2 Unix SMB/CIFS implementation.
4 test suite for netlogon rpc operations
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003-2004
8 Copyright (C) Tim Potter 2003
9 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
26 #include "lib/events/events.h"
27 #include "lib/cmdline/popt_common.h"
28 #include "torture/rpc/torture_rpc.h"
29 #include "../lib/crypto/crypto.h"
30 #include "libcli/auth/libcli_auth.h"
31 #include "librpc/gen_ndr/ndr_netlogon_c.h"
32 #include "librpc/gen_ndr/ndr_lsa_c.h"
33 #include "param/param.h"
34 #include "libcli/security/security.h"
35 #include "lib/ldb/include/ldb.h"
36 #include "lib/util/util_ldb.h"
38 #include "lib/replace/system/network.h"
39 #include "dsdb/samdb/samdb.h"
41 #define TEST_MACHINE_NAME "torturetest"
43 static bool test_LogonUasLogon(struct torture_context *tctx,
44 struct dcerpc_pipe *p)
47 struct netr_LogonUasLogon r;
48 struct netr_UasInfo *info = NULL;
49 struct dcerpc_binding_handle *b = p->binding_handle;
51 r.in.server_name = NULL;
52 r.in.account_name = cli_credentials_get_username(cmdline_credentials);
53 r.in.workstation = TEST_MACHINE_NAME;
56 status = dcerpc_netr_LogonUasLogon_r(b, tctx, &r);
57 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogon");
62 static bool test_LogonUasLogoff(struct torture_context *tctx,
63 struct dcerpc_pipe *p)
66 struct netr_LogonUasLogoff r;
67 struct netr_UasLogoffInfo info;
68 struct dcerpc_binding_handle *b = p->binding_handle;
70 r.in.server_name = NULL;
71 r.in.account_name = cli_credentials_get_username(cmdline_credentials);
72 r.in.workstation = TEST_MACHINE_NAME;
75 status = dcerpc_netr_LogonUasLogoff_r(b, tctx, &r);
76 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogoff");
81 bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context *tctx,
82 struct cli_credentials *credentials,
83 struct netlogon_creds_CredentialState **creds_out)
85 struct netr_ServerReqChallenge r;
86 struct netr_ServerAuthenticate a;
87 struct netr_Credential credentials1, credentials2, credentials3;
88 struct netlogon_creds_CredentialState *creds;
89 const struct samr_Password *mach_password;
90 const char *machine_name;
91 struct dcerpc_binding_handle *b = p->binding_handle;
93 mach_password = cli_credentials_get_nt_hash(credentials, tctx);
94 machine_name = cli_credentials_get_workstation(credentials);
96 torture_comment(tctx, "Testing ServerReqChallenge\n");
98 r.in.server_name = NULL;
99 r.in.computer_name = machine_name;
100 r.in.credentials = &credentials1;
101 r.out.return_credentials = &credentials2;
103 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
105 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
106 "ServerReqChallenge failed");
107 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
109 a.in.server_name = NULL;
110 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
111 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(credentials);
112 a.in.computer_name = machine_name;
113 a.in.credentials = &credentials3;
114 a.out.return_credentials = &credentials3;
116 creds = netlogon_creds_client_init(tctx, a.in.account_name,
118 &credentials1, &credentials2,
119 mach_password, &credentials3,
121 torture_assert(tctx, creds != NULL, "memory allocation");
124 torture_comment(tctx, "Testing ServerAuthenticate\n");
126 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate_r(b, tctx, &a),
127 "ServerAuthenticate failed");
129 /* This allows the tests to continue against the more fussy windows 2008 */
130 if (NT_STATUS_EQUAL(a.out.result, NT_STATUS_DOWNGRADE_DETECTED)) {
131 return test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
133 cli_credentials_get_secure_channel_type(credentials),
137 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate");
139 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
140 "Credential chaining failed");
146 bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx,
147 uint32_t negotiate_flags,
148 struct cli_credentials *machine_credentials,
149 enum netr_SchannelType sec_chan_type,
150 struct netlogon_creds_CredentialState **creds_out)
152 struct netr_ServerReqChallenge r;
153 struct netr_ServerAuthenticate2 a;
154 struct netr_Credential credentials1, credentials2, credentials3;
155 struct netlogon_creds_CredentialState *creds;
156 const struct samr_Password *mach_password;
157 const char *machine_name;
158 struct dcerpc_binding_handle *b = p->binding_handle;
160 mach_password = cli_credentials_get_nt_hash(machine_credentials, tctx);
161 machine_name = cli_credentials_get_workstation(machine_credentials);
163 torture_comment(tctx, "Testing ServerReqChallenge\n");
166 r.in.server_name = NULL;
167 r.in.computer_name = machine_name;
168 r.in.credentials = &credentials1;
169 r.out.return_credentials = &credentials2;
171 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
173 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
174 "ServerReqChallenge failed");
175 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
177 a.in.server_name = NULL;
178 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
179 a.in.secure_channel_type = sec_chan_type;
180 a.in.computer_name = machine_name;
181 a.in.negotiate_flags = &negotiate_flags;
182 a.out.negotiate_flags = &negotiate_flags;
183 a.in.credentials = &credentials3;
184 a.out.return_credentials = &credentials3;
186 creds = netlogon_creds_client_init(tctx, a.in.account_name,
188 &credentials1, &credentials2,
189 mach_password, &credentials3,
192 torture_assert(tctx, creds != NULL, "memory allocation");
194 torture_comment(tctx, "Testing ServerAuthenticate2\n");
196 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate2_r(b, tctx, &a),
197 "ServerAuthenticate2 failed");
198 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate2 failed");
200 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
201 "Credential chaining failed");
203 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
210 bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx,
211 uint32_t negotiate_flags,
212 struct cli_credentials *machine_credentials,
213 struct netlogon_creds_CredentialState **creds_out)
215 struct netr_ServerReqChallenge r;
216 struct netr_ServerAuthenticate3 a;
217 struct netr_Credential credentials1, credentials2, credentials3;
218 struct netlogon_creds_CredentialState *creds;
219 struct samr_Password mach_password;
221 const char *machine_name;
222 const char *plain_pass;
223 struct dcerpc_binding_handle *b = p->binding_handle;
225 machine_name = cli_credentials_get_workstation(machine_credentials);
226 plain_pass = cli_credentials_get_password(machine_credentials);
228 torture_comment(tctx, "Testing ServerReqChallenge\n");
230 r.in.server_name = NULL;
231 r.in.computer_name = machine_name;
232 r.in.credentials = &credentials1;
233 r.out.return_credentials = &credentials2;
235 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
237 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
238 "ServerReqChallenge failed");
239 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
241 E_md4hash(plain_pass, mach_password.hash);
243 a.in.server_name = NULL;
244 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
245 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
246 a.in.computer_name = machine_name;
247 a.in.negotiate_flags = &negotiate_flags;
248 a.in.credentials = &credentials3;
249 a.out.return_credentials = &credentials3;
250 a.out.negotiate_flags = &negotiate_flags;
253 creds = netlogon_creds_client_init(tctx, a.in.account_name,
255 &credentials1, &credentials2,
256 &mach_password, &credentials3,
259 torture_assert(tctx, creds != NULL, "memory allocation");
261 torture_comment(tctx, "Testing ServerAuthenticate3\n");
263 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate3_r(b, tctx, &a),
264 "ServerAuthenticate3 failed");
265 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate3 failed");
266 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3), "Credential chaining failed");
268 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
270 /* Prove that requesting a challenge again won't break it */
271 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
272 "ServerReqChallenge failed");
273 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
280 try a change password for our machine account
282 static bool test_SetPassword(struct torture_context *tctx,
283 struct dcerpc_pipe *p,
284 struct cli_credentials *machine_credentials)
286 struct netr_ServerPasswordSet r;
287 const char *password;
288 struct netlogon_creds_CredentialState *creds;
289 struct netr_Authenticator credential, return_authenticator;
290 struct samr_Password new_password;
291 struct dcerpc_binding_handle *b = p->binding_handle;
293 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
297 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
298 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
299 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
300 r.in.computer_name = TEST_MACHINE_NAME;
301 r.in.credential = &credential;
302 r.in.new_password = &new_password;
303 r.out.return_authenticator = &return_authenticator;
305 password = generate_random_password(tctx, 8, 255);
306 E_md4hash(password, new_password.hash);
308 netlogon_creds_des_encrypt(creds, &new_password);
310 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
311 torture_comment(tctx, "Changing machine account password to '%s'\n",
314 netlogon_creds_client_authenticator(creds, &credential);
316 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
317 "ServerPasswordSet failed");
318 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet failed");
320 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
321 torture_comment(tctx, "Credential chaining failed\n");
324 /* by changing the machine password twice we test the
325 credentials chaining fully, and we verify that the server
326 allows the password to be set to the same value twice in a
327 row (match win2k3) */
328 torture_comment(tctx,
329 "Testing a second ServerPasswordSet on machine account\n");
330 torture_comment(tctx,
331 "Changing machine account password to '%s' (same as previous run)\n", password);
333 netlogon_creds_client_authenticator(creds, &credential);
335 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
336 "ServerPasswordSet (2) failed");
337 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (2) failed");
339 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
340 torture_comment(tctx, "Credential chaining failed\n");
343 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
346 test_SetupCredentials(p, tctx, machine_credentials, &creds),
347 "ServerPasswordSet failed to actually change the password");
353 try a change password for our machine account
355 static bool test_SetPassword_flags(struct torture_context *tctx,
356 struct dcerpc_pipe *p,
357 struct cli_credentials *machine_credentials,
358 uint32_t negotiate_flags)
360 struct netr_ServerPasswordSet r;
361 const char *password;
362 struct netlogon_creds_CredentialState *creds;
363 struct netr_Authenticator credential, return_authenticator;
364 struct samr_Password new_password;
365 struct dcerpc_binding_handle *b = p->binding_handle;
367 if (!test_SetupCredentials2(p, tctx, negotiate_flags,
369 cli_credentials_get_secure_channel_type(machine_credentials),
374 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
375 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
376 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
377 r.in.computer_name = TEST_MACHINE_NAME;
378 r.in.credential = &credential;
379 r.in.new_password = &new_password;
380 r.out.return_authenticator = &return_authenticator;
382 password = generate_random_password(tctx, 8, 255);
383 E_md4hash(password, new_password.hash);
385 netlogon_creds_des_encrypt(creds, &new_password);
387 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
388 torture_comment(tctx, "Changing machine account password to '%s'\n",
391 netlogon_creds_client_authenticator(creds, &credential);
393 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
394 "ServerPasswordSet failed");
395 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet failed");
397 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
398 torture_comment(tctx, "Credential chaining failed\n");
401 /* by changing the machine password twice we test the
402 credentials chaining fully, and we verify that the server
403 allows the password to be set to the same value twice in a
404 row (match win2k3) */
405 torture_comment(tctx,
406 "Testing a second ServerPasswordSet on machine account\n");
407 torture_comment(tctx,
408 "Changing machine account password to '%s' (same as previous run)\n", password);
410 netlogon_creds_client_authenticator(creds, &credential);
412 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
413 "ServerPasswordSet (2) failed");
414 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (2) failed");
416 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
417 torture_comment(tctx, "Credential chaining failed\n");
420 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
423 test_SetupCredentials(p, tctx, machine_credentials, &creds),
424 "ServerPasswordSet failed to actually change the password");
431 generate a random password for password change tests
433 static DATA_BLOB netlogon_very_rand_pass(TALLOC_CTX *mem_ctx, int len)
436 DATA_BLOB password = data_blob_talloc(mem_ctx, NULL, len * 2 /* number of unicode chars */);
