#include "libcli/auth/libcli_auth.h"
#include "lib/crypto/crypto.h"
#include "libcli/security/proto.h"
-
-static struct cli_credentials *create_anon_creds(TALLOC_CTX *mem_ctx)
-{
- struct cli_credentials *result;
-
- if (!(result = cli_credentials_init(mem_ctx))) {
- return NULL;
- }
-
- cli_credentials_set_conf(result);
- cli_credentials_set_anonymous(result);
-
- return result;
-}
+#include "param/param.h"
+#include "lib/registry/registry.h"
+#include "libcli/resolve/resolve.h"
/*
* This tests a RPC call using an invalid vuid
*/
-BOOL torture_bind_authcontext(struct torture_context *torture)
+bool torture_bind_authcontext(struct torture_context *torture)
{
TALLOC_CTX *mem_ctx;
NTSTATUS status;
- BOOL ret = False;
+ bool ret = false;
struct lsa_ObjectAttribute objectattr;
struct lsa_OpenPolicy2 openpolicy;
struct policy_handle handle;
if (mem_ctx == NULL) {
d_printf("talloc_init failed\n");
- return False;
+ return false;
}
status = smbcli_full_connection(mem_ctx, &cli,
torture_setting_string(torture, "host", NULL),
+ lp_smb_ports(torture->lp_ctx),
"IPC$", NULL, cmdline_credentials,
+ lp_resolve_context(torture->lp_ctx),
NULL);
if (!NT_STATUS_IS_OK(status)) {
d_printf("smbcli_full_connection failed: %s\n",
goto done;
}
- lsa_pipe = dcerpc_pipe_init(mem_ctx, cli->transport->socket->event.ctx);
+ lsa_pipe = dcerpc_pipe_init(mem_ctx, cli->transport->socket->event.ctx,
+ lp_iconv_convenience(torture->lp_ctx));
if (lsa_pipe == NULL) {
d_printf("dcerpc_pipe_init failed\n");
goto done;
goto done;
}
- status = dcerpc_bind_auth_none(lsa_pipe, &dcerpc_table_lsarpc);
+ status = dcerpc_bind_auth_none(lsa_pipe, &ndr_table_lsarpc);
if (!NT_STATUS_IS_OK(status)) {
d_printf("dcerpc_bind_auth_none failed: %s\n",
nt_errstr(status));
goto done;
}
- session2 = smbcli_session_init(cli->transport, mem_ctx, False);
+ session2 = smbcli_session_init(cli->transport, mem_ctx, false);
if (session2 == NULL) {
d_printf("smbcli_session_init failed\n");
goto done;
}
- if (!(anon_creds = create_anon_creds(mem_ctx))) {
+ if (!(anon_creds = cli_credentials_init_anon(mem_ctx))) {
d_printf("create_anon_creds failed\n");
goto done;
}
goto done;
}
- ret = True;
+ ret = true;
done:
talloc_free(mem_ctx);
return ret;
* Bind to lsa using a specific auth method
*/
-static BOOL bindtest(struct smbcli_state *cli,
+static bool bindtest(struct smbcli_state *cli,
struct cli_credentials *credentials,
+ struct loadparm_context *lp_ctx,
uint8_t auth_type, uint8_t auth_level)
{
TALLOC_CTX *mem_ctx;
- BOOL ret = False;
+ bool ret = false;
NTSTATUS status;
struct dcerpc_pipe *lsa_pipe;
if ((mem_ctx = talloc_init("bindtest")) == NULL) {
d_printf("talloc_init failed\n");
- return False;
+ return false;
}
lsa_pipe = dcerpc_pipe_init(mem_ctx,
- cli->transport->socket->event.ctx);
+ cli->transport->socket->event.ctx,
+ lp_iconv_convenience(lp_ctx));
if (lsa_pipe == NULL) {
d_printf("dcerpc_pipe_init failed\n");
goto done;
goto done;
}
- status = dcerpc_bind_auth(lsa_pipe, &dcerpc_table_lsarpc,
- credentials, auth_type, auth_level,
+ status = dcerpc_bind_auth(lsa_pipe, &ndr_table_lsarpc,
+ credentials, lp_ctx, auth_type, auth_level,
NULL);
if (!NT_STATUS_IS_OK(status)) {
d_printf("dcerpc_bind_auth failed: %s\n", nt_errstr(status));
goto done;
}
- ret = True;
+ ret = true;
done:
talloc_free(mem_ctx);
return ret;
* test authenticated RPC binds with the variants Samba3 does support
*/
-BOOL torture_bind_samba3(struct torture_context *torture)
+bool torture_bind_samba3(struct torture_context *torture)
{
TALLOC_CTX *mem_ctx;
NTSTATUS status;
- BOOL ret = False;
+ bool ret = false;
struct smbcli_state *cli;
mem_ctx = talloc_init("torture_bind_authcontext");
if (mem_ctx == NULL) {
d_printf("talloc_init failed\n");
- return False;
+ return false;
}
status = smbcli_full_connection(mem_ctx, &cli,
torture_setting_string(torture, "host", NULL),
+ lp_smb_ports(torture->lp_ctx),
"IPC$", NULL, cmdline_credentials,
+ lp_resolve_context(torture->lp_ctx),
NULL);
if (!NT_STATUS_IS_OK(status)) {
d_printf("smbcli_full_connection failed: %s\n",
goto done;
}
- ret = True;
+ ret = true;
- ret &= bindtest(cli, cmdline_credentials, DCERPC_AUTH_TYPE_NTLMSSP,
+ ret &= bindtest(cli, cmdline_credentials, torture->lp_ctx, DCERPC_AUTH_TYPE_NTLMSSP,
DCERPC_AUTH_LEVEL_INTEGRITY);
- ret &= bindtest(cli, cmdline_credentials, DCERPC_AUTH_TYPE_NTLMSSP,
+ ret &= bindtest(cli, cmdline_credentials, torture->lp_ctx, DCERPC_AUTH_TYPE_NTLMSSP,
DCERPC_AUTH_LEVEL_PRIVACY);
- ret &= bindtest(cli, cmdline_credentials, DCERPC_AUTH_TYPE_SPNEGO,
+ ret &= bindtest(cli, cmdline_credentials, torture->lp_ctx, DCERPC_AUTH_TYPE_SPNEGO,
DCERPC_AUTH_LEVEL_INTEGRITY);
- ret &= bindtest(cli, cmdline_credentials, DCERPC_AUTH_TYPE_SPNEGO,
+ ret &= bindtest(cli, cmdline_credentials, torture->lp_ctx, DCERPC_AUTH_TYPE_SPNEGO,
DCERPC_AUTH_LEVEL_PRIVACY);
done:
static NTSTATUS get_usr_handle(struct smbcli_state *cli,
TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx,
struct cli_credentials *admin_creds,
uint8_t auth_type,
uint8_t auth_level,
uint32_t user_rid,access_granted;
samr_pipe = dcerpc_pipe_init(mem_ctx,
- cli->transport->socket->event.ctx);
+ cli->transport->socket->event.ctx,
+ lp_iconv_convenience(lp_ctx));
if (samr_pipe == NULL) {
d_printf("dcerpc_pipe_init failed\n");
status = NT_STATUS_NO_MEMORY;
}
if (admin_creds != NULL) {
- status = dcerpc_bind_auth(samr_pipe, &dcerpc_table_samr,
- admin_creds, auth_type, auth_level,
+ status = dcerpc_bind_auth(samr_pipe, &ndr_table_samr,
+ admin_creds, lp_ctx, auth_type, auth_level,
NULL);
if (!NT_STATUS_IS_OK(status)) {
d_printf("dcerpc_bind_auth failed: %s\n",
}
} else {
/* We must have an authenticated SMB connection */
- status = dcerpc_bind_auth_none(samr_pipe, &dcerpc_table_samr);
+ status = dcerpc_bind_auth_none(samr_pipe, &ndr_table_samr);
if (!NT_STATUS_IS_OK(status)) {
d_printf("dcerpc_bind_auth_none failed: %s\n",
nt_errstr(status));
* Create a test user
*/
-static BOOL create_user(TALLOC_CTX *mem_ctx, struct smbcli_state *cli,
+static bool create_user(TALLOC_CTX *mem_ctx, struct smbcli_state *cli,
+ struct loadparm_context *lp_ctx,
struct cli_credentials *admin_creds,
const char *username, const char *password,
