2 Unix SMB/CIFS implementation.
4 test suite for netlogon rpc operations
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003-2004
8 Copyright (C) Tim Potter 2003
9 Copyright (C) Matthias Dieter Wallnöfer 2009-2010
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
26 #include "lib/events/events.h"
27 #include "lib/cmdline/popt_common.h"
28 #include "torture/rpc/torture_rpc.h"
29 #include "../lib/crypto/crypto.h"
30 #include "libcli/auth/libcli_auth.h"
31 #include "librpc/gen_ndr/ndr_netlogon_c.h"
32 #include "librpc/gen_ndr/ndr_lsa_c.h"
33 #include "param/param.h"
34 #include "libcli/security/security.h"
35 #include "lib/ldb/include/ldb.h"
36 #include "lib/util/util_ldb.h"
38 #include "lib/replace/system/network.h"
39 #include "dsdb/samdb/samdb.h"
41 #define TEST_MACHINE_NAME "torturetest"
43 static bool test_LogonUasLogon(struct torture_context *tctx,
44 struct dcerpc_pipe *p)
47 struct netr_LogonUasLogon r;
48 struct netr_UasInfo *info = NULL;
49 struct dcerpc_binding_handle *b = p->binding_handle;
51 r.in.server_name = NULL;
52 r.in.account_name = cli_credentials_get_username(cmdline_credentials);
53 r.in.workstation = TEST_MACHINE_NAME;
56 status = dcerpc_netr_LogonUasLogon_r(b, tctx, &r);
57 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogon");
62 static bool test_LogonUasLogoff(struct torture_context *tctx,
63 struct dcerpc_pipe *p)
66 struct netr_LogonUasLogoff r;
67 struct netr_UasLogoffInfo info;
68 struct dcerpc_binding_handle *b = p->binding_handle;
70 r.in.server_name = NULL;
71 r.in.account_name = cli_credentials_get_username(cmdline_credentials);
72 r.in.workstation = TEST_MACHINE_NAME;
75 status = dcerpc_netr_LogonUasLogoff_r(b, tctx, &r);
76 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogoff");
81 bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context *tctx,
82 struct cli_credentials *credentials,
83 struct netlogon_creds_CredentialState **creds_out)
85 struct netr_ServerReqChallenge r;
86 struct netr_ServerAuthenticate a;
87 struct netr_Credential credentials1, credentials2, credentials3;
88 struct netlogon_creds_CredentialState *creds;
89 const struct samr_Password *mach_password;
90 const char *machine_name;
91 struct dcerpc_binding_handle *b = p->binding_handle;
93 mach_password = cli_credentials_get_nt_hash(credentials, tctx);
94 machine_name = cli_credentials_get_workstation(credentials);
96 torture_comment(tctx, "Testing ServerReqChallenge\n");
98 r.in.server_name = NULL;
99 r.in.computer_name = machine_name;
100 r.in.credentials = &credentials1;
101 r.out.return_credentials = &credentials2;
103 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
105 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
106 "ServerReqChallenge failed");
107 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
109 a.in.server_name = NULL;
110 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
111 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(credentials);
112 a.in.computer_name = machine_name;
113 a.in.credentials = &credentials3;
114 a.out.return_credentials = &credentials3;
116 creds = netlogon_creds_client_init(tctx, a.in.account_name,
118 &credentials1, &credentials2,
119 mach_password, &credentials3,
121 torture_assert(tctx, creds != NULL, "memory allocation");
124 torture_comment(tctx, "Testing ServerAuthenticate\n");
126 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate_r(b, tctx, &a),
127 "ServerAuthenticate failed");
129 /* This allows the tests to continue against the more fussy windows 2008 */
130 if (NT_STATUS_EQUAL(a.out.result, NT_STATUS_DOWNGRADE_DETECTED)) {
131 return test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
133 cli_credentials_get_secure_channel_type(credentials),
137 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate");
139 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
140 "Credential chaining failed");
146 bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx,
147 uint32_t negotiate_flags,
148 struct cli_credentials *machine_credentials,
149 enum netr_SchannelType sec_chan_type,
150 struct netlogon_creds_CredentialState **creds_out)
152 struct netr_ServerReqChallenge r;
153 struct netr_ServerAuthenticate2 a;
154 struct netr_Credential credentials1, credentials2, credentials3;
155 struct netlogon_creds_CredentialState *creds;
156 const struct samr_Password *mach_password;
157 const char *machine_name;
158 struct dcerpc_binding_handle *b = p->binding_handle;
160 mach_password = cli_credentials_get_nt_hash(machine_credentials, tctx);
161 machine_name = cli_credentials_get_workstation(machine_credentials);
163 torture_comment(tctx, "Testing ServerReqChallenge\n");
166 r.in.server_name = NULL;
167 r.in.computer_name = machine_name;
168 r.in.credentials = &credentials1;
169 r.out.return_credentials = &credentials2;
171 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
173 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
174 "ServerReqChallenge failed");
175 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
177 a.in.server_name = NULL;
178 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
179 a.in.secure_channel_type = sec_chan_type;
180 a.in.computer_name = machine_name;
181 a.in.negotiate_flags = &negotiate_flags;
182 a.out.negotiate_flags = &negotiate_flags;
183 a.in.credentials = &credentials3;
184 a.out.return_credentials = &credentials3;
186 creds = netlogon_creds_client_init(tctx, a.in.account_name,
188 &credentials1, &credentials2,
189 mach_password, &credentials3,
192 torture_assert(tctx, creds != NULL, "memory allocation");
194 torture_comment(tctx, "Testing ServerAuthenticate2\n");
196 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate2_r(b, tctx, &a),
197 "ServerAuthenticate2 failed");
198 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate2 failed");
200 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3),
201 "Credential chaining failed");
203 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
210 static bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx,
211 uint32_t negotiate_flags,
212 struct cli_credentials *machine_credentials,
213 struct netlogon_creds_CredentialState **creds_out)
215 struct netr_ServerReqChallenge r;
216 struct netr_ServerAuthenticate3 a;
217 struct netr_Credential credentials1, credentials2, credentials3;
218 struct netlogon_creds_CredentialState *creds;
219 struct samr_Password mach_password;
221 const char *machine_name;
222 const char *plain_pass;
223 struct dcerpc_binding_handle *b = p->binding_handle;
225 machine_name = cli_credentials_get_workstation(machine_credentials);
226 plain_pass = cli_credentials_get_password(machine_credentials);
228 torture_comment(tctx, "Testing ServerReqChallenge\n");
230 r.in.server_name = NULL;
231 r.in.computer_name = machine_name;
232 r.in.credentials = &credentials1;
233 r.out.return_credentials = &credentials2;
235 generate_random_buffer(credentials1.data, sizeof(credentials1.data));
237 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
238 "ServerReqChallenge failed");
239 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
241 E_md4hash(plain_pass, mach_password.hash);
243 a.in.server_name = NULL;
244 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name);
245 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
246 a.in.computer_name = machine_name;
247 a.in.negotiate_flags = &negotiate_flags;
248 a.in.credentials = &credentials3;
249 a.out.return_credentials = &credentials3;
250 a.out.negotiate_flags = &negotiate_flags;
253 creds = netlogon_creds_client_init(tctx, a.in.account_name,
255 &credentials1, &credentials2,
256 &mach_password, &credentials3,
259 torture_assert(tctx, creds != NULL, "memory allocation");
261 torture_comment(tctx, "Testing ServerAuthenticate3\n");
263 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerAuthenticate3_r(b, tctx, &a),
264 "ServerAuthenticate3 failed");
265 torture_assert_ntstatus_ok(tctx, a.out.result, "ServerAuthenticate3 failed");
266 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3), "Credential chaining failed");
268 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
270 /* Prove that requesting a challenge again won't break it */
271 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerReqChallenge_r(b, tctx, &r),
272 "ServerReqChallenge failed");
273 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerReqChallenge failed");
280 try a change password for our machine account
282 static bool test_SetPassword(struct torture_context *tctx,
283 struct dcerpc_pipe *p,
284 struct cli_credentials *machine_credentials)
286 struct netr_ServerPasswordSet r;
287 const char *password;
288 struct netlogon_creds_CredentialState *creds;
289 struct netr_Authenticator credential, return_authenticator;
290 struct samr_Password new_password;
291 struct dcerpc_binding_handle *b = p->binding_handle;
293 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
297 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
298 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
299 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
300 r.in.computer_name = TEST_MACHINE_NAME;
301 r.in.credential = &credential;
302 r.in.new_password = &new_password;
303 r.out.return_authenticator = &return_authenticator;
305 password = generate_random_password(tctx, 8, 255);
306 E_md4hash(password, new_password.hash);
308 netlogon_creds_des_encrypt(creds, &new_password);
310 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
311 torture_comment(tctx, "Changing machine account password to '%s'\n",
314 netlogon_creds_client_authenticator(creds, &credential);
316 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
317 "ServerPasswordSet failed");
318 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet failed");
320 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
321 torture_comment(tctx, "Credential chaining failed\n");
324 /* by changing the machine password twice we test the
325 credentials chaining fully, and we verify that the server
326 allows the password to be set to the same value twice in a
327 row (match win2k3) */
328 torture_comment(tctx,
329 "Testing a second ServerPasswordSet on machine account\n");
330 torture_comment(tctx,
331 "Changing machine account password to '%s' (same as previous run)\n", password);
333 netlogon_creds_client_authenticator(creds, &credential);
335 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
336 "ServerPasswordSet (2) failed");
337 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (2) failed");
339 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
340 torture_comment(tctx, "Credential chaining failed\n");
343 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
346 test_SetupCredentials(p, tctx, machine_credentials, &creds),
347 "ServerPasswordSet failed to actually change the password");
353 try a change password for our machine account
355 static bool test_SetPassword_flags(struct torture_context *tctx,
356 struct dcerpc_pipe *p,
357 struct cli_credentials *machine_credentials,
358 uint32_t negotiate_flags)
360 struct netr_ServerPasswordSet r;
361 const char *password;
362 struct netlogon_creds_CredentialState *creds;
363 struct netr_Authenticator credential, return_authenticator;
364 struct samr_Password new_password;
365 struct dcerpc_binding_handle *b = p->binding_handle;
367 if (!test_SetupCredentials2(p, tctx, negotiate_flags,
369 cli_credentials_get_secure_channel_type(machine_credentials),
374 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
375 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
376 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
377 r.in.computer_name = TEST_MACHINE_NAME;
378 r.in.credential = &credential;
379 r.in.new_password = &new_password;
380 r.out.return_authenticator = &return_authenticator;
382 password = generate_random_password(tctx, 8, 255);
383 E_md4hash(password, new_password.hash);
385 netlogon_creds_des_encrypt(creds, &new_password);
387 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n");
388 torture_comment(tctx, "Changing machine account password to '%s'\n",
391 netlogon_creds_client_authenticator(creds, &credential);
393 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
394 "ServerPasswordSet failed");
395 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet failed");
397 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
398 torture_comment(tctx, "Credential chaining failed\n");
401 /* by changing the machine password twice we test the
402 credentials chaining fully, and we verify that the server
403 allows the password to be set to the same value twice in a
404 row (match win2k3) */
405 torture_comment(tctx,
406 "Testing a second ServerPasswordSet on machine account\n");
407 torture_comment(tctx,
408 "Changing machine account password to '%s' (same as previous run)\n", password);
410 netlogon_creds_client_authenticator(creds, &credential);
412 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet_r(b, tctx, &r),
413 "ServerPasswordSet (2) failed");
414 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (2) failed");
416 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
417 torture_comment(tctx, "Credential chaining failed\n");
420 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
