git.samba.org / metze / samba / wip.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
s4-smbtorture: add torture_suite_add_machine_workstation_rpc_iface_tcase.
[metze/samba/wip.git] / source4 / torture / rpc / samr.c
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index c4ceb912f9d6618f02da28a65abbe342f3d8fd38..be2bfefab1f003f86865bde79951b4150da90140 100644 (file)
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -3303,7 +3303,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
                struct lsa_EnumAccountRights r;
                struct lsa_RightSet rights;
 
-               printf("Testing LSA EnumAccountRights\n");
+               torture_comment(tctx, "Testing LSA EnumAccountRights\n");
 
                r.in.handle = lsa_handle;
                r.in.sid = user_sid;
@@ -3319,7 +3319,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
                struct lsa_StringLarge names[2];
                struct lsa_AddAccountRights r;
 
-               printf("Testing LSA AddAccountRights\n");
+               torture_comment(tctx, "Testing LSA AddAccountRights\n");
 
                init_lsa_StringLarge(&names[0], "SeMachineAccountPrivilege");
                init_lsa_StringLarge(&names[1], NULL);
@@ -3343,7 +3343,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
                int i;
                bool found_sid = false;
 
-               printf("Testing LSA EnumAccounts\n");
+               torture_comment(tctx, "Testing LSA EnumAccounts\n");
 
                r.in.handle = lsa_handle;
                r.in.num_entries = 0x1000;
@@ -3369,7 +3369,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
                struct lsa_EnumAccountRights r;
                struct lsa_RightSet user_rights;
 
-               printf("Testing LSA EnumAccountRights\n");
+               torture_comment(tctx, "Testing LSA EnumAccountRights\n");
 
                r.in.handle = lsa_handle;
                r.in.sid = user_sid;
@@ -3388,7 +3388,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
        {
                struct lsa_OpenAccount r;
 
-               printf("Testing LSA OpenAccount\n");
+               torture_comment(tctx, "Testing LSA OpenAccount\n");
 
                r.in.handle = lsa_handle;
                r.in.sid = user_sid;
@@ -3404,7 +3404,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
                struct lsa_GetSystemAccessAccount r;
                uint32_t access_mask;
 
-               printf("Testing LSA GetSystemAccessAccount\n");
+               torture_comment(tctx, "Testing LSA GetSystemAccessAccount\n");
 
                r.in.handle = &lsa_acct_handle;
                r.out.access_mask = &access_mask;
@@ -3417,7 +3417,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
        {
                struct lsa_Close r;
 
-               printf("Testing LSA Close\n");
+               torture_comment(tctx, "Testing LSA Close\n");
 
                r.in.handle = &lsa_acct_handle;
                r.out.handle = &lsa_acct_handle;
@@ -3430,7 +3430,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
        {
                struct samr_DeleteUser r;
 
-               printf("Testing SAMR DeleteUser\n");
+               torture_comment(tctx, "Testing SAMR DeleteUser\n");
 
                r.in.user_handle = user_handle;
                r.out.user_handle = user_handle;
@@ -3446,7 +3446,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
                int i;
                bool found_sid = false;
 
-               printf("Testing LSA EnumAccounts\n");
+               torture_comment(tctx, "Testing LSA EnumAccounts\n");
 
                r.in.handle = lsa_handle;
                r.in.num_entries = 0x1000;
@@ -3472,7 +3472,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
                struct lsa_EnumAccountRights r;
                struct lsa_RightSet user_rights;
 
-               printf("Testing LSA EnumAccountRights\n");
+               torture_comment(tctx, "Testing LSA EnumAccountRights\n");
 
                r.in.handle = lsa_handle;
                r.in.sid = user_sid;
@@ -3491,7 +3491,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
        {
                struct lsa_OpenAccount r;
 
-               printf("Testing LSA OpenAccount\n");
+               torture_comment(tctx, "Testing LSA OpenAccount\n");
 
                r.in.handle = lsa_handle;
                r.in.sid = user_sid;
@@ -3507,7 +3507,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
                struct lsa_GetSystemAccessAccount r;
                uint32_t access_mask;
 
-               printf("Testing LSA GetSystemAccessAccount\n");
+               torture_comment(tctx, "Testing LSA GetSystemAccessAccount\n");
 
                r.in.handle = &lsa_acct_handle;
                r.out.access_mask = &access_mask;
@@ -3520,7 +3520,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
        {
                struct lsa_DeleteObject r;
 