char **domain_name,
NTSTATUS status;
struct dcerpc_pipe *samr_pipe;
struct policy_handle *wks_handle;
- BOOL ret = False;
+ bool ret = false;
if (!(tmp_ctx = talloc_new(mem_ctx))) {
d_printf("talloc_init failed\n");
- return False;
+ return false;
}
- status = get_usr_handle(cli, tmp_ctx, admin_creds,
+ status = get_usr_handle(cli, tmp_ctx, lp_ctx, admin_creds,
DCERPC_AUTH_TYPE_NTLMSSP,
DCERPC_AUTH_LEVEL_INTEGRITY,
username, domain_name, &samr_pipe, &wks_handle,
*domain_name= talloc_steal(mem_ctx, *domain_name);
*user_sid = talloc_steal(mem_ctx, *user_sid);
- ret = True;
+ ret = true;
done:
talloc_free(tmp_ctx);
return ret;
* Delete a test user
*/
-static BOOL delete_user(struct smbcli_state *cli,
+static bool delete_user(struct smbcli_state *cli,
+ struct loadparm_context *lp_ctx,
struct cli_credentials *admin_creds,
const char *username)
{
char *dom_name;
struct dcerpc_pipe *samr_pipe;
struct policy_handle *user_handle;
- BOOL ret = False;
+ bool ret = false;
if ((mem_ctx = talloc_init("leave")) == NULL) {
d_printf("talloc_init failed\n");
- return False;
+ return false;
}
- status = get_usr_handle(cli, mem_ctx, admin_creds,
+ status = get_usr_handle(cli, mem_ctx, lp_ctx, admin_creds,
DCERPC_AUTH_TYPE_NTLMSSP,
DCERPC_AUTH_LEVEL_INTEGRITY,
username, &dom_name, &samr_pipe,
status = dcerpc_samr_DeleteUser(samr_pipe, mem_ctx, &d);
if (!NT_STATUS_IS_OK(status)) {
- d_printf("samr_DeleteUser failed\n");
+ d_printf("samr_DeleteUser failed %s\n", nt_errstr(status));
goto done;
}
}
- ret = True;
+ ret = true;
done:
talloc_free(mem_ctx);
* Do a Samba3-style join
*/
-static BOOL join3(struct smbcli_state *cli,
- BOOL use_level25,
+static bool join3(struct smbcli_state *cli,
+ struct loadparm_context *lp_ctx,
+ bool use_level25,
struct cli_credentials *admin_creds,
struct cli_credentials *wks_creds)
{
char *dom_name;
struct dcerpc_pipe *samr_pipe;
struct policy_handle *wks_handle;
- BOOL ret = False;
+ bool ret = false;
if ((mem_ctx = talloc_init("join3")) == NULL) {
d_printf("talloc_init failed\n");
- return False;
+ return false;
}
status = get_usr_handle(
- cli, mem_ctx, admin_creds,
+ cli, mem_ctx, lp_ctx, admin_creds,
DCERPC_AUTH_TYPE_NTLMSSP,
DCERPC_AUTH_LEVEL_PRIVACY,
talloc_asprintf(mem_ctx, "%s$",
}
}
- ret = True;
+ ret = true;
done:
talloc_free(mem_ctx);
* Do a ReqChallenge/Auth2 and get the wks creds
*/
-static BOOL auth2(struct smbcli_state *cli,
+static bool auth2(struct smbcli_state *cli,
struct cli_credentials *wks_cred)
{
TALLOC_CTX *mem_ctx;
struct dcerpc_pipe *net_pipe;
- BOOL result = False;
+ bool result = false;
NTSTATUS status;
struct netr_ServerReqChallenge r;
struct netr_Credential netr_cli_creds;
mem_ctx = talloc_new(NULL);
if (mem_ctx == NULL) {
d_printf("talloc_new failed\n");
- return False;
+ return false;
}
net_pipe = dcerpc_pipe_init(mem_ctx,
- cli->transport->socket->event.ctx);
+ cli->transport->socket->event.ctx,
+ lp_iconv_convenience(global_loadparm));
if (net_pipe == NULL) {
d_printf("dcerpc_pipe_init failed\n");
goto done;
goto done;
}
- status = dcerpc_bind_auth_none(net_pipe, &dcerpc_table_netlogon);
+ status = dcerpc_bind_auth_none(net_pipe, &ndr_table_netlogon);
if (!NT_STATUS_IS_OK(status)) {
d_printf("dcerpc_bind_auth_none failed: %s\n",
nt_errstr(status));
cli_credentials_set_netlogon_creds(wks_cred, creds_state);
- result = True;
+ result = true;
done:
talloc_free(mem_ctx);
* login, and change the wks password
*/
-static BOOL schan(struct smbcli_state *cli,
+static bool schan(struct smbcli_state *cli,
+ struct loadparm_context *lp_ctx,
struct cli_credentials *wks_creds,
struct cli_credentials *user_creds)
{
TALLOC_CTX *mem_ctx;
NTSTATUS status;
- BOOL ret = False;
+ bool ret = false;
struct dcerpc_pipe *net_pipe;
int i;
mem_ctx = talloc_new(NULL);
if (mem_ctx == NULL) {
d_printf("talloc_new failed\n");
- return False;
+ return false;
}
net_pipe = dcerpc_pipe_init(mem_ctx,
- cli->transport->socket->event.ctx);
+ cli->transport->socket->event.ctx,
+ lp_iconv_convenience(lp_ctx));
if (net_pipe == NULL) {
d_printf("dcerpc_pipe_init failed\n");
goto done;
#endif
#if 1
net_pipe->conn->flags |= (DCERPC_SIGN | DCERPC_SEAL);
- status = dcerpc_bind_auth(net_pipe, &dcerpc_table_netlogon,
- wks_creds, DCERPC_AUTH_TYPE_SCHANNEL,
+ status = dcerpc_bind_auth(net_pipe, &ndr_table_netlogon,
+ wks_creds, lp_ctx, DCERPC_AUTH_TYPE_SCHANNEL,
DCERPC_AUTH_LEVEL_PRIVACY,
NULL);
#else
- status = dcerpc_bind_auth_none(net_pipe, &dcerpc_table_netlogon);
+ status = dcerpc_bind_auth_none(net_pipe, &ndr_table_netlogon);
#endif
if (!NT_STATUS_IS_OK(status)) {
d_printf("schannel bind failed: %s\n", nt_errstr(status));
CRED_SPECIFIED);
}
- ret = True;
+ ret = true;
done:
talloc_free(mem_ctx);
return ret;
* Delete the wks account again
*/
-static BOOL leave(struct smbcli_state *cli,
+static bool leave(struct smbcli_state *cli,
+ struct loadparm_context *lp_ctx,
struct cli_credentials *admin_creds,
struct cli_credentials *wks_creds)
{
char *wks_name = talloc_asprintf(
NULL, "%s$", cli_credentials_get_workstation(wks_creds));
- BOOL ret;
+ bool ret;
- ret = delete_user(cli, admin_creds, wks_name);
+ ret = delete_user(cli, lp_ctx, admin_creds, wks_name);
talloc_free(wks_name);
return ret;
}
* Test the Samba3 DC code a bit. Join, do some schan netlogon ops, leave
*/
-BOOL torture_netlogon_samba3(struct torture_context *torture)
+bool torture_netlogon_samba3(struct torture_context *torture)
{
TALLOC_CTX *mem_ctx;
NTSTATUS status;
- BOOL ret = False;
+ bool ret = false;
struct smbcli_state *cli;
struct cli_credentials *anon_creds;
struct cli_credentials *wks_creds;
if (mem_ctx == NULL) {
d_printf("talloc_init failed\n");
- return False;
+ return false;
}
- if (!(anon_creds = create_anon_creds(mem_ctx))) {
+ if (!(anon_creds = cli_credentials_init_anon(mem_ctx))) {
d_printf("create_anon_creds failed\n");
goto done;
}
status = smbcli_full_connection(mem_ctx, &cli,
torture_setting_string(torture, "host", NULL),
- "IPC$", NULL, anon_creds, NULL);
+ lp_smb_ports(torture->lp_ctx),
+ "IPC$", NULL, anon_creds,
+ lp_resolve_context(torture->lp_ctx),
+ NULL);
if (!NT_STATUS_IS_OK(status)) {
d_printf("smbcli_full_connection failed: %s\n",
nt_errstr(status));
goto done;
}