423 test_SetupCredentials(p, tctx, machine_credentials, &creds),
424 "ServerPasswordSet failed to actually change the password");
431 generate a random password for password change tests
433 static DATA_BLOB netlogon_very_rand_pass(TALLOC_CTX *mem_ctx, int len)
436 DATA_BLOB password = data_blob_talloc(mem_ctx, NULL, len * 2 /* number of unicode chars */);
437 generate_random_buffer(password.data, password.length);
439 for (i=0; i < len; i++) {
440 if (((uint16_t *)password.data)[i] == 0) {
441 ((uint16_t *)password.data)[i] = 1;
449 try a change password for our machine account
451 static bool test_SetPassword2(struct torture_context *tctx,
452 struct dcerpc_pipe *p,
453 struct cli_credentials *machine_credentials)
455 struct netr_ServerPasswordSet2 r;
456 const char *password;
457 DATA_BLOB new_random_pass;
458 struct netlogon_creds_CredentialState *creds;
459 struct samr_CryptPassword password_buf;
460 struct samr_Password nt_hash;
461 struct netr_Authenticator credential, return_authenticator;
462 struct netr_CryptPassword new_password;
463 struct dcerpc_binding_handle *b = p->binding_handle;
465 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
469 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
470 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
471 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
472 r.in.computer_name = TEST_MACHINE_NAME;
473 r.in.credential = &credential;
474 r.in.new_password = &new_password;
475 r.out.return_authenticator = &return_authenticator;
477 password = generate_random_password(tctx, 8, 255);
478 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
479 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
481 memcpy(new_password.data, password_buf.data, 512);
482 new_password.length = IVAL(password_buf.data, 512);
484 torture_comment(tctx, "Testing ServerPasswordSet2 on machine account\n");
485 torture_comment(tctx, "Changing machine account password to '%s'\n", password);
487 netlogon_creds_client_authenticator(creds, &credential);
489 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
490 "ServerPasswordSet2 failed");
491 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 failed");
493 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
494 torture_comment(tctx, "Credential chaining failed\n");
497 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
499 if (!torture_setting_bool(tctx, "dangerous", false)) {
500 torture_comment(tctx,
501 "Not testing ability to set password to '', enable dangerous tests to perform this test\n");
503 /* by changing the machine password to ""
504 * we check if the server uses password restrictions
505 * for ServerPasswordSet2
506 * (win2k3 accepts "")
509 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
510 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
512 memcpy(new_password.data, password_buf.data, 512);
513 new_password.length = IVAL(password_buf.data, 512);
515 torture_comment(tctx,
516 "Testing ServerPasswordSet2 on machine account\n");
517 torture_comment(tctx,
518 "Changing machine account password to '%s'\n", password);
520 netlogon_creds_client_authenticator(creds, &credential);
522 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
523 "ServerPasswordSet2 failed");
524 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 failed");
526 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
527 torture_comment(tctx, "Credential chaining failed\n");
530 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
533 torture_assert(tctx, test_SetupCredentials(p, tctx, machine_credentials, &creds),
534 "ServerPasswordSet failed to actually change the password");
536 /* now try a random password */
537 password = generate_random_password(tctx, 8, 255);
538 encode_pw_buffer(password_buf.data, password, STR_UNICODE);
539 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
541 memcpy(new_password.data, password_buf.data, 512);
542 new_password.length = IVAL(password_buf.data, 512);
544 torture_comment(tctx, "Testing second ServerPasswordSet2 on machine account\n");
545 torture_comment(tctx, "Changing machine account password to '%s'\n", password);
547 netlogon_creds_client_authenticator(creds, &credential);
549 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
550 "ServerPasswordSet2 (2) failed");
551 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet2 (2) failed");
553 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
554 torture_comment(tctx, "Credential chaining failed\n");
557 /* by changing the machine password twice we test the
558 credentials chaining fully, and we verify that the server
559 allows the password to be set to the same value twice in a
560 row (match win2k3) */
561 torture_comment(tctx,
562 "Testing a second ServerPasswordSet2 on machine account\n");
563 torture_comment(tctx,
564 "Changing machine account password to '%s' (same as previous run)\n", password);
566 netlogon_creds_client_authenticator(creds, &credential);
568 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
569 "ServerPasswordSet (3) failed");
570 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (3) failed");
572 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
573 torture_comment(tctx, "Credential chaining failed\n");
576 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED);
578 torture_assert (tctx,
579 test_SetupCredentials(p, tctx, machine_credentials, &creds),
580 "ServerPasswordSet failed to actually change the password");
582 new_random_pass = netlogon_very_rand_pass(tctx, 128);
584 /* now try a random stream of bytes for a password */
585 set_pw_in_buffer(password_buf.data, &new_random_pass);
587 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516);
589 memcpy(new_password.data, password_buf.data, 512);
590 new_password.length = IVAL(password_buf.data, 512);
592 torture_comment(tctx,
593 "Testing a third ServerPasswordSet2 on machine account, with a compleatly random password\n");
595 netlogon_creds_client_authenticator(creds, &credential);
597 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerPasswordSet2_r(b, tctx, &r),
598 "ServerPasswordSet (3) failed");
599 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerPasswordSet (3) failed");
601 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
602 torture_comment(tctx, "Credential chaining failed\n");
605 mdfour(nt_hash.hash, new_random_pass.data, new_random_pass.length);
607 cli_credentials_set_password(machine_credentials, NULL, CRED_UNINITIALISED);
608 cli_credentials_set_nt_hash(machine_credentials, &nt_hash, CRED_SPECIFIED);
610 torture_assert (tctx,
611 test_SetupCredentials(p, tctx, machine_credentials, &creds),
612 "ServerPasswordSet failed to actually change the password");
617 static bool test_GetPassword(struct torture_context *tctx,
618 struct dcerpc_pipe *p,
619 struct cli_credentials *machine_credentials)
621 struct netr_ServerPasswordGet r;
622 struct netlogon_creds_CredentialState *creds;
623 struct netr_Authenticator credential;
625 struct netr_Authenticator return_authenticator;
626 struct samr_Password password;
627 struct dcerpc_binding_handle *b = p->binding_handle;
629 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
633 netlogon_creds_client_authenticator(creds, &credential);
635 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
636 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
637 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
638 r.in.computer_name = TEST_MACHINE_NAME;
639 r.in.credential = &credential;
640 r.out.return_authenticator = &return_authenticator;
641 r.out.password = &password;
643 status = dcerpc_netr_ServerPasswordGet_r(b, tctx, &r);
644 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordGet");
649 static bool test_GetTrustPasswords(struct torture_context *tctx,
650 struct dcerpc_pipe *p,
651 struct cli_credentials *machine_credentials)
653 struct netr_ServerTrustPasswordsGet r;
654 struct netlogon_creds_CredentialState *creds;
655 struct netr_Authenticator credential;
656 struct netr_Authenticator return_authenticator;
657 struct samr_Password password, password2;
658 struct dcerpc_binding_handle *b = p->binding_handle;
660 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
664 netlogon_creds_client_authenticator(creds, &credential);
666 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
667 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
668 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
669 r.in.computer_name = TEST_MACHINE_NAME;
670 r.in.credential = &credential;
671 r.out.return_authenticator = &return_authenticator;
672 r.out.password = &password;
673 r.out.password2 = &password2;
675 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerTrustPasswordsGet_r(b, tctx, &r),
676 "ServerTrustPasswordsGet failed");
677 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerTrustPasswordsGet failed");
683 try a netlogon SamLogon
685 static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context *tctx,
686 struct cli_credentials *credentials,
687 struct netlogon_creds_CredentialState *creds,
691 struct netr_LogonSamLogon r;
692 struct netr_Authenticator auth, auth2;
693 union netr_LogonLevel logon;
694 union netr_Validation validation;
695 uint8_t authoritative;
696 struct netr_NetworkInfo ninfo;
697 DATA_BLOB names_blob, chal, lm_resp, nt_resp;
699 struct dcerpc_binding_handle *b = p->binding_handle;
700 int flags = CLI_CRED_NTLM_AUTH;
701 if (lp_client_lanman_auth(tctx->lp_ctx)) {
702 flags |= CLI_CRED_LANMAN_AUTH;
705 if (lp_client_ntlmv2_auth(tctx->lp_ctx)) {
706 flags |= CLI_CRED_NTLMv2_AUTH;
709 cli_credentials_get_ntlm_username_domain(cmdline_credentials, tctx,
710 &ninfo.identity_info.account_name.string,
711 &ninfo.identity_info.domain_name.string);
714 ninfo.identity_info.domain_name.string = NULL;
717 generate_random_buffer(ninfo.challenge,
718 sizeof(ninfo.challenge));
719 chal = data_blob_const(ninfo.challenge,
720 sizeof(ninfo.challenge));
722 names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(credentials),
723 cli_credentials_get_domain(credentials));
725 status = cli_credentials_get_ntlm_response(cmdline_credentials, tctx,
731 torture_assert_ntstatus_ok(tctx, status, "cli_credentials_get_ntlm_response failed");
733 ninfo.lm.data = lm_resp.data;
734 ninfo.lm.length = lm_resp.length;
736 ninfo.nt.data = nt_resp.data;
737 ninfo.nt.length = nt_resp.length;
739 ninfo.identity_info.parameter_control = 0;
740 ninfo.identity_info.logon_id_low = 0;
741 ninfo.identity_info.logon_id_high = 0;
742 ninfo.identity_info.workstation.string = cli_credentials_get_workstation(credentials);
744 logon.network = &ninfo;
746 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
747 r.in.computer_name = cli_credentials_get_workstation(credentials);
748 r.in.credential = &auth;
749 r.in.return_authenticator = &auth2;
750 r.in.logon_level = 2;
752 r.out.validation = &validation;
753 r.out.authoritative = &authoritative;
755 d_printf("Testing LogonSamLogon with name %s\n", ninfo.identity_info.account_name.string);
759 netlogon_creds_client_authenticator(creds, &auth);
761 r.in.validation_level = i;
763 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
764 "LogonSamLogon failed");
765 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonSamLogon failed");
767 torture_assert(tctx, netlogon_creds_client_check(creds,
768 &r.out.return_authenticator->cred),
769 "Credential chaining failed");
772 r.in.credential = NULL;
776 r.in.validation_level = i;
778 torture_comment(tctx, "Testing SamLogon with validation level %d and a NULL credential\n", i);
780 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
781 "LogonSamLogon failed");
782 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_PARAMETER,
783 "LogonSamLogon expected INVALID_PARAMETER");
790 bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
791 struct cli_credentials *credentials,
792 struct netlogon_creds_CredentialState *creds)
794 return test_netlogon_ops_args(p, tctx, credentials, creds, false);
798 try a netlogon SamLogon
800 static bool test_SamLogon(struct torture_context *tctx,
801 struct dcerpc_pipe *p,
802 struct cli_credentials *credentials)
804 struct netlogon_creds_CredentialState *creds;
806 if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
810 return test_netlogon_ops(p, tctx, credentials, creds);
813 static bool test_SamLogon_NULL_domain(struct torture_context *tctx,
814 struct dcerpc_pipe *p,
815 struct cli_credentials *credentials)
817 struct netlogon_creds_CredentialState *creds;
819 if (!test_SetupCredentials(p, tctx, credentials, &creds)) {
823 return test_netlogon_ops_args(p, tctx, credentials, creds, true);
826 /* we remember the sequence numbers so we can easily do a DatabaseDelta */
827 static uint64_t sequence_nums[3];
830 try a netlogon DatabaseSync
832 static bool test_DatabaseSync(struct torture_context *tctx,
833 struct dcerpc_pipe *p,
834 struct cli_credentials *machine_credentials)
836 struct netr_DatabaseSync r;
837 struct netlogon_creds_CredentialState *creds;
838 const uint32_t database_ids[] = {SAM_DATABASE_DOMAIN, SAM_DATABASE_BUILTIN, SAM_DATABASE_PRIVS};
840 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
841 struct netr_Authenticator credential, return_authenticator;
842 struct dcerpc_binding_handle *b = p->binding_handle;