437 generate_random_buffer(password.data, password.length);
439 for (i=0; i < len; i++) {
440 if (((uint16_t *)password.data)[i] == 0) {
441 ((uint16_t *)password.data)[i] = 1;
449 try a change password for our machine account
451 static bool test_SetPassword2(struct torture_context *tctx,
452 struct dcerpc_pipe *p,
453 struct cli_credentials *machine_credentials)
455 struct netr_ServerPasswordSet2 r;
456 const char *password;
457 DATA_BLOB new_random_pass;
458 struct netlogon_creds_CredentialState *creds;
459 struct samr_CryptPassword password_buf;
460 struct samr_Password nt_hash;
461 struct netr_Authenticator credential, return_authenticator;
462 struct netr_CryptPassword new_password;
463 struct dcerpc_binding_handle *b = p->binding_handle;
465 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
469 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
470 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
471 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
472 r.in.computer_name = TEST_MACHINE_NAME;
473 r.in.credential = &credential;
474 r.in.new_password = &new_password;
475 r.out.return_authenticator = &return_authenticator;
477 password = generate_random_password(tctx, 8, 255);
478 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
479 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
481 memcpy(new_password.data, password_buf.data, 512);
482 new_password.length = IVAL(password_buf.data, 512);
484 torture_comment(tctx, "Testing ServerPasswordSet2 on machine account\n");
485 torture_comment(tctx, "Changing machine account password to '%s'\n", password);
487 netlogon_creds_client_authenticator(creds, &credential);
489 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
490 "ServerPasswordSet2 failed");
491 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 failed");
493 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
494 torture_comment(tctx, "Credential chaining failed\n");
497 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
499 if (!torture_setting_bool(tctx, "dangerous", false)) {
500 torture_comment(tctx,
501 "Not testing ability to set password to '', enable dangerous tests to perform this test\n");
503 /* by changing the machine password to ""
504 * we check if the server uses password restrictions
505 * for ServerPasswordSet2
506 * (win2k3 accepts "")
509 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
510 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
512 memcpy(new_password.data, password_buf.data, 512);
513 new_password.length = IVAL(password_buf.data, 512);
515 torture_comment(tctx,
516 "Testing ServerPasswordSet2 on machine account\n");
517 torture_comment(tctx,
518 "Changing machine account password to '%s'\n", password);
520 netlogon_creds_client_authenticator(creds, &credential);
522 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
523 "ServerPasswordSet2 failed");
524 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 failed");
526 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
527 torture_comment(tctx, "Credential chaining failed\n");
530 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
533 torture_assert(tctx, test_SetupCredentials(p, tctx, machine_credentials, &creds),
534 "ServerPasswordSet failed to actually change the password");
536 /* now try a random password */
537 password = generate_random_password(tctx, 8, 255);
538 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
539 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
541 memcpy(new_password.data, password_buf.data, 512);
542 new_password.length = IVAL(password_buf.data, 512);
544 torture_comment(tctx, "Testing second ServerPasswordSet2 on machine account\n");
545 torture_comment(tctx, "Changing machine account password to '%s'\n", password);
547 netlogon_creds_client_authenticator(creds, &credential);
549 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
550 "ServerPasswordSet2 (2) failed");
551 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 (2) failed");
553 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
554 torture_comment(tctx, "Credential chaining failed\n");
557 /* by changing the machine password twice we test the
558 credentials chaining fully, and we verify that the server
559 allows the password to be set to the same value twice in a
560 row (match win2k3) */
561 torture_comment(tctx,
562 "Testing a second ServerPasswordSet2 on machine account\n");
563 torture_comment(tctx,
564 "Changing machine account password to '%s' (same as previous run)\n", password);
566 netlogon_creds_client_authenticator(creds, &credential);
568 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
569 "ServerPasswordSet (3) failed");
570 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (3) failed");
572 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
573 torture_comment(tctx, "Credential chaining failed\n");
576 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
578 torture_assert (tctx,
579 test_SetupCredentials(p, tctx, machine_credentials, &creds),
580 "ServerPasswordSet failed to actually change the password");
582 new_random_pass = netlogon_very_rand_pass(tctx, 128);
584 /* now try a random stream of bytes for a password */
585 set_pw_in_buffer(password_buf.data, &new_random_pass);
587 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
589 memcpy(new_password.data, password_buf.data, 512);
590 new_password.length = IVAL(password_buf.data, 512);
592 torture_comment(tctx,
593 "Testing a third ServerPasswordSet2 on machine account, with a compleatly random password\n");
595 netlogon_creds_client_authenticator(creds, &credential);
597 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
598 "ServerPasswordSet (3) failed");
599 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (3) failed");
601 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
602 torture_comment(tctx, "Credential chaining failed\n");
605 mdfour(nt_hash.hash, new_random_pass.data, new_random_pass.length);
607 cli_credentials_set_password(machine_credentials, NULL, CRED_UNINITIALISED);
608 cli_credentials_set_nt_hash(machine_credentials, &nt_hash, CRED_SPECIFIED);
610 torture_assert (tctx,
611 test_SetupCredentials(p, tctx, machine_credentials, &creds),
612 "ServerPasswordSet failed to actually change the password");
617 static bool test_GetPassword(struct torture_context *tctx,
618 struct dcerpc_pipe *p,
619 struct cli_credentials *machine_credentials)
621 struct netr_ServerPasswordGet r;
622 struct netlogon_creds_CredentialState *creds;
623 struct netr_Authenticator credential;
625 struct netr_Authenticator return_authenticator;
626 struct samr_Password password;
627 struct dcerpc_binding_handle *b = p->binding_handle;
629 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
633 netlogon_creds_client_authenticator(creds, &credential);
635 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
636 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
637 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
638 r.in.computer_name = TEST_MACHINE_NAME;
639 r.in.credential = &credential;
640 r.out.return_authenticator = &return_authenticator;
641 r.out.password = &password;
643 status = dcerpc_netr_ServerPasswordGet_r(b, tctx, &r);
644 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordGet");
649 static bool test_GetTrustPasswords(struct torture_context *tctx,
650 struct dcerpc_pipe *p,
651 struct cli_credentials *machine_credentials)
653 struct netr_ServerTrustPasswordsGet r;
654 struct netlogon_creds_CredentialState *creds;
655 struct netr_Authenticator credential;
656 struct netr_Authenticator return_authenticator;
657 struct samr_Password password, password2;
658 struct dcerpc_binding_handle *b = p->binding_handle;
660 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
664 netlogon_creds_client_authenticator(creds, &credential);
666 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
667 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
668 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
669 r.in.computer_name = TEST_MACHINE_NAME;
670 r.in.credential = &credential;
671 r.out.return_authenticator = &return_authenticator;
672 r.out.password = &password;
673 r.out.password2 = &password2;
675 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerTrustPasswordsGet_r(b, tctx, &r),
676 "ServerTrustPasswordsGet failed");
677 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerTrustPasswordsGet failed");
683 try a netlogon SamLogon
685 static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context *tctx,
686 struct cli_credentials *credentials,
687 struct netlogon_creds_CredentialState *creds,
691 struct netr_LogonSamLogon r;
692 struct netr_Authenticator auth, auth2;
693 union netr_LogonLevel logon;
694 union netr_Validation validation;
695 uint8_t authoritative;
696 struct netr_NetworkInfo ninfo;
697 DATA_BLOB names_blob, chal, lm_resp, nt_resp;
699 struct dcerpc_binding_handle *b = p->binding_handle;
700 int flags = CLI_CRED_NTLM_AUTH;
701 if (lpcfg_client_lanman_auth(tctx->lp_ctx)) {
702 flags |= CLI_CRED_LANMAN_AUTH;
705 if (lpcfg_client_ntlmv2_auth(tctx->lp_ctx) && !null_domain) {
706 flags |= CLI_CRED_NTLMv2_AUTH;
709 cli_credentials_get_ntlm_username_domain(cmdline_credentials, tctx,
710 &ninfo.identity_info.account_name.string,
711 &ninfo.identity_info.domain_name.string);
714 ninfo.identity_info.domain_name.string = NULL;
717 generate_random_buffer(ninfo.challenge,
718 sizeof(ninfo.challenge));
719 chal = data_blob_const(ninfo.challenge,
720 sizeof(ninfo.challenge));
722 names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(credentials),
723 cli_credentials_get_domain(credentials));
725 status = cli_credentials_get_ntlm_response(cmdline_credentials, tctx,
731 torture_assert_ntstatus_ok(tctx, status, "cli_credentials_get_ntlm_response failed");
733 ninfo.lm.data = lm_resp.data;
734 ninfo.lm.length = lm_resp.length;
736 ninfo.nt.data = nt_resp.data;
737 ninfo.nt.length = nt_resp.length;
739 ninfo.identity_info.parameter_control = 0;
740 ninfo.identity_info.logon_id_low = 0;
741 ninfo.identity_info.logon_id_high = 0;
742 ninfo.identity_info.workstation.string = cli_credentials_get_workstation(credentials);
744 logon.network = &ninfo;
746 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
747 r.in.computer_name = cli_credentials_get_workstation(credentials);
748 r.in.credential = &auth;
749 r.in.return_authenticator = &auth2;
750 r.in.logon_level = 2;
752 r.out.validation = &validation;
753 r.out.authoritative = &authoritative;
755 d_printf("Testing LogonSamLogon with name %s\n", ninfo.identity_info.account_name.string);
759 netlogon_creds_client_authenticator(creds, &auth);
761 r.in.validation_level = i;
763 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
764 "LogonSamLogon failed");
765 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonSamLogon failed");
767 torture_assert(tctx, netlogon_creds_client_check(creds,
768 &r.out.return_authenticator->cred),
769 "Credential chaining failed");
772 r.in.credential = NULL;
776 r.in.validation_level = i;
778 torture_comment(tctx, "Testing SamLogon with validation level %d and a NULL credential\n", i);
780 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
781 "LogonSamLogon failed");
782 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_PARAMETER,
783 "LogonSamLogon expected INVALID_PARAMETER");
790 bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
791 struct cli_credentials *credentials,
792 struct netlogon_creds_CredentialState *creds)
794 return test_netlogon_ops_args(p, tctx, credentials, creds, false);
798 try a netlogon SamLogon
800 static bool test_SamLogon(struct torture_context *tctx,
801 struct dcerpc_pipe *p,
802 struct cli_credentials *credentials)
804 struct netlogon_creds_CredentialState *creds;
806 if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
810 return test_netlogon_ops(p, tctx, credentials, creds);
813 static bool test_SamLogon_NULL_domain(struct torture_context *tctx,
814 struct dcerpc_pipe *p,
815 struct cli_credentials *credentials)
817 struct netlogon_creds_CredentialState *creds;
819 if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
823 return test_netlogon_ops_args(p, tctx, credentials, creds, true);
826 /* we remember the sequence numbers so we can easily do a DatabaseDelta */
827 static uint64_t sequence_nums[3];
830 try a netlogon DatabaseSync
832 static bool test_DatabaseSync(struct torture_context *tctx,
833 struct dcerpc_pipe *p,
834 struct cli_credentials *machine_credentials)
836 struct netr_DatabaseSync r;
837 struct netlogon_creds_CredentialState *creds;
838 const uint32_t database_ids[] = {SAM_DATABASE_DOMAIN, SAM_DATABASE_BUILTIN, SAM_DATABASE_PRIVS};
840 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
841 struct netr_Authenticator credential, return_authenticator;
842 struct dcerpc_binding_handle *b = p->binding_handle;
844 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
848 ZERO_STRUCT(return_authenticator);
850 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
851 r.in.computername = TEST_MACHINE_NAME;
852 r.in.preferredmaximumlength = (uint32_t)-1;
853 r.in.return_authenticator = &return_authenticator;
854 r.out.delta_enum_array = &delta_enum_array;
855 r.out.return_authenticator = &return_authenticator;
857 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
859 uint32_t sync_context = 0;
861 r.in.database_id = database_ids[i];
862 r.in.sync_context = &sync_context;
863 r.out.sync_context = &sync_context;