- cli_credentials_set_conf(wks_creds);
+ cli_credentials_set_conf(wks_creds, torture->lp_ctx);
cli_credentials_set_secure_channel_type(wks_creds, SEC_CHAN_WKSTA);
cli_credentials_set_username(wks_creds, wks_name, CRED_SPECIFIED);
cli_credentials_set_workstation(wks_creds, wks_name, CRED_SPECIFIED);
generate_random_str(wks_creds, 8),
CRED_SPECIFIED);
- if (!join3(cli, False, cmdline_credentials, wks_creds)) {
+ if (!join3(cli, torture->lp_ctx, false, cmdline_credentials, wks_creds)) {
d_printf("join failed\n");
goto done;
}
}
for (j=0; j<2; j++) {
- if (!schan(cli, wks_creds, cmdline_credentials)) {
+ if (!schan(cli, torture->lp_ctx, wks_creds, cmdline_credentials)) {
d_printf("schan failed\n");
goto done;
}
}
}
- if (!leave(cli, cmdline_credentials, wks_creds)) {
+ if (!leave(cli, torture->lp_ctx, cmdline_credentials, wks_creds)) {
d_printf("leave failed\n");
goto done;
}
- ret = True;
+ ret = true;
done:
talloc_free(mem_ctx);
* credentials
*/
-static BOOL test_join3(TALLOC_CTX *mem_ctx,
- BOOL use_level25,
+static bool test_join3(struct torture_context *tctx,
+ bool use_level25,
struct cli_credentials *smb_creds,
struct cli_credentials *samr_creds,
const char *wks_name)
{
NTSTATUS status;
- BOOL ret = False;
+ bool ret = false;
struct smbcli_state *cli;
struct cli_credentials *wks_creds;
- status = smbcli_full_connection(mem_ctx, &cli,
- lp_parm_string(-1, "torture", "host"),
- "IPC$", NULL, smb_creds, NULL);
+ status = smbcli_full_connection(tctx, &cli,
+ torture_setting_string(tctx, "host", NULL),
+ lp_smb_ports(tctx->lp_ctx),
+ "IPC$", NULL, smb_creds,
+ lp_resolve_context(tctx->lp_ctx),
+ NULL);
if (!NT_STATUS_IS_OK(status)) {
d_printf("smbcli_full_connection failed: %s\n",
nt_errstr(status));
goto done;
}
- cli_credentials_set_conf(wks_creds);
+ cli_credentials_set_conf(wks_creds, tctx->lp_ctx);
cli_credentials_set_secure_channel_type(wks_creds, SEC_CHAN_WKSTA);
cli_credentials_set_username(wks_creds, wks_name, CRED_SPECIFIED);
cli_credentials_set_workstation(wks_creds, wks_name, CRED_SPECIFIED);
generate_random_str(wks_creds, 8),
CRED_SPECIFIED);
- if (!join3(cli, use_level25, samr_creds, wks_creds)) {
+ if (!join3(cli, tctx->lp_ctx, use_level25, samr_creds, wks_creds)) {
d_printf("join failed\n");
goto done;
}
goto done;
}
- if (!leave(cli, samr_creds, wks_creds)) {
+ if (!leave(cli, tctx->lp_ctx, samr_creds, wks_creds)) {
d_printf("leave failed\n");
goto done;
}
talloc_free(cli);
- ret = True;
+ ret = true;
done:
return ret;
* session key in the setpassword routine. Test the join by doing the auth2.
*/
-BOOL torture_samba3_sessionkey(struct torture_context *torture)
+bool torture_samba3_sessionkey(struct torture_context *torture)
{
- TALLOC_CTX *mem_ctx;
- BOOL ret = False;
+ bool ret = false;
struct cli_credentials *anon_creds;
const char *wks_name;
wks_name = torture_setting_string(torture, "wksname", get_myname());
- mem_ctx = talloc_init("torture_samba3_sessionkey");
-
- if (mem_ctx == NULL) {
- d_printf("talloc_init failed\n");
- return False;
- }
-
- if (!(anon_creds = create_anon_creds(mem_ctx))) {
+ if (!(anon_creds = cli_credentials_init_anon(torture))) {
d_printf("create_anon_creds failed\n");
goto done;
}
- ret = True;
+ ret = true;
- if (!torture_setting_bool(torture, "samba3", False)) {
+ if (!torture_setting_bool(torture, "samba3", false)) {
/* Samba3 in the build farm right now does this happily. Need
* to fix :-) */
- if (test_join3(mem_ctx, False, anon_creds, NULL, wks_name)) {
+ if (test_join3(torture, false, anon_creds, NULL, wks_name)) {
d_printf("join using anonymous bind on an anonymous smb "
"connection succeeded -- HUH??\n");
- ret = False;
+ ret = false;
}
}
- if (!test_join3(mem_ctx, False, anon_creds, cmdline_credentials,
+ if (!test_join3(torture, false, anon_creds, cmdline_credentials,
wks_name)) {
d_printf("join using ntlmssp bind on an anonymous smb "
"connection failed\n");
- ret = False;
+ ret = false;
}
- if (!test_join3(mem_ctx, False, cmdline_credentials, NULL, wks_name)) {
+ if (!test_join3(torture, false, cmdline_credentials, NULL, wks_name)) {
d_printf("join using anonymous bind on an authenticated smb "
"connection failed\n");
- ret = False;
+ ret = false;
}
- if (!test_join3(mem_ctx, False, cmdline_credentials,
+ if (!test_join3(torture, false, cmdline_credentials,
cmdline_credentials,
wks_name)) {
d_printf("join using ntlmssp bind on an authenticated smb "
"connection failed\n");
- ret = False;
+ ret = false;
}
/*
* The following two are tests for setuserinfolevel 25
*/
- if (!test_join3(mem_ctx, True, anon_creds, cmdline_credentials,
+ if (!test_join3(torture, true, anon_creds, cmdline_credentials,
wks_name)) {
d_printf("join using ntlmssp bind on an anonymous smb "
"connection failed\n");
- ret = False;
+ ret = false;
}
- if (!test_join3(mem_ctx, True, cmdline_credentials, NULL, wks_name)) {
+ if (!test_join3(torture, true, cmdline_credentials, NULL, wks_name)) {
d_printf("join using anonymous bind on an authenticated smb "
"connection failed\n");
- ret = False;
+ ret = false;
}
done:
static NTSTATUS pipe_bind_smb(TALLOC_CTX *mem_ctx,
struct smbcli_tree *tree,
const char *pipe_name,
- const struct dcerpc_interface_table *iface,
+ const struct ndr_interface_table *iface,
struct dcerpc_pipe **p)
{
struct dcerpc_pipe *result;
NTSTATUS status;
if (!(result = dcerpc_pipe_init(
- mem_ctx, tree->session->transport->socket->event.ctx))) {
+ mem_ctx, tree->session->transport->socket->event.ctx,
+ lp_iconv_convenience(global_loadparm)))) {
return NT_STATUS_NO_MEMORY;
}
struct dom_sid *result;
status = pipe_bind_smb(mem_ctx, tree, "\\pipe\\lsarpc",
- &dcerpc_table_lsarpc, &lsa);
+ &ndr_table_lsarpc, &lsa);
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) Could not bind to LSA: %s\n",
__location__, nt_errstr(status));
return result;
}
+static int destroy_tree(struct smbcli_tree *tree)
+{
+ smb_tree_disconnect(tree);
+ return 0;
+}
+
/*
* Do a tcon, given a session
*/
return NT_STATUS_NO_MEMORY;
}
- if (!(result = smbcli_tree_init(session, mem_ctx, False))) {
+ if (!(result = smbcli_tree_init(session, mem_ctx, false))) {
talloc_free(tmp_ctx);
return NT_STATUS_NO_MEMORY;
}
result->tid = tcon.tconx.out.tid;
result = talloc_steal(mem_ctx, result);