844 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
848 ZERO_STRUCT(return_authenticator);
850 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
851 r.in.computername = TEST_MACHINE_NAME;
852 r.in.preferredmaximumlength = (uint32_t)-1;
853 r.in.return_authenticator = &return_authenticator;
854 r.out.delta_enum_array = &delta_enum_array;
855 r.out.return_authenticator = &return_authenticator;
857 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
859 uint32_t sync_context = 0;
861 r.in.database_id = database_ids[i];
862 r.in.sync_context = &sync_context;
863 r.out.sync_context = &sync_context;
865 torture_comment(tctx, "Testing DatabaseSync of id %d\n", r.in.database_id);
868 netlogon_creds_client_authenticator(creds, &credential);
870 r.in.credential = &credential;
872 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseSync_r(b, tctx, &r),
873 "DatabaseSync failed");
874 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
877 /* Native mode servers don't do this */
878 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
881 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseSync");
883 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
884 torture_comment(tctx, "Credential chaining failed\n");
887 if (delta_enum_array &&
888 delta_enum_array->num_deltas > 0 &&
889 delta_enum_array->delta_enum[0].delta_type == NETR_DELTA_DOMAIN &&
890 delta_enum_array->delta_enum[0].delta_union.domain) {
891 sequence_nums[r.in.database_id] =
892 delta_enum_array->delta_enum[0].delta_union.domain->sequence_num;
893 torture_comment(tctx, "\tsequence_nums[%d]=%llu\n",
895 (unsigned long long)sequence_nums[r.in.database_id]);
897 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
905 try a netlogon DatabaseDeltas
907 static bool test_DatabaseDeltas(struct torture_context *tctx,
908 struct dcerpc_pipe *p,
909 struct cli_credentials *machine_credentials)
911 struct netr_DatabaseDeltas r;
912 struct netlogon_creds_CredentialState *creds;
913 struct netr_Authenticator credential;
914 struct netr_Authenticator return_authenticator;
915 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
916 const uint32_t database_ids[] = {0, 1, 2};
918 struct dcerpc_binding_handle *b = p->binding_handle;
920 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
924 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
925 r.in.computername = TEST_MACHINE_NAME;
926 r.in.preferredmaximumlength = (uint32_t)-1;
927 ZERO_STRUCT(r.in.return_authenticator);
928 r.out.return_authenticator = &return_authenticator;
929 r.out.delta_enum_array = &delta_enum_array;
931 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
932 r.in.database_id = database_ids[i];
933 r.in.sequence_num = &sequence_nums[r.in.database_id];
935 if (*r.in.sequence_num == 0) continue;
937 *r.in.sequence_num -= 1;
939 torture_comment(tctx, "Testing DatabaseDeltas of id %d at %llu\n",
940 r.in.database_id, (unsigned long long)*r.in.sequence_num);
943 netlogon_creds_client_authenticator(creds, &credential);
945 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseDeltas_r(b, tctx, &r),
946 "DatabaseDeltas failed");
947 if (NT_STATUS_EQUAL(r.out.result,
948 NT_STATUS_SYNCHRONIZATION_REQUIRED)) {
949 torture_comment(tctx, "not considering %s to be an error\n",
950 nt_errstr(r.out.result));
953 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
956 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseDeltas");
958 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
959 torture_comment(tctx, "Credential chaining failed\n");
962 (*r.in.sequence_num)++;
963 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
969 static bool test_DatabaseRedo(struct torture_context *tctx,
970 struct dcerpc_pipe *p,
971 struct cli_credentials *machine_credentials)
973 struct netr_DatabaseRedo r;
974 struct netlogon_creds_CredentialState *creds;
975 struct netr_Authenticator credential;
976 struct netr_Authenticator return_authenticator;
977 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
978 struct netr_ChangeLogEntry e;
979 struct dom_sid null_sid, *sid;
981 struct dcerpc_binding_handle *b = p->binding_handle;
983 ZERO_STRUCT(null_sid);
985 sid = dom_sid_parse_talloc(tctx, "S-1-5-21-1111111111-2222222222-333333333-500");
996 NTSTATUS expected_error;
997 uint32_t expected_num_results;
998 uint8_t expected_delta_type_1;
999 uint8_t expected_delta_type_2;
1000 const char *comment;
1003 /* SAM_DATABASE_DOMAIN */
1008 .db_index = SAM_DATABASE_DOMAIN,
1009 .delta_type = NETR_DELTA_MODIFY_COUNT,
1012 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1013 .expected_num_results = 0,
1014 .comment = "NETR_DELTA_MODIFY_COUNT"
1019 .db_index = SAM_DATABASE_DOMAIN,
1023 .expected_error = NT_STATUS_OK,
1024 .expected_num_results = 1,
1025 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1026 .comment = "NULL DELTA"
1031 .db_index = SAM_DATABASE_DOMAIN,
1032 .delta_type = NETR_DELTA_DOMAIN,
1035 .expected_error = NT_STATUS_OK,
1036 .expected_num_results = 1,
1037 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1038 .comment = "NETR_DELTA_DOMAIN"
1041 .rid = DOMAIN_RID_ADMINISTRATOR,
1043 .db_index = SAM_DATABASE_DOMAIN,
1044 .delta_type = NETR_DELTA_USER,
1047 .expected_error = NT_STATUS_OK,
1048 .expected_num_results = 1,
1049 .expected_delta_type_1 = NETR_DELTA_USER,
1050 .comment = "NETR_DELTA_USER by rid 500"
1053 .rid = DOMAIN_RID_GUEST,
1055 .db_index = SAM_DATABASE_DOMAIN,
1056 .delta_type = NETR_DELTA_USER,
1059 .expected_error = NT_STATUS_OK,
1060 .expected_num_results = 1,
1061 .expected_delta_type_1 = NETR_DELTA_USER,
1062 .comment = "NETR_DELTA_USER by rid 501"
1066 .flags = NETR_CHANGELOG_SID_INCLUDED,
1067 .db_index = SAM_DATABASE_DOMAIN,
1068 .delta_type = NETR_DELTA_USER,
1071 .expected_error = NT_STATUS_OK,
1072 .expected_num_results = 1,
1073 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1074 .comment = "NETR_DELTA_USER by sid and flags"
1078 .flags = NETR_CHANGELOG_SID_INCLUDED,
1079 .db_index = SAM_DATABASE_DOMAIN,
1080 .delta_type = NETR_DELTA_USER,
1083 .expected_error = NT_STATUS_OK,
1084 .expected_num_results = 1,
1085 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1086 .comment = "NETR_DELTA_USER by null_sid and flags"
1090 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1091 .db_index = SAM_DATABASE_DOMAIN,
1092 .delta_type = NETR_DELTA_USER,
1094 .name = "administrator",
1095 .expected_error = NT_STATUS_OK,
1096 .expected_num_results = 1,
1097 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1098 .comment = "NETR_DELTA_USER by name 'administrator'"
1101 .rid = DOMAIN_RID_ADMINS,
1103 .db_index = SAM_DATABASE_DOMAIN,
1104 .delta_type = NETR_DELTA_GROUP,
1107 .expected_error = NT_STATUS_OK,
1108 .expected_num_results = 2,
1109 .expected_delta_type_1 = NETR_DELTA_GROUP,
1110 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER,
1111 .comment = "NETR_DELTA_GROUP by rid 512"
1114 .rid = DOMAIN_RID_ADMINS,
1116 .db_index = SAM_DATABASE_DOMAIN,
1117 .delta_type = NETR_DELTA_GROUP_MEMBER,
1120 .expected_error = NT_STATUS_OK,
1121 .expected_num_results = 2,
1122 .expected_delta_type_1 = NETR_DELTA_GROUP,
1123 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER,
1124 .comment = "NETR_DELTA_GROUP_MEMBER by rid 512"
1128 /* SAM_DATABASE_BUILTIN */
1133 .db_index = SAM_DATABASE_BUILTIN,
1134 .delta_type = NETR_DELTA_MODIFY_COUNT,
1137 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1138 .expected_num_results = 0,
1139 .comment = "NETR_DELTA_MODIFY_COUNT"
1144 .db_index = SAM_DATABASE_BUILTIN,
1145 .delta_type = NETR_DELTA_DOMAIN,
1148 .expected_error = NT_STATUS_OK,
1149 .expected_num_results = 1,
1150 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1151 .comment = "NETR_DELTA_DOMAIN"
1154 .rid = DOMAIN_RID_ADMINISTRATOR,
1156 .db_index = SAM_DATABASE_BUILTIN,
1157 .delta_type = NETR_DELTA_USER,
1160 .expected_error = NT_STATUS_OK,
1161 .expected_num_results = 1,
1162 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1163 .comment = "NETR_DELTA_USER by rid 500"
1168 .db_index = SAM_DATABASE_BUILTIN,
1169 .delta_type = NETR_DELTA_USER,
1172 .expected_error = NT_STATUS_OK,
1173 .expected_num_results = 1,
1174 .expected_delta_type_1 = NETR_DELTA_DELETE_USER,
1175 .comment = "NETR_DELTA_USER"
1180 .db_index = SAM_DATABASE_BUILTIN,
1181 .delta_type = NETR_DELTA_ALIAS,
1184 .expected_error = NT_STATUS_OK,
1185 .expected_num_results = 2,
1186 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1187 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1188 .comment = "NETR_DELTA_ALIAS by rid 544"
1193 .db_index = SAM_DATABASE_BUILTIN,
1194 .delta_type = NETR_DELTA_ALIAS_MEMBER,
1197 .expected_error = NT_STATUS_OK,
1198 .expected_num_results = 2,
1199 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1200 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1201 .comment = "NETR_DELTA_ALIAS_MEMBER by rid 544"
1206 .db_index = SAM_DATABASE_BUILTIN,
1210 .expected_error = NT_STATUS_OK,
1211 .expected_num_results = 1,
1212 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1213 .comment = "NULL DELTA by rid 544"
1217 .flags = NETR_CHANGELOG_SID_INCLUDED,
1218 .db_index = SAM_DATABASE_BUILTIN,
1220 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1222 .expected_error = NT_STATUS_OK,
1223 .expected_num_results = 1,
1224 .expected_delta_type_1 = NETR_DELTA_DOMAIN,
1225 .comment = "NULL DELTA by rid 544 sid S-1-5-32-544 and flags"
1229 .flags = NETR_CHANGELOG_SID_INCLUDED,
1230 .db_index = SAM_DATABASE_BUILTIN,
1231 .delta_type = NETR_DELTA_ALIAS,
1232 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1234 .expected_error = NT_STATUS_OK,
1235 .expected_num_results = 2,
1236 .expected_delta_type_1 = NETR_DELTA_ALIAS,
1237 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER,
1238 .comment = "NETR_DELTA_ALIAS by rid 544 and sid S-1-5-32-544 and flags"
1242 .flags = NETR_CHANGELOG_SID_INCLUDED,
1243 .db_index = SAM_DATABASE_BUILTIN,
1244 .delta_type = NETR_DELTA_ALIAS,
1245 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"),
1247 .expected_error = NT_STATUS_OK,
1248 .expected_num_results = 1,
1249 .expected_delta_type_1 = NETR_DELTA_DELETE_ALIAS,
1250 .comment = "NETR_DELTA_ALIAS by sid S-1-5-32-544 and flags"
1253 /* SAM_DATABASE_PRIVS */
1258 .db_index = SAM_DATABASE_PRIVS,
1262 .expected_error = NT_STATUS_ACCESS_DENIED,
1263 .expected_num_results = 0,
1264 .comment = "NULL DELTA"
1269 .db_index = SAM_DATABASE_PRIVS,
1270 .delta_type = NETR_DELTA_MODIFY_COUNT,
1273 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED,
1274 .expected_num_results = 0,
1275 .comment = "NETR_DELTA_MODIFY_COUNT"
1280 .db_index = SAM_DATABASE_PRIVS,
1281 .delta_type = NETR_DELTA_POLICY,
1284 .expected_error = NT_STATUS_OK,
1285 .expected_num_results = 1,
1286 .expected_delta_type_1 = NETR_DELTA_POLICY,
1287 .comment = "NETR_DELTA_POLICY"
1291 .flags = NETR_CHANGELOG_SID_INCLUDED,
1292 .db_index = SAM_DATABASE_PRIVS,
1293 .delta_type = NETR_DELTA_POLICY,
1296 .expected_error = NT_STATUS_OK,
1297 .expected_num_results = 1,
1298 .expected_delta_type_1 = NETR_DELTA_POLICY,
1299 .comment = "NETR_DELTA_POLICY by null sid and flags"
1303 .flags = NETR_CHANGELOG_SID_INCLUDED,
1304 .db_index = SAM_DATABASE_PRIVS,
1305 .delta_type = NETR_DELTA_POLICY,
1306 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32"),
1308 .expected_error = NT_STATUS_OK,
1309 .expected_num_results = 1,
1310 .expected_delta_type_1 = NETR_DELTA_POLICY,
1311 .comment = "NETR_DELTA_POLICY by sid S-1-5-32 and flags"
1314 .rid = DOMAIN_RID_ADMINISTRATOR,
1316 .db_index = SAM_DATABASE_PRIVS,
1317 .delta_type = NETR_DELTA_ACCOUNT,
1320 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED, /* strange */
1321 .expected_num_results = 0,
1322 .comment = "NETR_DELTA_ACCOUNT by rid 500"
1326 .flags = NETR_CHANGELOG_SID_INCLUDED,
1327 .db_index = SAM_DATABASE_PRIVS,
1328 .delta_type = NETR_DELTA_ACCOUNT,
1329 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1331 .expected_error = NT_STATUS_OK,
1332 .expected_num_results = 1,
1333 .expected_delta_type_1 = NETR_DELTA_ACCOUNT,
1334 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and flags"
1338 .flags = NETR_CHANGELOG_SID_INCLUDED |
1339 NETR_CHANGELOG_IMMEDIATE_REPL_REQUIRED,
1340 .db_index = SAM_DATABASE_PRIVS,
1341 .delta_type = NETR_DELTA_ACCOUNT,
1342 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1344 .expected_error = NT_STATUS_OK,
1345 .expected_num_results = 1,
1346 .expected_delta_type_1 = NETR_DELTA_ACCOUNT,
1347 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and 2 flags"
1351 .flags = NETR_CHANGELOG_SID_INCLUDED |
1352 NETR_CHANGELOG_NAME_INCLUDED,
1353 .db_index = SAM_DATABASE_PRIVS,
1354 .delta_type = NETR_DELTA_ACCOUNT,
1355 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"),
1357 .expected_error = NT_STATUS_INVALID_PARAMETER,
1358 .expected_num_results = 0,
1359 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and invalid flags"
1362 .rid = DOMAIN_RID_ADMINISTRATOR,
1363 .flags = NETR_CHANGELOG_SID_INCLUDED,
1364 .db_index = SAM_DATABASE_PRIVS,
1365 .delta_type = NETR_DELTA_ACCOUNT,
1368 .expected_error = NT_STATUS_OK,
1369 .expected_num_results = 1,
1370 .expected_delta_type_1 = NETR_DELTA_DELETE_ACCOUNT,
1371 .comment = "NETR_DELTA_ACCOUNT by rid 500, sid and flags"