865 torture_comment(tctx, "Testing DatabaseSync of id %d\n", r.in.database_id);
868 netlogon_creds_client_authenticator(creds, &credential);
870 r.in.credential = &credential;
872 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseSync_r(b, tctx, &r),
873 "DatabaseSync failed");
874 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
877 /* Native mode servers don't do this */
878 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
881 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseSync");
883 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
884 torture_comment(tctx, "Credential chaining failed\n");
887 if (delta_enum_array &&
888 delta_enum_array->num_deltas > 0 &&
889 delta_enum_array->delta_enum[0].delta_type == NETR_DELTA_DOMAIN &&
890 delta_enum_array->delta_enum[0].delta_union.domain) {
891 sequence_nums[r.in.database_id] =
892 delta_enum_array->delta_enum[0].delta_union.domain->sequence_num;
893 torture_comment(tctx, "\tsequence_nums[%d]=%llu\n",
895 (unsigned long long)sequence_nums[r.in.database_id]);
897 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
905 try a netlogon DatabaseDeltas
907 static bool test_DatabaseDeltas(struct torture_context *tctx,
908 struct dcerpc_pipe *p,
909 struct cli_credentials *machine_credentials)
911 struct netr_DatabaseDeltas r;
912 struct netlogon_creds_CredentialState *creds;
913 struct netr_Authenticator credential;
914 struct netr_Authenticator return_authenticator;
915 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
916 const uint32_t database_ids[] = {0, 1, 2};
918 struct dcerpc_binding_handle *b = p->binding_handle;
920 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
924 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
925 r.in.computername = TEST_MACHINE_NAME;
926 r.in.preferredmaximumlength = (uint32_t)-1;
927 ZERO_STRUCT(r.in.return_authenticator);
928 r.out.return_authenticator = &return_authenticator;
929 r.out.delta_enum_array = &delta_enum_array;
931 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
932 r.in.database_id = database_ids[i];
933 r.in.sequence_num = &sequence_nums[r.in.database_id];
935 if (*r.in.sequence_num == 0) continue;
937 *r.in.sequence_num -= 1;
939 torture_comment(tctx, "Testing DatabaseDeltas of id %d at %llu\n",
940 r.in.database_id, (unsigned long long)*r.in.sequence_num);
943 netlogon_creds_client_authenticator(creds, &credential);
945 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseDeltas_r(b, tctx, &r),
946 "DatabaseDeltas failed");
947 if (NT_STATUS_EQUAL(r.out.result,
948 NT_STATUS_SYNCHRONIZATION_REQUIRED)) {
949 torture_comment(tctx, "not considering %s to be an error\n",
950 nt_errstr(r.out.result));
953 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
956 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseDeltas");
958 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
959 torture_comment(tctx, "Credential chaining failed\n");
962 (*r.in.sequence_num)++;
963 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
969 static bool test_DatabaseRedo(struct torture_context *tctx,
970 struct dcerpc_pipe *p,
971 struct cli_credentials *machine_credentials)
973 struct netr_DatabaseRedo r;
974 struct netlogon_creds_CredentialState *creds;
975 struct netr_Authenticator credential;
976 struct netr_Authenticator return_authenticator;
977 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
978 struct netr_ChangeLogEntry e;
979 struct dom_sid null_sid, *sid;
981 struct dcerpc_binding_handle *b = p->binding_handle;
983 ZERO_STRUCT(null_sid);
985 sid = dom_sid_parse_talloc(tctx, "S-1-5-21-1111111111-2222222222-333333333-500");
996 NTSTATUS expected_error;
997 uint32_t expected_num_results;
998 uint8_t expected_delta_type_1;
999 uint8_t expected_delta_type_2;
1000 const char *comment;
1003 /* SAM_DATABASE_DOMAIN */
1008 .db_index = SAM_DATABASE_DOMAIN,
1009 .delta_type = NETR_DELTA_MODIFY_COUNT,
1012 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1013 .expected_num_results = 0,
1014 .comment = "NETR_DELTA_MODIFY_COUNT"
1019 .db_index = SAM_DATABASE_DOMAIN,
1023 .expected_error = NT_STATUS_OK,
1024 .expected_num_results = 1,
1025 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1026 .comment = "NULL DELTA"
1031 .db_index = SAM_DATABASE_DOMAIN,
1032 .delta_type = NETR_DELTA_DOMAIN,
1035 .expected_error = NT_STATUS_OK,
1036 .expected_num_results = 1,
1037 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1038 .comment = "NETR_DELTA_DOMAIN"
1041 .rid = DOMAIN_RID_ADMINISTRATOR,
1043 .db_index = SAM_DATABASE_DOMAIN,
1044 .delta_type = NETR_DELTA_USER,
1047 .expected_error = NT_STATUS_OK,
1048 .expected_num_results = 1,
1049 .expected_delta_type_1 = NETR_DELTA_USER,
1050 .comment = "NETR_DELTA_USER by rid 500"
1053 .rid = DOMAIN_RID_GUEST,
1055 .db_index = SAM_DATABASE_DOMAIN,
1056 .delta_type = NETR_DELTA_USER,
1059 .expected_error = NT_STATUS_OK,
1060 .expected_num_results = 1,
1061 .expected_delta_type_1 = NETR_DELTA_USER,
1062 .comment = "NETR_DELTA_USER by rid 501"
1066 .flags = NETR_CHANGELOG_SID_INCLUDED,
1067 .db_index = SAM_DATABASE_DOMAIN,
1068 .delta_type = NETR_DELTA_USER,
1071 .expected_error = NT_STATUS_OK,
1072 .expected_num_results = 1,
1073 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1074 .comment = "NETR_DELTA_USER by sid and flags"
1078 .flags = NETR_CHANGELOG_SID_INCLUDED,
1079 .db_index = SAM_DATABASE_DOMAIN,
1080 .delta_type = NETR_DELTA_USER,
1083 .expected_error = NT_STATUS_OK,
1084 .expected_num_results = 1,
1085 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1086 .comment = "NETR_DELTA_USER by null_sid and flags"
1090 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1091 .db_index = SAM_DATABASE_DOMAIN,
1092 .delta_type = NETR_DELTA_USER,
1094 .name = "administrator",
1095 .expected_error = NT_STATUS_OK,
1096 .expected_num_results = 1,
1097 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1098 .comment = "NETR_DELTA_USER by name 'administrator'"
1101 .rid = DOMAIN_RID_ADMINS,
1103 .db_index = SAM_DATABASE_DOMAIN,
1104 .delta_type = NETR_DELTA_GROUP,
1107 .expected_error = NT_STATUS_OK,
1108 .expected_num_results = 2,
1109 .expected_delta_type_1 = NETR_DELTA_GROUP,
1110 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER,
1111 .comment = "NETR_DELTA_GROUP by rid 512"
1114 .rid = DOMAIN_RID_ADMINS,
1116 .db_index = SAM_DATABASE_DOMAIN,
1117 .delta_type = NETR_DELTA_GROUP_MEMBER,
1120 .expected_error = NT_STATUS_OK,
1121 .expected_num_results = 2,
1122 .expected_delta_type_1 = NETR_DELTA_GROUP,
1123 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER,
1124 .comment = "NETR_DELTA_GROUP_MEMBER by rid 512"
1128 /* SAM_DATABASE_BUILTIN */
1133 .db_index = SAM_DATABASE_BUILTIN,
1134 .delta_type = NETR_DELTA_MODIFY_COUNT,
1137 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1138 .expected_num_results = 0,
1139 .comment = "NETR_DELTA_MODIFY_COUNT"
1144 .db_index = SAM_DATABASE_BUILTIN,
1145 .delta_type = NETR_DELTA_DOMAIN,
1148 .expected_error = NT_STATUS_OK,
1149 .expected_num_results = 1,
1150 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1151 .comment = "NETR_DELTA_DOMAIN"
1154 .rid = DOMAIN_RID_ADMINISTRATOR,
1156 .db_index = SAM_DATABASE_BUILTIN,
1157 .delta_type = NETR_DELTA_USER,
1160 .expected_error = NT_STATUS_OK,
1161 .expected_num_results = 1,
1162 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1163 .comment = "NETR_DELTA_USER by rid 500"
1168 .db_index = SAM_DATABASE_BUILTIN,
1169 .delta_type = NETR_DELTA_USER,
1172 .expected_error = NT_STATUS_OK,
1173 .expected_num_results = 1,
1174 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1175 .comment = "NETR_DELTA_USER"
1180 .db_index = SAM_DATABASE_BUILTIN,
1181 .delta_type = NETR_DELTA_ALIAS,
1184 .expected_error = NT_STATUS_OK,
1185 .expected_num_results = 2,
1186 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1187 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1188 .comment = "NETR_DELTA_ALIAS by rid 544"
1193 .db_index = SAM_DATABASE_BUILTIN,
1194 .delta_type = NETR_DELTA_ALIAS_MEMBER,
1197 .expected_error = NT_STATUS_OK,
1198 .expected_num_results = 2,
1199 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1200 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1201 .comment = "NETR_DELTA_ALIAS_MEMBER by rid 544"
1206 .db_index = SAM_DATABASE_BUILTIN,
1210 .expected_error = NT_STATUS_OK,
1211 .expected_num_results = 1,
1212 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1213 .comment = "NULL DELTA by rid 544"
1217 .flags = NETR_CHANGELOG_SID_INCLUDED,
1218 .db_index = SAM_DATABASE_BUILTIN,
1220 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1222 .expected_error = NT_STATUS_OK,
1223 .expected_num_results = 1,
1224 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1225 .comment = "NULL DELTA by rid 544 sid S-1-5-32-544 and flags"
1229 .flags = NETR_CHANGELOG_SID_INCLUDED,
1230 .db_index = SAM_DATABASE_BUILTIN,
1231 .delta_type = NETR_DELTA_ALIAS,
1232 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1234 .expected_error = NT_STATUS_OK,
1235 .expected_num_results = 2,
1236 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1237 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1238 .comment = "NETR_DELTA_ALIAS by rid 544 and sid S-1-5-32-544 and flags"
1242 .flags = NETR_CHANGELOG_SID_INCLUDED,
1243 .db_index = SAM_DATABASE_BUILTIN,
1244 .delta_type = NETR_DELTA_ALIAS,
1245 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1247 .expected_error = NT_STATUS_OK,
1248 .expected_num_results = 1,
1249 .expected_delta_type_1 = NETR_DELTA_DELETE_ALIAS,
1250 .comment = "NETR_DELTA_ALIAS by sid S-1-5-32-544 and flags"
1253 /* SAM_DATABASE_PRIVS */
1258 .db_index = SAM_DATABASE_PRIVS,
1262 .expected_error = NT_STATUS_ACCESS_DENIED,
1263 .expected_num_results = 0,
1264 .comment = "NULL DELTA"
1269 .db_index = SAM_DATABASE_PRIVS,
1270 .delta_type = NETR_DELTA_MODIFY_COUNT,
1273 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1274 .expected_num_results = 0,
1275 .comment = "NETR_DELTA_MODIFY_COUNT"
1280 .db_index = SAM_DATABASE_PRIVS,
1281 .delta_type = NETR_DELTA_POLICY,
1284 .expected_error = NT_STATUS_OK,
1285 .expected_num_results = 1,
1286 .expected_delta_type_1 = NETR_DELTA_POLICY,
1287 .comment = "NETR_DELTA_POLICY"
1291 .flags = NETR_CHANGELOG_SID_INCLUDED,
1292 .db_index = SAM_DATABASE_PRIVS,
1293 .delta_type = NETR_DELTA_POLICY,
1296 .expected_error = NT_STATUS_OK,
1297 .expected_num_results = 1,
1298 .expected_delta_type_1 = NETR_DELTA_POLICY,
1299 .comment = "NETR_DELTA_POLICY by null sid and flags"
1303 .flags = NETR_CHANGELOG_SID_INCLUDED,
1304 .db_index = SAM_DATABASE_PRIVS,
1305 .delta_type = NETR_DELTA_POLICY,
1306 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32"),
1308 .expected_error = NT_STATUS_OK,
1309 .expected_num_results = 1,
1310 .expected_delta_type_1 = NETR_DELTA_POLICY,
1311 .comment = "NETR_DELTA_POLICY by sid S-1-5-32 and flags"
1314 .rid = DOMAIN_RID_ADMINISTRATOR,
1316 .db_index = SAM_DATABASE_PRIVS,
1317 .delta_type = NETR_DELTA_ACCOUNT,
1320 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED, /* strange */
1321 .expected_num_results = 0,
1322 .comment = "NETR_DELTA_ACCOUNT by rid 500"
1326 .flags = NETR_CHANGELOG_SID_INCLUDED,
1327 .db_index = SAM_DATABASE_PRIVS,
1328 .delta_type = NETR_DELTA_ACCOUNT,
1329 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1331 .expected_error = NT_STATUS_OK,
1332 .expected_num_results = 1,
1333 .expected_delta_type_1 = NETR_DELTA_ACCOUNT,
1334 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and flags"
1338 .flags = NETR_CHANGELOG_SID_INCLUDED |
1339 NETR_CHANGELOG_IMMEDIATE_REPL_REQUIRED,
1340 .db_index = SAM_DATABASE_PRIVS,
1341 .delta_type = NETR_DELTA_ACCOUNT,
1342 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1344 .expected_error = NT_STATUS_OK,
1345 .expected_num_results = 1,
1346 .expected_delta_type_1 = NETR_DELTA_ACCOUNT,
1347 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and 2 flags"
1351 .flags = NETR_CHANGELOG_SID_INCLUDED |
1352 NETR_CHANGELOG_NAME_INCLUDED,
1353 .db_index = SAM_DATABASE_PRIVS,
1354 .delta_type = NETR_DELTA_ACCOUNT,
1355 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1357 .expected_error = NT_STATUS_INVALID_PARAMETER,
1358 .expected_num_results = 0,
1359 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and invalid flags"
1362 .rid = DOMAIN_RID_ADMINISTRATOR,
1363 .flags = NETR_CHANGELOG_SID_INCLUDED,
1364 .db_index = SAM_DATABASE_PRIVS,
1365 .delta_type = NETR_DELTA_ACCOUNT,
1368 .expected_error = NT_STATUS_OK,
1369 .expected_num_results = 1,
1370 .expected_delta_type_1 = NETR_DELTA_DELETE_ACCOUNT,
1371 .comment = "NETR_DELTA_ACCOUNT by rid 500, sid and flags"
1375 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1376 .db_index = SAM_DATABASE_PRIVS,
1377 .delta_type = NETR_DELTA_SECRET,
1379 .name = "IsurelydontexistIhope",
1380 .expected_error = NT_STATUS_OK,
1381 .expected_num_results = 1,
1382 .expected_delta_type_1 = NETR_DELTA_DELETE_SECRET,
1383 .comment = "NETR_DELTA_SECRET by name 'IsurelydontexistIhope' and flags"
1387 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1388 .db_index = SAM_DATABASE_PRIVS,
1389 .delta_type = NETR_DELTA_SECRET,
1391 .name = "G$BCKUPKEY_P",
1392 .expected_error = NT_STATUS_OK,
1393 .expected_num_results = 1,
1394 .expected_delta_type_1 = NETR_DELTA_SECRET,
1395 .comment = "NETR_DELTA_SECRET by name 'G$BCKUPKEY_P' and flags"
1399 ZERO_STRUCT(return_authenticator);