+ talloc_set_destructor(result, destroy_tree);
talloc_free(tmp_ctx);
*res = result;
return NT_STATUS_OK;
* Test the getusername behaviour
*/
-BOOL torture_samba3_rpc_getusername(struct torture_context *torture)
+bool torture_samba3_rpc_getusername(struct torture_context *torture)
{
NTSTATUS status;
struct smbcli_state *cli;
TALLOC_CTX *mem_ctx;
- BOOL ret = True;
+ bool ret = true;
struct dom_sid *user_sid;
struct dom_sid *created_sid;
struct cli_credentials *anon_creds;
char *domain_name;
if (!(mem_ctx = talloc_new(torture))) {
- return False;
+ return false;
}
status = smbcli_full_connection(
mem_ctx, &cli, torture_setting_string(torture, "host", NULL),
- "IPC$", NULL, cmdline_credentials, NULL);
+ lp_smb_ports(torture->lp_ctx),
+ "IPC$", NULL, cmdline_credentials,
+ lp_resolve_context(torture->lp_ctx),
+ NULL);
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) smbcli_full_connection failed: %s\n",
__location__, nt_errstr(status));
- ret = False;
+ ret = false;
goto done;
}
if (!(user_sid = whoami(mem_ctx, cli->tree))) {
d_printf("(%s) whoami on auth'ed connection failed\n",
__location__);
- ret = False;
+ ret = false;
}
talloc_free(cli);
- if (!(anon_creds = create_anon_creds(mem_ctx))) {
+ if (!(anon_creds = cli_credentials_init_anon(mem_ctx))) {
d_printf("(%s) create_anon_creds failed\n", __location__);
- ret = False;
+ ret = false;
goto done;
}
status = smbcli_full_connection(
mem_ctx, &cli, torture_setting_string(torture, "host", NULL),
- "IPC$", NULL, anon_creds, NULL);
+ lp_smb_ports(torture->lp_ctx),
+ "IPC$", NULL, anon_creds,
+ lp_resolve_context(torture->lp_ctx),
+ NULL);
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) anon smbcli_full_connection failed: %s\n",
__location__, nt_errstr(status));
- ret = False;
+ ret = false;
goto done;
}
if (!(user_sid = whoami(mem_ctx, cli->tree))) {
d_printf("(%s) whoami on anon connection failed\n",
__location__);
- ret = False;
+ ret = false;
goto done;
}
d_printf("(%s) Anon lsa_GetUserName returned %s, expected "
"S-1-5-7", __location__,
dom_sid_string(mem_ctx, user_sid));
- ret = False;
+ ret = false;
}
if (!(user_creds = cli_credentials_init(mem_ctx))) {
d_printf("(%s) cli_credentials_init failed\n", __location__);
- ret = False;
+ ret = false;
goto done;
}
- cli_credentials_set_conf(user_creds);
+ cli_credentials_set_conf(user_creds, torture->lp_ctx);
cli_credentials_set_username(user_creds, "torture_username",
CRED_SPECIFIED);
cli_credentials_set_password(user_creds,
generate_random_str(user_creds, 8),
CRED_SPECIFIED);
- if (!create_user(mem_ctx, cli, cmdline_credentials,
+ if (!create_user(mem_ctx, cli, torture->lp_ctx, cmdline_credentials,
cli_credentials_get_username(user_creds),
cli_credentials_get_password(user_creds),
&domain_name, &created_sid)) {
d_printf("(%s) create_user failed\n", __location__);
- ret = False;
+ ret = false;
goto done;
}
struct smb_composite_sesssetup setup;
struct smbcli_tree *tree;
- session2 = smbcli_session_init(cli->transport, mem_ctx, False);
+ session2 = smbcli_session_init(cli->transport, mem_ctx, false);
if (session2 == NULL) {
d_printf("(%s) smbcli_session_init failed\n",
__location__);
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) session setup with new user failed: "
"%s\n", __location__, nt_errstr(status));
- ret = False;
+ ret = false;
goto done;
}
session2->vuid = setup.out.vuid;
"IPC$", &tree))) {
d_printf("(%s) secondary_tcon failed\n",
__location__);
- ret = False;
+ ret = false;
goto done;
}
if (!(user_sid = whoami(mem_ctx, tree))) {
d_printf("(%s) whoami on user connection failed\n",
__location__);
- ret = False;
+ ret = false;
goto delete;
}
dom_sid_string(mem_ctx, user_sid));
if (!dom_sid_equal(created_sid, user_sid)) {
- ret = False;
+ ret = false;
}
delete:
- if (!delete_user(cli, cmdline_credentials,
+ if (!delete_user(cli, torture->lp_ctx,
+ cmdline_credentials,
cli_credentials_get_username(user_creds))) {
d_printf("(%s) delete_user failed\n", __location__);
- ret = False;
+ ret = false;
}
done:
return ret;
}
-static BOOL test_NetShareGetInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+static bool test_NetShareGetInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
const char *sharename)
{
NTSTATUS status;
struct srvsvc_NetShareGetInfo r;
uint32_t levels[] = { 0, 1, 2, 501, 502, 1004, 1005, 1006, 1007, 1501 };
int i;
- BOOL ret = True;
+ bool ret = true;
r.in.server_unc = talloc_asprintf(mem_ctx, "\\\\%s",
dcerpc_server_name(p));
printf("NetShareGetInfo level %u on share '%s' failed"
" - %s\n", r.in.level, r.in.share_name,
nt_errstr(status));
- ret = False;
+ ret = false;
continue;
}
if (!W_ERROR_IS_OK(r.out.result)) {
printf("NetShareGetInfo level %u on share '%s' failed "
"- %s\n", r.in.level, r.in.share_name,
win_errstr(r.out.result));
- ret = False;
+ ret = false;
continue;
}
}
return ret;
}
-static BOOL test_NetShareEnum(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+static bool test_NetShareEnum(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
const char **one_sharename)
{
NTSTATUS status;
struct srvsvc_NetShareCtr0 c0;
uint32_t levels[] = { 0, 1, 2, 501, 502, 1004, 1005, 1006, 1007 };
int i;
- BOOL ret = True;
+ bool ret = true;
r.in.server_unc = talloc_asprintf(mem_ctx,"\\\\%s",dcerpc_server_name(p));
r.in.ctr.ctr0 = &c0;
if (!NT_STATUS_IS_OK(status)) {
printf("NetShareEnum level %u failed - %s\n",
r.in.level, nt_errstr(status));
- ret = False;
+ ret = false;
continue;
}
if (!W_ERROR_IS_OK(r.out.result)) {
return ret;
}
-BOOL torture_samba3_rpc_srvsvc(struct torture_context *torture)
+bool torture_samba3_rpc_srvsvc(struct torture_context *torture)
{
struct dcerpc_pipe *p;
TALLOC_CTX *mem_ctx;
- BOOL ret = True;
+ bool ret = true;
const char *sharename = NULL;
struct smbcli_state *cli;
NTSTATUS status;
if (!(mem_ctx = talloc_new(torture))) {
- return False;
+ return false;
}
if (!(torture_open_connection_share(
- mem_ctx, &cli, torture_setting_string(torture, "host", NULL),
+ mem_ctx, &cli, torture, torture_setting_string(torture, "host", NULL),
"IPC$", NULL))) {
talloc_free(mem_ctx);
- return False;
+ return false;
}
status = pipe_bind_smb(mem_ctx, cli->tree, "\\pipe\\srvsvc",