1375 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1376 .db_index = SAM_DATABASE_PRIVS,
1377 .delta_type = NETR_DELTA_SECRET,
1379 .name = "IsurelydontexistIhope",
1380 .expected_error = NT_STATUS_OK,
1381 .expected_num_results = 1,
1382 .expected_delta_type_1 = NETR_DELTA_DELETE_SECRET,
1383 .comment = "NETR_DELTA_SECRET by name 'IsurelydontexistIhope' and flags"
1387 .flags = NETR_CHANGELOG_NAME_INCLUDED,
1388 .db_index = SAM_DATABASE_PRIVS,
1389 .delta_type = NETR_DELTA_SECRET,
1391 .name = "G$BCKUPKEY_P",
1392 .expected_error = NT_STATUS_OK,
1393 .expected_num_results = 1,
1394 .expected_delta_type_1 = NETR_DELTA_SECRET,
1395 .comment = "NETR_DELTA_SECRET by name 'G$BCKUPKEY_P' and flags"
1399 ZERO_STRUCT(return_authenticator);
1401 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1402 r.in.computername = TEST_MACHINE_NAME;
1403 r.in.return_authenticator = &return_authenticator;
1404 r.out.return_authenticator = &return_authenticator;
1405 r.out.delta_enum_array = &delta_enum_array;
1407 for (d=0; d<3; d++) {
1408 const char *database = NULL;
1415 database = "BUILTIN";
1424 torture_comment(tctx, "Testing DatabaseRedo\n");
1426 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1430 for (i=0;i<ARRAY_SIZE(changes);i++) {
1432 if (d != changes[i].db_index) {
1436 netlogon_creds_client_authenticator(creds, &credential);
1438 r.in.credential = &credential;
1440 e.serial_number1 = 0;
1441 e.serial_number2 = 0;
1442 e.object_rid = changes[i].rid;
1443 e.flags = changes[i].flags;
1444 e.db_index = changes[i].db_index;
1445 e.delta_type = changes[i].delta_type;
1447 switch (changes[i].flags & (NETR_CHANGELOG_NAME_INCLUDED | NETR_CHANGELOG_SID_INCLUDED)) {
1448 case NETR_CHANGELOG_SID_INCLUDED:
1449 e.object.object_sid = changes[i].sid;
1451 case NETR_CHANGELOG_NAME_INCLUDED:
1452 e.object.object_name = changes[i].name;
1458 r.in.change_log_entry = e;
1460 torture_comment(tctx, "Testing DatabaseRedo with database %s and %s\n",
1461 database, changes[i].comment);
1463 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseRedo_r(b, tctx, &r),
1464 "DatabaseRedo failed");
1465 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
1469 torture_assert_ntstatus_equal(tctx, r.out.result, changes[i].expected_error, changes[i].comment);
1470 if (delta_enum_array) {
1471 torture_assert_int_equal(tctx,
1472 delta_enum_array->num_deltas,
1473 changes[i].expected_num_results,
1474 changes[i].comment);
1475 if (delta_enum_array->num_deltas > 0) {
1476 torture_assert_int_equal(tctx,
1477 delta_enum_array->delta_enum[0].delta_type,
1478 changes[i].expected_delta_type_1,
1479 changes[i].comment);
1481 if (delta_enum_array->num_deltas > 1) {
1482 torture_assert_int_equal(tctx,
1483 delta_enum_array->delta_enum[1].delta_type,
1484 changes[i].expected_delta_type_2,
1485 changes[i].comment);
1489 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) {
1490 torture_comment(tctx, "Credential chaining failed\n");
1491 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1503 try a netlogon AccountDeltas
1505 static bool test_AccountDeltas(struct torture_context *tctx,
1506 struct dcerpc_pipe *p,
1507 struct cli_credentials *machine_credentials)
1509 struct netr_AccountDeltas r;
1510 struct netlogon_creds_CredentialState *creds;
1512 struct netr_AccountBuffer buffer;
1513 uint32_t count_returned = 0;
1514 uint32_t total_entries = 0;
1515 struct netr_UAS_INFO_0 recordid;
1516 struct netr_Authenticator return_authenticator;
1517 struct dcerpc_binding_handle *b = p->binding_handle;
1519 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1523 ZERO_STRUCT(return_authenticator);
1525 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1526 r.in.computername = TEST_MACHINE_NAME;
1527 r.in.return_authenticator = &return_authenticator;
1528 netlogon_creds_client_authenticator(creds, &r.in.credential);
1529 ZERO_STRUCT(r.in.uas);
1532 r.in.buffersize=100;
1533 r.out.buffer = &buffer;
1534 r.out.count_returned = &count_returned;
1535 r.out.total_entries = &total_entries;
1536 r.out.recordid = &recordid;
1537 r.out.return_authenticator = &return_authenticator;
1539 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1540 torture_assert_ntstatus_ok(tctx, dcerpc_netr_AccountDeltas_r(b, tctx, &r),
1541 "AccountDeltas failed");
1542 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_NOT_IMPLEMENTED, "AccountDeltas");
1548 try a netlogon AccountSync
1550 static bool test_AccountSync(struct torture_context *tctx, struct dcerpc_pipe *p,
1551 struct cli_credentials *machine_credentials)
1553 struct netr_AccountSync r;
1554 struct netlogon_creds_CredentialState *creds;
1556 struct netr_AccountBuffer buffer;
1557 uint32_t count_returned = 0;
1558 uint32_t total_entries = 0;
1559 uint32_t next_reference = 0;
1560 struct netr_UAS_INFO_0 recordid;
1561 struct netr_Authenticator return_authenticator;
1562 struct dcerpc_binding_handle *b = p->binding_handle;
1564 ZERO_STRUCT(recordid);
1565 ZERO_STRUCT(return_authenticator);
1567 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) {
1571 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1572 r.in.computername = TEST_MACHINE_NAME;
1573 r.in.return_authenticator = &return_authenticator;
1574 netlogon_creds_client_authenticator(creds, &r.in.credential);
1575 r.in.recordid = &recordid;
1578 r.in.buffersize=100;
1579 r.out.buffer = &buffer;
1580 r.out.count_returned = &count_returned;
1581 r.out.total_entries = &total_entries;
1582 r.out.next_reference = &next_reference;
1583 r.out.recordid = &recordid;
1584 r.out.return_authenticator = &return_authenticator;
1586 /* w2k3 returns "NOT IMPLEMENTED" for this call */
1587 torture_assert_ntstatus_ok(tctx, dcerpc_netr_AccountSync_r(b, tctx, &r),
1588 "AccountSync failed");
1589 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_NOT_IMPLEMENTED, "AccountSync");
1595 try a netlogon GetDcName
1597 static bool test_GetDcName(struct torture_context *tctx,
1598 struct dcerpc_pipe *p)
1600 struct netr_GetDcName r;
1601 const char *dcname = NULL;
1602 struct dcerpc_binding_handle *b = p->binding_handle;
1604 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1605 r.in.domainname = lp_workgroup(tctx->lp_ctx);
1606 r.out.dcname = &dcname;
1608 torture_assert_ntstatus_ok(tctx, dcerpc_netr_GetDcName_r(b, tctx, &r),
1609 "GetDcName failed");
1610 torture_assert_werr_ok(tctx, r.out.result, "GetDcName failed");
1612 torture_comment(tctx, "\tDC is at '%s'\n", dcname);
1617 static const char *function_code_str(TALLOC_CTX *mem_ctx,
1618 enum netr_LogonControlCode function_code)
1620 switch (function_code) {
1621 case NETLOGON_CONTROL_QUERY:
1622 return "NETLOGON_CONTROL_QUERY";
1623 case NETLOGON_CONTROL_REPLICATE:
1624 return "NETLOGON_CONTROL_REPLICATE";
1625 case NETLOGON_CONTROL_SYNCHRONIZE:
1626 return "NETLOGON_CONTROL_SYNCHRONIZE";
1627 case NETLOGON_CONTROL_PDC_REPLICATE:
1628 return "NETLOGON_CONTROL_PDC_REPLICATE";
1629 case NETLOGON_CONTROL_REDISCOVER:
1630 return "NETLOGON_CONTROL_REDISCOVER";
1631 case NETLOGON_CONTROL_TC_QUERY:
1632 return "NETLOGON_CONTROL_TC_QUERY";
1633 case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1634 return "NETLOGON_CONTROL_TRANSPORT_NOTIFY";
1635 case NETLOGON_CONTROL_FIND_USER:
1636 return "NETLOGON_CONTROL_FIND_USER";
1637 case NETLOGON_CONTROL_CHANGE_PASSWORD:
1638 return "NETLOGON_CONTROL_CHANGE_PASSWORD";
1639 case NETLOGON_CONTROL_TC_VERIFY:
1640 return "NETLOGON_CONTROL_TC_VERIFY";
1641 case NETLOGON_CONTROL_FORCE_DNS_REG:
1642 return "NETLOGON_CONTROL_FORCE_DNS_REG";
1643 case NETLOGON_CONTROL_QUERY_DNS_REG:
1644 return "NETLOGON_CONTROL_QUERY_DNS_REG";
1645 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1646 return "NETLOGON_CONTROL_BACKUP_CHANGE_LOG";
1647 case NETLOGON_CONTROL_TRUNCATE_LOG:
1648 return "NETLOGON_CONTROL_TRUNCATE_LOG";
1649 case NETLOGON_CONTROL_SET_DBFLAG:
1650 return "NETLOGON_CONTROL_SET_DBFLAG";
1651 case NETLOGON_CONTROL_BREAKPOINT:
1652 return "NETLOGON_CONTROL_BREAKPOINT";
1654 return talloc_asprintf(mem_ctx, "unknown function code: %d",
1661 try a netlogon LogonControl
1663 static bool test_LogonControl(struct torture_context *tctx,
1664 struct dcerpc_pipe *p,
1665 struct cli_credentials *machine_credentials)
1669 struct netr_LogonControl r;
1670 union netr_CONTROL_QUERY_INFORMATION query;
1672 enum netr_SchannelType secure_channel_type = SEC_CHAN_NULL;
1673 struct dcerpc_binding_handle *b = p->binding_handle;
1675 uint32_t function_codes[] = {
1676 NETLOGON_CONTROL_QUERY,
1677 NETLOGON_CONTROL_REPLICATE,
1678 NETLOGON_CONTROL_SYNCHRONIZE,
1679 NETLOGON_CONTROL_PDC_REPLICATE,
1680 NETLOGON_CONTROL_REDISCOVER,
1681 NETLOGON_CONTROL_TC_QUERY,
1682 NETLOGON_CONTROL_TRANSPORT_NOTIFY,
1683 NETLOGON_CONTROL_FIND_USER,
1684 NETLOGON_CONTROL_CHANGE_PASSWORD,
1685 NETLOGON_CONTROL_TC_VERIFY,
1686 NETLOGON_CONTROL_FORCE_DNS_REG,
1687 NETLOGON_CONTROL_QUERY_DNS_REG,
1688 NETLOGON_CONTROL_BACKUP_CHANGE_LOG,
1689 NETLOGON_CONTROL_TRUNCATE_LOG,
1690 NETLOGON_CONTROL_SET_DBFLAG,
1691 NETLOGON_CONTROL_BREAKPOINT
1694 if (machine_credentials) {
1695 secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
1698 torture_comment(tctx, "Testing LogonControl with secure channel type: %d\n",
1699 secure_channel_type);
1701 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1702 r.in.function_code = 1;
1703 r.out.query = &query;
1705 for (f=0;f<ARRAY_SIZE(function_codes); f++) {
1708 r.in.function_code = function_codes[f];
1711 torture_comment(tctx, "Testing LogonControl function code %s (%d) level %d\n",
1712 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
1714 status = dcerpc_netr_LogonControl_r(b, tctx, &r);
1715 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1717 switch (r.in.level) {
1719 switch (r.in.function_code) {
1720 case NETLOGON_CONTROL_REPLICATE:
1721 case NETLOGON_CONTROL_SYNCHRONIZE:
1722 case NETLOGON_CONTROL_PDC_REPLICATE:
1723 case NETLOGON_CONTROL_BREAKPOINT:
1724 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
1725 if ((secure_channel_type == SEC_CHAN_BDC) ||
1726 (secure_channel_type == SEC_CHAN_WKSTA)) {
1727 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1728 "LogonControl returned unexpected error code");
1730 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1731 "LogonControl returned unexpected error code");
1735 case NETLOGON_CONTROL_REDISCOVER:
1736 case NETLOGON_CONTROL_TC_QUERY:
1737 case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
1738 case NETLOGON_CONTROL_FIND_USER:
1739 case NETLOGON_CONTROL_CHANGE_PASSWORD:
1740 case NETLOGON_CONTROL_TC_VERIFY:
1741 case NETLOGON_CONTROL_FORCE_DNS_REG:
1742 case NETLOGON_CONTROL_QUERY_DNS_REG:
1743 case NETLOGON_CONTROL_SET_DBFLAG:
1744 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1745 "LogonControl returned unexpected error code");
1747 case NETLOGON_CONTROL_TRUNCATE_LOG:
1748 if ((secure_channel_type == SEC_CHAN_BDC) ||
1749 (secure_channel_type == SEC_CHAN_WKSTA)) {
1750 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED,
1751 "LogonControl returned unexpected error code");
1753 torture_assert_werr_ok(tctx, r.out.result,
1754 "LogonControl returned unexpected result");
1758 torture_assert_werr_ok(tctx, r.out.result,
1759 "LogonControl returned unexpected result");
1764 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED,
1765 "LogonControl returned unexpected error code");
1768 torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL,
1769 "LogonControl returned unexpected error code");
1780 try a netlogon GetAnyDCName
1782 static bool test_GetAnyDCName(struct torture_context *tctx,
1783 struct dcerpc_pipe *p)
1786 struct netr_GetAnyDCName r;
1787 const char *dcname = NULL;
1788 struct dcerpc_binding_handle *b = p->binding_handle;
1790 r.in.domainname = lp_workgroup(tctx->lp_ctx);
1791 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1792 r.out.dcname = &dcname;
1794 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
1795 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1796 if ((!W_ERROR_IS_OK(r.out.result)) &&
1797 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
1802 torture_comment(tctx, "\tDC is at '%s'\n", dcname);
1805 r.in.domainname = NULL;
1807 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
1808 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1809 if ((!W_ERROR_IS_OK(r.out.result)) &&
1810 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
1814 r.in.domainname = "";
1816 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &r);
1817 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
1818 if ((!W_ERROR_IS_OK(r.out.result)) &&
1819 (!W_ERROR_EQUAL(r.out.result, WERR_NO_SUCH_DOMAIN))) {
1828 try a netlogon LogonControl2
1830 static bool test_LogonControl2(struct torture_context *tctx,
1831 struct dcerpc_pipe *p,
1832 struct cli_credentials *machine_credentials)
1836 struct netr_LogonControl2 r;
1837 union netr_CONTROL_DATA_INFORMATION data;
1838 union netr_CONTROL_QUERY_INFORMATION query;
1840 struct dcerpc_binding_handle *b = p->binding_handle;
1842 data.domain = lp_workgroup(tctx->lp_ctx);
1844 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1846 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
1848 r.out.query = &query;
1853 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1854 i, r.in.function_code);