1401 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1402 r.in.computername = TEST_MACHINE_NAME;
1403 r.in.return_authenticator = &return_authenticator;
1404 r.out.return_authenticator = &return_authenticator;
1405 r.out.delta_enum_array = &delta_enum_array;
1407 for (d=0; d<3; d++) {
1408 const char *database = NULL;
1415 database = "BUILTIN";
1424 torture_comment(tctx, "Testing DatabaseRedo\n");
1426 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1430 for (i=0;i<ARRAY_SIZE(changes);i++) {
1432 if (d != changes[i].db_index) {
1436 netlogon_creds_client_authenticator(creds, &credential);
1438 r.in.credential = &credential;
1440 e.serial_number1 = 0;
1441 e.serial_number2 = 0;
1442 e.object_rid = changes[i].rid;
1443 e.flags = changes[i].flags;
1444 e.db_index = changes[i].db_index;
1445 e.delta_type = changes[i].delta_type;
1447 switch (changes[i].flags & (NETR_CHANGELOG_NAME_INCLUDED | NETR_CHANGELOG_SID_INCLUDED)) {
1448 case NETR_CHANGELOG_SID_INCLUDED:
1449 e.object.object_sid = changes[i].sid;
1451 case NETR_CHANGELOG_NAME_INCLUDED:
1452 e.object.object_name = changes[i].name;
1458 r.in.change_log_entry = e;
1460 torture_comment(tctx, "Testing DatabaseRedo with database %s and %s\n",
1461 database, changes[i].comment);
1463 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseRedo_r(b, tctx, &r),
1464 "DatabaseRedo failed");
1465 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
1469 torture_assert_ntstatus_equal(tctx, r.out.result, changes[i].expected_error, changes[i].comment);
1470 if (delta_enum_array) {
1471 torture_assert_int_equal(tctx,
1472 delta_enum_array->num_deltas,
1473 changes[i].expected_num_results,
1474 changes[i].comment);
1475 if (delta_enum_array->num_deltas > 0) {
1476 torture_assert_int_equal(tctx,
1477 delta_enum_array->delta_enum[0].delta_type,
1478 changes[i].expected_delta_type_1,
1479 changes[i].comment);
1481 if (delta_enum_array->num_deltas > 1) {
1482 torture_assert_int_equal(tctx,
1483 delta_enum_array->delta_enum[1].delta_type,
1484 changes[i].expected_delta_type_2,
1485 changes[i].comment);
1489 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
1490 torture_comment(tctx, "Credential chaining failed\n");
1491 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1503 try a netlogon AccountDeltas
1505 static bool test_AccountDeltas(struct torture_context *tctx,
1506 struct dcerpc_pipe *p,
1507 struct cli_credentials *machine_credentials)
1509 struct netr_AccountDeltas r;
1510 struct netlogon_creds_CredentialState *creds;
1512 struct netr_AccountBuffer buffer;
1513 uint32_t count_returned = 0;
1514 uint32_t total_entries = 0;
1515 struct netr_UAS_INFO_0 recordid;
1516 struct netr_Authenticator return_authenticator;
1517 struct dcerpc_binding_handle *b = p->binding_handle;
1519 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1523 ZERO_STRUCT(return_authenticator);
1525 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1526 r.in.computername = TEST_MACHINE_NAME;
1527 r.in.return_authenticator = &return_authenticator;
1528 netlogon_creds_client_authenticator(creds, &r.in.credential);
1529 ZERO_STRUCT(r.in.uas);
1532 r.in.buffersize=100;
1533 r.out.buffer = &buffer;
1534 r.out.count_returned = &count_returned;
1535 r.out.total_entries = &total_entries;
1536 r.out.recordid = &recordid;
1537 r.out.return_authenticator = &return_authenticator;
1539 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1540 torture_assert_ntstatus_ok(tctx, dcerpc_netr_AccountDeltas_r(b, tctx, &r),
1541 "AccountDeltas failed");
1542 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_NOT_IMPLEMENTED, "AccountDeltas");
1548 try a netlogon AccountSync
1550 static bool test_AccountSync(struct torture_context *tctx, struct dcerpc_pipe *p,
1551 struct cli_credentials *machine_credentials)
1553 struct netr_AccountSync r;
1554 struct netlogon_creds_CredentialState *creds;
1556 struct netr_AccountBuffer buffer;
1557 uint32_t count_returned = 0;
1558 uint32_t total_entries = 0;
1559 uint32_t next_reference = 0;
1560 struct netr_UAS_INFO_0 recordid;
1561 struct netr_Authenticator return_authenticator;
1562 struct dcerpc_binding_handle *b = p->binding_handle;
1564 ZERO_STRUCT(recordid);
1565 ZERO_STRUCT(return_authenticator);
1567 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1571 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1572 r.in.computername = TEST_MACHINE_NAME;
1573 r.in.return_authenticator = &return_authenticator;
1574 netlogon_creds_client_authenticator(creds, &r.in.credential);
1575 r.in.recordid = &recordid;
1578 r.in.buffersize=100;
1579 r.out.buffer = &buffer;
1580 r.out.count_returned = &count_returned;
1581 r.out.total_entries = &total_entries;
1582 r.out.next_reference = &next_reference;
1583 r.out.recordid = &recordid;
1584 r.out.return_authenticator = &return_authenticator;
1586 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1587 torture_assert_ntstatus_ok(tctx, dcerpc_netr_AccountSync_r(b, tctx, &r),
1588 "AccountSync failed");
1589 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_NOT_IMPLEMENTED, "AccountSync");
1595 try a netlogon GetDcName
1597 static bool test_GetDcName(struct torture_context *tctx,
1598 struct dcerpc_pipe *p)
1600 struct netr_GetDcName r;
1601 const char *dcname = NULL;
1602 struct dcerpc_binding_handle *b = p->binding_handle;
1604 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1605 r.in.domainname = lpcfg_workgroup(tctx->lp_ctx);
1606 r.out.dcname = &dcname;
1608 torture_assert_ntstatus_ok(tctx, dcerpc_netr_GetDcName_r(b, tctx, &r),
1609 "GetDcName failed");
1610 torture_assert_werr_ok(tctx, r.out.result, "GetDcName failed");
1612 torture_comment(tctx, "\tDC is at '%s'\n", dcname);
1617 static const char *function_code_str(TALLOC_CTX *mem_ctx,
1618 enum netr_LogonControlCode function_code)
1620 switch (function_code) {
1621 case NETLOGON_CONTROL_QUERY:
1622 return "NETLOGON_CONTROL_QUERY";
1623 case NETLOGON_CONTROL_REPLICATE:
1624 return "NETLOGON_CONTROL_REPLICATE";
1625 case NETLOGON_CONTROL_SYNCHRONIZE:
1626 return "NETLOGON_CONTROL_SYNCHRONIZE";
1627 case NETLOGON_CONTROL_PDC_REPLICATE:
1628 return "NETLOGON_CONTROL_PDC_REPLICATE";
1629 case NETLOGON_CONTROL_REDISCOVER:
1630 return "NETLOGON_CONTROL_REDISCOVER";
1631 case NETLOGON_CONTROL_TC_QUERY:
1632 return "NETLOGON_CONTROL_TC_QUERY";
1633 case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1634 return "NETLOGON_CONTROL_TRANSPORT_NOTIFY";
1635 case NETLOGON_CONTROL_FIND_USER:
1636 return "NETLOGON_CONTROL_FIND_USER";
1637 case NETLOGON_CONTROL_CHANGE_PASSWORD:
1638 return "NETLOGON_CONTROL_CHANGE_PASSWORD";
1639 case NETLOGON_CONTROL_TC_VERIFY:
1640 return "NETLOGON_CONTROL_TC_VERIFY";
1641 case NETLOGON_CONTROL_FORCE_DNS_REG:
1642 return "NETLOGON_CONTROL_FORCE_DNS_REG";
1643 case NETLOGON_CONTROL_QUERY_DNS_REG:
1644 return "NETLOGON_CONTROL_QUERY_DNS_REG";
1645 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1646 return "NETLOGON_CONTROL_BACKUP_CHANGE_LOG";
1647 case NETLOGON_CONTROL_TRUNCATE_LOG:
1648 return "NETLOGON_CONTROL_TRUNCATE_LOG";
1649 case NETLOGON_CONTROL_SET_DBFLAG:
1650 return "NETLOGON_CONTROL_SET_DBFLAG";
1651 case NETLOGON_CONTROL_BREAKPOINT:
1652 return "NETLOGON_CONTROL_BREAKPOINT";
1654 return talloc_asprintf(mem_ctx, "unknown function code: %d",
1661 try a netlogon LogonControl
1663 static bool test_LogonControl(struct torture_context *tctx,
1664 struct dcerpc_pipe *p,
1665 struct cli_credentials *machine_credentials)
1669 struct netr_LogonControl r;
1670 union netr_CONTROL_QUERY_INFORMATION query;
1672 enum netr_SchannelType secure_channel_type = SEC_CHAN_NULL;
1673 struct dcerpc_binding_handle *b = p->binding_handle;
1675 uint32_t function_codes[] = {
1676 NETLOGON_CONTROL_QUERY,
1677 NETLOGON_CONTROL_REPLICATE,
1678 NETLOGON_CONTROL_SYNCHRONIZE,
1679 NETLOGON_CONTROL_PDC_REPLICATE,
1680 NETLOGON_CONTROL_REDISCOVER,
1681 NETLOGON_CONTROL_TC_QUERY,
1682 NETLOGON_CONTROL_TRANSPORT_NOTIFY,
1683 NETLOGON_CONTROL_FIND_USER,
1684 NETLOGON_CONTROL_CHANGE_PASSWORD,
1685 NETLOGON_CONTROL_TC_VERIFY,
1686 NETLOGON_CONTROL_FORCE_DNS_REG,
1687 NETLOGON_CONTROL_QUERY_DNS_REG,
1688 NETLOGON_CONTROL_BACKUP_CHANGE_LOG,
1689 NETLOGON_CONTROL_TRUNCATE_LOG,
1690 NETLOGON_CONTROL_SET_DBFLAG,
1691 NETLOGON_CONTROL_BREAKPOINT
1694 if (machine_credentials) {
1695 secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
1698 torture_comment(tctx, "Testing LogonControl with secure channel type: %d\n",
1699 secure_channel_type);
1701 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1702 r.in.function_code = 1;
1703 r.out.query = &query;
1705 for (f=0;f<ARRAY_SIZE(function_codes); f++) {
1708 r.in.function_code = function_codes[f];
1711 torture_comment(tctx, "Testing LogonControl function code %s (%d) level %d\n",
1712 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
1714 status = dcerpc_netr_LogonControl_r(b, tctx, &r);
1715 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1717 switch (r.in.level) {
1719 switch (r.in.function_code) {
1720 case NETLOGON_CONTROL_REPLICATE:
1721 case NETLOGON_CONTROL_SYNCHRONIZE:
1722 case NETLOGON_CONTROL_PDC_REPLICATE:
1723 case NETLOGON_CONTROL_BREAKPOINT:
1724 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1725 if ((secure_channel_type == SEC_CHAN_BDC) ||
1726 (secure_channel_type == SEC_CHAN_WKSTA)) {
1727 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1728 "LogonControl returned unexpected error code");
1730 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1731 "LogonControl returned unexpected error code");
1735 case NETLOGON_CONTROL_REDISCOVER:
1736 case NETLOGON_CONTROL_TC_QUERY:
1737 case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1738 case NETLOGON_CONTROL_FIND_USER:
1739 case NETLOGON_CONTROL_CHANGE_PASSWORD:
1740 case NETLOGON_CONTROL_TC_VERIFY:
1741 case NETLOGON_CONTROL_FORCE_DNS_REG:
1742 case NETLOGON_CONTROL_QUERY_DNS_REG:
1743 case NETLOGON_CONTROL_SET_DBFLAG:
1744 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1745 "LogonControl returned unexpected error code");
1747 case NETLOGON_CONTROL_TRUNCATE_LOG:
1748 if ((secure_channel_type == SEC_CHAN_BDC) ||
1749 (secure_channel_type == SEC_CHAN_WKSTA)) {
1750 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1751 "LogonControl returned unexpected error code");
1753 torture_assert_werr_ok(tctx, r.out.result,
1754 "LogonControl returned unexpected result");
1758 torture_assert_werr_ok(tctx, r.out.result,
1759 "LogonControl returned unexpected result");
1764 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1765 "LogonControl returned unexpected error code");
1768 torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL,
1769 "LogonControl returned unexpected error code");
1780 try a netlogon GetAnyDCName
1782 static bool test_GetAnyDCName(struct torture_context *tctx,
1783 struct dcerpc_pipe *p)
1786 struct netr_GetAnyDCName r;
1787 const char *dcname = NULL;
1788 struct dcerpc_binding_handle *b = p->binding_handle;
1790 r.in.domainname = lpcfg_workgroup(tctx->lp_ctx);
1791 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1792 r.out.dcname = &dcname;
1794 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
1795 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1796 if ((!W_ERROR_IS_OK(r.out.result)) &&
1797 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
1802 torture_comment(tctx, "\tDC is at '%s'\n", dcname);
1805 r.in.domainname = NULL;
1807 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
1808 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1809 if ((!W_ERROR_IS_OK(r.out.result)) &&
1810 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
1814 r.in.domainname = "";
1816 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
1817 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1818 if ((!W_ERROR_IS_OK(r.out.result)) &&
1819 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
1828 try a netlogon LogonControl2
1830 static bool test_LogonControl2(struct torture_context *tctx,
1831 struct dcerpc_pipe *p,
1832 struct cli_credentials *machine_credentials)
1836 struct netr_LogonControl2 r;
1837 union netr_CONTROL_DATA_INFORMATION data;
1838 union netr_CONTROL_QUERY_INFORMATION query;
1840 struct dcerpc_binding_handle *b = p->binding_handle;
1842 data.domain = lpcfg_workgroup(tctx->lp_ctx);
1844 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1846 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
1848 r.out.query = &query;
1853 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1854 i, r.in.function_code);
1856 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1857 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1860 data.domain = lpcfg_workgroup(tctx->lp_ctx);
1862 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
1868 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1869 i, r.in.function_code);
1871 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1872 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1875 data.domain = lpcfg_workgroup(tctx->lp_ctx);
1877 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
1883 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1884 i, r.in.function_code);
1886 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1887 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1890 data.debug_level = ~0;
1892 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
1898 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1899 i, r.in.function_code);