-               printf("Testing LSA DeleteObject\n");
+               torture_comment(tctx, "Testing LSA DeleteObject\n");
 
                r.in.handle = &lsa_acct_handle;
                r.out.handle = &lsa_acct_handle;
@@ -3537,7 +3537,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
                int i;
                bool found_sid = false;
 
-               printf("Testing LSA EnumAccounts\n");
+               torture_comment(tctx, "Testing LSA EnumAccounts\n");
 
                r.in.handle = lsa_handle;
                r.in.num_entries = 0x1000;
@@ -3563,7 +3563,7 @@ static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p,
                struct lsa_EnumAccountRights r;
                struct lsa_RightSet user_rights;
 
-               printf("Testing LSA EnumAccountRights\n");
+               torture_comment(tctx, "Testing LSA EnumAccountRights\n");
 
                r.in.handle = lsa_handle;
                r.in.sid = user_sid;
@@ -5592,7 +5592,9 @@ static bool test_QueryDomainInfo(struct dcerpc_pipe *p, struct torture_context *
                        if (strcmp(info->general.oem_information.string, domain_comment) != 0) {
                                printf("QueryDomainInfo level %u returned different oem_information (comment) (%s, expected %s)\n",
                                       levels[i], info->general.oem_information.string, domain_comment);
-                               ret = false;
+                               if (!torture_setting_bool(tctx, "samba3", false)) {
+                                       ret = false;
+                               }
                        }
                        if (!info->general.primary.string) {
                                printf("QueryDomainInfo level %u returned no PDC name\n",
@@ -5609,7 +5611,9 @@ static bool test_QueryDomainInfo(struct dcerpc_pipe *p, struct torture_context *
                        if (strcmp(info->oem.oem_information.string, domain_comment) != 0) {
                                printf("QueryDomainInfo level %u returned different oem_information (comment) (%s, expected %s)\n",
                                       levels[i], info->oem.oem_information.string, domain_comment);
-                               ret = false;
+                               if (!torture_setting_bool(tctx, "samba3", false)) {
+                                       ret = false;
+                               }
                        }
                        break;
                case 6:
@@ -5623,7 +5627,9 @@ static bool test_QueryDomainInfo(struct dcerpc_pipe *p, struct torture_context *
                        if (strcmp(info->general2.general.oem_information.string, domain_comment) != 0) {
                                printf("QueryDomainInfo level %u returned different comment (%s, expected %s)\n",
                                       levels[i], info->general2.general.oem_information.string, domain_comment);
-                               ret = false;
+                               if (!torture_setting_bool(tctx, "samba3", false)) {
+                                       ret = false;
+                               }
                        }
                        break;
                }
@@ -5903,6 +5909,8 @@ static bool test_AddGroupMember(struct dcerpc_pipe *p, struct torture_context *t
        struct samr_RidTypeArray *rids = NULL;
        struct samr_SetMemberAttributesOfGroup s;
        uint32_t rid;
+       bool found_member = false;
+       int i;
 
        status = test_LookupName(p, tctx, domain_handle, TEST_ACCOUNT_NAME, &rid);
        torture_assert_ntstatus_ok(tctx, status, "test_AddGroupMember looking up name " TEST_ACCOUNT_NAME);
@@ -5911,7 +5919,7 @@ static bool test_AddGroupMember(struct dcerpc_pipe *p, struct torture_context *t
        r.in.rid = rid;
        r.in.flags = 0; /* ??? */
 
-       torture_comment(tctx, "Testing AddGroupMember and DeleteGroupMember\n");
+       torture_comment(tctx, "Testing AddGroupMember, QueryGroupMember and DeleteGroupMember\n");
 
        d.in.group_handle = group_handle;
        d.in.rid = rid;
@@ -5927,7 +5935,7 @@ static bool test_AddGroupMember(struct dcerpc_pipe *p, struct torture_context *t
 
        if (torture_setting_bool(tctx, "samba4", false) ||
            torture_setting_bool(tctx, "samba3", false)) {
-               torture_comment(tctx, "skipping SetMemberAttributesOfGroup test against Samba4\n");
+               torture_comment(tctx, "skipping SetMemberAttributesOfGroup test against Samba\n");
        } else {
                /* this one is quite strange. I am using random inputs in the
                   hope of triggering an error that might give us a clue */
@@ -5945,10 +5953,34 @@ static bool test_AddGroupMember(struct dcerpc_pipe *p, struct torture_context *t
 