1856 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1857 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1860 data.domain = lp_workgroup(tctx->lp_ctx);
1862 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
1868 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1869 i, r.in.function_code);
1871 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1872 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1875 data.domain = lp_workgroup(tctx->lp_ctx);
1877 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
1883 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1884 i, r.in.function_code);
1886 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1887 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1890 data.debug_level = ~0;
1892 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
1898 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n",
1899 i, r.in.function_code);
1901 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
1902 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
1909 try a netlogon DatabaseSync2
1911 static bool test_DatabaseSync2(struct torture_context *tctx,
1912 struct dcerpc_pipe *p,
1913 struct cli_credentials *machine_credentials)
1915 struct netr_DatabaseSync2 r;
1916 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1917 struct netr_Authenticator return_authenticator, credential;
1919 struct netlogon_creds_CredentialState *creds;
1920 const uint32_t database_ids[] = {0, 1, 2};
1922 struct dcerpc_binding_handle *b = p->binding_handle;
1924 if (!test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_FLAGS,
1925 machine_credentials,
1926 cli_credentials_get_secure_channel_type(machine_credentials),
1931 ZERO_STRUCT(return_authenticator);
1933 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1934 r.in.computername = TEST_MACHINE_NAME;
1935 r.in.preferredmaximumlength = (uint32_t)-1;
1936 r.in.return_authenticator = &return_authenticator;
1937 r.out.return_authenticator = &return_authenticator;
1938 r.out.delta_enum_array = &delta_enum_array;
1940 for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1942 uint32_t sync_context = 0;
1944 r.in.database_id = database_ids[i];
1945 r.in.sync_context = &sync_context;
1946 r.out.sync_context = &sync_context;
1947 r.in.restart_state = 0;
1949 torture_comment(tctx, "Testing DatabaseSync2 of id %d\n", r.in.database_id);
1952 netlogon_creds_client_authenticator(creds, &credential);
1954 r.in.credential = &credential;
1956 torture_assert_ntstatus_ok(tctx, dcerpc_netr_DatabaseSync2_r(b, tctx, &r),
1957 "DatabaseSync2 failed");
1958 if (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES))
1961 /* Native mode servers don't do this */
1962 if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_SUPPORTED)) {
1966 torture_assert_ntstatus_ok(tctx, r.out.result, "DatabaseSync2");
1968 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) {
1969 torture_comment(tctx, "Credential chaining failed\n");
1972 } while (NT_STATUS_EQUAL(r.out.result, STATUS_MORE_ENTRIES));
1980 try a netlogon LogonControl2Ex
1982 static bool test_LogonControl2Ex(struct torture_context *tctx,
1983 struct dcerpc_pipe *p,
1984 struct cli_credentials *machine_credentials)
1988 struct netr_LogonControl2Ex r;
1989 union netr_CONTROL_DATA_INFORMATION data;
1990 union netr_CONTROL_QUERY_INFORMATION query;
1992 struct dcerpc_binding_handle *b = p->binding_handle;
1994 data.domain = lp_workgroup(tctx->lp_ctx);
1996 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
1998 r.in.function_code = NETLOGON_CONTROL_REDISCOVER;
2000 r.out.query = &query;
2005 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2006 i, r.in.function_code);
2008 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2009 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2012 data.domain = lp_workgroup(tctx->lp_ctx);
2014 r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
2020 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2021 i, r.in.function_code);
2023 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2024 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2027 data.domain = lp_workgroup(tctx->lp_ctx);
2029 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
2035 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2036 i, r.in.function_code);
2038 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2039 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2042 data.debug_level = ~0;
2044 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
2050 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n",
2051 i, r.in.function_code);
2053 status = dcerpc_netr_LogonControl2Ex_r(b, tctx, &r);
2054 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
2060 static bool test_netr_GetForestTrustInformation(struct torture_context *tctx,
2061 struct dcerpc_pipe *p,
2062 struct cli_credentials *machine_credentials)
2064 struct netr_GetForestTrustInformation r;
2065 struct netlogon_creds_CredentialState *creds;
2066 struct netr_Authenticator a;
2067 struct netr_Authenticator return_authenticator;
2068 struct lsa_ForestTrustInformation *forest_trust_info;
2069 struct dcerpc_binding_handle *b = p->binding_handle;
2071 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2072 machine_credentials, &creds)) {
2076 netlogon_creds_client_authenticator(creds, &a);
2078 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2079 r.in.computer_name = "";
2080 r.in.credential = &a;
2082 r.out.return_authenticator = &return_authenticator;
2083 r.out.forest_trust_info = &forest_trust_info;
2085 torture_assert_ntstatus_ok(tctx,
2086 dcerpc_netr_GetForestTrustInformation_r(b, tctx, &r),
2087 "netr_GetForestTrustInformation failed");
2088 torture_assert_ntstatus_ok(tctx, r.out.result,
2089 "netr_GetForestTrustInformation failed");
2091 torture_assert(tctx,
2092 netlogon_creds_client_check(creds, &return_authenticator.cred),
2093 "Credential chaining failed");
2098 static bool test_netr_DsRGetForestTrustInformation(struct torture_context *tctx,
2099 struct dcerpc_pipe *p, const char *trusted_domain_name)
2102 struct netr_DsRGetForestTrustInformation r;
2103 struct lsa_ForestTrustInformation info, *info_ptr;
2104 struct dcerpc_binding_handle *b = p->binding_handle;
2108 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2109 r.in.trusted_domain_name = trusted_domain_name;
2111 r.out.forest_trust_info = &info_ptr;
2113 torture_comment(tctx ,"Testing netr_DsRGetForestTrustInformation\n");
2115 status = dcerpc_netr_DsRGetForestTrustInformation_r(b, tctx, &r);
2116 torture_assert_ntstatus_ok(tctx, status, "DsRGetForestTrustInformation");
2117 torture_assert_werr_ok(tctx, r.out.result, "DsRGetForestTrustInformation");
2123 try a netlogon netr_DsrEnumerateDomainTrusts
2125 static bool test_DsrEnumerateDomainTrusts(struct torture_context *tctx,
2126 struct dcerpc_pipe *p)
2129 struct netr_DsrEnumerateDomainTrusts r;
2130 struct netr_DomainTrustList trusts;
2132 struct dcerpc_binding_handle *b = p->binding_handle;
2134 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2135 r.in.trust_flags = 0x3f;
2136 r.out.trusts = &trusts;
2138 status = dcerpc_netr_DsrEnumerateDomainTrusts_r(b, tctx, &r);
2139 torture_assert_ntstatus_ok(tctx, status, "DsrEnumerateDomaintrusts");
2140 torture_assert_werr_ok(tctx, r.out.result, "DsrEnumerateDomaintrusts");
2142 /* when trusted_domain_name is NULL, netr_DsRGetForestTrustInformation
2143 * will show non-forest trusts and all UPN suffixes of the own forest
2144 * as LSA_FOREST_TRUST_TOP_LEVEL_NAME types */
2146 if (r.out.trusts->count) {
2147 if (!test_netr_DsRGetForestTrustInformation(tctx, p, NULL)) {
2152 for (i=0; i<r.out.trusts->count; i++) {
2154 /* get info for transitive forest trusts */
2156 if (r.out.trusts->array[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
2157 if (!test_netr_DsRGetForestTrustInformation(tctx, p,
2158 r.out.trusts->array[i].dns_name)) {
2167 static bool test_netr_NetrEnumerateTrustedDomains(struct torture_context *tctx,
2168 struct dcerpc_pipe *p)
2171 struct netr_NetrEnumerateTrustedDomains r;
2172 struct netr_Blob trusted_domains_blob;
2173 struct dcerpc_binding_handle *b = p->binding_handle;
2175 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2176 r.out.trusted_domains_blob = &trusted_domains_blob;
2178 status = dcerpc_netr_NetrEnumerateTrustedDomains_r(b, tctx, &r);
2179 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomains");
2180 torture_assert_ntstatus_ok(tctx, r.out.result, "NetrEnumerateTrustedDomains");
2185 static bool test_netr_NetrEnumerateTrustedDomainsEx(struct torture_context *tctx,
2186 struct dcerpc_pipe *p)
2189 struct netr_NetrEnumerateTrustedDomainsEx r;
2190 struct netr_DomainTrustList dom_trust_list;
2191 struct dcerpc_binding_handle *b = p->binding_handle;
2193 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2194 r.out.dom_trust_list = &dom_trust_list;
2196 status = dcerpc_netr_NetrEnumerateTrustedDomainsEx_r(b, tctx, &r);
2197 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomainsEx");
2198 torture_assert_werr_ok(tctx, r.out.result, "NetrEnumerateTrustedDomainsEx");
2204 static bool test_netr_DsRGetSiteName(struct dcerpc_pipe *p, struct torture_context *tctx,
2205 const char *computer_name,
2206 const char *expected_site)
2209 struct netr_DsRGetSiteName r;
2210 const char *site = NULL;
2211 struct dcerpc_binding_handle *b = p->binding_handle;
2213 r.in.computer_name = computer_name;
2215 torture_comment(tctx, "Testing netr_DsRGetSiteName\n");
2217 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
2218 torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
2219 torture_assert_werr_ok(tctx, r.out.result, "DsRGetSiteName");
2220 torture_assert_str_equal(tctx, expected_site, site, "netr_DsRGetSiteName");
2222 if (torture_setting_bool(tctx, "samba4", false))
2223 torture_skip(tctx, "skipping computer name check against Samba4");
2225 r.in.computer_name = talloc_asprintf(tctx, "\\\\%s", computer_name);
2226 torture_comment(tctx,
2227 "Testing netr_DsRGetSiteName with broken computer name: %s\n", r.in.computer_name);
2229 status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
2230 torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
2231 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_COMPUTERNAME, "netr_DsRGetSiteName");
2237 try a netlogon netr_DsRGetDCName
2239 static bool test_netr_DsRGetDCName(struct torture_context *tctx,
2240 struct dcerpc_pipe *p)
2243 struct netr_DsRGetDCName r;
2244 struct netr_DsRGetDCNameInfo *info = NULL;
2245 struct dcerpc_binding_handle *b = p->binding_handle;
2247 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2248 r.in.domain_name = lp_dnsdomain(tctx->lp_ctx);
2249 r.in.domain_guid = NULL;
2250 r.in.site_guid = NULL;
2251 r.in.flags = DS_RETURN_DNS_NAME;
2254 status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
2255 torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
2256 torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
2258 r.in.domain_name = lp_workgroup(tctx->lp_ctx);
2260 status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
2261 torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
2262 torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
2264 return test_netr_DsRGetSiteName(p, tctx,
2266 info->dc_site_name);
2270 try a netlogon netr_DsRGetDCNameEx
2272 static bool test_netr_DsRGetDCNameEx(struct torture_context *tctx,
2273 struct dcerpc_pipe *p)
2276 struct netr_DsRGetDCNameEx r;
2277 struct netr_DsRGetDCNameInfo *info = NULL;
2278 struct dcerpc_binding_handle *b = p->binding_handle;
2280 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2281 r.in.domain_name = lp_dnsdomain(tctx->lp_ctx);
2282 r.in.domain_guid = NULL;
2283 r.in.site_name = NULL;
2284 r.in.flags = DS_RETURN_DNS_NAME;
2287 status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
2288 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
2289 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
2291 r.in.domain_name = lp_workgroup(tctx->lp_ctx);
2293 status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
2294 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
2295 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
2297 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2298 info->dc_site_name);
2302 try a netlogon netr_DsRGetDCNameEx2
2304 static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx,
2305 struct dcerpc_pipe *p)
2308 struct netr_DsRGetDCNameEx2 r;
2309 struct netr_DsRGetDCNameInfo *info = NULL;
2310 struct dcerpc_binding_handle *b = p->binding_handle;
2312 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with no inputs\n");
2314 r.in.flags = DS_RETURN_DNS_NAME;
2317 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2318 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2319 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2321 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2322 r.in.client_account = NULL;
2323 r.in.mask = 0x00000000;
2324 r.in.domain_name = lp_dnsdomain(tctx->lp_ctx);
2325 r.in.domain_guid = NULL;
2326 r.in.site_name = NULL;
2327 r.in.flags = DS_RETURN_DNS_NAME;
2330 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 without client account\n");
2332 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2333 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2334 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2336 r.in.domain_name = lp_workgroup(tctx->lp_ctx);