1901 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1902 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1909 try a netlogon DatabaseSync2
1911 static bool test_DatabaseSync2(struct torture_context *tctx,
1912 struct dcerpc_pipe *p,
1913 struct cli_credentials *machine_credentials)
1915 struct netr_DatabaseSync2 r;
1916 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1917 struct netr_Authenticator return_authenticator, credential;
1919 struct netlogon_creds_CredentialState *creds;
1920 const uint32_t database_ids[] = {0, 1, 2};
1922 struct dcerpc_binding_handle *b = p->binding_handle;
1924 if (!test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_FLAGS,
1925 machine_credentials,
1926 cli_credentials_get_secure_channel_type(machine_credentials),
1931 ZERO_STRUCT(return_authenticator);
1933 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1934 r.in.computername = TEST_MACHINE_NAME;
1935 r.in.preferredmaximumlength = (uint32_t)-1;
1936 r.in.return_authenticator = &return_authenticator;
1937 r.out.return_authenticator = &return_authenticator;
1938 r.out.delta_enum_array = &delta_enum_array;
1940 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1942 uint32_t sync_context = 0;
1944 r.in.database_id = database_ids[i];
1945 r.in.sync_context = &sync_context;
1946 r.out.sync_context = &sync_context;
1947 r.in.restart_state = 0;
1949 torture_comment(tctx, "Testing DatabaseSync2 of id %d\n", r.in.database_id);
1952 netlogon_creds_client_authenticator(creds, &credential);
1954 r.in.credential = &credential;
1956 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseSync2_r(b, tctx, &r),
1957 "DatabaseSync2 failed");
1958 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
1961 /* Native mode servers don't do this */
1962 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
1966 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseSync2");
1968 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
1969 torture_comment(tctx, "Credential chaining failed\n");
1972 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
1980 try a netlogon LogonControl2Ex
1982 static bool test_LogonControl2Ex(struct torture_context *tctx,
1983 struct dcerpc_pipe *p,
1984 struct cli_credentials *machine_credentials)
1988 struct netr_LogonControl2Ex r;
1989 union netr_CONTROL_DATA_INFORMATION data;
1990 union netr_CONTROL_QUERY_INFORMATION query;
1992 struct dcerpc_binding_handle *b = p->binding_handle;
1994 data.domain = lpcfg_workgroup(tctx->lp_ctx);
1996 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1998 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
2000 r.out.query = &query;
2005 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2006 i, r.in.function_code);
2008 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2009 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2012 data.domain = lpcfg_workgroup(tctx->lp_ctx);
2014 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
2020 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2021 i, r.in.function_code);
2023 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2024 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2027 data.domain = lpcfg_workgroup(tctx->lp_ctx);
2029 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
2035 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2036 i, r.in.function_code);
2038 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2039 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2042 data.debug_level = ~0;
2044 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
2050 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2051 i, r.in.function_code);
2053 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2054 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2060 static bool test_netr_GetForestTrustInformation(struct torture_context *tctx,
2061 struct dcerpc_pipe *p,
2062 struct cli_credentials *machine_credentials)
2064 struct netr_GetForestTrustInformation r;
2065 struct netlogon_creds_CredentialState *creds;
2066 struct netr_Authenticator a;
2067 struct netr_Authenticator return_authenticator;
2068 struct lsa_ForestTrustInformation *forest_trust_info;
2069 struct dcerpc_binding_handle *b = p->binding_handle;
2071 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2072 machine_credentials, &creds)) {
2076 netlogon_creds_client_authenticator(creds, &a);
2078 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2079 r.in.computer_name = TEST_MACHINE_NAME;
2080 r.in.credential = &a;
2082 r.out.return_authenticator = &return_authenticator;
2083 r.out.forest_trust_info = &forest_trust_info;
2085 torture_assert_ntstatus_ok(tctx,
2086 dcerpc_netr_GetForestTrustInformation_r(b, tctx, &r),
2087 "netr_GetForestTrustInformation failed");
2088 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_IMPLEMENTED)) {
2089 torture_comment(tctx, "not considering NT_STATUS_NOT_IMPLEMENTED as an error\n");
2091 torture_assert_ntstatus_ok(tctx, r.out.result,
2092 "netr_GetForestTrustInformation failed");
2095 torture_assert(tctx,
2096 netlogon_creds_client_check(creds, &return_authenticator.cred),
2097 "Credential chaining failed");
2102 static bool test_netr_DsRGetForestTrustInformation(struct torture_context *tctx,
2103 struct dcerpc_pipe *p, const char *trusted_domain_name)
2106 struct netr_DsRGetForestTrustInformation r;
2107 struct lsa_ForestTrustInformation info, *info_ptr;
2108 struct dcerpc_binding_handle *b = p->binding_handle;
2112 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2113 r.in.trusted_domain_name = trusted_domain_name;
2115 r.out.forest_trust_info = &info_ptr;
2117 torture_comment(tctx ,"Testing netr_DsRGetForestTrustInformation\n");
2119 status = dcerpc_netr_DsRGetForestTrustInformation_r(b, tctx, &r);
2120 torture_assert_ntstatus_ok(tctx, status, "DsRGetForestTrustInformation");
2121 torture_assert_werr_ok(tctx, r.out.result, "DsRGetForestTrustInformation");
2127 try a netlogon netr_DsrEnumerateDomainTrusts
2129 static bool test_DsrEnumerateDomainTrusts(struct torture_context *tctx,
2130 struct dcerpc_pipe *p)
2133 struct netr_DsrEnumerateDomainTrusts r;
2134 struct netr_DomainTrustList trusts;
2136 struct dcerpc_binding_handle *b = p->binding_handle;
2138 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2139 r.in.trust_flags = 0x3f;
2140 r.out.trusts = &trusts;
2142 status = dcerpc_netr_DsrEnumerateDomainTrusts_r(b, tctx, &r);
2143 torture_assert_ntstatus_ok(tctx, status, "DsrEnumerateDomaintrusts");
2144 torture_assert_werr_ok(tctx, r.out.result, "DsrEnumerateDomaintrusts");
2146 /* when trusted_domain_name is NULL, netr_DsRGetForestTrustInformation
2147 * will show non-forest trusts and all UPN suffixes of the own forest
2148 * as LSA_FOREST_TRUST_TOP_LEVEL_NAME types */
2150 if (r.out.trusts->count) {
2151 if (!test_netr_DsRGetForestTrustInformation(tctx, p, NULL)) {
2156 for (i=0; i<r.out.trusts->count; i++) {
2158 /* get info for transitive forest trusts */
2160 if (r.out.trusts->array[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
2161 if (!test_netr_DsRGetForestTrustInformation(tctx, p,
2162 r.out.trusts->array[i].dns_name)) {
2171 static bool test_netr_NetrEnumerateTrustedDomains(struct torture_context *tctx,
2172 struct dcerpc_pipe *p)
2175 struct netr_NetrEnumerateTrustedDomains r;
2176 struct netr_Blob trusted_domains_blob;
2177 struct dcerpc_binding_handle *b = p->binding_handle;
2179 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2180 r.out.trusted_domains_blob = &trusted_domains_blob;
2182 status = dcerpc_netr_NetrEnumerateTrustedDomains_r(b, tctx, &r);
2183 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomains");
2184 torture_assert_ntstatus_ok(tctx, r.out.result, "NetrEnumerateTrustedDomains");
2189 static bool test_netr_NetrEnumerateTrustedDomainsEx(struct torture_context *tctx,
2190 struct dcerpc_pipe *p)
2193 struct netr_NetrEnumerateTrustedDomainsEx r;
2194 struct netr_DomainTrustList dom_trust_list;
2195 struct dcerpc_binding_handle *b = p->binding_handle;
2197 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2198 r.out.dom_trust_list = &dom_trust_list;
2200 status = dcerpc_netr_NetrEnumerateTrustedDomainsEx_r(b, tctx, &r);
2201 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomainsEx");
2202 torture_assert_werr_ok(tctx, r.out.result, "NetrEnumerateTrustedDomainsEx");
2208 static bool test_netr_DsRGetSiteName(struct dcerpc_pipe *p, struct torture_context *tctx,
2209 const char *computer_name,
2210 const char *expected_site)
2213 struct netr_DsRGetSiteName r;
2214 const char *site = NULL;
2215 struct dcerpc_binding_handle *b = p->binding_handle;
2217 r.in.computer_name = computer_name;
2219 torture_comment(tctx, "Testing netr_DsRGetSiteName\n");
2221 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
2222 torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
2223 torture_assert_werr_ok(tctx, r.out.result, "DsRGetSiteName");
2224 torture_assert_str_equal(tctx, expected_site, site, "netr_DsRGetSiteName");
2226 if (torture_setting_bool(tctx, "samba4", false))
2227 torture_skip(tctx, "skipping computer name check against Samba4");
2229 r.in.computer_name = talloc_asprintf(tctx, "\\\\%s", computer_name);
2230 torture_comment(tctx,
2231 "Testing netr_DsRGetSiteName with broken computer name: %s\n", r.in.computer_name);
2233 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
2234 torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
2235 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_COMPUTERNAME, "netr_DsRGetSiteName");
2241 try a netlogon netr_DsRGetDCName
2243 static bool test_netr_DsRGetDCName(struct torture_context *tctx,
2244 struct dcerpc_pipe *p)
2247 struct netr_DsRGetDCName r;
2248 struct netr_DsRGetDCNameInfo *info = NULL;
2249 struct dcerpc_binding_handle *b = p->binding_handle;
2251 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2252 r.in.domain_name = lpcfg_dnsdomain(tctx->lp_ctx);
2253 r.in.domain_guid = NULL;
2254 r.in.site_guid = NULL;
2255 r.in.flags = DS_RETURN_DNS_NAME;
2258 status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
2259 torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
2260 torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
2262 r.in.domain_name = lpcfg_workgroup(tctx->lp_ctx);
2264 status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
2265 torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
2266 torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
2268 return test_netr_DsRGetSiteName(p, tctx,
2270 info->dc_site_name);
2274 try a netlogon netr_DsRGetDCNameEx
2276 static bool test_netr_DsRGetDCNameEx(struct torture_context *tctx,
2277 struct dcerpc_pipe *p)
2280 struct netr_DsRGetDCNameEx r;
2281 struct netr_DsRGetDCNameInfo *info = NULL;
2282 struct dcerpc_binding_handle *b = p->binding_handle;
2284 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2285 r.in.domain_name = lpcfg_dnsdomain(tctx->lp_ctx);
2286 r.in.domain_guid = NULL;
2287 r.in.site_name = NULL;
2288 r.in.flags = DS_RETURN_DNS_NAME;
2291 status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
2292 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
2293 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
2295 r.in.domain_name = lpcfg_workgroup(tctx->lp_ctx);
2297 status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
2298 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
2299 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
2301 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2302 info->dc_site_name);
2306 try a netlogon netr_DsRGetDCNameEx2
2308 static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx,
2309 struct dcerpc_pipe *p)
2312 struct netr_DsRGetDCNameEx2 r;
2313 struct netr_DsRGetDCNameInfo *info = NULL;
2314 struct dcerpc_binding_handle *b = p->binding_handle;
2316 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with no inputs\n");
2318 r.in.flags = DS_RETURN_DNS_NAME;
2321 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2322 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2323 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2325 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2326 r.in.client_account = NULL;
2327 r.in.mask = 0x00000000;
2328 r.in.domain_name = lpcfg_dnsdomain(tctx->lp_ctx);
2329 r.in.domain_guid = NULL;
2330 r.in.site_name = NULL;
2331 r.in.flags = DS_RETURN_DNS_NAME;
2334 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 without client account\n");
2336 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2337 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2338 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2340 r.in.domain_name = lpcfg_workgroup(tctx->lp_ctx);
2342 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2343 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2344 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2346 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with client account\n");
2347 r.in.client_account = TEST_MACHINE_NAME"$";
2348 r.in.mask = ACB_SVRTRUST;
2349 r.in.flags = DS_RETURN_FLAT_NAME;
2352 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2353 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2354 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2356 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2357 info->dc_site_name);
2360 /* This is a substitution for "samdb_server_site_name" which relies on the
2361 * correct "lp_ctx" and therefore can't be used here. */
2362 static const char *server_site_name(struct torture_context *tctx,