- &dcerpc_table_srvsvc, &p);
+ &ndr_table_srvsvc, &p);
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) could not bind to srvsvc pipe: %s\n",
__location__, nt_errstr(status));
- ret = False;
+ ret = false;
goto done;
}
return ret;
}
+/*
+ * Do a ReqChallenge/Auth2 with a random wks name, make sure it returns
+ * NT_STATUS_NO_SAM_ACCOUNT
+ */
+
+bool torture_samba3_rpc_randomauth2(struct torture_context *torture)
+{
+ TALLOC_CTX *mem_ctx;
+ struct dcerpc_pipe *net_pipe;
+ char *wksname;
+ bool result = false;
+ NTSTATUS status;
+ struct netr_ServerReqChallenge r;
+ struct netr_Credential netr_cli_creds;
+ struct netr_Credential netr_srv_creds;
+ uint32_t negotiate_flags;
+ struct netr_ServerAuthenticate2 a;
+ struct creds_CredentialState *creds_state;
+ struct netr_Credential netr_cred;
+ struct samr_Password mach_pw;
+ struct smbcli_state *cli;
+
+ if (!(mem_ctx = talloc_new(torture))) {
+ d_printf("talloc_new failed\n");
+ return false;
+ }
+
+ if (!(wksname = generate_random_str_list(
+ mem_ctx, 14, "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"))) {
+ d_printf("generate_random_str_list failed\n");
+ goto done;
+ }
+
+ if (!(torture_open_connection_share(
+ mem_ctx, &cli,
+ torture, torture_setting_string(torture, "host", NULL),
+ "IPC$", NULL))) {
+ d_printf("IPC$ connection failed\n");
+ goto done;
+ }
+
+ if (!(net_pipe = dcerpc_pipe_init(
+ mem_ctx, cli->transport->socket->event.ctx,
+ lp_iconv_convenience(torture->lp_ctx)))) {
+ d_printf("dcerpc_pipe_init failed\n");
+ goto done;
+ }
+
+ status = dcerpc_pipe_open_smb(net_pipe, cli->tree, "\\netlogon");
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("dcerpc_pipe_open_smb failed: %s\n",
+ nt_errstr(status));
+ goto done;
+ }
+
+ status = dcerpc_bind_auth_none(net_pipe, &ndr_table_netlogon);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("dcerpc_bind_auth_none failed: %s\n",
+ nt_errstr(status));
+ goto done;
+ }
+
+ r.in.computer_name = wksname;
+ r.in.server_name = talloc_asprintf(
+ mem_ctx, "\\\\%s", dcerpc_server_name(net_pipe));
+ if (r.in.server_name == NULL) {
+ d_printf("talloc_asprintf failed\n");
+ goto done;
+ }
+ generate_random_buffer(netr_cli_creds.data,
+ sizeof(netr_cli_creds.data));
+ r.in.credentials = &netr_cli_creds;
+ r.out.credentials = &netr_srv_creds;
+
+ status = dcerpc_netr_ServerReqChallenge(net_pipe, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("netr_ServerReqChallenge failed: %s\n",
+ nt_errstr(status));
+ goto done;
+ }
+
+ negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS;
+ E_md4hash("foobar", mach_pw.hash);
+
+ creds_state = talloc(mem_ctx, struct creds_CredentialState);
+ creds_client_init(creds_state, r.in.credentials,
+ r.out.credentials, &mach_pw,
+ &netr_cred, negotiate_flags);
+
+ a.in.server_name = talloc_asprintf(
+ mem_ctx, "\\\\%s", dcerpc_server_name(net_pipe));
+ a.in.account_name = talloc_asprintf(
+ mem_ctx, "%s$", wksname);
+ a.in.computer_name = wksname;
+ a.in.secure_channel_type = SEC_CHAN_WKSTA;
+ a.in.negotiate_flags = &negotiate_flags;
+ a.out.negotiate_flags = &negotiate_flags;
+ a.in.credentials = &netr_cred;
+ a.out.credentials = &netr_cred;
+
+ status = dcerpc_netr_ServerAuthenticate2(net_pipe, mem_ctx, &a);
+
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_NO_TRUST_SAM_ACCOUNT)) {
+ d_printf("dcerpc_netr_ServerAuthenticate2 returned %s, "
+ "expected NT_STATUS_NO_TRUST_SAM_ACCOUNT\n",
+ nt_errstr(status));
+ goto done;
+ }
+
+ result = true;
+ done:
+ talloc_free(mem_ctx);
+ return result;
+}
+
static struct security_descriptor *get_sharesec(TALLOC_CTX *mem_ctx,
struct smbcli_session *sess,
const char *sharename)
}
status = pipe_bind_smb(mem_ctx, tree, "\\pipe\\srvsvc",
- &dcerpc_table_srvsvc, &p);
+ &ndr_table_srvsvc, &p);
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) could not bind to srvsvc pipe: %s\n",
__location__, nt_errstr(status));
}
status = pipe_bind_smb(mem_ctx, tree, "\\pipe\\srvsvc",
- &dcerpc_table_srvsvc, &p);
+ &ndr_table_srvsvc, &p);
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) could not bind to srvsvc pipe: %s\n",
__location__, nt_errstr(status));
return status;
}
-BOOL try_tcon(TALLOC_CTX *mem_ctx,
+bool try_tcon(TALLOC_CTX *mem_ctx,
struct security_descriptor *orig_sd,
struct smbcli_session *session,
const char *sharename, const struct dom_sid *user_sid,
uint32_t rid;
struct security_descriptor *sd;
NTSTATUS status;
- BOOL ret = True;
+ bool ret = true;
if (!(tmp_ctx = talloc_new(mem_ctx))) {
d_printf("talloc_new failed\n");
- return False;
+ return false;
}
status = secondary_tcon(tmp_ctx, session, sharename, &rmdir_tree);
if (!NT_STATUS_IS_OK(status)) {
d_printf("first tcon to delete dir failed\n");
talloc_free(tmp_ctx);
- return False;
+ return false;
}
smbcli_rmdir(rmdir_tree, "sharesec_testdir");
&domain_sid, &rid))) {
d_printf("dom_sid_split_rid failed\n");
talloc_free(tmp_ctx);
- return False;
+ return false;
}
- sd = security_descriptor_create(
- tmp_ctx, "S-1-5-32-544",
+ sd = security_descriptor_dacl_create(
+ tmp_ctx, 0, "S-1-5-32-544",
dom_sid_string(mem_ctx, dom_sid_add_rid(mem_ctx, domain_sid,
DOMAIN_RID_USERS)),
dom_sid_string(mem_ctx, user_sid),
SEC_ACE_TYPE_ACCESS_ALLOWED, access_mask, 0, NULL);
if (sd == NULL) {
- d_printf("security_descriptor_create failed\n");
+ d_printf("security_descriptor_dacl_create failed\n");
talloc_free(tmp_ctx);
- return False;
+ return false;
}
status = set_sharesec(mem_ctx, session, sharename, sd);
d_printf("custom set_sharesec failed: %s\n",
nt_errstr(status));
talloc_free(tmp_ctx);
- return False;
+ return false;
}
status = secondary_tcon(tmp_ctx, session, sharename, &tree);
if (!NT_STATUS_EQUAL(status, expected_tcon)) {
d_printf("Expected %s, got %s\n", nt_errstr(expected_tcon),
nt_errstr(status));
- ret = False;
+ ret = false;
goto done;
}
if (!NT_STATUS_EQUAL(status, expected_mkdir)) {
d_printf("(%s) Expected %s, got %s\n", __location__,
nt_errstr(expected_mkdir), nt_errstr(status));
- ret = False;
+ ret = false;
}
done:
d_printf("custom set_sharesec failed: %s\n",
nt_errstr(status));
talloc_free(tmp_ctx);
- return False;
+ return false;
}
talloc_free(tmp_ctx);
return ret;
}
-BOOL torture_samba3_rpc_sharesec(struct torture_context *torture)
