 if (!test_SetupCredentials(p, mem_ctx, &creds)) {
1301 r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1302 r.in.computername = TEST_MACHINE_NAME;
1303 ZERO_STRUCT(r.in.return_authenticator);
1304 creds_client_authenticator(&creds, &r.in.credential);
1305 ZERO_STRUCT(r.in.uas);
1308 r.in.buffersize=100;
1310 printf("Testing AccountDeltas\n");
1312 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1313 status = dcerpc_netr_AccountDeltas(p, mem_ctx, &r);
1314 if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
1315 printf("AccountDeltas - %s\n", nt_errstr(status));
1323 try a netlogon AccountSync
1325 static BOOL test_AccountSync(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1328 struct netr_AccountSync r;
1329 struct creds_CredentialState creds;
1332 if (!test_SetupCredentials(p, mem_ctx, &creds)) {
1336 r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1337 r.in.computername = TEST_MACHINE_NAME;
1338 ZERO_STRUCT(r.in.return_authenticator);
1339 creds_client_authenticator(&creds, &r.in.credential);
1340 ZERO_STRUCT(r.in.recordid);
1343 r.in.buffersize=100;
1345 printf("Testing AccountSync\n");
1347 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1348 status = dcerpc_netr_AccountSync(p, mem_ctx, &r);
1349 if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
1350 printf("AccountSync - %s\n", nt_errstr(status));
1358 try a netlogon GetDcName
1360 static BOOL test_GetDcName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1363 struct netr_GetDcName r;
1365 r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1366 r.in.domainname = lp_workgroup();
1368 printf("Testing GetDcName\n");
1370 status = dcerpc_netr_GetDcName(p, mem_ctx, &r);
1371 if (!NT_STATUS_IS_OK(status)) {
1372 printf("GetDcName - %s\n", nt_errstr(status));
1376 printf("\tDC is at '%s'\n", r.out.dcname);
1382 try a netlogon LogonControl
1384 static BOOL test_LogonControl(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1387 struct netr_LogonControl r;
1391 r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1392 r.in.function_code = 1;
1397 printf("Testing LogonControl level %d\n", i);
1399 status = dcerpc_netr_LogonControl(p, mem_ctx, &r);
1400 if (!NT_STATUS_IS_OK(status)) {
1401 printf("LogonControl - %s\n", nt_errstr(status));
1411 try a netlogon GetAnyDCName
1413 static BOOL test_GetAnyDCName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1416 struct netr_GetAnyDCName r;
1418 r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1419 r.in.domainname = lp_workgroup();
1421 printf("Testing GetAnyDCName\n");
1423 status = dcerpc_netr_GetAnyDCName(p, mem_ctx, &r);
1424 if (!NT_STATUS_IS_OK(status)) {
1425 printf("GetAnyDCName - %s\n", nt_errstr(status));
1430 printf("\tDC is at '%s'\n", r.out.dcname);
1438 try a netlogon LogonControl2
1440 static BOOL test_LogonControl2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1443 struct netr_LogonControl2 r;
1447 r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1449 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
1450 r.in.data.domain = lp_workgroup();
1455 printf("Testing LogonControl2 level %d function %d\n",
1456 i, r.in.function_code);
1458 status = dcerpc_netr_LogonControl2(p, mem_ctx, &r);
1459 if (!NT_STATUS_IS_OK(status)) {
1460 printf("LogonControl - %s\n", nt_errstr(status));
1465 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
1466 r.in.data.domain = lp_workgroup();
1471 printf("Testing LogonControl2 level %d function %d\n",
1472 i, r.in.function_code);
1474 status = dcerpc_netr_LogonControl2(p, mem_ctx, &r);
1475 if (!NT_STATUS_IS_OK(status)) {
1476 printf("LogonControl - %s\n", nt_errstr(status));
1481 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
1482 r.in.data.domain = lp_workgroup();
1487 printf("Testing LogonControl2 level %d function %d\n",
1488 i, r.in.function_code);
1490 status = dcerpc_netr_LogonControl2(p, mem_ctx, &r);
1491 if (!NT_STATUS_IS_OK(status)) {
1492 printf("LogonControl - %s\n", nt_errstr(status));
1497 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
1498 r.in.data.debug_level = ~0;
1503 printf("Testing LogonControl2 level %d function %d\n",
1504 i, r.in.function_code);
1506 status = dcerpc_netr_LogonControl2(p, mem_ctx, &r);
1507 if (!NT_STATUS_IS_OK(status)) {
1508 printf("LogonControl - %s\n", nt_errstr(status));
1517 try a netlogon DatabaseSync2
1519 static BOOL test_DatabaseSync2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1522 struct netr_DatabaseSync2 r;