2363 struct ldb_context *ldb)
2365 TALLOC_CTX *tmp_ctx;
2366 struct ldb_dn *dn, *server_dn;
2367 const struct ldb_val *site_name_val;
2368 const char *server_dn_str, *site_name;
2370 tmp_ctx = talloc_new(ldb);
2371 if (tmp_ctx == NULL) {
2375 dn = ldb_dn_new(tmp_ctx, ldb, "");
2380 server_dn_str = samdb_search_string(ldb, tmp_ctx, dn, "serverName",
2382 if (server_dn_str == NULL) {
2386 server_dn = ldb_dn_new(tmp_ctx, ldb, server_dn_str);
2387 if (server_dn == NULL) {
2391 /* CN=<Server name>, CN=Servers, CN=<Site name>, CN=Sites, ... */
2392 site_name_val = ldb_dn_get_component_val(server_dn, 2);
2393 if (site_name_val == NULL) {
2397 site_name = (const char *) site_name_val->data;
2399 talloc_steal(tctx, site_name);
2400 talloc_free(tmp_ctx);
2405 talloc_free(tmp_ctx);
2409 static bool test_netr_DsrGetDcSiteCoverageW(struct torture_context *tctx,
2410 struct dcerpc_pipe *p)
2413 struct ldb_context *sam_ctx = NULL;
2415 struct netr_DsrGetDcSiteCoverageW r;
2416 struct DcSitesCtr *ctr = NULL;
2417 struct dcerpc_binding_handle *b = p->binding_handle;
2419 torture_comment(tctx, "This does only pass with the default site\n");
2421 /* We won't double-check this when we are over 'local' transports */
2422 if (dcerpc_server_name(p)) {
2423 /* Set up connection to SAMDB on DC */
2424 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2425 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2427 cmdline_credentials,
2430 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2433 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2436 status = dcerpc_netr_DsrGetDcSiteCoverageW_r(b, tctx, &r);
2437 torture_assert_ntstatus_ok(tctx, status, "failed");
2438 torture_assert_werr_ok(tctx, r.out.result, "failed");
2440 torture_assert(tctx, ctr->num_sites == 1,
2441 "we should per default only get the default site");
2442 if (sam_ctx != NULL) {
2443 torture_assert_casestr_equal(tctx, ctr->sites[0].string,
2444 server_site_name(tctx, sam_ctx),
2445 "didn't return default site");
2451 static bool test_netr_DsRAddressToSitenamesW(struct torture_context *tctx,
2452 struct dcerpc_pipe *p)
2455 struct ldb_context *sam_ctx = NULL;
2457 struct netr_DsRAddressToSitenamesW r;
2458 struct netr_DsRAddress addrs[6];
2459 struct sockaddr_in *addr;
2461 struct sockaddr_in6 *addr6;
2463 struct netr_DsRAddressToSitenamesWCtr *ctr;
2464 struct dcerpc_binding_handle *b = p->binding_handle;
2468 torture_comment(tctx, "This does only pass with the default site\n");
2470 /* We won't double-check this when we are over 'local' transports */
2471 if (dcerpc_server_name(p)) {
2472 /* Set up connection to SAMDB on DC */
2473 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2474 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2476 cmdline_credentials,
2479 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2482 /* First try valid IP addresses */
2484 addrs[0].size = sizeof(struct sockaddr_in);
2485 addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
2486 addr = (struct sockaddr_in *) addrs[0].buffer;
2487 addrs[0].buffer[0] = AF_INET;
2488 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2489 torture_assert(tctx, ret > 0, "inet_pton failed");
2491 addrs[1].size = sizeof(struct sockaddr_in);
2492 addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
2493 addr = (struct sockaddr_in *) addrs[1].buffer;
2494 addrs[1].buffer[0] = AF_INET;
2495 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2496 torture_assert(tctx, ret > 0, "inet_pton failed");
2498 addrs[2].size = sizeof(struct sockaddr_in);
2499 addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
2500 addr = (struct sockaddr_in *) addrs[2].buffer;
2501 addrs[2].buffer[0] = AF_INET;
2502 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2503 torture_assert(tctx, ret > 0, "inet_pton failed");
2506 addrs[3].size = sizeof(struct sockaddr_in6);
2507 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2508 addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
2509 addrs[3].buffer[0] = AF_INET6;
2510 ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
2511 torture_assert(tctx, ret > 0, "inet_pton failed");
2513 addrs[4].size = sizeof(struct sockaddr_in6);
2514 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2515 addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
2516 addrs[4].buffer[0] = AF_INET6;
2517 ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
2518 torture_assert(tctx, ret > 0, "inet_pton failed");
2520 addrs[5].size = sizeof(struct sockaddr_in6);
2521 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2522 addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
2523 addrs[5].buffer[0] = AF_INET6;
2524 ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
2525 torture_assert(tctx, ret > 0, "inet_pton failed");
2527 /* the test cases are repeated to have exactly 6. This is for
2528 * compatibility with IPv4-only machines */
2529 addrs[3].size = sizeof(struct sockaddr_in);
2530 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2531 addr = (struct sockaddr_in *) addrs[3].buffer;
2532 addrs[3].buffer[0] = AF_INET;
2533 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2534 torture_assert(tctx, ret > 0, "inet_pton failed");
2536 addrs[4].size = sizeof(struct sockaddr_in);
2537 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2538 addr = (struct sockaddr_in *) addrs[4].buffer;
2539 addrs[4].buffer[0] = AF_INET;
2540 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2541 torture_assert(tctx, ret > 0, "inet_pton failed");
2543 addrs[5].size = sizeof(struct sockaddr_in);
2544 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2545 addr = (struct sockaddr_in *) addrs[5].buffer;
2546 addrs[5].buffer[0] = AF_INET;
2547 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2548 torture_assert(tctx, ret > 0, "inet_pton failed");
2551 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesWCtr);
2553 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2555 r.in.addresses = addrs;
2558 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2559 torture_assert_ntstatus_ok(tctx, status, "failed");
2560 torture_assert_werr_ok(tctx, r.out.result, "failed");
2562 if (sam_ctx != NULL) {
2563 for (i = 0; i < 3; i++) {
2564 torture_assert_casestr_equal(tctx,
2565 ctr->sitename[i].string,
2566 server_site_name(tctx, sam_ctx),
2567 "didn't return default site");
2569 for (i = 3; i < 6; i++) {
2570 /* Windows returns "NULL" for the sitename if it isn't
2571 * IPv6 configured */
2572 if (torture_setting_bool(tctx, "samba4", false)) {
2573 torture_assert_casestr_equal(tctx,
2574 ctr->sitename[i].string,
2575 server_site_name(tctx, sam_ctx),
2576 "didn't return default site");
2581 /* Now try invalid ones (too short buffers) */
2591 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2592 torture_assert_ntstatus_ok(tctx, status, "failed");
2593 torture_assert_werr_ok(tctx, r.out.result, "failed");
2595 for (i = 0; i < 6; i++) {
2596 torture_assert(tctx, ctr->sitename[i].string == NULL,
2597 "sitename should be null");
2600 /* Now try invalid ones (wrong address types) */
2603 addrs[0].buffer[0] = AF_UNSPEC;
2605 addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
2607 addrs[2].buffer[0] = AF_UNIX;
2610 addrs[3].buffer[0] = 250;
2612 addrs[4].buffer[0] = 251;
2614 addrs[5].buffer[0] = 252;
2616 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2617 torture_assert_ntstatus_ok(tctx, status, "failed");
2618 torture_assert_werr_ok(tctx, r.out.result, "failed");
2620 for (i = 0; i < 6; i++) {
2621 torture_assert(tctx, ctr->sitename[i].string == NULL,
2622 "sitename should be null");
2628 static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx,
2629 struct dcerpc_pipe *p)
2632 struct ldb_context *sam_ctx = NULL;
2634 struct netr_DsRAddressToSitenamesExW r;
2635 struct netr_DsRAddress addrs[6];
2636 struct sockaddr_in *addr;
2638 struct sockaddr_in6 *addr6;
2640 struct netr_DsRAddressToSitenamesExWCtr *ctr;
2641 struct dcerpc_binding_handle *b = p->binding_handle;
2645 torture_comment(tctx, "This does pass with the default site\n");
2647 /* We won't double-check this when we are over 'local' transports */
2648 if (dcerpc_server_name(p)) {
2649 /* Set up connection to SAMDB on DC */
2650 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2651 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2653 cmdline_credentials,
2656 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2659 /* First try valid IP addresses */
2661 addrs[0].size = sizeof(struct sockaddr_in);
2662 addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
2663 addr = (struct sockaddr_in *) addrs[0].buffer;
2664 addrs[0].buffer[0] = AF_INET;
2665 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2666 torture_assert(tctx, ret > 0, "inet_pton failed");
2668 addrs[1].size = sizeof(struct sockaddr_in);
2669 addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
2670 addr = (struct sockaddr_in *) addrs[1].buffer;
2671 addrs[1].buffer[0] = AF_INET;
2672 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2673 torture_assert(tctx, ret > 0, "inet_pton failed");
2675 addrs[2].size = sizeof(struct sockaddr_in);
2676 addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
2677 addr = (struct sockaddr_in *) addrs[2].buffer;
2678 addrs[2].buffer[0] = AF_INET;
2679 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2680 torture_assert(tctx, ret > 0, "inet_pton failed");
2683 addrs[3].size = sizeof(struct sockaddr_in6);
2684 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2685 addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
2686 addrs[3].buffer[0] = AF_INET6;
2687 ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
2688 torture_assert(tctx, ret > 0, "inet_pton failed");
2690 addrs[4].size = sizeof(struct sockaddr_in6);
2691 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2692 addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
2693 addrs[4].buffer[0] = AF_INET6;
2694 ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
2695 torture_assert(tctx, ret > 0, "inet_pton failed");
2697 addrs[5].size = sizeof(struct sockaddr_in6);
2698 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2699 addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
2700 addrs[5].buffer[0] = AF_INET6;
2701 ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
2702 torture_assert(tctx, ret > 0, "inet_pton failed");
2704 /* the test cases are repeated to have exactly 6. This is for
2705 * compatibility with IPv4-only machines */
2706 addrs[3].size = sizeof(struct sockaddr_in);
2707 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2708 addr = (struct sockaddr_in *) addrs[3].buffer;
2709 addrs[3].buffer[0] = AF_INET;
2710 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2711 torture_assert(tctx, ret > 0, "inet_pton failed");
2713 addrs[4].size = sizeof(struct sockaddr_in);
2714 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2715 addr = (struct sockaddr_in *) addrs[4].buffer;
2716 addrs[4].buffer[0] = AF_INET;
2717 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2718 torture_assert(tctx, ret > 0, "inet_pton failed");
2720 addrs[5].size = sizeof(struct sockaddr_in);
2721 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2722 addr = (struct sockaddr_in *) addrs[5].buffer;
2723 addrs[5].buffer[0] = AF_INET;
2724 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2725 torture_assert(tctx, ret > 0, "inet_pton failed");
2728 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesExWCtr);
2730 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2732 r.in.addresses = addrs;
2735 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
2736 torture_assert_ntstatus_ok(tctx, status, "failed");
2737 torture_assert_werr_ok(tctx, r.out.result, "failed");
2739 if (sam_ctx != NULL) {
2740 for (i = 0; i < 3; i++) {
2741 torture_assert_casestr_equal(tctx,
2742 ctr->sitename[i].string,
2743 server_site_name(tctx, sam_ctx),
2744 "didn't return default site");
2745 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2746 "subnet should be null");
2748 for (i = 3; i < 6; i++) {
2749 /* Windows returns "NULL" for the sitename if it isn't
2750 * IPv6 configured */
2751 if (torture_setting_bool(tctx, "samba4", false)) {
2752 torture_assert_casestr_equal(tctx,
2753 ctr->sitename[i].string,
2754 server_site_name(tctx, sam_ctx),
2755 "didn't return default site");
2757 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2758 "subnet should be null");
2762 /* Now try invalid ones (too short buffers) */
2772 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
2773 torture_assert_ntstatus_ok(tctx, status, "failed");
2774 torture_assert_werr_ok(tctx, r.out.result, "failed");
2776 for (i = 0; i < 6; i++) {
2777 torture_assert(tctx, ctr->sitename[i].string == NULL,
2778 "sitename should be null");
2779 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2780 "subnet should be null");
2784 addrs[0].buffer[0] = AF_UNSPEC;
2786 addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
2788 addrs[2].buffer[0] = AF_UNIX;
2791 addrs[3].buffer[0] = 250;
2793 addrs[4].buffer[0] = 251;
2795 addrs[5].buffer[0] = 252;
2797 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
2798 torture_assert_ntstatus_ok(tctx, status, "failed");
2799 torture_assert_werr_ok(tctx, r.out.result, "failed");
2801 for (i = 0; i < 6; i++) {
2802 torture_assert(tctx, ctr->sitename[i].string == NULL,
2803 "sitename should be null");
2804 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2805 "subnet should be null");