2338 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2339 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2340 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2342 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with client account\n");
2343 r.in.client_account = TEST_MACHINE_NAME"$";
2344 r.in.mask = ACB_SVRTRUST;
2345 r.in.flags = DS_RETURN_FLAT_NAME;
2348 status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
2349 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
2350 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
2352 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
2353 info->dc_site_name);
2356 static bool test_netr_DsrGetDcSiteCoverageW(struct torture_context *tctx,
2357 struct dcerpc_pipe *p)
2360 struct ldb_context *sam_ctx = NULL;
2362 struct netr_DsrGetDcSiteCoverageW r;
2363 struct DcSitesCtr *ctr = NULL;
2364 struct dcerpc_binding_handle *b = p->binding_handle;
2366 torture_comment(tctx, "This does only pass with the default site\n");
2368 /* We won't double-check this when we are over 'local' transports */
2369 if (dcerpc_server_name(p)) {
2370 /* Set up connection to SAMDB on DC */
2371 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2372 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2374 cmdline_credentials,
2377 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2380 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2383 status = dcerpc_netr_DsrGetDcSiteCoverageW_r(b, tctx, &r);
2384 torture_assert_ntstatus_ok(tctx, status, "failed");
2385 torture_assert_werr_ok(tctx, r.out.result, "failed");
2387 torture_assert(tctx, ctr->num_sites == 1,
2388 "we should per default only get the default site");
2389 if (sam_ctx != NULL) {
2390 torture_assert_casestr_equal(tctx, ctr->sites[0].string,
2391 samdb_server_site_name(sam_ctx, tctx),
2392 "didn't return default site");
2398 static bool test_netr_DsRAddressToSitenamesW(struct torture_context *tctx,
2399 struct dcerpc_pipe *p)
2402 struct ldb_context *sam_ctx = NULL;
2404 struct netr_DsRAddressToSitenamesW r;
2405 struct netr_DsRAddress addrs[6];
2406 struct sockaddr_in *addr;
2408 struct sockaddr_in6 *addr6;
2410 struct netr_DsRAddressToSitenamesWCtr *ctr;
2411 struct dcerpc_binding_handle *b = p->binding_handle;
2415 torture_comment(tctx, "This does only pass with the default site\n");
2417 /* We won't double-check this when we are over 'local' transports */
2418 if (dcerpc_server_name(p)) {
2419 /* Set up connection to SAMDB on DC */
2420 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2421 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2423 cmdline_credentials,
2426 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2429 /* First try valid IP addresses */
2431 addrs[0].size = sizeof(struct sockaddr_in);
2432 addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
2433 addr = (struct sockaddr_in *) addrs[0].buffer;
2434 addrs[0].buffer[0] = AF_INET;
2435 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2436 torture_assert(tctx, ret > 0, "inet_pton failed");
2438 addrs[1].size = sizeof(struct sockaddr_in);
2439 addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
2440 addr = (struct sockaddr_in *) addrs[1].buffer;
2441 addrs[1].buffer[0] = AF_INET;
2442 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2443 torture_assert(tctx, ret > 0, "inet_pton failed");
2445 addrs[2].size = sizeof(struct sockaddr_in);
2446 addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
2447 addr = (struct sockaddr_in *) addrs[2].buffer;
2448 addrs[2].buffer[0] = AF_INET;
2449 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2450 torture_assert(tctx, ret > 0, "inet_pton failed");
2453 addrs[3].size = sizeof(struct sockaddr_in6);
2454 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2455 addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
2456 addrs[3].buffer[0] = AF_INET6;
2457 ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
2458 torture_assert(tctx, ret > 0, "inet_pton failed");
2460 addrs[4].size = sizeof(struct sockaddr_in6);
2461 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2462 addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
2463 addrs[4].buffer[0] = AF_INET6;
2464 ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
2465 torture_assert(tctx, ret > 0, "inet_pton failed");
2467 addrs[5].size = sizeof(struct sockaddr_in6);
2468 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2469 addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
2470 addrs[5].buffer[0] = AF_INET6;
2471 ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
2472 torture_assert(tctx, ret > 0, "inet_pton failed");
2474 /* the test cases are repeated to have exactly 6. This is for
2475 * compatibility with IPv4-only machines */
2476 addrs[3].size = sizeof(struct sockaddr_in);
2477 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2478 addr = (struct sockaddr_in *) addrs[3].buffer;
2479 addrs[3].buffer[0] = AF_INET;
2480 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2481 torture_assert(tctx, ret > 0, "inet_pton failed");
2483 addrs[4].size = sizeof(struct sockaddr_in);
2484 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2485 addr = (struct sockaddr_in *) addrs[4].buffer;
2486 addrs[4].buffer[0] = AF_INET;
2487 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2488 torture_assert(tctx, ret > 0, "inet_pton failed");
2490 addrs[5].size = sizeof(struct sockaddr_in);
2491 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2492 addr = (struct sockaddr_in *) addrs[5].buffer;
2493 addrs[5].buffer[0] = AF_INET;
2494 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2495 torture_assert(tctx, ret > 0, "inet_pton failed");
2498 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesWCtr);
2500 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2502 r.in.addresses = addrs;
2505 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2506 torture_assert_ntstatus_ok(tctx, status, "failed");
2507 torture_assert_werr_ok(tctx, r.out.result, "failed");
2509 if (sam_ctx != NULL) {
2510 for (i = 0; i < 3; i++) {
2511 torture_assert_casestr_equal(tctx,
2512 ctr->sitename[i].string,
2513 samdb_server_site_name(sam_ctx, tctx),
2514 "didn't return default site");
2516 for (i = 3; i < 6; i++) {
2517 /* Windows returns "NULL" for the sitename if it isn't
2518 * IPv6 configured */
2519 if (torture_setting_bool(tctx, "samba4", false)) {
2520 torture_assert_casestr_equal(tctx,
2521 ctr->sitename[i].string,
2522 samdb_server_site_name(sam_ctx, tctx),
2523 "didn't return default site");
2528 /* Now try invalid ones (too short buffers) */
2538 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2539 torture_assert_ntstatus_ok(tctx, status, "failed");
2540 torture_assert_werr_ok(tctx, r.out.result, "failed");
2542 for (i = 0; i < 6; i++) {
2543 torture_assert(tctx, ctr->sitename[i].string == NULL,
2544 "sitename should be null");
2547 /* Now try invalid ones (wrong address types) */
2550 addrs[0].buffer[0] = AF_UNSPEC;
2552 addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
2554 addrs[2].buffer[0] = AF_UNIX;
2557 addrs[3].buffer[0] = 250;
2559 addrs[4].buffer[0] = 251;
2561 addrs[5].buffer[0] = 252;
2563 status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
2564 torture_assert_ntstatus_ok(tctx, status, "failed");
2565 torture_assert_werr_ok(tctx, r.out.result, "failed");
2567 for (i = 0; i < 6; i++) {
2568 torture_assert(tctx, ctr->sitename[i].string == NULL,
2569 "sitename should be null");
2575 static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx,
2576 struct dcerpc_pipe *p)
2579 struct ldb_context *sam_ctx = NULL;
2581 struct netr_DsRAddressToSitenamesExW r;
2582 struct netr_DsRAddress addrs[6];
2583 struct sockaddr_in *addr;
2585 struct sockaddr_in6 *addr6;
2587 struct netr_DsRAddressToSitenamesExWCtr *ctr;
2588 struct dcerpc_binding_handle *b = p->binding_handle;
2592 torture_comment(tctx, "This does pass with the default site\n");
2594 /* We won't double-check this when we are over 'local' transports */
2595 if (dcerpc_server_name(p)) {
2596 /* Set up connection to SAMDB on DC */
2597 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2598 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2600 cmdline_credentials,
2603 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2606 /* First try valid IP addresses */
2608 addrs[0].size = sizeof(struct sockaddr_in);
2609 addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
2610 addr = (struct sockaddr_in *) addrs[0].buffer;
2611 addrs[0].buffer[0] = AF_INET;
2612 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2613 torture_assert(tctx, ret > 0, "inet_pton failed");
2615 addrs[1].size = sizeof(struct sockaddr_in);
2616 addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
2617 addr = (struct sockaddr_in *) addrs[1].buffer;
2618 addrs[1].buffer[0] = AF_INET;
2619 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2620 torture_assert(tctx, ret > 0, "inet_pton failed");
2622 addrs[2].size = sizeof(struct sockaddr_in);
2623 addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
2624 addr = (struct sockaddr_in *) addrs[2].buffer;
2625 addrs[2].buffer[0] = AF_INET;
2626 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2627 torture_assert(tctx, ret > 0, "inet_pton failed");
2630 addrs[3].size = sizeof(struct sockaddr_in6);
2631 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2632 addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
2633 addrs[3].buffer[0] = AF_INET6;
2634 ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
2635 torture_assert(tctx, ret > 0, "inet_pton failed");
2637 addrs[4].size = sizeof(struct sockaddr_in6);
2638 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2639 addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
2640 addrs[4].buffer[0] = AF_INET6;
2641 ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
2642 torture_assert(tctx, ret > 0, "inet_pton failed");
2644 addrs[5].size = sizeof(struct sockaddr_in6);
2645 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2646 addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
2647 addrs[5].buffer[0] = AF_INET6;
2648 ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
2649 torture_assert(tctx, ret > 0, "inet_pton failed");
2651 /* the test cases are repeated to have exactly 6. This is for
2652 * compatibility with IPv4-only machines */
2653 addrs[3].size = sizeof(struct sockaddr_in);
2654 addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
2655 addr = (struct sockaddr_in *) addrs[3].buffer;
2656 addrs[3].buffer[0] = AF_INET;
2657 ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
2658 torture_assert(tctx, ret > 0, "inet_pton failed");
2660 addrs[4].size = sizeof(struct sockaddr_in);
2661 addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
2662 addr = (struct sockaddr_in *) addrs[4].buffer;
2663 addrs[4].buffer[0] = AF_INET;
2664 ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
2665 torture_assert(tctx, ret > 0, "inet_pton failed");
2667 addrs[5].size = sizeof(struct sockaddr_in);
2668 addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
2669 addr = (struct sockaddr_in *) addrs[5].buffer;
2670 addrs[5].buffer[0] = AF_INET;
2671 ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
2672 torture_assert(tctx, ret > 0, "inet_pton failed");
2675 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesExWCtr);
2677 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2679 r.in.addresses = addrs;
2682 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
2683 torture_assert_ntstatus_ok(tctx, status, "failed");
2684 torture_assert_werr_ok(tctx, r.out.result, "failed");
2686 if (sam_ctx != NULL) {
2687 for (i = 0; i < 3; i++) {
2688 torture_assert_casestr_equal(tctx,
2689 ctr->sitename[i].string,
2690 samdb_server_site_name(sam_ctx, tctx),
2691 "didn't return default site");
2692 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2693 "subnet should be null");
2695 for (i = 3; i < 6; i++) {
2696 /* Windows returns "NULL" for the sitename if it isn't
2697 * IPv6 configured */
2698 if (torture_setting_bool(tctx, "samba4", false)) {
2699 torture_assert_casestr_equal(tctx,
2700 ctr->sitename[i].string,
2701 samdb_server_site_name(sam_ctx, tctx),
2702 "didn't return default site");
2704 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2705 "subnet should be null");
2709 /* Now try invalid ones (too short buffers) */
2719 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
2720 torture_assert_ntstatus_ok(tctx, status, "failed");
2721 torture_assert_werr_ok(tctx, r.out.result, "failed");
2723 for (i = 0; i < 6; i++) {
2724 torture_assert(tctx, ctr->sitename[i].string == NULL,
2725 "sitename should be null");
2726 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2727 "subnet should be null");
2731 addrs[0].buffer[0] = AF_UNSPEC;
2733 addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
2735 addrs[2].buffer[0] = AF_UNIX;
2738 addrs[3].buffer[0] = 250;
2740 addrs[4].buffer[0] = 251;
2742 addrs[5].buffer[0] = 252;
2744 status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
2745 torture_assert_ntstatus_ok(tctx, status, "failed");
2746 torture_assert_werr_ok(tctx, r.out.result, "failed");
2748 for (i = 0; i < 6; i++) {