+bool torture_samba3_rpc_sharesec(struct torture_context *torture)
{
TALLOC_CTX *mem_ctx;
- BOOL ret = True;
+ bool ret = true;
struct smbcli_state *cli;
struct security_descriptor *sd;
struct dom_sid *user_sid;
if (!(mem_ctx = talloc_new(torture))) {
- return False;
+ return false;
}
if (!(torture_open_connection_share(
- mem_ctx, &cli, torture_setting_string(torture, "host", NULL),
+ mem_ctx, &cli, torture, torture_setting_string(torture, "host", NULL),
"IPC$", NULL))) {
d_printf("IPC$ connection failed\n");
talloc_free(mem_ctx);
- return False;
+ return false;
}
if (!(user_sid = whoami(mem_ctx, cli->tree))) {
d_printf("whoami failed\n");
talloc_free(mem_ctx);
- return False;
+ return false;
}
sd = get_sharesec(mem_ctx, cli->session, torture_setting_string(torture,
return ret;
}
-BOOL torture_samba3_rpc_lsa(struct torture_context *torture)
+bool torture_samba3_rpc_lsa(struct torture_context *torture)
{
TALLOC_CTX *mem_ctx;
- BOOL ret = True;
+ bool ret = true;
struct smbcli_state *cli;
struct dcerpc_pipe *p;
struct policy_handle lsa_handle;
struct dom_sid *domain_sid;
if (!(mem_ctx = talloc_new(torture))) {
- return False;
+ return false;
}
if (!(torture_open_connection_share(
- mem_ctx, &cli, torture_setting_string(torture, "host", NULL),
+ mem_ctx, &cli, torture, torture_setting_string(torture, "host", NULL),
"IPC$", NULL))) {
d_printf("IPC$ connection failed\n");
talloc_free(mem_ctx);
- return False;
+ return false;
}
status = pipe_bind_smb(mem_ctx, cli->tree, "\\lsarpc",
- &dcerpc_table_lsarpc, &p);
+ &ndr_table_lsarpc, &p);
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) pipe_bind_smb failed: %s\n", __location__,
nt_errstr(status));
talloc_free(mem_ctx);
- return False;
+ return false;
}
{
d_printf("(%s) dcerpc_lsa_OpenPolicy2 failed: %s\n",
__location__, nt_errstr(status));
talloc_free(mem_ctx);
- return False;
+ return false;
}
}
"failed: %s\n", __location__,
levels[i], nt_errstr(status));
talloc_free(mem_ctx);
- return False;
+ return false;
}
if (levels[i] == 5) {
domain_sid = r.out.info->account_domain.sid;
memcpy(servername, r.out.info.info0.name, 16);
servername[16] = '\0';
- if (pull_ascii_talloc(mem_ctx, name, servername) < 0) {
+ if (pull_ascii_talloc(mem_ctx, lp_iconv_convenience(global_loadparm),
+ name, servername) < 0) {
return NT_STATUS_NO_MEMORY;
}
return NT_STATUS_NO_MEMORY;
}
- status = pipe_bind_smb(mem_ctx, tree, "\\srvsvc", &dcerpc_table_srvsvc,
+ status = pipe_bind_smb(mem_ctx, tree, "\\srvsvc", &ndr_table_srvsvc,
&p);
if (!NT_STATUS_IS_OK(status)) {
d_printf("could not bind to srvsvc pipe\n");
return NT_STATUS_OK;
}
-static BOOL enumprinters(TALLOC_CTX *mem_ctx, struct dcerpc_pipe *pipe,
+static bool enumprinters(TALLOC_CTX *mem_ctx, struct dcerpc_pipe *pipe,
const char *servername, int level, int *num_printers)
{
struct spoolss_EnumPrinters r;
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) dcerpc_spoolss_EnumPrinters failed: %s\n",
__location__, nt_errstr(status));
- return False;
+ return false;
}
if (!W_ERROR_EQUAL(r.out.result, WERR_INSUFFICIENT_BUFFER)) {
d_printf("(%s) EnumPrinters unexpected return code %s, should "
"be WERR_INSUFFICIENT_BUFFER\n", __location__,
win_errstr(r.out.result));
- return False;
+ return false;
}
blob = data_blob_talloc_zero(mem_ctx, r.out.needed);
if (blob.data == NULL) {
d_printf("(%s) data_blob_talloc failed\n", __location__);
- return False;
+ return false;
}
r.in.buffer = &blob;
d_printf("(%s) dcerpc_spoolss_EnumPrinters failed: %s, "
"%s\n", __location__, nt_errstr(status),
win_errstr(r.out.result));
- return False;
+ return false;
}
*num_printers = r.out.count;
- return True;
+ return true;
}
static NTSTATUS getprinterinfo(TALLOC_CTX *ctx, struct dcerpc_pipe *pipe,
return NT_STATUS_OK;
}
-BOOL torture_samba3_rpc_spoolss(struct torture_context *torture)
+bool torture_samba3_rpc_spoolss(struct torture_context *torture)
{
TALLOC_CTX *mem_ctx;
- BOOL ret = True;
+ bool ret = true;
struct smbcli_state *cli;
struct dcerpc_pipe *p;
NTSTATUS status;
char *servername;
if (!(mem_ctx = talloc_new(torture))) {
- return False;
+ return false;
}
if (!(torture_open_connection_share(
- mem_ctx, &cli, torture_setting_string(torture, "host", NULL),
+ mem_ctx, &cli, torture, torture_setting_string(torture, "host", NULL),
"IPC$", NULL))) {
d_printf("IPC$ connection failed\n");
talloc_free(mem_ctx);
- return False;
+ return false;
}
status = get_servername(mem_ctx, cli->tree, &servername);
d_fprintf(stderr, "(%s) get_servername returned %s\n",
__location__, nt_errstr(status));
talloc_free(mem_ctx);
- return False;
+ return false;
}
if (!NT_STATUS_IS_OK(find_printers(mem_ctx, cli->tree,
&printers, &num_printers))) {
talloc_free(mem_ctx);
- return False;
+ return false;
}
if (num_printers == 0) {
d_printf("Did not find printers\n");
talloc_free(mem_ctx);
- return True;
+ return true;
}
status = pipe_bind_smb(mem_ctx, cli->tree, "\\spoolss",
- &dcerpc_table_spoolss, &p);
+ &ndr_table_spoolss, &p);
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) pipe_bind_smb failed: %s\n", __location__,
nt_errstr(status));
talloc_free(mem_ctx);
- return False;
+ return false;
}
ZERO_STRUCT(userlevel1);
userlevel1.client = talloc_asprintf(
- mem_ctx, "\\\\%s", lp_netbios_name());
+ mem_ctx, "\\\\%s", lp_netbios_name(torture->lp_ctx));
userlevel1.user = cli_credentials_get_username(cmdline_credentials);
userlevel1.build = 2600;
userlevel1.major = 3;
"%s, %s\n", __location__, nt_errstr(status),
win_errstr(r.out.result));
talloc_free(mem_ctx);
- return False;
+ return false;
}
}
"%s, %s\n", __location__, nt_errstr(status),
win_errstr(r.out.result));
talloc_free(mem_ctx);
- return False;
+ return false;
}
}
"%s, %s\n", __location__, nt_errstr(status),
win_errstr(r.out.result));
talloc_free(mem_ctx);
- return False;
+ return false;
}
}
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) getprinterinfo %d failed: %s\n",
__location__, i, nt_errstr(status));
- ret = False;
+ ret = false;
}
}
}
d_printf("(%s) dcerpc_spoolss_ClosePrinter failed: "
"%s\n", __location__, nt_errstr(status));
talloc_free(mem_ctx);
- return False;
+ return false;
}
}
&num_enumerated)) {
d_printf("(%s) enumprinters failed\n", __location__);