1523 struct creds_CredentialState creds;
1524 const uint32_t database_ids[] = {0, 1, 2};
1528 if (!test_SetupCredentials2(p, mem_ctx, NETLOGON_NEG_AUTH2_FLAGS, &creds)) {
1532 r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1533 r.in.computername = TEST_MACHINE_NAME;
1534 r.in.preferredmaximumlength = (uint32_t)-1;
1535 ZERO_STRUCT(r.in.return_authenticator);
1537 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1538 r.in.sync_context = 0;
1539 r.in.database_id = database_ids[i];
1540 r.in.restart_state = 0;
1542 printf("Testing DatabaseSync2 of id %d\n", r.in.database_id);
1545 creds_client_authenticator(&creds, &r.in.credential);
1547 status = dcerpc_netr_DatabaseSync2(p, mem_ctx, &r);
1548 if (!NT_STATUS_IS_OK(status) &&
1549 !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
1550 printf("DatabaseSync2 - %s\n", nt_errstr(status));
1555 if (!creds_client_check(&creds, &r.out.return_authenticator.cred)) {
1556 printf("Credential chaining failed\n");
1559 r.in.sync_context = r.out.sync_context;
1560 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
1568 try a netlogon LogonControl2Ex
1570 static BOOL test_LogonControl2Ex(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1573 struct netr_LogonControl2Ex r;
1577 r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1579 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
1580 r.in.data.domain = lp_workgroup();
1585 printf("Testing LogonControl2Ex level %d function %d\n",
1586 i, r.in.function_code);
1588 status = dcerpc_netr_LogonControl2Ex(p, mem_ctx, &r);
1589 if (!NT_STATUS_IS_OK(status)) {
1590 printf("LogonControl - %s\n", nt_errstr(status));
1595 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
1596 r.in.data.domain = lp_workgroup();
1601 printf("Testing LogonControl2Ex level %d function %d\n",
1602 i, r.in.function_code);
1604 status = dcerpc_netr_LogonControl2Ex(p, mem_ctx, &r);
1605 if (!NT_STATUS_IS_OK(status)) {
1606 printf("LogonControl - %s\n", nt_errstr(status));
1611 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
1612 r.in.data.domain = lp_workgroup();
1617 printf("Testing LogonControl2Ex level %d function %d\n",
1618 i, r.in.function_code);
1620 status = dcerpc_netr_LogonControl2Ex(p, mem_ctx, &r);
1621 if (!NT_STATUS_IS_OK(status)) {
1622 printf("LogonControl - %s\n", nt_errstr(status));
1627 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
1628 r.in.data.debug_level = ~0;
1633 printf("Testing LogonControl2Ex level %d function %d\n",
1634 i, r.in.function_code);
1636 status = dcerpc_netr_LogonControl2Ex(p, mem_ctx, &r);
1637 if (!NT_STATUS_IS_OK(status)) {
1638 printf("LogonControl - %s\n", nt_errstr(status));
1648 try a netlogon netr_DsrEnumerateDomainTrusts
1650 static BOOL test_DsrEnumerateDomainTrusts(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
1653 struct netr_DsrEnumerateDomainTrusts r;
1655 r.in.server_name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1656 r.in.trust_flags = 0x3f;
1658 printf("Testing netr_DsrEnumerateDomainTrusts\n");
1660 status = dcerpc_netr_DsrEnumerateDomainTrusts(p, mem_ctx, &r);
1661 if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(r.out.result)) {
1662 printf("netr_DsrEnumerateDomainTrusts - %s/%s\n",
1663 nt_errstr(status), win_errstr(r.out.result));
1672 BOOL torture_rpc_netlogon(int dummy)
1675 struct dcerpc_pipe *p;
1676 TALLOC_CTX *mem_ctx;
1679 mem_ctx = talloc_init("torture_rpc_netlogon");
1681 if (!join_domain_bdc(mem_ctx)) {
1682 printf("Failed to join as BDC\n");
1686 status = torture_rpc_connection(&p,
1687 DCERPC_NETLOGON_NAME,
1688 DCERPC_NETLOGON_UUID,
1689 DCERPC_NETLOGON_VERSION);
1690 if (!NT_STATUS_IS_OK(status)) {
1694 if (!test_LogonUasLogon(p, mem_ctx)) {
1698 if (!test_LogonUasLogoff(p, mem_ctx)) {
1702 if (!test_SetPassword(p, mem_ctx)) {
1706 if (!test_SamLogon(p, mem_ctx)) {
1710 if (!test_DatabaseSync(p, mem_ctx)) {
1714 if (!test_DatabaseDeltas(p, mem_ctx)) {
1718 if (!test_AccountDeltas(p, mem_ctx)) {
1722 if (!test_AccountSync(p, mem_ctx)) {
1726 if (!test_GetDcName(p, mem_ctx)) {
1730 if (!test_LogonControl(p, mem_ctx)) {
1734 if (!test_GetAnyDCName(p, mem_ctx)) {
1738 if (!test_LogonControl2(p, mem_ctx)) {
1742 if (!test_DatabaseSync2(p, mem_ctx)) {
1746 if (!test_LogonControl2Ex(p, mem_ctx)) {
1750 if (!test_DsrEnumerateDomainTrusts(p, mem_ctx)) {
1754 torture_rpc_close(p);
1756 if (!leave_domain_bdc(mem_ctx)) {
1757 printf("Failed to delete BDC machine account\n");