        status = dcerpc_samr_QueryGroupMember(p, tctx, &q);
        torture_assert_ntstatus_ok(tctx, status, "QueryGroupMember");
+       torture_assert(tctx, rids, "QueryGroupMember did not fill in rids structure");
+
+       for (i=0; i < rids->count; i++) {
+               if (rids->rids[i] == rid) {
+                       found_member = true;
+               }
+       }
+
+       torture_assert(tctx, found_member, "QueryGroupMember did not list newly added member");
 
        status = dcerpc_samr_DeleteGroupMember(p, tctx, &d);
        torture_assert_ntstatus_ok(tctx, status, "DeleteGroupMember");
 
+       rids = NULL;
+       found_member = false;
+
+       status = dcerpc_samr_QueryGroupMember(p, tctx, &q);
+       torture_assert_ntstatus_ok(tctx, status, "QueryGroupMember");
+       torture_assert(tctx, rids, "QueryGroupMember did not fill in rids structure");
+
+       for (i=0; i < rids->count; i++) {
+               if (rids->rids[i] == rid) {
+                       found_member = true;
+               }
+       }
+
+       torture_assert(tctx, !found_member, "QueryGroupMember does still list removed member");
+
        status = dcerpc_samr_AddGroupMember(p, tctx, &r);
        torture_assert_ntstatus_ok(tctx, status, "AddGroupMember");
 
@@ -6166,6 +6198,77 @@ static bool test_EnumDomainAliases(struct dcerpc_pipe *p,
        return true;
 }
 
+static bool test_QueryDisplayInfo_level(struct dcerpc_pipe *p,
+                                       struct torture_context *tctx,
+                                       struct policy_handle *handle,
+                                       uint16_t level,
+                                       uint32_t *total_num_entries_p)
+{
+       NTSTATUS status;
+       struct samr_QueryDisplayInfo r;
+       uint32_t total_num_entries = 0;
+
+       r.in.domain_handle = handle;
+       r.in.level = level;
+       r.in.start_idx = 0;
+       r.in.max_entries = (uint32_t)-1;
+       r.in.buf_size = (uint32_t)-1;
+
+       printf("Testing QueryDisplayInfo\n");
+
+       do {
+               uint32_t total_size;
+               uint32_t returned_size;
+               union samr_DispInfo info;
+
+               r.out.total_size = &total_size;
+               r.out.returned_size = &returned_size;
+               r.out.info = &info;
+
+               status = dcerpc_samr_QueryDisplayInfo(p, tctx, &r);
+               if (NT_STATUS_IS_ERR(status)) {
+                       torture_assert_ntstatus_ok(tctx, status,
+                               "failed to query displayinfo");
+               }
+
+               if (*r.out.returned_size == 0) {
+                       break;
+               }
+
+               switch (r.in.level) {
+               case 1:
+                       total_num_entries += info.info1.count;
+                       r.in.start_idx += info.info1.entries[info.info1.count - 1].idx + 1;
+                       break;
+               case 2:
+                       total_num_entries += info.info2.count;
+                       r.in.start_idx += info.info2.entries[info.info2.count - 1].idx + 1;
+                       break;
+               case 3:
+                       total_num_entries += info.info3.count;
+                       r.in.start_idx += info.info3.entries[info.info3.count - 1].idx + 1;
+                       break;
+               case 4:
+                       total_num_entries += info.info4.count;
+                       r.in.start_idx += info.info4.entries[info.info4.count - 1].idx + 1;
+                       break;
+               case 5:
+                       total_num_entries += info.info5.count;
+                       r.in.start_idx += info.info5.entries[info.info5.count - 1].idx + 1;
+                       break;
+               default:
+                       return false;
+               }
+
+       } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
+
+       if (total_num_entries_p) {
+               *total_num_entries_p = total_num_entries;
+       }
+
+       return true;
+}
+
 static bool test_ManyObjects(struct dcerpc_pipe *p,
                             struct torture_context *tctx,
                             struct policy_handle *domain_handle,
@@ -6254,21 +6357,23 @@ static bool test_ManyObjects(struct dcerpc_pipe *p,
                return false;
        }
 