talloc_free(mem_ctx);
- return False;
+ return false;
}
if (num_printers != num_enumerated) {
d_printf("(%s) netshareenum gave %d printers, "
"enumprinters lvl 1 gave %d\n", __location__,
num_printers, num_enumerated);
talloc_free(mem_ctx);
- return False;
+ return false;
}
}
&num_enumerated)) {
d_printf("(%s) enumprinters failed\n", __location__);
talloc_free(mem_ctx);
- return False;
+ return false;
}
if (num_printers != num_enumerated) {
d_printf("(%s) netshareenum gave %d printers, "
"enumprinters lvl 2 gave %d\n", __location__,
num_printers, num_enumerated);
talloc_free(mem_ctx);
- return False;
+ return false;
}
}
return ret;
}
-BOOL torture_samba3_rpc_wkssvc(struct torture_context *torture)
+bool torture_samba3_rpc_wkssvc(struct torture_context *torture)
{
TALLOC_CTX *mem_ctx;
struct smbcli_state *cli;
char *servername;
if (!(mem_ctx = talloc_new(torture))) {
- return False;
+ return false;
}
if (!(torture_open_connection_share(
- mem_ctx, &cli, torture_setting_string(torture, "host", NULL),
+ mem_ctx, &cli, torture, torture_setting_string(torture, "host", NULL),
"IPC$", NULL))) {
d_printf("IPC$ connection failed\n");
talloc_free(mem_ctx);
- return False;
+ return false;
}
status = get_servername(mem_ctx, cli->tree, &servername);
d_fprintf(stderr, "(%s) get_servername returned %s\n",
__location__, nt_errstr(status));
talloc_free(mem_ctx);
- return False;
+ return false;
}
status = pipe_bind_smb(mem_ctx, cli->tree, "\\wkssvc",
- &dcerpc_table_wkssvc, &p);
+ &ndr_table_wkssvc, &p);
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) pipe_bind_smb failed: %s\n", __location__,
nt_errstr(status));
talloc_free(mem_ctx);
- return False;
+ return false;
}
{
"%s, %s\n", __location__, nt_errstr(status),
win_errstr(r.out.result));
talloc_free(mem_ctx);
- return False;
+ return false;
}
if (strcmp(servername,
__location__, servername,
r.out.info->info100->server_name);
talloc_free(mem_ctx);
- return False;
+ return false;
}
}
talloc_free(mem_ctx);
- return True;
+ return true;
}
static NTSTATUS winreg_close(struct dcerpc_pipe *p,
talloc_free(tmp_ctx);
r.in.enum_index += 1;
- } while(True);
+ } while(true);
return NT_STATUS_OK;
}
typedef NTSTATUS (*winreg_open_fn)(struct dcerpc_pipe *, TALLOC_CTX *, void *);
-static BOOL test_Open3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+static bool test_Open3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
const char *name, winreg_open_fn open_fn)
{
struct policy_handle handle;
if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(r.out.result)) {
d_printf("(%s) %s failed: %s, %s\n", __location__, name,
nt_errstr(status), win_errstr(r.out.result));
- return False;
+ return false;
}
enumkeys(p, &handle, mem_ctx, 4);
if (!NT_STATUS_IS_OK(status)) {
d_printf("(%s) dcerpc_CloseKey failed: %s\n",
__location__, nt_errstr(status));
- return False;
+ return false;
}
- return True;
+ return true;
}
-BOOL torture_samba3_rpc_winreg(struct torture_context *torture)
+bool torture_samba3_rpc_winreg(struct torture_context *torture)
{
NTSTATUS status;
struct dcerpc_pipe *p;
TALLOC_CTX *mem_ctx;
- BOOL ret = True;
+ bool ret = true;
struct {
const char *name;
winreg_open_fn fn;
mem_ctx = talloc_init("torture_rpc_winreg");
- status = torture_rpc_connection(mem_ctx, &p, &dcerpc_table_winreg);
+ status = torture_rpc_connection(torture, &p, &ndr_table_winreg);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(mem_ctx);
- return False;
+ return false;
}
#if 1
#else
for (i = 0; i < ARRAY_SIZE(open_fns); i++) {
if (!test_Open3(p, mem_ctx, open_fns[i].name, open_fns[i].fn))
- ret = False;
+ ret = false;
}
#endif
return ret;
}
+
+static NTSTATUS get_shareinfo(TALLOC_CTX *mem_ctx,
+ struct smbcli_state *cli,
+ const char *share,
+ struct srvsvc_NetShareInfo502 **info)
+{
+ struct smbcli_tree *ipc;
+ struct dcerpc_pipe *p;
+ struct srvsvc_NetShareGetInfo r;
+ NTSTATUS status;
+
+ if (!(p = dcerpc_pipe_init(cli,
+ cli->transport->socket->event.ctx,
+ lp_iconv_convenience(global_loadparm)))) {
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
+ }
+
+ status = secondary_tcon(p, cli->session, "IPC$", &ipc);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto fail;
+ }
+
+ status = dcerpc_pipe_open_smb(p, ipc, "\\pipe\\srvsvc");
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("dcerpc_pipe_open_smb failed: %s\n",
+ nt_errstr(status));
+ goto fail;
+ }
+
+ status = dcerpc_bind_auth_none(p, &ndr_table_srvsvc);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("dcerpc_bind_auth_none failed: %s\n",
+ nt_errstr(status));
+ goto fail;
+ }
+
+ r.in.server_unc = talloc_asprintf(mem_ctx, "\\\\%s",
+ dcerpc_server_name(p));
+ r.in.share_name = share;
+ r.in.level = 502;
+
+ status = dcerpc_srvsvc_NetShareGetInfo(p, p, &r);
+ if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(r.out.result)) {
+ d_printf("(%s) OpenHKLM failed: %s, %s\n", __location__,
+ nt_errstr(status), win_errstr(r.out.result));
+ goto fail;
+ }
+
+ *info = talloc_move(mem_ctx, &r.out.info.info502);
+ return NT_STATUS_OK;
+
+ fail:
+ talloc_free(p);
+ return status;
+}
+
+/*
+ * Get us a handle on HKLM\
+ */
+
+static NTSTATUS get_hklm_handle(TALLOC_CTX *mem_ctx,
+ struct smbcli_state *cli,
+ struct dcerpc_pipe **pipe_p,
+ struct policy_handle **handle)
+{
+ struct smbcli_tree *ipc;
+ struct dcerpc_pipe *p;
+ struct winreg_OpenHKLM r;
+ NTSTATUS status;
+ struct policy_handle *result;
+
+ result = talloc(mem_ctx, struct policy_handle);
+
+ if (result == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!(p = dcerpc_pipe_init(result,
+ cli->transport->socket->event.ctx,
+ lp_iconv_convenience(global_loadparm)))) {
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
+ }
+
+ status = secondary_tcon(p, cli->session, "IPC$", &ipc);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto fail;
+ }
+
+ status = dcerpc_pipe_open_smb(p, ipc, "\\winreg");
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("dcerpc_pipe_open_smb failed: %s\n",
+ nt_errstr(status));
+ goto fail;
+ }
+
+ status = dcerpc_bind_auth_none(p, &ndr_table_winreg);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("dcerpc_bind_auth_none failed: %s\n",
+ nt_errstr(status));
