s4-torture: Test rpc schannel netr_LogonGetCapability.

[ddiss/samba.git] / source4 / torture / rpc / netlogon.c

diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index e05fe9bc674e6fdda021bc2a4dff08e0f1fc657c..d60b2e3c18fca48cc1a0cee40a8d27f0003bf4da 100644 (file)
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -590,7 +590,7 @@ static bool test_SetPassword2(struct torture_context *tctx,
        new_password.length = IVAL(password_buf.data, 512);
 
        torture_comment(tctx, 
-               "Testing a third ServerPasswordSet2 on machine account, with a compleatly random password\n");
+               "Testing a third ServerPasswordSet2 on machine account, with a completely random password\n");
 
        netlogon_creds_client_authenticator(creds, &credential);
 
@@ -884,6 +884,60 @@ bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
        return test_netlogon_ops_args(p, tctx, credentials, creds, false);
 }
 
+/*
+  try a netlogon GetCapabilities
+*/
+bool test_netlogon_capabilities(struct dcerpc_pipe *p, struct torture_context *tctx,
+                               struct cli_credentials *credentials,
+                               struct netlogon_creds_CredentialState *creds)
+{
+       NTSTATUS status;
+       struct netr_LogonGetCapabilities r;
+       union netr_Capabilities capabilities;
+       struct netr_Authenticator auth, return_auth;
+       struct netlogon_creds_CredentialState tmp_creds;
+       struct dcerpc_binding_handle *b = p->binding_handle;
+
+       r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
+       r.in.computer_name = cli_credentials_get_workstation(credentials);
+       r.in.credential = &auth;
+       r.in.return_authenticator = &return_auth;
+       r.in.query_level = 1;
+       r.out.capabilities = &capabilities;
+       r.out.return_authenticator = &return_auth;
+
+       torture_comment(tctx, "Testing LogonGetCapabilities\n");
+
+       ZERO_STRUCT(return_auth);
+
+       /*
+        * we need to operate on a temporary copy of creds
+        * because dcerpc_netr_LogonGetCapabilities was
+        * dcerpc_netr_DummyFunction and returns NT_STATUS_NOT_IMPLEMENTED
+        * without looking a the authenticator.
+        */
+       tmp_creds = *creds;
+       netlogon_creds_client_authenticator(&tmp_creds, &auth);
+
+       status = dcerpc_netr_LogonGetCapabilities_r(b, tctx, &r);
+       torture_assert_ntstatus_ok(tctx, status, "LogonGetCapabilities failed");
+       if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_IMPLEMENTED)) {
+               return true;
+       }
+
+       *creds = tmp_creds;
+
+       torture_assert(tctx, netlogon_creds_client_check(creds,
+                                                        &r.out.return_authenticator->cred),
+                      "Credential chaining failed");
+
+       torture_assert_int_equal(tctx, creds->negotiate_flags,
+                                capabilities.server_capabilities,
+                                "negotiate flags");
+
+       return true;
+}
+
 /*
   try a netlogon SamLogon
 */
@@ -3453,8 +3507,8 @@ static bool test_GetDomainInfo_async(struct torture_context *tctx,
 
                /* even with this flush per request a w2k3 server seems to 
                   clag with multiple outstanding requests. bleergh. */
-               torture_assert_int_equal(tctx, event_loop_once(dcerpc_event_context(p)), 0, 
-                                        "event_loop_once failed");
+               torture_assert_int_equal(tctx, tevent_loop_once(dcerpc_event_context(p)), 0, 
+                                        "tevent_loop_once failed");
        }
 
        for (i=0;i<ASYNC_COUNT;i++) {