2811 static bool test_netr_ServerGetTrustInfo(struct torture_context *tctx,
2812 struct dcerpc_pipe *p,
2813 struct cli_credentials *machine_credentials)
2815 struct netr_ServerGetTrustInfo r;
2817 struct netr_Authenticator a;
2818 struct netr_Authenticator return_authenticator;
2819 struct samr_Password new_owf_password;
2820 struct samr_Password old_owf_password;
2821 struct netr_TrustInfo *trust_info;
2823 struct netlogon_creds_CredentialState *creds;
2824 struct dcerpc_binding_handle *b = p->binding_handle;
2826 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2827 machine_credentials, &creds)) {
2831 netlogon_creds_client_authenticator(creds, &a);
2833 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2834 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
2835 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
2836 r.in.computer_name = TEST_MACHINE_NAME;
2837 r.in.credential = &a;
2839 r.out.return_authenticator = &return_authenticator;
2840 r.out.new_owf_password = &new_owf_password;
2841 r.out.old_owf_password = &old_owf_password;
2842 r.out.trust_info = &trust_info;
2844 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerGetTrustInfo_r(b, tctx, &r),
2845 "ServerGetTrustInfo failed");
2846 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerGetTrustInfo failed");
2847 torture_assert(tctx, netlogon_creds_client_check(creds, &return_authenticator.cred), "Credential chaining failed");
2853 static bool test_GetDomainInfo(struct torture_context *tctx,
2854 struct dcerpc_pipe *p,
2855 struct cli_credentials *machine_credentials)
2857 struct netr_LogonGetDomainInfo r;
2858 struct netr_WorkstationInformation q1;
2859 struct netr_Authenticator a;
2860 struct netlogon_creds_CredentialState *creds;
2861 struct netr_OsVersion os;
2862 union netr_WorkstationInfo query;
2863 union netr_DomainInfo info;
2864 const char* const attrs[] = { "dNSHostName", "operatingSystem",
2865 "operatingSystemServicePack", "operatingSystemVersion",
2866 "servicePrincipalName", NULL };
2868 struct ldb_context *sam_ctx = NULL;
2869 struct ldb_message **res;
2870 struct ldb_message_element *spn_el;
2873 const char *old_dnsname = NULL;
2877 struct dcerpc_binding_handle *b = p->binding_handle;
2879 torture_comment(tctx, "Testing netr_LogonGetDomainInfo\n");
2881 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2882 machine_credentials, &creds)) {
2886 /* We won't double-check this when we are over 'local' transports */
2887 if (dcerpc_server_name(p)) {
2888 /* Set up connection to SAMDB on DC */
2889 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2890 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2892 cmdline_credentials,
2895 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2898 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 1st call (no variation of DNS hostname)\n");
2899 netlogon_creds_client_authenticator(creds, &a);
2902 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2903 r.in.computer_name = TEST_MACHINE_NAME;
2904 r.in.credential = &a;
2906 r.in.return_authenticator = &a;
2907 r.in.query = &query;
2908 r.out.return_authenticator = &a;
2912 os.os.MajorVersion = 123;
2913 os.os.MinorVersion = 456;
2914 os.os.BuildNumber = 789;
2915 os.os.CSDVersion = "Service Pack 10";
2916 os.os.ServicePackMajor = 10;
2917 os.os.ServicePackMinor = 1;
2918 os.os.SuiteMask = NETR_VER_SUITE_SINGLEUSERTS;
2919 os.os.ProductType = NETR_VER_NT_SERVER;
2922 version_str = talloc_asprintf(tctx, "%d.%d (%d)", os.os.MajorVersion,
2923 os.os.MinorVersion, os.os.BuildNumber);
2926 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
2927 lpcfg_dnsdomain(tctx->lp_ctx));
2928 q1.sitename = "Default-First-Site-Name";
2929 q1.os_version.os = &os;
2930 q1.os_name.string = talloc_asprintf(tctx,
2931 "Tortured by Samba4 RPC-NETLOGON: %s",
2932 timestring(tctx, time(NULL)));
2934 /* The workstation handles the "servicePrincipalName" and DNS hostname
2936 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
2938 query.workstation_info = &q1;
2941 /* Gets back the old DNS hostname in AD */
2942 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
2943 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
2945 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL);
2947 /* Gets back the "servicePrincipalName"s in AD */
2948 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2949 if (spn_el != NULL) {
2950 for (i=0; i < spn_el->num_values; i++) {
2951 spns = talloc_realloc(tctx, spns, char *, i + 1);
2952 spns[i] = (char *) spn_el->values[i].data;
2958 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
2959 "LogonGetDomainInfo failed");
2960 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
2961 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
2966 /* AD workstation infos entry check */
2967 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
2968 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
2969 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
2970 torture_assert_str_equal(tctx,
2971 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
2972 q1.os_name.string, "'operatingSystem' wrong!");
2973 torture_assert_str_equal(tctx,
2974 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL),
2975 os.os.CSDVersion, "'operatingSystemServicePack' wrong!");
2976 torture_assert_str_equal(tctx,
2977 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL),
2978 version_str, "'operatingSystemVersion' wrong!");
2980 if (old_dnsname != NULL) {
2981 /* If before a DNS hostname was set then it should remain
2982 the same in combination with the "servicePrincipalName"s.
2983 The DNS hostname should also be returned by our
2984 "LogonGetDomainInfo" call (in the domain info structure). */
2986 torture_assert_str_equal(tctx,
2987 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
2988 old_dnsname, "'DNS hostname' was not set!");
2990 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2991 torture_assert(tctx, ((spns != NULL) && (spn_el != NULL)),
2992 "'servicePrincipalName's not set!");
2993 torture_assert(tctx, spn_el->num_values == num_spns,
2994 "'servicePrincipalName's incorrect!");
2995 for (i=0; (i < spn_el->num_values) && (i < num_spns); i++)
2996 torture_assert_str_equal(tctx,
2997 (char *) spn_el->values[i].data,
2998 spns[i], "'servicePrincipalName's incorrect!");
3000 torture_assert_str_equal(tctx,
3001 info.domain_info->dns_hostname.string,
3003 "Out 'DNS hostname' doesn't match the old one!");
3005 /* If no DNS hostname was set then also now none should be set,
3006 the "servicePrincipalName"s should remain empty and no DNS
3007 hostname should be returned by our "LogonGetDomainInfo"
3008 call (in the domain info structure). */
3010 torture_assert(tctx,
3011 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL) == NULL,
3012 "'DNS hostname' was set!");
3014 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3015 torture_assert(tctx, ((spns == NULL) && (spn_el == NULL)),
3016 "'servicePrincipalName's were set!");
3018 torture_assert(tctx,
3019 info.domain_info->dns_hostname.string == NULL,
3020 "Out 'DNS host name' was set!");
3024 /* Checks "workstation flags" */
3025 torture_assert(tctx,
3026 info.domain_info->workstation_flags
3027 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3028 "Out 'workstation flags' don't match!");
3031 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 2nd call (variation of DNS hostname doesn't work)\n");
3032 netlogon_creds_client_authenticator(creds, &a);
3034 /* Wipe out the osVersion, and prove which values still 'stick' */
3035 q1.os_version.os = NULL;
3037 /* Change also the DNS hostname to test differences in behaviour */
3038 talloc_free(discard_const_p(char, q1.dns_hostname));
3039 q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
3040 lpcfg_dnsdomain(tctx->lp_ctx));
3042 /* The workstation handles the "servicePrincipalName" and DNS hostname
3044 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
3046 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3047 "LogonGetDomainInfo failed");
3048 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3050 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3055 /* AD workstation infos entry check */
3056 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3057 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3058 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
3060 torture_assert_str_equal(tctx,
3061 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
3062 q1.os_name.string, "'operatingSystem' should stick!");
3063 torture_assert(tctx,
3064 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
3065 "'operatingSystemServicePack' shouldn't stick!");
3066 torture_assert(tctx,
3067 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
3068 "'operatingSystemVersion' shouldn't stick!");
3070 /* The DNS host name shouldn't have been updated by the server */
3072 torture_assert_str_equal(tctx,
3073 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
3074 old_dnsname, "'DNS host name' did change!");
3076 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
3077 updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
3079 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3080 torture_assert(tctx, spn_el != NULL,
3081 "There should exist 'servicePrincipalName's in AD!");
3082 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
3083 for (i=0; i < spn_el->num_values; i++)
3084 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3086 torture_assert(tctx, i != spn_el->num_values,
3087 "'servicePrincipalName' HOST/<Netbios name> not found!");
3088 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
3089 for (i=0; i < spn_el->num_values; i++)
3090 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3092 torture_assert(tctx, i != spn_el->num_values,
3093 "'servicePrincipalName' HOST/<FQDN name> not found!");
3095 /* Check that the out DNS hostname was set properly */
3096 torture_assert_str_equal(tctx, info.domain_info->dns_hostname.string,
3097 old_dnsname, "Out 'DNS hostname' doesn't match the old one!");
3100 /* Checks "workstation flags" */
3101 torture_assert(tctx,
3102 info.domain_info->workstation_flags == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3103 "Out 'workstation flags' don't match!");
3106 /* Now try the same but the workstation flags set to 0 */
3108 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 3rd call (variation of DNS hostname doesn't work)\n");
3109 netlogon_creds_client_authenticator(creds, &a);
3111 /* Change also the DNS hostname to test differences in behaviour */
3112 talloc_free(discard_const_p(char, q1.dns_hostname));
3113 q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
3114 lpcfg_dnsdomain(tctx->lp_ctx));
3116 /* Wipe out the osVersion, and prove which values still 'stick' */
3117 q1.os_version.os = NULL;
3119 /* Let the DC handle the "servicePrincipalName" and DNS hostname
3121 q1.workstation_flags = 0;
3123 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3124 "LogonGetDomainInfo failed");
3125 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3126 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3131 /* AD workstation infos entry check */
3132 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3133 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3134 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
3136 torture_assert_str_equal(tctx,
3137 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
3138 q1.os_name.string, "'operatingSystem' should stick!");
3139 torture_assert(tctx,
3140 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
3141 "'operatingSystemServicePack' shouldn't stick!");
3142 torture_assert(tctx,
3143 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
3144 "'operatingSystemVersion' shouldn't stick!");
3146 /* The DNS host name shouldn't have been updated by the server */
3148 torture_assert_str_equal(tctx,
3149 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
3150 old_dnsname, "'DNS host name' did change!");
3152 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
3153 updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
3155 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3156 torture_assert(tctx, spn_el != NULL,
3157 "There should exist 'servicePrincipalName's in AD!");
3158 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
3159 for (i=0; i < spn_el->num_values; i++)
3160 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3162 torture_assert(tctx, i != spn_el->num_values,
3163 "'servicePrincipalName' HOST/<Netbios name> not found!");
3164 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
3165 for (i=0; i < spn_el->num_values; i++)
3166 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3168 torture_assert(tctx, i != spn_el->num_values,
3169 "'servicePrincipalName' HOST/<FQDN name> not found!");
3171 /* Here the server gives us NULL as the out DNS hostname */
3172 torture_assert(tctx, info.domain_info->dns_hostname.string == NULL,
3173 "Out 'DNS hostname' should be NULL!");
3176 /* Checks "workstation flags" */
3177 torture_assert(tctx,
3178 info.domain_info->workstation_flags == 0,
3179 "Out 'workstation flags' don't match!");
3182 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 4th call (verification of DNS hostname and check for trusted domains)\n");
3183 netlogon_creds_client_authenticator(creds, &a);
3185 /* Put the DNS hostname back */
3186 talloc_free(discard_const_p(char, q1.dns_hostname));