+ goto fail;
+ }
+
+ r.in.system_name = 0;
+ r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+ r.out.handle = result;
+
+ status = dcerpc_winreg_OpenHKLM(p, p, &r);
+ if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(r.out.result)) {
+ d_printf("(%s) OpenHKLM failed: %s, %s\n", __location__,
+ nt_errstr(status), win_errstr(r.out.result));
+ goto fail;
+ }
+
+ *pipe_p = p;
+ *handle = result;
+ return NT_STATUS_OK;
+
+ fail:
+ talloc_free(result);
+ return status;
+}
+
+static NTSTATUS torture_samba3_createshare(struct smbcli_state *cli,
+ const char *sharename)
+{
+ struct dcerpc_pipe *p;
+ struct policy_handle *hklm = NULL;
+ struct policy_handle new_handle;
+ struct winreg_CreateKey c;
+ struct winreg_CloseKey cl;
+ enum winreg_CreateAction action_taken;
+ NTSTATUS status;
+ TALLOC_CTX *mem_ctx;
+
+ mem_ctx = talloc_new(cli);
+ NT_STATUS_HAVE_NO_MEMORY(mem_ctx);
+
+ status = get_hklm_handle(mem_ctx, cli, &p, &hklm);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("get_hklm_handle failed: %s\n", nt_errstr(status));
+ goto fail;
+ }
+
+ c.in.handle = hklm;
+ c.in.name.name = talloc_asprintf(
+ mem_ctx, "software\\samba\\smbconf\\%s", sharename);
+ if (c.in.name.name == NULL) {
+ d_printf("talloc_asprintf failed\n");
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
+ }
+ c.in.keyclass.name = "";
+ c.in.options = 0;
+ c.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+ c.in.secdesc = NULL;
+ c.in.action_taken = &action_taken;
+ c.out.new_handle = &new_handle;
+ c.out.action_taken = &action_taken;
+
+ status = dcerpc_winreg_CreateKey(p, p, &c);
+ if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(c.out.result)) {
+ d_printf("(%s) OpenKey failed: %s, %s\n", __location__,
+ nt_errstr(status), win_errstr(c.out.result));
+ goto fail;
+ }
+
+ cl.in.handle = &new_handle;
+ cl.out.handle = &new_handle;
+ status = dcerpc_winreg_CloseKey(p, p, &cl);
+ if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(cl.out.result)) {
+ d_printf("(%s) OpenKey failed: %s, %s\n", __location__,
+ nt_errstr(status), win_errstr(cl.out.result));
+ goto fail;
+ }
+
+
+ fail:
+ talloc_free(mem_ctx);
+ return status;
+}
+
+static NTSTATUS torture_samba3_deleteshare(struct smbcli_state *cli,
+ const char *sharename)
+{
+ struct dcerpc_pipe *p;
+ struct policy_handle *hklm = NULL;
+ struct winreg_DeleteKey d;
+ NTSTATUS status;
+ TALLOC_CTX *mem_ctx;
+
+ mem_ctx = talloc_new(cli);
+ NT_STATUS_HAVE_NO_MEMORY(mem_ctx);
+
+ status = get_hklm_handle(cli, cli, &p, &hklm);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("get_hklm_handle failed: %s\n", nt_errstr(status));
+ goto fail;
+ }
+
+ d.in.handle = hklm;
+ d.in.key.name = talloc_asprintf(
+ mem_ctx, "software\\samba\\smbconf\\%s", sharename);
+ if (d.in.key.name == NULL) {
+ d_printf("talloc_asprintf failed\n");
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
+ }
+ status = dcerpc_winreg_DeleteKey(p, p, &d);
+ if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(d.out.result)) {
+ d_printf("(%s) OpenKey failed: %s, %s\n", __location__,
+ nt_errstr(status), win_errstr(d.out.result));
+ goto fail;
+ }
+
+ fail:
+ talloc_free(mem_ctx);
+ return status;
+}
+
+static NTSTATUS torture_samba3_setconfig(struct smbcli_state *cli,
+ const char *sharename,
+ const char *parameter,
+ const char *value)
+{
+ struct dcerpc_pipe *p = NULL;
+ struct policy_handle *hklm = NULL, key_handle;
+ struct winreg_OpenKey o;
+ struct winreg_SetValue s;
+ uint32_t type;
+ DATA_BLOB val;
+ NTSTATUS status;
+
+ status = get_hklm_handle(cli, cli, &p, &hklm);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf("get_hklm_handle failed: %s\n", nt_errstr(status));
+ return status;;
+ }
+
+ o.in.parent_handle = hklm;
+ o.in.keyname.name = talloc_asprintf(
+ hklm, "software\\samba\\smbconf\\%s", sharename);
+ if (o.in.keyname.name == NULL) {
+ d_printf("talloc_asprintf failed\n");
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+ o.in.unknown = 0;
+ o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+ o.out.handle = &key_handle;
+
+ status = dcerpc_winreg_OpenKey(p, p, &o);
+ if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(o.out.result)) {
+ d_printf("(%s) OpenKey failed: %s, %s\n", __location__,
+ nt_errstr(status), win_errstr(o.out.result));
+ goto done;
+ }
+
+ if (!reg_string_to_val(hklm, "REG_SZ", value, &type, &val)) {
+ d_printf("(%s) reg_string_to_val failed\n", __location__);
+ goto done;
+ }
+
+ s.in.handle = &key_handle;
+ s.in.name.name = parameter;
+ s.in.type = type;
+ s.in.data = val.data;
+ s.in.size = val.length;
+
+ status = dcerpc_winreg_SetValue(p, p, &s);
+ if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(s.out.result)) {
+ d_printf("(%s) SetValue failed: %s, %s\n", __location__,
+ nt_errstr(status), win_errstr(s.out.result));
+ goto done;
+ }
+
+ done:
+ talloc_free(hklm);
+ return status;
+}
+
+bool torture_samba3_regconfig(struct torture_context *torture)
+{
+ struct smbcli_state *cli;
+ struct srvsvc_NetShareInfo502 *i = NULL;
+ NTSTATUS status;
+ bool ret = false;
+ const char *comment = "Dummer Kommentar";
+
+ if (!(torture_open_connection(&cli, torture, 0))) {
+ return false;
+ }
+
+ status = torture_samba3_createshare(cli, "blubber");
+ if (!NT_STATUS_IS_OK(status)) {
+ torture_warning(torture, "torture_samba3_createshare failed: "
+ "%s\n", nt_errstr(status));
+ goto done;
+ }
+
+ status = torture_samba3_setconfig(cli, "blubber", "comment", comment);
+ if (!NT_STATUS_IS_OK(status)) {
+ torture_warning(torture, "torture_samba3_setconfig failed: "
+ "%s\n", nt_errstr(status));
+ goto done;
+ }
+
+ status = get_shareinfo(torture, cli, "blubber", &i);
+ if (!NT_STATUS_IS_OK(status)) {
+ torture_warning(torture, "get_shareinfo failed: "
+ "%s\n", nt_errstr(status));
+ goto done;
+ }
+
+ if (strcmp(comment, i->comment) != 0) {
+ torture_warning(torture, "Expected comment [%s], got [%s]\n",
+ comment, i->comment);
+ goto done;
+ }
+
+ status = torture_samba3_deleteshare(cli, "blubber");
+ if (!NT_STATUS_IS_OK(status)) {
+ torture_warning(torture, "torture_samba3_deleteshare failed: "
+ "%s\n", nt_errstr(status));
+ goto done;
+ }
+
+ ret = true;
+ done:
+ talloc_free(cli);
+ return ret;
+}