-       /* TODO: dispinfo */
+       /* dispinfo */
 
        switch (which_ops) {
        case TORTURE_SAMR_MANY_ACCOUNTS:
+               ret &= test_QueryDisplayInfo_level(p, tctx, domain_handle, 1, &num_disp);
                break;
        case TORTURE_SAMR_MANY_GROUPS:
+               ret &= test_QueryDisplayInfo_level(p, tctx, domain_handle, 3, &num_disp);
                break;
        case TORTURE_SAMR_MANY_ALIASES:
+               /* no aliases in dispinfo */
                break;
        default:
                return false;
        }
 
-
-       /* delete */
+       /* close or delete */
 
        for (i=0; i < num_total; i++) {
 
@@ -6276,31 +6381,35 @@ static bool test_ManyObjects(struct dcerpc_pipe *p,
                        continue;
                }
 
-               switch (which_ops) {
-               case TORTURE_SAMR_MANY_ACCOUNTS:
-                       ret &= test_DeleteUser(p, tctx, &handles[i]);
-                       break;
-               case TORTURE_SAMR_MANY_GROUPS:
-                       ret &= test_DeleteDomainGroup(p, tctx, &handles[i]);
-                       break;
-               case TORTURE_SAMR_MANY_ALIASES:
-                       ret &= test_DeleteAlias(p, tctx, &handles[i]);
-                       break;
-               default:
-                       return false;
+               if (torture_setting_bool(tctx, "samba3", false)) {
+                       ret &= test_samr_handle_Close(p, tctx, &handles[i]);
+               } else {
+                       switch (which_ops) {
+                       case TORTURE_SAMR_MANY_ACCOUNTS:
+                               ret &= test_DeleteUser(p, tctx, &handles[i]);
+                               break;
+                       case TORTURE_SAMR_MANY_GROUPS:
+                               ret &= test_DeleteDomainGroup(p, tctx, &handles[i]);
+                               break;
+                       case TORTURE_SAMR_MANY_ALIASES:
+                               ret &= test_DeleteAlias(p, tctx, &handles[i]);
+                               break;
+                       default:
+                               return false;
+                       }
                }
        }
 
        talloc_free(handles);
 
-#if 0
-       torture_assert_int_equal(tctx, num_disp, num_anounced + num_created,
-               "unexpected number of results returned in dispinfo call");
-#endif
        if (which_ops == TORTURE_SAMR_MANY_ACCOUNTS && num_enum != num_anounced + num_created) {
                torture_comment(tctx,
                                "unexpected number of results (%u) returned in enum call, expected %u\n",
                                num_enum, num_anounced + num_created);
+
+               torture_comment(tctx,
+                               "unexpected number of results (%u) returned in dispinfo, call, expected %u\n",
+                               num_disp, num_anounced + num_created);
        }
        return ret;
 }
@@ -6758,7 +6867,7 @@ struct torture_suite *torture_rpc_samr_passwords_pwdlastset(TALLOC_CTX *mem_ctx)
        struct torture_suite *suite = torture_suite_create(mem_ctx, "SAMR-PASSWORDS-PWDLASTSET");
        struct torture_rpc_tcase *tcase;
 
-       tcase = torture_suite_add_machine_rpc_iface_tcase(suite, "samr",
+       tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "samr",
                                                          &ndr_table_samr,
                                                          TEST_ACCOUNT_NAME_PWD);
 
@@ -6798,7 +6907,7 @@ struct torture_suite *torture_rpc_samr_user_privileges(TALLOC_CTX *mem_ctx)
        struct torture_suite *suite = torture_suite_create(mem_ctx, "SAMR-USERS-PRIVILEGES");
        struct torture_rpc_tcase *tcase;
 
-       tcase = torture_suite_add_machine_rpc_iface_tcase(suite, "samr",
+       tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "samr",
                                                          &ndr_table_samr,
                                                          TEST_ACCOUNT_NAME_PWD);
 
@@ -6888,7 +6997,7 @@ struct torture_suite *torture_rpc_samr_large_dc(TALLOC_CTX *mem_ctx)
        struct torture_suite *suite = torture_suite_create(mem_ctx, "SAMR-LARGE-DC");
        struct torture_rpc_tcase *tcase;
 
-       tcase = torture_suite_add_machine_rpc_iface_tcase(suite, "samr",
+       tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "samr",
                                                          &ndr_table_samr,
                                                          TEST_ACCOUNT_NAME);
 
Work in progress branches