2749 torture_assert(tctx, ctr->sitename[i].string == NULL,
2750 "sitename should be null");
2751 torture_assert(tctx, ctr->subnetname[i].string == NULL,
2752 "subnet should be null");
2758 static bool test_netr_ServerGetTrustInfo(struct torture_context *tctx,
2759 struct dcerpc_pipe *p,
2760 struct cli_credentials *machine_credentials)
2762 struct netr_ServerGetTrustInfo r;
2764 struct netr_Authenticator a;
2765 struct netr_Authenticator return_authenticator;
2766 struct samr_Password new_owf_password;
2767 struct samr_Password old_owf_password;
2768 struct netr_TrustInfo *trust_info;
2770 struct netlogon_creds_CredentialState *creds;
2771 struct dcerpc_binding_handle *b = p->binding_handle;
2773 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2774 machine_credentials, &creds)) {
2778 netlogon_creds_client_authenticator(creds, &a);
2780 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2781 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME);
2782 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials);
2783 r.in.computer_name = TEST_MACHINE_NAME;
2784 r.in.credential = &a;
2786 r.out.return_authenticator = &return_authenticator;
2787 r.out.new_owf_password = &new_owf_password;
2788 r.out.old_owf_password = &old_owf_password;
2789 r.out.trust_info = &trust_info;
2791 torture_assert_ntstatus_ok(tctx, dcerpc_netr_ServerGetTrustInfo_r(b, tctx, &r),
2792 "ServerGetTrustInfo failed");
2793 torture_assert_ntstatus_ok(tctx, r.out.result, "ServerGetTrustInfo failed");
2794 torture_assert(tctx, netlogon_creds_client_check(creds, &return_authenticator.cred), "Credential chaining failed");
2800 static bool test_GetDomainInfo(struct torture_context *tctx,
2801 struct dcerpc_pipe *p,
2802 struct cli_credentials *machine_credentials)
2804 struct netr_LogonGetDomainInfo r;
2805 struct netr_WorkstationInformation q1;
2806 struct netr_Authenticator a;
2807 struct netlogon_creds_CredentialState *creds;
2808 struct netr_OsVersion os;
2809 union netr_WorkstationInfo query;
2810 union netr_DomainInfo info;
2811 const char* const attrs[] = { "dNSHostName", "operatingSystem",
2812 "operatingSystemServicePack", "operatingSystemVersion",
2813 "servicePrincipalName", NULL };
2815 struct ldb_context *sam_ctx = NULL;
2816 struct ldb_message **res;
2817 struct ldb_message_element *spn_el;
2820 const char *old_dnsname = NULL;
2824 struct dcerpc_binding_handle *b = p->binding_handle;
2826 torture_comment(tctx, "Testing netr_LogonGetDomainInfo\n");
2828 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
2829 machine_credentials, &creds)) {
2833 /* We won't double-check this when we are over 'local' transports */
2834 if (dcerpc_server_name(p)) {
2835 /* Set up connection to SAMDB on DC */
2836 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p));
2837 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url,
2839 cmdline_credentials,
2842 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!");
2845 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 1st call (no variation of DNS hostname)\n");
2846 netlogon_creds_client_authenticator(creds, &a);
2849 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
2850 r.in.computer_name = TEST_MACHINE_NAME;
2851 r.in.credential = &a;
2853 r.in.return_authenticator = &a;
2854 r.in.query = &query;
2855 r.out.return_authenticator = &a;
2859 os.os.MajorVersion = 123;
2860 os.os.MinorVersion = 456;
2861 os.os.BuildNumber = 789;
2862 os.os.CSDVersion = "Service Pack 10";
2863 os.os.ServicePackMajor = 10;
2864 os.os.ServicePackMinor = 1;
2865 os.os.SuiteMask = NETR_VER_SUITE_SINGLEUSERTS;
2866 os.os.ProductType = NETR_VER_NT_SERVER;
2869 version_str = talloc_asprintf(tctx, "%d.%d (%d)", os.os.MajorVersion,
2870 os.os.MinorVersion, os.os.BuildNumber);
2873 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
2874 lp_dnsdomain(tctx->lp_ctx));
2875 q1.sitename = "Default-First-Site-Name";
2876 q1.os_version.os = &os;
2877 q1.os_name.string = talloc_asprintf(tctx,
2878 "Tortured by Samba4 RPC-NETLOGON: %s",
2879 timestring(tctx, time(NULL)));
2881 /* The workstation handles the "servicePrincipalName" and DNS hostname
2883 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
2885 query.workstation_info = &q1;
2888 /* Gets back the old DNS hostname in AD */
2889 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
2890 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
2892 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL);
2894 /* Gets back the "servicePrincipalName"s in AD */
2895 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2896 if (spn_el != NULL) {
2897 for (i=0; i < spn_el->num_values; i++) {
2898 spns = talloc_realloc(tctx, spns, char *, i + 1);
2899 spns[i] = (char *) spn_el->values[i].data;
2905 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
2906 "LogonGetDomainInfo failed");
2907 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
2908 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
2913 /* AD workstation infos entry check */
2914 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
2915 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
2916 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
2917 torture_assert_str_equal(tctx,
2918 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
2919 q1.os_name.string, "'operatingSystem' wrong!");
2920 torture_assert_str_equal(tctx,
2921 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL),
2922 os.os.CSDVersion, "'operatingSystemServicePack' wrong!");
2923 torture_assert_str_equal(tctx,
2924 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL),
2925 version_str, "'operatingSystemVersion' wrong!");
2927 if (old_dnsname != NULL) {
2928 /* If before a DNS hostname was set then it should remain
2929 the same in combination with the "servicePrincipalName"s.
2930 The DNS hostname should also be returned by our
2931 "LogonGetDomainInfo" call (in the domain info structure). */
2933 torture_assert_str_equal(tctx,
2934 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
2935 old_dnsname, "'DNS hostname' was not set!");
2937 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2938 torture_assert(tctx, ((spns != NULL) && (spn_el != NULL)),
2939 "'servicePrincipalName's not set!");
2940 torture_assert(tctx, spn_el->num_values == num_spns,
2941 "'servicePrincipalName's incorrect!");
2942 for (i=0; (i < spn_el->num_values) && (i < num_spns); i++)
2943 torture_assert_str_equal(tctx,
2944 (char *) spn_el->values[i].data,
2945 spns[i], "'servicePrincipalName's incorrect!");
2947 torture_assert_str_equal(tctx,
2948 info.domain_info->dns_hostname.string,
2950 "Out 'DNS hostname' doesn't match the old one!");
2952 /* If no DNS hostname was set then also now none should be set,
2953 the "servicePrincipalName"s should remain empty and no DNS
2954 hostname should be returned by our "LogonGetDomainInfo"
2955 call (in the domain info structure). */
2957 torture_assert(tctx,
2958 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL) == NULL,
2959 "'DNS hostname' was set!");
2961 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
2962 torture_assert(tctx, ((spns == NULL) && (spn_el == NULL)),
2963 "'servicePrincipalName's were set!");
2965 torture_assert(tctx,
2966 info.domain_info->dns_hostname.string == NULL,
2967 "Out 'DNS host name' was set!");
2971 /* Checks "workstation flags" */
2972 torture_assert(tctx,
2973 info.domain_info->workstation_flags
2974 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
2975 "Out 'workstation flags' don't match!");
2978 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 2nd call (variation of DNS hostname doesn't work)\n");
2979 netlogon_creds_client_authenticator(creds, &a);
2981 /* Wipe out the osVersion, and prove which values still 'stick' */
2982 q1.os_version.os = NULL;
2984 /* Change also the DNS hostname to test differences in behaviour */
2985 talloc_free(discard_const_p(char, q1.dns_hostname));
2986 q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
2987 lp_dnsdomain(tctx->lp_ctx));
2989 /* The workstation handles the "servicePrincipalName" and DNS hostname
2991 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
2993 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
2994 "LogonGetDomainInfo failed");
2995 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
2997 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3002 /* AD workstation infos entry check */
3003 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3004 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3005 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
3007 torture_assert_str_equal(tctx,
3008 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
3009 q1.os_name.string, "'operatingSystem' should stick!");
3010 torture_assert(tctx,
3011 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
3012 "'operatingSystemServicePack' shouldn't stick!");
3013 torture_assert(tctx,
3014 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
3015 "'operatingSystemVersion' shouldn't stick!");
3017 /* The DNS host name shouldn't have been updated by the server */
3019 torture_assert_str_equal(tctx,
3020 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
3021 old_dnsname, "'DNS host name' did change!");
3023 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
3024 updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
3026 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3027 torture_assert(tctx, spn_el != NULL,
3028 "There should exist 'servicePrincipalName's in AD!");
3029 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
3030 for (i=0; i < spn_el->num_values; i++)
3031 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3033 torture_assert(tctx, i != spn_el->num_values,
3034 "'servicePrincipalName' HOST/<Netbios name> not found!");
3035 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
3036 for (i=0; i < spn_el->num_values; i++)
3037 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3039 torture_assert(tctx, i != spn_el->num_values,
3040 "'servicePrincipalName' HOST/<FQDN name> not found!");
3042 /* Check that the out DNS hostname was set properly */
3043 torture_assert_str_equal(tctx, info.domain_info->dns_hostname.string,
3044 old_dnsname, "Out 'DNS hostname' doesn't match the old one!");
3047 /* Checks "workstation flags" */
3048 torture_assert(tctx,
3049 info.domain_info->workstation_flags == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3050 "Out 'workstation flags' don't match!");
3053 /* Now try the same but the workstation flags set to 0 */
3055 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 3rd call (variation of DNS hostname doesn't work)\n");
3056 netlogon_creds_client_authenticator(creds, &a);
3058 /* Change also the DNS hostname to test differences in behaviour */
3059 talloc_free(discard_const_p(char, q1.dns_hostname));
3060 q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
3061 lp_dnsdomain(tctx->lp_ctx));
3063 /* Wipe out the osVersion, and prove which values still 'stick' */
3064 q1.os_version.os = NULL;
3066 /* Let the DC handle the "servicePrincipalName" and DNS hostname
3068 q1.workstation_flags = 0;
3070 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3071 "LogonGetDomainInfo failed");
3072 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3073 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3078 /* AD workstation infos entry check */
3079 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs,
3080 "(sAMAccountName=%s$)", TEST_MACHINE_NAME);
3081 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?");
3083 torture_assert_str_equal(tctx,
3084 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL),
3085 q1.os_name.string, "'operatingSystem' should stick!");
3086 torture_assert(tctx,
3087 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL,
3088 "'operatingSystemServicePack' shouldn't stick!");
3089 torture_assert(tctx,
3090 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL,
3091 "'operatingSystemVersion' shouldn't stick!");
3093 /* The DNS host name shouldn't have been updated by the server */
3095 torture_assert_str_equal(tctx,
3096 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL),
3097 old_dnsname, "'DNS host name' did change!");
3099 /* Find the two "servicePrincipalName"s which the DC shouldn't have been
3100 updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC
3102 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName");
3103 torture_assert(tctx, spn_el != NULL,
3104 "There should exist 'servicePrincipalName's in AD!");
3105 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME);
3106 for (i=0; i < spn_el->num_values; i++)
3107 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3109 torture_assert(tctx, i != spn_el->num_values,
3110 "'servicePrincipalName' HOST/<Netbios name> not found!");
3111 temp_str = talloc_asprintf(tctx, "HOST/%s", old_dnsname);
3112 for (i=0; i < spn_el->num_values; i++)
3113 if (strcasecmp((char *) spn_el->values[i].data, temp_str) == 0)
3115 torture_assert(tctx, i != spn_el->num_values,
3116 "'servicePrincipalName' HOST/<FQDN name> not found!");
3118 /* Here the server gives us NULL as the out DNS hostname */
3119 torture_assert(tctx, info.domain_info->dns_hostname.string == NULL,
3120 "Out 'DNS hostname' should be NULL!");