3187 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3188 lpcfg_dnsdomain(tctx->lp_ctx));
3190 /* The workstation handles the "servicePrincipalName" and DNS hostname
3192 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
3194 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3195 "LogonGetDomainInfo failed");
3196 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3197 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3201 /* Now the in/out DNS hostnames should be the same */
3202 torture_assert_str_equal(tctx,
3203 info.domain_info->dns_hostname.string,
3204 query.workstation_info->dns_hostname,
3205 "In/Out 'DNS hostnames' don't match!");
3206 old_dnsname = info.domain_info->dns_hostname.string;
3208 /* Checks "workstation flags" */
3209 torture_assert(tctx,
3210 info.domain_info->workstation_flags
3211 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3212 "Out 'workstation flags' don't match!");
3214 /* Checks for trusted domains */
3215 torture_assert(tctx,
3216 (info.domain_info->trusted_domain_count != 0)
3217 && (info.domain_info->trusted_domains != NULL),
3218 "Trusted domains have been requested!");
3221 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 5th call (check for trusted domains)\n");
3222 netlogon_creds_client_authenticator(creds, &a);
3224 /* The workstation handles the "servicePrincipalName" and DNS hostname
3225 updates and requests inbound trusts */
3226 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE
3227 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS;
3229 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3230 "LogonGetDomainInfo failed");
3231 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3232 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3236 /* Checks "workstation flags" */
3237 torture_assert(tctx,
3238 info.domain_info->workstation_flags
3239 == (NETR_WS_FLAG_HANDLES_SPN_UPDATE
3240 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS),
3241 "Out 'workstation flags' don't match!");
3243 /* Checks for trusted domains */
3244 torture_assert(tctx,
3245 (info.domain_info->trusted_domain_count != 0)
3246 && (info.domain_info->trusted_domains != NULL),
3247 "Trusted domains have been requested!");
3250 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 6th call (no DNS hostname)\n");
3251 netlogon_creds_client_authenticator(creds, &a);
3253 query.workstation_info->dns_hostname = NULL;
3255 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3256 "LogonGetDomainInfo failed");
3257 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3258 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3260 /* The old DNS hostname should stick */
3261 torture_assert_str_equal(tctx,
3262 info.domain_info->dns_hostname.string,
3264 "'DNS hostname' changed!");
3267 if (!torture_setting_bool(tctx, "dangerous", false)) {
3268 torture_comment(tctx, "Not testing netr_LogonGetDomainInfo 7th call (no workstation info) - enable dangerous tests in order to do so\n");
3270 /* Try a call without the workstation information structure */
3272 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 7th call (no workstation info)\n");
3273 netlogon_creds_client_authenticator(creds, &a);
3275 query.workstation_info = NULL;
3277 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3278 "LogonGetDomainInfo failed");
3279 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3280 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3286 static bool test_GetDomainInfo_async(struct torture_context *tctx,
3287 struct dcerpc_pipe *p,
3288 struct cli_credentials *machine_credentials)
3291 struct netr_LogonGetDomainInfo r;
3292 struct netr_WorkstationInformation q1;
3293 struct netr_Authenticator a;
3294 #define ASYNC_COUNT 100
3295 struct netlogon_creds_CredentialState *creds;
3296 struct netlogon_creds_CredentialState *creds_async[ASYNC_COUNT];
3297 struct tevent_req *req[ASYNC_COUNT];
3299 union netr_WorkstationInfo query;
3300 union netr_DomainInfo info;
3302 torture_comment(tctx, "Testing netr_LogonGetDomainInfo - async count %d\n", ASYNC_COUNT);
3304 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
3305 machine_credentials, &creds)) {
3310 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
3311 r.in.computer_name = TEST_MACHINE_NAME;
3312 r.in.credential = &a;
3314 r.in.return_authenticator = &a;
3315 r.in.query = &query;
3316 r.out.return_authenticator = &a;
3320 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3321 lpcfg_dnsdomain(tctx->lp_ctx));
3322 q1.sitename = "Default-First-Site-Name";
3323 q1.os_name.string = "UNIX/Linux or similar";
3325 query.workstation_info = &q1;
3327 for (i=0;i<ASYNC_COUNT;i++) {
3328 netlogon_creds_client_authenticator(creds, &a);
3330 creds_async[i] = (struct netlogon_creds_CredentialState *)talloc_memdup(creds, creds, sizeof(*creds));
3331 req[i] = dcerpc_netr_LogonGetDomainInfo_r_send(tctx, tctx->ev, p->binding_handle, &r);
3333 /* even with this flush per request a w2k3 server seems to
3334 clag with multiple outstanding requests. bleergh. */
3335 torture_assert_int_equal(tctx, event_loop_once(dcerpc_event_context(p)), 0,
3336 "event_loop_once failed");
3339 for (i=0;i<ASYNC_COUNT;i++) {
3340 torture_assert_int_equal(tctx, tevent_req_poll(req[i], tctx->ev), true,
3341 "tevent_req_poll() failed");
3343 status = dcerpc_netr_LogonGetDomainInfo_r_recv(req[i], tctx);
3345 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo_async");
3346 torture_assert_ntstatus_ok(tctx, r.out.result, "netr_LogonGetDomainInfo_async");
3348 torture_assert(tctx, netlogon_creds_client_check(creds_async[i], &a.cred),
3349 "Credential chaining failed at async");
3352 torture_comment(tctx,
3353 "Testing netr_LogonGetDomainInfo - async count %d OK\n", ASYNC_COUNT);
3358 static bool test_ManyGetDCName(struct torture_context *tctx,
3359 struct dcerpc_pipe *p)
3362 struct dcerpc_pipe *p2;
3363 struct lsa_ObjectAttribute attr;
3364 struct lsa_QosInfo qos;
3365 struct lsa_OpenPolicy2 o;
3366 struct policy_handle lsa_handle;
3367 struct lsa_DomainList domains;
3369 struct lsa_EnumTrustDom t;
3370 uint32_t resume_handle = 0;
3371 struct netr_GetAnyDCName d;
3372 const char *dcname = NULL;
3373 struct dcerpc_binding_handle *b = p->binding_handle;
3374 struct dcerpc_binding_handle *b2;
3378 if (p->conn->transport.transport != NCACN_NP) {
3382 torture_comment(tctx, "Torturing GetDCName\n");
3384 status = dcerpc_secondary_connection(p, &p2, p->binding);
3385 torture_assert_ntstatus_ok(tctx, status, "Failed to create secondary connection");
3387 status = dcerpc_bind_auth_none(p2, &ndr_table_lsarpc);
3388 torture_assert_ntstatus_ok(tctx, status, "Failed to create bind on secondary connection");
3389 b2 = p2->binding_handle;
3392 qos.impersonation_level = 2;
3393 qos.context_mode = 1;
3394 qos.effective_only = 0;
3397 attr.root_dir = NULL;
3398 attr.object_name = NULL;
3399 attr.attributes = 0;
3400 attr.sec_desc = NULL;
3401 attr.sec_qos = &qos;
3403 o.in.system_name = "\\";
3405 o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3406 o.out.handle = &lsa_handle;
3408 torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenPolicy2_r(b2, tctx, &o),
3409 "OpenPolicy2 failed");
3410 torture_assert_ntstatus_ok(tctx, o.out.result, "OpenPolicy2 failed");
3412 t.in.handle = &lsa_handle;
3413 t.in.resume_handle = &resume_handle;
3414 t.in.max_size = 1000;
3415 t.out.domains = &domains;
3416 t.out.resume_handle = &resume_handle;
3418 torture_assert_ntstatus_ok(tctx, dcerpc_lsa_EnumTrustDom_r(b2, tctx, &t),
3419 "EnumTrustDom failed");
3421 if ((!NT_STATUS_IS_OK(t.out.result) &&
3422 (!NT_STATUS_EQUAL(t.out.result, NT_STATUS_NO_MORE_ENTRIES))))
3423 torture_fail(tctx, "Could not list domains");
3427 d.in.logon_server = talloc_asprintf(tctx, "\\\\%s",
3428 dcerpc_server_name(p));
3429 d.out.dcname = &dcname;
3431 for (i=0; i<domains.count * 4; i++) {
3432 struct lsa_DomainInfo *info =
3433 &domains.domains[rand()%domains.count];
3435 d.in.domainname = info->name.string;
3437 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &d);
3438 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
3440 torture_comment(tctx, "\tDC for domain %s is %s\n", info->name.string,
3441 dcname ? dcname : "unknown");
3447 static bool test_SetPassword_with_flags(struct torture_context *tctx,
3448 struct dcerpc_pipe *p,
3449 struct cli_credentials *machine_credentials)
3451 uint32_t flags[] = { 0, NETLOGON_NEG_STRONG_KEYS };
3452 struct netlogon_creds_CredentialState *creds;
3455 if (!test_SetupCredentials2(p, tctx, 0,
3456 machine_credentials,
3457 cli_credentials_get_secure_channel_type(machine_credentials),
3459 torture_skip(tctx, "DC does not support negotiation of 64bit session keys");
3462 for (i=0; i < ARRAY_SIZE(flags); i++) {
3463 torture_assert(tctx,
3464 test_SetPassword_flags(tctx, p, machine_credentials, flags[i]),
3465 talloc_asprintf(tctx, "failed to test SetPassword negotiating with 0x%08x flags", flags[i]));
3471 struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx)
3473 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON");
3474 struct torture_rpc_tcase *tcase;
3475 struct torture_test *test;
3477 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3478 &ndr_table_netlogon, TEST_MACHINE_NAME);
3480 torture_rpc_tcase_add_test(tcase, "LogonUasLogon", test_LogonUasLogon);
3481 torture_rpc_tcase_add_test(tcase, "LogonUasLogoff", test_LogonUasLogoff);
3482 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
3483 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
3484 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
3485 torture_rpc_tcase_add_test_creds(tcase, "GetPassword", test_GetPassword);
3486 torture_rpc_tcase_add_test_creds(tcase, "GetTrustPasswords", test_GetTrustPasswords);
3487 torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo", test_GetDomainInfo);
3488 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync", test_DatabaseSync);
3489 torture_rpc_tcase_add_test_creds(tcase, "DatabaseDeltas", test_DatabaseDeltas);
3490 torture_rpc_tcase_add_test_creds(tcase, "DatabaseRedo", test_DatabaseRedo);
3491 torture_rpc_tcase_add_test_creds(tcase, "AccountDeltas", test_AccountDeltas);
3492 torture_rpc_tcase_add_test_creds(tcase, "AccountSync", test_AccountSync);
3493 torture_rpc_tcase_add_test(tcase, "GetDcName", test_GetDcName);
3494 torture_rpc_tcase_add_test(tcase, "ManyGetDCName", test_ManyGetDCName);
3495 torture_rpc_tcase_add_test(tcase, "GetAnyDCName", test_GetAnyDCName);
3496 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync2", test_DatabaseSync2);
3497 torture_rpc_tcase_add_test(tcase, "DsrEnumerateDomainTrusts", test_DsrEnumerateDomainTrusts);
3498 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
3499 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomainsEx", test_netr_NetrEnumerateTrustedDomainsEx);
3500 test = torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo_async", test_GetDomainInfo_async);
3501 test->dangerous = true;
3502 torture_rpc_tcase_add_test(tcase, "DsRGetDCName", test_netr_DsRGetDCName);
3503 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx", test_netr_DsRGetDCNameEx);
3504 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx2", test_netr_DsRGetDCNameEx2);
3505 torture_rpc_tcase_add_test(tcase, "DsrGetDcSiteCoverageW", test_netr_DsrGetDcSiteCoverageW);
3506 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesW", test_netr_DsRAddressToSitenamesW);
3507 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesExW", test_netr_DsRAddressToSitenamesExW);
3508 torture_rpc_tcase_add_test_creds(tcase, "ServerGetTrustInfo", test_netr_ServerGetTrustInfo);
3509 torture_rpc_tcase_add_test_creds(tcase, "GetForestTrustInformation", test_netr_GetForestTrustInformation);
3514 struct torture_suite *torture_rpc_netlogon_s3(TALLOC_CTX *mem_ctx)
3516 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-S3");
3517 struct torture_rpc_tcase *tcase;
3519 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3520 &ndr_table_netlogon, TEST_MACHINE_NAME);
3522 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
3523 torture_rpc_tcase_add_test_creds(tcase, "SamLogon_NULL_domain", test_SamLogon_NULL_domain);
3524 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
3525 torture_rpc_tcase_add_test_creds(tcase, "SetPassword_with_flags", test_SetPassword_with_flags);
3526 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
3527 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
3532 struct torture_suite *torture_rpc_netlogon_admin(TALLOC_CTX *mem_ctx)
3534 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-ADMIN");
3535 struct torture_rpc_tcase *tcase;
3537 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3538 &ndr_table_netlogon, TEST_MACHINE_NAME);
3539 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3540 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3541 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3543 tcase = torture_suite_add_machine_workstation_rpc_iface_tcase(suite, "netlogon",
3544 &ndr_table_netlogon, TEST_MACHINE_NAME);
3545 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3546 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3547 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3549 tcase = torture_suite_add_rpc_iface_tcase(suite, "netlogon",
3550 &ndr_table_netlogon);
3551 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3552 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3553 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);