3123 /* Checks "workstation flags" */
3124 torture_assert(tctx,
3125 info.domain_info->workstation_flags == 0,
3126 "Out 'workstation flags' don't match!");
3129 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 4th call (verification of DNS hostname and check for trusted domains)\n");
3130 netlogon_creds_client_authenticator(creds, &a);
3132 /* Put the DNS hostname back */
3133 talloc_free(discard_const_p(char, q1.dns_hostname));
3134 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3135 lp_dnsdomain(tctx->lp_ctx));
3137 /* The workstation handles the "servicePrincipalName" and DNS hostname
3139 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE;
3141 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3142 "LogonGetDomainInfo failed");
3143 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3144 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3148 /* Now the in/out DNS hostnames should be the same */
3149 torture_assert_str_equal(tctx,
3150 info.domain_info->dns_hostname.string,
3151 query.workstation_info->dns_hostname,
3152 "In/Out 'DNS hostnames' don't match!");
3154 /* Checks "workstation flags" */
3155 torture_assert(tctx,
3156 info.domain_info->workstation_flags
3157 == NETR_WS_FLAG_HANDLES_SPN_UPDATE,
3158 "Out 'workstation flags' don't match!");
3160 /* Checks for trusted domains */
3161 torture_assert(tctx,
3162 (info.domain_info->trusted_domain_count != 0)
3163 && (info.domain_info->trusted_domains != NULL),
3164 "Trusted domains have been requested!");
3167 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 5th call (check for trusted domains)\n");
3168 netlogon_creds_client_authenticator(creds, &a);
3170 /* The workstation handles the "servicePrincipalName" and DNS hostname
3171 updates and requests inbound trusts */
3172 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE
3173 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS;
3175 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3176 "LogonGetDomainInfo failed");
3177 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3178 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3182 /* Checks "workstation flags" */
3183 torture_assert(tctx,
3184 info.domain_info->workstation_flags
3185 == (NETR_WS_FLAG_HANDLES_SPN_UPDATE
3186 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS),
3187 "Out 'workstation flags' don't match!");
3189 /* Checks for trusted domains */
3190 torture_assert(tctx,
3191 (info.domain_info->trusted_domain_count != 0)
3192 && (info.domain_info->trusted_domains != NULL),
3193 "Trusted domains have been requested!");
3196 if (!torture_setting_bool(tctx, "dangerous", false)) {
3197 torture_comment(tctx, "Not testing netr_LogonGetDomainInfo 6th call (no workstation info) - enable dangerous tests in order to do so\n");
3199 /* Try a call without the workstation information structure */
3201 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 6th call (no workstation info)\n");
3202 netlogon_creds_client_authenticator(creds, &a);
3204 query.workstation_info = NULL;
3206 torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
3207 "LogonGetDomainInfo failed");
3208 torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
3209 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
3215 static bool test_GetDomainInfo_async(struct torture_context *tctx,
3216 struct dcerpc_pipe *p,
3217 struct cli_credentials *machine_credentials)
3220 struct netr_LogonGetDomainInfo r;
3221 struct netr_WorkstationInformation q1;
3222 struct netr_Authenticator a;
3223 #define ASYNC_COUNT 100
3224 struct netlogon_creds_CredentialState *creds;
3225 struct netlogon_creds_CredentialState *creds_async[ASYNC_COUNT];
3226 struct tevent_req *req[ASYNC_COUNT];
3228 union netr_WorkstationInfo query;
3229 union netr_DomainInfo info;
3231 torture_comment(tctx, "Testing netr_LogonGetDomainInfo - async count %d\n", ASYNC_COUNT);
3233 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
3234 machine_credentials, &creds)) {
3239 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
3240 r.in.computer_name = TEST_MACHINE_NAME;
3241 r.in.credential = &a;
3243 r.in.return_authenticator = &a;
3244 r.in.query = &query;
3245 r.out.return_authenticator = &a;
3249 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
3250 lp_dnsdomain(tctx->lp_ctx));
3251 q1.sitename = "Default-First-Site-Name";
3252 q1.os_name.string = "UNIX/Linux or similar";
3254 query.workstation_info = &q1;
3256 for (i=0;i<ASYNC_COUNT;i++) {
3257 netlogon_creds_client_authenticator(creds, &a);
3259 creds_async[i] = (struct netlogon_creds_CredentialState *)talloc_memdup(creds, creds, sizeof(*creds));
3260 req[i] = dcerpc_netr_LogonGetDomainInfo_r_send(tctx, tctx->ev, p->binding_handle, &r);
3262 /* even with this flush per request a w2k3 server seems to
3263 clag with multiple outstanding requests. bleergh. */
3264 torture_assert_int_equal(tctx, event_loop_once(dcerpc_event_context(p)), 0,
3265 "event_loop_once failed");
3268 for (i=0;i<ASYNC_COUNT;i++) {
3269 torture_assert_int_equal(tctx, tevent_req_poll(req[i], tctx->ev), true,
3270 "tevent_req_poll() failed");
3272 status = dcerpc_netr_LogonGetDomainInfo_r_recv(req[i], tctx);
3274 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo_async");
3275 torture_assert_ntstatus_ok(tctx, r.out.result, "netr_LogonGetDomainInfo_async");
3277 torture_assert(tctx, netlogon_creds_client_check(creds_async[i], &a.cred),
3278 "Credential chaining failed at async");
3281 torture_comment(tctx,
3282 "Testing netr_LogonGetDomainInfo - async count %d OK\n", ASYNC_COUNT);
3287 static bool test_ManyGetDCName(struct torture_context *tctx,
3288 struct dcerpc_pipe *p)
3291 struct dcerpc_pipe *p2;
3292 struct lsa_ObjectAttribute attr;
3293 struct lsa_QosInfo qos;
3294 struct lsa_OpenPolicy2 o;
3295 struct policy_handle lsa_handle;
3296 struct lsa_DomainList domains;
3298 struct lsa_EnumTrustDom t;
3299 uint32_t resume_handle = 0;
3300 struct netr_GetAnyDCName d;
3301 const char *dcname = NULL;
3302 struct dcerpc_binding_handle *b = p->binding_handle;
3303 struct dcerpc_binding_handle *b2;
3307 if (p->conn->transport.transport != NCACN_NP) {
3311 torture_comment(tctx, "Torturing GetDCName\n");
3313 status = dcerpc_secondary_connection(p, &p2, p->binding);
3314 torture_assert_ntstatus_ok(tctx, status, "Failed to create secondary connection");
3316 status = dcerpc_bind_auth_none(p2, &ndr_table_lsarpc);
3317 torture_assert_ntstatus_ok(tctx, status, "Failed to create bind on secondary connection");
3318 b2 = p2->binding_handle;
3321 qos.impersonation_level = 2;
3322 qos.context_mode = 1;
3323 qos.effective_only = 0;
3326 attr.root_dir = NULL;
3327 attr.object_name = NULL;
3328 attr.attributes = 0;
3329 attr.sec_desc = NULL;
3330 attr.sec_qos = &qos;
3332 o.in.system_name = "\\";
3334 o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3335 o.out.handle = &lsa_handle;
3337 torture_assert_ntstatus_ok(tctx, dcerpc_lsa_OpenPolicy2_r(b2, tctx, &o),
3338 "OpenPolicy2 failed");
3339 torture_assert_ntstatus_ok(tctx, o.out.result, "OpenPolicy2 failed");
3341 t.in.handle = &lsa_handle;
3342 t.in.resume_handle = &resume_handle;
3343 t.in.max_size = 1000;
3344 t.out.domains = &domains;
3345 t.out.resume_handle = &resume_handle;
3347 torture_assert_ntstatus_ok(tctx, dcerpc_lsa_EnumTrustDom_r(b2, tctx, &t),
3348 "EnumTrustDom failed");
3350 if ((!NT_STATUS_IS_OK(t.out.result) &&
3351 (!NT_STATUS_EQUAL(t.out.result, NT_STATUS_NO_MORE_ENTRIES))))
3352 torture_fail(tctx, "Could not list domains");
3356 d.in.logon_server = talloc_asprintf(tctx, "\\\\%s",
3357 dcerpc_server_name(p));
3358 d.out.dcname = &dcname;
3360 for (i=0; i<domains.count * 4; i++) {
3361 struct lsa_DomainInfo *info =
3362 &domains.domains[rand()%domains.count];
3364 d.in.domainname = info->name.string;
3366 status = dcerpc_netr_GetAnyDCName_r(b, tctx, &d);
3367 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName");
3369 torture_comment(tctx, "\tDC for domain %s is %s\n", info->name.string,
3370 dcname ? dcname : "unknown");
3376 static bool test_SetPassword_with_flags(struct torture_context *tctx,
3377 struct dcerpc_pipe *p,
3378 struct cli_credentials *machine_credentials)
3380 uint32_t flags[] = { 0, NETLOGON_NEG_STRONG_KEYS };
3381 struct netlogon_creds_CredentialState *creds;
3384 if (!test_SetupCredentials2(p, tctx, 0,
3385 machine_credentials,
3386 cli_credentials_get_secure_channel_type(machine_credentials),
3388 torture_skip(tctx, "DC does not support negotiation of 64bit session keys");
3391 for (i=0; i < ARRAY_SIZE(flags); i++) {
3392 torture_assert(tctx,
3393 test_SetPassword_flags(tctx, p, machine_credentials, flags[i]),
3394 talloc_asprintf(tctx, "failed to test SetPassword negotiating with 0x%08x flags", flags[i]));
3400 struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx)
3402 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON");
3403 struct torture_rpc_tcase *tcase;
3404 struct torture_test *test;
3406 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3407 &ndr_table_netlogon, TEST_MACHINE_NAME);
3409 torture_rpc_tcase_add_test(tcase, "LogonUasLogon", test_LogonUasLogon);
3410 torture_rpc_tcase_add_test(tcase, "LogonUasLogoff", test_LogonUasLogoff);
3411 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
3412 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
3413 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
3414 torture_rpc_tcase_add_test_creds(tcase, "GetPassword", test_GetPassword);
3415 torture_rpc_tcase_add_test_creds(tcase, "GetTrustPasswords", test_GetTrustPasswords);
3416 torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo", test_GetDomainInfo);
3417 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync", test_DatabaseSync);
3418 torture_rpc_tcase_add_test_creds(tcase, "DatabaseDeltas", test_DatabaseDeltas);
3419 torture_rpc_tcase_add_test_creds(tcase, "DatabaseRedo", test_DatabaseRedo);
3420 torture_rpc_tcase_add_test_creds(tcase, "AccountDeltas", test_AccountDeltas);
3421 torture_rpc_tcase_add_test_creds(tcase, "AccountSync", test_AccountSync);
3422 torture_rpc_tcase_add_test(tcase, "GetDcName", test_GetDcName);
3423 torture_rpc_tcase_add_test(tcase, "ManyGetDCName", test_ManyGetDCName);
3424 torture_rpc_tcase_add_test(tcase, "GetAnyDCName", test_GetAnyDCName);
3425 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync2", test_DatabaseSync2);
3426 torture_rpc_tcase_add_test(tcase, "DsrEnumerateDomainTrusts", test_DsrEnumerateDomainTrusts);
3427 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
3428 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomainsEx", test_netr_NetrEnumerateTrustedDomainsEx);
3429 test = torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo_async", test_GetDomainInfo_async);
3430 test->dangerous = true;
3431 torture_rpc_tcase_add_test(tcase, "DsRGetDCName", test_netr_DsRGetDCName);
3432 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx", test_netr_DsRGetDCNameEx);
3433 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx2", test_netr_DsRGetDCNameEx2);
3434 torture_rpc_tcase_add_test(tcase, "DsrGetDcSiteCoverageW", test_netr_DsrGetDcSiteCoverageW);
3435 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesW", test_netr_DsRAddressToSitenamesW);
3436 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesExW", test_netr_DsRAddressToSitenamesExW);
3437 torture_rpc_tcase_add_test_creds(tcase, "ServerGetTrustInfo", test_netr_ServerGetTrustInfo);
3438 torture_rpc_tcase_add_test_creds(tcase, "GetForestTrustInformation", test_netr_GetForestTrustInformation);
3443 struct torture_suite *torture_rpc_netlogon_s3(TALLOC_CTX *mem_ctx)
3445 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-S3");
3446 struct torture_rpc_tcase *tcase;
3448 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3449 &ndr_table_netlogon, TEST_MACHINE_NAME);
3451 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
3452 torture_rpc_tcase_add_test_creds(tcase, "SamLogon_NULL_domain", test_SamLogon_NULL_domain);
3453 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword);
3454 torture_rpc_tcase_add_test_creds(tcase, "SetPassword_with_flags", test_SetPassword_with_flags);
3455 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2);
3456 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains);
3461 struct torture_suite *torture_rpc_netlogon_admin(TALLOC_CTX *mem_ctx)
3463 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-ADMIN");
3464 struct torture_rpc_tcase *tcase;
3466 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
3467 &ndr_table_netlogon, TEST_MACHINE_NAME);
3468 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3469 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3470 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3472 tcase = torture_suite_add_machine_workstation_rpc_iface_tcase(suite, "netlogon",
3473 &ndr_table_netlogon, TEST_MACHINE_NAME);
3474 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3475 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3476 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);
3478 tcase = torture_suite_add_rpc_iface_tcase(suite, "netlogon",
3479 &ndr_table_netlogon);
3480 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl);
3481 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2);
3482 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex);